SAN FRANCISCO — Optimists say the best things in life are free; realists say yes, but anything that’s free costs way too much. Nowhere is that more applicable than in open source (define) software.
Enterprises using open source are being sued for not complying with the multitude of licenses the software comes with.
The problem is that open source software developers call in code from other open source applications. “If you’re using only a few open software packages, you’re actually using a whole lot more applications because open software builds on things other people have done,” Stormy Peters, executive director of the Gnome Foundation, a nonprofit organization that coordinates the efforts of the Gnome Project, said during a presentation on avoiding open source lawsuits. The Gnome Project is a worldwide project to create a free computing platform for public use.
For example, a project using Ant, MySQL and MSQL Server Connector, AspectJ and the Spring Framework would “really use over 90 different open software packages, each of which has its own license,” Peters said. “The problem is that it’s difficult to find out what other software open software depends on.”
Peters made her presentation at the Next Generation Data Center and LinuxWorld conferences.
Enterprises are more at risk of lawsuits than they think. According to Peters, companies report an average of 94 open sources in use, but actual inventory scans show they actually have from three to 10 times more packages in the environment, which is “a risk, logistically and legally, right off the bat.”
Corporations can face lawsuits for a multitude of reasons. They can be sued for intellectual property infringement, which is violation of patent, trademark, copyright or trade secrets, Peters said. Or they could be sued for noncompliance with the terms of a license.
The problem is complicated by the fact that two levels of licenses govern open source software. At the general level, several general licenses are over and above the licenses.