Context:

Permissive licenses (commonly referred to as “cuck licenses”) like the MIT license allow others to modify your software and release it under an unfree license. Copyleft licenses (like the Gnu General Public License) mandate that all derivative works remain free.

Andrew Tanenbaum developed MINIX, a modular operating system kernel. Intel went ahead and used it to build Management Engine, arguably one of the most widespread and invasive pieces of malware in the world, without even as much as telling him. There’s nothing Tanenbaum could do, since the MIT license allows this.

Erik Andersen is one of the developers of Busybox, a minimal implementation of that’s suited for embedded systems. Many companies tried to steal his code and distribute it with their unfree products, but since it’s protected under the GPL, Busybox developers were able to sue them and gain some money in the process.

Interestingly enough, Tanenbaum doesn’t seem to mind what intel did. But there are some examples out there of people regretting releasing their work under a permissive license.

  • TheImpressiveX@lemmy.ml
    link
    fedilink
    arrow-up
    199
    arrow-down
    13
    ·
    5 months ago

    The MIT license guarantees freedom for developers. The GPL guarantees freedom for end users.

    • TheOubliette@lemmy.ml
      link
      fedilink
      arrow-up
      79
      arrow-down
      5
      ·
      5 months ago

      The MIT license guarantees that businesses will use it because it’s free and they don’t have to think about releasing code or hiding their copyright infringement. The developers I’ve seen using that license, or at least those who put some thought into it, did do because they want companies to use it and therefore boost their credibility through use and bug reports, etc. They knowingly did free work for a bunch of companies as a way to build their CV, basically. Like your very own self-imposed unpaid internship.

      The GPL license is also good for developers, as they know they can work on a substantial project and have some protections against others creating closed derived works off of it. It’s just a bit more difficult to get enterprise buy-in, which is not a bad thing for many projects.

      • v_krishna@lemmy.ml
        link
        fedilink
        English
        arrow-up
        18
        arrow-down
        4
        ·
        5 months ago

        All my own OSS stuff I always release MIT licensed because I want to be able to use the libraries in my closed source job.

        • CosmicTurtle0@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          17
          arrow-down
          1
          ·
          5 months ago

          Be really careful with this.

          Depending on how you contribute to your OSS code, commits you make on company time are considered property of the company. You could, unknowingly, be forcing your code to be closed source if your company ever decides to make a claim for it.

          I prefer to keep things bifurcated. I never reuse my own library and if I do, I rewrite it whole cloth.

          • folkrav@lemmy.ca
            link
            fedilink
            arrow-up
            14
            arrow-down
            1
            ·
            5 months ago

            “Company time” doesn’t mean much to me, as a remote salaried worker with relatively flexible schedules. Not touching anything but work code from my company machine should be enough, as far as I could understand. Not a lawyer, though.

        • grue@lemmy.world
          link
          fedilink
          English
          arrow-up
          9
          arrow-down
          1
          ·
          5 months ago

          If you’re the copyright holder, nothing stops you from releasing your work under more than once license. It is not necessary to use permissive licensing; you are perfectly free to release your stuff to the general public with a copyleft license while also granting your company a separate license even with proprietary terms if you want.

          • __dev@lemmy.world
            link
            fedilink
            arrow-up
            10
            ·
            5 months ago

            Only until you have any other contributor, as you’re then no longer the sole copyright holder. If you still want to work like that you’ll need a CLA.

      • CapeWearingAeroplane@sopuli.xyz
        link
        fedilink
        arrow-up
        14
        arrow-down
        1
        ·
        edit-2
        5 months ago

        You’re not seeing the whole picture: I’m paid by the government to do research, and in doing that research my group develops several libraries that can benefit not only other research groups, but also industry. We license these libraries under MIT, because otherwise industry would be far more hesitant to integrate our libraries with their proprietary production code.

        I’m also an idealist of sorts. The way I see it, I’m developing publicly funded code that can be used by anyone, no strings attached, to boost productivity and make the world a better place. The fact that this gives us publicity and incentivises the industry to collaborate with us is just a plus. Calling it a self-imposed unpaid internship, when I’m literally hired full time to develop this and just happen to have the freedom to be able to give it out for free, is missing the mark.

        Also, we develop these libraries primarily for our own in-house use, and see the adoption of the libraries by others as a great way to uncover flaws and improve robustness. Others creating closed-source derivatives does not harm us or anyone else in any way as far as I can see.

        • TheOubliette@lemmy.ml
          link
          fedilink
          arrow-up
          4
          arrow-down
          2
          ·
          5 months ago

          If the government is the US (federal), I think you are technically supposed to release your code in the public domain by default. Some people work around this but it’s the default.

          But anyways, the example you’ve given is basically that you’re paid with government funds to do work to assist industry. This is fairly similar to the people that do the work for free for industry, only this time it’s basically taxpayersl money subsidizing industry. I’ve seen this many times. There is a whole science/engineering/standards + contractor complex that is basically one big grift, though the individual people writing the code are usually just doing their best.

          I’m also an idealist of sorts. The way I see it, I’m developing publicly funded code that can be used by anyone, no strings attached, to boost productivity and make the world a better place. The fact that this gives us publicity and incentivises the industry to collaborate with us is just a plus.

          Perhaps it makes the world a better place, perhaps it doesn’t. This part of the industry focuses a lot on identifying a “social good” that they are improving, but the actual impact can be quite different. One person’s climate project is another’s strategic military site selector. One person’s great new standard for transportation is another’s path to monopoly power and the draining of public funds that could have gone to infrastructure. This is the typical way it works. I’m sure there can be exceptions, though.

          Anyways, I would recommend taking a skeptical eye to any position that sells you on its positive social impact. That is often a red flag for some kind of NGO industrial complex gig.

          Calling it a self-imposed unpaid internship, when I’m literally hired full time to develop this and just happen to have the freedom to be able to give it out for free, is missing the mark.

          Well you’re paid so of course it wouldn’t be that.

          Also, we develop these libraries primarily for our own in-house use, and see the adoption of the libraries by others as a great way to uncover flaws and improve robustness. Others creating closed-source derivatives does not harm us or anyone else in any way as far as I can see.

          Sometimes the industries will open bug reports for their free lunches, yes. A common story in community projects is that they realize they’re doing a lot of support work for companies that aren’t paying them. When they start to get burned out, they put out calls for funding so they can dedicate more time to the project. Sometimes this kind of works but usually the story goes the other way. They don’t get enough money and continue to burn out. You are paid so it’s a bit different, but it’s not those companies paying you, eh?

          You aren’t harmed by closed source derivatives because that seems to be the point of your work. Providing government subsidy to private companies that enclose the derivative product and make money for their executives and shareholders off of it.

          • CapeWearingAeroplane@sopuli.xyz
            link
            fedilink
            arrow-up
            4
            arrow-down
            1
            ·
            5 months ago

            You are almost on point here, but seem to be missing the primary point of my work. I work as a researcher at a university, doing more-or-less fundamental research on topics that are relevant to industry.

            As I wrote: We develop our libraries for in-house use, and release the to the public because we know that they are valuable to the industry. If what I do is to be considered “industry subsidies”, then all of higher education is industry subsidies. (You could make the argument that spending taxpayer money to educate skilled workers is effectively subsidising industry).

            We respond to issues that are related either to bugs that we need to fix for our own use, or features that we ourselves want. We don’t spend time implementing features others want unless they give us funding for some project that we need to implement it for.

            In short: I don’t work for industry, I work in research and education, and the libraries my group develops happen to be of interest to the industry. Most of my co-workers do not publish their code anywhere, because they aren’t interested in spending the time required to turn hacky academic code into a usable library. I do, because I’ve noticed how much time it saves me and my team in the long run to have production-quality libraries that we can build on.

            • TheOubliette@lemmy.ml
              link
              fedilink
              arrow-up
              5
              ·
              5 months ago

              You are almost on point here, but seem to be missing the primary point of my work. I work as a researcher at a university, doing more-or-less fundamental research on topics that are relevant to industry.

              This is something I’m very familiar with.

              As I wrote: We develop our libraries for in-house use, and release the to the public because we know that they are valuable to the industry. If what I do is to be considered “industry subsidies”, then all of higher education is industry subsidies. (You could make the argument that spending taxpayer money to educate skilled workers is effectively subsidising industry).

              This is largely the case, yes. Research universities do the basic research that industry then turns into a product and makes piles of cash from. And you are also correct that subsidizing STEM education is a subsidy for industry. It very specifically is meant to do that. It displaces industry job training and/or the companies paying to send their workers to get a degree. It also has the benefit of increasing overall supply in theur labor market, which helps drive down wages. Companies prefer having a big pool of potential workers they barely have to train.

              We respond to issues that are related either to bugs that we need to fix for our own use, or features that we ourselves want. We don’t spend time implementing features others want unless they give us funding for some project that we need to implement it for.

              That’s good!

              In short: I don’t work for industry, I work in research and education, and the libraries my group develops happen to be of interest to the industry. Most of my co-workers do not publish their code anywhere, because they aren’t interested in spending the time required to turn hacky academic code into a usable library. I do, because I’ve noticed how much time it saves me and my team in the long run to have production-quality libraries that we can build on.

              I think your approach is better. I also prefer to write better-quality code, which for me entails thinking more carefully about its structure and interfaces and using best practices like testing and CI.

      • wagesj45@kbin.run
        link
        fedilink
        arrow-up
        1
        ·
        5 months ago

        Not all of us write code simply for monetary gain and some of us have philosophical differences on what you can and should own as far as the public commons goes. And not all of us view closed derivatives as a ontologically bad.

        • grue@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          5 months ago

          And not all of us view closed derivatives as a ontologically bad.

          Please explain how allowing a third-party to limit computer users’ ability to control and modify their own property is anything other than ontologically bad?

          • wagesj45@kbin.run
            link
            fedilink
            arrow-up
            1
            ·
            5 months ago

            If I release something free of restrictions to the world as a gift, that is my prerogative. And a third party’s actions don’t affect my ability to do whatever I want with the original code, nor the users of their product’s ability to do what they want with my code. And the idea of “property” here is pretty abstract. What is it you own when you purchase software? Certainly not everything. Probably not nothing. But there is a wide swath in between in which reasonable people can disagree.

            If you are an intellectual property abolitionist, I doubt there is much I can say to change your mind.

        • TheOubliette@lemmy.ml
          link
          fedilink
          arrow-up
          0
          ·
          5 months ago

          Software licenses don’t change ownership. That requires transfer of copyright, like with contributor agreements.

          Though I am aware that a small set of people seek less copyleft licenses because they think they’re better. They are usually wrong in their thinking, but they do exist.

          I’m not sure what you are referring to about ontologically bad. Has someone said this?

    • Andromxda 🇺🇦🇵🇸🇹🇼@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      3
      ·
      5 months ago

      The MIT license guarantees freedom for developers proprietary software conglomerates to use FOSS code in their proprietary products. The GPL guarantees freedom for end users the entire FOSS community, both for users and developers.

    • uis@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      5 months ago

      I want to develop plugin for former MIT-licensed software. Now I can’t.