Grsecurity stable patches to be limited to sponsors
Grsecurity stable patches to be limited to sponsors
Posted Sep 6, 2015 9:53 UTC (Sun) by jospoortvliet (guest, #33164)In reply to: Grsecurity stable patches to be limited to sponsors by RCL
Parent article: Grsecurity stable patches to be limited to sponsors
The GPL and the concepts behind it have been instrumental in and crucial part of a cultural and economic shift, not just in the IT industry but far and wide. And I'm not just talking about the Creative Commons and Wikipedia but also the realization in academia and now business that this 'open innovation' thing is incredibly powerful. Businesses of course always look for was to benefit from this while staying in control - the real 'open' part is scary. That's why we had many controlled, small 'internet' competitors in the 90's and today so many little walled gardens where 'crowd sourcing' takes place.
But individuals have little incentive to contribute to a walled garden. Ownership is a powerful motivation and you just don't have that there. This goes twice for companies, of course, unless there is no choice they will prefer an open platform where they have a fair chance.
I think the BSD is an inferior license from a business pov because it provides no incentive to contribute. More importantly, it doesn't provide the equal playing field the GPL gives which is so beneficial for innovation and creativity. It works in a few cases because some are willing to contribute, even though it is of no benefit to them - but there is a reason why it is Linux which became a huge and successful project, and not any of the BSD's.
Posted Sep 7, 2015 1:03 UTC (Mon)
by RCL (guest, #63264)
[Link] (3 responses)
As far as I understand the issue, it is somewhat orthogonal to both licenses and is more about trademark usage.
> It works in a few cases because some are willing to contribute, even though it is of no benefit to them - but there is a reason why it is Linux which became a huge and successful project, and not any of the BSD's.
The bulk of software in use was not created by enthusiasts in their free time though, but by paid developers (this includes Linux); thus the question is more - which license allows better cooperation between the said enthusiasts and commercial entities. Linux is pretty much the only "big name" where GPL is still being used for such cooperation; gcc used to be the case too but commercial vendors all but quit it in favor of clang.
Of course, I am mostly talking about software that is supposed to be distributed to the end user - something that runs in the cloud is less affected by copyleft licenses, unless an exotic one like Affero GPL is being used.
Posted Sep 7, 2015 1:29 UTC (Mon)
by pizza (subscriber, #46)
[Link] (2 responses)
I've seen clang replace many home-grown proprietary compilers.. with other proprietary compilers that happen to be built on top of clang.
From an end-user perspective, it amounts to the same thing, though the latter tends to be higher quality.
(One of my work systems has *three* different forks/versions of clang installed as part of proprietary eclipse plugins. Plus another fork/version of clang internal to nvidia's graphics driver. Plus the built-from-source one that came with the Linux distro that can't replace any of the other four because none of the mods were contributed upstream)
Posted Sep 7, 2015 2:16 UTC (Mon)
by RCL (guest, #63264)
[Link] (1 responses)
http://lists.freebsd.org/pipermail/freebsd-amd64/2011-Mar...
while it is not uncommon to see outdated GPL'd software (gcc) being used downstream (e.g. CodeSourcery).
It is unreasonable to expect everyone to regularly update their versions, GPL'd or BSD'd, or contribute their patches upstream. This is another point that makes GPL moot - do you really need a tarball with some 2.4.x kernel used by someone in their firmware, heavily hacked to match their custom hardware? What value does that bring?
Posted Sep 7, 2015 14:39 UTC (Mon)
by pizza (subscriber, #46)
[Link]
I agree that's unreasonable to expect everyone to regularly update things. I also agree that upstreaming may or may not make commercial sense based on the ROI (FWIW it usually does in the long run, but hardly any commercial enterprise concerns themselves with the long run any more...)
However, putting aside the legal requirement for full corresponding source to a shipped binary Linux kernel image, having a proper source tarball means that *someone else* can upstream or support things long after the manufacturer has lost interest. This includes not only new features, but fixing security vulnerabilities.
This kind of thing is the entire premise of DD-WRT, OpenWRT, Cyanogen, and countless other efforts that tend to result in a far superior product to what was orginally shipped, and is effectively impossible without the source code for the supposedly-open bits.
Your "makes the GPL moot" assertion is actually one of the strongest arguments of why the GPL's copyleft ideals are a pragmatic thing in practice.
Grsecurity stable patches to be limited to sponsors
Grsecurity stable patches to be limited to sponsors
Grsecurity stable patches to be limited to sponsors
http://llvm.org/devmtg/2013-11/slides/Robinson-PS4Toolcha...
Grsecurity stable patches to be limited to sponsors