A software license for the modern world

I posted this topic on GitHub Community forum to ask the GitHub Community if there is a license that makes software free to use/modify/distribute, but also legally deters black hat hackers from causing collateral damage. I included a hypothetical example on that post, but I can think of other real world examples/situations that a license like this could prevent from happening:

  • The Russians probing the US electrical grid,
  • Data breaches, which is why we have Firefox Monitor.
  • And way more to mention here.

Okay, so what’s the issue with existing open-source licenses?

I see a very large loophole in today’s open-source licenses: they are free for anyone to use/modify/distribute; including black hats. This loophole essentially allows hackers to use existing code to build more powerful malware; for example, a hacker can use Angular to build a phishing page, utilizing the framework’s features to mimic the target site.

Okay, how would this license deter black hats?

This license would allow developers to litigate (sue) a hacker who used their code for harm; knowing this, a hacker would have to find another library (that is not enforcing an ‘anti-harm’ restriction), or develop it themselves, leading less productivity, hence deterring them from hacking in the first place.

I hope this topic will spur other Mozillians to advocate for a new kind of license that will make the internet a better place, and this will be shown to the team at MPL to consider revising the license so it will align better with Mozilla’s mission.

Hi

You may wish to look at https://firstdonoharm.dev/ which is an attempt to build a software license that is “for good”.

1 Like

@seburo thank you for your recommendation, but I feel that’s way too specific. The HL3 license only covers for a specific set of scenarios (terrorism), which excludes a whole swath of possible crimes such as phishing and data breaches. I will share this thread to their repository. Thanks again! I would share this to thread to their repository, but they have it archived.

Update: I sent an inquiry to the organization that is behind the license. Thanks again!

1 Like

Update

I found this repository, and posted an issue about expanding their license to prevent libraries from being used to inflict collateral damage. Feel free to check it out!

1 Like

Update: I had to repost the original question from GitHub Community as they are moving to GitHub Discussions.