Wix, the website builder company you may remember from stealing WordPress code and lying about it, has now decided the best way to gain relevance is attacking the open source WordPress community in a bizarre set of ads. They can’t even come up with original concepts for attack ads, and have tried to rip-off of Apple’s Mac vs PC ads, but tastelessly personify the WordPress community as an absent, drunken father in a therapy session. 🤔

I have a lot of empathy for whoever was forced to work on these ads, including the actors, it must have felt bad working on something that’s like Encyclopedia Britannica attacking Wikipedia. WordPress is a global movement of hundreds of thousands of volunteers and community members, coming together to make the web a better place. The code, and everything you put into it, belongs to you, and its open source license ensures that you’re in complete control, now and forever. WordPress is free, and also gives you freedom.

Wix is a for-profit company with a valuation that peaked at around 20 billion dollars, and whose business model is getting customers to pay more and more every year and making it difficult to leave or get a refund. (Don’t take my word for it, look at their investor presentations.) They are so insecure that they are also the only website creator I’m aware of that doesn’t allow you to export your content, so they’re like a roach motel where you can check in but never check out. Once you buy into their proprietary stack you’re locked in, which even their support documentation admits:

So if we’re comparing website builders to abusive relationships, Wix is one that locks you in the basement and doesn’t let you leave. I’m surprised consumer protection agencies haven’t gone after them.

Philosophically, I believe in open source, and if WordPress isn’t a good fit for you there are other great open source communities like Drupal, Joomla, Jekyll, and Typo3. We also have a great relationship with some of our proprietary competitors, and I have huge respect for the teams at Shopify and Squarespace, and even though we compete I’ve always seen them operate with integrity and I’d recommend them without hesitation.

I have to believe that users will care about that in the long run, and maybe that’s why Squarespace just passed up Wix in market share. They natively support exporting into WordPress’ format and don’t have to resort to dirty tricks to be successful. I expect Squarespace’s upcoming IPO will be a great one.

Wix, though, continues to show their true colors. Regardless of their product, I hope people consider the behavior of companies in the world they support with their dollars. Wix really wants you to see their new campaign though, so let’s take the bait and watch the creepy, misleading way they are trying to represent themselves.

Anyone who knows me knows that I like to try new things — phones, gadgets, apps. Last week I downloaded the new Wix (closed, proprietary, non-open-sourced, non-GPL) mobile app. I’m always interested to see how others tackle the challenge of building and editing websites from a mobile device.

I started playing around with the editor, and felt… déjà vu. It was familiar. Like I had used it before.

Turns out I had. Because it’s WordPress.

If I were being charitable, I’d say, “The app’s editor is based on the WordPress mobile app’s editor.” If I were being honest, I’d say that Wix copied WordPress without attribution, credit, or following the license. The custom icons, the class names, even the bugs. You can see the forked repositories on GitHub complete with original commits from Alex and Maxime, two developers on Automattic’s mobile team. Wix has always borrowed liberally from WordPress — including their company name, which used to be Wixpress Ltd. — but this blatant rip-off and code theft is beyond anything I’ve seen before from a competitor.

Dear Wix,

This explicitly contravenes the GPL, which requires attribution and a corresponding GPL license on whatever you release publicly built on top of GPL code. The GPL is what has allowed WordPress to flourish, and that let us create this code. Your app’s editor is built with stolen code, so your whole app is now in violation of the license.

I suppose we’ll take this as a compliment — I’m sure the hundreds of people who have contributed to WordPress Core and our mobile apps are flattered that you chose to build one of your company’s core features using our code. We’re also excited to see what great things you create with all the time you saved not having to write your own mobile editor.

You know what’d be even more exciting? To see you abide by the GPL and release your source code back to the community that gave you that jump start.

I’ve always said that the GPL isn’t about limits, it’s about possibilities. In open source software, you trade some of your control as a developer to better serve the developer community and the people using your sites and products. I don’t think that’s a limit, I think it’s a way to make sure we encourage innovation and momentum. If you want to close the door on innovation, Wix, that’s your decision to make — just write your own code. If you’re going to join the open source community, play by the open source rules.

Release your app under the GPL, and put the source code for your app up on GitHub so that we can all build on it, improve it, and learn from it.

Love,
Matt and the open source community

An Update

The CEO of Wix has posted a response on their blog. I’ll also try to post my response it to the comments there. Miriam Schwab also has a very good response.

We were all very surprised by your post, as you have so many claims against us.

Wow, dude I did not even know we were fighting.

It’s not a fight: the claim is that the Wix mobile apps distribute GPL code and aren’t themselves GPL, so they violate the license.

First, you say we have been taking from the open source community without giving back, well, of course, that isn’t true. Here is a list of 224 projects on our public GitHub page, and as you can see they are all dated before your post. We have not checked if WordPress is using them, but you are more than welcome to do so, some of them are pretty good.

Very glad your company has projects on GitHub! Thank you for the offer to use them; if we do, we’ll make sure to follow the license you’ve put on the code very carefully.

Releasing other open source projects doesn’t mean that you can violate the license of the editor code you distributed in your mobile apps. To repeat my earlier points: since you distributed GPL code with your apps, the entire apps need to be released at GPL, not just your modifications to that one library.

As this Hacker News comment put it, “Open source is not a swap meet; you can’t violate a license if you voluntarily release some other code to make up for it.”

We always shared and admired your commitment to give back, which is exactly why we have those 224 open source projects, and thousands more bugs/improvements available to the open source community and we will release the app you saw as well.

If you were to release the entire source code of the apps under GPL that would bring you back into compliance with the license you violated. I think you’re saying you will do that here, but can you clarify? When should we look for the app code to be released, and where? That would resolve this issue completely.

Next, you talk about the Wix App being stolen from WordPress. There are more than 3 million lines of code in the Wix application, notably the hotels/blogs/chat/eCommerce/scheduling/booking is all our code.

I said the app includes stolen code. It doesn’t matter if it’s 30 lines or 30 million lines: because it includes GPL code and you distributed the app, the entire thing needs to be GPL. If you release the entire app’s code, as I think you said you would, then that resolves the license violation.

Yes, we did use the WordPress open source library for a minor part of the application (that is the concept of open source right?), and everything we improved there or modified, we submitted back as open source, see here in this link – you should check it out, pretty cool way of using it on mobile native. I really think you guys can use it with your app (and it is open source, so you are welcome to use it for free). And, by the way, the part that we used was in fact developed by another and modified by you.

Thank you for admitting you used the code and not trying to hide it. The issue isn’t the changes you made, it’s that including the editor means you need to submit the entire app as open source, which you have not yet — it’s completely proprietary.

If you want to read the account from Tal Kol, one of the leading engineers on this project, here it is. He was really happy to share his side of the story.

I have seen it, and it already has a number of good comments on it, including this one: “Can you address this point made in Matt’s post: ‘This explicitly contravenes the GPL, which requires attribution and a corresponding GPL license on whatever you release publicly built on top of GPL code’.” It appears you and Tal might share a misunderstanding of how the GPL works — software licensing can be tricky and many people make honest mistakes. (If you want to get into serious detail, this comment lays the licensing requirements out clearly.) It is easy to rectify this one: release your apps as open source under the GPL.

Now, what is this thing about us stealing your branding? Our product was always called Wix and our website Wix.com, we never borrowed from your marketing or brand.

Sorry for including this distraction; I was referring specifically to the fact that Wix used to go by “Wixpress.” You can see this in your Form F-1, and there used to be a support page about this on your site:

Although that is still in Google, the page it links to now mysteriously returns a 404 error, which you may want to look into.

In fact, if I remember correctly, until recently the Automattic home page was all about blogs and only recently it has become “websites.” Also, your business model changed to almost exactly the one we had for years. Can it be that you guys are borrowing from us? If so, again, you are welcome to it.

The Automattic home page has been a series of haiku about our products since 2009, pretty much unchanged — I think you mean the WordPress.com home page here. WordPress has been used for creating websites, not just blogs, since our 1.5 release in 2005 added themes and pages. In my 2014 State of the Word address I talked about how 87% of WordPress sites use it as a CMS. We regularly test dozens of variations of the WP.com homepage and some of them definitely emphasize website creation. I will say we look to Wix, Weebly, and Squarespace as innovators in the space with products that reach many small businesses, and Wix especially should be commended for its success and growth as a public company.

If you believe that we need to give you credit, that you deserve credit, I must say, absolutely yes. You guys deserve a lot of credit, but not because of a few lines of source code, you deserve credit because you guys have been making the internet dramatically better, and for that we at Wix are big fans. We love what you have been trying to do, and are working very hard to add our own contribution to make the internet better.

Thank you very much, that is kind. I do think there are a lot of values we share in common and would love to see this one issue resolved.

If you need source code that we have, and we have not yet released, then, most likely we will be happy to share, you only need to ask. We share your belief that making the internet better, is best for everyone.

That’s what my post was asking, for you to release the code. To quote my original letter: “Release your app under the GPL, and put the source code for your app up on GitHub so that we can all build on it, improve it, and learn from it.”

Finally, during the last couple of years, I reached out a couple of times trying to meet with you. Could I do that again here? I believe in friendly competition, and as much fun as it is to chat over the blogosphere, maybe we can also do it over a cup of coffee?

Once this is resolved I’d be happy to meet up. I believe when we exchanged emails in 2014 there was trouble finding overlap in our travel schedules.

I hope the above clarifies where we think Wix made a mistake, and how to fix it.

Facebook is offering its users a 6-month free trial of McAfee and promoting it heavily, and even forcing people to run a scan before they can reactivate a hacked account. They’re “not aware of another free Internet service that takes this much responsibility for helping people keep their accounts secure.” (Didn’t Google promote McAfee through Google Pack at one point?) I think this is a laudable step, more security is intrinsically good, but I have to suspect this is more about revenue than security. They will probably make many millions of dollars from their users installing or buying McAfee as a result of this.

Modern versions of Windows include free tools like Defender which are just as good and appear to have less of a performance impact on the computer. But if they really wanted to have a long-term impact on desktop as a vector for attack on web services I’m surprised they didn’t start, sponsor, or promote an Open Source equivalent of McAfee. This seems like a space very well-suited to address with an OS tool in the digital commons, much like a Windows anti-spyware equivalent of SpamAssassin, with self-updating rules and a completely transparent process.