McAfee is McScrewed
McAfee, the security company, is warning its investors that the alleged ambiguity of Free Software licenses may put its business at risk:
“Use of GPL software could subject certain portions of our proprietary software to the GPL requirements, which may have adverse effects on our sales of the products incorporating any such software“
No shit, sherlock!
Let’s review the facts of the case as they may be:
- The GPL has been around for approximately 18 years.
- McAfee has been around for approximately 20 years.
- The GPL is the most popular Free Software license, used to license millions of lines of code.
- McAfee is a fairly popular proprietary software company. Many buy and use their software to protect their company’s IT infrastructure from security threats.
- There have been no known studies to show that the use of GPL impacts the bottom line of a company (either negatively or positively).
Let’s consider the first four points: the fact that McAfee, a 20-year old company, can claim that the most successful and widely used Free Software license is ambiguous is a dodgy proposition indeed. Whether or not it has been tested in a court of law is irrelevant; in the same manner that McAfee would never dare to use proprietary software code in its product without conducting necessary due diligence (and even then, such an act would require substantial ball-age which rules it out as a viable scenario in a multinational company), why did McAfee decide to use GPL licensed code without conducting necessary due diligence? After all, a copyright license is a copyright license is a copyright license: as long as it doesn’t violate any other legislation in place and does not subvert due process of common or civil law, one would take it on good authority that the terms of the copyright license must stand as they are, whether it be a proprietary copyright license or a Free Software copyright license.
The fact that McAfee has not revealed these risks in previous annual reports indicates a lack of rigor in the due diligence it has carried out to date on its R&D. That, in itself, is disturbing. Perhaps even more disturbing is the fact that they have not disclosed this publicly to their customers, thus possibly misleading their customers on the perceived value of their products.
Now, as for the last noted point, some might cry to common sense that software available freely makes for a bad business model. As it turns out, common sense seems to be anything but common. Consider that proprietary software companies have raked in billions of dollars despite rampant piracy of their proprietary software. From another perspective, consider that companies peddling Free Software have raked in billions of dollars too. Thus, having software freely available does not support or refute the case of a strong business model.
I’ve been saying for many moons that the ideology of Free Software and the development model of Open Source Software is completely completely irrelevant in the ability to sell Free Software. Companies wish for support, training, upgrades, bugfixes and the assurance that they can hold somebody liable if anything breaks. Companies are more then willing to pay for the priviledge of holding somebody by the balls when shit hits the fan, regardless of whether they are using Free Software or proprietary software. In fact, it was this very insight that led RedHat’s ex-CEO to build the company to great heights (and great valuations in the stock market, I might add). Companies buy RedHat subscriptions not because RedHat is selling Free Software. They would have bought the subscriptions even if RedHat was selling proprietary software. Companies bought the software because they perceived that the software fulfills their needs (and also because they needed to hold somebody responsible in case things break - don’t doubt the power of Cover-Your-Ass tactic when closing a sale).
So whether a software is licensed Freely or proprietary-ly is irrelevant, as far as the customer is concerned.
But, if you were an investor, you would certainly be worried if you were potentially at the risk of being at the wrong end of a lawsuit (particularly, a copyright lawsuit). And given that the Software Freedom Law Center are a bunch of tenacious bastards (I should know, I’ve met both Stallman and Eben Moglen in person), I don’t blame McAfee in choosing to play it safe to warn its investors to prepare to flee to hills if the Free Software dawgs (and I say that in the nicest possible way) decide to come barking.
In summary, if McAfee has been violating the GPL (which seems more then likely given the warning in the annual report: “To the extent that we use ‘open source’ software, we face risks“), I’m sorry to say that they are truly McScrewed.