GPLv3 looks like a worthy update

When I first came across the GNU General Public License in 1986, it was nothing short of an epiphany for me. Its revolutionary approach to copyright (all wrongs reversed) and the bold vision of the GNU project (to do nothing less than to make UNIX obsolete by making something that was both better and free) was as earth-shaking to me as perhaps quantum physics was to Einstein. (You don't need to tell me I'm no Einstein--I know that.) After downloading the GNU C compiler in 1987, I developed considerable facility with GNU software. I experienced a most remarkable transformation of my own programming skills. (It reminded me of my own experience playing classical guitar the first time I played a "real" guitar instead of a junker, the music did not only sound better, but it was easier to play for longer as well. Hacking on GNU software was like playing a fine instrument....). Through this experience, I gained confidence to tackle a project that, only one year ago, I would have dismissed as sheer fancy: the development of the world's first native-code C++ compiler, which I first released in December of 1987. As I wrote in Open Sources, I began to see that the GPL provided a unique opportunity to commercialize free software, and after a two year quest to find some like-minded entrepreneurs, the first free software business (and, by definition, the first open source software business) was born. The story of that company is well documented in the O'Reilly book, but the salient point for this posting is this: the GPL had been written with freedom in mind and without consideration of the world of computers known as embedded systems. Cygnus became a major player in the embedded market, and in 1991, the Free Software Foundation updated the GPL to version 2 and issued the LGPL. In my opinion, these clarifications were not compromises against freedom to improve the business prospects of Cygnus (though there was that positive effect). Rather, they were technical improvements, much as one would expect to find in a protocol definition after some experience was gained. GPLv2 was a win-win. Version 2 of the GPL has remained unmodified for 16 years, while copyright laws, conventions, and interpretations have changed in both degree and in substance. Version 2 of the GPL has also remained unchanged while companies large and small, powerful or not, scrupulous or not, have challenged it in every way imaginable, as if such challenge was their Job One. Some have been so bold as to say "well, since we can't figure out how to make money with the GPL the way that other successful companies have, the GPL must be broken!" Right. In that same period of time, cryptographic techniques assumed secure have been proved weak, and we should not be surprised. Cryptographic methods (and security in general) is all about creating a defensive capability such that the cost of attack is greater than the value of the reward. In 16 years, costs have changed considerably: 8-12 generations of Moore's Law has delivered 256x to 4096x the computing power per machine, the Internet multiplied this computing power again by several orders of magnitude as distributed collaborative cracking projects became popular sport, not to mention advances in elliptical curve algorithms that undercut cryptographic strength by staggering amounts. In the world of cryptography, where we assume there are dedicated opponents working to challenge systems day and night, those who stand still are lost. Stronger defenses are needed every day. GPLv2 has been a stunning success, and is presently the license of choice of some of the most exciting software projects in the world bar none. But corner cases have been found where the freedom that the Free Software Foundation sought to guarantee have been circumvented, and those circumventions also work against the fair bargain that makes open source an attractive basis for commercial success. The success of one against the loss of a whole community is not what open source is all about (and certainly not what free software is about, either). I have read the newly released draft of GPLv3 carefully, and I believe it is a stunning accomplishment. (Disclaimer: not only am I no Einstein, I am also not a lawyer. However, my 20 years of experience with free software, the GPL, and 18 years of commercial experience should count for something.) My reading tells me three things. First, the GPLv3 is familiar; it is not as if everything we know must be relearned. Second, the GPLv3 deals with corner cases which, if left unfixed, will collapse, taking all our good work down with them; collapse is bad enough, but predictable collapse is shameful. Thirdly, the GPLv3 reaffirms that in spite of all the growth and all the success that the free software movement has enjoyed these past 20+ years, the goal of the Free Software Foundation remains centered on software freedom, and that the only prohibition they uphold is against those who seek to undermine such freedom. It is encouraging to see an organization maintain principle in the face of prosperity. This morning, with GPLv3 on one monitor and the OSD on the other, I read a license that should have no trouble achieving OSI certification. Based on my reading, I encourage the Free Software Foundation to submit their final draft when they are ready so that the whole open source community can review, discuss, and recommend to the OSI board whether they, too, see what I see. If so, we should see a much-needed update added to the roster of OSI-approved licenses, and we will be in a position to encourage those whose business depends upon fairness to offer them a licensing choice that is both sound and safe.


Great reviews, it is excellent. GPLv3 is really innovative work. I have carefully read GPLv3 too, GPLv3 will prohibit certain distribution practices which restrict users' freedom to modify the code. Lots of people have speculated in the press about who isn't going to switch from GPLv2 to GPLv3. Great things are happening that haven't had enough attention, because everyone has been watching GPLv3.

I read the draft for GPLv3 not once, but twice and I've seen many opinions on the web. I think the main purpose of the GPLv3 is to make things more clearer and continue to protect the free software. One of the new things I liked is they clearly stated their position regarding DRM, and here I understand that the license is not against DRM as long as the final user isn't blocked. One of the things that didn't change much from v2 is related to the case when a company wants to take a software licensed under GPL, to modify it and then ... what? Unfortunately they will have to make it available to the competition. If the changes made to the software can make a big difference and boost the company who modified the GPL software, then it's clear that these kind of things will not happen to often. This issue continues to prevent many companies to involve more in the GPL software world, but again, you have to make some sacrifices in order to ensure software freedom. So, good job guys, I think GPLv3 is the right course of action.

The license includes a new approach to the controversial issue of lock-down technologies as well as more explicit language about patents, including language designed to prevent a re-occurrence of agreements such as the one that Novell entered into with Microsoft. More freedom for free software. --John Meyer

It's not that simple, by far. Releasing your code into the public domain is very generous, but even when you don't want to receive money for it, you might want to receive credit (in the code, if not publicly); achieving that is much more difficult. More importantly, the GPL also protects against someone securing your code and preventing others (including potentially you) from using it. The GPL isn't right for every project, it is indeed restrictive in order to be powerful... but there are good reasons for its use, and it's wise to be familiar with them before deciding on which license (AFL, GPL, none, etc) to use. I think GPLv3 is the right course of action. My blog: Tom

I believe GPLv3 is a good license that many of us can live with, but it will never be the only license that serves the free and open source community. Owners of software have other good licenses to choose from that will meet their own philosophical and business goals. I agree with Lawrence Rosen. Janet Kellman, software reviews

The first draft of version 3 polishes and strengthens the GPL to make it more effective at warding off legal entrapment based on business-friendly IP legislation in the United States and elsewhere. The two most obvious threats to free software today come from patents and DRM, and version 3 meets both threats head-on and doesn't give an inch. It is important to remember that this is merely a first draft of the GPLv3. The Free Software Foundation has committed to an extensive public discussion of the license, and a final release of the license is not expected until 2007. If sections of the GPLv3 appear unclear or somewhat scary, relax -- it is quite likely that the public comment period will bring these sections to light, and help produce a license that most of us can live with. Best regards, Kraig Font River

Contrary to what some have said, GPLv3 will not cause a company to "lose its entire [software] patent portfolio". It simply says that if someone has a patent covering XYZ, and distributes a GPL-covered program to do XYZ, he can't sue the program's subsequent users, redistributors and improvers for doing XYZ with their own versions of that program. This has no effect on other patents which that program does not implement. software reviews

Collapse is bad enough, but predictable collapse is shameful. Thirdly, the GPLv3 reaffirms that in spite of all the growth and all the success that the free software movement has enjoyed these past 20+ years, the goal of the Free Software Foundation remains centered on software freedom, and that the only prohibition they uphold is against those who seek to undermine such freedom.

The final GPLv3-Version was released at the end of june, there are a lot of changes in handling the restrictions via the internet and in the use of software like DRM. These changes in the General Public Licence version 3 were necessary, because the sixteen year old version 2 can handle these new requirements only in a limited way, the final release of the GPLv3 is published under The main part of the Version 2 still exists also in the GPLv3, so the source code of programs is open for changes and a changed program can also be sold, if the source code still remains open. -- Cheers, Marc

It still amazes me too that GPL still exists out there even after all these years. I think different companies are struggling to bring this concept to an end due to lots of interests but one thing is for sure : they will never outsmart the people in the end. Of course software needs to be payed, if i would open a software company and i were to have great ideas why wouldn't i make a profit out of it ? it is just normal to think that way and let's face it opening a company like this costs a lot of money or capital and getting money is a hard thing these days. Even with the help of a business loan with all the advantages things don't look that pretty so i'm just curious how long will GPL resist temptations ?

To promote and protect open source software and communities...

For over 20 years the Open Source Initiative (OSI) has worked to raise awareness and adoption of open source software, and build bridges between open source communities of practice. As a global non-profit, the OSI champions software freedom in society through education, collaboration, and infrastructure, stewarding the Open Source Definition (OSD), and preventing abuse of the ideals and ethos inherent to the open source movement.

Open source software is made by many people and distributed under an OSD-compliant license which grants all the rights to use, study, change, and share the software in modified and unmodified form. Software freedom is essential to enabling community development of open source software.