Hacker Visions

Use of the GNU Affero GPL is on the rise, so it’s no surprise that I get a lot of questions about it. Most recently, I was asked how AGPL-licensed extensions interact with a Content Management System that is licensed under the GNU GPL, version 2 or later. Generally speaking, AGPLv3 extensions are compatible with CMS code licensed “GPLv2 or later”. The complication arrives when you have multiple extensions of various licenses because the extensions need to be license-compatible with each other as well. Hopefully this post will clarify matters.

There are three versions of the AGPL. The first wasn’t much used. The second exists solely as a way to upgrade to AGPLv3, and it is not a license used for distribution. The third is what most people think of when they say “AGPL”.

At any rate, when using AGPL (or even just discussing it), make sure you specify which license you mean. You might want to use the phrase “AGPL version 3 or later” to describe your AGPL-licensed code.

As with AGPL, there are multiple version of GPL as well. There was version 1, which is no longer in use. There is GPLv2, which is the most used software license on the planet (although I’m guessing not in outer space). And there is GPLv3, an update to GPLv2 that is growing in popularity.

Some software is licensed under multiple versions of GPL. This includes software that is licensed under GPL but doesn’t specify a version, as well as software that designates a minimum license version (e.g. “GPL version 3 or later”). Other software limits itself to a single version (e.g. “GPL version 3 only”).

There are various ways to combine these licenses, so here is license compatibility in tabular form:

Assuming you’re not dealing with AGPLv1 code (a safe assumption almost every time), as long as none of your extensions are GPLv2 only, you can mix AGPLv3 extensions without difficulty.

If, however, you are dealing with GPLv2-only extensions, you can run into complications. While the extensions can be distributed separately, if you distribute a “CMS-in-a-box” or deliver to somebody a complete CMS install that comes with the extensions already plugged in, mixing extensions of different licenses can lead to incompatibility. Packaging up GPLv2-only extensions with AGPLv3 extensions is usually a license violation.

Because of this, projects that maintain extension directories might consider requiring extensions to select from a set menu of licenses. That way developers and repackagers can be assured the extensions will play well with each other. To ensure extensions are license compatible, both now and in the future, you could restrict extensions to the following licenses: “GPL”, “GPLv2 or later”, “GPLv3 or later”, “AGPL”, “AGPLv3 or later”.

Scientists going all the way back to Galileo have secretly abused corpses in the pursuit of knowledge. Modern researchers are no different. Thanks to the vigilance of Karl Fogel, we now know that scientists studying the Atlantic Ocean garbage patch have been throwing dead pigs into the sea just to see what happens next. Yes, that’s shocking and gross, and just like in the Whitewater scandal, it’s the coverup that is the crime.

National Geographic originally (maybe accidentally?) revealed the dead pig experiment in an article about the garbage patch. You can clearly see references to the dead pigs in this screenshot of Google’s search results. The National Geographic article, though, makes no mention of the pigs at all. They scrubbed the record, and even got to the usually uncorruptible Internet Archive.

Why the coverup, National Geographic? Who are you protecting?!

Anybody with information on who has the most to gain from the dead pig conspiracy should email me urgently.

In the wake of recent disasters in both Haiti and Chile, the lack of working telecoms infrastructure has greatly hindered local communication. The first relief workers to hit the ground had trouble talking to each other (let alone the outside world), and that was very bad for the relief effort. Inefficiencies that retard relief efforts result in more death and suffering in times of crisis.

There are two problems that contribute to broken local telecom systems. First, there wasn’t much infrastructure to begin with. Haiti is a poor nation with political risk, and like many such nations, the environment doesn’t easily support investment in large ISP infrastructure. So Haiti had some slow access, but even before the devastation, local infrastructure could not easily handle the increased demand presented by the people flooding in to help.

Second, what little access existed was not designed to withstand natural disasters. Service providers in Haiti are like commercial ISPs everywhere. They favor centralized networks that are easily maintained and controlled (and thus easily monetized). But all those profitable choke points are also centralized failure points, And those
central points of failure are tragically vulnerable at times of natural disaster.

That’s not to say the ISPs are malicious. Various telecoms companies and charities rose to the challenge and poured a lot of effort into rebuilding the local infrastructure. Their approach, though, is to do what they do best: construct big, expensive, centralized investment that will fall over quickly when stressed.

The better solution is for people to use mesh networks (ideally, to be using them even before disaster strikes), in which computers network directly with each other instead of going through the centralized ISP intermediary. Mesh networks are ad-hoc and self-healing, hop out to the world wherever a connection is found, and don’t depend on centralized choke points. If mesh networks were in place in Haiti and Chile, everybody’s laptop would be part of the communications infrastructure, and at the very least people on the ground could talk to each other. Mesh networking is a technology that could save lives.

What’s more, meshes are cheap to deploy and they don’t require centralized ISP investments. That makes them perfect for markets that aren’t supporting the investment necessary to provide the more usual centralized broadband access.

Mesh networking is maturing (see this Ars Technica state-of-the-industry piece on the subject). It’s time to make mesh capability a standard part of everybody’s setup, both to bring access to under-resourced areas and more importantly because doing so will save lives at times of crisis.

Six years ago, while tinkering with Javascript and CSS, I made this clone of the Mastermind game as a Valentine’s day gift for my girlfriend. For some reason I can’t now remember, I licensed the entire thing under CC-By. I just stumbled across it while cleaning up old files, so here it is again. Happy V-Day, everybody.

I gave a talk at Limewire last week, and my talk rambled around to crowdsourcing and Free Software. The point I made then, and the one I’m making now, is that when it comes to making software, crowdsourcing is a myth. There is no project built by a multitude of people each making a few small changes and additions to a codebase.

When I was a kid, I played Tetris until I saw falling tetraminos every time I closed my eyes. Likewise, almost every Free Software project has a few people that see code when they try to sleep. These folks make a series of big contributions, and they’re usually the source of the vast majority of productivity in the project.

The crowd, those drive-by contributors who fix one shallow bug and then disappear, have relatively little impact, even cumulatively.

Despite this, most projects recruit developers by dangling shallow bugs and todo lists of easy-to-implement features. Many even offer to help people fix those shallow bugs, just to get them involved. It’s a lot of effort, probably more effort than it takes to just squash the bugs and implement the features. The hope is that today’s drive-by bug hunter is tomorrow’s big contributor.

This model is broken. Projects spend a lot of resources to get worse code (veterans are better contributors than newcomers) and the low conversion rate means they’re rarely paid of with bigger, better, and more contributors.

People who care about Free Software efficiency might want to think about how to increase the conversion rate. More importantly, it’s time to dream up ways to get large contributors other than by slowly growing them from small ones.