informa
/
Commentary

When Bad Things Happen With Good Software

If you create a piece of open source software and discover that it has been put to use in a way you find personally distasteful or immoral, what would you do about it?

If you create a piece of open source software and discover that it has been put to use in a way you find personally distasteful or immoral, what would you do about it?

That's a question that was raised, albeit in a somewhat oddball form, just recently. Not long ago the Motion Picture Association of America released what it calls the "University Toolkit", a custom edition of Xubuntu that comes with a number of network analysis tools, allegedly for detecting copyright-infringing network activity. Brian Krebs at The Washington Post wrote about it and was deeply concerned that the toolkit could all too easily cause as many problems as it allegedly solved. David Taylor, senior information security specialist at the University of Pennsylvania, took a look at the kit and reached some of the same conclusions.

Worse, one of the Ubuntu development team people, Matthew Garrett, found that the MPAA (or, more precisely, the company that the MPAA subcontracted to create the kit) didn't release source code for the whole bundle, which is a violation of the GPL. Garrett tried to get someone to address his concerns, and after hitting a stone wall decided to complain to the ISP hosting the page with the toolkit and got it removed the hard way.

I don't doubt for a minute that the GPL complaint was perfectly valid, but I couldn't help but think another question was being raised here, especially given the bad reputation the MPAA (and RIAA) have with open source advocates. So, again: if you're the author of an open source product that you feel is being misused in some way, what do you do?

This is one of those larger moral quandaries that people regularly run into, outside of open source or even computing in general. It never loses its importance as an issue, though, and I think both action and attitude are important parts of the response.

If you see something objectionable being done with something you have put hard work into and take pride in, then yes, you do owe it to yourself to at least lodge your objections with the offender. But you also need to keep in mind that the very nature of open source -- something like the nature of free speech, too -- means that your work can and will be used in contexts you may not appreciate. The only way to stop this from happening preemptively would be to simply never release anything.

Some people do try to preemptively protect themselves from such things by, for instance, releasing their code under a license that prevents it from being used in certain social circumstances. In my mind, that won't stop anyone who's dead-set on doing the wrong thing, but it does at least make clear your feelings about how such a program can be used.

What sort of social stipulations, if any, would you place on your software? Or, if you do already, what are they?