Language Selection

English French German Italian Portuguese Spanish

Legal

The GPL in Layman’s Terms - Free as in What?

Filed under
Linux
Legal

Through the glazed-over eyes of friends and family, past that painful look of well-intended but feigned interest, I can clearly see a fundamental lack of understanding about this free software I’m constantly going on about.

Read more

via DMT/Linux Blog

Licensing FUD and Licensing Advice

Filed under
Legal
  • On the Law and Your Open Source License [Ed: Black Duck is just a parasite selling proprietary software by bashing FOSS]

    "Looking back five or ten years, companies managing open source risk were squarely focused on license risk associated with complying with open source licenses," notes a report from Black Duck Software. Fast-forward to today, and the rules and processes surrounding open source licensing are more complex than ever.

  • Explaining the source code requirement in AGPLv3

    This condition was intended to apply mainly to what would now be considered SaaS deployments, although the reach of "interacting remotely through a computer network" should perhaps be read to cover situations going beyond conventional SaaS. The objective was to close a perceived loophole in the ordinary GPL in environments where users make use of functionality provided as a web service, but no distribution of the code providing the functionality occurs. Hence, Section 13 provides an additional source code disclosure requirement beyond the object code distribution triggered requirement contained in GPLv2 Section 3 and GPLv3 and AGPLv3 Section 6.

7 notable legal developments in open source in 2016

Filed under
OSS
Legal

A number of interesting and notable legal developments in open source took place in 2016.

Read more

Latest Black Duck Attack on Free/Open Source Software

Filed under
OSS
Security
Legal
  • M&A deals imperilled by failure to manage open source software risk, says expert [Ed: As is so common these days, today it's Microsoft's proxy Black Duck attacking FOSS and trying to scare people]
  • Open Source: Know It Before You Embrace It [Ed: By Josh Software, not Black Duck FUD about security and licences]

    Open source has already taken the world by storm. Businesses from across industries are embracing it. Earlier open source was just a tiny revolutionary idea that was not given any hope, but it has now become not just mainstream but possibly the only stream. The world has realized its importance and benefits over other closed source languages and tools. More importantly, start-ups have started embracing open source whole heartedly to gain an edge over their competitors. But the question is, how are they utilizing it to their advantage and how is it benefiting them?

FOSS Licensing

Filed under
OSS
Legal
  • [Older] Licensing resource series: License Violations and Compliance
  • [Older] The Licensing and Compliance Lab interviews Micah Lee of GPG Sync

    This is the latest installment of our Licensing and Compliance Lab's series on free software developers who choose GNU licenses for their work. In this edition, we conducted an email-based interview with Micah Lee of GPG Sync.

    GPG Sync is a recently launched project for managing the sharing of GPG keys, particularly within an organization. Micah Lee made the project internally at First Look Media and has now shared it with the world.

  • Apache and the JSON license

    The JSON license is a slightly modified variant of the MIT license, but that variation has led it to be rejected as a free-software or open-source license by several organizations. The change is a simple—rather innocuous at some level—addition of one line: "The Software shall be used for Good, not Evil.". Up until recently, code using the JSON license was acceptable for Apache projects, but that line and the ambiguity it engenders was enough for Apache to put it on the list of disallowed licenses.

    At the end of October, Ted Dunning brought up the license on the Apache legal-discuss mailing list. He suggested that classifying the JSON license as acceptable (i.e. on the list of Category A licenses) was an "erroneous decision". That decision was made, he said, "apparently based on a determination that the no-evil clause was 'clearly a joke'". He pointed to a thread from 2008 where a "lazy consensus" formed that the "not evil" condition did not preclude Apache projects from using the license.

Open Source Software A Core Competency For Effective Tech M&A

Filed under
OSS
Legal

Imagine your company just acquired its competitor for $100 million. Now imagine the company’s most important asset – its proprietary software – is subject to third-party license conditions that require the proprietary software to be distributed free of charge or in source code form. Or, imagine these license conditions are discovered late in the diligence process, and the cost to replace the offending third-party software will costs tens of thousands of dollars and take months to remediate. Both scenarios exemplify the acute, distinct and often overlooked risks inherent to the commercial use of open source software. An effective tech M&A attorney must appreciate these risks and be prepared to take the steps necessary to mitigate or eliminate them.

Over the past decade, open source software has become a mainstay in the technology community. Since its beginnings, open source software has always been viewed as a way to save money and jumpstart development projects, but it is increasingly being looked to for its quality solutions and operational advantages. Today, only a fraction of technology companies do not use open source software in any way. For most of the rest, it is mission critical.

Read more

Microsoft & Linux & Patents & Tweets

Filed under
GNU
Linux
Microsoft
Legal

Fact-checking some tweets about Linux Foundation’s newest member and their harvesting of other members’ money.

Read more

Also: Microsoft Loves Linux Patent Tax

FOSS CMS News

Filed under
OSS
Legal
  • Newly Redesigned Boston.gov Just Went Open Source

    Boston is open sourcing its municipal website, three months after redesigning Boston.gov.

    Taking the source code public, a move overseen by the city’s Digital Team, will speed the rate at which the site evolves through the addition of new features developed by local software designers, academic institutions and organizations.

  • WordPress attacks Wix, and Wix strikes back
  • The WordPress-Wix Dispute
  • The Price Of GPL [Ed: hatred of the GPL]

    Wix’s CEO, Avishai Abrahami, responded with a round of non-sequiturs that carefully evade the point that his product is built from source code for which they have not paid. One of his engineers equally misses the point, focusing on the circumstances surrounding the violation, rather than taking responsibility for the theft.

    Some will take issue with the use of strong words like “stolen code,” and “theft,” with respect to a GPL violation. But that’s exactly what it is: software has been taken and deployed in Wix’s product, but the price for doing so has not been paid.

    [...]

    Many developers understand, and view the price of GPL as perfectly justified, while others (myself included) find it unacceptable. So what am I supposed to do? Not use any GPL source code at all in any of my proprietary products? Exactly. Because the price of GPL is too much for me, and I don’t steal source code.

FOSS Licensing

Filed under
GNU
OSS
Legal
  • Conservancy Promotes Transparency by Publishing Template Agreements for Linux Compliance Program

    Today at the Linux Plumbers Conference, Software Freedom Conservancy hosts its second feedback session on the GPL Compliance Program for Linux Developers. These sessions, which Conservancy is hosting at relevant events over the next year and summarizing for public review, will seek input and ideas from the Linux community about GPL enforcement, answer questions, and plan strategies to deal with GPL enforcement actions that do not follow Conservancy and FSF's Principles of Community-Oriented GPL Enforcement.

  • Eben Moglen on GPL Compliance and Building Communities: What Works

    Software Freedom Law Center, the pro-bono law firm led by Eben Moglen, Professor of law at Columbia Law School and the world's foremost authority on Free and Open Source Software law held its annual fall conference at Columbia Law School, New York on Oct. 28. The full-day program featured technical and legal presentations on Blockchain, FinTech, Automotive FOSS and GPL Compliance by industry and community stalwarts.

    The program culminated in remarks by Moglen that highlighted the roles of engagement and education in building effective, ever-lasting communities. While expressing his gratitude to his colleague, friend and comrade Richard M. Stallman, Moglen emphasized the positive message relayed by Greg Kroah-Hartman and Theodore Ts'o --earlier in the day-- for creating win-win solutions and spreading users' freedom.

  • Freedom In Moderation [Ed: Freedom insistence (in software) equated with “extremism”, worse a term than “purism”]

    I must define some terminology in case readers are unfamiliar. Free software is defined by the Free Software Foundation (FSF) as software that carries four fundamental freedoms: the freedom to run the program for any purpose, the to study and change it, to redistribute unmodified copies, and to redistribute modified copies. The “free” refers not to price but to freedom, and is sometimes called “libre”, from the same Latin root as “liberate”.

    The Free Software Foundation has been campaigning for “users’ freedom” since 1985. They advocate for the release of software under licenses they approve that give users those freedoms. Some of their notable successes include the GNU project, which develops various low-level and mid-level system tools, and their Defective By Design campaign to oppose digital rights management (DRM).

Distributing encryption software may break the law

Filed under
OSS
Security
Legal

Developers, distributors, and users of Free and Open Source Software (FOSS) often face a host of legal issues which they need to keep in mind. Although areas of law such as copyright, trademark, and patents are frequently discussed, these are not the only legal concerns for FOSS. One area that often escapes notice is export controls. It may come as a surprise that sharing software that performs or uses cryptographic functions on a public website could be a violation of U.S. export control law.

Export controls is a term for the various legal rules which together have the effect of placing restrictions, conditions, or even wholesale prohibitions on certain types of export as a means to promote national security interests and foreign policy objectives. Export control has a long history in the United States that goes back to the Revolutionary War with an embargo of trade with Great Britain by the First Continental Congress. The modern United States export control regime includes the Department of State's regulations covering export of munitions, the Treasury Department's enforcement of United States' foreign embargoes and sanctions regimes, and the Department of Commerce's regulations applying to exports of "dual-use" items, i.e. items which have civil applications as well as terrorism, military, or weapons of mass destruction-related applications.

Read more

Syndicate content

More in Tux Machines

Security: WPA2, CVE-2017-15265, Fuzzing, Hyperledger

  • Fedora Dev Teaches Users How to Protect Their Wi-Fi Against WPA2 KRACK Bug
    Former Fedora Project leader Paul W. Frields talks today about how to protect your Fedora computers from the dangerous WPA2 KRACK security vulnerability that affects virtually any device using the security protocol to connect to the Internet.
  • WPA2 was kracked because it was based on a closed standard that you needed to pay to read
    How did a bug like krack fester in WPA2, the 13-year-old wifi standard whose flaws have rendered hundreds of millions of devices insecure, some of them permanently so? Thank the IEEE's business model. The IEEE is the standards body that developed WPA2, and they fund their operations by charging hundreds of dollars to review the WPA2 standard, and hundreds more for each of the standards it builds upon, so that would-be auditors of the protocol have to shell out thousands just to start looking. It's an issue that Carl Mamamud, Public Resource and the Electronic Frontier Foundation have been fighting hard on for years, ensuring that the standards that undergird public safety and vital infrastructure are available for anyone to review, audit and criticize.
  • Patch Available for Linux Kernel Privilege Escalation
    The issue — tracked as CVE-2017-15265 — is a use-after-free memory corruption issue that affects ALSA (Advanced Linux Sound Architecture), a software framework included in the Linux kernel that provides an API for sound card drivers.
  • ​Linus Torvalds says targeted fuzzing is improving Linux security
    Announcing the fifth release candidate for the Linux kernel version 4.14, Linus Torvalds has revealed that fuzzing is producing a steady stream of security fixes. Fuzzing involves stress testing a system by generating random code to induce errors, which in turn may help identify potential security flaws. Fuzzing is helping software developers catch bugs before shipping software to users.
  • Devsecops: Add security to complete your devops process [Ed: more silly buzzwords]
  • Companies overlook risks in open source software [Ed: marketing disguised as "news" (and which is actually FUD)]
  • Q&A: Does blockchain alleviate security concerns or create new challenges?
    According to some, blockchain is one of the hottest and most intriguing technologies currently in the market. Similar to the rising of the internet, blockchain could potentially disrupt multiple industries, including financial services. This Thursday, October 19 at Sibos in Toronto, Hyperledger’s Security Maven Dave Huseby will be moderating a panel “Does Blockchain technology alleviate security concerns or create new challenges?” During this session, experts will explore whether the shared nature of blockchain helps or hinders security.

Games: Nowhere Prophet, Ebony Spire: Heresy, The First Tree, Daggerfall, Talos Principle

  • Nowhere Prophet, a single-player tactical roguelike with card-based battles has Linux support
    Nowhere Prophet [Official Site, itch.io], a single-player tactical roguelike with card-based battles is currently going through 'First Access' (itch's version of Early Access) and it has Linux support.
  • Ebony Spire: Heresy, a first-person turn-based dungeon crawler will release next month
    For fans of the classic first-person dungeon crawlers, Ebony Spire: Heresy [Steam] looks like it might scratch the itch. One interesting thing to note, is that Linux is the primary platform for the development of the game. It's really great to hear about more games actually developed on Linux! Even better, is that the source code for the game is under the MIT license. You can find the source on GitHub. The source is currently a little outdated, but the developer has told me that it will be updated when the Beta becomes available.
  • The First Tree, a short and powerful exploration game is now available on Linux
    The developer of The First Tree [itch.io, Steam, Official Site] email in to let everyone know that their beautiful 3rd-person exploration game is now on Linux 'due to a ton of requests'. Linux support arrived as part of a major patch, which improves gamepad support, adds an option to invert the Y-axis and Camera Sensitivity options are in too. On top of that, a bunch of bugs were also squashed.
  • The open source recreation of Daggerfall hits an important milestone
    Another classic game is getting closer to being fully playable natively on Linux. The project to recreate The Elder Scrolls II: Daggerfall in the Unity engine has hit an important milestone and now the the main quest is completely playable. Daggerfall is the second entry in Bethesda’s long-running Elder Scrolls series of role-playing games and was originally released way back in 1996. It was an ambitious game, with thousands upon thousands of locations to explore in an virtual game area the size of a small real-world nation. It’s a game that I personally lost a lot of time to way back in the day and I’m happy to see that a project that allows me to play it natively on Linux is coming along swimmingly.
  • The Talos Principle VR Launches With Linux Support
    Croteam has just released The Talos Principle VR, the virtual reality edition of their award-winning The Talos Principle puzzle game. SteamOS/Linux with the HTC Vive is supported alongside Windows. This VR-enhanced version of The Talos Principle is retailing for $39.99 USD.

Android Leftovers

Review: Google Pixel 2

If I had to pick the moment I most appreciated the Google Pixel 2, it would be when our airboat driver-slash-tour guide put a hot dog and a piece of raw chicken in his pocket, dove into the New Orleans swamp, and began playing with a giant gator named Who Dat. I’m no social media whiz, but I knew there was Instagram gold unfolding in front of me. So I pulled out my Pixel 2 XL, the larger of Google’s two new models, double-clicked on the power button to open the camera, and started snapping. Read more