Linux Containers Authors: Elizabeth White, Carmen Gonzalez, Yeshim Deniz, Sematext Blog, Liz McMillan

Related Topics: Linux Containers

Linux Containers: Article

Open Source 'State of the Union'

Bruce Perens speaks at LinuxWorld Conference & Expo

Bruce Perens is an established leader in the free software and open source community. As the former leader of the Debian project and the original author of the Open Source Definition he has been deeply involved in the open source community for most of its existence. Bruce was the original trademark holder for the term "Open Source."

Along with Eric Raymond, Bruce cofounded the Open Source Initiative, which has become one of the top organizations promoting open source software around the world.

Currently Bruce is a consultant specializing in assisting corporations, governments, and standards organizations with open source policy and programs.

Bruce is also the series editor of The Bruce Perens' Open Source Series line of books from Prentice Hall PTR publishers. Books in this series are all published under an "open source" copyright – meaning that they can be copied, reproduced, and modified freely.

Bruce is a member of LinuxWorld Magazine's International Advisory Board. He can be reached through his Web site at www.perens.com.

Following is the text of Bruce's Open Source "State of the Union" talk, delivered at the LinuxWorld Conference & Expo in San Francisco on August 6, 2003.

Good Morning, and thanks for coming.

I'd like to go over near future challenges for free and open source software, Linux, and the GNU system. Before that, please allow me a few minutes to talk about my sponsor, a very interesting open source product in itself, my book series with Prentice Hall PTR publishing.

The Bruce Perens' Open Source Series of books now has four titles in print, and three more are on the way. The text of these books is under an open source license, and the books are released online in "source" form a few months after the release of the printed version. Yet, these books make as much money for the publisher as non–open source books. At this show, we're introducing two titles: Intrusion Detection with SNORT, Apache, MySQL, PHP, and ACID, by Rafeeq Rehman, and Managing Linux Systems with Webmin, by Jamie Cameron. We're also announcing the availability of online "source code," actually the word processor files and illustrations, for our first two books, The Linux Development Platform, also by Rehman, and Embedded Software Development with eCos, by Anthony Massa. Unlocked PDF versions of these books are also available. All of the files are at phptr.com/perens.

With the source now released under terms that allow duplication and sale, these books need never die. Even if the publisher and authors were to lose interest, any open source maintainer could keep the books in print. This is especially important for the eCos book, which is the only title in its field.

Our three upcoming books are:

  • Implementing CIFS: The Common Internet File System: By Chris Hertel. CIFS is the protocol of Samba, the file and printer sharing program that is compatible with Microsoft, Unix, and Linux systems.
  • The Official Samba 3 How-To and Reference Guide: By John Terpstra and others. This is the manual for the next generation of the Samba software.
  • Rapid Application Development with Mozilla and XML: By Nigel McFarlane, one of the Mozilla core team. The book tells you how to use Mozilla's GUI toolkit to create complex browser-based applications.

    On to the Rest of the Speech
    This is a Linux show, focusing upon a product. But the real subject of this trade show, free software and open source, is a social movement. Like other social movements, it advances its own ideas – in our case, ideas about software quality, competition, copyrights, and patents as property. It's extremely unusual in that few other social movements make real products – the only thing that comes close to it in the social space is art. We have so far manufactured over $2 billion U.S. worth of software for everyone's free use. And the fact that we make real products has made us real enemies.

    The most visible enemy today is SCO. But behind SCO stand more serious enemies like Microsoft, which has provided significant funds for SCO to pursue its war on free software.

    This is a new phase in the SCO case, as the open source producers start to mount their own offensive. But I want to point out that the two current SCO cases, while they are expected to come out in our favor, will be disappointing for other reasons. The free software developers would like to see SCO's evidence, and expect it to be brought out for public view in these cases. That will not happen. Before SCO presents its evidence in either case, it will ask the judge for a protective order sealing that evidence from outside view. SCO will claim that they cannot properly present their own case without such an order, and the judge will be disposed to grant it. If SCO could claim that it lost its case due to the constraint of not being able to present trade secrets and other proprietary information, that would be ammunition for SCO to overturn any unfavorable verdict on appeal. Judges generally don't like to create viable appeals for their own cases, and thus the protective order will be granted. So don't expect to see any evidence during either case.

    But we'll see the verdict, won't we? No. SCO has no reason to allow either of these cases to go to a verdict. Once it is clear that a verdict will be unfavorable, SCO will settle the case. Both IBM and Red Hat have the ability to decline a settlement and go for a definitive verdict – but will they? Both companies have a fiduciary responsibility to their stockholders, and of course litigation is expensive and uncertain in its outcome. And of course a settlement comes with its own confidentiality agreements. So, we on the outside may never see the terms upon which the two parties to the case settle their dispute.

    Obviously, I encourage both IBM and Red Hat to go for a verdict. That would be useful to the open source developers, who have as a class been libeled and damaged. We can mount our own class action as a follow-on to a verdict in the IBM and Red Hat cases much more easily than if we have to win the first case.

    What would the free software developers ask for in damages? The only salable asset of SCO, the Unix copyrights. This is something that Red Hat or others who sue SCO could ask for, as well. Now, we already own a superior product to any SCO Unix that has ever been shown, so we don't consider this an extremely valuable asset. But it would be a suitable close to the SCO story for the Unix copyrights to be transferred to the Free Software Foundation.

    SCO has recently announced a socalled "license" for Linux. The absurdity of this should be obvious, but let's touch upon a legal aspect. Every party who enters into this license will be in violation of the GPL, and in infringement of the collective copyrights of the Linux and GNU system authors. As a customer, if you purchase the SCO license, you can be sued by every copyright holder who has contributed to the Linux kernel and other components of the system. You can be sued by IBM, by Red Hat, by me, by tens of thousands of people and companies. Of course, nobody's going to buy a license for software that SCO doesn't own anyway, so it's just hollow posturing.

    But the most dangerous part of SCO is not the case itself, it's the fact that it distracts us from more dangerous threats. So my purpose here today is to urge everyone to start looking forward, and let those directly involved in the SCO cases resolve them while we pursue more important enemies.

    SCO is nothing beside the threat that the open source developers face from software patents, a fight that we are losing badly. Next month, the European Community Parliament is expected to vote for unified European software patenting. In its call for public comments leading up to this vote, the vast majority of replies opposed software patents. The survey takers rejected these comments because they were associated with the open source community. They justified that because open source was, in their words, "not economically significant." I'd like all of you from the press who have been attending this trade show to send a message to the EC Parliament that open source is very obviously economically significant.

    The survey takers accepted the remaining few percent of comments, which called for software patenting, as valid, and declared the survey a mandate for software patenting in Europe. This is the situation we are facing there – all anti–software patent arguments are simply rejected out of hand.

    In addition, we've had a false-flag operation telling European Parliament members that software patenting is acceptable for open source. That organization has proposed no protection for open source other than a passive monitoring of the damage to us and publication of reports about that damage. Individual open source developers are simply not equipped to defend themselves against even the most simple software patent prosecution. The only option for them is to settle the case, regardless of its merits, by signing over their copyrights to the plaintiff, giving up significant funds and property as a monetary settlement, and ceasing open source development. Thus, the open source developer is vulnerable to even the most specious patent claims. Legal funds like that created recently by Red Hat would be exhausted quickly. The American Intellectual Property Law Association estimates that it costs $2 million U.S. to defend a single patent infringement case, twice the amount donated by Red Hat to its legal fund. So, we currently have half of the money necessary to win a single case, and we expect hundreds of them.

    But we've not heard of software patent cases being pursued against free software, have we? This is because the patent holders have no wish to create bad news for themselves before they have laws passed in every nation where they need them. That's when the prosecutions can be expected to start. And these will be much more of a problem than SCO.

    To give you an idea of the immediacy of this threat, we had reports prior to the SCO case that an embedded systems vendor had been solicited to assert its patents against Linux implementations. For obvious reasons, the embedded CEO isn't willing to come forward. He declined to pursue us, as unlike SCO they had a going business that would have been destroyed by the effort. But no doubt other patent holders have been found, and the form of the early cases will be similar to that of SCO, a small failing company with a big backer that is under competitive restraints and can't afford to pursue us directly.

    Software patenting is especially problematic for us when royalty-bearing patents are inserted into industry standards. Since the free software developers are not compensated for their work, we can't afford to pass on any royalty whatsoever. When the World Wide Web Consortium proposed to embed royalty-generating patents in Web standards, we were able to persuade them that this was a bad idea. That fight is much more difficult with organizations like IETF, which accepts many royalty-bearing patent declarations without making a judgement regarding their validity or impact upon implementers.

    And yet, a pro-software patent agenda is being pursued by some of the largest and best partners we have in the Linux industry. IBM stands out in this regard. Obviously, IBM has done a lot for our community, and the very fact that IBM endorses our systems and distributes them so well to our many customers has helped us gain the economic significance that gets us taken seriously by standards organizations and legislators. At the same time, we have frequently found IBM taking an adversary position, one harmful to the open source developers, in patent policy discussions at standards organizations, and at governments here and abroad. There's no question that IBM is one of the major parties supporting the effort to expand software patenting to Europe. So we're at the point, in the progress of open source, where we realize that we have very good friends who can still hurt us in significant ways if we don't push back against them. We must push back, or we will simply not survive the upcoming legal onslaught.

    The fact is, none of our company partners other than Red Hat have even given us any assurance that we are safe from their own patents. IBM and HP, when confronted, have pointed out that they haven't sued any free software developers. We all know how frequently company managements change and we lose our friend in the front office. Thus, I'd sleep better if I could see something on paper that spells out just what sort of armistice we have with IBM, HP, and others.

    If we can't get that, and of course we can't get it from every company, we will have to do something else. I am calling for all open source projects to incorporate mutual software patent defense terms into their licenses. Under these terms, if one open source developer is sued for patent infringement, all of the licenses of open source software used by the plaintiff terminate. If people are going to pursue us with software patents, the least we can do is make sure they don't profit from our software. Software patent mutual defense terms are in licenses being developed by Larry Rosen of the Open Source Initiative. These licenses are still evolving. There may be antitrust problems with them that we haven't yet worked through. It may be a problem getting the Free Software Foundation to accept such terms, simply because they are uncomfortable with adding restrictions. But I think they can be won over to the idea.

    Another of the problems we face today is the rise of "proprietary open source." The best example of that is Red Hat Advanced Server. Red Hat is another great friend of open source, one of the best we've had, who happens to have a policy problem we need to talk about. As open source becomes more popular in business, expect this – good friends with which we need to have a dialogue.

    Let's think about the advantages that bring people to open source. One of the big ones is the ability to go to multiple competing service vendors for a product, which increases the quality and lower costs of those service vendors. The license terms of the Red Hat Advanced Server customer agreement pretty much lock the customer into Red Hat service. Service bulletins are under a confidentiality agreement, and if you release Red Hat's service information to other vendors, they'll terminate your service. According to the advice of several attorneys that I've contacted, the agreement is within the letter of the GPL, but outside of its spirit. And companies seem to be diving into this because Advanced Server is Oracle certified. It seems silly for Oracle to be the arbiter of what distributions are acceptable to business – only a tiny fraction of these systems actually run Oracle, and Oracle is technically quite capable of supporting any Linux Standard Base–compliant system.

    In this situation, the companies seem to be jumping headlong into another Microsoft model. Of course, Red Hat wouldn't ever really become another Microsoft, and I don't really like to compare the two companies in the same sentence. But the point is that companies are discarding an important part of the open source model without realizing what benefits they are going to lose.

    Another problem we face is that open source users are being denied access to popular culture. We can't legally play DVD discs using open source software today. I once went to do a DVD demonstration, showing how you could technically use Linux to play a DVD, but it wasn't legal, and I was convinced not to do so by my then employer, HP. They would have had to fire me immediately because they did not want to become a scapegoat for the movie and music companies (a reasonable concern on their part), and I might have gotten a $500,000 fine under DMCA. Just for playing the disc I paid for in my own computer. The problem is that modifiable software, any open source that plays their media, is considered a theft tool by the movie and music companies because someone could modify it to tap the unencrypted data stream, and could then upload the data to the Net. But I think we need to prosecute the people who commit that crime, not the software tool makers who only want to play legitimately purchased media using Mozilla, Linux, or other open source software. This is going to be much more of a problem with the rise of Palladium [a Digital Rights Management, or DRM, system proposed by Microsoft that critics charge will give them unparalleled control over end users' computers] because most Web pages will eventually be protected by DRM to prevent source viewing, printing, and saving. The Web sites want to charge you for printing, etc., so they will go for that. When you can't use Mozilla to view a Web site, open source becomes an uncommunicating island, and nobody will be able to use it.

  • More Stories By Bruce Perens

    Bruce Perens, a leader in the free software and open source community, is a member of the International Advisory Board of Linux.SYS-CON.com. He is the creator of the Open Source Definition, the manifesto of the open source movement. Bruce is founder or cofounder of the Open Source Initiative, the Linux Standard Base, Software in the Public Interest, and No-Code International. He is the creator of Busybox, which has spawned its own development community and is part of most commercial devices using embedded Linux.

    Comments (5)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

    IoT & Smart Cities Stories
    Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
    At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
    Apptio fuels digital business transformation. Technology leaders use Apptio's machine learning to analyze and plan their technology spend so they can invest in products that increase the speed of business and deliver innovation. With Apptio, they translate raw costs, utilization, and billing data into business-centric views that help their organization optimize spending, plan strategically, and drive digital strategy that funds growth of the business. Technology leaders can gather instant recomm...
    OpsRamp is an enterprise IT operation platform provided by US-based OpsRamp, Inc. It provides SaaS services through support for increasingly complex cloud and hybrid computing environments from system operation to service management. The OpsRamp platform is a SaaS-based, multi-tenant solution that enables enterprise IT organizations and cloud service providers like JBS the flexibility and control they need to manage and monitor today's hybrid, multi-cloud infrastructure, applications, and wor...
    The Master of Science in Artificial Intelligence (MSAI) provides a comprehensive framework of theory and practice in the emerging field of AI. The program delivers the foundational knowledge needed to explore both key contextual areas and complex technical applications of AI systems. Curriculum incorporates elements of data science, robotics, and machine learning-enabling you to pursue a holistic and interdisciplinary course of study while preparing for a position in AI research, operations, ...
    After years of investments and acquisitions, CloudBlue was created with the goal of building the world's only hyperscale digital platform with an increasingly infinite ecosystem and proven go-to-market services. The result? An unmatched platform that helps customers streamline cloud operations, save time and money, and revolutionize their businesses overnight. Today, the platform operates in more than 45 countries and powers more than 200 of the world's largest cloud marketplaces, managing mo...
    Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
    In his session at 21st Cloud Expo, Raju Shreewastava, founder of Big Data Trunk, provided a fun and simple way to introduce Machine Leaning to anyone and everyone. He solved a machine learning problem and demonstrated an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/business intelligence and Bi...
    The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
    With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...