OFBiz Licensing

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

OFBiz Licensing

mcat
Hi All,
I'm having difficulty understanding the Apache license which is applied to OFBiz. I'm a system integrator and one of my clients has a CRM solution based on OFBiz, which was customised by a third party. This third party charged ALOT of money ($50k+) to develop these customisations, and is charging extortive rates to do any kind of work on the software, including bug fixes in the areas they customised.

My client wants to use someone else to continue work on developing OFBiz for numerous reasons. The developer is witholding source code, saying that it belongs to them, and that any further work on the system must be done through them. My argument was they took someone elses code and passed it off as their own for profit (They never told the client it was OFBiz, and gave no credit to Apache).

By my understanding of Open Source, Free Software, etc. etc., I thought that it was wrong to take software licensed under FSF/Apache licenses, then make a few changes, and do a binary-only sale to a customer, prohibiting them from making changes as they see fit. Kind of defeats the purpose in my mind, i.e. Free as in Freedom, and all that jazz.

Is a developer, in this circumstance, required to provide the source code for the OFBiz customisations, along with binaries to the end-user? Are they exploiting the free software philosophy and breaching the license, or have I got it all wrong?

Or am I asking this question in the wrong place....
Really appreciate any input on this. Thanks!
Reply | Threaded
Open this post in threaded view
|

Re: OFBiz Licensing

BJ Freeman
ofbiz is not GPL it does not require you to give credit to ofbiz or even
mention ofbiz. It does not require you feed you code back to the project.

The developer has a right to their code. It is up to th developer to
determine if they want to share their code once the cost of the software
is amortized. They don't have to.

Depending on the customization, the price could be $50K but that is a
lot of customization.

BTW I do the same, expect once the code is amortized, I release it to
open source. At my rate of $75/hour a man week of coding and testing is
about $4,500.

I do provide support of bug fixes for free.




mcat sent the following on 6/14/2009 7:49 PM:

> Hi All,
> I'm having difficulty understanding the Apache license which is applied to
> OFBiz. I'm a system integrator and one of my clients has a CRM solution
> based on OFBiz, which was customised by a third party. This third party
> charged ALOT of money ($50k+) to develop these customisations, and is
> charging extortive rates to do any kind of work on the software, including
> bug fixes in the areas they customised.
>
> My client wants to use someone else to continue work on developing OFBiz for
> numerous reasons. The developer is witholding source code, saying that it
> belongs to them, and that any further work on the system must be done
> through them. My argument was they took someone elses code and passed it off
> as their own for profit (They never told the client it was OFBiz, and gave
> no credit to Apache).
>
> By my understanding of Open Source, Free Software, etc. etc., I thought that
> it was wrong to take software licensed under FSF/Apache licenses, then make
> a few changes, and do a binary-only sale to a customer, prohibiting them
> from making changes as they see fit. Kind of defeats the purpose in my mind,
> i.e. Free as in Freedom, and all that jazz.
>
> Is a developer, in this circumstance, required to provide the source code
> for the OFBiz customisations, along with binaries to the end-user? Are they
> exploiting the free software philosophy and breaching the license, or have I
> got it all wrong?
>
> Or am I asking this question in the wrong place....
> Really appreciate any input on this. Thanks!

--
BJ Freeman
http://www.businessesnetwork.com/automation
http://bjfreeman.elance.com
http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro
Systems Integrator.

Reply | Threaded
Open this post in threaded view
|

Re: OFBiz Licensing

Scott Gray-2
In reply to this post by mcat
This may help:
http://apache.org/foundation/licence-FAQ.html#WhatDoesItMEAN

Assuming the third party owns the customizations then they are free to license it however they like.  I would get a lawyer involved to help find out who does actually own the code that was written.

Regards
Scott

HotWax Media
http://www.hotwaxmedia.com
801.657.2909

----- Original Message -----
From: "mcat" <[hidden email]>
To: [hidden email]
Sent: Monday, June 15, 2009 12:49:06 PM (GMT+1000) Auto-Detected
Subject: OFBiz Licensing


Hi All,
I'm having difficulty understanding the Apache license which is applied to
OFBiz. I'm a system integrator and one of my clients has a CRM solution
based on OFBiz, which was customised by a third party. This third party
charged ALOT of money ($50k+) to develop these customisations, and is
charging extortive rates to do any kind of work on the software, including
bug fixes in the areas they customised.

My client wants to use someone else to continue work on developing OFBiz for
numerous reasons. The developer is witholding source code, saying that it
belongs to them, and that any further work on the system must be done
through them. My argument was they took someone elses code and passed it off
as their own for profit (They never told the client it was OFBiz, and gave
no credit to Apache).

By my understanding of Open Source, Free Software, etc. etc., I thought that
it was wrong to take software licensed under FSF/Apache licenses, then make
a few changes, and do a binary-only sale to a customer, prohibiting them
from making changes as they see fit. Kind of defeats the purpose in my mind,
i.e. Free as in Freedom, and all that jazz.

Is a developer, in this circumstance, required to provide the source code
for the OFBiz customisations, along with binaries to the end-user? Are they
exploiting the free software philosophy and breaching the license, or have I
got it all wrong?

Or am I asking this question in the wrong place....
Really appreciate any input on this. Thanks!
--
View this message in context: http://www.nabble.com/OFBiz-Licensing-tp24028119p24028119.html
Sent from the OFBiz - User mailing list archive at Nabble.com.

Reply | Threaded
Open this post in threaded view
|

Re: OFBiz Licensing

BJ Freeman
In reply to this post by mcat
good point Scott.
Most software commissioned and paid for by the client give the client
rights. Depending on the contract wording. this should be looked at by a
lawyer as Scott recommends. However if the software provider is in
another country, there may be little recourse.

Scott Gray sent the following on 6/14/2009 8:14 PM:

> This may help:
> http://apache.org/foundation/licence-FAQ.html#WhatDoesItMEAN
>
> Assuming the third party owns the customizations then they are free to license it however they like.  I would get a lawyer involved to help find out who does actually own the code that was written.
>
> Regards
> Scott
>
> HotWax Media
> http://www.hotwaxmedia.com
> 801.657.2909
>
> ----- Original Message -----
> From: "mcat" <[hidden email]>
> To: [hidden email]
> Sent: Monday, June 15, 2009 12:49:06 PM (GMT+1000) Auto-Detected
> Subject: OFBiz Licensing
>
>
> Hi All,
> I'm having difficulty understanding the Apache license which is applied to
> OFBiz. I'm a system integrator and one of my clients has a CRM solution
> based on OFBiz, which was customised by a third party. This third party
> charged ALOT of money ($50k+) to develop these customisations, and is
> charging extortive rates to do any kind of work on the software, including
> bug fixes in the areas they customised.
>
> My client wants to use someone else to continue work on developing OFBiz for
> numerous reasons. The developer is witholding source code, saying that it
> belongs to them, and that any further work on the system must be done
> through them. My argument was they took someone elses code and passed it off
> as their own for profit (They never told the client it was OFBiz, and gave
> no credit to Apache).
>
> By my understanding of Open Source, Free Software, etc. etc., I thought that
> it was wrong to take software licensed under FSF/Apache licenses, then make
> a few changes, and do a binary-only sale to a customer, prohibiting them
> from making changes as they see fit. Kind of defeats the purpose in my mind,
> i.e. Free as in Freedom, and all that jazz.
>
> Is a developer, in this circumstance, required to provide the source code
> for the OFBiz customisations, along with binaries to the end-user? Are they
> exploiting the free software philosophy and breaching the license, or have I
> got it all wrong?
>
> Or am I asking this question in the wrong place....
> Really appreciate any input on this. Thanks!

--
BJ Freeman
http://www.businessesnetwork.com/automation
http://bjfreeman.elance.com
http://www.linkedin.com/profile?viewProfile=&key=1237480&locale=en_US&trk=tab_pro
Systems Integrator.

Reply | Threaded
Open this post in threaded view
|

Re: OFBiz Licensing

David E. Jones-2
In reply to this post by mcat

It's really unfortunate that your client is getting locked in by a  
service provider. While that is very common in the commercial software  
world, it is not as common in the open source world. However, there is  
nothing in any open source license that can do anything about that and  
it certainly happens sometimes.

With the Apache/BSD/MIT/etc style license changes to the source code  
are usually not encumbered at all, or are encumbered very little. In  
other words, people who change or extend the code can pretty much do  
whatever they want with their changes or extensions.

With GPL style licenses things are a lot more complicated. The main  
restriction of the license is that if some changes the code or writes  
code that uses the GPL licensed code then they must make those changes  
or that new code available under the GPL (or compatible) license, but  
only if the code is "performed publicly". What that means is subject  
to interpretation, but basically for your client it means either the  
custom code (including code that may reveal trade secrets or  
copyrighted information, etc... which is why customizing GPL code is  
sometimes like playing Russian Roulette since it can be hard to  
determine the risks and proper course of action in advance) must be  
made available under the GPL license or if not publicly performed then  
there is no licensing restriction. In other words, on the one hand  
your client is required to open source (under the GPL) everything  
developed for them, and on the other hand the service provider can do  
whatever they want, within the bounds of the contract between the  
service provider and the client.

Anyway (just as Scott wrote), whatever open source or commercial  
license is involved for tools or software libraries used the ownership  
and allowed use of the customized code is totally determined by the  
agreement between the service provider and the client, which may or  
may not be subject to restrictions by licensing terms of tools and  
libraries (like OFBiz).

It's unfortunate that some service providers choose to do business  
this way, but it is their choice. The is something for ALL end-users  
to be aware of when they are working with a service provider, with  
OFBiz or any other software. Service providers certainly can do  
business this way, and there may be valid reasons for doing so... but  
it is "slimy" to not make it clear to the client, and usually if a  
service provider does business this way they will charge less than a  
comparable service provider who does not do it this way (because the  
result is of less value to the client).

On the other hand, if there was a contract and the client didn't read  
or understand it (including the terms related to who owns the work  
product and what use is allowed), then they may be in a situation that  
they were both unaware of AND that they can't do anything about.

For most contracts of this size (it's really fairly small, depending  
on which country you are in) chances are there wasn't a super-formal  
agreement or contract written and even if there was it could cost WAY  
more than $50k for the client to enforce the contract and make the  
service provider give up the source code, and not just a lot of money  
but a lot of time too.

The good news that this doesn't happen a whole lot with open source  
software, but that doesn't really help your client. If your client  
were using commercial software this would be the EXPECTED way for  
things to work. With most commercial software as a user you typically  
get very few rights, sometimes few rights to your customizations too  
(and of course your customizations are worthless without the  
commercial software to run them on), and it is normal for the software  
vendor and/or customizer to be way larger than the end-user and to  
push them around a lot, and really the only choice the end-user has is  
to purchase the software or not (or sometimes negotiate alternate  
licensing terms, but only if they are offering the vendor a really BIG  
deal).

-David


On Jun 14, 2009, at 8:49 PM, mcat wrote:

>
> Hi All,
> I'm having difficulty understanding the Apache license which is  
> applied to
> OFBiz. I'm a system integrator and one of my clients has a CRM  
> solution
> based on OFBiz, which was customised by a third party. This third  
> party
> charged ALOT of money ($50k+) to develop these customisations, and is
> charging extortive rates to do any kind of work on the software,  
> including
> bug fixes in the areas they customised.
>
> My client wants to use someone else to continue work on developing  
> OFBiz for
> numerous reasons. The developer is witholding source code, saying  
> that it
> belongs to them, and that any further work on the system must be done
> through them. My argument was they took someone elses code and  
> passed it off
> as their own for profit (They never told the client it was OFBiz,  
> and gave
> no credit to Apache).
>
> By my understanding of Open Source, Free Software, etc. etc., I  
> thought that
> it was wrong to take software licensed under FSF/Apache licenses,  
> then make
> a few changes, and do a binary-only sale to a customer, prohibiting  
> them
> from making changes as they see fit. Kind of defeats the purpose in  
> my mind,
> i.e. Free as in Freedom, and all that jazz.
>
> Is a developer, in this circumstance, required to provide the source  
> code
> for the OFBiz customisations, along with binaries to the end-user?  
> Are they
> exploiting the free software philosophy and breaching the license,  
> or have I
> got it all wrong?
>
> Or am I asking this question in the wrong place....
> Really appreciate any input on this. Thanks!
> --
> View this message in context: http://www.nabble.com/OFBiz-Licensing-tp24028119p24028119.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>

Reply | Threaded
Open this post in threaded view
|

Re: OFBiz Licensing

mcat
Thanks very much for your thorough explanation. I think the main point to take home here is to check and double check contracts with tech consultants, not just lawyers. This particular client is dealing with a developer of similar business size, and did scrutinize the contract but it seems both management and legal misunderstood the potential 'technical' rights they gave up (without knowing it) and future, unforseen technical/business issues they may have had. The reality is they needed a consultant (who didn't stand to benefit from approval of the project!) to look at it all and raise a red flag before proceeding. That is where I am now, pointing out milk that's already been spilt.

Thanks to all for helping me understand this. I did review the Apache license but the specific information I was looking for didn't jump out at me. Much appreciated!

David E Jones-4 wrote
It's really unfortunate that your client is getting locked in by a  
service provider. While that is very common in the commercial software  
world, it is not as common in the open source world. However, there is  
nothing in any open source license that can do anything about that and  
it certainly happens sometimes.

With the Apache/BSD/MIT/etc style license changes to the source code  
are usually not encumbered at all, or are encumbered very little. In  
other words, people who change or extend the code can pretty much do  
whatever they want with their changes or extensions.

With GPL style licenses things are a lot more complicated. The main  
restriction of the license is that if some changes the code or writes  
code that uses the GPL licensed code then they must make those changes  
or that new code available under the GPL (or compatible) license, but  
only if the code is "performed publicly". What that means is subject  
to interpretation, but basically for your client it means either the  
custom code (including code that may reveal trade secrets or  
copyrighted information, etc... which is why customizing GPL code is  
sometimes like playing Russian Roulette since it can be hard to  
determine the risks and proper course of action in advance) must be  
made available under the GPL license or if not publicly performed then  
there is no licensing restriction. In other words, on the one hand  
your client is required to open source (under the GPL) everything  
developed for them, and on the other hand the service provider can do  
whatever they want, within the bounds of the contract between the  
service provider and the client.

Anyway (just as Scott wrote), whatever open source or commercial  
license is involved for tools or software libraries used the ownership  
and allowed use of the customized code is totally determined by the  
agreement between the service provider and the client, which may or  
may not be subject to restrictions by licensing terms of tools and  
libraries (like OFBiz).

It's unfortunate that some service providers choose to do business  
this way, but it is their choice. The is something for ALL end-users  
to be aware of when they are working with a service provider, with  
OFBiz or any other software. Service providers certainly can do  
business this way, and there may be valid reasons for doing so... but  
it is "slimy" to not make it clear to the client, and usually if a  
service provider does business this way they will charge less than a  
comparable service provider who does not do it this way (because the  
result is of less value to the client).

On the other hand, if there was a contract and the client didn't read  
or understand it (including the terms related to who owns the work  
product and what use is allowed), then they may be in a situation that  
they were both unaware of AND that they can't do anything about.

For most contracts of this size (it's really fairly small, depending  
on which country you are in) chances are there wasn't a super-formal  
agreement or contract written and even if there was it could cost WAY  
more than $50k for the client to enforce the contract and make the  
service provider give up the source code, and not just a lot of money  
but a lot of time too.

The good news that this doesn't happen a whole lot with open source  
software, but that doesn't really help your client. If your client  
were using commercial software this would be the EXPECTED way for  
things to work. With most commercial software as a user you typically  
get very few rights, sometimes few rights to your customizations too  
(and of course your customizations are worthless without the  
commercial software to run them on), and it is normal for the software  
vendor and/or customizer to be way larger than the end-user and to  
push them around a lot, and really the only choice the end-user has is  
to purchase the software or not (or sometimes negotiate alternate  
licensing terms, but only if they are offering the vendor a really BIG  
deal).

-David


On Jun 14, 2009, at 8:49 PM, mcat wrote:

>
> Hi All,
> I'm having difficulty understanding the Apache license which is  
> applied to
> OFBiz. I'm a system integrator and one of my clients has a CRM  
> solution
> based on OFBiz, which was customised by a third party. This third  
> party
> charged ALOT of money ($50k+) to develop these customisations, and is
> charging extortive rates to do any kind of work on the software,  
> including
> bug fixes in the areas they customised.
>
> My client wants to use someone else to continue work on developing  
> OFBiz for
> numerous reasons. The developer is witholding source code, saying  
> that it
> belongs to them, and that any further work on the system must be done
> through them. My argument was they took someone elses code and  
> passed it off
> as their own for profit (They never told the client it was OFBiz,  
> and gave
> no credit to Apache).
>
> By my understanding of Open Source, Free Software, etc. etc., I  
> thought that
> it was wrong to take software licensed under FSF/Apache licenses,  
> then make
> a few changes, and do a binary-only sale to a customer, prohibiting  
> them
> from making changes as they see fit. Kind of defeats the purpose in  
> my mind,
> i.e. Free as in Freedom, and all that jazz.
>
> Is a developer, in this circumstance, required to provide the source  
> code
> for the OFBiz customisations, along with binaries to the end-user?  
> Are they
> exploiting the free software philosophy and breaching the license,  
> or have I
> got it all wrong?
>
> Or am I asking this question in the wrong place....
> Really appreciate any input on this. Thanks!
> --
> View this message in context: http://www.nabble.com/OFBiz-Licensing-tp24028119p24028119.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>
Reply | Threaded
Open this post in threaded view
|

Re: OFBiz Licensing

David E. Jones-2

Personally I wouldn't trust most software consultants to make the  
call... maybe to recommend some things to watch out for, but probably  
not much more. Most lawyers familiar with software and/or intellectual  
property would be VERY aware of these sorts of factors. Even lawyers  
not familiar with these things general get the idea. Questions about  
who owns the work product and who is allowed to do what with the work  
product is most of what the contract is all about, so it is surprising  
that anyone reviewing a contract would miss it.

In other words, if a contract said something like "Provider retains  
ownership of all intellectual property produced, including copyrights  
and patents as applicable, and hereby grants Client license to use  
software produced in binary form only or through deployed instance on  
a server controller by Provider", wouldn't that raise some red flags  
for anyone reading it? Maybe not, but it is pretty suspicious.

If it's worth it to the client they should have a good IP and  
contracting attorney take a look at the contract and see if anything  
can be done. They may get lucky, or it may be they can't do anything,  
or it may be that they can but unless the provider gets scared by a  
letter from the lawyer (for a few hundred dollars) the only other  
option may be to spend tens of thousands of dollars on a lawsuit to  
resolve it.

 From my experience working with clients on these issues things never  
go to court. For small things a letter is sent here and there or a  
lawsuit filed and settled at the drop of a hat. For big things (like  
multi-million dollar contracts) there is just a lot of legal  
maneuvering and posturing to see how serious the other side is and it  
all comes down to what the client can get the provider to agree to, or  
vice-versa. In the real world it is just the unfortunate fact that  
both clients and providers can get away with quite a lot, but only a  
few times before others doing business with them walk away. For large  
clients and providers it often has more to do with an individual in  
the company than the company itself, and in those cases you're lucky  
because you can appeal to others in the company and likely get the  
issue resolved. For smaller companies... they usually get away with  
stuff for a while and eventually go out of business.

Anyway, sorry for the long thoughts. I've run into this countless  
times over the years and in the end it's a natural risk of this sort  
of business, but there are things both clients and providers can do to  
help things work more smoothly. In my opinion these things very rarely  
have anything to do with contracts but rather things like getting paid  
partially in advance and giving clients access to the source  
repository or even using a source repository on the client's server  
(both of which should be mentioned in a contract, but it is doing them  
and not the fact that they are in the contract that makes a difference).

-David


On Jun 14, 2009, at 10:49 PM, mcat wrote:

>
> Thanks very much for your thorough explanation. I think the main  
> point to
> take home here is to check and double check contracts with tech  
> consultants,
> not just lawyers. This particular client is dealing with a developer  
> of
> similar business size, and did scrutinize the contract but it seems  
> both
> management and legal misunderstood the potential 'technical' rights  
> they
> gave up (without knowing it) and future, unforseen technical/
> business issues
> they may have had. The reality is they needed a consultant (who  
> didn't stand
> to benefit from approval of the project!) to look at it all and  
> raise a red
> flag before proceeding. That is where I am now, pointing out milk  
> that's
> already been spilt.
>
> Thanks to all for helping me understand this. I did review the Apache
> license but the specific information I was looking for didn't jump  
> out at
> me. Much appreciated!
>
>
> David E Jones-4 wrote:
>>
>>
>> It's really unfortunate that your client is getting locked in by a
>> service provider. While that is very common in the commercial  
>> software
>> world, it is not as common in the open source world. However, there  
>> is
>> nothing in any open source license that can do anything about that  
>> and
>> it certainly happens sometimes.
>>
>> With the Apache/BSD/MIT/etc style license changes to the source code
>> are usually not encumbered at all, or are encumbered very little. In
>> other words, people who change or extend the code can pretty much do
>> whatever they want with their changes or extensions.
>>
>> With GPL style licenses things are a lot more complicated. The main
>> restriction of the license is that if some changes the code or writes
>> code that uses the GPL licensed code then they must make those  
>> changes
>> or that new code available under the GPL (or compatible) license, but
>> only if the code is "performed publicly". What that means is subject
>> to interpretation, but basically for your client it means either the
>> custom code (including code that may reveal trade secrets or
>> copyrighted information, etc... which is why customizing GPL code is
>> sometimes like playing Russian Roulette since it can be hard to
>> determine the risks and proper course of action in advance) must be
>> made available under the GPL license or if not publicly performed  
>> then
>> there is no licensing restriction. In other words, on the one hand
>> your client is required to open source (under the GPL) everything
>> developed for them, and on the other hand the service provider can do
>> whatever they want, within the bounds of the contract between the
>> service provider and the client.
>>
>> Anyway (just as Scott wrote), whatever open source or commercial
>> license is involved for tools or software libraries used the  
>> ownership
>> and allowed use of the customized code is totally determined by the
>> agreement between the service provider and the client, which may or
>> may not be subject to restrictions by licensing terms of tools and
>> libraries (like OFBiz).
>>
>> It's unfortunate that some service providers choose to do business
>> this way, but it is their choice. The is something for ALL end-users
>> to be aware of when they are working with a service provider, with
>> OFBiz or any other software. Service providers certainly can do
>> business this way, and there may be valid reasons for doing so... but
>> it is "slimy" to not make it clear to the client, and usually if a
>> service provider does business this way they will charge less than a
>> comparable service provider who does not do it this way (because the
>> result is of less value to the client).
>>
>> On the other hand, if there was a contract and the client didn't read
>> or understand it (including the terms related to who owns the work
>> product and what use is allowed), then they may be in a situation  
>> that
>> they were both unaware of AND that they can't do anything about.
>>
>> For most contracts of this size (it's really fairly small, depending
>> on which country you are in) chances are there wasn't a super-formal
>> agreement or contract written and even if there was it could cost WAY
>> more than $50k for the client to enforce the contract and make the
>> service provider give up the source code, and not just a lot of money
>> but a lot of time too.
>>
>> The good news that this doesn't happen a whole lot with open source
>> software, but that doesn't really help your client. If your client
>> were using commercial software this would be the EXPECTED way for
>> things to work. With most commercial software as a user you typically
>> get very few rights, sometimes few rights to your customizations too
>> (and of course your customizations are worthless without the
>> commercial software to run them on), and it is normal for the  
>> software
>> vendor and/or customizer to be way larger than the end-user and to
>> push them around a lot, and really the only choice the end-user has  
>> is
>> to purchase the software or not (or sometimes negotiate alternate
>> licensing terms, but only if they are offering the vendor a really  
>> BIG
>> deal).
>>
>> -David
>>
>>
>> On Jun 14, 2009, at 8:49 PM, mcat wrote:
>>
>>>
>>> Hi All,
>>> I'm having difficulty understanding the Apache license which is
>>> applied to
>>> OFBiz. I'm a system integrator and one of my clients has a CRM
>>> solution
>>> based on OFBiz, which was customised by a third party. This third
>>> party
>>> charged ALOT of money ($50k+) to develop these customisations, and  
>>> is
>>> charging extortive rates to do any kind of work on the software,
>>> including
>>> bug fixes in the areas they customised.
>>>
>>> My client wants to use someone else to continue work on developing
>>> OFBiz for
>>> numerous reasons. The developer is witholding source code, saying
>>> that it
>>> belongs to them, and that any further work on the system must be  
>>> done
>>> through them. My argument was they took someone elses code and
>>> passed it off
>>> as their own for profit (They never told the client it was OFBiz,
>>> and gave
>>> no credit to Apache).
>>>
>>> By my understanding of Open Source, Free Software, etc. etc., I
>>> thought that
>>> it was wrong to take software licensed under FSF/Apache licenses,
>>> then make
>>> a few changes, and do a binary-only sale to a customer, prohibiting
>>> them
>>> from making changes as they see fit. Kind of defeats the purpose in
>>> my mind,
>>> i.e. Free as in Freedom, and all that jazz.
>>>
>>> Is a developer, in this circumstance, required to provide the source
>>> code
>>> for the OFBiz customisations, along with binaries to the end-user?
>>> Are they
>>> exploiting the free software philosophy and breaching the license,
>>> or have I
>>> got it all wrong?
>>>
>>> Or am I asking this question in the wrong place....
>>> Really appreciate any input on this. Thanks!
>>> --
>>> View this message in context:
>>> http://www.nabble.com/OFBiz-Licensing-tp24028119p24028119.html
>>> Sent from the OFBiz - User mailing list archive at Nabble.com.
>>>
>>
>>
>>
>
> --
> View this message in context: http://www.nabble.com/OFBiz-Licensing-tp24028119p24028786.html
> Sent from the OFBiz - User mailing list archive at Nabble.com.
>

Reply | Threaded
Open this post in threaded view
|

Re: OFBiz Licensing

Adrian Crum-2
In reply to this post by mcat

That's why I shun legal contracts. Anytime someone comes to me with a legal contract, it implies they are ready to take me to court.

When I go buy a donut, I don't sign a contract. I pay a fee for the donut. There is no contract involved. I give the cashier money, and the cashier gives me my donut. It's simple and it works.

My employer is the same way. Our company avoids legal contracts for the same reason.

-Adrian


--- On Sun, 6/14/09, David E Jones <[hidden email]> wrote:

> From: David E Jones <[hidden email]>
> Subject: Re: OFBiz Licensing
> To: [hidden email]
> Date: Sunday, June 14, 2009, 10:21 PM
>
> Personally I wouldn't trust most software consultants to
> make the call... maybe to recommend some things to watch out
> for, but probably not much more. Most lawyers familiar with
> software and/or intellectual property would be VERY aware of
> these sorts of factors. Even lawyers not familiar with these
> things general get the idea. Questions about who owns the
> work product and who is allowed to do what with the work
> product is most of what the contract is all about, so it is
> surprising that anyone reviewing a contract would miss it.
>
> In other words, if a contract said something like "Provider
> retains ownership of all intellectual property produced,
> including copyrights and patents as applicable, and hereby
> grants Client license to use software produced in binary
> form only or through deployed instance on a server
> controller by Provider", wouldn't that raise some red flags
> for anyone reading it? Maybe not, but it is pretty
> suspicious.
>
> If it's worth it to the client they should have a good IP
> and contracting attorney take a look at the contract and see
> if anything can be done. They may get lucky, or it may be
> they can't do anything, or it may be that they can but
> unless the provider gets scared by a letter from the lawyer
> (for a few hundred dollars) the only other option may be to
> spend tens of thousands of dollars on a lawsuit to resolve
> it.
>
> From my experience working with clients on these issues
> things never go to court. For small things a letter is sent
> here and there or a lawsuit filed and settled at the drop of
> a hat. For big things (like multi-million dollar contracts)
> there is just a lot of legal maneuvering and posturing to
> see how serious the other side is and it all comes down to
> what the client can get the provider to agree to, or
> vice-versa. In the real world it is just the unfortunate
> fact that both clients and providers can get away with quite
> a lot, but only a few times before others doing business
> with them walk away. For large clients and providers it
> often has more to do with an individual in the company than
> the company itself, and in those cases you're lucky because
> you can appeal to others in the company and likely get the
> issue resolved. For smaller companies... they usually get
> away with stuff for a while and eventually go out of
> business.
>
> Anyway, sorry for the long thoughts. I've run into this
> countless times over the years and in the end it's a natural
> risk of this sort of business, but there are things both
> clients and providers can do to help things work more
> smoothly. In my opinion these things very rarely have
> anything to do with contracts but rather things like getting
> paid partially in advance and giving clients access to the
> source repository or even using a source repository on the
> client's server (both of which should be mentioned in a
> contract, but it is doing them and not the fact that they
> are in the contract that makes a difference).
>
> -David
>
>
> On Jun 14, 2009, at 10:49 PM, mcat wrote:
>
> >
> > Thanks very much for your thorough explanation. I
> think the main point to
> > take home here is to check and double check contracts
> with tech consultants,
> > not just lawyers. This particular client is dealing
> with a developer of
> > similar business size, and did scrutinize the contract
> but it seems both
> > management and legal misunderstood the potential
> 'technical' rights they
> > gave up (without knowing it) and future, unforseen
> technical/business issues
> > they may have had. The reality is they needed a
> consultant (who didn't stand
> > to benefit from approval of the project!) to look at
> it all and raise a red
> > flag before proceeding. That is where I am now,
> pointing out milk that's
> > already been spilt.
> >
> > Thanks to all for helping me understand this. I did
> review the Apache
> > license but the specific information I was looking for
> didn't jump out at
> > me. Much appreciated!
> >
> >
> > David E Jones-4 wrote:
> >>
> >>
> >> It's really unfortunate that your client is
> getting locked in by a
> >> service provider. While that is very common in the
> commercial software
> >> world, it is not as common in the open source
> world. However, there is
> >> nothing in any open source license that can do
> anything about that and
> >> it certainly happens sometimes.
> >>
> >> With the Apache/BSD/MIT/etc style license changes
> to the source code
> >> are usually not encumbered at all, or are
> encumbered very little. In
> >> other words, people who change or extend the code
> can pretty much do
> >> whatever they want with their changes or
> extensions.
> >>
> >> With GPL style licenses things are a lot more
> complicated. The main
> >> restriction of the license is that if some changes
> the code or writes
> >> code that uses the GPL licensed code then they
> must make those changes
> >> or that new code available under the GPL (or
> compatible) license, but
> >> only if the code is "performed publicly". What
> that means is subject
> >> to interpretation, but basically for your client
> it means either the
> >> custom code (including code that may reveal trade
> secrets or
> >> copyrighted information, etc... which is why
> customizing GPL code is
> >> sometimes like playing Russian Roulette since it
> can be hard to
> >> determine the risks and proper course of action in
> advance) must be
> >> made available under the GPL license or if not
> publicly performed then
> >> there is no licensing restriction. In other words,
> on the one hand
> >> your client is required to open source (under the
> GPL) everything
> >> developed for them, and on the other hand the
> service provider can do
> >> whatever they want, within the bounds of the
> contract between the
> >> service provider and the client.
> >>
> >> Anyway (just as Scott wrote), whatever open source
> or commercial
> >> license is involved for tools or software
> libraries used the ownership
> >> and allowed use of the customized code is totally
> determined by the
> >> agreement between the service provider and the
> client, which may or
> >> may not be subject to restrictions by licensing
> terms of tools and
> >> libraries (like OFBiz).
> >>
> >> It's unfortunate that some service providers
> choose to do business
> >> this way, but it is their choice. The is something
> for ALL end-users
> >> to be aware of when they are working with a
> service provider, with
> >> OFBiz or any other software. Service providers
> certainly can do
> >> business this way, and there may be valid reasons
> for doing so... but
> >> it is "slimy" to not make it clear to the client,
> and usually if a
> >> service provider does business this way they will
> charge less than a
> >> comparable service provider who does not do it
> this way (because the
> >> result is of less value to the client).
> >>
> >> On the other hand, if there was a contract and the
> client didn't read
> >> or understand it (including the terms related to
> who owns the work
> >> product and what use is allowed), then they may be
> in a situation that
> >> they were both unaware of AND that they can't do
> anything about.
> >>
> >> For most contracts of this size (it's really
> fairly small, depending
> >> on which country you are in) chances are there
> wasn't a super-formal
> >> agreement or contract written and even if there
> was it could cost WAY
> >> more than $50k for the client to enforce the
> contract and make the
> >> service provider give up the source code, and not
> just a lot of money
> >> but a lot of time too.
> >>
> >> The good news that this doesn't happen a whole lot
> with open source
> >> software, but that doesn't really help your
> client. If your client
> >> were using commercial software this would be the
> EXPECTED way for
> >> things to work. With most commercial software as a
> user you typically
> >> get very few rights, sometimes few rights to your
> customizations too
> >> (and of course your customizations are worthless
> without the
> >> commercial software to run them on), and it is
> normal for the software
> >> vendor and/or customizer to be way larger than the
> end-user and to
> >> push them around a lot, and really the only choice
> the end-user has is
> >> to purchase the software or not (or sometimes
> negotiate alternate
> >> licensing terms, but only if they are offering the
> vendor a really BIG
> >> deal).
> >>
> >> -David
> >>
> >>
> >> On Jun 14, 2009, at 8:49 PM, mcat wrote:
> >>
> >>>
> >>> Hi All,
> >>> I'm having difficulty understanding the Apache
> license which is
> >>> applied to
> >>> OFBiz. I'm a system integrator and one of my
> clients has a CRM
> >>> solution
> >>> based on OFBiz, which was customised by a
> third party. This third
> >>> party
> >>> charged ALOT of money ($50k+) to develop these
> customisations, and is
> >>> charging extortive rates to do any kind of
> work on the software,
> >>> including
> >>> bug fixes in the areas they customised.
> >>>
> >>> My client wants to use someone else to
> continue work on developing
> >>> OFBiz for
> >>> numerous reasons. The developer is witholding
> source code, saying
> >>> that it
> >>> belongs to them, and that any further work on
> the system must be done
> >>> through them. My argument was they took
> someone elses code and
> >>> passed it off
> >>> as their own for profit (They never told the
> client it was OFBiz,
> >>> and gave
> >>> no credit to Apache).
> >>>
> >>> By my understanding of Open Source, Free
> Software, etc. etc., I
> >>> thought that
> >>> it was wrong to take software licensed under
> FSF/Apache licenses,
> >>> then make
> >>> a few changes, and do a binary-only sale to a
> customer, prohibiting
> >>> them
> >>> from making changes as they see fit. Kind of
> defeats the purpose in
> >>> my mind,
> >>> i.e. Free as in Freedom, and all that jazz.
> >>>
> >>> Is a developer, in this circumstance, required
> to provide the source
> >>> code
> >>> for the OFBiz customisations, along with
> binaries to the end-user?
> >>> Are they
> >>> exploiting the free software philosophy and
> breaching the license,
> >>> or have I
> >>> got it all wrong?
> >>>
> >>> Or am I asking this question in the wrong
> place....
> >>> Really appreciate any input on this. Thanks!
> >>> --View this message in context:
> >>> http://www.nabble.com/OFBiz-Licensing-tp24028119p24028119.html
> >>> Sent from the OFBiz - User mailing list
> archive at Nabble.com.
> >>>
> >>
> >>
> >>
> >
> > --View this message in context: http://www.nabble.com/OFBiz-Licensing-tp24028119p24028786.html
> > Sent from the OFBiz - User mailing list archive at
> Nabble.com.
> >
>
>


     
Reply | Threaded
Open this post in threaded view
|

RE: OFBiz Licensing

Charles Tjandra

Hmm....

Donut is delicious.... :D
is OFBiz ......? Could be?
:D

Charles TJ


-----Original Message-----
From: Adrian Crum [mailto:[hidden email]]
Sent: 15 Juni 2009 13:51
To: [hidden email]
Subject: Re: OFBiz Licensing



That's why I shun legal contracts. Anytime someone comes to me with a legal
contract, it implies they are ready to take me to court.

When I go buy a donut, I don't sign a contract. I pay a fee for the donut.
There is no contract involved. I give the cashier money, and the cashier
gives me my donut. It's simple and it works.

My employer is the same way. Our company avoids legal contracts for the same
reason.

-Adrian