I posted this topic on GitHub Community forum to ask the GitHub Community if there is a license that makes software free to use/modify/distribute, but also legally deters black hat hackers from causing collateral damage. I included a hypothetical example on that post, but I can think of other real world examples/situations that a license like this could prevent from happening:
- The Russians probing the US electrical grid,
- Data breaches, which is why we have Firefox Monitor.
- And way more to mention here.
Okay, so what’s the issue with existing open-source licenses?
I see a very large loophole in today’s open-source licenses: they are free for anyone to use/modify/distribute; including black hats. This loophole essentially allows hackers to use existing code to build more powerful malware; for example, a hacker can use Angular to build a phishing page, utilizing the framework’s features to mimic the target site.
Okay, how would this license deter black hats?
This license would allow developers to litigate (sue) a hacker who used their code for harm; knowing this, a hacker would have to find another library (that is not enforcing an ‘anti-harm’ restriction), or develop it themselves, leading less productivity, hence deterring them from hacking in the first place.
I hope this topic will spur other Mozillians to advocate for a new kind of license that will make the internet a better place, and this will be shown to the team at MPL to consider revising the license so it will align better with Mozilla’s mission.