Shlomif's Technical Posts Community - Why I Don’t Trust Non-Open Source Software [entries|archive|friends|userinfo]
Shlomif's Technical Posts Community

[ userinfo | livejournal userinfo ]
[ archive | journal archive ]

[Links:| Shlomi Fish's Homepage Main Journal Homesite Blog Planet Linux-IL Amir Aharoni in Unicode open dot dot dot ]

Why I Don’t Trust Non-Open Source Software [Nov. 19th, 2012|12:34 pm]
Previous Entry Share Next Entry


[Tags|, ]
[Current Location |Home]
[Current Mood |happyhappy]
[Current Music |Alanis Morisette - Ironic]

Today I’m going to explain in a dedicated entry, why I do not trust programs that are not Free and open-source software (FOSS) and instead are more restricted. I have previously told that story as part of a different essay, but it was easy to miss.

In any case, the BitKeeper version control system is now quite obscure, due to the advent of quality distributed open-source systems such as Git and Mercurial, but some years ago it was used by many developers of the Linux kernel, and the demise of its gratis version was in fact the impetus for the creation of Git, and later Mercurial. Some time, before Linus Torvalds adopted it, I ran into a limitation of CVS, an open-source version control system, that was then popular, and was looking for an alternative, and after reading an out-of-date article about BitKeeper (which said its source was available under a mostly open source licence), decided to use it and its service.

At first, I was quite happy using it for some of my projects, but then I posted a question to the mailing list, asking where I can find the source, which was implied to be available on the BitKeeper site. Larry McVoy (BitKeeper's main creator and maintainer) answered by saying that they decided for removing the source code, because some users modified it to remove the restrictions, and allowed them to abuse the licensing of the gratis version and prevent them from paying for the commercial version. He also noted that availability of source, meant that, in practice, your software was Public Domain, and that they provide the sources for people they can trust, in private.

At that point, I figured out that I don't have an immediate need for the source, and that perhaps in the future, I can win BitMover (= BitKeeper’s parent company) trust and gain access to it. So I continued using BitKeeper.

That changed, however, when Mr. McVoy announced a licence change to BitKeeper (while requiring all users of the gratis version to upgrade) that I found unacceptable, and caused me to seek a different alternative. This caused an unpleasant exchange between me and the BitKeeper developers, and made me lose some of the repositories I hosted on

From that moment on, I realised that I cannot really trust non-open-source software, because even if I am allowed to continue to use its previous version after a licence change, then it may accumulate bugs or stop being runnable on my systems, or stop being supported, and I cannot risk it. To quote Richard Stallman: “Every non-free [= non-FOSS] program has a lord, a master — and if you use the program, he is your master”.

The end of the BitKeeper story, was that after evaluating a few open-source alternatives, I settled on using the open-source Subversion, and later on also started using Mercurial and Git. Furthermore, from then on, I often refused to look at and evaluate proprietary programs. Lately, many open-source developers have been infatuated with Sublime Text, but I am not willing to even try it, because it is not open-source, so I will never have to depend on it.

Despite all that, I still license my original software under non-Copyleft licences, because the GPLv2 and the GPLv3 are incompatible, both with one another, and with many other open-source licences, and because I know of at least three different interpretations to the GPL ( GNU’s one in the GPL FAQ, the Linux kernel's one, and the draconian Nmap interpretation), and because I want my code to be of the maximal available use without the need to consult a lawyer, and because I don't want to be worried about how it will possibly be abused, when I don't care if it will. I'm still using GPLed software, in the hope that I won't get sued.

To sum up, I do not wish to rely on non-FOSS, because it may mean these software applications later becomes unavailable to me, in a similar manner to what was the case with BitKeeper. I hope you can relate to that, and if not, you may likely run into a similar situation in the future, as well also the case for the Linux kernel project, with the demise of the gratis BitKeeper altogether.