In my post yesterday on the Open Web I referenced an article by Matt Assay of CNet entitled Facebook adopts the CPAL poison pill. This morning Dare Obasanjo (glad he's back to blogging!) shared his thoughts on this CNet article articulating how Matt's premise around the advertising clause is "pretty ridiculous".

To me it isn't about the "advertising clause" but rather around how the CPAL defines "External Distribution" in section 15. Using fbOpen as an example, what the CPAL states is that just running fbOpen on a public network is a form of Distribution which invokes the "Application of License" and "Availability of Source Code" clauses in sections 3.1 and 3.2 respectively. This means that if you run fbOpen and make any modifications, such as to change it to interact with your infrastructure instead of Facebook's, you'd have to redistribute those changes. I'm all for Open Source, but why should I have to expose how my infrastructure is configured if I want to use fbOpen in production?

Obviously there are ways around this such as spending time to abstract the code away from Facebook's data model, but then if you want it to be included in future fbOpen releases you have to assign ownership of your contribution(s) to Facebook (http://developers.facebook.com/fbopen/contribute.pdf). While this certainly isn't abnormal, MySQL has a similar clause though the Apache Software Foundation does not require assignment of copyright anymore, Facebook takes it a bit further than most:

In consideration for the potential inclusion of the Contribution in a Facebook product and receipt of Facebook branded apparel in the event of such inclusion, and for the receipt of the license back to Contributor set forth in Section 4 below, Contributor hereby irrevocably and exclusively grants, assigns and transfers to Facebook, its successors, assigns and nominees, all right, title and interest worldwide in and to the Contribution and all works of authorship and inventions embodied therein, including without limitation all intellectual property rights, including, but not limited to, copyrights, patents, trademarks, trade secrets and moral rights in the Contribution. Contributor agrees that this assignment may be submitted by Facebook to obtain patents, mask work registrations, copyright registrations and otherwise to protect Facebook’s ownership in the Contribution and any and all related inventions and works of authorship in any country.

Is it not a bit ironic to have Facebook choose a license which requires you make available your modifications just by running the code publicly yet want you to irrevocably and exclusively grant, assign, and transfer just about all of your rights to Facebook? How is that Open Source at all?

While I might disagree with the reason Matt Asay chose as the "poison pill", I am unfortunately having a hard time believing fbOpen was released in such a way as to encourage third party usage in production environments. That said, I do hope that they'll reach out to the community for help in the future to get "open" right; it isn't an easy thing to do as DeWitt Clinton reminded me of via Twitter.

Cool blog post that talks about ways to contribute to FOSS projects doing things other than coding.

read more | digg story

Was on a panel at OSCON today along with Danese Cooper (moderating), Mitchell Baker, Geir Magnusson, Tim O'Reilly, and Susan Wu.

This year has seen several high-profile acquisitions of FOSS codebases involving some very wealthy companies, including IBM (Gluecode), Oracle (Zend & SleepyCat), and RedHat (JBoss), and of course Web 2.0 companies bought FOSS too, such as SixApart (LiveJournal) and Yahoo! (Flickr, del.icio.us). At the same time some of the largest FOSS communities, including Kernel.org, Apache, and Mozilla, have found themselves contemplating changes in response to the pressures of success. Can open source be conquered by buy-out? What does it mean to buy a FOSS community? How do we keep the "free" and "open" in FOSS?

Junior summarized a lot of it, including a rough quote from me when Danese asked me what I think Open Source hackers should do after being acquired.  I've modified the quote a little below to more represent what I said:

Don't lose the hacker mentality.  Continue doing cool stuff, and continue innovating.  Don't give up, if you really believe you need to represent something, take the chances and take the risk.  Preserve the ideals.  It's not just about cultures meshing, it's about the ideals too.  If you don't represent your ideals in the corporate culture, you're doing a disservice to the Open Source movement and the community you have developed.

My basic point was that no matter if the cultures match perfectly in an acquisition, it has to be more than that in order for it to truly be a successful acquisition.

$5,000 USD will be donated to the first ten software projects that meet the requirements of the OpenID Code Bounty program. Currently the bounty is being sponsored by VeriSign, JanRain, Cordance, ooTao, Four Kitchen Studios, Zooomr, claimID, NetMesh, SXIP, Opinity, and Six Apart.

read more | digg story