Post Open Source

“I would love it if all patents evaporated” (WebRTC)

Monday, November 11th, 2013

I’ve been following WebRTC (Real Time Communications) because (1) it is probably the most significant addition to the web in terms of enabling a new class of applications at least since the introduction of Ajax (1998, standardized by 2006), and perhaps since the introduction of Javascript (1995, standardized by 1997). The IETF working group charter puts it well (another part of the work is at W3C):

There are a number of proprietary implementations that provide direct interactive rich communication using audio, video, collaboration, games, etc. between two peers’ web-browsers. These are not interoperable, as they require non-standard extensions or plugins to work. There is a desire to standardize the basis for such communication so that interoperable communication can be established between any compatible browsers. The goal is to enable innovation on top of a set of basic components. One core component is to enable real-time media like audio and video, a second is to enable data transfer directly between clients.

(See pad.textb.org (source) for one simple application; simpleWebRTC seems to be a popular library for building WebRTC applications.)

And (2) because WebRTC is the scene of the latest fight to protect open web standards from rent seekers.

The IETF working group is choosing between H.264 Constrained Baseline Profile Level 1.2 and VP8 as the Mandatory To Implement (MTI) video codec (meaning all applications can count on that codec being available) for WebRTC. H.264 cannot be included in free and open source software, VP8 can, due to their respective patent situations. (For audio-only WebRTC applications, the free Opus codec seems to be a non-controversial requirement.)

Cisco has recently promised that in 2014 they will make available a binary implementation of H.264 for which they will pay license fees for all comers (there is an annual cap on fees, allowing them to do this). That’s nice of them, but the offer is far from ideal for any software (a binary must be downloaded from Cisco servers for each user), and a nonstarter for applications without some kind of plugin system, and for free and open source software distributions, which must be able to modify source code.

Last week I remotely attended a meeting on the MTI video codec choice. No consensus was reached; discussion continues on the mailing list. One interesting thing about the non-consensus was the split between physical attendees (50% for H.264 and 30% for VP8) and remote attendees (20% for H.264, 80% for VP8). A point mentioned several times was the interest of “big players” (mostly fine with paying H.264 fees, and are using it in various other products) and “little players” (fees are significant, eg startups, or impossible, eg free and open source projects); depending on one’s perspective, the difference shows how venue biases participation in one or both directions.

Jonathan Rosenberg, the main presenter for H.264, at about 22 minutes into a recording segment:

I would love it if all patents evaporated, if all the stuff was open source in ways that we could use, and we didn’t have to deal with any of this mess.

The argument for why H.264 is the best choice for dealing with “this mess” boils down to H.264 having a longer history and broader adoption than VP8 (in other applications; the two implementation of WebRTC so far, in recent versions of Chrome and Firefox, so far exclusively use VP8).

Harald Alvestrand, the main presenter for VP8, at about 48 minutes into another recording segment:

Development of codecs has been massively hampered and held back by the fact that it has been done in a fashion that has served to maximize the patent encumbrances on codecs. Sooner or later, we should see a way forward to abandon the dependence on encumbered codecs also for video software. My question, at this juncture, is if not now, when?

Unsurprisingly, I find this (along with the unworkability of H.264 for free and open source software) a much more compelling argument. The first step toward making patents evaporate (or at least irrelevant for digital video) is to select a codec which has been developed to maximize freedom, rather than developed to maximize encumbrances and rent collection.

What are individuals and entities pushing H.264 as the best codec for now, given the mess, doing for the longer term? Are they working on H.265, in order to bake in rents for the next generation? Or are they contributing to VP9, the next-next generation Daala, and the elimination of software patents?

Addendum: Version of this post sent to rtcweb@ietf.org (and any followups).

Economics and the Commons Conference [knowledge stream] report

Wednesday, October 30th, 2013

Economics and the Common(s): From Seed Form to Core Paradigm. A report on an international conference on the future of the commons (pdf) by David Bollier. Section on the knowledge stream (which I coordinated; pre-conference post) copied below, followed by an addendum with thanks and vague promises. First, video of the stream keynote (slides) by Carolina Botero (introduced by me; archive.org copy).

III. “Treating Knowledge, Culture and Science as Commons”

Science, and recently, free software, are paradigmatic knowledge commons; copyright and patent paradigmatic enclosures. But our vision may be constrained by the power of paradigmatic examples. Re-conceptualization may help us understand what might be achieved by moving most provisioning of knowledge to the commons; help us critically evaluate our commoning; and help us understand that all commons are knowledge commons. Let us consider, what if:

  • Copyright and patent are not the first knowledge enclosures, but only “modern” enforcement of inequalities in what may be known and communicated?
  • Copyright and patent reform and licensing are merely small parts of a universe of knowledge commoning, including transparency, privacy, collaboration, all of science and culture and social knowledge?
  • Our strategy puts commons values first, and views narrow incentives with skepticism?
  • We articulate the value of knowledge commons – qualitative, quantitative, ethical, practical, other – such that knowledge commons can be embraced and challenged in mainstream discourse?

These were the general questions that the Knowledge, Culture and Science Stream addressed.

Knowledge Stream Keynote Summary

Carolina Botero Cabrera, a free culture activist, consultant and lawyer from Colombia, delivered a plenary keynote for the Knowledge Stream entitled, “What If Fear Changes Sides?” As an author and lecturer on free access, free culture and authors’ rights, Botero focused on the role of information and knowledge in creating unequal power relationships, and how knowledge and cultural commons can rectify such problems.

“If we assume that information is power and acknowledge the power of knowledge, we can start by saying that controlling information and knowledge means power. Why does this matter?” she asked. “Because the control of information and knowledge can change sides. The power relationship can be changed.”

One of the primary motives of contemporary enclosures of information and knowledge, said Botero, is to instill fear in people – fear of violating copyright law, fear of the penalties for doing so. This inhibits natural tendencies to share and re-use information. So the challenge facing us is to imagine if fear could change sides. Can we imagine a switch in power relationships over the control of knowledge – how we produce, distribute and use knowledge? Botero said we should focus on the question: “How can we switch the tendency of knowledge regulation away from enclosure, so that commons can become the rule and not the exception?”

“There are still many ways to produce things, to gain knowledge,” said Botero, who noted that those who use the word “commons” [in the context of knowledge production] are lucky because it helps name these non-market forms of sharing knowledge. “In Colombia, we don’t even have that word,” she said.

To illustrate how customary knowledge has been enclosed in Colombia, Botero told the story of parteras, midwives, who have been shunted aside by doctors, mostly men, who then asserted control over women’s bodies and childbirth, and marginalized the parteras and their rich knowledge of childbirth. This knowledge is especially important to those communities in remote areas of Colombia that do not have access to doctors. There is currently a huge movement of parteras in Colombia who are fighting for the recognition of their knowledge and for the legal right to act as midwives.

Botero also told about how copyright laws have made it illegal to reproduce sheet music for songs written in 18th and 19th century Colombia. In those times, people simply shared the music among each other; there was no market for it. But with the rise of the music industry in the 20th century, especially in the North, it is either impossible or unaffordable to get this sheet music because most of it is copyrighted. So most written music in Colombia consists of illegally photocopied versions. Market logic has criminalized the music that was once natural and freely flowing in Colombian culture. Botero noted that this has increased inequality and diminished public culture.

She showed a global map illustrating which nations received royalties and fees from copyrights and patents in 2002; the United States receives more than half of all global revenues, while Latin America, Africa, India and other countries of the South receive virtually nothing. This is the “power relationships” that Botero was pointing to.

Botero warned, “We have trouble imagining how to provision and govern resources, even knowledge, without exclusivity and control.” Part of the problem is the difficulty of measuring commons values. Economists are not interested, she said, which makes it difficult to go to politicians and persuade them why libraries matter.

Another barrier is our reliance on individual incentives as core value in the system for regulating knowledge, Botero said. “Legal systems of ‘intellectual property’ place individual financial incentives at the center for knowledge regulation, which marginalizes commons values.” Our challenge is to find ways to switch from market logics by showing that there are other logics.

One reason that it is difficult to displace market logics is because we are reluctant or unable to “introduce the commons discourse from the front door instead of through the back door,” said Botero. She confessed that she herself has this problem because most public debate on this topic “is based on the premise that knowledge requires enclosure.” It is difficult to displace this premise by talking about the commons. But it is becoming increasingly necessary to do so as new policy regimes, such as the Transpacific Trade (TPP) Agreement, seek to intensify enclosures. The TPP, for example, seeks to raise minimum levels of copyright restriction, extend the terms of copyrights, and increase the prison terms for copyright violations.

One way to reframe debate, suggested Botero, is to see the commons “not as the absence of exclusivity, but the presence of non-exclusivity. Th is is a slight but important difference,” she said, “that helps us see the plenitude of non-exclusivity” – an idea developed by Séverine Dussolier, professor and director of the Revue Droit des Technologies de l’Information (RDTI, France). This shift “helps us to shift the discussion from the problems with the individual property and market-driven perspective, to a framework and society that – as a norm – wants its institutions to be generative of sharing, cooperation and equality.”

Ultimately, what is needed are more “efficient and effective ways to protect the ethic and practice of sharing,” or as she put it, “better commoning.” Reforming “intellectual property” is only one small part of the universe of knowledge commoning, Botero stressed. It also includes movements for “transparency, privacy, collaboration, and potentially all of science and culture.”

“When and how did we accept that the autonomy of all is subservient to control of knowledge by the few?” asked Botero. “Most important, can we stop this? Can we change it? Is the current tragedy our lack of knowledge of the commons?” Rediscovering the commons is an important challenge to be faced “if fear is going to change sides.”

An Account of the Knowledge, Culture and Science Stream’s Deliberations

There were no presentations in the Knowledge Stream breakout sessions, but rather a series of brief provocations. These were intended to spur a lively discussion and to go beyond the usual debates heard at free and open software/free culture/open science conferences. A primary goal of the breakout discussions was to consider what it means to regard knowledge as a commons, rather than as a “carve-out” exception from a private property regime. The group was also asked to consider how shared knowledge is crucial to all commoning activity. Notes from the Knowledge Stream breakout sessions were compiled through a participatory titanpad, from which this account is adapted.

The Knowledge Stream focused on two overarching themes, each taking advantage of the unique context of the conference:

  1. Why should commoners of all fields care about knowledge commons?
  2. If we consider knowledge first as commons, can we be more visionary, more inclusive, more effective in commoning software, science, culture, seeds … and much more?

The idea of the breakout session was to contextualize knowledge as a commons, first and foremost: knowledge as a subset of the larger paradigm of commons and commoning, as something far more than domain-specific categories such as software, scientific publication and educational materials.

An overarching premise of the Knowledge Stream was the point made by Silke Helfrich in her keynote, that all commons are knowledge commons and all commons are material commons. Saving seeds in the Svalbaard Seedbank are of no use if we forget how to cultivate them, for example, and various digital commons are ultimately grounded in the material reality of computers, electricity infrastructures and the food that computer users need to eat.

There is a “knowledge commons” at the center of each commons. This means that interest in a “knowledge commons” isn’t confined to those people who only care about software, scientific publication, and so on. It also means that we should refrain from classifying commons into categories such as “natural resources” and “digital,” and begin to make the process of commoning itself the focal point.

Of course, one must immediately acknowledge that digital resources do differ in fundamental ways from finite natural resources, and therefore the commons management strategies will differ. Knowledge commons can make cheap or virtually free copies of intangible information and creative works, and this knowledge production is often distributed at very small scales. For cultural commons, noted Philippe Aigrain, a French analyst of knowledge governance and CEO of Sopinspace, a maker for free software for collaboration and participatory democracy, “the key challenge is that average attention becomes scarcer in a world of abundant production.” This means that more attention must be paid on “mediating functions” – curating – and “revising our cultural expectations about ‘audiences’.”

It is helpful to see the historical roots of Internet-enabled knowledge commons, said Hilary Wainwright, the editor behind the UK political magazine Red Pepper and a research at the Transnational Institute. The Internet escalated the practice of sharing knowledge that began with the feminist movement’s recognition of a “plurality of sources.” It also facilitated the socialization of knowledge as a kind of collective action.

That these roots are not widely appreciated points to the limited vision of many knowledge commons, which tend to rely on a “deeply individualistic ethical ontology,” said Talha Syed, a professor of law at the University of California, Berkeley. This worldview usually leads commoners to focus on coercion – enclosures of knowledge commons – as the problem, he said. But “markets are problematic even if there is no monopoly,” he noted, because “we need to express both threats and positive aspirations in a substantive way. Freedom is more than people not coercing us.”

Shun-Ling Chen, a Taiwanese professor of law at the University of Arizona, noted that even free, mass-collaboration projects such as Wikipedia tend to fall back on western, individualistic conceptions of authorship and authority. This obscures the significance of traditional knowledge and history from the perspective of indigenous peoples, where less knowledge is recorded by “reliable sources.”

As the Stream recorded in its notes, knowledge commons are not just about individual freedoms, but about “marginalized people and social justice.” “The case for knowledge commons as necessary for social justice is an undeveloped theme,” the group concluded. But commons of traditional knowledge may require different sorts of legal strategies than those that are used to protect the collective knowledge embodied in free software or open access journal. The latter are both based on copyright law and its premises of individual rights, whereas traditional knowledge is not recognized as the sum of individual creations, but as a collective inheritance and resource.

This discussion raised the question whether provisioning knowledge through commons can produce different sorts of “products” as those produced by corporate enclosures, or whether they will simply create similar products with less inequality. Big budget movies and pharmaceuticals are often posited as impossibilities for commons provision (wrongly, by the way). But should these industries be seen as the ‘commanding heights’ of culture and medicine, or would a commons-based society create different commanding heights?”

One hint at an answer comes from seeing informality as a kind of knowledge commons. “Constructed commons” that rely upon copyright licenses (the GPL for software, Creative Commons licenses for other content) and upon policy reforms, are generally seen as the most significant, reputable knowledge commons. But just as many medieval commons relied upon informal community cooperation such as “beating the bounds” to defend themselves, so many contemporary knowledge commons are powerful because they are based on informal social practice and even illegality.

Alan Toner of Ireland noted that commoners who resist enclosures often “start from a position of illegality” (a point made by Ugo Mattei in his keynote talk). It may be better to frankly acknowledge this reality, he said. After all, remix culture would be impossible without civil disobedience to various copyright laws that prohibit copying, sharing and re-use – even if free culture people sometimes have a problem with such disrespectful or illegal resistance. “Piracy” is often a precursor to new social standards and even ne w legal rules. “What is legal is continent,” said Toner, because practices we spread now set traditions and norms for the future. We therefore must be conscious about the traditions we are creating. “The law is gray, so we must push new practices and organizations need to take greater risks,” eschewing the impulse to be “respectable” in order to become a “guiding star.”

Felix Stalder, a professor of digital culture at Zurich University of the Arts, agreed that civil disobedience and piracy are often precisely what is needed to create a “new normal,” which is what existing law is explicitly designed to prevent. “Piracy is building a de facto commons,” he added, “even if it is unaware of this fact. It is a laboratory of the new that can enrich our understanding of the commons.”

One way to secure the commons for the future, said Philippe Aigrain of Sopinspace, is to look at the specific challenges facing the commons rather than idealizing them or over-relying on existing precedents. As the Stream discussion notes concluded, “Given a new knowledge commons problem X, someone will state that we need a ‘copyleft for X.’ But is copyleft really effective at promoting and protecting the commons of software? What if we were to re-conceptualize copyleft as a prototype for effective, pro-commons regulation, rather than a hack on enclosure?”

Mike Linksvayer, the former chief technology officer of Creative Commons and the coordinator of the Knowledge Stream, noted that copyleft should be considered as “one way to “force sharing of information, i.e., of ensuring that knowledge is in the commons. But there may be more effective and more appropriate regulatory mechanisms that could be used and demanded to protect the commons.”

One provocative speculation was that there is a greater threat to the commons than enclosure – and that is obscurity. Perhaps new forms of promotion are needed to protect the commons from irrelevance. It may also be that excluding knowledge that doesn’t really contribute to a commons is a good way to protect a commons. For example, projects like Wikipedia and Debian mandate that only free knowledge and software be used within their spaces.


Addendum

Thanks to everyone who participated in the knowledge stream. All who prepared and delivered deep and critical provocations in the very brief time allotted:
Bodó Balázs
Shun-Ling Chen
Rick Falkvinge
Marco Fioretti
Charlotte Hess
Gaëlle Krikorian
Glyn Moody
Mayo Fuster Morrell
Prabir Purkayastha
Felix Stalder
Talha Syed
Wouter Tebbens
Alan Toner
Chris Watkins

Also thanks to Mayo Fuster Morrell and Petros for helping coordinate during the stream, and though neither could attend, Tal Niv and Leonhard Dobusch for helpful conversations about the stream and its goals. I enjoyed working with and learned much from the other stream coordinators: Saki Bailey (nature), Heike Löschmann (labor & care), Ludwig Schuster (money), and especially Miguel Said Vieira (infrastructure; early collaboration kept both infrastructure and knowledge streams relatively focused); and stream keynote speaker Carolina Botero; and conference organizers/Commons Strategy Group members: David Bollier, Michel Bauwens, and Silke Helfrich (watch their post-conference interview).

See the conference wiki for much more documentation on each of the streams, the overall conference, and related resources.

If a much more academic and apolitical approach is of interest, note the International Association for the Study of the Commons held its 2013 conference about 10 days after ECC. I believe there was not much overlap among attendees, one exception being Charlotte Hess (who also chaired a session on Governance of the Knowledge and Information Commons at the IASC conference).

ECC only strengthened my feeling (but, of course I designed the knowledge stream to confirm my biases…) that a much more bold, deep, inclusive (domains and methods of commoning, including informality, and populations), critical (including self-critical; a theme broached by several of the people thanked above), and competitive (product: displacing enclosure; policy: putting equality & freedom first) knowledge commons movement, or vanguard of those movements. Or as Carolina Botero put it in the stream keynote: bring the commons in through the front door. I promise to contribute to this project.

ECC also made me reflect much more on commons and commoning as a “core paradigm” for understanding and participating in the arrangements studied by social scientists. My thoughts are half baked at best, but that will not stop me from making pronouncements, time willing.

5 fantasy Internet Archive announcements

Thursday, October 24th, 2013

Speaking of public benefit spaces on the internet, tonight the Internet Archive is having its annual celebration and announcements event. It’s a top contender for the long-term most important site on the internet. The argument for it might begin with it having many copies at many points in time of many sites, mostly accessible to the public (Google, the NSA and others must have vast dark archives), but would not end there.

I think the Internet Archive is awesome. Brewster Kahle, its founder, is too. It is clear to me that he’s the most daring and innovative founder or leader in the bay area/non-profit/open/internet field and adjacencies. And he calls himself Digital Librarian. Hear, hear!

But, the Internet Archive could be even more awesome. Here’s what I humbly wish they would announce tonight:

  • A project to release all of the code that runs their websites and all other processes, under free/open source software licenses, and do their work in public repositories, issue trackers, etc. Such crucial infrastructure ought be open to public audit, and welcoming to public contribution. Obviously much of the code is ancient, crufty, and likely has security issues. No reason for embarrassment or obscurity. The code supporting the recording of this era of human communication is itself a dark archive. Danger! Fix it.
  • WikiNurture media collections. I believe media item metadata is now unversioned. It should be versioned. And the public should be able to enhance and correct metadata. Currently media in the Internet Archive is much less useful than it could be due to poor metadata (eg I expect music I download from the archive to not have good artist/album/title tags, making it a huge pain to integrate into my listenng habits, including to tell the world and make popular) and very limited relations among media items.
  • Aggressively support new free media formats, specifically Opus and WebM right now. This is an important issue for the free and open issue, and requires collective action. Internet Archive is in a key position, and should be exploit is strong position.
  • On top of existing infrastructure and much richer data, above, build Netflix-level experiences around the highest quality media in the archive, and perhaps all media with high quality metadata. This could be left to third parties, but centralization is powerful.
  • Finally, and perhaps the deadly combination of most contentious and least exciting: stop paying DRM vendors and publishers. Old posts on this: 1, 2, 3. Internet Archive is not in the position Mozilla apparently think they are, of tolerating DRM out of fear of losing relevance. Physical libraries may think they are in such a position, but only to the extent they think of themselves as book vendors, and lack vision. Please, show leadership to the digital libraries we want in the future, not grotesque compromises, Digital Librarian!

These enhancements would elevate Internet Archive to is proper status, and mean nobody could ever again justifiably say that ‘Aside from Wikipedia, there is no large, popular space being carved out for the public good.’

Addendum: The actual announcements were great, and mostly hinted at on the event announcement post. The Wayback Machine now can instantly archive any URL (“Save Page Now”). I expect to use that all the time, replacing webcitation.org. This post pre-addendum, including many spelling errors (written on the 38 Geary…). Javascript MESS and the software archive are tons of fun: “Imagine every computer that ever existed, in your browser.” No talk of DRM, but also no talk of books, unless I missed something.

Addendum 20131110: “What happened to the Library of Alexandria?” as a lead in to explaining why the Internet Archive has multiple data centers will take on new meaning from a few days ago, when there was a fire at its scanning center (no digital records were lost). Donate.

What’s *really* wrong with the free and open internet — and how we could win it

Thursday, October 24th, 2013

A few days ago Sue Gardner, ED of the Wikimedia Foundation, posted What’s *really* wrong with nonprofits — and how we can fix it. Judging by seeing the the link sent around, it has been read to confirm various conflicting biases different people in the SF bay area/internet/nonprofit space and adjacent already had. May I? Excerpt-based-summary:

A major structural flaw of many nonprofits is that their revenue is decoupled from mission work, which pushes them to focus on providing a positive donor experience often at the expense of doing their core work.

WMF makes about 95% of its money from the many-small-donors model
…
I spend practically zero time fundraising. We at the WMF get to focus on our core work of supporting and developing Wikipedia, and when donors talk with us we want to hear what they say, because they are Wikipedia readers
…
I think the usefulness of the many-small-donors model, ultimately, will extend far beyond the small number of nonprofits currently funded by it.
…
[Because Internet.]
…
For organizations that can cover their costs with the many-small-donors model I believe there’s the potential to heal the disconnect between fundraising and core mission work, in a way that supports nonprofits being, overall, much more effective.

I agree concerning extended potential. I thought (here comes confirmation of biases) that Creative Commons should make growing its small donor base its number one fundraising effort, with the goal of having small donors provide the majority of funding as soon as possible — realistically, after several years of hard work on that model. While nowhere close to that goal, I recall that about 2006-2009 individual giving grew rapidly, in numbers and diversity (started out almost exclusively US-based), even though it was never the number one fundraising priority. I don’t think many, perhaps zero, people other than me believed individual giving could become CC’s main source of support. Wikimedia’s success in that, already very evident, and its unique circumstance, was almost taken as proof that CC couldn’t. I thought instead Wikimedia’s methods should be taken as inspiration. The “model” had already been proven by nearby organizations without Wikimedia’s eyeballs; e.g., the Free Software Foundation.

An organization that wants to rely on small donors will have to work insanely hard at it. And, if it had been lucky enough to be in a network affording it access to large foundation grants, it needs to be prepared to shrink if the foundations tire of the organization before individual giving supplants them, and it may never fully do so. (But foundations might tire of the organization anyway, resulting in collapse without individual donors.) This should not be feared. If an organization has a clear vision and operating mission, increased focus on core work by a leaner team, less distracted by fundraising, ought be more effective than a larger, distracted team.

But most organizations don’t have a clear vision and operating mission (I don’t mean words found in vision and mission statements; rather the shared and deep knowing-what-we’re-trying-to-do-and-how that allows all to work effectively, from governance to program delivery). This makes any coherent strategic change more difficult, including transitioning to small donor support. It also gives me pause concerning some of the bits of Gardner’s post that I didn’t excerpt above. For most organizations I’d bet that real implementation of nonprofit “best practices” regarding compliance, governance, management, reporting, etc, though boring and conservative, would be a big step up. Even trying to increase the much-maligned program/(admin+fundraising) ratio is probably still a good general rule. I’d like to hear better ones. Perhaps near realtime reporting of much more data than can be gleaned from the likes of a Form 990 will help “big data scientists” find better rules.

It also has to be said that online small donor fundraising can be just as distracting and warping (causing organization to focus on appearing appealing to donors) as other models. We (collectively) have a lot of work to do on practices, institutions, and intermediaries that will make the extended potential of small donor support possible (read Gardner’s post for the part I lazily summarized as [Because Internet.]) in order for the outcome to be good. What passes as savvy advice on such fundraising (usually centered around “social media”) has for years been appalling and unrealistic. And crowdfunding has thus far been disappointing in some ways as an method of coordinating public benefit.

About 7 months ago Gardner announced she would be stepping down as ED after finding a replacement (still in progress), because:

I’ve always aimed to make the biggest contribution I can to the general public good. Today, this is pulling me towards a new and different role, one very much aligned with Wikimedia values and informed by my experiences here, and with the purpose of amplifying the voices of people advocating for the free and open internet. I don’t know exactly what this will look like — I might write a book, or start a non-profit, or work in partnership with something that already exists.

My immediate reaction to this was exactly what Виктория wrote in reply to the announcement:

I cannot help but wonder what other position can be better for fighting consumerisation, walling-in and freedom curtailment of the Internet than the position of executive director of the Wikimedia Foundation.

I could take this as confirming another of my beliefs: that the Wikimedia movement (and other constructive free/open movements and organizations) do not realize their potential political potency — for changing the policy narrative and environment, not only taking rear guard actions against the likes of SOPA. Of course then, the Wikimedia ED wouldn’t think Wikimedia the most effective place from which to work for a free and open internet. But, my beliefs are not widely held, and likely incorrect. So I was and am mostly intrigued, and eager to see what Gardner does next.

After reading the What’s *really* wrong with nonprofits post above, I noticed that 4 months ago Gardner had posted The war for the free and open internet — and how we are losing it, which I eagerly read:

[non-profit] Wikipedia is pretty much alone. It’s NOT the general rule: it’s the exception that proves the rule.
…
The internet is evolving into a private-sector space that is primarily accountable to corporate shareholders rather than citizens. It’s constantly trying to sell you stuff. It does whatever it wants with your personal information. And as it begins to be regulated or to regulate itself, it often happens in a clumsy and harmful way, hurting the internet’s ability to function for the benefit of the public. That for example was the story of SOPA.
…
[Stories of how Wikipedia can fight censorship because it is both non-profit and very popular]
…
Aside from Wikipedia, there is no large, popular space being carved out for the public good. There are a billion tiny experiments, some of them great. But we should be honest: we are not gaining ground.
…
The internet needs serious help if it is to remain free and open, a powerful contributor to the public good.

Final exercise in confirming my biases (this post): yes, what the internet needs is more spaces carved our for the public good — more Wikipedias — categories other than encyclopedia in which a commons-based product out-competes proprietary incumbents, increasing equality and freedom powerfully in both the short and long (capitalization aligned with rent seeking demolished) term. Wikipedia is unique in being wildly successful and first and foremost a website, but not alone (free software collectively must many times more liberating by any metric, some of it very high profile, eg Firefox; Open Access is making tremendous progress, and I believe PLOS may have one of the strongest claims to operating not just to make something free, but to compete directly with and eventually displace incumbents).

A free and open internet, and society, needs intense competition from commons-based initiatives in many more categories, including those considered the commanding heights of culture and commerce, eg premium video, advertising, social networking, and many others. Competition does not mean just building stuff, but making it culturally relevant, meaning making it massively popular (which Wikipedia lucked into, being the world’s greatest keyword search goldmine). Nor does it necessarily mean recapitulating proprietary products exactly, eg some product expectations might moved to ones more favorable to mass collaboration.

Perhaps Gardner’s next venture will aim to carve out a new, popular space for the public good on the internet. Perhaps it will be to incubate other projects with exactly that aim (there are many experiments, as her post notes, but not many with “take overliberate the world” vision or resources; meanwhile there is a massive ecosystem churning out and funding attempts to take over the world new proprietary products). Perhaps it will be to build something which helps non-profits leverage the extended potential of the small donor model, in a way that maximizes public good. Most likely, something not designed to confirm my biases. ☺ But, many others should do just that!

The real Open Source _ proliferation problem

Tuesday, October 22nd, 2013

The Open Source Initiative, best known for keeping a list of licenses compliant with its Open Source Definition, has hired its first-ever full time paid staffer, Patrick Masson as General Manager.

Masson’s blog has lots of good entries (if you just want to be amused, try a 10 year press release diff). One thing he bemoans repeatedly and pithily (It’s “many eyeballs…” not “many projects…”) is too much fragmentation and too little collaboration among open source projects. His most recent post, Joiners, Not Starters:

What’s painful is that there are already over 350 open source communities developing learning management systems. I find it frustrating and hypocritical to hear, “This is a great time to get involved for people who are interested in helping to shape this project…” from people who chose not to get involved–rather, choosing to do something on their own. Why is it a great time to join the Adapt project over any other existing effort looking to build community for support, contribution and collaboration? Why didn’t the folks who are developing Adapt take advantage of this great time in open source development and join an existing initiative? Indeed, couldn’t every current open source project (substituting out Adapt for their own name) use the above announcement to generate awareness and adoption of their own project?

Sounds just like the first question/advice for anyone looking to start a new organization. Economies of scale are hard to beat. But fragmentation is much worse for software, so much of its value coming from network effects. When lots of people, preferably most of the relevant population, are using a software application, it’s easy to find training, advice, employees, commercial support, and preinstalls of that software. It is easy to figure out which software is pertinent. Massively valuable stuff. Oh, and more people contributing to making the software better, if it is open source.

When there are lots of open source alternatives for a particular kind of software, and this contributes to none of them being dominant, the ability of open source to compete with proprietary vendors and deliver freedom to users and society, is severely hampered. More or less killed. (The inverse can also be true, but probably with many fewer instances.) The Linux desktop is probably an example. Further, public policy is negatively impacted: fragmented projects serve at best as existence proofs, dominant open projects powerfully shape the policy conversation, and the policy ecosystem — by wiping out the capitalization of entities aligned with rent seeking.

People who know the open source world well like to worry about about “license proliferation” (which the OSI’s license list mentioned at the beginning serves to throttle) and related, license incompatibility. I do too, including in and across nearby spaces, to the extent I think it is a minor tragedy that licenses first developed for software didn’t also come to dominate culture, data, hardware, etc, yet. But I’m pretty sure the open world could cope with each project adapting or developing a license just for its own use, though it would be hugely annoying. Fortunately, progress has often been in the right direction.

Project/program proliferation and related dwarfish network effects and collaboration are much, much bigger problems. There are cases where a dominant program has arisen from a highly fragmented field (eg WordPress among a mess of open source blog engines, Django among lots of Python web frameworks, git among a smaller number of distributed version control systems), but I’m not sure this has ever come about because people agitated against proliferation. There are standards-like collaborations among projects, such as freedesktop.org, which can result in more sharing of code and collaboration among projects, but I’m not sure do much to enable mass adoption and network effects. What more can be done, given that of course it will always be acceptable, often educational, and very occasionally wildly successful to work on Yet Another Foo?

  • The low-hanging fruit is to help projects become easier for new contributors to get involved in, and friendly for staying involved in. Decrease the cost of contributing to existing projects, more will choose to do that rather than start, or leave to start, new projects.
  • I don’t have much insight into the politically charged process of picking winners and merging efforts. Distributions (which are themselves terribly fragmented) probably already do a lot. Could they do more? Could institutions broker mergers? Could OSI? Stun all by bringing LibreOffice and OpenOffice together. GNOME, KDE, and Unity as well. How about federated social web efforts?
  • Marketing, promotion, sales. These are what any large proprietary software company does (same outside software, for publishing, etc.), and what open source projects need a lot more of, both to compete directly with proprietary industry, and to help winners with huge network effects emerge.

Each of these points also apply very strongly to non-software projects.

Another thing Masson repeatedly bemoans on his blog, and that I very much agree with, is the lack of “open” advocates eating their own dogfood — using open things other than the one they’re promoting, or open things from fields other than the one they’re supposedly opening:

However with so little folks actually interested in openness, but rather promoting their open product, we just don’t see the level of adoption we should with all open initiatives. Basically, if I can be blunt, you’re a hypocrite if you get up in front of your peers to proclaim the superiority of your project because it embraces open principles and practices, arguing it is those principles and practices that yield better products, but you yourself have not adopted other open resources. “Hold on, let me open up PowerPoint to tell you about how bad commercial software is.”

This not only harms network effects (or rather, has “open” advocates contributing to the network effects of proprietary software, culture, etc), but reduces knowledge transfer across open projects and fields. Masson seems to come from the education technology world; if that is anything like the open education[al resources] world, I suspect he’s speaking from painful experience.

Congratulations to OSI and Masson. I look froward to amazing progress on the above problems and many others! You can support their work by joining OSI as an individual member. Of course I also recommend joining the Free Software Foundation as an individual member. Because open source means freedom.

z3R01P

Monday, October 14th, 2013

Video from my conversation with Stephanie Syjuco on “intellectual property & the future of culture” at ZERO1 Garage 11 months ago is available at YouTube and archive.org (direct link to theora encoding).

As expected (see my pre-event post) the setting was great: nice space, thoughtful, well-executed and highly appropriate installation. I enjoyed the conversation; perhaps you will too.

With more time it would’ve been great to talk about some of Syjuco’s other works, many of which deal more or less directly with copying (see also interviews with Syjuco). I don’t think either of us even used the word appropriation. Nor the term “open source”, despite being in the installation title — for example, why is intersection of formal Open Source (and similar legally/voluntarily constructed commons) and art, appropriation or otherwise, vanishingly small?

ZERO1 Garage presently holds another “IP” related exhibition, Patent Pending, featuring “artworks by contemporary artists that have either resulted from, or led to, a patent that the artist has either received a patent for or is patent pending.” Sounds problematic! If you’re anywhere near San Jose, I recommend checking out the exhibition and one of its upcoming events — October 17 Post-Natural Properties: The Art of Patented Life Forms and November 1 Does the U.S. Patent System stifle innovation? As I say in the video above, and elsewhere, I hope they also consider equality and freedom.

Public copyright license readability metrics

Sunday, September 22nd, 2013

Promised boring topic blog post in form of README snapshot.

The README with tables removed has a Flesch Readability Ease score of 48.5, slightly worse than the average license text. I did not try to write intelligibly, though I should. The topic may have subconsciously restrained parenthetical discursiveness.


Automated readability metrics for public copyright licenses. Give style a list of plain license texts, generate HTML table containing metrics.

In Debian, style is available in the diction package.

License texts are referenced from the SPDX licenses list. Other license curiosities are included in licenses-other.

sh license-readability-html-table.sh licenses-spdx/*.txt licenses-other/*.txt

Background

Part of one of the goals of the Creative Commons (CC) licenses version 4.0 effort is to make the licenses "readily understood". One way to test that is with automated readability metrics, on which CC licenses version 3.0 score poorly (previous versions scored much better). I checked an early version 4.0 draft, and scored much better, more or less back to version 2.5 scores, quite an accomplishment given it is a more sophisticated license in many ways. I did not check again until the near-final 4th draft was published. Its score is not as good as early drafts, probably to be expected as details were settled, but still a big improvement over 3.0. I intended to blog the early 4.0 draft improvement at that time but didn’t get around to it.

In the meantime I’d peeked at the readability metrics for various free/open source software licenses, in part to see if copyleft-next scored better than comparable licenses (probably, though comparability is problematic). With the CC 4.0 licenses nearly final, I started a blog post about readability of various licenses, and ended up with this README and associated files.

See Caveats and Output below for readability metrics for about 228 licenses. There probably will not be any big surprises awaiting anyone familiar with the usual relatively popular licenses. A small selection of licenses not in the SPDX licenses list (including CC 4.0 drafts and copyleft-next versions) are at the end.

Next

Drafters understandably try hardest to "get the legal details right". But if "licenses are the constitutions of software communities"12, even a little bit (I think a casual reading of that quote makes licenses far more central than they are, or implies impoverished communities, but will take its repetition as an indicator of licenses’ social importance), perhaps yet more effort ought be put into making licenses more understandable.

  • There is probably a large literature on readability and understandability of contracts, legislation, regulation, and other legal texts, which ought be digested for lessons for the public copyright licensing community. Apparently many jurisdictions have "plain language" requirements for contracts. Some U.S. states require insurance forms to have a minimum Flesch Reading Ease score. Is this an indicator that readability metrics are useless, or should free/libre/open/software/knowledge communities be embarrassed that they have failed to self-regulate to this level?
  • Cloze testing and subjective evaluation (both requiring humans) and natural language processing/machine learning based metrics are suggested by a readability tools site in addition to simple automated readability metrics. The site, by Michael Curtotti, is presumably discussed in his forthcoming paper The Right to Access Implies a Right to Know: An Open Online Research Platform for Assessing the Readability of Law. Could some of these tools be useful for evaluating licenses? Barriers would include lack of interest needed to pay for human testing, and a relatively small corpus of license texts. Hopefully the source code for this platform will be made available.
  • Attempts to increase readability and understandability outside of changing the words in a license text could be evaluated, including summaries, FAQs, choosers, and typography and other design elements around web publication of the license text itself.
  • There are many additional obscure licenses intended for "content", "data", "government", and "hardware designs" not included in the SPDX license list that could be analyzed.
  • Non-English license texts could be analyzed with language-appropriate metrics. In addition to the few CECILL licenses included in the SPDX licenses list, targets could include the many official language versions of EUPL versions, unofficial translations of GPL versions, License Art Libre, various public sector-focused licenses, and hundreds of CC license "jurisdiction ports".
  • To what extent is understanding of licenses social, gained via hearsay, not based on reading license texts at all? If social learning currently predominates, does this indicate that license readability and understandability are unimportant? Or that their lack constitutes an obscurantist barrier to participation by people not socially connected to existing communities, and increase other risks, such as non-compliance through ignorance, and being ignored by policymakers?
  • Would it be valuable to use readability metrics to test other texts important to free/libre/open communities, e.g., documentation, codes of conduct, contributor agreements?

Caveats

General, with respect to the metrics:

  • Metric explanations are available in the style man page. All are problematic.
  • Lower numbers indicate better readability for all metrics except Flesch.
  • None of the metrics incorporate text length, so correlations with character count ought indicate that longer texts tend to use more or less readable language. But 3 of the metrics positively correlate readability with longer texts, and 4 negatively, which might indicate no overall correlation (taking the numbers at face value, with no further validation).
  • Not sure why Coleman-Liau’s correlations with other metrics are much weaker than among others; at a glance the formula is measuring the same types of things.
  • Arbitrarily choosing to focus on Flesch, as it seems widely used, and its more is better makes for an easier combination with text length, "Chars/(Flesch>=1)", to indicate how painful reading an entire license might be.
  • Flesch can be negative, so a minimum value of 1 is used for the pain calculation. This is arbitrary too.

The following tables are calculated in scratch.ods.

Readability metric correlations: nothing really surprising, no gross errors?
Kincaid ARI Coleman-Liau Fog Lix SMOG Flesch Chars/(Flesch>=1)
Characters 0.12 -0.10 -0.27 0.13 -0.15 0.25 -0.25 0.96
Kincaid 0.89 0.04 0.99 0.81 0.90 -0.91 0.32
ARI 0.30 0.89 0.97 0.70 -0.67 0.10
Coleman-Liau 0.07 0.41 0.11 -0.09 -0.20
Fog 0.82 0.93 -0.90 0.33
Lix 0.63 -0.59 0.04
SMOG -0.95 0.43
Flesch -0.43
Aggregate metrics: compare your favorite license to the masses and outliers.
Characters Kincaid ARI Coleman-Liau Fog Lix SMOG Flesch Chars/(Flesch>=1)
average 8318.7 12.8 16.0 14.5 16.1 59.1 13.4 50.7 177
median 7321.5 12.6 15.4 14.4 15.9 57.9 13.2 50.4 160
stdev 6864.8 2.9 3.5 1.4 3.1 7.4 1.8 11.1 152
min 209 4.5 8.2 10.3 7.0 42.5 7.6 -25.8 2
max 36285 37.0 45.7 18.0 40.3 116.8 24.9 83.3 806

With respect to particular licenses:

  • The CECILL licenses, except 1.1, are in French. These readability metrics may not be tuned for French, though the results do not look weird.
  • The CC by-nc-sa-4.0-drafts are drafts. Every other license analyzed is "released".
  • GPL-[version]-with-[exception name]-exception are not complete licenses, should be appended to the relevant GPL-[version]. However, standalone (as provided by the SPDX licenses list) provides an idea of how readable each exception is.
  • LGPL-3.0[+] incorporates GPL-3.0 by reference, so it is not directly comparable to GPL-with-exceptions above, nor with other licenses.
  • Some licenses (most notably [A]GPL and FDL) have a preamble or addendum which explain the license’s purpose and how to use the license. This makes such a license longer, but arguably increases understandability in a way not captured by an automated readability metric.
  • The only license with a negative Flesch score is the Historic Permission Notice and Disclaimer (HPND), which is deprecated. It deserves the score, basically being a template with many optional and fill-in parts.
  • The longest and also most "painful" to read license, the Adaptive Public License (APL), is also basically a template with options and fill-in parts.
  • The shortest and also least "painful" to read license, the Fair License might require too much imagination about what "usage" means to actually be easily understandable.

Output

SHA1 License Characters Kincaid ARI Coleman-Liau Fog Lix SMOG Flesch Chars/(Flesch>=1)
f53aa44a98a67f79d79bb061a39ac0694c017d88 AAL 2347 14.7 20.8 16.1 17.9 69.6 13.7 49.4 47
b26853ef3e258172c7bc9e7a69e9582d651c0269 AFL-1.1 3827 11.1 15.9 15.3 15.1 59.6 12.8 59.7 64
54f83bc9e70424af32e5a133c47e76698086369c AFL-1.2 4059 13.7 15.8 15.2 18.3 58.8 15.4 41.1 98
735e1f8b4613292d7d80e51e5a586e34ac852a74 AFL-2.0 7105 12.8 14.4 14.7 17.0 56.5 14.6 44.1 161
fedb7d79211a6e58a65b46985f47fa834b00ee6f AFL-2.1 7103 12.8 14.4 14.8 17.0 56.4 14.6 44.0 161
5b400f7a1518b5e43a913085fa338e3df1e9e241 AFL-3.0 8314 13.8 15.6 14.4 17.8 58.2 15.0 42.2 197
ecf6b4a3803b9706a0c38d30b0d07b0c624001ed AGPL-1.0 12578 19.0 23.4 12.5 21.9 71.9 14.8 38.0 331
c34c24e89e6c26506a4aa9535425afe6af4ab700 AGPL-3.0 27208 14.4 16.8 13.4 17.5 59.1 14.2 44.8 607
2b6ca3805481833fddead9c45f92fe4c81d4017d Aladdin 9270 13.6 16.9 13.2 17.0 60.1 13.5 51.6 179
295765ae399d1a9ced2bc4e1fb096e83e529cbfa ANTLR-PD 792 10.3 11.4 12.3 13.8 43.6 12.3 58.4 13
acc3577130a1e528970142d1e5180f554b7fdad9 Apache-1.0 2021 10.7 15.8 16.2 13.9 55.5 12.0 60.0 33
81d8a4169126e0af11b4d51449b6c420880c6d40 Apache-1.1 2017 11.0 16.5 17.9 14.0 60.0 12.3 55.7 36
8ffe2c5c25b85e52f42fcde68c2cf6a88b7abd69 Apache-2.0 8310 16.8 19.8 15.1 20.7 64.6 16.6 33.6 247
4f97e77af1aac9f8ef6500cd2a08915741c37f2c APL-1.0 36285 14.2 17.7 14.8 18.1 62.4 14.9 45.0 806
158031d76c5611507e81870b0a649461eb74be7f APSL-1.0 15302 12.5 15.2 13.7 15.7 55.9 13.1 51.9 294
e444feb210ce2096e565fb0613f98d04f2d97f91 APSL-1.1 15735 13.1 16.0 13.8 16.2 57.1 13.4 50.2 313
a19d874fcde9c037e40cd41916697ac5aac2e220 APSL-1.2 15603 13.1 16.1 13.9 16.2 57.6 13.4 50.0 312
b64068ced2da810cdadd07ac9053c192271e0a56 APSL-2.0 15945 12.4 15.4 14.0 15.4 56.0 12.8 52.2 305
c11ec559ebca765ba8f8d16634e288cdc75dff81 Artistic-1.0-cl8 3689 11.7 13.8 13.9 14.0 55.0 12.1 51.8 71
bcd8b4d1a1af706aaa1337811786a9dc6673c822 Artistic-1.0-Perl 4308 12.6 14.8 13.6 15.0 57.1 12.6 49.9 86
17c9069548d063de8fefb58b995be99c1d08bd45 Artistic-1.0 3421 11.6 13.7 14.0 13.8 54.8 12.0 52.2 65
8e42910d467b06d6af9a008678122dc61a245fcc Artistic-2.0 6949 13.1 16.1 14.5 15.4 60.7 12.8 48.3 143
d82c8eb2abc453fbd4a56aca46b22fe9fdad780d BitTorrent-1.0 19085 20.9 25.7 14.2 24.3 79.0 17.2 27.7 688
d183df8131a7114052fc3c3de647dca5fbdcb79a BitTorrent-1.1 22188 12.3 14.4 14.3 15.5 56.9 13.3 48.9 453
f45386af24b0d36976c96eac8baf5d205bed1570 BSD-2-Clause-FreeBSD 1240 11.5 18.5 16.5 15.2 66.3 12.1 62.9 19
a61e0646333b20301525695918aae3656344f611 BSD-2-Clause-NetBSD 1137 10.2 17.3 16.4 14.1 61.6 11.4 68.2 16
0fa6c43e2345f4768176f63ad24e469b832a40ac BSD-2-Clause 1046 12.3 20.3 16.5 16.1 68.0 11.9 63.8 16
cab0ab541f4f5f1ecf493b9259617df33dcbfa3d BSD-3-Clause-Clear 1372 11.5 18.1 15.9 14.9 64.8 11.8 63.3 21
54f1eeb17a7341ea0a0261a59bc5170b23137eb9 BSD-3-Clause 1200 12.5 20.0 16.3 16.0 68.2 12.0 61.5 19
f579ecea35ef059d706b32108097a960990b777d BSD-4-Clause 1325 11.9 18.0 17.0 15.5 65.1 12.8 57.0 23
837b0df8f4d995591d45c939cf567d6db8ba03d8 BSD-4-Clause-UC 1448 11.9 17.9 17.3 15.9 65.3 13.4 55.7 25
388fa291da4bd074a17d7b33334696eb71bf5ff8 BSL-1.0 1084 21.8 29.1 14.5 25.3 87.3 15.8 33.0 32
0302aaced8d1dbe1916fa0281c6a717069fda16f CATOSL-1.1 15220 15.6 18.9 15.3 19.3 65.0 15.7 38.1 399
74286ae0dfea38c489437bf659b209737945145c CC0-1.0 5116 16.2 19.5 15.0 19.5 66.3 15.6 36.8 139
c766cc6d5e63277e46a3d83c6254e3528082587b CC-BY-1.0 8867 12.6 15.5 14.1 16.4 57.8 13.8 51.3 172
bf23729bec8ffd0de4d319fb33395c595c5c762b CC-BY-2.0 9781 12.1 14.9 14.3 16.1 56.7 13.7 51.9 188
024bb6d37d0a17624cf532bd14fbd42e15c5a963 CC-BY-2.5 9867 11.9 14.7 14.2 15.8 56.3 13.6 52.6 187
20dc61b94cfe1f4ba5814b340095b4c3fa23e801 CC-BY-3.0 14956 16.1 19.4 14.1 20.4 66.1 16.2 40.0 373
e0c4b13ec5f9b5702d2e8b88d98b803e07d65cf8 CC-BY-NC-1.0 9313 13.2 16.2 14.3 17.0 59.3 14.1 49.3 188
970421995789d2e8189bb12071ab838a3fcf2a1a CC-BY-NC-2.0 10635 13.1 16.1 14.6 17.2 59.5 14.4 48.1 221
08773bb9bc13959c6f00fd49fcc081d69bda2744 CC-BY-NC-2.5 10721 12.9 15.8 14.5 16.9 59.0 14.2 48.9 219
9639556280637272ace081949f2a95f9153c0461 CC-BY-NC-3.0 15732 16.5 19.9 14.1 20.8 67.2 16.4 38.7 406
9ab2a3818e6ccefbc6ffdd48df7ecaec25e32e41 CC-BY-NC-ND-1.0 8729 12.7 15.8 14.4 16.4 58.6 13.8 51.0 171
966c97357e3b529e9c8bb8166fbb871c5bc31211 CC-BY-NC-ND-2.0 10074 13.0 16.1 14.7 17.0 59.7 14.3 48.8 206
c659a0e3a5ee8eba94aec903abdef85af353f11f CC-BY-NC-ND-2.5 10176 12.8 15.9 14.6 16.8 59.2 14.2 49.3 206
ad4d3e6d1fb6f89bbd28a44e263a89430b575dfa CC-BY-NC-ND-3.0 14356 16.3 19.7 14.1 20.5 66.8 16.2 39.7 361
39b2ef67be9e5b4e743e5269a31ad1691515eede CC-BY-NC-SA-1.0 10228 13.3 16.3 14.2 17.0 59.7 14.2 48.4 211
5800ac2d32e35ace035cdcae693423cd9ff5bb6f CC-BY-NC-SA-2.0 11927 13.3 16.2 14.7 17.1 60.0 14.4 47.0 253
e5f44c2df6b1391d1ddb6efb2db6f90670e4ae67 CC-BY-NC-SA-2.5 12013 13.1 16.0 14.6 16.9 59.6 14.2 47.7 251
a63b7e81e7b9e30df5d253aed1d2991af47992df CC-BY-NC-SA-3.0 17134 16.4 19.7 14.2 20.6 67.0 16.3 38.8 441
e4851120f7e75e55b82a2c007ed98ffc962f5fa9 CC-BY-ND-1.0 8280 12.3 15.5 14.3 16.1 57.9 13.6 52.4 158
f1aa9011714f0f91005b4c9eb839bdb2b4760bad CC-BY-ND-2.0 9228 11.9 14.9 14.5 15.8 56.9 13.5 52.7 175
5f665a8d7ac1b8fbf6b9af6fa5d53cecb05a1bd3 CC-BY-ND-2.5 9330 11.8 14.7 14.4 15.6 56.5 13.4 53.2 175
3fb39a1e46419e83c99e4c9b6731268cbd1591cd CC-BY-ND-3.0 13591 15.8 19.2 14.1 20.0 65.6 15.9 41.2 329
dda55573a1a3a80d294b1bb9e1eeb3a6c722968c CC-BY-SA-1.0 9779 13.1 16.1 14.2 16.8 59.1 14.0 49.5 197
9cceb80d865e52462983a441904ef037cf3a4576 CC-BY-SA-2.0 11044 12.5 15.3 14.4 16.2 57.9 13.8 50.2 220
662ca9fce7fed61439fcbc27ca0d6db0885718d9 CC-BY-SA-2.5 11130 12.3 15.0 14.4 16.0 57.5 13.6 50.9 218
4a5bb64814336fb26a9e5d36f22896ce4d66f5e0 CC-BY-SA-3.0 17013 16.4 19.8 14.1 20.5 67.2 16.2 38.9 437
238de92eb09c2e33e4e5fb438fe578fe5179276b CDDL-1.0 12605 11.6 13.9 14.9 14.7 55.1 12.9 50.4 250
8c7adc36e1b6f20e0cfa5fc40cefe6a427fb2cb6 CDDL-1.1 13407 12.0 14.4 15.0 15.1 56.0 13.2 49.5 270
46ebe8c487ec3e321842ed1325d98d757f965e14 CECILL-1.0 14796 11.9 12.3 11.1 15.5 51.1 13.3 53.4 277
052845a59dca83a104558addc1fdfb2cff82d328 CECILL-1.1 15874 12.0 14.1 14.3 15.4 54.3 13.4 49.9 318
c8ddd94454934cb1869ef96bddc93ff44039c591 CECILL-2.0 15163 13.2 14.0 11.1 17.0 55.0 14.1 49.9 303
04e73e027c1f47dbf743cb013480bbc974e3a8c3 CECILL-B 15337 13.4 14.2 11.3 17.1 55.5 14.2 49.2 311
1308e5090e66dcba2e594950dc4a8021551fa540 CECILL-C 15646 13.9 14.7 11.0 17.7 56.2 14.5 48.0 325
10ae2b5540f376c8cac9ccedc38ddc3435207efa ClArtistic 4511 12.5 14.8 14.0 14.8 57.3 12.6 49.6 90
cebccd48cf2bad04b29e863c564d8fd1c1f5ee15 CNRI-Python-GPL-Compatible 3172 13.0 17.8 15.6 16.2 62.1 13.1 52.7 60
18756dcb45d9598b5281368a7d35cd5e9a88306b CNRI-Python 2699 12.0 16.4 14.0 15.1 59.0 12.1 59.0 45
4bb47f04bcd1c7afb44ceb13c3bd2f62b9e0af6e Condor-1.1 4855 12.3 16.1 16.0 14.8 59.8 12.6 50.5 96
a4ece6afe1e4e92ba5985bba6f1ce76d2ee24dbb CPAL-1.0 22039 12.7 14.7 14.4 16.2 56.2 13.9 47.0 468
433089094810035bd296b27931ff68464676ed5b CPL-1.0 9273 14.8 18.1 16.6 18.3 63.6 15.3 37.7 245
251beebfa122c0c58abf32bb8224e1b9ebb6db59 CPOL-1.02 9216 10.7 13.1 13.1 14.0 49.9 12.1 59.5 154
a529e9bff1eb4f976a9bf1eb3ef8054e52967a91 CUA-OPL-1.0 18086 12.1 14.3 14.3 15.3 55.0 13.3 49.6 364
0a5785a9fe34a8f779ee79f8333ee766d5c0676e D-FSL-1.0 12123 11.4 14.0 17.2 13.9 49.2 12.5 45.1 268
04ed6736b16995b2bbd3fd7b4fb1cb6efa44b6a6 ECL-1.0 1949 15.2 18.9 15.6 19.4 67.7 15.8 40.2 48
2a3706dec618b5198ba177691bbf30d97becc7a8 ECL-2.0 8955 17.0 20.0 15.2 20.9 65.4 16.8 32.5 275
8d7c74721fac21d583f9bffafb5747ad6994f695 eCos-2.0 1148 11.0 12.7 11.2 14.0 49.4 11.7 60.7 18
7b8021b0d18d9fd4f5ac7bac3a5584c9fb4d5966 EFL-1.0 521 6.6 13.1 14.9 9.6 58.0 7.9 83.3 6
530270003ac19b54a548e13b08108c1abf166a09 EFL-2.0 630 6.3 11.5 14.4 8.7 56.6 7.6 81.0 7
a3ce248131ee7e9eca19460ddd1c7858350aed9e Entessa 1827 9.8 15.1 17.0 12.8 59.5 11.4 61.2 29
11fadbd49466127930da08f01fea6c803dc8c462 EPL-1.0 9028 14.6 17.9 16.6 18.1 63.4 15.2 38.5 234
5a46ff9626e703387228d6de1d695ce9d8d47931 ErlPL-1.1 11028 11.9 14.1 14.2 15.2 54.6 13.1 50.5 218
9098acfa2c2b7780da7d3644faa81df5a44a0536 EUDatagrid 2605 14.0 19.8 18.0 17.6 69.3 14.5 45.0 57
4654cbafc6474f59de1234a11eb6462a02aaffe6 EUPL-1.0 9821 12.6 13.8 13.5 16.4 54.1 14.1 46.5 211
2aeeba8e44c78afd0b9064a43a277158cb018227 EUPL-1.1 10047 12.6 13.8 13.7 16.4 54.3 14.1 46.3 216
5c18b40cb5bbd57b858a2e2827fc89d66e202894 Fair 209 4.5 8.2 15.0 7.0 42.5 7.7 80.4 2
bded6d45d800403709fa630a58c0f1d68e3365e7 Frameworx-1.0 7536 17.4 22.0 16.3 21.5 72.4 17.0 33.4 225
f3a7b9a82d2cecb0edcf57d7d8aa0e37f6fcde66 FTL 4580 10.2 12.4 13.8 13.2 53.1 11.8 57.9 79
579a1d52e08b7a09429df7f7651dd3ef747727c7 GFDL-1.1 14318 12.5 14.4 13.5 15.4 56.1 13.1 49.9 286
eb670eaf7269bf3cb8990a52b05618e5dbd963b6 GFDL-1.2 16124 12.3 14.2 13.6 15.4 55.7 13.2 50.1 321
394dbacde4c26a5f58c9823e25ef6e937eba75a3 GFDL-1.3 18147 12.6 14.6 13.5 15.8 56.1 13.4 49.3 368
21d887b87b4297c5b6eea0c300b77ee8b3f8337d GPL-1.0 9288 12.2 14.9 12.2 15.1 54.6 12.1 57.4 161
21d887b87b4297c5b6eea0c300b77ee8b3f8337d GPL-1.0+ 9288 12.2 14.9 12.2 15.1 54.6 12.1 57.4 161
0473f7b5cf37740d7170f29232a0bd088d0b16f0 GPL-2.0 13664 13.3 16.2 12.5 16.2 57.0 12.7 52.9 258
80c08b24ac7e98376c0c387a1890a283e9c5ffe0 GPL-2.0+ 13664 13.3 16.2 12.5 16.2 57.0 12.7 52.9 258
3a9262b9d066ce5d41feb871b1f786336a20628b GPL-2.0-with-autoconf-exception 1313 12.0 13.8 12.9 14.7 53.5 12.5 52.8 24
86084a36e75fb92c36082dd61ac812495446f6d8 GPL-2.0-with-bison-exception 561 18.3 20.7 12.7 21.0 64.5 15.6 32.7 17
be15f8fcc097be4db1cfef6f469108b4364db84e GPL-2.0-with-classpath-exception 785 13.2 14.9 12.7 16.7 55.4 14.0 48.4 16
3cddc56f4cb24809cabd4af80ce3d3bda97152f8 GPL-2.0-with-font-exception 492 12.5 13.3 10.3 16.9 51.2 14.0 55.2 8
22ece69587f935f0bf61df00cec4b2c4f73163f7 GPL-2.0-with-GCC-exception 283 24.7 30.3 15.1 29.0 87.3 20.3 14.2 19
d4ec7d0b46077b89870c66cb829457041cd03e8d GPL-3.0 27588 13.7 16.0 13.3 16.8 57.5 13.8 47.2 584
d4ec7d0b46077b89870c66cb829457041cd03e8d GPL-3.0+ 27588 13.7 16.0 13.3 16.8 57.5 13.8 47.2 584
a0ac5d9bc70d97d2f2068f87779aa9fe35368dd8 GPL-3.0-with-autoconf-exception 1460 10.3 12.0 14.1 13.5 51.5 12.2 55.5 26
3d7d507c4df41892664f128b810daf0131e0b817 GPL-3.0-with-GCC-exception 2716 13.4 15.1 15.2 16.3 58.5 14.0 40.6 66
36f65f578919826062bffcca2557317294953ad3 gSOAP-1.3b 15881 10.6 14.1 14.3 13.8 55.2 11.9 59.5 266
5f20c1e3037bc2aba7780b6e69a0a10004811a5a HPND 458 37.0 45.7 17.5 40.3 116.8 24.9 -25.8 458
80de1c399f7117b9c56a196048df93b8c41d8e4f IBM-pibs 623 12.4 14.5 13.6 15.4 53.8 13.1 50.8 12
f854fffe51b32ca7b7dfa93662444aec6cb96f49 IJG 3294 9.0 10.3 13.2 12.1 46.1 11.2 61.1 53
375a8db2e5dafcdccfd8b45da15b7e74d9332353 Imlib2 1632 13.9 18.6 14.4 17.1 64.5 13.2 52.2 31
df867beac70889c3e7c68ae5ff5f377ed50118b7 Intel 1508 8.4 13.7 15.5 12.1 53.4 10.7 71.0 21
a9772a55cbe512cb612ecbb89cd65a6b19ee6bf8 IPA 7214 13.9 17.2 14.7 17.6 66.6 14.6 46.2 156
9a1ce5b388ac0523419987d4a75006e099850126 IPL-1.0 8989 13.5 16.4 16.7 17.1 60.6 14.7 40.6 221
18f98daf7abe3959a3a7a0642ec6106f55c4a54d ISC 663 8.9 15.6 14.2 11.9 59.8 8.5 77.6 8
95d1a9940f507660b5cd6afb4f91363d07c59933 JSON 894 13.9 20.0 13.6 17.2 68.8 11.8 59.0 15
1fec28a7b0a64d83a5922274069b90804012ca6f LGPL-2.0 19661 13.1 15.5 12.4 16.0 56.6 12.8 52.2 376
1fec28a7b0a64d83a5922274069b90804012ca6f LGPL-2.0+ 19661 13.1 15.5 12.4 16.0 56.6 12.8 52.2 376
46dee26f31cce329fa13eacb74f8ac5e52723380 LGPL-2.1 20570 13.2 15.6 12.5 15.9 56.8 12.7 51.8 397
46dee26f31cce329fa13eacb74f8ac5e52723380 LGPL-2.1+ 20570 13.2 15.6 12.5 15.9 56.8 12.7 51.8 397
c902338383ea4324b02c8fa7fc6054bf100b2c06 LGPL-3.0 5887 13.1 14.9 12.7 15.7 56.8 13.0 49.5 118
c902338383ea4324b02c8fa7fc6054bf100b2c06 LGPL-3.0+ 5887 13.1 14.9 12.7 15.7 56.8 13.0 49.5 118
07041306373f72b71a8d4ecf55f268d47ab70404 Libpng 2854 9.8 12.2 14.2 13.2 49.3 11.9 59.1 48
0659190facd4ce63eb62a5cfcb64c85685b9b879 LPL-1.02 9329 13.5 16.5 16.8 17.2 60.7 14.7 40.3 231
c49cfb2721bfaa5a3aec5108c56582ba981f120f LPL-1.0 9358 13.6 16.5 16.6 17.2 61.1 14.7 40.4 231
2063306474e511b6f156a1d6be84002c05e78833 LPPL-1.0 6647 12.8 14.1 13.4 15.5 53.7 13.2 46.3 143
a97c5a459de398311c98f4ac9226fa8f8302eccc LPPL-1.1 10684 14.4 16.1 13.4 17.6 59.0 14.5 42.2 253
3be04fe75fae2be93de36fe7dfd6c1b9dbd282c9 LPPL-1.2 10749 14.5 16.2 13.4 17.6 59.1 14.5 42.0 255
2c40ed15717ba7ffcf1f93fa2d6f31b5d930237f LPPL-1.3a 13966 13.2 15.2 12.9 16.6 55.0 13.8 49.4 282
6820ac06cce2932140b6f0f3e7e4579021d81623 LPPL-1.3c 14405 13.2 15.2 12.8 16.7 55.1 13.9 49.3 292
025f38a752cdd6f4ffd5847c8eb6af0265f62b9a MirOS 1680 16.3 18.5 11.1 19.2 62.9 14.1 44.0 38
d25ad2c65dde58aeacd9ad6ef9faff476bcbf19e MIT 866 16.8 23.8 14.2 20.1 77.8 12.9 50.2 17
47cd2bb52728ba7fe49c302ce2fcf9f07a69031c Motosoto 16170 12.9 15.4 14.4 16.0 58.8 13.5 48.0 336
ae49332ade14c453c46e44548bdb35e5a6457890 MPL-1.0 13965 11.2 13.5 14.0 14.4 53.6 12.6 54.4 256
90c670fbb524656b8196aa2065bf3bb1d3e8ced5 MPL-1.1 18213 13.0 15.4 14.4 16.2 57.3 13.8 46.9 388
78fe0ed5d283fd1df26be9b4afe8a82124624180 MPL-2.0-no-copyleft-exception 11766 14.7 16.9 14.5 17.9 60.5 14.9 40.1 293
78fe0ed5d283fd1df26be9b4afe8a82124624180 MPL-2.0 11766 14.7 16.9 14.5 17.9 60.5 14.9 40.1 293
d0f1fedc0533327331d9c9d9c2a9ef4326306212 MS-PL 2104 12.3 13.8 15.1 14.8 54.5 13.1 44.7 47
c510da2adf4c570a4401348a0051b41484b6e151 MS-RL 2415 12.3 14.0 14.6 14.8 53.9 12.9 46.8 51
4f02ff8d7e1f78728913bcadb7735afd5aadac0b Multics 1528 14.6 17.7 18.0 19.3 66.3 16.2 33.1 46
6c88b19d555e1a1828ccfc82627d53efafebe5fe NASA-1.3 11113 9.6 12.4 16.2 13.1 53.3 12.0 55.6 199
583435eee5df415ff8d2af1d5db5e47b1bb10a0c Naumen 1577 9.8 15.0 15.5 13.3 55.8 11.5 65.1 24
1910aad3d5cef18f02d842b379bf1a37bcd9316a NBPL-1.0 3879 11.6 13.7 14.0 13.9 54.9 12.1 52.2 74
fb6606a9d8eddaa82be2e51e534ee0e466755265 NCSA 1363 14.4 19.7 15.8 18.2 66.8 14.5 48.0 28
203f45fe393cee8c20a2c6354d815d8f1ce8965a NGPL 3666 10.7 12.7 12.4 13.4 50.2 11.5 59.7 61
bcfa1513b1b3fe4c06d832e4e1a98b694b936b9e Nokia 16605 12.5 15.3 14.8 15.7 57.7 13.4 49.0 338
8932181884589205d2a999827cb7da821a0cad53 NOSL 18392 12.1 14.2 14.2 15.3 55.1 13.2 49.9 368
31e0d4850f7e5bf3f5f48f3302f75cc09f326680 NPL-1.0 16286 11.4 13.7 14.1 14.5 54.2 12.7 53.5 304
3019e515abc1d4c8e82a09fe574d01875ab05ab1 NPL-1.1 21636 13.0 15.5 14.3 16.1 57.9 13.6 47.4 456
db3b003197b39a73df2fab3c2505fbb99dd92e70 NPOSL-3.0 9502 13.7 15.5 14.6 17.6 58.9 14.9 41.9 226
d8864d8d46c52460ee2a2d05572de9cdefa121ce NTP 584 18.9 22.4 17.6 21.1 72.2 16.8 20.9 27
1a5cc6614a1ac2cde709527063adc051aaef5b59 OCLC-2.0 8679 10.8 13.7 14.9 14.1 54.4 12.5 54.8 158
5d5071c43c31f56f9a48750d7015c34883ebbc8a ODbL-1.0 19659 12.5 13.4 13.7 16.6 54.2 14.3 45.6 431
eefe55ea67004f87ce035c998f593f7014fd14a0 OFL-1.0 3018 13.2 17.3 14.0 16.1 60.8 12.6 53.5 56
8042b321424aa7ad59076ed53910f3ba8cfdc444 OFL-1.1 3227 12.6 16.3 14.0 15.4 58.9 12.5 54.0 59
47409e4b3d9391bc1717b55788d67308b3645161 OGTSL 3724 11.3 13.6 14.0 14.2 54.0 12.4 53.6 69
1809980eae5c6027f604dcc623479fdcf111dfdf OLDAP-1.1 3854 11.2 13.3 14.0 13.5 54.1 11.9 53.3 72
00d6a7524efe17277039661ea99957e4da93edce OLDAP-1.2 3858 11.3 13.3 14.0 13.6 54.2 11.9 53.0 72
04904f47ddad228383ac8e19316ae560f2cc9139 OLDAP-1.3 4187 11.8 13.9 14.1 14.1 55.5 12.2 51.4 81
64859bfbec0602a1d98de6823e667157aed72996 OLDAP-1.4 4252 11.7 13.8 14.1 14.0 55.3 12.1 51.8 82
cda18d60730759abf0ec90725d458b10e2b9e36c OLDAP-2.0.1 1604 9.7 15.9 17.1 13.3 62.8 11.6 65.0 24
39905c3bae9b696f91b3387252efee9661c46744 OLDAP-2.0 1607 9.7 15.9 17.1 13.3 62.8 11.6 65.1 24
3bf504932fc78f4c32786c65393c048b055cd88e OLDAP-2.1 1800 9.2 14.7 16.6 12.7 59.9 11.3 65.8 27
17608c92f8eca35786067eba1c42a28291ce96de OLDAP-2.2.1 1816 9.2 14.7 16.3 12.9 59.3 11.4 66.1 27
e19ccd84c7378a721a1689eee6e8d155d58fe52a OLDAP-2.2.2 1836 9.4 14.9 16.6 13.4 60.4 11.9 64.6 28
8d6770bb082eadd17d814495c2fcf8d24bd49b07 OLDAP-2.2 1804 9.1 14.6 16.3 12.7 59.1 11.3 66.5 27
5aaf8041616d468dcf2f8adc15d8ee8047e643d7 OLDAP-2.3 1834 9.4 14.9 16.5 13.4 60.4 11.9 64.6 28
70fc08e656d3e4ce80cc6118414fa379e5cff63c OLDAP-2.4 1726 9.8 14.9 16.5 13.9 60.4 12.3 62.5 27
3bbe28af43f6d59244ee3d60894e73718cca4656 OLDAP-2.5 1758 9.8 14.8 16.0 13.8 59.8 12.2 63.3 27
ebf1ba925ef83d6a1158ad0204a8e8707f30324b OLDAP-2.6 1712 10.2 15.4 16.2 14.3 61.2 12.5 62.3 27
18a7008a9e4f4ce6651236427cb165bbbb32dc96 OLDAP-2.7 1792 10.0 15.1 16.0 14.0 60.4 12.3 62.6 28
daee80ea2d9c79b8f36319e17f8eb72c58114879 OLDAP-2.8 1790 10.0 15.0 16.0 13.9 60.1 12.2 62.8 28
f63158eb54c637627c609bb57833cc27093840b0 OpenSSL 4175 10.7 15.6 15.7 14.0 60.7 12.0 60.5 69
d87f38eee3178884ac7922ee2bc7af85a5cb620f OPL-1.0 15610 12.0 14.2 14.2 15.2 54.8 13.1 50.4 309
9fbd6c8b270f7383bb99df0191ac919e9f1e0f50 OSL-1.0 7078 11.7 15.0 14.8 15.3 57.6 13.2 53.4 132
9e3b5bd8803fe6518c1df58c90a2f27279285383 OSL-2.0 7853 13.2 14.9 14.4 17.3 57.3 14.7 43.8 179
86b22069d64687af5e2e791dbf3cdfe212117a0a OSL-2.1 7851 13.0 14.7 14.5 17.2 56.9 14.7 44.1 178
ff5e10e2563c74f29a3aec4a23ff29f45c0c3f88 OSL-3.0 8307 13.7 15.6 14.4 17.6 58.2 14.9 42.4 195
2d059b9dbb826799e0616f01fe336defd7915cc9 PDDL-1.0 12455 11.7 13.0 13.6 15.6 49.4 13.6 50.3 247
1816b5611a38aa92e72c19872d0aeaba2de6e7b4 PHP-3.01 2280 8.6 12.5 13.6 11.5 49.9 10.1 70.4 32
6204ef6d604c3124f574ee2b0c05b5c2c2ce4d4e PHP-3.0 2271 8.6 12.4 13.6 11.5 49.7 10.1 70.6 32
ffd7ec6573f5a0046e4091c3ccb6c8562e620c76 PostgreSQL 978 16.9 26.7 16.9 20.3 84.3 12.5 52.6 18
8e52b19d8b7af858f8d65a795d600a0c29bcc488 Python-2.0 7483 12.8 18.1 14.9 15.9 63.3 12.4 56.4 132
cfe6913b8af9e08dc0476896e2825bd3c2e3bd60 QPL-1.0 3529 12.9 14.9 15.3 15.5 56.6 13.4 43.8 80
fe5002688af6e08772e9c5e87035a24cf7d65057 RHeCos-1.1 16857 12.0 14.8 13.7 15.3 55.9 12.9 54.3 310
b18f7b4788d54f876001eb744e6e9ef7b6a90229 RPL-1.1 27119 12.6 15.8 15.0 15.9 59.2 13.5 49.7 545
3ff0d1b2011ba1792e59c614696ceb0eafda65c9 RPL-1.5 25393 12.3 15.4 15.0 15.7 58.4 13.4 50.0 507
eed9143202e3cc9e40c8ea2a5522cab69ab875cb RPSL-1.0 23768 14.0 16.9 14.4 17.2 60.3 14.2 45.3 524
6142a28306a98801d75eda3b10be6e689c6c1b3d RSCPL 16273 11.6 14.0 14.2 14.9 53.1 13.0 52.9 307
4c00bf0a49428c5572a2651fcee55dda86d160de Ruby 1913 19.6 23.4 13.6 22.8 71.0 16.5 30.4 62
b349e32616df129a43f4915f15bc7363efbd5736 SAX-PD 1730 11.8 13.0 12.0 14.6 49.8 12.4 54.2 31
59b7423f8583f65c5ed6c5789e4bb50d1c9eb48d SGI-B-1.0 10452 10.3 12.9 14.7 13.8 53.6 12.3 56.6 184
3c865d4d01abb6e12e87a55ab4a6f32ec6f26e11 SGI-B-1.1 11272 10.9 13.5 14.6 14.2 55.0 12.5 54.9 205
482c60ab189d8a097558134505f00d37ad167089 SGI-B-2.0 1155 9.7 13.9 14.3 12.8 57.1 10.9 65.6 17
2d913cb49e14d68db24e248412cc346c486a134b SimPL-2.0 1982 10.8 12.9 11.3 14.3 47.2 11.9 62.5 31
00b6083c2e6d5f10eade11a8e7a81b019e777e6d SISSL-1.2 9715 10.9 12.9 13.9 14.2 51.9 12.6 54.4 178
58d422e2fb51a3d64d6773e65e7bec3d33334a13 SISSL 11086 11.3 13.9 13.8 14.8 54.2 12.8 55.4 200
a1ebd9c1e79d08c3d342a2e6b49f1fa9fdb59e9e Sleepycat 4034 11.6 17.8 16.0 15.2 63.4 12.3 61.3 65
29fcf0e1356a3625ad0e4ced9f282cc31e2fcb87 SMLNJ 923 20.8 25.3 15.4 24.3 76.3 18.0 23.6 39
d93e3210aeffc64d43ee7e47e108cf8a7d5f6d44 SPL-1.0 17878 11.9 14.0 14.3 15.2 54.4 13.2 50.0 357
088641c6a445bf1cb01a4b0b060a6d7731401b83 SugarCRM-1.1.3 19078 11.9 14.0 14.3 15.0 54.5 13.1 50.3 379
ff007ce11f3ff7964f1a5b04202c4e95b5c82c85 Unlicense 926 10.8 15.1 12.9 14.0 56.1 11.0 66.2 13
51fcabf2b2216f7a32d58e4bac53ef10cd7c4305 VSL-1.0 1675 10.7 16.5 17.3 13.2 60.5 11.3 59.5 28
321fc468cdbdd00cb1a3fef7e9f2b53c49cb95fd W3C 2182 13.1 17.2 15.2 16.3 62.4 13.4 50.1 43
9a81c35d5a8bd3c02e017d1f6a05af59c2e4fb6e Watcom-1.0 16562 13.1 16.3 13.9 16.3 57.8 13.4 50.6 327
ceffa174420c734f28329d45a2782584cb693192 WTFPL 341 9.3 12.5 11.0 13.2 53.0 10.7 73.2 4
aac0a17c95873a6983c546bf8a1b8d5574b4517d WXwindows 1862 13.1 16.2 12.8 15.3 58.7 11.7 53.5 34
f6cdf05df7acdde7587a632d418465e3547fe498 X11 1075 14.9 20.0 13.2 18.4 68.4 13.2 52.8 20
56f041b77f41fa7e2353b711ec2e116467a48015 XFree86-1.1 1913 14.4 19.9 15.2 17.7 66.3 13.6 51.0 37
7815253be63682b2ab88623d3eb2748c6a099a1d Xnet 1000 11.5 16.2 13.1 15.0 61.0 11.5 64.5 15
2ebb89d44df1431221b9050fe35c359c4e6a2e46 YPL-1.0 6882 10.5 13.2 14.1 13.7 52.3 12.1 58.0 118
fbc04592ee3c671408fcc39eae398613b26be187 YPL-1.1 6882 10.7 13.4 14.1 13.9 52.6 12.1 57.6 119
fc3ed4984f4376db6672f9c568bdf03af2eedcc4 Zimbra-1.3 7216 15.0 19.0 14.0 18.3 63.7 14.2 46.2 156
79918b0a3364753d0d509682df8cfb8082e252d9 Zlib 657 10.0 11.7 14.0 13.0 50.9 11.8 56.5 11
fe67fb158e684e2bbea78602f736c4254384c1ea ZPL-1.1 2339 11.1 15.3 16.9 14.9 58.1 13.1 53.0 44
83cb704b06d68aba270f52d8f79c77711a925949 ZPL-2.0 1811 10.2 14.8 15.1 13.8 56.0 11.9 62.8 28
f54d181214c88437a4105d6674209cf742e568be ZPL-2.1 1676 11.4 16.7 15.4 14.7 62.4 12.1 60.4 27
8b36c30ed0510d9ca9c69a2ef826b9fd52992474 by-nc-sa-4.0d1 12465 13.0 15.0 14.9 16.3 57.4 14.0 43.9 283
4a87c7af5cde7729e2e456ee0e8958f8632e3005 by-nc-sa-4.0d2 11583 13.1 14.8 14.2 16.8 56.2 14.4 44.7 259
bb6f239f7b39343d62440bff00de24da2b3d256f by-nc-sa-4.0d3 14422 14.1 15.8 15.1 18.2 61.0 15.4 38.6 373
cf5629ae38a745f4f9eca429f7b26af2e71eb109 by-nc-sa-4.0d4 14635 13.8 15.6 15.5 17.8 60.2 15.2 38.6 379
6accdf75f661b6c431ddc69c98509009c859cd28 copyleft-next-0.1.0 7050 11.6 13.2 14.9 14.7 53.5 13.0 47.8 147
bdd57168874256bf2ce405a0095044c72e0f7894 copyleft-next-0.1.1 6940 11.5 13.1 14.9 14.5 53.2 12.9 48.2 143
4f7cbaf808b3597ac01252a3ce8f79b750114208 copyleft-next-0.2.0 7311 14.2 16.5 14.6 17.5 59.3 14.6 41.7 175
2a8b5cf0173ac66861d9bc30cbc834674a7cb072 copyleft-next-0.2.1 7332 14.2 16.6 14.7 17.6 59.9 14.7 41.5 176
c5808e5f27b516498eda66cd03e8f073e224e1e6 copyleft-next-0.3.0 7653 13.6 15.9 14.6 16.9 58.3 14.3 43.7 175
adb5c8b02580ff23f959a9a4a36f9d53a24cef38 FAL-1.3 6641 9.8 11.4 12.6 12.8 47.1 11.4 61.0 108
98064c6b9d40c4e43206c5343daae933155bd63a OGL-UK-1.0 4577 15.2 17.9 15.4 19.8 62.5 16.3 37.2 123
c7539d2f3a5edb8fd71e4714db0aa36e87ece9e8 OGL-UK-2.0 4555 14.4 17.0 15.4 18.7 60.7 15.7 39.6 115
02fa56fef253718abfd8756f43b322f250a515f5 TAPR-OHL-1.0 10481 13.3 15.9 14.2 15.9 55.9 13.2 47.4 221

License

Original files in this project are disjunctively licensed under all licenses in the SPDX licenses list 1.19 (215) and those included in licenses-other (13). Take your pick of any or all.

License texts purport to be under various terms; see each individual license text.

Copy LQDN and Ada Initiative fundraising features

Friday, August 30th, 2013

A couple months ago La Quadrature du Net opened a fundraising campaign. I appreciated that they placed a very easy to understand and very revealing version of their annual budget right on their main fundraising page.

lqdn budget

This should be feasible for arbitrarily large organizations, but to maintain the revealing feature, a drill-down page may be necessary. Sure, one can criticize the choice of chart, or that this is presented as a bitmap, but those are minor details. The information is useful and revealing, and I suspect being capable (operationally and politically) to provide useful and revealing info directly is a positive indicator of organizational health. Donors to organizations that claim to stand for anything like transparency should accept nothing less.

The Ada Initiative has one day remaining in its fundraising drive (donate page). I’ve never seen a better executed blog-why-you-support-us effort. Examples below; even if they don’t convince you that blogging is relevant again, they might convince you to donate to Ada Initiative:

“Executed” is perhaps the wrong word: such strong and personal calls speak to the organization and its constituency being very clear about what the organization is trying to do and how it is doing it. Without this clarity, it is basically impossible to achieve anything but muddled and weak messages, from the organization itself, nevermind its constituency.

I don’t know how effectively LQDN’s constituency is helping it fundraise (I would not expect to, as it’d be mostly in French) nor do I know if Ada Initiative publishes any budget info (I didn’t look hard), but my point is to highlight how well each does on a particular aspect of fundraising, not to evaluate other aspects — though to repeat, I think getting either of these particular aspects right probably indicates a lot of other things are right. Copy rightness.

Street patrons missing coordination protocol

Saturday, August 10th, 2013

Lima, crowdfunded multi-device storage management:

When we designed Lima, privacy was one of our main concerns.

Lima stores your files at Home. So you can be sure you own your storage. Nobody in the world can access your data, but you. And you don’t need to pay monthly fees for that. The storage technology inside Lima was designed so you can get your data back anytime, even if your Lima device is broken.

The security of your Lima device is our first priority. Like a private datacenter, your Lima is far more difficult to hack than your computer. Our team works continuously with security experts to make sure it remains so. Like high security servers, your Lima will be frequently updated with security patches to keep it unaccessible from badly intentioned governments and individuals.

Comment from backer Suraj:

This looks like very great idea. I am definately a backer. I would like to know if there is any plan to open source the code (may be some kind of stretch goal) ? Whatever described as Tech FAQ’s looks great. But without open sourcing how one could be assured that there are no backdoors in the software. This is not matter of trust but it would be great if community can review the code and find out any security risks.

That’s a friendly way to ask, but it is a matter of trust: verify instead. Commenter Markus:

Suraj, you are absolutely right. If I would be the NSA I would also create a kickstarter project and try to convince everybody that this project is the perfect anti-PRISM-tool and implement lots of backdoors and route traffic directly to the NSA. So, open source software is basically a must. But I don’t think that they can afford to make the SW open source because then you could use basically any similar device and don’t have to buy plug.

The fundee responds:

@Suraj: Markus nailed it. We are too fragile as a startup to open source our code, at least now. All the innovation in Plug is software based. However, you’ll still be able to analyze Plug in/out traffic: that’s also a good way to make sure we don’t do bad things with your data.

That’s a stunning answer. Given that this device is managing your local files with remote-updated, non-auditable software, the attack surface is huge. Now remote update of non-auditable software is commonplace, but most purveyors of such don’t market themselves as anti-PRISM solutions, like this image on the fundee’s page:

Non-auditable slash-PRISM Lima

Contrast with a recent announcement from Least Authority:

We don’t even handle the source code of the client! We tell you to go download that from Debian, Ubuntu, or https://Tahoe-LAFS.org.

We can never see your data, and you can always see our code.

Least Authority’s storage product is very different from Lima’s; but the above is excerpt ought be applicable to both as privacy-protecting products.

Of course open source is no panacea for NSA compromise or any other security threat, rather a good practice that should be demanded for anything related to security.

Apologies for the long prelude about something I’m unqualified to speculate about (security), comments about which were the first thing when I went looking for discussion of the fundee’s other answer about open source, which is also not very credible:

The only thing we manage on our side of the equations are updates of our app and the web interface of Lima. In case of company crash, we’ll do our best to open source at least the most critical parts of our code, so the community continues improving the solution every night.

Cheap talk if there ever was.

But I don’t blame the fundee, the company behind Lima; they are responding to what they see as business conditions, including lack of demand for software freedom (or open source, however you wish to characterize it) as a product feature that will change funding/purchase decisions.

Similarly, it is a bit odd, and a bit of trivia, that today’s crowdfunding services are in part descendants of ideas focused on provisioning works without copyrestrictions, but it seems that with minor exceptions, if a project produces works that are both transparent (eg revealed source or design files) and not legally restricted, it is merely a happy coincidence. Again, I don’t blame the platforms or the fundees. I (perhaps with some hubris) assign blame to people who want there to be demand for freedom for failing to stoke it, and failing to organize what exists.

Concentrated funders are very slowly making and coordinating their demands of fundees, eg Open Access mandates. How can crowdfunders/democratic patrons make analogous progress?

Related: lack of demand coordination, libraries, and e-books, a narrow coordination idea that I need to follow up on, and classic background.

Exit skype loyalty

Thursday, July 18th, 2013

Why Doesn’t Skype Include Stronger Protections Against Eavesdropping?

At the EFF blog Seth Schoen speculates that Microsoft could be under continuous secret court orders which could possibly be interpreted to not allow it to add privacy protecting features to Skype. Maybe, but this can’t explain why Skype did not protect users prior to acquisition by Microsoft.

Schoen’s post closes with (emphasis in original):

That’s certainly not the case today, legally or technically—today, different kinds of calls offer drastically different levels of privacy and security. On some mobile networks, calls aren’t encrypted at all and hence are even broadcast over the air. Some Internet calls are encrypted in a way that protects users against some kinds of interception and not others. Some calls are encrypted with tools that include privacy and security features that Skype is lacking. Users deserve to understand exactly how the communications technologies they use do or don’t protect them. If Microsoft has reasons to think this situation is going to change, we need to know what those reasons are.

I’ll throw out some definite reasons users aren’t getting the protection and information deserved (secret court orders may be additional reasons):

  • Features have costs (engineering, UX, support); why should a developer bother with any feature when:
  • Few users have expressed demand for such features through either exit or voice;
  • Advocates who believe users deserve protection and information have failed to adequately increase actual user and policy demand for such;
  • Advocates and would-be providers of tools giving users what they deserve have failed to adequately deliver (especially to market! few users know about these tools) such.

In short Skype has not protected users or informed them about lack of protection because they face near zero threat (regulatory or competitive product) which would interest them in doing so.

EFF is doing as well and as much as any entity at generally informing users who probably already care a little bit (they’re reached by the EFF’s messages) and a whole lot more deserving of support. Keep that voice up but please always include exit instructions. Name “tools that include privacy and security features”; I see a screenshot of Pidgin in the EFF post, give them some love! Or better, Jitsi, the most feasible complete Skype replacement for all platforms. Otherwise your good efforts will be swamped by Skype user loyaltynetwork effect lockin.

Related argument: Realize Document Freedom Day; on topic: Free, open, secure and convenient communications: Can we finally replace Skype, Viber, Twitter and Facebook?