Language Selection

English French German Italian Portuguese Spanish

Legal

Java License Fallout Continues Impacting IBM i Shops

Filed under
Development
Legal

Oracle’s decision to restrict the previously free distribution of Java version 8 tools and runtimes is impacting the entire IT industry. In our little neck of the woods, the decision to charge businesses for using Oracle’s Java has forced IBM i shops to take a hard look at the technology platform, and in some cases look for alternative solutions.

Oracle ruffled feathers in the Java community in 2017, when it made substantial changes to its Java roadmap. The company announced that Java Standard Edition (SE) version 8, which is a legacy version of Java but is still in widespread use, “will not be available for business, commercial or production use without a commercial license” after January 2019. Licenses for Java SE 8 could be purchased for $30 per desktop per year or $300 per processor for server licenses.

Oracle’s stated plan for the move was to accelerate the development and release cycle for Java in a bid to keep up today’s fast-paced DevOps environments (and perhaps part of its unstated plan, which was to squeeze Java users for revenue). The tech giant and the Java community hammered out Java SE versions 9 and 10 in quick fashion, in late 2017 and early 2018, respectively.

Read more

Graphics and Standards

Filed under
Graphics/Benchmarks
Web
Legal
  • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

    SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

  • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

    Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension.

    Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

  • Making Movies Accessible for Everyone

    For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

Contributor License Agreement and Developer Certificate of Origin references

Filed under
OSS
Legal

In the last few years I have come across the CLA topic several times. It is and will be a popular topic in automotive the coming years, like in any industry that moves from being an Open Source Producer towards becoming an Open Source Contributor.

In my experience, many organizations take the CLA as a given by looking at the google, microsoft or intels of the world and replicate their model. But more and more organizations are learning about alternatives, even if they do not adopt them.

What I find interesting about discussing the alternatives is that it brings to the discussion the contributor perspective and not just the company one. This enrichs the debate and, in some cases, leads to a more balanced framework between any organization behind a project and the contriibutor base, which benefits both.

Throughout these years I have read a lot about it but I have never written anything. It is one of those topics I do not feel comfortable enough to write about in public probably because I know lots of people more qualified than I am to do so. What I can do is to provide some articles and links that I like or that have been recommended to me in the past.

Read more

Invasion of The Ethical Licenses

Filed under
OSS
Legal

About 23 years ago, I created the Debian Free Software Guidelines to help the Debian developers decide what software was permissible to include in Debian, which aspired to be 100% Free Software, and what should be consigned to a “non-free” repository upon which Debian would never depend. Nine months later, those guidelines became the Open Source Definition, and I announced Open Source to the world.

                        
                        [...]
                        
                        Despite the seeming impossibility of its enforcement, the Vaccine License is the most professionally constructed of this pack, carefully targeting the approval process of the Open Source Initiative – and IMO missing it. But all three licenses appear to be unlikely to obtain the agreement of a court in enforcement, and scaling their requirements would be a sort of full-employment act for lawyers.

Let’s work through how these licenses would be enforced.

When these licenses are enforced, the copyright holder is the plaintiff, a fancy word for someone who makes a complaint. Their complaint is that the defendant, the licensee, committed a tort, a violation of civil law. The tort is copyright infringement.

The important point here is that the complaint isn’t that the license was violated, the complaint is that the defendant did not have a license at all, and is infringing copyright. The defendant then has to prove that they did have a license, and that they were obeying the license’s terms, or that the court should for some reason not honor those terms.

Licenses are also contracts, and thus the tort can be breach of contract. But contracts require the consent of both parties – the copyright holder, and the licensee. Real consent is indicated by signing the contract, but that doesn’t ever happen with this sort of license. Instead, there is a lesser indication of consent by the action of using, distributing, or modifying the software.

Read more

Digital Restrictions (DRM) Watch

Filed under
Security
Web
Legal
  • One Weird Law That Interferes With Security Research, Remix Culture, and Even Car Repair

    How can a single, ill-conceived law wreak havoc in so many ways? It prevents you from making remix videos. It blocks computer security research. It keeps those with print disabilities from reading ebooks. It makes it illegal to repair people's cars. It makes it harder to compete with tech companies by designing interoperable products. It's even been used in an attempt to block third-party ink cartridges for printers.

    It's hard to believe, but these are just some of the consequences of Section 1201 of the Digital Millennium Copyright Act, which gives legal teeth to "access controls" (like DRM). Courts have mostly interpreted the law as abandoning the traditional limitations on copyright's scope, such as fair use, in favor of a strict regime that penalizes any bypassing of access controls (such as DRM) on a copyrighted work regardless of your noninfringing purpose, regardless of the fact that you own that copy of the work.  

  • One Weird Law That Interferes With Security Research, Remix Culture, and Even Car Repair
  • Spotify is Defective by Design

    I never used Spotify, since it contains DRM. Instead I still buy DRM-free CDs. Most of my audio collection is stored in free formats such as FLAC and Ogg Vorbis, or Red Book in the case of CDs, everything can be played by free players such as VLC or mpd.

    Spotify, which uses a central server, also spies on the listener. Everytime you listen a song, Spotify knows which song you have listened and when and where. By contrast free embedded operating systems such as Rockbox do not phone home. CDs can be baught anonymously and ripped using free software, there is no need for an internet commection.

Trademark Law Against Amazon's (Mis)Use of Elasticsearch

Filed under
OSS
Legal
  • AWS faces Elasticsearch lawsuit for trademark infringement

    Elasticsearch has sued AWS for trademark infringement and false advertising in connection with the cloud giant's recently released version of the widely used Elasticsearch distributed analytics and search engine.

    Elasticsearch Inc., or Elastic, is based on the open-source Lucene project and Elastic serves as originator and primary maintainer. Tensions flared in March when AWS, along with Expedia and Netflix, launched Open Distro for Elasticsearch. The release is fully open source compared with Elastic's version and was actually prompted by Elastic's weaving too much proprietary code into the main line over time, according to AWS.

  • Open Source Search Firm Accuses Amazon of Trademark Infringement

    O'Melveny & Myers is representing search engine Elasticsearch in a complaint that alleges Amazon is willfully infringing its mark by promoting competing search and analytics products.

Oracle demands $12K from network biz that doesn't use its software

Filed under
GNU
Linux
Software
Legal

Merula Limited, a UK-based network service provider, recently received a bill from Oracle for $12,200 for using the company's proprietary VirtualBox Extension Pack, which provides extra capabilities for the free GPL-licensed VirtualBox hypervisor.

For Richard Palmer, director of the company, this was a perplexing demand. As he explained to The Register, "Merula does not operate or manage any computer using VirtualBox or any Oracle software."

Oracle provided the company with a range of IP addresses, more than 100, that it claimed had been using its proprietary VirtualBox Extension Pack in conjunction with VirtualBox installations.

It's claimed that Oracle's software phones home to report where it's being used, though the company may be repurposing VirtualBox telemetry for its audits. Or it may simply be checking the IP addresses associated with downloads of the software and contacting address registrants to seek payment.

Read more

GNU: GIMP, FSF Licensing and Compliance Lab, Xiaomi Compliance

Filed under
GNU
Legal
  • Photoshop too expensive? Use these free alternatives instead

    GIMP (GNU Image Manipulation Program) is a downloadable, professional-grade photo editor with an extensive Photoshop-like collection of essential editing tools. In addition, GIMP boasts advanced filters and layer masks. Whether you want to add text, erase background or add texture to a photo, this no-cost editing software will meet your needs.

  • FSF Continuing Legal Education Seminar on GPL Enforcement and Legal Ethics

    The FSF Licensing and Compliance Lab will work with experienced lawyers and professionals to provide a full day continuing legal education (CLE) seminar on GPL Enforcement and Legal Ethics for legal professionals, law students, free software developers, and anyone interested in licensing issues.

  • Xiaomi Releases Android Pie Kernel Sources for Redmi Note 8, Note 8 Pro

    Xiaomi has often been criticized by FOSS proponents and developers for its failure to abide by the GNU General Public License v2 license, which governs open source software such as Android. The company has often either completely failed to release kernel sources for its smartphones and tablets, or released them long after the launch of the device, both of which are an outright violation of the GNU GPL license.

Introducing Craig Topham, FSF copyright and licensing associate

Filed under
GNU
Legal

My name is Craig Topham, and I’m the latest to have the honor of being a copyright and licensing associate for the Free Software Foundation (FSF). I started work in November, and the delay in assembling my introductory blog post is a testament to how busy I have been. Although my post feels late, it gives me a chance to share my experience here at the FSF, along with sharing a little bit more about myself.

From 2005 to 2017, I worked as a PC/Network Technician for the City of Eugene, Oregon. The role had the inherent reward of allowing me to be a part of something much larger than myself. I was helping local government function. From the mayor and city council all the way to the summer staff that worked the front desk at the recreation department's swimming pools, I was one of many making it all work. It was even a part of my job to support some free software the city used! Sadly, a vast majority of the software that we used was proprietary, but despite the painful duty of supporting nonfree software, the overall experience felt pretty great. As I close that chapter of my life with all the wonderful memories and marks made, I am beset with a wild sense of relief. Like finding a rock in my shoe after twelve years, the alleviation is palatable: I never have to labor to master proprietary software again!

For unknown reasons (which I contemplate often), I did not learn about the free software movement until 2004, despite a lifetime of using computers. Like so many before me, my initial education on the movement came via Free Software, Free Society: Selected Essays of Richard M. Stallman. What so instantaneously drew me to free software was the simplicity of the four freedoms: run, edit, share, contribute. These freedoms, coupled with the ethical nature of the movement, made it a natural fit for me. It did not take me long to realize that this is what I needed to soothe my “How can I make the world a better place?” angst. Inevitably, I became an FSF associate member on October 28, 2007 because it was (and still is) the easiest way to help out. If you are reading this and you are not a member, I encourage you to change that and help make the world a better place.

Read more

After Red Hat, Homebrew removes MongoDB from core formulas due to its Server Side Public License adoption

Filed under
OSS
Legal

In October, last year MongoDB announced that it’s switching to Server Side Public License (SSPL). Since then, Redhat dropped support for MongoDB in January from its Red Hat Enterprise Linux and Fedora. Now, Homebrew, a popular package manager for macOS has removed MongoDB from the Homebrew core formulas since MongoDB was migrated to a non open-source license.

[...]

In January this year, MongoDB received its first major blow when Red Hat dropped MongoDB over concerns related to its SSPL. Tom Callaway, the University outreach Team lead at Red Hat had said that SSPL is “intentionally crafted to be aggressively discriminatory towards a specific class of users. To consider the SSPL to be “Free” or “Open Source” causes that shadow to be cast across all other licenses in the FOSS ecosystem, even though none of them carry that risk.”

Subsequently, in February, Red Hat Satellite also decided to drop MongoDB and support PostgreSQL backend only. The Red Hat development team stated that PostgreSQL is a better solution in terms of the types of data and usage that Satellite requires.

In March, following all these changes, MongoDB withdrew the SSPL from the Open Source Initiative’s approval process. It was finally decided that SSPL will only require commercial users to open source their modified code, which means that any other user can still modify and use MongoDB code for free.

Read more

Syndicate content

More in Tux Machines

Fedora: Qubes, rpminspect, rpminspect, and ProcDump

  • PoC to auto attach USB devices in Qubes

    Here is PoC based on qubesadmin API which can auto attach USB devices to any VM as required. By default Qubes auto attaches any device to the sys-usb VM, that helps with bad/malware full USB devices. But, in special cases, we may want to select special devices to be auto attached to certain VMs. In this PoC example, we are attaching any USB storage device, but, we can add some checks to mark only selected devices (by adding more checks), or we can mark few vms where no device can be attached.

  • David Cantrell: rpminspect-0.9 released

    Very large packages (VLPs) are something I am working on with rpminspect. For example, the kernel package. A full build of the kernel source package generates a lot of files. I am working on improving rpminspect's speed and fixing issues found with individual inspections. These are only showing up when I do test runs comparing VLPs. The downside here is that it takes a little longer than with any other typical package.

  • Fedora pastebin and fpaste updates

    A pastebin lets you save text on a website for a length of time. This helps you exchange data easily with other users. For example, you can post error messages for help with a bug or other issue. The CentOS Pastebin is a community-maintained service that keeps pastes around for up to 24 hours. It also offers syntax highlighting for a large number of programming and markup languages.

  • ProcDump for Linux in Fedora

    ProcDump is a nifty debugging utility which is able to dump the core of a running application once a user-specified CPU or memory usage threshold is triggered. For instance, the invocation procdump -C 90 -p $MYPID instructs ProcDump to monitor the process with ID $MYPID, waiting for a 90 % CPU usage spike. Once it hits, it creates the coredump and exits. This allows you to later inspect the backtrace and memory state in the moment of the spike without having to attach a debugger to the process, helping you determine which parts of your code might be causing performance issues.

Programming: Interview With Guido van Rossum, Python Picks and New Release of Picolibc From Keith Packard

  • Interview Guido van Rossum: “I'd rather write code than papers.”

    Guido van Rossum (1956) is the founding father of the Python programming language, one of the most popular development tools in the world. In 2019 CWI will award him the Dijkstra Fellowship. What led you to come up with a brand new programming language during your time at CWI? “I started at CWI as a junior programmer on a research team with Lambert Meertens, Leo Geurts and Steven Pemberton. They wanted to develop a language which would enable people without programming experience – such as scientists – to start writing computer programs fairly quickly.” “It was at the time that Basic was on the rise due to the arrival of the microcomputer. Meertens looked at this inadequate language with horror. ‘Stamp out Basic!’ Was his motto. In the end, ABC, as our language was called, would not work. The target group could not use it on their microcomputers, which were not powerful enough for it, while Unix users already had other tools. Those users thought ABC was an odd man out.” “Then I came across the so-called Amoeba project. That was a distributed operating system based on a microkernel, developed by Andrew Tanenbaum at the Vrije Universiteit Amsterdam and Sape Mullender at CWI. Not aiming at popularizing their operating system, their first and foremost goal was writing papers. Scientifically it was a breakthrough indeed: those papers are still being studied. I myself was not a researcher but a programmer on that project. I must say thought that there was an atmosphere at CWI in which programmers had a major input in the projects.”

  • Python Tears Through Mass Spectrometry Data

    At the November 2019 Python Frederick event, Conor Jenkins showed the group how mass spectrometry works and how Python saves huge amounts of time when processing the large amount of data produced by a mass spec analysis.

  • Wingware News: Wing Python IDE 7.1.3 - November 14, 2019

    Wing 7.1.3 adds improved and expanded documentation and support for matplotlib, improves the accuracy of code warnings, fixes automatically debugging child processes on Windows with Python 3.8, fixes installing the remote agent from .rpm or .deb installations, solves several issues with runtime type introinspection, allows Open from Project and similar navigation commands from non-Browse vi mode, improves debugger reliability, and fixes about 30 other minor usability issues.

  • Easily specifying colours from the default colour cycle in matplotlib

    Another quick matplotlib tip today: specifically, how easily specify colours from the standard matplotlib colour cycle. A while back, when matplotlib overhauled their themes and colour schemes, they changed the default cycle of colours used for lines in matplotlib. Previously the first line was pure blue (color='b' in matplotlib syntax), then red, then green etc. They, very sensibly, changed this to a far nicer selection of colours.

  • Typing Mercurial with pytype

    Following the recent introduction of Python type annotations (aka "type hints") in Mercurial (see, e.g. this changeset by Augie Fackler), I've been playing a bit with this and pytype. pytype is a static type analyzer for Python code. It compares with the more popular mypy but I don't have enough perspective to make a meaningful comparison at the moment. In this post, I'll illustrate how I worked with pytype to gradually add type hints in a Mercurial module and while doing so, fix bugs! The module I focused on is mercurial.mail, which contains mail utilities and that I know quite well. Other modules are also being worked on, this one is a good starting point because it has a limited number of "internal" dependencies, which both makes it faster to iterate with pytype and reduces side effects of other modules not being correctly typed already.

  • Two Books About the Kivy GUI Framework

    The Kivy Python GUI framework is intriguing. Not only it’s cross-platform but also supports Android. Java is too verbose and low level for me and Kivy is an opportunity for developing native Android apps without leaving Python. Outside of the Kivy project documentation, there are few third-party advanced tutorials that go in more depth than the official tutorials. So, before diving into the code of the Kivy demos, I wanted some books to explore more features and get a broader picture of the framework and what it can do. I found two potentially interesting books: Building Android Apps in Python Using Kivy with Android Studio: With Pyjnius, Plyer, and Buildozer by Ahmed Fawzy Mohamed Gad (Apress, 2019), and Kivy - Interactive Applications and Games in Python - Second Edition by Roberto Ulloa (Packt, 2015).

  • A Qt GUI for logging

    A question that comes up from time to time is about how to log to a GUI application. The Qt framework is a popular cross-platform UI framework with Python bindings using PySide2 or PyQt5 libraries. The following example shows how to log to a Qt GUI. This introduces a simple QtHandler class which takes a callable, which should be a slot in the main thread that does GUI updates. A worker thread is also created to show how you can log to the GUI from both the UI itself (via a button for manual logging) as well as a worker thread doing work in the background (here, just logging messages at random levels with random short delays in between).

  • Picolibc 1.1 Released With POSIX File I/O Support

    Longtime X11 developer Keith Packard has spent a lot of time in recent months while being employed by SiFive working on Picolibc as a new C library for embedded systems. Picolibc is designed solely for embedded use-cases at this point and was formerly developed by Keith under the name newlib-nano. Picolibc 1.1 is out now as the project's second stable release.

  • Picolibc Version 1.1

    Picolibc development is settling down at last. With the addition of a simple 'hello world' demo app, it seems like a good time to stamp the current code as 'version 1.1'.

VXL Launches CloudDesktop On the Go (CoGo), a Truly Portable Linux Micro Thin Client

VXL, a leader in thin clients, endpoint management and digital signage software solutions, launches its new, low cost, CloudDesktop On the Go (CoGo). An ultra-compact and highly portable USB key, CoGo repurposes legacy PCs into a fully functional Linux thin client. Available with a lifetime perpetual license and priced at a highly competitive $77 including first year support, CoGo offers users up to a massive 50% saving over equivalent software solutions. CoGo allows businesses to extend the life of ageing PC hardware by using it to access server-hosted computing sessions or virtual desktop infrastructure. Users simply plug CoGo into a PC and boot from it. The VXL Gio Linux firmware is instantly useable without overwriting the local OS and the converted PC can be managed as thin client. Read more

ALT Linux: Worthy Linux Alternatives, With a Catch

ALT Linux may have a problem with getting English language updates on some of its most recent product releases. The primary geographic audience it serves may not make English a top priority. Yet many of its products are available with the English language intact. The great variety of Linux distros available make ALT Linux a very viable source of options for anyone looking to sample the flexibility the Linux operating system offers. I like the starter kit inventory maintained by the ALT Linux developers. Distro hoppers particularly can focus on trying dozens of desktop varieties without having to adjust to separate distro designs. All of the ALT Linux distros share a common, simple design for ease of use and reliability. Read more