Wayne Wilson wrote: > Tim Benson wrote: > > > See this week's BMJ (April 7, pages 863-4) for 3 letters on open source > > http://www.bmj.com/cgi/content/full/322/7290/863/a, including my own. If I > > was writing today, I would not have cast doubts about the GPL. > > > Good work, thanks for pointing this discussion out., > > Re: your comments: > > "In no other industry are the products deliberately kept > secret when that secrecy cannot be justified by safety or > security concerns." > > I initially thought you meant the health care software > industry, but this comment is inclusive of nearly all software. > funnily enough, when I worked in control systems at a very large company (australian developed software, giant american parent), the client received all the source as part of the deal. Not only that, they got a complete copy of our development environment (which meant them going and buying a unix box, in addition to all the control system hosts) - including our CM scripts, version control and documentation tools. In some cases, one of the client's team came and worked over a long period with us on the software, so they would have someone who knew it intimately. Further, it was a condition of sale that the entire binary system had to be byte-for-byte regeneratable from the source, by the customer, e.g. if their control system blew up, they had to be in the position of being able to go and buy more VME hardware, rebuilding from the unix box, and be up and running again in a day or two. This never stopped anyone buying the system, or (as far as I know) enabled any competitor beat us; on the contrary, it was an asset, and established technical and personal trust. While the source was not open to anyone, it was to any purchasing customer, and for this class of system, that's fine. By the way, as a client (e.g. a railway company, steel manufacturer, gas pipeline company, electricity distribution or transmission company) I would never use an unsupported open source system for control. I would want the source, wouldn't care if it was publicly available, but would expect to pay a dedicated group of professionals to do the software engineering required to maintain and enhance the system as required. In the pure open source model, acceptance of this sort of responsibility is not available; at the legal level, it actually requires that the engineers collectively accept responsibility (and maybe damages) for: late deliveries (consider how important the timing of switching over to a new power station etc), functional failures (power blackouts, gas flow failures) and disasters (train collisions, furnace explosions). People who write software for free and in their spare time do not have the resources to accept this kind of responsibility. I am not sure my feelings would be any different as the CIO of a hospital or other health facility. - thomas beale
