Feeds

Free software darling SugarCRM blasts OSI

Restrictive hypocrites

Boost IT visibility and business value

LinuxWorld Full of free software pride, SugarCRM CEO John Roberts has revitalized his attack against the Open Source Initiative (OSI) characterizing the organization as weak and confused.

After being the open source community's whipping boy, SugarCRM now enjoys a position of power. Last month, the software maker agreed to place a fresh version of its flagship product under the General Public License v3 (GPLv3) crafted by the Free Software Foundation. This established SugarCRM as the most prominent backer of GPLv3 to date.

The adoption of GPLv3 marked a significant shift in SugarCRM's licensing policy. The company had relied on a modified version of the Mozilla Public License (MPL) that required users of its code to display a SugarCRM logo. Critics - and there are many - of this type of license described SugarCRM as a badgeware vendor. In addition, OSI board members chastised SugarCRM for presenting itself as an open source software maker despite using a license not approved by the OSI – the self-proclaimed defenders of the open source definition.

When SugarCRM moved to GPLv3, quite a few reports emerged pushing the idea that the OSI forced it into the decision through public ridicule. Not so, according to Roberts.

"The OSI had nothing to do with our decision to go with GPLv3," Roberts said, during a panel today here at LinuxWorld.

Just as SugarCRM shifted to GPLv3, the OSI approved a badgerware license from Web 2.0 felch Socialtext.

"The OSI was hammering on us, and they just turned around and approved a more restrictive license," Roberts said. "It is really hypocrisy here."

And, in fact, Socialtext's Common Public Attribution License (CPAL) includes both an attribution clause – the logo bit – and a network use clause that forces software-as-a-service companies and service providers to give credit where credit may be due. That's a step beyond SugarCRM's old attribution license.

Even worse, the OSI has yet to approve GPLv3 as an open source license. In fact, the organization only managed to put GPLv3 up for review this week due to some bungling.

"Chris DiBona [Google's open source guru] submitted GPLv3 and LGPLv3 last month, but his submission was in the wrong format, so it was not captured by the automated tools that are set up to establish and track discussions," OSI President Michael Tiemann told us. "Russ Nelson [OSI's license approval chair] caught the error (manually), and the state as of (Aug. 5) is that we have both the GPLv3 and the LGPLv3 as formally submitted for discussion. When Russ believes the list has reached a consensus, he will report that consensus and we will take it under consideration for a vote."

These awkward machinations seem insane to us when you consider that GPLv2 covers close to 70 per cent of all the projects on SourgeForge and stands as the most prominent open source license. Surely, the OSI would think to slot its successor in for review as soon as it was possible, right?

In fairness, the OSI tends to give the author of a license the first crack at submitting it for approval. The FSF, however, has no intention of seeking the OSI's approval since it couldn't care less whether some organization deems its work worthy of the open source label. Everyone at the OSI knows this, and members of the organization should have taken it upon themselves to make sure such a crucial license was put up for review at the earliest possible moment. Instead, we find excuses about missing e-mails and improper formatting.

Roberts continues to question why the OSI gets to be the arbiter of all things open source – a query made stronger by the chaos often displayed by the organization and the fact that the board members are not elected but rather tapped to lead during a bizarre hazing ritual performed at midnight in the San Diego Zoo's penguin display.

"I really like what OSI represents as an organization," Roberts said. "But no one really asks, 'Who are the approvers. How are they elected – by hundreds of votes or three or four votes? How did you get to become the Supreme Court?'"

The hapless Danese Cooper, an OSI board member and Intel employee, did her best, during the LinuxWorld panel, to avoid adding any substance to the discussion. So desperate for attention that she knits during panels, Cooper shrugged off the OSI criticism, saying that GPLv3 is in fact making its way through OSI's approval process just fine.

The OSI could do itself a favor by making sure that people more willing to confront issues honestly and clearly – like Tiemann – show up at these types of gigs.

Roberts has recommended that the OSI or someone adopt a Digg-style system for sorting through open source licenses where the most popular – and perhaps useful – licenses would rise to the top. That idea feels a bit wisdom of crowds dependent to us, but at least it's a fresh idea.

The OSI's Tiemann remains impressive for his defense of the open source ideology, and it seems that something like the OSI is crucial for such a task. A Digg-style system would seem to place little emphasis on protecting ideals, brands and the like. Ultimately, you do want "open source" to mean something significant, and it takes thoughtful people to protect that.

That said, we find the OSI undermining its influence through the SugarCRM/GPLv3 epsisode.

It's beating up on SugarCRM one day and then championing it the next for a license switch. In actual fact, though, SugarCRM is still not an open source vendor under the OSI's definition because the OSI has failed to push through its approval of GPLv3 at speed. If this isn't ironic, it's at least a little pathetic. ®

Boost IT visibility and business value

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
Intel's Raspberry Pi rival Galileo can now run Windows
Behold the Internet of Things. Wintel Things
Linux Foundation says many Linux admins and engineers are certifiable
Floats exam program to help IT employers lock up talent
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Eat up Martha! Microsoft slings handwriting recog into OneNote on Android
Freehand input on non-Windows kit for the first time
Linux kernel devs made to finger their dongles before contributing code
Two-factor auth enabled for Kernel.org repositories
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.