Feeds

Is Red Hat doing its part to win the 'open source' war?

Confusion at Club Badgeware

Providing a secure and efficient Helpdesk

Analysis Should you believe Red Hat's claims that its new Exchange marketplace for "open source business applications" contains nothing but open source business applications? We say "no" - since not even Red Hat appears to have a good answer for this question.

So far, Red Hat has filled its Exchange, also known as RHX, with software from numerous companies, including SugarCRM, Zimbra, and Alfresco. In posting their wares to the exchange, these software makers have given Red Hat permission to lead sales and provide support. Ultimately, all the vendors involved celebrate RHX as a way of boosting the sale of open source software to small and mid-sized businesses.

The rub is that many of the applications may fail to meet the meaning of open source software as put down by the Open Source Initiative (OSI) - the self-proclaimed steward of the Open Source Definition. That's a problem when you consider that Red Hat bills RHX as a spot to "compare buy and manage open source business applications - all in one place and backed by the open source leader." And an even bigger problem crops up when you realize that Michael Tiemann, a Red Hat VP, has led the criticism of OSI offenders in his role as President of the OSI.

Tiemann, in fact, ignited the OSI licensing controversy in a blog post last month entitled "Will the real open source CRM please stand up?" Ever prolix, Tiemann charged after some reporter who referred to SugarCRM and Centric CRM as open source CRM vendors. SugarCRM, you see, relies on a modified version of the OSI-approved Mozilla Public License (MPL) that includes a controversial "attribution" clause, while Centric CRM uses its own Centric Public License, not approved by the OSI.

Tiemaan wrote:

Starting around 2006, the term open source came under attack from two new and unanticipated directions: the first was from vendors who claimed that they have every bit as much right to define the term as does the OSI, and the second was from vendors who claimed that their license was actually faithful to the Open Source Definition (OSD), and that the OSI board was merely being obtuse (or worse) in not recognizing that fact. (At least one vendor has pursued both lines of attack.)

This was certainly not the first attack we ever had to repel, but it is the first time we have had to confront agents who fly our flag as their actions serve to corrupt our movement. The time has come to bring the matter into the open, and to let the democratic light of the open source community illuminate for all of us the proper answer.

Some vendors flying the open source flag have claimed that the infamous attribution add-on to the MPL serves their purposes well and does little to harm the so-called open source "community." These vendors created the clause as a means of countering the wholesale borrowing of code by service providers.

The likes of Google and Yahoo! can grab an open source package, modify it and then run it on their servers without returning the modified code to the public domain. That's the result of some archaic notions around distribution embedded in many open source licenses. Entities have typically been required to reveal code changes only if they redistribute an open source package. Service providers, meanwhile, claim they're not redistributing the software simply by running it on their servers and providing a service to customers.

With the attribution clause in place, the software makers hoped to gain public recognition for their work by forcing service providers and others to display their corporate logos if a given software package was being used. The service providers could also opt to pay the software makers to remove the logo.

True blue open source zealots castigate the attribution crowd as badgeware vandals. More critically, the open source advocates contend that vendors simply do not have the right to claim they produce "open source" code and place that code under the license of their choosing. Such tactics threaten to undermine the open source agenda.

"So, what's at stake is whether the term 'open source' continues to mean anything, or is in effect abandoned to third-rate marketing clowns with delusions of grandeur," Rick Moen a Linux activist told us. "I think the latter would deliver a roundhouse blow to the ongoing open source / free software outreach effort, one from which it might never recover."

Security for virtualized datacentres

Next page: The Return to RHX

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.