With Mitchell Ashley, CTO and general manager, StillSecure, who spoke to Lora Bentley at IT Business Edge regarding the differences between GPL v2 and GPL v3 and why some open source leaders aren't making the switch. StillSecure's Strata Guard Free is based on the Snort open source project.
When the Free Software Foundation released version 3 of the GNU General Public License in June, most in the open source community knew it would make ripples — and maybe even require significant changes to the way open source companies do business. But, perhaps naively, we didn’t expect it to cause quite as much fuss as it has.
And the latest topic of discussion has been Sourcefire’s decision to “lock” the Snort project under GPL v2 by removing the option to license it under later versions of the GPL until the company has time to evaluate the new license.
Network security software provider StillSecure offers a free IDS/IPS that is based on the Snort project. In a recent IT Business Edge interview, CTO Mitchell Ashley explained the confusion the licensing change has caused and clued us in as to what he thinks would solve a lot of the issues surrounding GPLv3.
The problem users and observers seem to have with Sourcefire’s decision is not the decision itself, but whether Sourcefire can unilaterally make that decision, he says:
There’s some concern about whether Sourcefire has the right to make that kind of change. They certainly do as to their own contributions — which are significant — to the Snort project, but there are others who have also contributed a great amount of code. Were their rights overwritten when that change was made? Yes, Snort is commercially backed, and a substantial amount of the work is done by a commercial company, but not all of it is.
So what happens if someone wants to combine Snort, or another strictly GPL v2 project, with a project licensed under GPL v3? We don’t have an answer yet, according to Ashley. And we won’t until two companies decide to challenge their differing interpretations of the license in court, it seems.
The problem, as Ashley sees it, is one of evolution:
I think what we’re seeing is that open source is undergoing this evolution from an open and free project to a second phase of being commercially backed, and then a third phase, which we’re entering, where the commercial venture wants to make some changes to the licensing around what was originally developed. I think that leads to some confusion and miscommunication and a lot of concern from people that not only use the software, but also develop it.
And there’s a better way to resolve the confusion and miscommunication than long and costly litigation, he says:
…I would like to see organizations like the OSI (Open Source Initiative) and the FSF broadening their thinking about not just free software development and free software for use, but also putting that into an ecosystem that includes commercial use of that free software. There’s probably just as much — or maybe more — open source being used inside commercial products than there are just in user networks around the world. At least it’s certainly a substantial percentage of it. To ignore that is sort of ignoring reality. There’s an argument to be made — both from an economic perspective and from the development perspective — that having that commercial role in open source is an important part of the ecosystem…
Interestingly, this isn’t the first time that open source organizations have been challenged to begin thinking about the commercial side of the software they advocate. Participants in this year’s Open Source Think Tank agreed that “a new industry forum on open source that includes software companies and customers” is necessary.
Pentaho Swipes BI Customer from SAP Business Objects
With its purchase of the New Zealand-based Weka open source data mining project, Pentaho demonstrates its commitment to providing a comprehensive open source business intelligence suite, according to a company spokesperson. A Ventana Research analyst confirms that the move is a good thing, noting that data mining is one of the top BI capabilities that users look for. Weka team members aren't disappointed either, according to this piece, which says the project has grown such that it needs commercial-grade support and resources to continue.
DiBona on Google's Open Source Philosophy
Chris DiBona, the open source program manager for Google, shares his philosophy. Read Lora's summary on how Google is implementing the Summer of Code.
Regulations Drive Need for Storage Specialists, Study Says
With Sarbanes-Oxley regulations and other data retention laws in place, the need for data storage experts is on the rise. Read Lora's article on various news that validate the need.
