Language Selection

English French German Italian Portuguese Spanish


Oracle Desperate

Filed under

Announcing the Open Source License API

Filed under

Over the last 19 years, the Open Source Initiative (OSI) has been the steward of the Open Source Definition (or OSD), establishing a common language when discussing what it means to be an Open Source license, and a list of licenses which are known to be compatible with the OSD.

This is taken to its logic next step this year, with the OSI providing a machine readable publication of OSI approved licenses at This will allow third parties to become license-aware, and give organizations the ability to clearly determine if a license is, in fact, an Open Source license, from the authoritative source regarding Open Source licenses, the OSI.

Read more

Win for APIs and FOSS (Android Case)

Filed under
  • Google beats Oracle at trial: Jury finds Android is “fair use”

    Following a two-week trial, a federal jury concluded Thursday that Google's Android operating system does not infringe Oracle-owned copyrights because its re-implementation of 37 Java APIs is protected by "fair use." The verdict was reached after three days of deliberations.

    "Ladies and gentlemen of the jury, listen to your verdict as it will stand recorded," said the court clerk, before polling each of the ten men and women on the jury.

    There was only one question on the special verdict form, asking if Google's use of the Java APIs was a "fair use" under copyright law. The jury unanimously answered "yes," in Google's favor. The verdict ends the trial, which began earlier this month. If Oracle had won, the same jury would have gone into a "damages phase" to determine how much Google should pay. Because Google won, the trial is over.

    "I salute you for your extreme hard work in this case," said US District Judge William Alsup, who has overseen the litigation since 2010. "With the thanks of your United States District Court, you are now discharged. I would like to come in the jury room and shake each of your hands individually."

    Four of the ten jurors declined to comment to reporters gathered in the hallway. The other six went out through a back exit.

    "We're grateful for the jury's verdict," said Google lead lawyer Robert Van Nest before getting into the elevator with Google's in-house lawyers. "That's it." Oracle attorneys had no comment.

  • Google wins Oracle copyright fight over Android code

    Today, a jury in California's Northern District federal court declared that Google's use of copyright-protected code in Android was fair use, freeing it of any liability. Oracle, which controls the copyright on the code, had been seeking $9 billion for the use of the code.

    The case centers around an API developed by Java and owned by Oracle, which allows outside programs to easily interact with Java programs. Android uses the same API, and in 2014 a federal appeals court ruled that Oracle has a valid copyright claim on the API code, potentially putting Google on the hook for billions of dollars in damages. (The Supreme Court declined to hear the appeal.) In the latest round, Google argued that Android's reimplementation of the API constituted fair use, which would allow use of the code without invalidating Oracle's copyright. Ultimately, the jury found that case convincing.

German experts update free software legal review

Filed under

Two German legal experts have published the fourth edition of their review of legal issues regarding the use of free software. The book by Till Jaeger, a Berlin-based lawyer specialised in legal issues concerning open source software, and Axel Metzger, professor at the Humboldt University in the same city, appeared in March.

Read more

Linux ZFS Compatibility

Filed under
  • ZFS comes to Debian, thanks to licensing workaround

    The ZFS file system has come to popular Linux distribution Debian, but in a way the distro's backers think won't kick up another row over compatibility of open source licences.

    Ubuntu 16.04 added ZFS, despite pre-release grumblings from Richard Stallman to the effect that anything licensed under the GNU GPL v2 can only be accompanied by code also released under the GNU GPL v2. ZFS is issued under a Common Development and Distribution License, version 1 (CDDLv1).

  • Skirting The Hole In The Ice Of ZFS

    The muddy part is how building and running a ZFS module with Linux is not a violation of copyright when a combined derivative work of Linux+ZFS is created. Making even one copy is probably a violation of both CDDL and GPL., so keep on skating.

  • What does it mean that ZFS is included in Debian?

    Petter Reinholdtsen recently blogged about ZFS availability in Debian. Many people have worked hard on getting ZFS support available in Debian and we would like to thank everyone involved in getting to this point and explain what ZFS in Debian means.

Debian Project Clarifies the Implementation of ZFS for Linux in Debian GNU/Linux

Filed under

We reported the other day that Debian developer Petter Reinholdtsen informed the community about the implementation of ZFS filesystem support in the Debian GNU/Linux operating system.

While the Debian community welcomed the native ZFS for Linux implementation in the acclaimed and widely-used GNU/Linux operating system, some were wondering how this stands from a legal point of view, as the license under which the ZFS for Linux project is distributed does not comply with the Debian Free Software Guidelines.

Read more


Filed under
  • GCC 6.1 Compiler Optimization Level Benchmarks: -O0 To -Ofast + FLTO

    Here are some extra GCC 6.1 compiler benchmarks to share this weekend, complementing the recent GCC 4.9 vs. GCC 5 vs. GCC 6 comparison and the GCC 6.1 vs. Clang 3.9 compiler comparison.

  • LinuxFest Northwest 2016: From TPP to saving WiFi, the FSF fights for you
  • Savannah suffering networking problems

    Last Friday May 6th Savannah was moved to new hosting in the same datacenter with many various assorted related and unrelated changes. Since that time there have been wide spread reports of networking problems. The FSF admins are aware of the problem and are trying to resolve it.

  • Enforcement and compliance for the GPL and similar licenses

    The Free Software Legal & Licensing Workshop (LLW) is a three-day event held every year for legal professionals (and aficionados) who work in the realm of free and open-source software (FOSS). It is organized by the Free Software Foundation Europe (FSFE) and, this year, the event was held in Barcelona (Spain), April 13-15. The topics covered during the event ranged from determining what constitutes authorship, how to attribute it, and what is copyrightable, to the complexity of licenses and how to make them more accessible for potential licensees lacking in legal background. In addition, license enforcement and compliance were discussed, with a particular focus on how the GPL and related licenses have done in court.

FRAND Is Not A Compliance Issue

Filed under

The European Commission has been persuaded by lobbyists to change its position on standards to permit the use of FRAND license terms for patents applicable to technologies within those standards. This is a massive mistake that will harm innovation by chilling open source community engagement.

Read more

EU jeopardises its own goals in standardisation with FRAND licensing

Filed under

On 19 April, the European Commission published a communication on "ICT Standardisation Priorities for the Digital Single Market" (hereinafter 'the Communication'). The Digital Single Market (DSM) strategy intends to digitise industries with several legislative and political initiatives, and the Communication is a part of it covering standardisation. In general, the Free Software Foundation Europe (FSFE) welcomes the Communication's plausible approach for integrating Free Software and Open Standards into standardisation but expresses its concerns about the lack of understanding of necessary prerequisites to pursue that direction.

Read more

Also: A fresh look at the U.S. draft policy on 'federal sourcing'

A perfect marriage: YOU and Ubuntu 16.04

Filed under

Canonical claims it has taken legal advice and that it is allowed to ship OpenZFS with its Linux.

What ever the legal rights and wrongs, Ubuntu's support is clearly aimed primarily at the server use case. ZFS is not an option within the installer. In fact you'll need to install the userland parts of ZFS yourself before you can format disks and get everything working. Still, if you're interested in trying Ubuntu atop ZFS, Canonical has a guide to using ZFS.

Read more

Syndicate content

More in Tux Machines

Linux 4.8.4

I'm announcing the release of the 4.8.4 kernel. And yeah, sorry about the quicker releases, I'll be away tomorrow and as they seem to have passed all of the normal testing, I figured it would be better to get them out earlier instead of later. And I like releasing stuff on this date every year... All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git:// linux-4.8.y and can be browsed at the normal git web browser: Read more Also: Linux 4.7.10 Linux 4.4.27

New Releases: Budgie, Solus, SalentOS, and Slackel

  • Open-Source Budgie Desktop Sees New Release
    The pet parakeet of the Linux world, Budgie has a new release available for download. in this post we lookout what's new and tell you how you can get it.
  • Solus Linux Making Performance Gains With Its BLAS Configuration
    - Those making use of the promising Solus Linux distribution will soon find their BLAS-based workloads are faster. Solus developer Peter O'Connor tweeted this week that he's found some issues with the BLAS linking on the distribution and he's made fixes for Solus. He also mentioned that he uncovered these BLAS issues by using our Phoronix Test Suite benchmarking software.
  • SalentOS “Luppìu” 1.0 released!
    With great pleasure the team announces the release of SalentOS “Luppìu” 1.0.
  • Slackel "Live kde" 4.14.21
    This release is available in both 32-bit and 64-bit architectures, while the 64-bit iso supports booting on UEFI systems. The 64-bit iso images support booting on UEFI systems. The 32-bit iso images support both i686 PAE SMP and i486, non-PAE capable systems. Iso images are isohybrid.

Security News

  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]
    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks. The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub. The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems. Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits. Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.
  • DDOS Attack On Internet Infrastructure
    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable. This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.
  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]
    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
  • Major DNS provider Dyn hit with DDoS attack
    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."
  • What We Know About Friday’s Massive East Coast Internet Outage
    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard. This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.
  • Either IoT will be secure or the internet will be crippled forever
    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.
  • IoT at the Network Edge
    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."
  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users
    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.
  • ​The Dirty Cow Linux bug: A silly name for a serious problem
    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."
  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE
    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks. Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

today's howtos