Don't Be Evil Means Don't Be Evil
Mixing Open Source communities and corporate boardrooms is a lot like mixing nitroglycerin — done properly, it produces unmeasurable good, but make a wrong move and the results won't be pretty. Some companies, like Red Hat, are adept at successfully marrying the two, while other companies seem to spend more time than they should diving for the nearest bunker.
We here at the news-desk are fans of the near-omnipresent search giant that is Google, and we don't mind saying so. However, though we don't play much poker, we know a spade when we see one, and we're not afraid to call it when we do. One such spade comes in the form of events that played out over the past few weeks with regard to the company's Open Source darling, Android.
Android has been an amazing success for Google, with a whole cadre of phones boasting it inside, and even the rocketing netbook market getting in on the game. The platform has not been without its faults, however, both with the software itself and perhaps more serious, with the company behind it.
Google's first major Android faux pas to come to light turned up last July, while the $10,000,000 Android Challenge was underway. In a move pulled straight from a sitcom script, Developer Advocate David McLaughlin accidentally alerted the world that the company was holding out on the community, providing up-to-date software development kits to contest participants while leaving Open Source developers in the lurch.
That revelation alone was enough to raise torches and pitchforks on the horizon, but that wasn't all. Google didn't just fail to hand out the goods to everyone in the class — they called in the gLaw team to have a go at it, using Non-Disclosure Agreements to keep the kits under wraps. As anyone who has been involved with the Open Source community for more than a few minutes can attest, legal teams aren't particularly popular. Those carting silencers, like NDAs, may find themselves tarred and feathered.
Silencer is a good term for it, as silence was Google's only response, including when two hundred developers petitioned for answers. The company — or at least, one of its minions — eventually spoke, but by all appearances not before consulting anyone with any knowledge of the Open Source world. The twenty-six word response read:
We appreciate the enthusiasm of our developers and we're excited that you're so passionate about the Android platform. Thanks for taking the time to send this.
To their credit, the company was smart enough to release an updated development kit shortly thereafter, along with plans for the future. The past several weeks, however, would suggest that a lesson was not among the things Google took away from the incident.
Enter Cyanogen — Steve Kondik — the developer behind an optimized Android fork known as CyanogenMod. CyanogenMod is built to offer rock-solid reliability and high performance — it also included several of Google's Android applications, including Google Talk, YouTube, and Gmail, among others. We say "included" because it doesn't any longer, thanks to another appearance from gLaw.
What did the besuited and briefcased bearers of the big stick want with Mr. Kondik? Why, to serve him with a Cease and Desist Order, of course.
If those bearing Non-Disclosure Agreements are likely to be tarred and feathered, anyone caught serving a Cease and Desist Order in the Open Source world should prepare to be bound, coated in honey, and left in the general vicinity of a colony of angry fire ants. Suffice it to say, they will not be popular, and Google's Gucci-clad goons are no exception.
CyanogenMod found itself on the wrong end of Google's heavy hand because, though Android is Open Source, the Google applications in question are not. There are ten thousand arguments to be made over the evils of closed-source applications, but what we can't dispute is that the apps in question were not free for use, and Google had legal grounds for preventing their distribution. Few of us would argue against protecting the proper use of one's software, open or closed — after all, that's the whole point behind software licensing. (For example, enforcing the requirement to distribute source code when the license requires it.) The Software Freedom Law Center keeps itself busy doing just that, and have had impressive success at forcing even the largest companies to play by the rules.
So then, what raises the reminders to "Don't Be Evil"? While we can't dispute that the grounds were there, or the virtue of doing so, the way one goes about protecting one's software is key, especially when the "one" in question is a multi-billion dollar corporation. The evil at hand isn't open vs. closed, nor is it legal distribution — the evil here is delivering messages by tank, and in the process cutting off your nose to spite your face.
When someone is dedicated enough to "your" Open Source software to want make it better, and to do it freely for the benefit of the people you're supposed to be so committed to providing benefits to, use a little discretion. While you're at it, do it before you have to offer half-hearted exhortations on your love for Open Source.
Tap the person on the shoulder and say "Hey, do you know you really shouldn't be distributing those?" Take ten minutes to figure out that leading with lawyers is both overkill and one of the worst sins you can commit in this community. If you're going to claim a commitment to openness, try to learn how it works, and think a little before sending a street gang to beat down people who, if anything, are a bit too enthusiastic about being open.
Above all, get a clue. That's not how this team plays.
Justin Ryan is a Contributing Editor for Linux Journal.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- RSS Feeds
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- May 2016 Issue of Linux Journal
- Why Python?
- PHP Performance Profiling
- Introduction to Named Pipes
- Boot with GRUB
- IPv4 Anycast with Linux and Quagga
- Validating an IP Address in a Bash Script
- Tech Tip: Send an Email Alert When Your Disk Space Gets Low
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide