Simon Phipps

See the following -

Diverse Open Source Uses Highlight Need For Precision In Cyber Resilience Act

As the European Cyber Resilience Act (CRA) is entering into the final legislative phase, it still has some needs arising from framing by the Commission or Parliament that result in breakage no matter how issues within its scope are “fixed”. Here’s a short list to help the co-legislators understand the engagement from the Open Source community...OSI and the experts with whom they engage are not trying to get all of Open Source out of scope as maximalist lobbyists do for other aspects of technology. An exclusion from the regulation for Open Source software per se would open a significant loophole for openwashing. But the development of Open Source software in the open needs to be excluded from scope just as the development of software in private is. Our goal in engaging is just to prevent unintentional breakage while largely embracing the new regulation.

Read More »

6 Growing Pains of Open Source Organizations That You Can Avoid

Everything has a season, and as organizations age—communities, charities, companies, churches and more—they face similar diseases of time. These are emergent patterns of failure that arise not from mistakes but from the consequences of earlier success. In open source, we are seeing the same patterns emerge; this should not be a surprise. Some of them are unavoidable. Understanding them helps leaders reduce the risk that will arise and helps identify them when they do. This is by no means a comprehensive list, but we have encountered all of these modes of systemic failure, some of them often...

7 Ways to Discuss Legal Matters with an Open Community

Having watched a fair number of people attempt to engage both the Open Source Initiative's licensing evaluation community and the Apache Software Foundation's legal affairs committee, I'd like to offer some hints and tips for succeeding when it's your turn to conduct a legal discussion with an open community. First and foremost, make sure the person conducting the conversation is both qualified and empowered. Don't send proxies; they simply frustrate the community, who quickly work out that your representative is always playing the second-hand car salesman and going to the back room to ask for a deal...

APIcon UK: Open Source Fuels The API Economy

Mark Boyd | ProgrammableWeb | September 25, 2014

Industry leaders say open source is the backbone of the software infrastructure required to fuel the API economy. At APIcon UK, Simon Phipps, president of the Open Source Initiative, explained why open source licensing will enable the API and Internet of Things economies to grow...

Read More »

GitHub Improves Open-Source Licensing Polices

Steven J. Vaughan-Nichols | ZDNet | July 18, 2013

GitHub, the popular open-source development community site, is finally getting its licensing act together. It's high time since Black Duck has found that 77-percent of GitHub projects have no declared open-source license. Read More »

How To Make App Stores Friendly To Open Source

Microsoft recently seemed to propose that Open Source software didn’t belong in the Windows app store. Excuse me? After the news broke, Giorgio Sardo, Microsoft’s General Manager of the Microsoft Store, argued on Twitter that it wasn’t Microsoft’s intent. “We absolutely want to support developers distributing successful OSS apps. In fact, there are already fantastic OSS apps in the Store! The goal of this policy is to protect customers from misleading listings.” Predictably, confusion results. And the kerfuffle over FairEmail and the Google Play Store earlier this year is a good example of how this sort of confusion is not entirely new, leading to questions about intent. I’ve talked with developers and business managers about their experience in preparing software packages for commercial app stores. Universally, everyone reports having issues with app stores’ packaging. These include...

Read More »

Interview with Simon Phipps-Patent Trolls and Open Document Format

Gordon Haff interview with OSI's Simon Phipps conducted on July 31st. Phipps talks recent US software patent case decisions and why they're so significant as well as the recent UK government decision about open document formats. Who are the winners and the losers? Read More »

Open Source And Linux In 2014

Jim Lynch | IT World | December 29, 2014

In today's open source roundup: Looking back at open source and Linux in 2014. Plus: Switching from Apple laptops to Chromebooks, and the best gaming mouse for Linux?...

Read More »

Open Source Maintainers Take Center Stage, Joined by Leaders from GitHub, Red Hat, Google, and JFrog at Tidelift Upstream Event

Press Release | Tidelift | May 18, 2021

Tidelift, the premier provider of solutions for managing the open source software behind modern applications, today announced the schedule for Upstream, a free, one-day virtual event that brings together developers, open source maintainers, and the extended network of people who care most about their work. United by a vision to make open source work better for everyone, attendees will have the opportunity to meet the maintainers behind the open source tools they use every day and learn from industry experts developing with open source at scale. "We don't often stop to think about all the open source libraries, frameworks, and components we depend on until something goes wrong. Upstream aims to change that," said Joshua Simmons, ecosystem strategy lead, Tidelift. "We're honored to have the opportunity to bring together some of the greatest minds in open source and celebrate all of the things that make open source and the people who work on it amazing."

Read More »

Skunkworks Opens Up IT For Debate

Lis Evenstad | eHealth Insider | November 7, 2012

Healthcare communities need to take responsibility for establishing the interoperability of IT systems, said one of the speakers during the Skunkworks debate at EHI Live 2012. Read More »

The Cyber Resilience Act Introduces Uncertainty And Risk Leaving Open Source Projects

What might happen if the uncertainty persists around who is held responsible under the Cyber Resilience Act (CRA)? The global Open Source community is averse to legal risks and generally lacks access to counsel, so it’s very possible offers of source code will simply be withdrawn rather than seeking to resolve the uncertainty. The CRA rightly addresses the need for commercial suppliers to protect their customers from exploits and cyber attacks. But legislators have exposed the open development of software itself to the regulations rather than just the for-profit use of Open Source artifacts in the marketplace. They are incorrectly assuming that Dirk Riehle’s terminology calling single-company projects “commercial Open Source” means it’s possible to use the “commerciality” of an application to distinguish single-company activity from community projects, and by using the concepts of proprietary software to then define boundaries.

Read More »

UK Government Finalizes Open Standards Principles: The Bigger Picture

Mark Bohannon | opensource.com | November 6, 2012

Last week, the UK Cabinet Office released its Open Standards Principles: For software interoperability, data and document formats in government IT specifications. Read More »

Uproar: MariaDB Corp. Veers Away from Open Source

Simon Phipps | Info World | August 19, 2016

MariaDB Corp. has announced that release 2.0 of its MaxScale database proxy software is henceforth no longer open source. The organization has made it source-available under a proprietary license that promises each release will eventually become open source once it's out of date. MaxScale is at the pinnacle of MariaDB Corp.'s monetization strategy -- it's the key to deploying MariaDB databases at scale. The thinking seems to be that making it mandatory to pay for a license will extract top dollar from deep-pocketed corporations that might otherwise try to use it free of charge.

Read More »

Upstream Conference to Feature Open Source Maintainers

Imagine the chaos that would occur if all open source software vanished with the snap of a finger. Picture the devices that would turn to bricks in our hands, the infrastructure that would fail, and the machinery that would fall silent. The truth is we probably don't stop to think about all the open source libraries, frameworks, and components we depend on-until something goes wrong. The extraordinary impact of open source is difficult to measure or quantify...Open source is a testament to human ingenuity, and it's not often that we take the time to celebrate what we-the creators and users of open source-have made together. We think it's time we did. That's why we're announcing a new type of open source event called Upstream. It's a one-day celebration of open source for the developers who use it and the maintainers that create it. We'd like you to join us on June 7 for this entirely virtual and free event where we'll focus on the creators behind essential open source packages and the developers who build amazing things with them.

Read More »

What Blockchain and Open Source Communities Have in Common

One of the characteristics of blockchains that gets a lot of attention is how they enable distributed trust. The topic of trust is a surprisingly complicated one. In fact, there's now an entire book devoted to the topic by Kevin Werbach. But here's what it means in a nutshell. Organizations that wish to work together, but do not fully trust one another, can establish a permissioned blockchain and invite business partners to record their transactions on a shared distributed ledger. Permissioned blockchains can trace assets when transactions are added to the blockchain. A permissioned blockchain implies a degree of trust (again, trust is complicated) among members of a consortium, but no single entity controls the storage and validation of transactions.

Read More »