AWS has been doing things that are 'just NOT OK since 2015,' says Elastic as firm yanks Apache 2.0 licence

So are ya open source or aren't ya?


Elastic CEO and co-founder Shay Banon has attacked AWS for what he claims is unacceptable use of the open-source Elasticsearch product and trademark.

Banon's post is part of the company's defence of its decision to drop the open-source Apache 2.0 licence for its ElasticSearch and Kibana products and instead use the copyleft SSPL or restrictive Elastic licence – though the plan is to add provisions to mitigate this by having code revert to the Apache 2.0 licence after a period of up to five years.

The new rant makes explicit that the purpose of the licence change is to make it harder for AWS to use Elastic's code. According to Banon, AWS has been "doing things that we think are just NOT OK since 2015." Banon said that "we've tried every avenue available including going through the courts," presumably a reference to this lawsuit [PDF], the outcome of which is not yet determined.

Banon wants to prevent "companies from taking our Elasticsearch and Kibana products and providing them directly as a service without collaborating with us." The issue is not clear-cut, though, since permissive open-source licences like Apache 2.0 specifically include the right to modify and distribute the product.

The company has also protected its investment by releasing some features only under the Elastic licence. Elasticsearch is based on Apache Lucene so Elastic itself is vulnerable to accusations of benefiting from open source while now trying to lock down its products for commercial advantage.

The Elasticsearch trademark is another matter, and Banon also claims that AWS has not been honest with customers about its fork called Open Distro for Elasticsearch, which underlies the Amazon Elasticsearch Service. AWS CTO Werner Vogels announced this on Twitter with a now-deleted tweet calling it "a great partnership between @elastic and AWS." According to Banon, there was no collaboration.

"Over the years, we have heard repeatedly that this confusion persists," Banon said. He also claimed that proprietary features in Elasticsearch are "serving as 'inspiration' for Amazon."

In March 2019, Adrian Cockcroft, Amazon's VP of cloud architecture strategy, said that the motivation for the Open Distro for Elasticsearch was that "since June 2018, we have witnessed significant intermingling of proprietary code into the code base" and complained about "an extreme lack of clarity as to what customers who care about open source are getting and what they can depend on." According to Cockcroft, AWS offered "significant resources" to support a community version of Elasticsearch but this was refused. "The whole idea of open source is that multiple users and companies can put it to work and everyone can contribute to its improvement," he said.

In February 2020, AWS added security features to its Elasticsearch service, in partnership with Floragunn GmbH, whose Search Guard product is a third-party security add-on for Elasticsearch. Floragunn's product is also subject of litigation [PDF] from Elastic, which claims in the court filing that it is a "knowing and willful infringement of Elastic's copyright in the source code for Elastic's X-Pack software."

Andi Gutmans, VP of analytics and ElastiCache at AWS, said in the same month last year: "We want to make the community aware that AWS performed our own due diligence prior to partnering with Floragunn and found no evidence that Search Guard misappropriated any copyrighted material." He added that "this kind of behavior is misaligned with the spirit of open source."

Yestrday, Charlie Hull, co-founder of UK open-source search consultancy Flax, said: "Although Elasticsearch creator Shay Banon is always at pains to point out his personal commitment to 'open,' what that means in practice has shifted several times as his company has grown, taken investment and gone public. Elastic's actions over the years, such as deliberately mixing Apache 2 and Elastic licensed code, have shown it was shifting away from a true open source model."

According to Hull, Elastic's new terms are unlikely to affect third-party services that do not directly expose Elasticsearch, such as a library book search. But he did add that "the boundaries of what constitutes a 'Prohibited SaaS Offering' are not entirely clear," and that "those considering Elasticsearch for new projects will have to consider how important they regard the freedoms of a true open source license and perhaps examine alternatives."

Linux developer Drew DeVault said of the licence change: "Elasticsearch belongs to its 1,573 contributors, who retain their copyright, and granted Elastic a license to distribute their work without restriction... Elastic has spit in the face of every single one of 1,573 contributors, and everyone who gave Elastic their trust, loyalty, and patronage. This is an Oracle-level move."

James Governor, analyst at Redmonk, told us: "AWS is an incredibly strong competitor. It has sharp elbows. It is also the greatest software distribution mechanism ever created, superseding the previous greatest software distribution mechanism ever created, namely open source. In some cases third parties would like to take advantage of AWS as a distribution mechanism, but without letting it compete on the basis of the services it provides, which creates some interesting conflicts regarding what open source is, and what open source is for. As Shay Banon himself says, he is happy with his relationship with some parts of AWS." ®


Other stories you might like

  • Employers in denial over success of digital skills training, say exasperated staffers

    Large disparities in views from bosses vs workers on 'talent transformation initiatives,' says survey

    Digital transformation projects are being held back by a lack of skills, according to a new survey, which finds that while many employers believe they are doing well at training up existing staff to meet the requirements, their employees beg to differ.

    Skills shortages are nothing new, but the Talent Transformation Global Impact report from research firm Ipsos on behalf of online learning provider Udacity indicates that although digital transformation initiatives are stalling due to a lack of digital talent, enterprises are becoming increasingly out of touch with what their employees need to fill the skills gap.

    The report is the result of two surveys taking in over 2,000 managers and more than 4,000 employees across the US, UK, France, and Germany. It found that 59 per cent of employers state that not having enough skilled employees is having a major or moderate impact on their business.

    Continue reading
  • Saved by the Bill: What if... Microsoft had killed Windows 95?

    Now this looks like a job for me, 'cos we need a little, controversy... 'Cos it feels so NT, without me

    Former Microsoft veep Brad Silverberg has paid tribute to Bill Gates for saving Windows 95.

    Silverberg posted his comment in a Twitter exchange started by Fast co-founder Allison Barr Allen regarding somebody who'd changed your life. Silverberg responded "Bill Gates" and, in response to a question from Microsoft cybersecurity pro Ashanka Iddya, explained Gates's role in Windows 95's survival.

    Continue reading
  • UK government opens consultation on medic-style register for Brit infosec pros

    Are you competent? Ethical? Welcome to UKCSC's new list

    Frustrated at lack of activity from the "standard setting" UK Cyber Security Council, the government wants to pass new laws making it into the statutory regulator of the UK infosec trade.

    Government plans, quietly announced in a consultation document issued last week, include a formal register of infosec practitioners – meaning security specialists could be struck off or barred from working if they don't meet "competence and ethical requirements."

    The proposed setup sounds very similar to the General Medical Council and its register of doctors allowed to practice medicine in the UK.

    Continue reading
  • Microsoft's do-it-all IDE Visual Studio 2022 came out late last year. How good is it really?

    Top request from devs? A Linux version

    Review Visual Studio goes back a long way. Microsoft always had its own programming languages and tools, beginning with Microsoft Basic in 1975 and Microsoft C 1.0 in 1983.

    The Visual Studio idea came from two main sources. In the early days, Windows applications were coded and compiled using MS-DOS, and there was a MS-DOS IDE called Programmer's Workbench (PWB, first released 1989). The company also came up Visual Basic (VB, first released 1991), which unlike Microsoft C++ had a Windows IDE. Perhaps inspired by VB, Microsoft delivered Visual C++ 1.0 in 1993, replacing the little-used PWB. Visual Studio itself was introduced in 1997, though it was more of a bundle of different Windows development tools initially. The first Visual Studio to integrate C++ and Visual Basic (in .NET guise) development into the same IDE was Visual Studio .NET in 2002, 20 years ago, and this perhaps is the true ancestor of today's IDE.

    A big change in VS 2022, released November, is that it is the first version where the IDE itself runs as a 64-bit process. The advantage is that it has access to more than 4GB memory in the devenv process, this being the shell of the IDE, though of course it is still possible to compile 32-bit applications. The main benefit is for large solutions comprising hundreds of projects. Although a substantial change, it is transparent to developers and from what we can tell, has been a beneficial change.

    Continue reading
  • James Webb Space Telescope has arrived at its new home – an orbit almost a million miles from Earth

    Funnily enough, that's where we want to be right now, too

    The James Webb Space Telescope, the largest and most complex space observatory built by NASA, has reached its final destination: L2, the second Sun-Earth Lagrange point, an orbit located about a million miles away.

    Mission control sent instructions to fire the telescope's thrusters at 1400 EST (1900 UTC) on Monday. The small boost increased its speed by about 3.6 miles per hour to send it to L2, where it will orbit the Sun in line with Earth for the foreseeable future. It takes about 180 days to complete an L2 orbit, Amber Straughn, deputy project scientist for Webb Science Communications at NASA's Goddard Space Flight Center, said during a live briefing.

    "Webb, welcome home!" blurted NASA's Administrator Bill Nelson. "Congratulations to the team for all of their hard work ensuring Webb's safe arrival at L2 today. We're one step closer to uncovering the mysteries of the universe. And I can't wait to see Webb's first new views of the universe this summer."

    Continue reading

Biting the hand that feeds IT © 1998–2022