Monday, April 4, 2005

Open-source vs. NDA

My most used open source product is PCProxy. PCProxy is a connector which, at one time, was written for a virtual community revolving around simulated air traffic called SATCO. SATCO has since then went down due to an ego-crisis and VATSIM rose from its ashes.



For some reason, which I can only explain by assuming that the "top-brass" of the networks have a very self-centered, colonialist and narrow-minded "us vs. them-attitude towards similar communities, the decision has been made to only allow formally approved software to connect to their systems.



The protocol documentation, which is claimed to be a required input for any successful implementation and the accreditation process itself, is only released after a potential developer signs a legally binding non-disclosure agreement.



That NDA states such things as that anyone who signs it is not allowed to share protocol details (although anyone familiar with such software as socket(1) is able to reverse-engineer the protocol will little or no effort), but also that you are to report anyone who is currently attempting to implement a new product without formal approval of the VATSIM Board of Governorns (!)



As a firm believer in open source, I have never signed the agreement, yet still released my software into the Debian GNU/Linux project. So far, I have been left alone, and no new attempts to make me sign the NDA have been made.



Today, I became aware of a new round of NDA-pushes towards fellow developers. In my opinion, signing an NDA which requires a developer to make software which is only usable on one of the many networks out there, is unethical, against my principles, and in the long run, will lead to the demise any non-commercial product out there.



Unfortunately, PCProxy is just als protocol-dependent as any other software that connects to the networks. This may mean that PCProxy has come at the end of it's life-cycle, as I will not ever sign the NDA. Together with some other developers, I am currently considering my options.



Having said this, I see only two alternatives. The first is to fully stop with PCProxy development, leaving it open for whoever is interested to work on it. The second option, which is the one that I ammost leaning towards, is to totally unlink the protocol implementation for the software itself (which is already mostly the case anyway) and continue to develop PCProxy, without any protocols to connect to networks, as open-software.



Any network that would like PCProxy to be usuable for their community can then develop its own networkconnector for PCProxy and keep that closed-source.



I have not decided yet.



No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.