From what I've been able to ascertain, our counsel's primary concern is that the mere availability of the source creates risk in terms of the introduction of copyleft code into our proprietary products. They're also afraid that, were an issue to arise, they wouldn't be able to settle it as a business matter as they would with a large corporation like Adobe or Opera.
We also have a number of customers requiring that we provide indemnification against any open source software infringement claims, which has sent our counsel down the path of wanting a full registry and approval process for all open source software on developer workstations.
The positions I've taken -- the workload, the fact that the registry doesn't adequately protect us from the surreptitious introduction of copyleft code snippets, etc. have all fallen on deaf ears. I'm trying to figure out what other arguments I might be able to bring to the table.
> They're also afraid that, were an issue to arise, they wouldn't be able to settle it as a business matter as they would with a large corporation like Adobe or Opera.
You might remind them that not all proprietary software comes from large corporations and many of the smaller guys might be more willing to pursue the legal 'issues' to the fullest extent of the law.
> The positions I've taken -- the workload, the fact that the registry doesn't adequately protect us from the surreptitious introduction of copyleft code snippets, etc. have all fallen on deaf ears. I'm trying to figure out what other arguments I might be able to bring to the table.
I would point them in the direction of people that have purposely included open source code in proprietary projects (e.g. the recent ScummVM on Wii issue) to try and instill the fact that registering all open source tools that are being used will not protect them from a developer that is trying to 'cut corners.'
If I have Firefox installed on my computer that DOES NOT mean that I have the source code 'at my fingertips' as well. The same could be said of Vim or Emacs. And unless your employer is building developer tools, I doubt that any of your developers is going to try and include code from the Vim or Emacs codebase. It just doesn't make sense.
We also have a number of customers requiring that we provide indemnification against any open source software infringement claims, which has sent our counsel down the path of wanting a full registry and approval process for all open source software on developer workstations.
The positions I've taken -- the workload, the fact that the registry doesn't adequately protect us from the surreptitious introduction of copyleft code snippets, etc. have all fallen on deaf ears. I'm trying to figure out what other arguments I might be able to bring to the table.