GPL's cloudy future
One of the things about getting older is that you learn to ignore things until you have to do something about them. It's a learned efficiency, I suppose, rationing your increasingly precious time out to the unceasing demands upon it. I finally realized I have to do some serious thinking about cloud computing.
"Hang on a minute, don't you work at Google ?" I hear you say. Well, yes, but in my defense many of the people who work at Google don't have anything to do with cloud computing. Some of us have to keep the conference rooms clean, write Open Source/Free Software, things of that nature.
But several recent events have stirred my aging brain into action. These events included the departures of two of my colleagues, who were leaving their current, extremely stable employment to join increasingly risky cloud computing startups. That's not so strange here in Silicon Valley. I remember some wacky people leaving nice safe enterprise computing jobs to go do something strange with "Web 2.0" startups, and look how that turned out. One of them drives a Ferrari now (but he always was a bit of a show-off). The third event was from a rather more unlikely source, the Free Software Foundation's (FSF) annual General Meeting, LibrePlanet, held in Boston.
I was fortunate enough to get invited to give a keynote there, as a sort of comic relief whilst people were waiting for Richard Stallman (the founder of the FSF) to turn up and articulate the state of the Free Software universe. I was in the middle of my talk, "The Elephant in the Room: Microsoft and Free Software", busily pontificating about Microsoft's nefarious plans for dominating the Web and software as a service, when I got heckled.
It wasn't any ordinary heckler either. It was Bradley Kuhn, the former executive director of the Free Software Foundation. Fixing me with a steely glare, he said "So doesn't this mean that the GPL is the new BSD license and that Google is the new Microsoft ?" I must confess I was a little non-plussed.
I'll answer the second charge first, then explain the first. Without speaking on Google's behalf, my opinion is that companies, however large they become, tend to keep the character of their founders so long as the founders are still there. Google is still led by a couple of computing science graduates from Stanford University and one of the old school Sun Microsystems executives. Whilst they are around I have no fears of looking in the mirror and seeing a hazy reflection of Clippy the talking paperclip. Oddly enough, there is finally hope of change at Microsoft for exactly the same reason.
So what did Bradley mean by "GPL being the new BSD" ? The GNU General Public License (or GPL) is the most popular Free Software license. It's a reciprocal or "copyleft" license in that in order to be allowed the right to redistribute the software (normally forbidden under copyright law) the distributor has to agree to make the source code available to the recipient under exactly the same terms. In other words, share and share alike. The main point of the GPL license is it is impossible to use it to create proprietary software. It's deliberately designed that way by a man who views proprietary software as immoral. The Berkeley Software Distribution, or BSD license, is a much simpler document. Essentially it allows anyone to use the code without restriction, so long as the copyright notice and disclaimers of warranty are preserved. The main difference between the two is that BSD licensed code is freely used in proprietary software (Apple's proprietary MacOS X is based on BSD code), whereas the GPL is designed to ensure all derivative works remain Free Software.
But the fatal flaw in the GPL is that the reciprocal clause is only triggered by the act of redistribution. This works well in the world of traditional software, where in order to use a program it must be directly distributed to the recipient. Under the GPL, that person then inherits the same rights to the software source code as the distributor had. But now consider the strange new world of cloud computing, and software as a service. The way software works in this world is completely different. Most of the complex logic and the actual programs themselves live as software only running within server farms, communicating solely by network requests sent from a client Web browser via downloaded Javascript programs.
There is no "distribution" here, so the reciprocal clause of the GPL is never triggered. In such a world, service providers can use GPL-licensed code in proprietary back-end server farms with impunity. This seems contrary to the spirit of the authors of much of the GPL-licensed code used in this way, although it strictly complies with the license. It means that, as Bradley warned, GPL code can be used in the cloud computing market in exactly the same way as BSD code can be used in the traditional software market.
So what can be done to fix this ? Should anything be done to fix this ? After all, traditionally distributed software is still the majority of software used in the world, so why worry ? The FSF think they have the answer, and so in conjunction with Affero, they created the Affero GPL license (AGPL). Affero is a company who writes network software used in the software as a service world and who firmly believes in the concept of software freedom as espoused by the FSF. The result was this creation of a variant of the GPL to cover this important new threat to Free Software. The current AGPL is a version of the GPL version 3 (the current standard GPL version), with one important addition:
"..if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software."
In other words, when you interact with this software running as a service in the cloud, you must be able to get the source code, just as you would when receiving a normally distributed GPL licensed program.
For network services running in a cloud, this brings back the fairness provision that the original GPL intended, and returns the freedom that Free Software promises to all users and developers.
Currently the AGPL is a minority license as compared to the GPL. Not much Free Software is currently written directly to serve cloud computing network services.
But cloud computing is going to change the industry in as profound a way as client server did in the late 1980s and 1990s. The ability to easily provision and scale up software services based on the Free Software LAMP stack (Linux / Apache / MySQL /PHP or Perl or Python) or more modern fare such as the open source Java software framework Hadoop is going to massively change the way software is developed. Of course at my day job, it already has for many of the engineers.
Even old fogies like me are going to have to learn some new tricks in this world. Free Software is going to have to adopt as well. I still have lots of Samba code to write first (no, Samba isn't a finished product yet), but if I ever work on cloud computing code, I'd like to see it under the AGPL, in order to preserve the freedoms I've been able to enjoy in conventional software development these many years. Without the AGPL, our freedoms will depend on the kindness of strangers donating their modifications to our code back to us, as they did in the days before the GPL license and the FSF was born.
The LibrePlanet conference also had some very interesting sessions on Free Software Web services, run by the people behind http://identi.ca and http://autonomo.us/. Check them out to learn more about Free Software network services and cloud computing.