Context:
Permissive licenses (commonly referred to as “cuck licenses”) like the MIT license allow others to modify your software and release it under an unfree license. Copyleft licenses (like the Gnu General Public License) mandate that all derivative works remain free.
Andrew Tanenbaum developed MINIX, a modular operating system kernel. Intel went ahead and used it to build Management Engine, arguably one of the most widespread and invasive pieces of malware in the world, without even as much as telling him. There’s nothing Tanenbaum could do, since the MIT license allows this.
Erik Andersen is one of the developers of Busybox, a minimal implementation of that’s suited for embedded systems. Many companies tried to steal his code and distribute it with their unfree products, but since it’s protected under the GPL, Busybox developers were able to sue them and gain some money in the process.
Interestingly enough, Tanenbaum doesn’t seem to mind what intel did. But there are some examples out there of people regretting releasing their work under a permissive license.
Interestingly enough, Tanenbaum doesn’t seem to mind what intel did.
Yeah, duh. Intelligent people read licenses before they pick one.
But there are some examples out there of people regretting releasing their work under a permissive license.
That’s like signing a contract before reading it and then complaining that it contains provisions that surprise you when they are enacted. I’m baffled on a regular basis by how many people understand FOSS licenses only on the basis for hearsay, for example when people insist that GPLed source code must be made available free of charge for everyone. The GNU project has a FAQ about the GPL that spells it out that this is not the case and yet hardly anyone discussing FOSS licenses has even read the FAQ.
Copyleft = pro-capital confirmed.
removed by mod
I find MIT to be good for libraries as you can get companies using it and working on it. However, apps and binaries should be copyleft to not get fucked over.
This is what LGPL is for.
You can still use a library like a library freely, without restriction, but you are keeping your IP protected from being copied cloned and modified elsewhere.
I published some packages under MIT a couple of years ago. It is difficult to understand at first, I was happy with the license because anyone could use it like they want.
Today, I understand that I want to use GPL. With GPL everyone can use the code like they want and I can use their code like I want.
For writing an application GPL is fine if you don’t want anyone to profit from your work and if they make changes, contribute back.
Things are a little bit more complex if you are writing a library or code that is meant to be included in another application.
If you use GPL you might get rejected even by other open source applications, as GPL might be understandable as it will change license off the application or be outright incompatible.
This was the case with cursor library after author changed license everyone stopped using it: https://github.com/GijsTimmers/cursor/commit/885156333ac9ca335a587b1dd08964074313f026
The most ironic thing is that he created package from stack overflow answer:
https://github.com/GijsTimmers/cursor/blob/master/cursor/cursor.py
The original author never said they are releasing copyright or are making it public domain.
Isn’t this why LGPL exists?
It is
if you don’t want anyone to profit from your work
Technically you can. There are two popular models: Lua model and RedHat model. In first you are paid to develop requeated features, in second for support.
I am a consultant who sometimes writes code to do certain useful things as part of larger systems (parts of which may be commercial or GPL) but my clients always try to impose terms in their contracts with me which say that anything I develop immediately becomes theirs, which limits my ability to use it in my next project. I can to some extent circumvent this if I find a way to publish the work, or some essential part of it, under an MIT license. I’m never going to make money off of my code directly; at best it’s middleware, and my competitors don’t use the same stack, so I’m not giving them any real advantage… I don’t see how I’m sabotaging myself in this situation; if anything the MIT license is a way of securing my freedom and it benefits my future customers as well since I don’t have to rebuild from scratch every time.
Can’t you just publish the work under the GPL license? I have no idea of programming, maybe this is a dumb question.
The problem is, that would limit my own option to make a version of the software and sell it under a more limited license in the future. Whomever I sell it to then has the right to go ahead and redistribute it, competing with me. Sure, my current, highly niche code already carries that risk, but the MIT license doesn’t stop me from releasing a modified version I may write that is more valuable as software, and then protecting that release with other licensing terms.
that would limit my own option to make a version of the software and sell it under a more limited license in the future
Nope. As the author you’re free to license your stuff however you want. You can use 10 different licenses for 10 clients if you want. You could write a custom version of your application and give a non-free license to a specific client if you want.
It really depends. If the contract gives ownership of the work created to the purchaser, he has no rights to it whatsoever. Moreover, trying to do a clean room implementation of your own code is almost impossible without help. A permissive license would give the purchaser unlimited use of the product, including resale while still allowing the producer unlimited use, as well. If the contract is written correctly, the producer might even retain ownership, with the right to use different licenses, while the purchaser would have few or no restrictions.
If someone is paying you to write code, they have some say in the contract about how it is licensed. You could be upfront about only doing GPL, and they could be upfront about saying no. But if you try to do it after the fact, that’s a violation of the contract.
Work for hire is a completely different situation. You have to accept the terms of whoever’s paying you to do the work.
This comic is more about someone doing something as a hobby project, or writing their own software not under someone else’s direction, where they have full freedom to choose their own license.
The two licenses have distinct use cases, and only overlap for some definitions of “free” software. I also think both the comic artist and OP set up a fallacious argument. I’ll add that in no way do I support Intel’s shenanigans here.
The comic author takes one specific case of an MIT licensed product being used in a commercial product, and pits it against another GPL product. This ignores situations where MIT is the right answer, where GPL is the wrong one, situations where legal action on GPL violations has failed, and all cases where the author’s intent is considered (Tanenbaum doesn’t mind). From that I conclude that this falls under The Cherry Picking Fallacy. While humorous, it’s a really bad argument.
But don’t take it from me, learn from the master of logic himself.
commonly referred to as “cuck licenses”
This sentiment makes the enclosing sentence an Ad-hominem fallacy, by attacking the would-be MIT license party as having poor morals and/or low social standing. Permissive licenses absolutely do allow others to modify code without limit, but that is suggested to be a bad thing on moral grounds alone. That said, I’d love to see a citation here because that’s the first I’ve heard of this pejorative used to describe software licensing.
Dude are you a bot?
Just a cooperate lawyer, so yes.
I know you meant copyright… but this made me laugh.
I actually ment corporate ha
Even funnier. Stupid English and it’s stupid words.
and all cases where the author’s intent is considered (Tanenbaum doesn’t mind).
I think you’re ignoring that most people wouldn’t want their code used like that. Just because the author doesn’t mind doesn’t make that typical. Look at Mongo and Elastic. They felt the need to use an arguably non-free license for their code because of perceived abuses. AppGet is another example of something similar.
I think you’re ignoring that most people wouldn’t want their code used like that.
That’s why you should read and understand a license before choosing it. MIT license is just a couple of lines of easy language, so it’s not like you need a degree to understand basic English. Anybody who’s surprised by the contents of the MIT license has no sympathy from me. Reading the text requires no more than one minute of time.
People generally aren’t surprised by the effects of the MIT license, they’re surprised by the behavior of other humans. Less permissive licenses protect against that.
People generally aren’t surprised by the effects of the MIT license, they’re surprised by the behavior of other humans.
Wait, people give other people the right to make proprietary variants of released source code and then are surprised when they exercise that right?
Less permissive licenses protect against that.
No, other licenses don’t protect against not understanding which rights are granted. The GPL, for example, allows to make proprietary web services using GPL code and to never release any modifications to that code. Many people were very surprised many years ago that some web-based messenger could use Pidgin’s libpurple to connect to ICQ etc. without ever giving anything back.
Wait, people give other people the right to make proprietary variants of released source code and then are surprised when they exercise that right?
It’s more like being angry when people try to abuse charities and get money when they don’t need it. Like growing an apple tree in your yard and telling people they’re free then being upset when someone comes and takes all of them. Or a better example, being angry about people taking all the candy from a Halloween bowl.
No, other licenses don’t protect against not understanding which rights are granted.
That’s not what I meant, I meant protect against people taking advantage of your code in a way most people would view as wrong. (Just because something isegal doesn’t mean people believe it is right.)
Also, that’s why I use AGPL.
situations where MIT is the right answer
Genuinely curious, when is this the case? If you’re programming on your own then it just takes the option of controlling what others do to your work off the table for no benefit - if you go copyleft and someone uses it and you don’t “mind” them using it then you can give/sell them an exemption while retaining the ability to go after uses that you don’t like.
I’ve been in situations where I wanted to retain credit/ownership of ideas and code, but wanted to be able to use them in the workplace. So building a MIT/BSD licensed library on the weekend and then importing it on Monday was the only game in town. I get the portfolio piece and my job is easier as a result. But I stick to non-novel and non-patentable stuff - “small” work really, as Stallman is quoted here..
In some work environments, GPL or “GPL with an exception” would never get the kind of traction it should. Lots of places I’ve worked lack the legal and logistical framework for wrangling licenses and exceptions. It’s hard to handle such cases if there’s literally nobody to talk to about it, while you have automated systems that flag GPL license landmines anyway. The framing is a kind of security problem, not a license problem, so you never really get to start.
I was surprised that comment this got so many upvotes, so I’ll respond by saying that, with all due respect, I think your argument is much more fallacious than the one you are trying to debunk.
The comic author takes one specific case of an MIT licensed product being used in a commercial product, and pits it against another GPL product.
Yes, this is called an example. In this case, the author is using a particularly egregious case to make a broader conclusion: namely that if you release software under a “do whatever you want” license, it may come back to bite you in the future when it’s used in a product that you don’t like.
This comic is a warning to developers that choosing MIT/BSD without understanding this fact is a bad choice.
This ignores situations where MIT is the right answer, where GPL is the wrong one
It does not ignore those situations. All situations are multifaceted and need to take multiple considerations into account. The author is trying to argue that people should take care not to overlook the particular one to which he is trying to draw attention.
situations where legal action on GPL violations has failed
Just because legal efforts have failed does not mean that they are not worthwhile. There may be many cases where people avoided misappropriating GPL software because they did not want to deal with the license - there may be cases where people were less hesitant about doing so with MIT/BSD because they knew this risk was not there.
From that I conclude that this falls under The Cherry Picking Fallacy. While humorous, it’s a really bad argument.
Just because the author used a single example does not preclude the existence of others. That is a much more fallacious assumption that invalidates much of your argument.
and all cases where the author’s intent is considered (Tanenbaum doesn’t mind).
Just because Tanenbaum didn’t mind does not mean that other developers who mistakenly use MIT/BSD will not either. Also, it honestly shouldn’t matter what Tanenbaum thinks because we don’t know what his rationale is. Maybe he thinks malware is a good thing or that IME is not a serious issue - if that’s the case, do we still consider his sentiments relevant?
commonly referred to as “cuck licenses”
This sentiment makes the enclosing sentence an Ad-hominem fallacy
It does not, in fact. Just because the author used a slang/slanderous term to describe the licenses he doesn’t like does not mean that his logical arguments are invalid. Ad-hominem fallacies are when you say “the person who argued that is $X, therefore his logic is invalid”, not when he uses a term that may be considered in poor taste.
by attacking the would-be MIT license party as having poor morals and/or low social standing.
Misrepresentation. The author is not arguing that they have poor morals, he is arguing that they are short-sighted and possibly naive with regards to the implications of choosing MIT/BSD.
My conclusion: I appreciate the author for making this post. People should be more aware of the fact that your software could be used for nefarious purposes.
So unless you really don’t care about enabling evil people, you should be defaulting to using GPL. If people really want to use your copyleft software in a proprietary way, then it is easily within their means (and resources) to get an exemption from you. The fact that there is so much non-GPL software out there makes the GPL itself weaker and makes it easier for nefarious interests to operate freely.
(Not that I would ever release software under GPL myself. I think software licenses are stupid. But no license basically has the same non-derivative limitation as GPL so it doesn’t matter as far as I’m aware.)
I’d like to counter both these arguments with:
Permissive License promoters are corporate trolls
I’ve taken up saying “temporarily free/libre” and “permanently free/libre” instead of the permissive/copyleft, since imo “permissive” has a suggestive positive connotation. Especially to ppl who do not know much about the free software movement
Temporarily free gives the idea that the code will stop being free at some point and may cause misunderstandings. It would be better to use nonreciprocal.
Temporarily free gives the idea that the code will stop being free at some point
Because it absolutely can and most of the times does.
The original code never stops being free, but the code incorporated into a new project will be, so it’s a misleading term to people unfamiliar with open source licensing, that may think the license somehow expires. Even the fsf doesn’t use such terminology. They use reciprocal and nonreciprocal, because it translates the idea that gpl-like licenses create a relationship of reciprocity, and bsd-like ones create a relationship of non reciprocity.
It will stop being free the second a corporation gets it’s hands on it, makes improvements and put’s those under a proprietary license
Yes, but the originally free/libre licensed source code is still out there.
makes improvements and put’s those under a proprietary license
You could also make improvements and release them under a GPL license.
There’s nothing Tanenbaum could do
Tanenbaum doesn’t seem to mind
Today OP was very dumb and showed his ignorance of the concept “I do whatever I fucking want.” Don’t be like OP.
people regretting releasing their work under a permissive license
They’re free to change the licence of future versions. OP also failed at understanding the concept of licences. He’s such a silly moron!
They’re free to change the licence of future versions.
Only if they are still the only contributor. Once you have more contributors, it gets far tougher to change the licence.
How does it work with contributors? Does absolutely everyone have to consent to having the license changed? If one of the contributors doesn’t consent, can the maintainer “cut out” their contributions into a separate program and redistribute it as a plugin with the original license?
Does absolutely everyone have to consent to having the license changed?
Very minor changes (like fixing typos in comments) aren’t copyrightable, so these changes don’t require approval. When LibreOffice was relicensed, IIRC they they had some cutoff regarding lines of code.
You can keep all the lines of those who didn’t accept to the change with the original license, it will end up as a bad mix, but it’s doable if the licenses are compatible
Pretty sure that with a permissive license you can just change the license of future versions as you want. Ex. v1 MIT license with thousanda.of contributors, v2 Commercial license with contributions from anyone who agrees to contribute to the new version and license. (Anyone can fork v1 and start their own licensed project)
They’re free to change the licence of future versions.
Why do you act like I don’t know that? The issue here is that once you realize that the license you chose does not reflect your intentions, the damage has likely already been done. From the article I linked:
I didn’t have the foresight to see this coming. I didn’t think people so lacked in the spirit of open source. I wanted to promote community contributions, not to have them monetized by other people who don’t even provide the source to their modifications. I wanted to grow the tools as a community, not have closed source forks of them overtake my own open source versions.
TIL openssh, xorg, apache, nginx, all of *bsds are cuck-licensed.
While GPL-licensed linux, used by every corp out there, is not.
but since it’s protected under the GPL, Busybox developers were able to sue them and gain some money in the process.
Don’t need to steal anything. Lots of today’s usage doesn’t involve giving a binary to the customer. Thus Google, FB and who else don’t have to share any of their internal changes to Linux.
this one?
I didn’t know there was a mailman living in my computer screen.
We are at risk
of losing many developers who would otherwise choose a license like the GPL. Fortunately, I’m glad to be surrounded by people, just like you, who care about licenses like GPL. By uploading this type of content and engaging with it, be show our commitment to it. I wish to suggest how we can deal with this threat.
We will lose developers who choose GPL if we use words that suggest GPL is “restrictive”. Sure, the word “restrictive” was avoided in this meme by using the word “copyleft”, but the cognitive jump from “permissive” to “restrictive” is minimal: just add an “opposite” and you’ve got “permissive is the opposite to restrictive”. It really is that simple. That’s how brain works (check out Relational Frame Theory to see how that works).
So what can we do about it?
Well, we can approach this with science. There is a historical global trend towards people being more meta-cognitive. That means that people are becoming more aware of how our thoughts interpret everyday reality and how to be intentional with our relationship with our thoughts so that we live better lives. We know this trend is happening to virtually everyone everywhere because of the work of brilliant sociologists like Anthony Giddens and Christian Welzel. Heck, even the history of psychology —going from noticing and changing behaviors (behaviorism) to noticing and changing behaviors and thoughts (cognitive-behaviorism), to noticing and changing the context and function of behaviors, thoughts, and emotions (functional contextualism)— reflects this trend.
We can use meta-cognition in our favor; we can use the meta-cognitive tool of framing to change how we think about GPL and MIT licenses. Effective communicators like influencers, political campaign experts, and influential activists use framing all the time. For example, instead of using the dangerous framing that suggests GPL is ‘restrictive’, we can use another one that truly displays the virtues of the license.
What would this other frame look like? I may not have a perfect answer, but here are some
ways of framing (thinking about) the relationship between licenses like GPL and MIT:
(ironically!!!, these were ‘suggested’ by an LLM; I wonder if these frames already existed)
- “Investment-Protecting Licenses” vs. “Investment-Risking Licenses” (as in developers invest by working on projects that they could (not) lose the ability to contribute to)
- “Community-Resource-Guarding Licenses” vs. “Exploitation-Vulnerable Licenses”
- “Give-and-Take Licenses” vs. “Take-and-Keep Licenses” ⭐
- “Freedom-Ensuring Licenses” vs. “Freedom-Risking Licenses” ⭐
- “Contribution-Rewarding Licenses” vs. “Contribution-Exploiting Licenses”
- “Open-Source-Preserving Licenses” vs. “Closed-Source-Enabling Licenses”
I’d be happy to hear what you think, including suggestions!
There’s a fair bit of bias in those terms, which make GPL seem like a ‘better’ choice than an unrestricted license like MIT.
The truth is, GPL is restrictive to developers. Copying just one line from a gpl-licensed project will automatically restrict you to using only gpl-compatible licenses. I’d prefer to advocate for LGPL and similar licenses, as they seem to offer a better tradeoff between user and developer freedom.There’s a fair bit of bias in the terms “restrictive” and “permissive”, which make MIT seem like a ‘better’ choice than a give-and-take license like GPL.
The truth is, MIT is risky for developers. Using just one line from an MIT-licensed project will automatically allow others to exploit your work without giving back. I’d prefer to advocate for balanced licenses that protect both user and developer interests.
Ha, maybe I should have licensed my comment.
You’re wrong though.
Using code from an MIT licensed project will not allow others to exploit your work. MIT is compatible with almost all other licenses, so you can incorporate the code without needing to relicense your project.
If you meant that choosing to license your entire project with MIT would allow others to exploit your work, then yes, that’s the whole point of the license.
For some small projects, I’m completely fine with throwing it out into the world with no expectation of anything in return.
If a company ends out using my 50-line file conversion tool in their commercial product, I see that as a bonus thing to put on my résumé.
GPLs “restrictions” are freedom preserving though. It only restricts developers from keeping dirivitive code proprietary. In order to violate the GPL you’d have to choose to use GPL code and then choose not to release your modified versions of it under a similar copyleft license. It may seem counterintuitive, but having those restrictions results in more software freedom overall - similar to the paradox of intolerance.
I’m not saying MIT or so called permissive licenses are bad, but the permissive/restrictive language is just as loaded as the OPs suggestions. Both styles are needed, but copyleft licenses are better at promoting software freedom.
Edit: I do agree with you that LGPL serves an important role in promoting free/libre software where it would otherwise would never be used.
Tannenbaum is fucking asshole. Isn’t he the idiot that told Torvalds “you certainly would have failed my class if you submitted your OS as a final project?”
The guy deserves no respect.
AI tools have turned them all into MIT licenses
Worse, public domain license, except you need to modify them a lot.
Since they’re being trained on GPL (and possibly leaked proprietary) codes, I have banned them from my codebases. I also banned AI art from asset usage on similar + ethical grounds.
AI scrapers don’t obey any license. They strip copyright information from all the code they take.
