Keygen is now Fair SourceStar us on GitHub arrow_right_alt

You can't rely on people being good

Tuesday, October 1st 2024Avatar for the author, Zeke Gabrielse, Founder of KeygenZeke Gabrielse, Founder of Keygen

As someone who has thought deeply about the implications of open sourcing my product — ultimately going down a different path — I've realized, through both history and foresight, the risks of relying too much on human nature being inherently good. History shows us that when you make a commercial product open source, you're betting on the goodwill of others, but this isn't always a safe bet.

Approaching the decision to go open source with the assumption that all humans only want the best for others can be dangerous.

Even if you yourself believe in furthering a collective good, you can't assume everyone else will adhere to your altruistic views. It's wise to recognize that people can be profoundly selfish, unapologetically self-centered and greedy, and at times, inherently evil.

An open source license might package[1] your product to reflect your communistic altruism, like under copy-left, or your capitalistic views under a more permissive license. But neither approach makes your product immune to exploitation. Recognizing this is key.

Under open source, nothing stops a mega-corporation from exploiting your work and community by consuming without giving anything back, i.e. free-riding. But that's by-design — if a license doesn't require it, you shouldn't make the mistake of expecting it. You might find it morally wrong, but don't expect a corporation to care about morality.

After all, business is business.

You also can't force people to contribute or to act ethically. You can use social pressure or trademark law to coax the contributions you're after, but it may not work exactly as you expected. And coaxing can quickly turn into feeling like coercion if you're not careful, and may even eventually escalate to actual coercion.

If your coaxing mutates into coercion, you may quickly find yourself becoming the villain of the story, not the hero. Throughout the saga of open source, we've seen this play out, even recently.

In your head, your intentions may be noble — perhaps even for the "greater good" — but not everyone will see it that way.

People are autonomous; they have their own moral agency. You can't control what people do, so you should have the foresight into the possible futures where you encounter evil people.

But with foresight can come fear.

There's a fear that you might wake up one day to find a VC-backed startup has forked your open source product, renamed it, and is now using it without contributing back. From a legal standpoint, forking without contributing back may be allowed under your open source license, yet even still, you may feel taken advantage of, and you may even start to question your earlier decisions.

Similarly, you might fear the idea of a mega-corporation eventually selling a hosted version of your product, undercutting your offering and draining your lifeline. Over time, resentment towards this corporation might grow, and you might feel entitled to compensation.

Being introspective, and being honest with yourself from the start can help you manage these fears — to account for these futures.

If you fear being exploited by mega-corporations, then admit that you don't want to be exploited. Perhaps acknowledge that your choice of the AGPL may not be deeply rooted in altruism, but actually in your inner desire to prevent yourself from being exploited[2].

Recognize that your desire to want to protect yourself, or be compensated for your work, doesn't make you evil.

You don't have to be open source to do good.

Open source is fantastic for shared infrastructure and libraries, but it's not always great at protecting the author — much less a business — from exploitation. This makes open source a poor choice for a core product, in my opinion, at least for most people.

Commercial open source very often ends in a rug-pull once the author enters into one of these futures. You may think these future scenarios improbable, or maybe likely yet a problem for your future-self, but this line of thinking ignores history at best and wisdom at worst.

These scenarios that have played out in the saga of open source are worth learning from. Ignoring the lessons of history may lead to its repetition, to your own detriment.

If this resonates with you, and if after some introspection you feel — like myself — that open source isn't the right road, then perhaps look into fair source before defaulting to the well-traveled road of closed source. It may be a good[3] middle ground.

You can have your cake and eat it too — you baked it after all.

[1]: Your choice of license can have a large impact on your overall commercial offering. I wrote more on the intersection of licensing and packaging here.

[2]: I wrote more about this phenomenon i.r.t. the AGPL in startup-land here.

[3]: You'll be in good company.