Open Source and Open Crooks

As an Open Source consultant and evangelist, I’m sometimes amazed at the sheer GPL violations companies do, in the persuit of an exit. First of all, let us understand that general aspects of utilizing a GPL product:

  1. You are FREE to download, use and modify any given source code.
  2. In case you re-distribute your modified code, one of the following MUST apply:
    • You must re-distribute your code in source form to your customer, and/or
    • You must contribute your modifications to the main source code of the project, and/or
    • You must obtain a proper license/permission from the original author of the open-source code you are using.

These are more or less the basics, in lamen’s terms – without getting into the legal stuff that is usually some acustomed to these issues. So, in general, the basic limitations about using Open Source in a commercial products are mainly related to re-distribution. Modifications for personal-commercial usage (as long as no-distribution is performed) is permitted.

My work mainly involves the Asterisk Open Source PBX project. The world PBX market is a multi-billion dollar market, thus, for a company to infringe on the Asterisk GPL code may be a highly lucrative violation.

I’ve recently learned that 4 different comanies in Israel, all operating within the office PBX market, are violating the Asterisk GPL code. One company had embedded Asterisk as an auto-attendant and voicemail, while another had embedded it as a smart call-routing engine. Now, in general, if they would have used Asterisk as-is, that wouldn’t have been a problem. However, they had performed modifications to the Zaptel drivers, to work with their proprietary cards, they had modified the Asterisk code to work with various processors (mainly ARM) – and when asked for the modified code, their immediate claim would be: “Sorry, that is proprietary information”.

My main concern here is different, as companies will always be companies. All these modifications are performed by Open Source consultants and evangelists. Question be asked, why would an Open Source aware consultant enable this? the answer is simple, he needs to EAT! For the sake of making a living, sometimes (usually most of the times), a consultant will put aside his belives and idiology and will perform a violation knowingly. He would usually explain the violation to the customer, in such a way, that makes him feel good about himself and will pass the responsibility to the customer.

While the above may pass the responsibility to the customer, the consultant is as guilty (from my POV) as the customer. A consultant permitting the violation of GPL code can’t be considered a true Open Source conultant and Evangelist. Open Source is not only a way to earn some money, it is a way of life and a methodology of behavior – if one truely believes in it, one should stick to it all the time. If you know that a project you are about to take is a GPL violation, you should do the following:

  1. Don’t accept the project, till the customer had given you a written proof that they are aware of the GPL violation, and their commitment to contact the original authors to obtain a proper license to the code.
  2. Don’t accept the project, till the customer had given you a written proof that they are aware of the GPL violation, and their commitment to release the modified version of the code to the public or to the up-stream project.
  3. Don’t accept the project, till the customer had given you a written proof that they will re-distibute the modified source code to their customer.

┬áIf one of the above is not met, simply DON’T TAKE THE PROJECT!