This is not strictly security related, but I just had to write a few words about that OSI article. Rest assured that you will get some security news very soon, I found half a dozen new vulnerabilities in Safari for both Windows and OS X :)

Over at Michael Tiemann, the president of the Open Source Initiative, has written an article about the apparent misuse of the term open source. He has declared that they (OSI) want to slam down on any vendor who claims to be open source but does not use “an OSI-approved license”. In his own words:

“Enough is enough. Open Source has grown up. Now it is time for us to stand up. I believe that when we do, the vendors who ignore our norms will suddenly recognize that they really do need to make a choice: to label their software correctly and honestly, or to license it with an OSI-approved license that matches their open source label.”

I generally applaud the Open Source Initiative for their dedication in promoting open source software, but the entire premise of this article does not ring true for me. This is my public comment to Michael Tiemann, originally posted as a comment to his article.

Who made you king?

OSI does not have a trademark on the phrase Open Source, whether it is spelled with capital or small letters. As such, there is no legal basis for you to dictate how that phrase should be interpreted, applied and/or marketed. You have no basis for defining or approving what constitutes an open source license, except through your name, public support and dedication.

The term “open source” is in itself simply used to describe software where the source code is available to the public and/or end user. That’s a very popular interpretation and carries no other notions about the license model under which the software has been released or how that source code might eventually be used.

I will continue to release software and continue to label it as being open source, because that is precisely what it is. The source code is available for you to read. On top of that, my license might specify that you can only use my software if you telephone me and tell me a joke. My software would still be open source, even with such an absurd license.

However, my software would not be Free Software, and Richard Stallman or the Free Software Foundation would surely shake their heads in disbelief at my license; But if you contacted me and demanded that I remove the words “open source” from my marketing material I would have a dazed and confused look on my face before my shoulders would shrug and I would go for a pint.

I applaud your work and dedication, but they do not give you any basis on which to be the king of how generic words should be interpreted.

Thor Larholm