MIT Serves Notice
The permissive open source license story began in 1983. The two-year-old IBM PC was rapidly transforming business. At the Massachusetts Institute of Technology’s Laboratory for Computer Science, a forward-looking band of men and women aimed to shape networking for the coming PC era. Known as the Computer Systems Research Group, their efforts attracted the interest of fellow academics and the corporate world.
The CSR Group members were eager to share their software, but MIT required signed licenses from all recipients. This hampered feedback, and the group sought a way to distribute their work unencumbered by fees or onerous licenses. CSR head Jerome Saltzer shared his team’s view but thought it wise to distribute the work with a copyright notice. Congress had recently updated copyright law to protect computer software.
After a few months of consultations with the laboratory’s legal team, a copyright notice emerged. To test the notice, CSR elected to distribute TCP/IP, an innovative protocol for networking. The notice contained these provisions:
- Permission to use the software for any purpose, including commercial applications
- No requirement for a signed agreement or license fee
- Requirement for MIT’s copyright and permission notice to redistribute
- No promotional use of MIT’s name
- A disclaimer labeling the software “as-is” without warranty
TCP/IP was a ringing success and won wide acceptance by several PC networking vendors. Because of TCP/IP’s warm reception, the mundane copyright notice became a software industry milestone. Previous software distributions from MIT, other universities, and corporations included some of these themes, but this was the first time each of these principles appeared together. The notice — not yet called a license — was a small paragraph that would have a formidable impact in the decades to come.
The X Windows Gamble Nets Millions
Fast-forward to 1985. One year after Apple’s Macintosh computer jump-started the move to graphical user interfaces for PCs, MIT squared off against Carnegie Mellon University and Sun Microsystems in a race to establish a GUI for the Unix operating system. Unix was the dominant OS for workstations and minicomputers of the era.
License Obstacles Strike Again
Like its competitors, MIT required all recipients of its GUI to sign license agreements. The CSR Group again chafed under this arrangement. The group’s engineers believed their entry, the X Windows System, benefited greatly from the suggestions of recipients. The licensing scheme choked off this valuable input. Feeling the heat from Carnegie Mellon and Sun Micro, the programmers took their concerns to CSR Group head Saltzer and argued for the same agreement that succeeded for TCP/IP two years earlier.
Saltzer again consulted with the lab’s legal team to see if the 1983 solution could work for X Windows. Using the TCP/IP notice as a starting point, the lawyers added a more explicit prohibition on using MIT’s name for promotional use. To reassure potential adopters, the attorneys added a guarantee that the X Windows System did not violate any Unix license. With these changes, the second version of the MIT notice took form.
It Pays To Distribute Free Software
In February 1986, the CSR group released a new version of X Windows with the revised notice. Liberated from signed license agreements, adoption of the X Windows System exploded. While the Unix of the 1980s has faded away, X Windows roars along as the face of the Linux operating system and Unix’s successors. The move earned MIT millions in donations, government grants, and corporate contracts. Recalling the results of the decision five decades later, MIT’s Saltzer wrote, “The cash flow has dwarfed the forgone revenue stream that likely would have come from licensing for a fee.”
As MIT’s X Windows flourished, a university 2,600 miles to the west readied another open-source software breakthrough. This school’s efforts would write another chapter in open-source license history.
BSD Unix Sets the Stage for Licenses
In June 1989, the Computer Systems Research Group at the University of California, Berkeley, released Berkeley Software Distribution Networking Release 1. The release marked two milestones. While previous Unix versions required a hefty license payment to originator AT&T, 1BSD was the first free and open-source software version of Unix. Second, following the example of MIT, the Regents of the University of California prefaced this FOSS release with a copyright and permission notice. The text preserved the principles of the MIT notices, albeit in a more wordy and reordered form. Within a year, the notice would be out, a license would come in, and a cascading compliance headache would begin.
BSD Goes a Clause Too Far
In 1990, the California regents replaced the BSD notice with a four-clause license. Regarded by many software historians as the first license of its kind, this text would accompany each BSD release for the next nine years. The BSD license was a departure from the compact MIT notices. While the second MIT notice closed with a concise 23-word “as-is” section, the California regents’ attorneys sought to close off every conceivable litigation avenue with a monster 110-word disclaimer.
A bigger problem loomed higher in the text. As a departure from previous notices, the new BSD license required licensees to include this sentence in all advertising materials:
This product includes software developed by the University of California, Berkeley, and its contributors.
This innocuous clause would grow into a massive imbroglio over the coming decade. As more and more developers embraced the BSD license and replaced the University of California attribution with their company names, software advertisements filled up with line after line of mandated attribution clauses. By 1997, a release of the NetBSD operating system needed 97 individual advertising attributions to maintain compliance. After two more years, the regents relented and released a three-clause license that cut the advertising requirement and streamlined the closing disclaimer. Usable permissive licenses were on their way.
The Software Community Embraces Permissiveness — for Licenses
From the 1999 three-clause BSD license, a family of permissive licenses was born:
- BSD 2-Clause: Maintaining BSD’s comprehensive liability disclaimer, this license requires redistributions to include the copyright notice and disclaimer within the source code or the binary code’s documentation. This wording is also widely known as the Simplified License or the FreeBSD License.
- BSD 3-Clause: Otherwise matching the BSD 2-Clause, this version adds a third clause prohibiting the use of the owner’s name for promotion of derivative products.
- BSD 3-Clause Clear License: The version includes the full text of the BSD 3-Clause License and adds a sentence to the disclaimer explicitly denying any patent rights.
While the BSD license saga played out over three decades, MIT’s copyright notice quietly evolved into the favorite highly permissive license for today’s developers. As with the notice for the X Windows release, the MIT license permits commercial use, private use, distribution, and modification. The text still requires the copyright notice for any distribution, and MIT followed BSD’s lead with a lengthy and explicit warranty disclaimer.
Gamesmanship Defines Licensing Decisions
After nearly half of a century, which of the two licenses is the best choice? The MIT text is the license chosen for several of the industry’s established frameworks:
- The npm package manager
- Microsoft’s .NET Core
- Facebook’s React development tools
- The Ruby on Rails server framework
With these tools, choosing MIT’s entry practically eliminates license hassles. Alternatively, developers who work with the popular FreeBSD FOSS Unix derivative will likely prefer one of the BSD licenses for their source code.
Why do software’s major players willingly give away their software? The one-word answer is influence. If an organization is playing to win, sacrificing license revenue to shape the playing field can be a canny move. Nonetheless, there are no guarantees. While MIT’s X Windows gamble paid off brilliantly, a bad call on a software license might just as well boot away millions of dollars in revenue. Equal parts chess match and poker game, software license selection will remain a high-stakes contest.
SCA Tames License Liabilities
The history of the BSD vs MIT license contest highlights the importance of getting software compliance right the first time. To stay on top of the software license status for every dependency in every project, developers need SOOS’s rapid composition analysis capability. SOOS monitors attribution, trademarks, copyrights, pay thresholds, and more.
Like compliance, security is not an option. With SOOS, it’s easy to catch security issues early in the build process. Scan projects, find vulnerabilities, and push issues to be fixed to issue management tools like Jira or Github Issues. Governance, compliance, and security in one comprehensive package.