Just saw the discussion around the Haier Home Assistant takedown and thought it would be good to materialize the metaphorical blacklist.
It’s probably a good idea to have a stronger definition and mission. Here are a few scenarios you should consider.
- FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.
- Mongo wrote the SSPL and MariaDB wrote the BSL. Both licenses are seen as regressions. I personally respect the MariaDB case and have been harassed by too many Mongo salespeople to say the same about them.
- Platforms like AWS are the reason companies like CockroachDB and Elastic implemented restrictive licenses.
- IBM has been gutting open source through its acquisition of Red Hat. This is a common story; Oracle has been screwing *nix longer.
- Protecting trademarks causes a lot of consternation from users. The Rust Foundation is the most recent example of this I remember blowing up the FOSS community.
I like your idea a lot. I think it needs some definition to be very successful!
FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.
I’m not planning on counting that as hostile behavior. Organizations can choose a license for their software (and I can choose not to buy/use it). This collection is mostly focused on companies that hurt existing Open Source software. Such as sending a cease and desist to an unofficial plugin/extension or closing down software that was originally open source.
Maybe your could also add organisations (companies, government agencies, NGOs,…) that create standards in such a way that the standard is hard or impossible to implement in open source implementations?
I.e reddit raising API costs high enough that it effectively killed it.
I was more thinking about things like governments that decide that every implementation of something must be certified to be used, e.g. with wireless technologies. Not so much implementation as specification or legal compliance barriers to open source basically.
You raise a good point though, financial barriers such as per user pricing that are hard to implement for software distributed for free would be quite similar.
i feel like the MPL is fsr superior and fairer than the MIT license
I personally use Apache 2.0 because it’s been upheld in court. I’m not sure if MPL has been directly challenged in court. Either way, I agree with the sentiment. The legal perspective is why I moved away from MIT/ISC.
you should considwr MPL, if someone found a security vulneravility theyd be legally obligated to tell yoy for example. also, it still allows commerical closed source software. try it!!
IBM is so good and so bad. Their machines are so open. Their software is not.
FSF defines anything that’s not copyleft as hostile. That’s most companies. I personally don’t think I can tell my users what to do with my software other than remove my liability so I vehemently disagree with Stallman.
Citations please? Using a pushover license instead of copyleft is not hostility but a missed opportunity. Copyleft is about a community safeguarding itself and making sure the software can’t be used in proprietary applications as much as possible.
Are you not familiar with Richard Stallman? Here’s one piece.
We in the free software movement don’t think of the open source camp as an enemy; the enemy is proprietary (nonfree) software. But we want people to know we stand for freedom, so we do not accept being mislabeled as open source supporters. What we advocate is not “open source,” and what we oppose is not “closed source.” To make this clear, we avoid using those terms.
Your own citation disproves the hostility claim. To answer your question, yes I was a student associate member of the FSF. Nowhere did I learn to treat non copyleft licenses as “hostile.” In fact, they are so prevalent that considering it hostile/harmful would be fruitless. They are still free licenses at the end of the day (at least the ones that dont violate the four freedoms)
Edit: actually we are hostile to some open source licenses, like the ones that prohibit commercial use to any group or individual! That’s a huge no-no.
Your pull quote expresses hostility to not FSF idealism. I get that you drank the koolaid and believe you get to tell anyone who uses your product what they can do with it. That’s just telling a cook what they have to do with their ingredients just because they bought from you. It’s okay.
What??? It’s literally just a group distinguishing itself from another. Both Open Source and Free Software work together against a common enemy.
It’s good to distinguish different groups that have different methodologies, motives and goals to avoid friction. This essay is actively trying to avoid hostility.
you get to tell anyone who uses your product what they can do with it.
Horseshoe theory but for copyleft and copyright. What a fucking joke. I thought you had good intentions but now I know you’re unwilling to see another perspective.
You don’t seem to understand the implications of GPL and you’re real interested in pushing an org that propped up a pedophile. Based on your comment history, you’re either a troll or you really are into some objectionable shit.
I don’t have a problem with FSF or copyleft. I do have a problem with people that don’t understand either.
Don’t forget to add Nintendo
Hehehe, somebody really did it after Haier’s act of stupidity
Add Mazda to this list please.
The developer of this plugin for HomeAssistant apparently didn’t have insurance and couldn’t risk the legal fight. This is the DMCA take down that Mazda issued for the reason that the code “provides functionality same as what is currently in Apple App Store and Google Play App Store”
https://github.com/github/dmca/blob/master/2023/10/2023-10-10-mazda.md
Additional Coverage: https://arstechnica.com/cars/2023/10/mazdas-dmca-takedown-kills-a-hobbyists-smart-car-api-tool/
Surprised that most hardware companies aren’t on the list. AMD, Intel, Nvidia, Apple, Broadcom all are hostile to reverse engineering or in Nvidias case, not even bothering to do the bare minimum for an ultra lenient Torvalds.
It’s open to pull requests
It might be a good idea to do the exact opposite I.e. make a OSS whitelist. It will be much easier to maintain given the scale of applications/services/products.
Although I agree, it’s tough to make a whitelist than a blacklist, as the latter requires only 1 bad decision, the former is tough to assess (how many good decision to be on the list, ex Microsoft support lots of open source projects, should they be added?)
No. Never. It’s a ruse.
Do we even need to say nvidia?
Nice OP! Thank you! I don’t have a codeberg account yet, but you can use this to easily create a TOC https://imthenachoman.github.io/nGitHubTOC.
It would be good to add links/citations as well, instead of just quotes. IE: https://www.bleepingcomputer.com/news/security/haier-hits-home-assistant-plugin-dev-with-takedown-notice/
It would be good to add links/citations as well, instead of just quotes. IE: https://www.bleepingcomputer.com/news/security/haier-hits-home-assistant-plugin-dev-with-takedown-notice/
I would suggest creating a documents archive subdirectory and mirroring as well as linking, in case the takedown notices get takedown-notice’d.
I’m shocked that the list only contains one
I created it less than an hour ago. If you have any other suggestions please share (or send a pull request).
EDIT: The list contains 3 companies now
This seems like it could be useful info if it takes off
Do you have any suggestions for the list?
That garage door company that removed API access, breaking it for about 20000 Home Assistant users
Also they stopped working on their integration for Alexa/Homekit/Google Home, forcing all their users in general into their ad filled app.
Think it was Chamberlain or something
I’ve added Chamberlain Group
I suggest adding John Deer. Their current business model relies on violating GPL.
https://www.theregister.com/2023/03/17/john_deere_sfc_gpl/
https://www.youtube.com/watch?v=XP7Qx1FF1hADone
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=XP7Qx1FF1hA
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I’m open-source; check me out at GitHub.
Biggest one of all imo - Red hat/IBM
Done
Obviously that was a controversial decision, but Red Hat probably contributes to Open Source more than any other company. To call Red Hat “OSS Hostile” is probably a little too much.
I think you’re right. I’ve changed it to IBM instead of Red Hat themselves because they were the cause of the policy changes.
Mazda https://piped.video/watch?v=MirpRkmruOg
Mazda files false DMCA takedown notice to intimidate open source programmer
The new owner of Simple Mobile Tools? Buying it and then adware stuffing? ZipoApps?
We are writing to inform you that we have discovered two Home Assistant integration plug-ins developed by you ( https://github.com/Andre0512/hon and https://github.com/Andre0512/pyhOn ) that are in violation of our terms of service
Did the guy explicitly agree to their Terms of service? If not, how can he be in breach of them?
cease and desist all illegal activities
What illegal activities exactly?
Feels like unenforceable scare tactics, but IANAL.
Sure would be a shame if people used this blacklist as a basis for leaving negative reviews on Amazon.
This is awesome! Maybe it should be noted where the cutoff is. What is considered hostile behavior and what is not?
That’s a good point. I wasn’t really sure where to put the cutoff point nor how to define it. Another problem is what consists as anti-OSS behavior. Is anti-right-to-repair part of it?
Good question! May I suggest some kind of poll or questionaire to gather what the majority thinks constitutes oss hostile or anti oss behavior. Maybe it would also be good to question the purpose of this list to maybe find a logical cutoff point that way. Example: If naming and shaming is the purpose then it might not matter if anti right to repair or just not giving any api access since it makes controling stuff you bought harder by choice.
I always choose this kind of philosophical approach since it helps me make decision.
I really like seeing codeberg being used more.
Also I’m definitely keeping my eyes on this repo once in a while 👀🧐🍵
