Feeds

Free software darling SugarCRM blasts OSI

Restrictive hypocrites

Secure remote control for conventional and virtual desktops

LinuxWorld Full of free software pride, SugarCRM CEO John Roberts has revitalized his attack against the Open Source Initiative (OSI) characterizing the organization as weak and confused.

After being the open source community's whipping boy, SugarCRM now enjoys a position of power. Last month, the software maker agreed to place a fresh version of its flagship product under the General Public License v3 (GPLv3) crafted by the Free Software Foundation. This established SugarCRM as the most prominent backer of GPLv3 to date.

The adoption of GPLv3 marked a significant shift in SugarCRM's licensing policy. The company had relied on a modified version of the Mozilla Public License (MPL) that required users of its code to display a SugarCRM logo. Critics - and there are many - of this type of license described SugarCRM as a badgeware vendor. In addition, OSI board members chastised SugarCRM for presenting itself as an open source software maker despite using a license not approved by the OSI – the self-proclaimed defenders of the open source definition.

When SugarCRM moved to GPLv3, quite a few reports emerged pushing the idea that the OSI forced it into the decision through public ridicule. Not so, according to Roberts.

"The OSI had nothing to do with our decision to go with GPLv3," Roberts said, during a panel today here at LinuxWorld.

Just as SugarCRM shifted to GPLv3, the OSI approved a badgerware license from Web 2.0 felch Socialtext.

"The OSI was hammering on us, and they just turned around and approved a more restrictive license," Roberts said. "It is really hypocrisy here."

And, in fact, Socialtext's Common Public Attribution License (CPAL) includes both an attribution clause – the logo bit – and a network use clause that forces software-as-a-service companies and service providers to give credit where credit may be due. That's a step beyond SugarCRM's old attribution license.

Even worse, the OSI has yet to approve GPLv3 as an open source license. In fact, the organization only managed to put GPLv3 up for review this week due to some bungling.

"Chris DiBona [Google's open source guru] submitted GPLv3 and LGPLv3 last month, but his submission was in the wrong format, so it was not captured by the automated tools that are set up to establish and track discussions," OSI President Michael Tiemann told us. "Russ Nelson [OSI's license approval chair] caught the error (manually), and the state as of (Aug. 5) is that we have both the GPLv3 and the LGPLv3 as formally submitted for discussion. When Russ believes the list has reached a consensus, he will report that consensus and we will take it under consideration for a vote."

These awkward machinations seem insane to us when you consider that GPLv2 covers close to 70 per cent of all the projects on SourgeForge and stands as the most prominent open source license. Surely, the OSI would think to slot its successor in for review as soon as it was possible, right?

In fairness, the OSI tends to give the author of a license the first crack at submitting it for approval. The FSF, however, has no intention of seeking the OSI's approval since it couldn't care less whether some organization deems its work worthy of the open source label. Everyone at the OSI knows this, and members of the organization should have taken it upon themselves to make sure such a crucial license was put up for review at the earliest possible moment. Instead, we find excuses about missing e-mails and improper formatting.

Roberts continues to question why the OSI gets to be the arbiter of all things open source – a query made stronger by the chaos often displayed by the organization and the fact that the board members are not elected but rather tapped to lead during a bizarre hazing ritual performed at midnight in the San Diego Zoo's penguin display.

"I really like what OSI represents as an organization," Roberts said. "But no one really asks, 'Who are the approvers. How are they elected – by hundreds of votes or three or four votes? How did you get to become the Supreme Court?'"

The hapless Danese Cooper, an OSI board member and Intel employee, did her best, during the LinuxWorld panel, to avoid adding any substance to the discussion. So desperate for attention that she knits during panels, Cooper shrugged off the OSI criticism, saying that GPLv3 is in fact making its way through OSI's approval process just fine.

The OSI could do itself a favor by making sure that people more willing to confront issues honestly and clearly – like Tiemann – show up at these types of gigs.

Roberts has recommended that the OSI or someone adopt a Digg-style system for sorting through open source licenses where the most popular – and perhaps useful – licenses would rise to the top. That idea feels a bit wisdom of crowds dependent to us, but at least it's a fresh idea.

The OSI's Tiemann remains impressive for his defense of the open source ideology, and it seems that something like the OSI is crucial for such a task. A Digg-style system would seem to place little emphasis on protecting ideals, brands and the like. Ultimately, you do want "open source" to mean something significant, and it takes thoughtful people to protect that.

That said, we find the OSI undermining its influence through the SugarCRM/GPLv3 epsisode.

It's beating up on SugarCRM one day and then championing it the next for a license switch. In actual fact, though, SugarCRM is still not an open source vendor under the OSI's definition because the OSI has failed to push through its approval of GPLv3 at speed. If this isn't ironic, it's at least a little pathetic. ®

Security for virtualized datacentres

More from The Register

next story
Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really
Windows NEIN skipped, tech preview due out on Wednesday
Business is back, baby! Hasta la VISTA, Win 8... Oh, yeah, Windows 9
Forget touchscreen millennials, Microsoft goes for mouse crowd
Apple: SO sorry for the iOS 8.0.1 UPDATE BUNGLE HORROR
Apple kills 'upgrade'. Hey, Microsoft. You sure you want to be like these guys?
ARM gives Internet of Things a piece of its mind – the Cortex-M7
32-bit core packs some DSP for VIP IoT CPU LOL
Microsoft on the Threshold of a new name for Windows next week
Rebranded OS reportedly set to be flung open by Redmond
Lotus Notes inventor Ozzie invents app to talk to people on your phone
Imagine that. Startup floats with voice collab app for Win iPhone
'Google is NOT the gatekeeper to the web, as some claim'
Plus: 'Pretty sure iOS 8.0.2 will just turn the iPhone into a fax machine'
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.