FOSSBazaar Attacks Open Source Licensing Fears

Who’s afraid of open source?

According to the open source industry group FOSSBazaar, there are plenty of organizations that view using the software as risky. But the group maintains that concerns about open source stem from often poorly understood legal issues that could be overcome with some education.

FOSSBazaar, an HP-led Linux Foundation working group, is tasked with working to replace fear of open source with knowledge and best practices.

“The idea is to explain that open source is not the same as commercial software, but it’s not unbounded risk either, ” Philip Robb, general manager of, told “With some policies and processes in place, consuming open source can be a pretty straightforward thing.”

The group’s goal is to improve adoption of open source software, which is already enjoying success in making inroads into the overall software marketplace.

Despite open source’s growth, there remains a good deal of uncertainty and confusion, and there are a lot of different aspects for an enterprise to consider as it weighs adopting open source software. For instance, Robb said that with open source, there are 60 approved licenses and numerous support options.

“My observation is that the barrier is that with great choice comes added complexity,” Robb said.

This year in particular, there have been high profile legal cases that may have also helped to sow seeds of doubt about open source. In March, the Software Freedom Law Center (SFLC) settled a case with one of Verizon’s suppliers related to open source software in a wireless router shipped by the telecom giant.

In that case, the supplier and Verizon did not properly comply with the terms of the included software’s open source license. Robb argued that the Verizon case could have been avoided entirely, if those involved had been better educated in using open source.

“When splashy headlines come up about Verizon, the uninformed can think very negative things about open source and have this fear,” Robb said. “But you just have to recognize how it’s different. Avoiding open source is probably going to be a competitive detriment to your organization so you should just try and stay informed.”

Robb added that cases like Verizon are indications of the immaturity and newness of everything around open source adoption. In his view, the best way to help both suppliers and consumers is to continue to document best practices — an effort in which FOSSBazaar is actively engaged.

Having its work cut out for it

HP launched the effort in January. Since then, FOSSBazaar has been active this year expanding its membership and its resources, according to Robb, who also serves as director of HP’s open source programs office in the company’s enterprise servers and storage group.

One issue FOSSBazaar aims to tackle revolves around license identification. Robb argued that there is currently no standard approach among open source applications for where the license is placed.

“Why isn’t there a documented place for the license so you don’t have to write tools to find it?” he asked. “It’s just another needed incremental improvement in how open source is developed, how it’s consumed and used.”

Another way that FOSSBazaar is aiming to tackle the complexities in open source licensing has been working on a license anomaly page. There, various licenses and applications can be documented and explained, with an eye to helping open source stakeholders and would-be users understand the nuances of working with different licenses and software.

“We just document applications, with pieces of open source software, that are different — not necessarily good or evil, but just different,” Robb said.

Those differences could be a developer’s own interpretation of a license, which causes it to differ from common usages. In such cases, Robb argued that the intent of the copyright holder is the key thing: “The license is an attempt to codify the usage requirements for a piece of software, but it always boils down to what was intent of the copyright holder.”

Success for FOSSBazaar means raising the level of awareness around open source’s adoption and usage issues, as well as identifying any rough spots for potential enterprise users. If FOSSBazaar is truly successful, it could be the catalyst that drives further adoption of open source, Robb said.

“The ultimate metric is when open source is just considered mainstream and a typical part of the IT framework that is used by all organization to solve their companies’ problems.”

News Around the Web