Language Selection

English French German Italian Portuguese Spanish

Legal

Ensuring Openness Through and In Open Source Licensing

Submitted by Roy Schestowitz on Tuesday 31st of October 2017 01:57:44 PM Filed under
OSS
Legal

Some of the largest forces in business today—consumer-facing companies like Google and Facebook, business-facing companies like SUSE, companies outside the tech industry such as BMW, Capital One, and Zalando, even first-gen tech corporations like Microsoft and IBM—all increasingly depend on open source software. Governments too, including the European Union, France, India, the United Kingdom, the United States, and many others have discovered the benefits of open source software and development models. Successful collaborative development of software and infrastructure used by these organizations is enabled by the “safe space” created when they use their IP in a new ways... to ensure an environment for co-creation where the four essential freedoms of software are guaranteed.

Read more

»

Control Or Consensus?

Submitted by Roy Schestowitz on Wednesday 18th of October 2017 04:47:41 PM Filed under
OSS
Legal

In a recent conversation on the Apache Legal mailing list, a participant opined that “any license can be Open Source. OSI doesn’t ‘own’ the term.” He went on to explain “I could clone the Apache License and call it ‘Greg’s License’ and it would be an open source license.”

As long as the only people involved in the conversation are the speaker and people who defer to his authority, this might be OK. But as soon as there are others involved, it’s not. For the vast majority of people, the term “open source license” is not a personal conclusion resulting from considered evaluation, but rather a term of art applied to the consensus of the community. Individuals are obviously free to use words however they wish, just like Humpty Dumpty. But the power of the open source movement over two decades has arisen from a different approach.

The world before open source left every developer to make their own decision about whether software was under a license that delivers the liberty to use, improve and share code without seeking the permission of a rights holder. Inevitably that meant either uncertainty or seeking advice from a lawyer about the presence of software freedom. The introduction of the open source concept around the turn of the millennium solved that using the crystalisation of consensus to empower developers.

By holding a public discussion of each license around the Open Source Definition, a consensus emerged that could then by crystalised by the OSI Board. Once crystalised into “OSI Approval”, the community then has no need to revisit the discussion and the individual developer has no need to guess (or to buy advice) on the compatibility of a given license with software freedom. That in turn means proceeding with innovation or deployment without delay.

Read more

»

Licences: Eclipse Public Licence 2.0, GPL Copyright Troll, Fiduciary License Agreement 2.0

Submitted by Roy Schestowitz on Wednesday 18th of October 2017 09:38:12 AM Filed under
Legal
  • Eclipse Public License version 2.0 added to license list

    We recently updated our list of various licenses and comments about them to include the Eclipse Public License version 2.0 (EPL).

    In terms of GPL compatibility, the Eclipse Public License version 2.0 is essentially equivalent to version 1.0. The only change is that it explicitly offers the option of designating the GNU GPL version 2 or later as a "secondary license" for a certain piece of code.

  • Linux kernel community tries to castrate GPL copyright troll

    Linux kernel maintainer Greg Kroah-Hartman and several other senior Linux figures have published a “Linux Kernel Community Enforcement Statement” to be included in future Linux documentation, in order to ensure contributions to the kernel don't fall foul of copyright claims that have already seen a single developer win "at least a few million Euros.”

    In a post released on Monday, October 16th, Kroah-Hartman explained the Statement's needed because not everyone who contributes to the kernel understands the obligations the GNU Public Licence 2.0 (GPL 2.0), and the licence has “ambiguities … that no one in our community has ever considered part of compliance.”

  • Fiduciary License Agreement 2.0

    After many years of working on it, it is with immense pleasure to see the FLA-2.0 – the full rewrite of the Fiduciary License Agreement – officially launch.

»

Conservancy Applauds Linux Community's Promotion of Principled Copyleft Enforcement

Submitted by Roy Schestowitz on Monday 16th of October 2017 06:08:15 PM Filed under
GNU
Legal

Software Freedom Conservancy congratulates the Linux community for taking steps today to promote principled, community-minded copyleft enforcement by publishing the Linux Kernel Enforcement Statement. The Statement includes an additional permission under Linux's license, the GNU General Public License (GPL) version 2 (GPLv2). The additional permission, to which copyright holders may voluntarily opt-in, changes the license of their copyrights to allow reliance on the copyright license termination provisions from the GNU General Public License version 3 (GPLv3) for some cases 1.

Conservancy also commends the Linux community's Statement for reaffirming that legal action should be last resort for resolving a GPL violation, and for inviting noncompliant companies who work their way back into compliance to become active participants in the community. By bringing clarity to GPLv2 enforcement efforts, companies can adopt software with the assurance that these parties will work in a reasonable, community-centric way to resolve compliance issues.

Read more

»

Facebook Licence-Patents Debacle

Submitted by Roy Schestowitz on Tuesday 26th of September 2017 09:24:34 PM Filed under
OSS
Legal
  • Facebook’s About Face

    Thirty-five days after publicly stating, in response to objections from the Apache Software Foundation among others, that the company would not be re-licensing its React library, Facebook on Friday announced that it was re-licensing its React library. It was a surprising but welcome reversal for many in the industry, including Automattic’s Matt Mullenweg.

    Ten days ago, Mullenweg published a piece that was at once understanding and blunt announcing that React would be excised from WordPress related projects. The problem was not Automattic – their general counsel saw little problem with the license – but given the breadth of WordPress’ distribution, the decision was made to remove the software because of the uncertainties surrounding its license. As bad as it was being banished from Apache Software Foundation projects, this was worse. Depending on whose numbers you use, WordPress can account for something close to one in four websites.

    Given such extensive and escalating costs, the burden of proving the offsetting benefits to a patent clause required by virtually no one else in the industry presumably became too great, at which point the only rational decision would be to re-license the asset – difficult as such backtracking may have been.

  • Facebook Relents on React.js License Issue
  • Facebook Relents to Developer Pressure, Relicenses React
»

Licensing: Facebook Responds to Licence Complaints, Cloud Native Open Source License Choices Analysed

Submitted by Roy Schestowitz on Saturday 23rd of September 2017 07:59:29 AM Filed under
OSS
Legal
  • Facebook relicenses several projects

    Facebook has announced that the React, Jest, Flow, and Immutable.js projects will be moving to the MIT license. This is, of course, a somewhat delayed reaction to the controversy over the "BSD+patent" license previously applied to those projects.

  • Relicensing React, Jest, Flow, and Immutable.js

    Next week, we are going to relicense our open source projects React, Jest, Flow, and Immutable.js under the MIT license. We're relicensing these projects because React is the foundation of a broad ecosystem of open source software for the web, and we don't want to hold back forward progress for nontechnical reasons.

    This decision comes after several weeks of disappointment and uncertainty for our community. Although we still believe our BSD + Patents license provides some benefits to users of our projects, we acknowledge that we failed to decisively convince this community.

  • Cloud Native Open Source License Choices

    One of the most common questions regarding open source licensing today concerns trajectories. Specifically, what are the current directions of travel both for specific licenses as well as license types more broadly. Or put more simply, what licenses are projects using today, and how is that changing?

    We’ve examined this data several times, most recently in this January look at the state of licensing based on Black Duck’s dataset. That data suggested major growth for permissive licenses, primarily at the expense of reciprocal alternatives. The Apache and MIT licenses, for example, were up 10% and 21% respectively, while the GPL was down 27%. All of this is on a relative share basis, of course: the “drop” doesn’t reflect relicensing of existing projects, but less usage relative to its peers.

    [...]

    One such community with enough of a sample size to be relevant is the one currently forming around the Cloud Native Computing Foundation. Founded in 2015 with the Kubernetes project as its first asset, the Foundation has added eleven more open source projects, all of which are licensed under the same Apache 2 license. But as a successful Foundation is only a part of the broader ecosystem, the real question is what are the licensing preferences of the Cloud Native projects and products outside of the CNCF itself.

    [...]
    Unsurprisingly, perhaps, given the influence of the CNCF itself, Apache strongly outperforms all other licenses, showing far greater relative adoption than it has in more generalized datasets such as the Black Duck survey. Overall in this dataset, approximately 64% of projects are covered by the Apache license. No other project has greater than a 12% share. The only other licenses above 10%, in fact, are the GPL at 12% and MIT at 11%. After that, the other projects are all 5% or less.

»

A New Era for Free Software Non-Profits

Submitted by Roy Schestowitz on Thursday 21st of September 2017 05:15:41 PM Filed under
OSS
Legal

The US Internal Revenue Service has ushered in a new and much more favorable treatment for free software projects seeking to have 501c3 tax exempt non-profit organizations of their own. After years of suffering from a specially prejudicial environment at IRS, free software projects—particularly new projects starting out and seeking organizational identity and the ability to solicit and receive tax-deductible contributions for the first time—can now do so much more easily, and with confident expectation of fast, favorable review. For lawyers and others counseling free software projects, this is without question “game-changing.”

At SFLC, we have ridden all the ups and downs of the US tax law’s interaction with free software non-profits. When I formed SFLC—which in addition to being a 501c3 tax-deductible organization under US federal tax law is also a non-profit educational corporation under NY State law—in 2005, we acquired our federal 501c3 determination in less than 70 days. Over our first several years of operation, we shepherded several of our clients through the so-called “1023 process,” named after the form on which one applies for 501c3 determination, as well as creating several 501c3-determined “condominium” or “conservancy” arrangements, to allow multiple free software projects to share one tax-deductible legal identity.

But by the middle of the Obama Administration’s first term, our ability to get new 501c3 determinations from the IRS largely ceased. The Service’s Exempt Organizations Division began scrutinizing certain classes of 1023’s particularly closely, forming task forces to centralize review of—and, seemingly, to prevent success of—these classes of application. In our practice on behalf of free software projects seeking legal organization and tax exemption, we began to deal with unremitting Service pushback against our clients’ applications. Sometimes, the determination to refuse our clients’ applications seemed to indicate a fixed political prejudice against their work; more than once we were asked by IRS examiners “What if your software is used by terrorists?”

Read more

»

Software Patents Versus Free Software (WordPress, MP3 Playback)

Submitted by Roy Schestowitz on Friday 15th of September 2017 07:33:52 PM Filed under
OSS
Legal
  • On React and WordPress

    Big companies like to bury unpleasant news on Fridays: A few weeks ago, Facebook announced they have decided to dig in on their patent clause addition to the React license, even after Apache had said it’s no longer allowed for Apache.org projects. In their words, removing the patent clause would "increase the amount of time and money we have to spend fighting meritless lawsuits."

    I'm not judging Facebook or saying they're wrong, it's not my place. They have decided it's right for them — it's their work and they can decide to license it however they wish. I appreciate that they've made their intentions going forward clear.

    A few years ago, Automattic used React as the basis for the ground-up rewrite of WordPress.com we called Calypso, I believe it's one of the larger React-based open source projects. As our general counsel wrote, we made the decision that we'd never run into the patent issue. That is still true today as it was then, and overall, we’ve been really happy with React. More recently, the WordPress community started to use React for Gutenberg, the largest core project we've taken on in many years. People's experience with React and the size of the React community — including Calypso — was a factor in trying out React for Gutenberg, and that made React the new de facto standard for WordPress and the tens of thousands of plugins written for WordPress.

    We had a many-thousand word announcement talking about how great React is and how we're officially adopting it for WordPress, and encouraging plugins to do the same. I’ve been sitting on that post, hoping that the patent issue would be resolved in a way we were comfortable passing down to our users.

    That post won't be published, and instead I'm here to say that the Gutenberg team is going to take a step back and rewrite Gutenberg using a different library. It will likely delay Gutenberg at least a few weeks, and may push the release into next year.

  • MP3 Is Dead! Long Live MP3!

    Back in May, there was an unexpected surge in press coverage about the MP3 audio file format. What was most unexpected about it was it all declared that the venerable file format is somehow “dead”. Why did that happen, and what lessons can we learn?

    What had actually happened was the last of the patents on the MP3 file format and encoding process have finally expired. Building on earlier work, it was developed by the Moving Pictures Expert Group (MPEG) built on the doctoral work of an engineer at Fraunhofer Institute in Germany. Many companies held patents on the standard and it was not until April that the last of them expired. There’s no easy way to ascertain whether a patent has expired even after the date one moght expect it, so the wave of news arose from announcements by Fraunhofer Institute.

    Framing this as an “ending” fits the narrative of corporate patent holders well, but does not really reflect the likely consequences. Naturally the patent holding companies would rather everyone “upgrade” to the newer AAC format, which is still encumbered under a mountain of patents necessitating licensing. But for open source software, the end of patent monopilies signals the beginning of new freedoms.

»

FOSS Licensing News

Submitted by Roy Schestowitz on Thursday 14th of September 2017 10:34:29 PM Filed under
OSS
Legal
  • Public Money? Public Code! 22 Organizations Seek to Improve Public Software Procurement

    Today, 22 organizations are publishing an open letter in which they call for lawmakers to advance legislation requiring publicly financed software developed for the public sector be made available under a Free and Open Source Software license. The initial signatories include CCC, EDRi, Free Software Foundation Europe, KDE, Open Knowledge Foundation Germany, Open Source Business Alliance, Open Source Initiative, The Document Foundation, Wikimedia Germany, as well as several others; they ask individuals and other organization to sign the open letter. The open letter will be sent to candidates for the German Parliament election and, during the coming months, until the 2019 EU parliament elections, to other representatives of the EU and EU member states.

  • Two Open Source Licensing Questions: The AGPL and Facebook
  • How Open Source and Proprietary IP Can Co-Exist [Ed: law firms pushing software patents, not just copyright]

    Open source software imparts a number of benefits, including decreasing product development time, distributing development across a community and attracting developers to your organization. However, some organizations shy away from it due to perceived risks and disadvantages around intellectual property.

    [...]

    That's a situation in which we might open source an implementation and file for a patent at the same time. In scoping the patent and the license terms, the open source community gets access to the software but the patent retains value.

»

No To “No Hacking” Clauses

Submitted by Roy Schestowitz on Wednesday 6th of September 2017 04:09:27 PM Filed under
Legal

Adding any subjective restriction automatically creates doubt for developers, especially if they are corporate employees. They will need at a minimum to stop and ask their manager what the restriction means in their context, and that in turn is likely to be referred to a legal advisor. Even if the answer is “go ahead” the need to ask permission will be enough to chill use and stifle innovation.

The OSD tries to to prevent this and promote the granting of permission in advance to use, improve and share software for any purpose. Permission in advance is responsible for the whole open source phenomenon. So OSI won’t let you add a clause to a license that denies it. No matter how cleverly you word it.

Read more

»
Syndicate content

More in Tux Machines

today's leftovers

  • Heptio Debuts Gimbal Kubernetes Load Balancer Project
    Kubernetes startup Heptio has added another project to its roster of open-source efforts that provide expanded capabilities for container orchestration users.
  • Heptio Launches Kubernetes Load Balancing Application
  • The Role of Site Reliability Engineering in Microservices
    You can always spot the hot jobs in technology: they’re the ones that didn’t exist 10 years ago. While Site Reliability Engineers (SREs) did definitely exist a decade ago, they were mostly inside Google and a handful of other Valley innovators. Today, however, the SRE role exists everywhere, from Uber to Goldman Sachs, everyone is now in the business of keeping their sites online and stable. While SREs are hotshots in the industry, their role in a microservices environment is not just a natural fit that goes hand-in-hand, like peanut butter and jelly. Instead, while SREs and microservices evolved in parallel inside the world’s software companies, the former actually makes life far more difficult for the latter.
  • Lying with statistics, distributions, and popularity contests on Cooking With Linux (without a net)
    It's Tuesday and that means it's time for Cooking With Linux (without a net), sponsored and supported by Linux Journal. Today, I'm courting controversy by discussing numbers, OS popularity, and how to pick the right Linux distribution if you want to be where are the beautiful people hang out. And yes, I'll do it all live, without a net, and with a high probability of falling flat on my face.
  • Voyage open sources its approach to autonomous vehicle safety
    In an effort to improve autonomous vehicle safety, Voyage is open sourcing its Open Autonomous Safety (OAS) library that contains the company’s internal safety procedures, materials, and test code that is intended to supplement the existing safety programs at autonomous vehicle startups. Voyage is the self-driving business from the educational organization Udacity.
  • Hitchhiker’s Guide to KubeCon Europe
    The cloud native community is gathering in Copenhagen next week for KubeCon + CloudNativeCon Europe! Here’s your guide to the talks and events you won’t want to miss. Meet the Red Hat and CoreOS team members all week long, May 1-4 at booth D-E01.
  • Event - "GNU Health Con 2018" (Las Palmas de Gran Canaria, Spain)
    GNU Health is this year holding the III International GNU Health Conference, GNU Health Con 2018. This conference will gather the community of activists and developers who have been working on the project during the past 10 years.
  • ONNX: the Open Neural Network Exchange Format
    The good news is that the battleground is Free and Open. None of the big players are pushing closed-source solutions. Whether it is Keras and Tensorflow backed by Google, MXNet by Apache endorsed by Amazon, or Caffe2 or PyTorch supported by Facebook, all solutions are open-source software. Unfortunately, while these projects are open, they are not interoperable. Each framework constitutes a complete stack that until recently could not interface in any way with any other framework. A new industry-backed standard, the Open Neural Network Exchange format, could change that.
  • L.A. Lawmakers Looking To Take Legal Action Against Google For Not Solving Long-Running City Traffic Problems
    The city's government believes the traffic/mapping app has made Los Angeles' congestion worse. That the very body tasked with finding solutions to this omnipresent L.A. problem is looking to hold a private third party company responsible for its own shortcomings isn't surprising. If a third-party app can't create better traffic flow, what chance do city planners have? But beyond the buck-passing on congestion, the city may have a point about Waze making driving around Los Angeles a bit more hazardous. For several months, it's been noted that Waze has been sending drivers careening down the steepest grade in the city -- Baxter Street. Drivers seeking routes around Glendale Ave. traffic choke points have been routed to a street with a 32% grade, increasing the number of accidents located there and generally resulting in barely-controlled mayhem. When any sort of precipitation falls from the sky, the city goes insane. Drivers bypassing Glendale are now hurtling down a steep, water-covered hill, compounding the problem.
  • Even Microsoft's lost interest in Windows Phone: Skype and Yammer apps killed
    Microsoft’s given users of its collaboration apps on Windows Phone under a month’s warning of their demise. A support note from late last week advises that “Windows phone apps for Skype for Business, Microsoft Teams, and Yammer are retiring on May 20, 2018.” “Retiring” means all three will vanish from the Microsoft store on May 20, with differing results.
  • Should You Build Your Own DIY Security System?

"Native Linux apps in Chrome OS" and Kernel News From LWN

  • Native Linux apps in Chrome OS will have a slick, electric Material Design theme
    The Chrome OS developers have been working out the stylistic elements of what you’ll see once you open your first native Linux apps in Chrome OS, and they’ve opted for Adapta, a popular Material Design-inspired Gtk theme that can be used on many of your favorite GNU/Linux distributions. For those of you not keeping track, the Chrome OS developers have been busy baking native container functionality into Chrome OS that allows the user-friendly startup of regular Linux applications in containers-within-VMs. This project, codename “Crostini,” is the largest change to Chrome OS since Android apps were introduced. Containers allow for applications to run in their own dedicated environment in isolation of the host OS – like a virtual machine, except unlike a VM, it doesn’t virtualize the whole OS to make the application work, it just bundles up the application and necessary baggage into an executable package.
  • The rhashtable documentation I wanted to read
    The rhashtable data structure is a generic resizable hash-table implementation in the Linux kernel, which LWN first introduced as "relativistic hash tables" back in 2014. I thought at the time that it might be fun to make use of rhashtables, but didn't, until an opportunity arose through my work on the Lustre filesystem. Lustre is a cluster filesystem that is currently in drivers/staging while the code is revised to meet upstream requirements. One of those requirements is to avoid duplicating similar functionality where possible. As Lustre contains a resizable hash table, it really needs to be converted to use rhashtables instead — at last I have my opportunity. It didn't take me long to discover that the rhashtable implementation in Linux 4.15 is quite different from the one that originally landed in Linux 3.17, so the original LWN introduction is now barely relevant. I also quickly discovered that the in-kernel documentation was partially wrong, far from complete, and didn't provide any sort of "getting started" guide. Nevertheless I persisted and eventually developed a fairly complete understanding of the code, which seems worth sharing. This article gives an introduction to the use of the rhashtable interfaces without getting into too many internal implementation details. A followup will explain how rhashtables work internally and show how some of the mechanism details leak though the interfaces.
  • The second half of the 4.17 merge window
    By the time the 4.17 merge window was closed and 4.17-rc1 was released, 11,769 non-merge changesets had been pulled into the mainline repository. 4.17 thus looks to be a typically busy development cycle, with a merge window only slightly more busy than 4.16 had. Some 6,000 of those changes were pulled after last week's summary was written.

Software: LibreNMS, Pidgin, Wireshark and More

  • Featured Network Monitoring Tool for Linux
    LibreNMS is an open source, powerful and feature-rich auto-discovering PHP based network monitoring system which uses the SNMP protocol. It supports a broad range of operating systems including Linux, FreeBSD, as well as network devices including Cisco, Juniper, Brocade, Foundry, HP and many more.
  • Get started with Pidgin: An open source replacement for Skype
    Technology is at an interesting crossroads, where Linux rules the server landscape but Microsoft rules the enterprise desktop. Office 365, Skype for Business, Microsoft Teams, OneDrive, Outlook... the list goes on of Microsoft software and services that dominate the enterprise workspace. What if you could replace that proprietary software with free and open source applications and make them work with an Office 365 backend you have no choice but to use? Buckle up, because that is exactly what we are going to do with Pidgin, an open source replacement for Skype.
  • Wireshark, World’s Most Popular Network Protocol Analyzer, Gets Major Release
    Wireshark, world’s most popular open-source network protocol analyzer, has been updated to a new stable series, versioned 2.6, a major update that adds numerous new features and improvements, as well as support for new protocols. A lot of user interface improvements have been made since Wireshark 2.5, and Wireshark 2.6 appears to be the last release that will support the legacy GTK+ graphical user interface, as the development team announced it wouldn't be supported in the next major series, Wireshark 3.0. New features in Wireshark 2.6 include support for HTTP Request sequences, support for MaxMind DB files, Microsoft Network Monitor capture file support, as well as LoRaTap capture interface support. The IP map feature was removed, as well as support for the GeoIP and GeoLite Legacy databases.
  • A look at terminal emulators, part 2
    A comparison of the feature sets for a handful of terminal emulators was the subject of a recent article; here I follow that up by examining the performance of those terminals. This might seem like a lesser concern, but as it turns out, terminals exhibit surprisingly high latency for such fundamental programs. I also examine what is traditionally considered "speed" (but is really scroll bandwidth) and memory usage, with the understanding that the impact of memory use is less than it was when I looked at this a decade ago (in French).
  • Counting beans—and more—with Beancount
    It is normally the grumpy editor's job to look at accounting software; he does so with an eye toward getting the business off of the proprietary QuickBooks application and moving to something free. It may be that Beancount deserves a look of that nature before too long but, in the meantime, a slightly less grumpy editor has been messing with this text-based accounting tool for a variety of much smaller projects. It is an interesting system, with a lot of capabilities, but its reliance on hand-rolling for various pieces may scare some folks off.
  • Firefox release speed wins
    Sylvestre wrote about how we were able to ship new releases for Nightly, Beta, Release and ESR versions of Firefox for Desktop and Android in less than a day in response to the pwn2own contest. People commented on how much faster the Beta and Release releases were compared to the ESR release, so I wanted to dive into the releases on the different branches to understand if this really was the case, and if so, why? [..] We can see that Firefox 59 and 60.0b4 were significantly faster to run than ESR 52 was! What's behind this speedup?
  • LibreOffice 6.1 Alpha 1 Is Ready To Roll For Advancing The Open-Source Office
    LibreOffice 6.1 Alpha 1 was tagged overnight as the first development release towards this next updated open-source office suite release succeeding the big LibreOffice 6.0. LibreOffice 6.1.0 is set to be released by the middle of August and for that to happen the alpha release has now been hit followed by the beta release this time next month, and the release candidates to come through the month of July. The feature freeze and branching occurs at next month's beta stage while the hard code freeze is expected for the middle of July.

today's howtos

More on Tux Machines: AboutGalleryForumBlogsSearchNewsRSS Feed

Part of Bytes Media ● Sister sites below.

TechBytes Techrights button

Powered by Drupal, an open source content management system

Content available under CC-BY-SA CC

© by original authors

Powered by CentOS 6.5 (GNU/Linux), Varnish, and Drupal 6