Language Selection

English French German Italian Portuguese Spanish

Legal

Something Rotten in the State of...Europe: the Unified Patent

Filed under
Legal

That's particularly the case for software patents, where the US experiences shows us how much damage trolls can cause. The UPC will open up Europe for software patent trolling on a massive scale.

Read more

FSF statement on Court of Appeals ruling in Oracle v Google

Filed under
Android
Google
Legal

The situation then is substantially similar to the situation today. The key difference is that some of Google's affirmative defenses to claim non-infringement have been eliminated by this new ruling. The FSF now sincerely hopes for the next best thing to Alsup's original ruling: that Google is successful in its fair use defense.

Notwithstanding our support of Google's fair use defense, the FSF urges caution to all prospective Android users. Even though the core of the Android system is free, every Android device sold comes pre-loaded with a variety of proprietary applications and proprietary hardware drivers. The FSF encourages users to support the development of Replicant, a distribution of Android that is 100% free software. The FSF also encourages users of any Android-based system to install F-Droid, a free replacement for the Google Play app that allows users to browse, install, and receive updates from a repository of free software Android apps. Replicant uses F-Droid as its default repository.

Read more

A settlement between Apple and Samsung may be on the horizon

Filed under
Legal

The long and drawn out battle between Samsung Electronics and Apple over the ownership of various intellectual properties may be coming to a close.

According to The Korea Times Samsung and Apple have resumed discussion of settling their patent disputes. Recent developments such as Apple’s deal with Google show that times may be changing on how these types of disputes are handled. There is a different air surrounding these discussions compared to the countless court battles and negotiations that preceded.

Read more

Ending the Embedded Linux Patent War Before It Begins

Filed under
Legal

The next big intellectual property battle has been forming over hardwired and programmable chips made for mobile devices that leverage Linux code. However, the Open Invention Network has strategically deployed forces to keep Linux-powered smartphones, tablets and other computer technologies out of harm's way. Its goal is to create a patent litigation no-fly zone around embedded Linux.

Read more

Oracle continue to circumvent EXPORT_SYMBOL_GPL()

Filed under
GNU
Legal

So, in the face of a technical mechanism designed to enforce the author's beliefs about the copyright status of callers of this function, Oracle deliberately circumvent that technical mechanism by simply re-exporting the same function under a new name. It should be emphasised that calling an EXPORT_SYMBOL_GPL() function does not inherently cause the caller to become a derivative work of the kernel - it only represents the original author's opinion of whether it would. You'd still need a court case to find out for sure. But if it turns out that the use of ktime_get() does cause a work to become derivative, Oracle would find it fairly difficult to argue that their infringement was accidental.

Of course, as copyright holders of DTrace, Oracle could solve the problem by dual-licensing DTrace under the GPL as well as the CDDL. The fact that they haven't implies that they think there's enough value in keeping it under an incompatible license to risk losing a copyright infringement suit. This might be just the kind of recklessness that Oracle accused Google of back in their last case.

Read more

Interview with Ciaran Gultnieks of F-Droid

Filed under
Android
GNU
Legal

This is the latest installment of our Licensing and Compliance Lab's series on free software developers who choose GNU licenses for their works.

Read more

Dangerous Decision in Oracle v. Google: Federal Circuit Reverses Sensible Lower Court Ruling on APIs

Filed under
Android
Google
Legal

We're still digesting today's lengthy decision in the Oracle v. Google appeal, but we're disappointed—and worried. The heart of the appeal was whether Oracle can claim a copyright on Java APIs and, if so, whether Google infringed that copyright. According to the Federal Circuit today, the answer to both questions was a qualified yes—with the qualification being that Google may have a fair use defense.

Quick background: When it implemented the Android OS, Google wrote its own version of Java. But in order to allow developers to write their own programs for Android, Google relied on Java APIs. Application Programming Interfaces are, generally speaking, specifications that allow programs to communicate with each other. So when you type a letter in a word processor, and hit the print command, you are using an API that lets the word processor talk to the printer driver, even though they were written by different people.

Read more

Will Apple sue Amazon for copying the iPhone?

Filed under
Android
Mac
Legal

Let’s face it, Apple has never been shy about suing other companies that they think have infringed on their intellectual property. The recent legal fights with Samsung are a good example, but there have been others over the years. At one point Steve Jobs even vowed to use Apple’s billions to destroy Android in court because he regarded it as a stolen product.

Apple has made it clear that they will go after anybody that they think has copied their work. The company has spent millions and millions of dollars trying to protect its patents and products. The end result has been somewhat muddled, but that doesn’t mean that Apple will stop sending its lawyers after those it regards as thieves.

Read more

Easter egg: DSL router patch merely hides backdoor instead of closing it

Filed under
Hardware
Security
Legal

First, DSL router owners got an unwelcome Christmas present. Now, the same gift is back as an Easter egg. The same security researcher who originally discovered a backdoor in 24 models of wireless DSL routers has found that a patch intended to fix that problem doesn’t actually get rid of the backdoor—it just conceals it. And the nature of the “fix” suggests that the backdoor, which is part of the firmware for wireless DSL routers based on technology from the Taiwanese manufacturer Sercomm, was an intentional feature to begin with.

Back in December, Eloi Vanderbecken of Synacktiv Digital Security was visiting his family for the Christmas holiday, and for various reasons he had the need to gain administrative access to their Linksys WAG200G DSL gateway over Wi-Fi. He discovered that the device was listening on an undocumented Internet Protocol port number, and after analyzing the code in the firmware, he found that the port could be used to send administrative commands to the router without a password.

After Vanderbecken published his results, others confirmed that the same backdoor existed on other systems based on the same Sercomm modem, including home routers from Netgear, Cisco (both under the Cisco and Linksys brands), and Diamond. In January, Netgear and other vendors published a new version of the firmware that was supposed to close the back door.

Read more

History Repeats Itself: Patent Abusers Successfully Stymie Anti-Patent Troll Bill In The Senate

Filed under
Legal

Back in December, we noted that the House Judiciary Committee had approved an unfortunately watered-down, anti-patent troll bill. It was better than nothing, but we hoped that the Senate would approve a much stronger version. For a while it seemed like that was likely to happen, but... those who abuse patents are pretty damn powerful. Even those who have been hit by patent trolls in the past, like Apple and Microsoft, have decided to join forces in lobbying against meaningful patent reform. They've been pushing to water down the Senate's bill, taking out nearly everything that would make the bill useful -- and it appears that they're succeeding.

Read more ►

Syndicate content

More in Tux Machines

Phoronix on Graphics

Leftovers: OSS

Security Leftovers

  • Security updates for Thursday
  • OpenSSL patches two high-severity flaws
    OpenSSL has released versions 1.0.2h and 1.0.1t of its open source cryptographic library, fixing multiple security vulnerabilities that can lead to traffic being decrypted, denial-of-service attacks, and arbitrary code execution. One of the high-severity vulnerabilities is actually a hybrid of two low-risk bugs and can cause OpenSSL to crash.
  • Linux Foundation Advances Security Efforts via Badging Program
    The Linux Foundation Core Infrastructure Initiative's badging program matures, as the first projects to achieve security badges are announced.
  • Linux Foundation tackles open source security with new badge program
  • WordPress Plugin ‘Ninja Forms’ Security Vulnerability
    FOSS Force has just learned from Wordfence, a security company that focuses on the open source WordPress content management platform, that a popular plugin used by over 500,000 sites, Ninja Forms, contains serious security vulnerabilities.
  • Preparing Your Network for the IoT Revolution
    While there is no denying that IP-based connectivity continues to become more and more pervasive, this is not a fundamentally new thing. What is new is the target audience is changing and connectivity is becoming much more personal. It’s no longer limited to high end technology consumers (watches and drones) but rather, it is showing up in nearly everything from children’s toys to kitchen appliances (yes again) and media devices. The purchasers of these new technology-enabled products are far from security experts, or even security aware. Their primary purchasing requirements are ease of use.
  • regarding embargoes
    Yesterday I jumped the gun committing some patches to LibreSSL. We receive advance copies of the advisory and patches so that when the new OpenSSL ships, we’re ready to ship as well. Between the time we receive advance notice and the public release, we’re supposed to keep this information confidential. This is the embargo. During the embargo time we get patches lined up and a source tree for each cvs branch in a precommit state. Then we wait with our fingers on the trigger. What happened yesterday was I woke up to a couple OpenBSD developers talking about the EBCDIC CVE. Oh, it’s public already? Check the OpenSSL git repo and sure enough, there are a bunch of commits for embargoed issues. Pull the trigger! Pull the trigger! Launch the missiles! Alas, we didn’t look closely enough at the exact issues fixed and had missed the fact that only low severity issues had been made public. The high severity issues were still secret. We were too hasty.
  • Medical Equipment Crashes During Heart Procedure Because of Antivirus Scan [Ed: Windows]
    A critical medical equipment crashed during a heart procedure due to a timely scan triggered by the antivirus software installed on the PC to which the said device was sending data for logging and monitoring.
  • Hotel sector faces cybercrime surge as data breaches start to bite
    Since 2014, things have become a lot more serious with a cross section of mostly US hotels suffering major breaches during Point-of-Sale (POS) terminals. Panda Security lists a string of attacks on big brands including on Trump Hotels, Hilton Worldwide, Hyatt, Starwood, Rosen Hotels & Resorts as well two separate attacks on hotel management outfit White Lodging and another on non-US hotel Mandarin Oriental.

Android Leftovers