Language Selection

English French German Italian Portuguese Spanish

Legal

Two hackers who committed suicide and no one still knows the real reason why

Filed under
Development
Legal
Obits

Two of world’s most wanted hackers had committed suicide and no one still knows why. Aaron Swartz and Jonathan James, both hackers by profession and most wanted by the FBI have committed suicide in face of the federal investigation against their hacking crimes.

Interested thing is both hackers were not connected to each other in any way but were being tried for hacking by the same department and the case was being overseen by the same Assistant United States Attorney Stephen Heymann. Could this have any hand in their suicides.

Read more

SPDX v2 simplifies open source license dependency tracking

Filed under
GNU
Linux
OSS
Legal

The Linux Foundation has updated its SPDX standard to v2.0, enhancing the ability to track complex open source license dependencies to ensure compliance.

The Linux Foundation (LF) released version 1.0 of the Software Package Data Exchange (SPDX) standard in 2011, promoting it as a common format for sharing data about software licenses and copyrights. Now the LF’s SPDX workgroup has released version 2.0 of the standard, with new features that let you relate SPDX documents to each other to provide a “three-dimensional” relationship view of license dependencies.

Read more

Why doesn't the FSF release GPG-signed copies of its licenses?

Filed under
GNU
Legal

While verified copies of our licenses can be useful, this is unfortunately a project that sounds straightforward at first, but all the corner cases found in the wild muck it up.

One relatively frequent request we receive is for the FSF to provide GPG-signed copies of our licenses. GPG is a tool that lets users cryptographically sign or encrypt documents and emails. A GPG-signed document lets anyone who receives it know that they have received the exact same document as the one that was signed. By providing signed documents, users will be able to easily ensure that they have received an unmodified copy of the license along with their software. It's also possible that some system of signing the documents could help projects tracking the use and adoption of various free software licenses. Providing these signed documents is a simple task: run a command and publish the documents. A trivial investment of resources, or at least that is how it appears at first.

Read more

The Weather Company relies on Drupal to manage content

Filed under
Legal

After helping to put the dot in .com by building and configuring enterprise class solutions with WorldCom as a Sun hardware and software engineer, Jason Smith went on to AAAS (The American Association for the Advancement of Science, and the publishers of the journal Science) to direct the technical needs of the education directorate.

Jason has built or architected solutions ranging from enterprise to small business class and has found in Drupal a flexible, scalable, rapid development framework for targeting all levels of projects. A long time beneficiary of the open source movement, Jason—now a senior software architect at The Weather Company—is an avid supporter of open source projects and believes strongly in giving back to the community that supported him.

Read more

Patent Pledges and Open Source Software Development

Filed under
OSS
Legal

For all its benefits, one aspect of open source software does cause headaches: understanding the legal terms that control its development and use. For starters, scores of licenses have been created that the Open Source Initiative recognizes as meeting the definition of an “open source license.” While the percentage of these licenses that are in wide use is small, there are significant and important differences between many of these popular licenses. Moreover, determining what rights are granted in some cases requires referring to what the community thinks they mean (rather than their actual text), and in others by the context in which the license is used.

Read more

The Curious History of Komongistan (Busting the term “intellectual property”)

Filed under
GNU
Legal

The purpose of this parable is to illustrate just how misguided the term “intellectual property” is. When I say that the term “intellectual property” is an incoherent overgeneralization, that it lumps together laws that have very little in common, and that its use is an obstacle to clear thinking about any of those laws, many can't believe I really mean what I say. So sure are they that these laws are related and similar, species of the same genus as it were, that they suppose I am making a big fuss about small differences. Here I aim to show how fundamental the differences are.

Fifty years ago everyone used to recognize the nations of Korea, Mongolia and Pakistan as separate and distinct. In truth, they have no more in common than any three randomly chosen parts of the world, since they have different geographies, different cultures, different languages, different religions, and separate histories. Today, however, their differentness is mostly buried under their joint label of “Komongistan”.

Few today recall the marketing campaign that coined that name: companies trading with South Korea, Mongolia and Pakistan called those three countries “Komongistan” as a simple-sounding description of their “field” of activity. (They didn't trouble themselves about the division of Korea or whether “Pakistan” should include what is now Bangladesh.) This label gave potential investors the feeling that they had a clearer picture of what these companies did, as well as tending to stick in their minds. When the public saw the ads, they took for granted that these countries formed a natural unit, that they had something important in common. First scholarly works, then popular literature, began to talk about Komongistan.

Read more

GitHub: Now Supporting Open Source License Compliance

Filed under
OSS
Legal

Ask any developer where to turn for access to the latest software code for open source projects, and you’ll likely be directed to GitHub—one of the largest providers of open source code online.

While GitHub has always been a great site for developers to come together, network and share code, up until a few years ago, the website had a problem. Though it was easy for developers to share code, finding the right software license to go along with it was much harder. The majority of downloads on GitHub, therefore, were taking place without the critical software license component.

Read more

Latest TPP leak shows systemic threat to software freedom

Filed under
GNU
Legal

Key congressional leaders have just agreed on a deal to fast track the fast-tracking of TPP. While the threat of TPP has persisted for years, now is the time to fight back!

Read more

European Commission finalises the draft EUPL v1.2

Filed under
OSS
Legal

After this presentation, a specific point was still under investigation: the possibility of an “opt out” clause regarding the updated list of compatible licences. This list is not only extended to the GPLv3 and AGPLv3, but also to other copyleft licences like the MPL or the LGPL that protect the covered files or the derivatives of the covered works against exclusive appropriation (prohibition of re-licensing the covered files or their derivatives under a proprietary licence) without any ambition to extend their coverage to the whole work or application in which the covered file is integrated or linked.

Read more

Allwinner: "We Are Taking Initiative Actions Internally"

Filed under
OSS
Legal

Allwinner has been taking a lot of heat lately for violating open-source licenses with their Linux binary blob components. They then got caught obfuscating their code to try to hide their usage of open-source code, shifted around their licenses, and has continued jerking around the open-source community.

Read more

Syndicate content

More in Tux Machines

GNOME and Fedora

  • RFC: Integrating rsvg-rs into librsvg
    I have started an RFC to integrate rsvg-rs into librsvg. rsvg-rs is the Rust binding to librsvg. Like the gtk-rs bindings, it gets generated from a pre-built GIR file.
  • 1+ year of Fedora and GNOME hardware enablement
    A year and a couple of months ago, Christian Schaller asked me to pivot a little bit from working full time on Fleet Commander to manage a new team we were building to work on client hardware enablement for Fedora and GNOME with an emphasis on upstream. The idea was to fill the gap in the organization where nobody really owned the problem of bringing up new client hardware features vertically across the stack (from shell down to the kernel), or rather, ensure Fedora and GNOME both work great on modern laptops. Part of that deal was to take over the bootloader and start working closer to customers and hardware manufacturing parnters.
  • Fedora Atomic Workstation: Works on the beach
    My trip is getting really close, so I decided to upgrade my system to rawhide. Wait, what ? That is usually what everybody would tell you not to do. Rawhide has this reputation for frequent breakage, and who knows if my apps will work any given day. Not something you want to deal with while traveling.
  • 4 cool new projects to try in COPR for February

Why You Shouldn’t Use Firefox Forks (and Proprietary Opera)

  • Why You Shouldn’t Use Firefox Forks Like Waterfox, Pale Moon, or Basilisk
    Mozilla Firefox is an open source project, so anyone can take its code, modify it, and release a new browser. That’s what Waterfox, Pale Moon, and Basilisk are—alternative browsers based on the Firefox code. But we recommend against using any of them.
  • Opera Says Its Next Opera Release Will Have the Fastest Ad Blocker on the Block
    Opera Software promoted today its upcoming Opera 52 web browser to the beta channel claiming that it has the faster ad blocker on the market compared to previous Opera release and Google Chrome. One of the key highlights of the Opera 52 release will be the improved performance of the built-in ad blocker as Opera claims to have enhanced the string matching algorithm of the ad blocker to make it open web pages that contain ads much faster than before, and, apparently than other web browsers, such as Chrome.

Graphics: Glxinfo, ANV, SPIR-V

  • Glxinfo Gets Updated With OpenGL 4.6 Support, More vRAM Reporting
    The glxinfo utility is handy for Linux users in checking on their OpenGL driver in use by their system and related information. But it's not often that glxinfo itself gets updated, except that changed today with the release of mesa-demos-8.4.0 as the package providing this information utility. Mesa-demos is the collection of glxinfo, eglinfo, glxgears, and utilities related to Mesa. With the Mesa-demos 8.4.0 it is predominantly glxinfo updates.
  • Intel ANV Getting VK_KHR_16bit_storage Support Wrapped Up
    Igalia's Jose Maria Casanova Crespo sent out a set of patches today for fixes that allow for the enabling of the VK_KHR_16bit_storage extension within Intel's ANV Vulkan driver. The patches are here for those interested in 16-bit storage support in Vulkan. This flips on the features for storageBuffer16BitAccess, uniformAndStorageBuffer16BitAccess, storagePushConstant16 and the VK_KHR_16bit_storage extension. This support is present for Intel "Gen 8" Broadwell graphics and newer. Hopefully the work will be landing in Mesa Git soon.
  • SPIR-V Support For Gallium3D's Clover Is Closer To Reality
    It's been a busy past week for open-source GPU compute with Intel opening up their new NEO OpenCL stack, Karol Herbst at Red Hat posting the latest on Nouveau NIR support for SPIR-V compute, and now longtime Nouveau contributor Pierre Moreau has presented his latest for SPIR-V Clover support. Pierre has been spending about the past year adding SPIR-V support to Gallium3D's "Clover" OpenCL state tracker. SPIR-V, of course, is the intermediate representation used now by OpenCL and Vulkan.

Security: Updates, Tinder, FUD and KPTI Meltdown Mitigation

  • Security updates for Friday
  • Tinder vulnerability let hackers [sic] take over accounts with just a phone number

    The attack worked by exploiting two separate vulnerabilities: one in Tinder and another in Facebook’s Account Kit system, which Tinder uses to manage logins. The Account Kit vulnerability exposed users’ access tokens (also called an “aks” token), making them accessible through a simple API request with an associated phone number.

  • PSA: Improperly Secured Linux Servers Targeted with Chaos Backdoor [Ed: Drama queen once again (second time in a week almost) compares compromised GNU/Linux boxes to "back doors"]
    Hackers are using SSH brute-force attacks to take over Linux systems secured with weak passwords and are deploying a backdoor named Chaos. Attacks with this malware have been spotted since June, last year. They have been recently documented and broken down in a GoSecure report.
  • Another Potential Performance Optimization For KPTI Meltdown Mitigation
    Now that the dust is beginning to settle around the Meltdown and Spectre mitigation techniques on the major operating systems, in the weeks and months ahead we are likely to see more performance optimizations come to help offset the performance penalties incurred by mitigations like kernel page table isolation (KPTI) and Retpolines. This week a new patch series was published that may help with KPTI performance.