Open Source Exploitation

Elastic Search NV, the company behind Elastic Search and its companion product Kibana changed its license from Apache 2.0 (fully open source) to a Server Side Public License (SSPL) and the Elastic License in 2021.

SSPL is often described as a ‘faux open source’ license and the Elastic License dictated that its software is limited in the following ways:

You may not provide the software to third parties as a hosted or managed service, where the service provides users with access to any substantial set of the features or functionality of the software.

You may not move, change, disable, or circumvent the license key functionality in the software, and you may not remove or obscure any functionality in the software that is protected by the license key. – via Elastic License

This change was done because Amazon was selling their open-source software as a service (SAAS) and not “sharing in the revenues.”

This happens quite a bit with the open-source world if what you and your team create is really good. You and your creators push out the software, it gets adopted all over the place, and you start getting support questions. So you start selling enterprise support but only a handful of people pay for it.

The reality is that giant organizations exploit your kindness, take your work, bundle it into a platform or other software, and then sell it to people, and never pay you for support. If there’s a bug in the software they’ll ask you to fix it for free first.

So what happened when Elastic Search changed its license? All hell broke loose for a while.

CEO Shay Banon was asked about what to expect and his response was great:

“we totally expected it to happen,” Banon said — but Elastic had already bolstered its commercial offering to protect it against any future open source kerfuffles. – via VentureBeat

Amazon forked the repo and said they’re going to build their own version of Elastic Search and called it Open Search. Some Elastic Search users did not make the move either and forked the repository too. There was even discussion amongst the group of companies on how to “co-develop” this going forward.

Other users of the ElasticSearch ecosystem, including Logz.io, CrateDB and Aiven, also committed to the need for a fork, leading to discussion of how to coordinate the open source efforts – via Wikipedia

This cracks me up but makes me mad at the same time. Here are the same companies that relied on Elastic Search and have been exploiting that software for free and the countless hours that software developers put in, now scrambling to push off the development costs a “consortium.”

LOL. That’s all I have to say.

Here’s the simple thing, Open Source is not free. If you’re a multi-billion company and use open source technology in your products or offer a service with it, you should pay. You should buy Enterprise Support or you should provide royalties or some other agreed-upon compensation for everyone’s hard work.

Corporations have gotten used to exploiting many powerful open source products and not giving back anything to the community or those developers. The nickel and dime you to death and then expect you to fix bugs for free, as the lead developer of the Apache PLC4X project explains:

As a last attempt to keep the lights on, I am switching the mode I am providing support for PLC4X: I am no longer implementing features users might need, I am no longer instantly fixing bugs for free. Especially I will not invest my private money to buy expensive hardware in order to implement or fix stuff I am then giving away for free. – via Github

The moment you stand up and say, “what a minute, this isn’t fair, I’m being exploited” the exploiters throw a hissy fit, grab their ball and go home.

Here’s what I say, feel free to fork it. Feel free to build whatever “consortium” you want, but it’s going to be a futile effort. You won’t be able to use the original name in your forked product or service, so you won’t get brand recognition. You won’t have an in-depth understanding of the codebase or the years of experience that the developers, maintainers, and makers have.

Don’t void the social contract that is open source, if you get value from it then put money into the pot.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: