Language Selection

English French German Italian Portuguese Spanish

Legal

Licensing: GPL Compliance and the Server Side Public License (SSPL)

Filed under
OSS
Legal
  • arter97’s custom kernel and vendor images greatly improve the Xiaomi Mi Pad 4’s performance

    Xiaomi (and a lot of Chinese OEMs) have had a difficult time complying with the rules of the GNU GPL when it comes to releasing the kernel source code for their Android products. The company said they would start doing this 3 months after the release of a new product, but that wasn’t the case with the Xiaomi Mi Pad 4. The device launched in June of last year and, as of October, they had yet to comply with the GPL. Thankfully, they finally released it (a month after we reported on their tardiness) and it has helped developers work their magic on the device.

  • Amazon Web Services’ DocumentDB Takes Aims At MongoDB Workloads

    DocumentDB uses version 3.6 of the MongoDB application programming interface (API) to interact with MongoDB clients.

    That version, dating back to 2017, is covered by the open source Apache licence, a move intended to circumvent MongoDB’s new licensing structure, based on the specially created Server Side Public License (SSPL).

Licensing/Legal: Android-Related Code and Amazon 'Forcing' Companies to Reduce Licence Freedom

Filed under
OSS
Legal
  • Kernel source for Nokia 5.1 and 6.1 Plus, 7.1, Redmi Note 6 Pro, and LG G7 released
  • Kernel source for the Xiaomi Redmi Note 6 Pro, Nokia 6.1 Plus/5.1 Plus/7.1, and LG G7’s Android Pie release are live
  • Nokia 5.1 Plus too] HMD releases kernel source code for the Nokia 7.1 and Nokia 6.1 Plus

    The Nokia 7.1 and 6.1 Plus are mid-range Android One devices that were recently updated to Android 9.0 Pie. Following the update, HMD Global has published their kernel source code on its website.

    [...]

    If HMD Global allows the rest of its Android phones to be bootloader unlocked too, it might just make them a more attractive option for the enthusiast crowd, who want to be able to run their favorite custom ROMs on their smartphones. And though the manufacturer is currently doing a good job of keeping its devices updated, if that support's ever to slow down, it sure would be nice to have the ability to root and unlock — just in case.

  • Amazon fires open-source shot with DocumentDB launch

    In a move that will surely upset the open-source community, AWS has launched a new database offering compatible with the MongoDB API called DocumentDB.

    The cloud giant describes its new product as a “fast, scalable, and highly available document database that is designed to be compatible with your existing MongoDB applications and tools.” However, it is essentially a replacement for MongoDB that uses its API but none of its code.

    According to AWS, its customers have found it difficult to build fast and highly available applications that are able to scale to multiple terabytes with hundreds of thousands of reads and writes per second. So instead, the company built its own document database that is compatible with Apace 2.0 open source MongoDB 3.6 API.

  • The week in tech: NHS long-term plan, Amazon vs. open source, plus more

    However, Amazon claimed that customers find it challenging to “build performant, highly available applications on MongoDB that can quickly scale to multiple Terabytes (TBs) and hundreds of thousands of reads and writes-per-second because of the complexity that comes with setting up and managing MongoDB clusters.”

    This is controversial, as Amazons’ announcement comes just months after MangoDB presented a new licence aimed at stopping tech giants taking advantage of their database.

CLA proliferation and the Island of Dr. Moreau

Filed under
OSS
Legal

The community response to license proliferation over the last many years has been positive, and I am pleased to see that the majority of open source projects are choosing to select from a certain set of options (e.g., GPL, LGPL, AGPL, BSD, MIT, Apache 2) that are all well-understood by engineers and lawyers. As such, there is no time wasted interpreting their terms and a low-friction ecosystem is fully enabled.

Once a project adopts an open source license, it usually adopts the standard "inbound=outbound" model; a phrase coined by Richard Fontana. Fontana describes the inbound=outbound model as contributions that are understood to be licensed under the applicable outbound project license, making it easy for contributors to participate in projects without intimidation and red tape. This is a very simple model that dovetails well with a smart license choice detailed above.

Unfortunately, many open source projects have chosen not to adopt inbound=outbound and, instead, require some form of a contributor license agreement (CLA). CLAs vary in scope and purpose. A good description of CLAs and Developer Certificates of Origin (DCOs; discussed below) may be found in Ben Cotton's article "CLA vs. DCO: What's the difference?"

Read more

Linux Foundation's AGL, ACT (Copyleft Compliance) and Upcoming Copyleft Conf (Conservancy)

Filed under
Linux
OSS
Legal
  • Toyota Motors and its Linux Journey

    I spoke with Brian R Lyons of TMNA Toyota Motor Corp North America about the implementation of Linux in Toyota and Lexus infotainment systems. I came to find out there is an Automotive Grade Linux (AGL) being used by several autmobile manufacturers.

    I put together a short article comprising of my discussion with Brian about Toyota and its tryst with Linux. I hope that Linux enthusiasts will like this quick little chat.

    All Toyota vehicles and Lexus vehicles are going to use Automotive Grade Linux (AGL) majorly for the infotainment system. This is instrumental in Toyota Motor Corp because as per Mr. Lyons “As a technology leader, Toyota realized that adopting open source development methodology is the best way to keep up with the rapid pace of new technologies”.

  • Simplifying and Harmonizing Open Source for More Efficient Compliance

    Using open source code comes with a responsibility to comply with the terms of that code’s license, which can sometimes be challenging for users and organizations to manage. The goal of ACT is to consolidate investment in and increase interoperability and usability of, open source compliance tooling, which helps organizations manage compliance obligations.

    Software widely includes an assortment of open source code with multiple licenses and a mix of proprietary code. Sorting and managing all these can be a major hassle, but the alternative is potential legal action and damaged relations with the open source community.

    The projects in ACT are poised to boost existing Linux Foundation compliance projects like OpenChain, which identifies recommended processes and make open source license compliance simpler and consistent, and the Open Compliance Program, which educates and helps developers and companies understand their license requirements. ACT provides tooling to help support efficient workflows.

  • Copyleft Conf: Registration is Open

    Conservancy is very excited to share the schedule for the first ever Copyleft Conf with you! Copyleft Conf is a one day event, taking place in downtown Brussels at Digityser. Registration begins at 9:30am and we'll be finishing by 6pm. We'll have talks, a panel and participatory discussions near the end of the day.

    Participants from throughout the copyleft world — developers, strategists, enforcement organizations, scholars and critics — will be welcomed for an in-depth, high bandwidth, and expert-level discussion about the day-to-day details of using copyleft licensing, obstacles facing copyleft and the future of copyleft as a strategy to advance and defend software freedom for users and developers around the world.

Licensing in Mobile Devices (GPL Compliance)

Filed under
OSS
Legal
  • Asus Zenfone Max M2 update brings EIS to the front camera, Max Pro M2 gets an update too

    So far, there have been mixed feelings about these two phones as the specs and price are impressive, but then the company ended up releasing the kernel source code for them that was encrypted. It’s required for an Android OEM to release the kernel source for their devices but releasing an encrypted file without proper means of decryption is pointless. This still ends up with ASUS violating the GPL and it’s not a good sign for the enthusiast community that was starting to swell around these two devices.

  • Nokia 7.1 and Nokia 6.1 Plus kernel source code now available for download

    HMD’s source code for Nokia Android smartphones is licensed under GPL or LGPL which allows source code distribution. And by distributing the source code the company also contribute to the open source community which in turn is beneficial to the end users. Visit Nokia’s official download page where you can find the source code for both the smartphones, Nokia 6.1 Plus and Nokia 7.1.

The Linux Foundation decides to ACT on compliance

Filed under
OSS
Legal

Compliance is big… so big, in fact, that ‘they’ now have an Open Compliance Summit.

The last Open Compliance Summit was held in Yokohama in Japan at the tail end of last year — the The Linux Foundation used it as a chance to load up on sushi and also announce a new project to help improve open source compliance tooling called Automated Compliance Tooling (ACT).

ACT is an umbrella brand that will host various open source projects related to compliance tooling — so the initial four projects to fall under ACT are: FOSSology (existing LF project); QMSTR (being contributed by Endocode); SPDX tools (existing LF project); Tern (being contributed by VMware).

Read more

FOSS Legal Matters

Filed under
OSS
Legal
  • Top 10 FOSS legal developments in 2018

    The year 2018 was a year in which the FOSS business model demonstrated its success: IBM purchased Red Hat, Inc. for $34 billion. The FOSS ecosystem also celebrated its durability: OSI celebrated the 20th anniversary of the open source movement and Linux celebrated its 25th anniversary.

    Meanwhile, however, old legal problems returned. The year 2018 has also seen another significant increase in decisions in litigation involving FOSS issues, and several of these cases are very important. This increase in litigation is a reminder of the importance of an active compliance program for all corporations that use FOSS (which now means virtually all corporations). Continuing the tradition of looking back over the top ten legal developments in FOSS, my selection of the top ten issues for 2018 is as follows:

  • Legal Issues And Compliance Pertaining To Open Source Software

    An Open Source Software (OSS) is a kind of software with source code which can be modified, enhanced and inspected by ANYONE. In case of an OSS, a person may alter how the software works or improve it by adding features or fixing parts that do not work properly, by modifying the source code of the software program. This is different from a closed software, where only the person/organization that created the software has the capacity to alter it, OSS is preferable and is considered to be a better option for the users than the former, as it grants them more freedom in relation to a closed software. Some prime examples of OSS are the Apache HTTP Server, the e-commerce platform os Commerce, internet browsers like Mozilla Firefox and Chromium. Facebook, Google, and LinkedIn all release OSSs, so that developers may share knowledge, create solutions, and contribute towards the creation of stable and functional products. There are certain landmark judicial pronouncements in the field of OSS that hold paramount importance in deciding the future of OSS.

Licensing: 'Cloud' Trap, Substrate and Asus Kernel Code

Filed under
OSS
Legal
  • Stormy weather: To stop cloud giants, some open-source software firms limit licenses

    A heated debate has erupted in the open-source software world that’s pitting startups against cloud computing giants.

    The furor concerns, of all things, new licensing terms, which software companies are adopting to thwart what they believe is unfair competition from cloud provider in general and Amazon Web Services Inc. in particular.

    It’s the latest development in the ongoing struggle by open-source developers to come up with sustainable business models built upon software that is essentially free. Open source has transformed the software industry, but only a few companies such as Red Hat Inc. — itself likely to be acquired by IBM Corp. in a recently announced deal — are consistently profitable.

  • Parity Introduces Substrate, a Blockchain Building Tool Suite

    The beta version of Substrate is authorized under the GNU General Public License, but the safe storage of the system will be transferred to an Apache 2.0 license to provide utmost developer independence. Parity will also offer professional help to organizations in view of the development of apps with a substratum.

  • Asus to release encrypted kernel sources for their ZenFone Max Pro M1, Max Pro M2 and Max M2

    The Asus ZenFone Max Pro M1 has been one of the more interesting smartphones from the company, especially in the budget segment in the past few years. The phone ticked a lot of boxes in terms of offering probably the best performance in its segment at that time along with a cleaner look with the stock Android. The Asus ZenFone Max Pro M2 follows the path set down by their predecessor and goes on to compete against the Xiaomi Redmi Note 6 Pro overcoming its predecessor’s shortcomings.

Free Software Licensing and Legal Challenges

Filed under
OSS
Legal
  • Parity Launches Beta Version of Tool Stack for Building Blockchains

    The beta version of Substrate is licensed under the GNU General Public License, but in order to provide maximum developer freedom, the tool’s repository will be moved to an Apache 2.0 license.

  • The Cyclical Theory of Open Source

    But in a world in which appetites for open source software commercially are under threat from – among other areas – proprietary cloud based offerings, it is certainly possible that industry appetites and support for open source could be slowed if public models give way to private alternatives.

    Many of those that have resorted to problematic licenses, however, feel as if they’ve been left with little choice. In their view, they foot the bill for the majority of development on an open source asset, only to see a cloud provider pick up that code and offer it as a competitive service – often without so much as an acknowledgement of the open source codebase it’s derived from.

    The question facing these providers, and the market as a whole, is not whether or not the typical commercial open source vs cloud provider dynamic is optimal – it is clear that, while improving, it is not. The question rather is whether or not a license is an appropriate remedy for the issue.

  • Automated Compliance Tooling project announced, Code California launches, Tor funding, and more news

    When you think of open source projects, the first thing that comes to mind is probably code. There's more to it than that. One vital aspect of open source that doesn't get a lot of attention is license compliance. That could change, thanks to the ACT project that the Linux Foundation is launching.

    Short for Automated Compliance Tooling, ACT brings together four compliance projects: FOSSology, QMSTR, SPDX Tools, and Tern. The goal of ACT, according to the Linux Foundation, is to "consolidate investment in, and increase interoperability and usability of, open source compliance tooling." In the end, this will help users and companies more easily "find up-to-date and current compliance documentation."

  • Startups are taking on Amazon's cloud with a controversial new plan, but experts warn it could undermine the foundations of open source

    In response, three smaller software companies behind some of the open-source software that Amazon and others rely on — Confluent, Redis Labs, and MongoDB — have gone on the defensive. In recent months, they've made changes to their licensing that prevent cloud platforms from profiting from the open-source code that they develop. Open source can't be "free and unsustainable" research and development for tech giants, Confluent CEO Jay Kreps said last week.

  • Radio Gets Ridiculous

    Of course, he’s leveraging the analog conversion in the microcontroller as well as the ability to generate signals in software. You might think that’s going to be an anemic receiver. Granted, it won’t be a high fidelity long-range receiver, but it does interface with GNU Radio!

Freeriders in FOSS

Filed under
GNU
OSS
Legal
  • Confluent joins Redis and MongoDB in restricting its open source licensing for competitors
  • Confluent Creates New 'Open Source' License to Stop Cloud Poaching

    The problem is that such restrictions run afoul of the Open Source Definition used by the Open Source Initiative, the standards organization that decides which licenses qualify as open source. The restriction also means that any code covered by the license probably can't be used within any other open source project.

  • John Sullivan - "Who wants you to think nobody uses the AGPL and why" (FOSDEM, Brussels, Belgium)

    The GNU Affero General Public License (AGPL) is an important tool for protecting user freedom on the network. Detractors have criticized it for being both too weak and too strong/demanding. In 2018, it was in the news more than ever. Are the interests of corporations that are afraid of their free code being turned into network services run by competitors starting to align with users losing their freedom to such services?

    Historically, the AGPL has been the target of criticism from entities that want to extinguish it. Some companies have banned it from their premises, sowed fear about how it operates, and propagated a myth that nobody is using it.

    Others claim that the AGPL is being used primarily by companies seeking to strong-arm downstream users into purchasing a proprietary version of the covered software -- by catching those users being out of compliance with the AGPL, and telling them that they must buy the software under a proprietary license to avoid being taken to court for copyright infringement.

    A third group of companies is now claiming that the AGPL doesn't go far enough to protect their software against being turned into services that deny users freedom -- though freedom may not be their primary concern.

    In fact, the AGPL is being used today by a variety of interesting and important projects, including ones started by governments, nonprofits, and even businesses. I'll highlight some illustrative examples. I'll also do my best to separate understandable concerns that people have about using the AGPL from attacks on user freedom masquerading as concerns, and see if there is any synergy between the concerns of the third group above and those of individual users.

    While not a full solution to the problems raised when users replace software running on their own machines with software running on someone else's machine, the AGPL is a tool that is being embraced and should be embraced even more.

Syndicate content

More in Tux Machines

Slovak advocates want parliament to push for open source

Slovak proponents of the use of free and open source software are rallying for their country’s parliament to approve plans to share the source code of software solutions developed by and for public services. They are concerned that proprietary software vendors will lobby for changes to the eGovernment act, a strategic IT Government proposal that is to be discussed in parliament in March or April. Read more

Intel Graphics: Discrete Graphics Cards and SVT-AV1

  • Intel Preps For Discrete Graphics Cards With Linux Patches
    Intel has confirmed that recent patches to its Linux graphics driver were related to its continued work on preparing the ecosystem for its new line of discrete graphics cards. Phoronix reported that Intel released 42 such patches with more than 4,000 lines of code between them on February 14. The main purpose of the patches was to introduce the concept of memory regions in "preparation for upcoming devices with device local memory." (Such as, you know, discrete graphics cards.) [...] Still, any information about Intel's graphics plans is welcome. Right now the graphics market is dominated by AMD and Nvidia, and as we noted in December, Intel is probably the only company that even has a possibility of successfully introducing a new discrete graphics architecture. Why not enjoy the occasional glimpse behind the curtain as that architecture's being built?
  • SVT-VP9 Is Intel's Latest Open-Source Video Encoder Yielding High Performance VP9
    At the start of the month Intel open-sourced SVT-AV1 aiming for high-performance AV1 video encoding on CPUs. That complemented their existing SVT-HEVC encoder for H.265 content and already SVT-AV1 has been seeing nice performance improvements. Intel now has released SVT-VP9 as a speedy open-source VP9 video encoder. Uploaded on Friday was the initial public open-source commit of SVT-VP9, the Intel Scalable Video Technology VP9 encoder. With this encoder they are focusing on being able to provide real-time encoding of up to two 4Kp60 streams on an Intel Xeon Gold 6140 processor. SVT-VP9 is under a BSD-style license and currently runs on Windows and Linux.

How I got my job in Linux: from Newbie to Pro

I was peeved, because I’d spent my own money on building a computer and buying Microsoft Windows to put on it. Money that I really needed to pay the rent and put food in my belly. I also felt sorry for all the people that I’d end up re-installing Windows on their PC to fix their problem. I knew that most of them would probably be back in the store six or so months later with the same complaint. Almost by accident, I found Linux. I was in the magazine section of the PC shop I worked in one day in late 1999. I saw a magazine called ‘Linux Answers’. On the cover was a copy of Red Hat Linux 6.0. Before long, I had done the unthinkable: I had deleted Windows in a rage of fury because it had completely crashed and wouldn’t start up. All of my MP3s, photos and documents, all but gone save for a few backups on CDs I had lying around. Back in those days I had no idea that I would have been able to salvage those files with Linux; I just blithely reformatted my hard disk and went cold-turkey, believing everything that the magazine said, I forced myself into the abyss of the unknown! These were exciting times! I remember the blue text-mode installer, the glare of the many lines of text flying by when the machine started up for the first time. It looked really un-user friendly. Eventually, the screen flipped into what I’d later know to be called ‘runlevel 5’ and I could see a graphical login screen. Little did I know it, but that flashing cursor was the beginning to a whole new world of computing for me. Read more

Linux 5.0-rc7

A nice and calm week, with statistics looking normal. Just under half drivers (gpu, networking, input, md, block, sound, ...), with the rest being architecture fixes (arm64, arm, x86, kvm), networking and misc (filesystem etc). Nothing particularly odd stands out, and everything is pretty small. Just the way I like it. Shortlog appended, Linus Read more