Language Selection

English French German Italian Portuguese Spanish

Legal

Linux Foundation's AGL, ACT (Copyleft Compliance) and Upcoming Copyleft Conf (Conservancy)

Filed under
Linux
OSS
Legal
  • Toyota Motors and its Linux Journey

    I spoke with Brian R Lyons of TMNA Toyota Motor Corp North America about the implementation of Linux in Toyota and Lexus infotainment systems. I came to find out there is an Automotive Grade Linux (AGL) being used by several autmobile manufacturers.

    I put together a short article comprising of my discussion with Brian about Toyota and its tryst with Linux. I hope that Linux enthusiasts will like this quick little chat.

    All Toyota vehicles and Lexus vehicles are going to use Automotive Grade Linux (AGL) majorly for the infotainment system. This is instrumental in Toyota Motor Corp because as per Mr. Lyons “As a technology leader, Toyota realized that adopting open source development methodology is the best way to keep up with the rapid pace of new technologies”.

  • Simplifying and Harmonizing Open Source for More Efficient Compliance

    Using open source code comes with a responsibility to comply with the terms of that code’s license, which can sometimes be challenging for users and organizations to manage. The goal of ACT is to consolidate investment in and increase interoperability and usability of, open source compliance tooling, which helps organizations manage compliance obligations.

    Software widely includes an assortment of open source code with multiple licenses and a mix of proprietary code. Sorting and managing all these can be a major hassle, but the alternative is potential legal action and damaged relations with the open source community.

    The projects in ACT are poised to boost existing Linux Foundation compliance projects like OpenChain, which identifies recommended processes and make open source license compliance simpler and consistent, and the Open Compliance Program, which educates and helps developers and companies understand their license requirements. ACT provides tooling to help support efficient workflows.

  • Copyleft Conf: Registration is Open

    Conservancy is very excited to share the schedule for the first ever Copyleft Conf with you! Copyleft Conf is a one day event, taking place in downtown Brussels at Digityser. Registration begins at 9:30am and we'll be finishing by 6pm. We'll have talks, a panel and participatory discussions near the end of the day.

    Participants from throughout the copyleft world — developers, strategists, enforcement organizations, scholars and critics — will be welcomed for an in-depth, high bandwidth, and expert-level discussion about the day-to-day details of using copyleft licensing, obstacles facing copyleft and the future of copyleft as a strategy to advance and defend software freedom for users and developers around the world.

Licensing in Mobile Devices (GPL Compliance)

Filed under
OSS
Legal
  • Asus Zenfone Max M2 update brings EIS to the front camera, Max Pro M2 gets an update too

    So far, there have been mixed feelings about these two phones as the specs and price are impressive, but then the company ended up releasing the kernel source code for them that was encrypted. It’s required for an Android OEM to release the kernel source for their devices but releasing an encrypted file without proper means of decryption is pointless. This still ends up with ASUS violating the GPL and it’s not a good sign for the enthusiast community that was starting to swell around these two devices.

  • Nokia 7.1 and Nokia 6.1 Plus kernel source code now available for download

    HMD’s source code for Nokia Android smartphones is licensed under GPL or LGPL which allows source code distribution. And by distributing the source code the company also contribute to the open source community which in turn is beneficial to the end users. Visit Nokia’s official download page where you can find the source code for both the smartphones, Nokia 6.1 Plus and Nokia 7.1.

The Linux Foundation decides to ACT on compliance

Filed under
OSS
Legal

Compliance is big… so big, in fact, that ‘they’ now have an Open Compliance Summit.

The last Open Compliance Summit was held in Yokohama in Japan at the tail end of last year — the The Linux Foundation used it as a chance to load up on sushi and also announce a new project to help improve open source compliance tooling called Automated Compliance Tooling (ACT).

ACT is an umbrella brand that will host various open source projects related to compliance tooling — so the initial four projects to fall under ACT are: FOSSology (existing LF project); QMSTR (being contributed by Endocode); SPDX tools (existing LF project); Tern (being contributed by VMware).

Read more

FOSS Legal Matters

Filed under
OSS
Legal
  • Top 10 FOSS legal developments in 2018

    The year 2018 was a year in which the FOSS business model demonstrated its success: IBM purchased Red Hat, Inc. for $34 billion. The FOSS ecosystem also celebrated its durability: OSI celebrated the 20th anniversary of the open source movement and Linux celebrated its 25th anniversary.

    Meanwhile, however, old legal problems returned. The year 2018 has also seen another significant increase in decisions in litigation involving FOSS issues, and several of these cases are very important. This increase in litigation is a reminder of the importance of an active compliance program for all corporations that use FOSS (which now means virtually all corporations). Continuing the tradition of looking back over the top ten legal developments in FOSS, my selection of the top ten issues for 2018 is as follows:

  • Legal Issues And Compliance Pertaining To Open Source Software

    An Open Source Software (OSS) is a kind of software with source code which can be modified, enhanced and inspected by ANYONE. In case of an OSS, a person may alter how the software works or improve it by adding features or fixing parts that do not work properly, by modifying the source code of the software program. This is different from a closed software, where only the person/organization that created the software has the capacity to alter it, OSS is preferable and is considered to be a better option for the users than the former, as it grants them more freedom in relation to a closed software. Some prime examples of OSS are the Apache HTTP Server, the e-commerce platform os Commerce, internet browsers like Mozilla Firefox and Chromium. Facebook, Google, and LinkedIn all release OSSs, so that developers may share knowledge, create solutions, and contribute towards the creation of stable and functional products. There are certain landmark judicial pronouncements in the field of OSS that hold paramount importance in deciding the future of OSS.

Licensing: 'Cloud' Trap, Substrate and Asus Kernel Code

Filed under
OSS
Legal
  • Stormy weather: To stop cloud giants, some open-source software firms limit licenses

    A heated debate has erupted in the open-source software world that’s pitting startups against cloud computing giants.

    The furor concerns, of all things, new licensing terms, which software companies are adopting to thwart what they believe is unfair competition from cloud provider in general and Amazon Web Services Inc. in particular.

    It’s the latest development in the ongoing struggle by open-source developers to come up with sustainable business models built upon software that is essentially free. Open source has transformed the software industry, but only a few companies such as Red Hat Inc. — itself likely to be acquired by IBM Corp. in a recently announced deal — are consistently profitable.

  • Parity Introduces Substrate, a Blockchain Building Tool Suite

    The beta version of Substrate is authorized under the GNU General Public License, but the safe storage of the system will be transferred to an Apache 2.0 license to provide utmost developer independence. Parity will also offer professional help to organizations in view of the development of apps with a substratum.

  • Asus to release encrypted kernel sources for their ZenFone Max Pro M1, Max Pro M2 and Max M2

    The Asus ZenFone Max Pro M1 has been one of the more interesting smartphones from the company, especially in the budget segment in the past few years. The phone ticked a lot of boxes in terms of offering probably the best performance in its segment at that time along with a cleaner look with the stock Android. The Asus ZenFone Max Pro M2 follows the path set down by their predecessor and goes on to compete against the Xiaomi Redmi Note 6 Pro overcoming its predecessor’s shortcomings.

Free Software Licensing and Legal Challenges

Filed under
OSS
Legal
  • Parity Launches Beta Version of Tool Stack for Building Blockchains

    The beta version of Substrate is licensed under the GNU General Public License, but in order to provide maximum developer freedom, the tool’s repository will be moved to an Apache 2.0 license.

  • The Cyclical Theory of Open Source

    But in a world in which appetites for open source software commercially are under threat from – among other areas – proprietary cloud based offerings, it is certainly possible that industry appetites and support for open source could be slowed if public models give way to private alternatives.

    Many of those that have resorted to problematic licenses, however, feel as if they’ve been left with little choice. In their view, they foot the bill for the majority of development on an open source asset, only to see a cloud provider pick up that code and offer it as a competitive service – often without so much as an acknowledgement of the open source codebase it’s derived from.

    The question facing these providers, and the market as a whole, is not whether or not the typical commercial open source vs cloud provider dynamic is optimal – it is clear that, while improving, it is not. The question rather is whether or not a license is an appropriate remedy for the issue.

  • Automated Compliance Tooling project announced, Code California launches, Tor funding, and more news

    When you think of open source projects, the first thing that comes to mind is probably code. There's more to it than that. One vital aspect of open source that doesn't get a lot of attention is license compliance. That could change, thanks to the ACT project that the Linux Foundation is launching.

    Short for Automated Compliance Tooling, ACT brings together four compliance projects: FOSSology, QMSTR, SPDX Tools, and Tern. The goal of ACT, according to the Linux Foundation, is to "consolidate investment in, and increase interoperability and usability of, open source compliance tooling." In the end, this will help users and companies more easily "find up-to-date and current compliance documentation."

  • Startups are taking on Amazon's cloud with a controversial new plan, but experts warn it could undermine the foundations of open source

    In response, three smaller software companies behind some of the open-source software that Amazon and others rely on — Confluent, Redis Labs, and MongoDB — have gone on the defensive. In recent months, they've made changes to their licensing that prevent cloud platforms from profiting from the open-source code that they develop. Open source can't be "free and unsustainable" research and development for tech giants, Confluent CEO Jay Kreps said last week.

  • Radio Gets Ridiculous

    Of course, he’s leveraging the analog conversion in the microcontroller as well as the ability to generate signals in software. You might think that’s going to be an anemic receiver. Granted, it won’t be a high fidelity long-range receiver, but it does interface with GNU Radio!

Freeriders in FOSS

Filed under
GNU
OSS
Legal
  • Confluent joins Redis and MongoDB in restricting its open source licensing for competitors
  • Confluent Creates New 'Open Source' License to Stop Cloud Poaching

    The problem is that such restrictions run afoul of the Open Source Definition used by the Open Source Initiative, the standards organization that decides which licenses qualify as open source. The restriction also means that any code covered by the license probably can't be used within any other open source project.

  • John Sullivan - "Who wants you to think nobody uses the AGPL and why" (FOSDEM, Brussels, Belgium)

    The GNU Affero General Public License (AGPL) is an important tool for protecting user freedom on the network. Detractors have criticized it for being both too weak and too strong/demanding. In 2018, it was in the news more than ever. Are the interests of corporations that are afraid of their free code being turned into network services run by competitors starting to align with users losing their freedom to such services?

    Historically, the AGPL has been the target of criticism from entities that want to extinguish it. Some companies have banned it from their premises, sowed fear about how it operates, and propagated a myth that nobody is using it.

    Others claim that the AGPL is being used primarily by companies seeking to strong-arm downstream users into purchasing a proprietary version of the covered software -- by catching those users being out of compliance with the AGPL, and telling them that they must buy the software under a proprietary license to avoid being taken to court for copyright infringement.

    A third group of companies is now claiming that the AGPL doesn't go far enough to protect their software against being turned into services that deny users freedom -- though freedom may not be their primary concern.

    In fact, the AGPL is being used today by a variety of interesting and important projects, including ones started by governments, nonprofits, and even businesses. I'll highlight some illustrative examples. I'll also do my best to separate understandable concerns that people have about using the AGPL from attacks on user freedom masquerading as concerns, and see if there is any synergy between the concerns of the third group above and those of individual users.

    While not a full solution to the problems raised when users replace software running on their own machines with software running on someone else's machine, the AGPL is a tool that is being embraced and should be embraced even more.

Openwashing and FUD

Filed under
Microsoft
Legal

Confluent 'Closing Down' in the Face of 'Cloud' Exploitation

Filed under
OSS
Legal
  • After Amazon’s cloud encroaches on its turf, a startup is taking a stand: Open source can’t be ‘free and unsustainable R&D’ for tech giants

    In late November, Amazon Web Services announced it would sell a new service on its market-leading cloud called Amazon Managed Streaming for Kafka — a service that provides software that Amazon didn't create itself.

    This new service is based on Apache Kafka, an open source software project for handling large amounts of streaming data. AWS took Kafka and repackaged it as a paid cloud service — something completely legal, as open source software is free for anyone to use as they wish.

    Originally created at LinkedIn, the engineers who started Kafka made their own company around the software, called Confluent. At the time the service was revealed, Confluent CEO Jay Kreps told Business Insider that it wasn't worried about Amazon's move, saying "I don't think this announcement will impact our business."

  • Concerned about cloud providers, Confluent becomes latest open-source company to set new restrictions on usage

    Another open-source enterprise technology company is walling off parts of its software from cloud infrastructure providers.

    Confluent announced Friday morning that it is changing the terms of the licenses around several of the real-time data streaming open-source projects it has developed. Several components will no longer be available under the widely used and very permissible Apache 2.0 license: instead, they will be offered under a new license called Confluent Community License that is very similar to the Apache 2.0 license except for a clear restriction on providing KSQL and several other components as cloud services.

FSF Licensing and Compliance Lab: 2018 and the future

Filed under
GNU
OSS
Legal

I am the current licensing and compliance manager for the FSF, though I've had several roles in my time here. The Lab handles all the free software licensing work for the FSF. Copyleft is the best legal tool we have for protecting the rights of users, and the Lab makes sure that tool is at full power by providing fundamental licensing education. From publishing articles and resources on free software licensing, to doing license compliance work for the GNU Project, to handling our certification programs like Respects Your Freedom, if there is a license involved, the Lab is on the case.

When I started working at the FSF part-time in 2008, the GNU General Public License version 3 (GPLv3) was only a year old. Our Respects Your Freedom certification program didn't yet exist. The Free Software Directory wasn't yet a wiki that could be updated by the community at large. Things have changed a lot over the years, as has our ability to help users to understand and share freely licensed works. I'd like to take just a moment as 2018 draws to a close to look back on some of the great work we accomplished.

Read more

Syndicate content

More in Tux Machines

Mozilla: Rust, Socorro, and 'Healthier' Internet (Openwashing)

  • Another Rust-y OS: Theseus joins Redox in pursuit of safer, more resilient systems

    Rust, a modern system programming language focused on performance, safety and concurrency, seems an ideal choice for creating a new operating system, and several such projects already exist. Now there is a new one, Theseus, described by creator Kevin Boos as "an Experiment in Operating System Structure and State Management." The key thinking behind Theseus is to avoid what Boos and three other contributors from Rice and Yale universities call "state spill".

  • This Week In Rust: This Week in Rust 373
  • Socorro Engineering: Half in Review 2020 h2 and 2020 retrospective

    2020h1 was rough. 2020h2 was also rough: more layoffs, 2 re-orgs, Covid-19. I (and Socorro and Tecken) got re-orged into the Data Org. Data Org manages the Telemetry ingestion pipeline as well as all the things related to it. There's a lot of overlap between Socorro and Telemetry and being in the Data Org might help reduce that overlap and ease maintenance. [...] 2020 sucked. At the end, I was feeling completely demoralized and deflated.

  • Reimagine Open: Building a Healthier Internet

    Does the “openness” that made the [Internet] so successful also inevitably lead to harms online? Is an open [Internet] inherently a haven for illegal speech, for eroding privacy and security, or for inequitable access? Is “open” still a useful concept as we chart a future path for the [Internet]?

    A new paper from Mozilla seeks to answer these questions. Reimagine Open: Building Better Internet Experiences explores the evolution of the open [Internet] and the challenges it faces today. The report catalogs findings from a year-long project of outreach led by Mozilla’s Chairwoman and CEO, Mitchell Baker. Its conclusion: We need not break faith with the values embedded in the open [Internet]. But we do need to return to the original conceptions of openness, now eroded online. And we do need to reimagine the open [Internet], to address today’s need for accountability and online health.

Kernel: Linux 5.11, TuxMake, Linux 5.12, and NVIDIA "Nouveau" Driver

  • 5.11 Merge window, part 2

    Linus Torvalds released the 5.11-rc1 prepatch and closed the 5.11 merge window on December 27. By that time, 12,498 non-merge changesets had been pulled into the mainline; nearly 2,500 of those wandered in after the first merge-window summary was written. Activity slowed down in the second week, as expected, but there were still a number of interesting features that found their way into the mainline.

  • Portable and reproducible kernel builds with TuxMake

    TuxMake is an open-source project from Linaro that began in May 2020 and is designed to make building Linux kernels easier. It provides a command-line interface and a Python library, along with a full set of curated portable build environments distributed as container images. With TuxMake, a developer can build any supported combination of target architecture, toolchain, kernel configuration, and make targets. Building a Linux kernel is not difficult. Follow the documentation, install the dependencies, and run a couple of make commands. However, if a developer wants to build for multiple architectures, with multiple toolchains, things get complicated quickly. Most developers and maintainers have a set of custom scripts that they have written and maintained to perform their required set of builds. TuxMake provides a common layer of abstraction to reduce the need for every developer to write their own build scripts. TuxMake publishes containers for various toolchain/architecture combinations. These containers eliminate the need for individual developers to source and install multiple toolchains and toolchain versions on their systems. It also makes builds reproducible and portable because now the environment in which a kernel is built is versioned and shareable across the internet and on mailing lists. TuxMake has two goals. First, remove the friction that may cause developers, especially new developers, to skip build testing for uncommon toolchain/architecture combinations. Second, to make it easier for builds and build problems to be described and reproduced.

  • Linux 5.12 To Allow Disabling Intel Graphics Security Mitigations - Phoronix

    The Linux 5.12 kernel will allow optional, run-time disabling of Intel graphics driver security mitigations, which so far is just in regards to last year's iGPU Leak vulnerability. This i915.mitigations= module parameter control is being added as part of finally fixing the Haswell GT1 graphics support that was fallout from this mitigaion. The drm-intel-gt-next pull request to DRM-Next for Linux 5.12 was sent in. Most notable is that fixing of the Haswell GT1 support that came from the clear residual security mitigations. Since that iGPU Leak mitigation for Gen7/Gen7.5 graphics was merged last year, Haswell GT1 graphics have resulted in hangs at boot. That's finally fixed up. Besides being in Linux 5.12, it should also get back-ported to recent stable kernel series as well.

  • Open-Source "Nouveau" Driver Now Supports NVIDIA Ampere - But Without 3D Acceleration - Phoronix

    Patches were sent out today that provide the open-source Linux kernel "Nouveau" driver with support for NVIDIA GeForce RTX 30 series "Ampere" graphics cards. But at the moment there is no 3D acceleration and the developers are blocked still by signed firmware requirements, so it's basically just a matter of having kernel mode-setting display support. Red Hat's Ben Skeggs sent out the pull request today that provides kernel mode-setting support for the RTX 30 "Ampere" graphics cards with the long-standing open-source NVIDIA "Nouveau" driver

Daniel Stenberg: Food on the table while giving away code

I founded the curl project early 1998 but had already then been working on the code since November 1996. The source code was always open, free and available to the world. The term “open source” actually wasn’t even coined until early 1998, just weeks before curl was born. In the beginning of course, the first few years or so, this project wasn’t seen or discovered by many and just grew slowly and silently in a dusty corner of the Internet. Already when I shipped the first versions I wanted the code to be open and freely available. For years I had seen the cool free software put out the in the world by others and I wanted to my work to help build this communal treasure trove. Read more Also: GStreamer 1.18.3 stable bug fix release

What my Linux adventure is teaching me about our possible future

I am a Linux ambassador of sorts. I’ve been using the Linux computer operating system since 2013. I can still remember the light feeling I had the day I broke free of the Microsoft Windows operating system. No more constant worries about viruses hijacking or corrupting my computer. No more outlays to pay for each upgrade. No more worries that the next upgrade will be really lousy and buggy and remain so for months or even years. And, above all, no more freezes in the middle of my work and work lost as a result. Now eight years into my Linux adventure I am wildly satisfied with that choice. That remains the case even though my most recent upgrade did not go as planned and got stretched out over several days. But this latest upgrade has made me think hard about why I stick with Linux and what the Linux way of doing things can tell us about a possible, better future. I think some of the principles and structures I’m seeing are found in practically every pursuit, agriculture, education, the arts, politics, and commerce. If you are growing some of your own food, you are practicing these principles and creating similar structures. If you are teaching outside existing educational systems, you are likely doing the same. If you are writing, painting, singing, dancing or somehow expressing yourself artistically, you are probably already moving toward the world that the Linux community is pioneering in its own corner. If you created a business not only to have a livelihood, but because you want to change the world, you are almost certainly on the same path. Let me explain a little about Linux, and then try to relate that to the broader world. First, I tell people who decide to try Linux that they are not merely loading a piece of software on their computer; they are joining a community. This is a very important distinction. Read more Also: Behind the Scenes of System76: Customer Happiness Team