Language Selection

English French German Italian Portuguese Spanish

Legal

Oracle tries to beef up copyright case against Android

Filed under
Android
Google
Legal

With Oracle and Google headed back to court soon to resume their dispute over Android, Oracle is seeking to update its lawsuit to reflect the huge gains Android has made in the five years since the case began.

Read more

Advanced spyware for Android now available to script kiddies everywhere

Filed under
Android
Security
Legal
  • Advanced spyware for Android now available to script kiddies everywhere

    One of the more recent discoveries resulting from the breach two weeks ago of malware-as-a-service provider Hacking Team is sure to interest Android enthusiasts. To wit, it's the source code to a fully featured malware suite that had the ability to infect devices even when they were running newer versions of the Google-developed mobile operating system.

    The leak of the code base for RCSAndroid—short for Remote Control System Android—is a mixed blessing. On the one hand, it provides the blueprints to a sophisticated, real-world surveillance program that can help Google and others better defend the Android platform against malware attacks. On the other, it provides even unskilled hackers with all the raw materials they need to deploy what's arguably one of the world's more advanced Android surveillance suites.

  • Security tool bod's hell: People think I wrote code for Hacking Team!

    A respected security researcher has denied any involvement with Hacking Team after open-source code he wrote was found in smartphone spyware sold by the surveillance-ware maker.

Open source experts sound off on Canonical's IP policy reaching GPL compliance

Filed under
Interviews
OSS
Ubuntu
Legal

I spoke with several experts on free and open source software, some of whom were close to the situation itself, about the implications of the latest developments with Canonical's IP policy.

Read more

Your Ubuntu-based container image is probably a copyright violation

Filed under
Ubuntu
Legal

I wrote about Canonical's Ubuntu IP policy here, but primarily in terms of its broader impact, but I mentioned a few specific cases. People seem to have picked up on the case of container images (especially Docker ones), so here's an unambiguous statement:

Read more

Ubuntu Software License Updated to Comply with GNU GPL

Filed under
GNU
Ubuntu
Legal
  • Ubuntu Software License Updated to Comply with GNU GPL

    The company behind the Ubuntu Linux operating system, Canonical, has changed the licensing terms of Ubuntu to comply with the GNU General Public License and other free software licences.

    This week, Canonical added a “trump clause” that says that when Canonical’s license contradicts the widely accepted “copyleft” license GPL, GPL shall prevail.

    Activist groups, including the Free Software Foundation and the Software Freedom Conservancy have been in discussion with Canonical for nearly two years, trying to get Canonical’s policy to unequivocally comply with the generally accepted GNU GPL software license.

  • Thoughts on Canonical, Ltd.'s Updated Ubuntu IP Policy

    Most of you by now have probably seen Conservancy's and FSF's statements regarding the today's update to Canonical, Ltd.'s Ubuntu IP Policy. I have a few personal comments, speaking only for myself, that I want to add that don't appear in the FSF's nor Conservancy's analysis. (I wrote nearly all of Conservancy's analysis and did some editing on FSF's analysis, but the statements here I add are my personal opinions and don't necessarily reflect the views of the FSF nor Conservancy, notwithstanding that I have affiliations with both orgs.)

  • The Controversy Behind Canonical's Intellectual Property Policy

    In the world of FOSS, a small change to a license can be a big deal. For users of proprietary software, changes in the EULA are hardly even registered. Those users click "Ok" and forget about it in the blink of an eye. They have accepted that they are severely limited as far as their rights to alter or redistribute the software is concerned.

    But for users of free software, such as Linux or any of the hundreds of packages that make up a modern operating system, a license change has the potential to change their rights dramatically. So, these events are usually the cause of controversy.

Canonical and FSF: the Latest

Filed under
GNU
Ubuntu
Legal
  • Free software fans land crucial punch in Ubuntu row – but it's not over

    The Free Software Foundation (FSF) and the Software Freedom Conservancy (SFC) have been bickering with Canonical since 2013 over concerns that certain clauses of the Ubuntu IP rights policy seemed to claim to override provisions of the GNU General Public License (GPL) – something the GPL explicitly forbids.

  • Conservancy & the FSF Achieve GPL Compliance for Canonical, Ltd. “Intellectual Property” Policy

    Today, Canonical, Ltd. announced an updated “Intellectual Property” policy. Conservancy has analyzed this policy and confirms that the policy complies with the terms of the GNU General Public License (GPL), but Conservancy and the FSF believe that the policy still creates confusion and possible risk for users who wish to exercise their rights under GPL.

  • Compilation Copyright Irrelevant for Kubuntu

    Compilation copyright is an idea exclusive to the US (or North America anyway). It restricts collections of items which otherwise have unrelated copyright restrictions. A classic example is a book collection of poetry where the poems are all out of copyright but the selection and ordering of poems is new and has copyright owned by whoever did it.

How to win the copyleft fight—without litigation

Filed under
Legal

The Software Freedom Conservancy's Bradley Kuhn is probably best known for his work in enforcing the GNU General Public License (GPL). Enforcement-by-litigation might get the headlines, but Kuhn treats the courts as a last resort.

Read more

Also: Effective IPR Policies and Standards Organization Success

Another Month, Another Round Of Allwinner GPL-Violating Concerns

Filed under
GNU
Linux
Legal

Longtime open-source graphics developer Luc Verhaegen has written on the Linux-SunXI about further Allwinner misbehavior. Five days ago they updated their media codec framework with various new "proprietary" files that is then being built together with LGPL-licensed code and the binary is being dlopen'ed into the LGPL'ed code.

Read more

There Is a Linux Detergent Out There and It's Trademarked

Filed under
Linux
Legal

There's a Linux clothes detergent out there, and it's a real one, from a company that has a trademark on it and that's selling it today. Welcome to the bizarre world of trademark rules.

Read more

Openwashing And Other Deceptions In Linux

Filed under
Linux
OSS
Legal

The times are changing for open/free/libre software and OSes, and what the words mean. Make no mistake: collaborative, truly open projects are powerful sources of innovation and problem solving. The only way proprietary, corporate models can even survive is through sheer bullying and anti-competition tactics, as have been used for years to keep Linux from wider adoption. Now that that is changing, the tactics are changing too.

The latest trend in this area seems to be bringing disinformation and propaganda tactics into the fray.

Read more

Syndicate content

More in Tux Machines

Security Leftovers

  • Security updates for Monday
  • Recursive DNS Server Fingerprint Problem

    Our goal is to identify hijacked resolvers by analyzing their fingerprints, in order to increase safety of Internet users. To do that, we utilize data collected via RIPE Atlas (atlas.ripe.net).

  • Online developer tutorials are spreading XSS and SQL injection flaws

    The researchers, from across three universities in Germany and Trend Micro, checked the PHP code bases of more than 64,000 projects on Github and uncovered more than 100 vulnerabilities that they believe might have been introduced as a result of developers picking up the code that they used from online tutorials.

  • BrickerBot, the permanent denial-of-service botnet, is back with a vengeance

    BrickerBot, the botnet that permanently incapacitates poorly secured Internet of Things devices before they can be conscripted into Internet-crippling denial-of-service armies, is back with a new squadron of foot soldiers armed with a meaner arsenal of weapons.

  • Reproducible Builds: week 104 in Stretch cycle
  • Webroot antivirus goes bananas, starts trashing Windows system files
    Webroot's security tools went berserk today, mislabeling key Microsoft Windows system files as malicious and temporarily removing them – knackering PCs in the process. Not only were people's individual copies of the antivirus suite going haywire, but also business editions and installations run by managed service providers (MSPs), meaning companies and organizations relying on the software were hit by the cockup. Between 1200 and 1500 MST (1800 and 2100 UTC) today, Webroot's gear labeled Windows operating system data as W32.Trojan.Gen – generic-Trojan-infected files, in other words – and moved them into quarantine, rendering affected computers unstable. Files digitally signed by Microsoft were whisked away – but, luckily, not all of them, leaving enough of the OS behind to reboot and restore the quarantined resources.
  • How The Update Framework Improves Security of Software Updates
    Updating software is one of the most important ways to keep users and organizations secure. But how can software be updated securely? That's the challenge that The Update Framework (TUF) aims to solve. Justin Cappos, assistant professor at New York University, detailed how TUF works and what's coming to further improve the secure updating approach in a session at last week's DockerCon 17 conference in Austin, Texas. Simply using HTTPS and Transport Layer Security (TLS) to secure a download isn't enough as there have been many publicly reported instances of software repositories that have been tampered with, Cappos said.
  • Security Updates for Ubuntu Phone to End in June
    Security updates for Ubuntu phone and tablet will end this June, Canonical has confirmed. Current OTA updates are currently limited to critical fixes and security updates — a decision we were first to tell you back in January. But after June 2017 Canonical “will no longer deliver any further updates”.
  • Canonical to stop supporting Ubuntu Phone in June
    Canonical had already announced development of its Ubuntu Phone software was ending. Now we know when the final nail goes in the coffin: June.
  • Malware Hunts And Kills Poorly Secured Internet Of Things Devices Before They Can Be Integrated Into Botnets
    Researchers say they've discovered a new wave of malware with one purpose: to disable poorly secured routers and internet of things devices before they can be compromised and integrated into botnets. We've often noted how internet-of-broken-things devices ("smart" doorbells, fridges, video cameras, etc.) have such flimsy security that they're often hacked and integrated into botnets in just a matter of seconds after being connected to the internet. These devices are then quickly integrated into botnets that have been responsible for some of the worst DDoS attacks we've ever seen (including last October's attack on DYN).

GNOME/GTK News

  • The Way GNOME Handles Wallpapers Really Annoys Me
    I love GNOME Shell — and no, not just because I’ve little choice now that is Ubuntu’s default desktop! But the more I use GNOME the more I learn that the desktop environment, like every other, has its own share of quirks, bugs and inconsistencies. Like the following appreciably niche niggle in the the way GNOME handles desktop wallpapers.
  • Drag-and-drop in lists
    I’ve recently had an occasion to implement reordering of a GtkListBox via drag-and-drop (DND). It was not that complicated. Since I haven’t seen drag-and-drop used much with list boxes, here is a quick summary of what is needed to get the basics working.

Containers News

  • How Kubernetes is making contributing easy
    As the program manager of the Kubernetes community at Google, Sarah Novotny has years of experience in open source communities including MySQL and NGINX. Sarah sat down with me at CloudNativeCon in Berlin at the end of March to discuss both the Kubernetes community and open source communities more broadly. Among the topics we covered in the podcast were the challenges inherent in shifting from a company-led project to a community-led one, principles that can lead to more successful communities, and how to structure decision-making.
  • How Microsoft helped Docker with LinuxKit and Moby Project [Ed: Microsoft 'helped'... embrace, extend, coerce; haven't Docker employees learned from history?]
    Today, supporting Linux is as critical to Microsoft as it is to Red Hat and SUSE.
  • How to make branding decisions in an open community
    On April 18, Docker founder Solomon Hykes made a big announcement via a pull request in the main Docker repo: "Docker is transitioning all of its open source collaborations to the Moby project going forward." The docker/docker repo now redirects to moby/moby, and Solomon's pull request updates the README and logo for the project to match. Reaction from the Docker community has been overwhelmingly negative. As of this writing, the Moby pull request has garnered 7 upvotes and 110 downvotes on GitHub. The Docker community is understandably frustrated by this opaque announcement of a fait accompli, an important decision that a hidden inner circle made behind closed doors. It's a textbook case of "Why wasn't I consulted?"

Ubuntu 17.04: Unity's swan song?

For the most part, not much has changed on Ubuntu's Desktop edition in the past year. Unity 7 has more or less remained the same while work was progressing on the next version of the desktop, Unity 8. However, now that both desktops are being retired in favour of the GNOME desktop, running Ubuntu 17.04 feels a bit strange. This week I was running software that has probably reached the end of its life and this version of Ubuntu will only be supported for nine months. I could probably get the same desktop experience and most of the same hardware support running Ubuntu 16.04 and get security updates through to 2021 in the bargain. In short, I don't think Ubuntu 17.04 offers users anything significant over last year's 16.04 LTS release and it will be retired sooner. That being said, I could not help but be a little wistful about using Unity 7 again. Even though it has been about a year since I last used Unity, I quickly fell back into the routine and I was once more reminded how pleasant it can be to use Unity. The desktop is geared almost perfectly to my workflow and the controls are set up in a way that reduces my mouse usage to almost nothing. I find Unity a very comfortable desktop to use, especially when application menus have been moved from the top panel to inside their own windows. While there are some projects trying to carry on development of Unity, this release of Ubuntu feels like Unity's swan song and I have greatly enjoyed using the desktop this week. While there is not much new in Ubuntu 17.04, the release is pretty solid. Apart from the confusion that may arise from having three different package managers, I found Ubuntu to be capable, fairly newcomer friendly and stable. Everything worked well for me, at least on physical hardware. Unity is a bit slow to use in a virtual machine, but the distribution worked smoothly on my desktop computer. Read more