Language Selection

English French German Italian Portuguese Spanish

Legal

What legal remedies exist for breach of GPL software?

Filed under
Legal

Last April, a federal court in California handed down a decision in Artifex Software, Inc. v. Hancom, Inc., 2017 WL 1477373 (N.D. Cal. 2017), adding a new perspective to the forms of remedies available for breach of the General Public License (GPL). Sadly, this case reignited the decades-old license/contract debate due to some misinterpretations under which the court ruled the GPL to be a contract. Before looking at the remedy developments, it’s worth reviewing why the license debate even exists.

Read more

CLA vs. DCO: What's the difference?

Filed under
Legal

In your open source adventures, you may have heard the acronyms CLA and DCO, and you may have said "LOL WTF BBQ?!?" These letters stand for Contributor License Agreement and Developer Certificate of Origin, respectively. Both have a similar intent: To say that the contributor is allowed to make the contribution and that the project has the right to distribute it under its license. With some significant projects moving from CLAs to DCOs (like Chef in late 2016 and GitLab in late 2017), the matter has received more attention lately.

So what are they? The Contributor License Agreement is the older of the two mechanisms and is often used by projects with large institutional backing (either corporate or nonprofit). Unlike software licenses, CLAs are not standardized. CLAs can vary from project to project. In some cases, they simply assert that you're submitting work that you're authorized to submit, and you permit the project to use it. Other CLAs (for example the Apache Software Foundation's) may grant copyright and/or patent licenses.

Read more

​Linux beats legal threat from one of its own developers

Filed under
Linux
Legal

In a German court earlier this week, former Linux developer Patrick McHardy gave up on his Gnu General Public License version 2 (GPLv2) violation case against Geniatech Europe GmbH. Now, you may ask, "How can a Linux programmer dropping a case against a company that violates the GPL count as a win?"

It's complicated.

First, anyone who knows the least thing about Linux's legal infrastructure knows its licensed under the GPLv2. Many don't know that anyone who has copyrighted code in the Linux kernel can take action against companies that violate the GPLv2. Usually, that's a non-issue.

People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center (SFLC) to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2.

Read more

Black Duck Still FUDing, Licenses and Contracts Debate at FOSDEM

Filed under
Legal
  • Building Open Source Security into DevOps [Ed: The Microsoft-connected liars from Black Duck are still at it]
  • Licenses and contracts

    Some days it seems that wherever two or more free-software enthusiasts gather together, there also shall be licensing discussions. One such, which can get quite heated, is the question of whether a given free-software license is a license, or whether it is really a contract. This distinction is important, because most legal systems treat the two differently. I know from personal experience that that discussion can go on, unresolved, for long periods, but it had not previously occurred to me to wonder whether this might be due to the answer being different in different jurisdictions. Fortunately, it has occurred to some lawyers to wonder just that, and three of them came together at FOSDEM 2018 to present their conclusions.

    The talk was given by Pamela Chestek of Chestek Legal, Andrew Katz of Moorcrofts, and Michaela MacDonald of Queen Mary University of London. Chestek focused on the US legal system, Katz on that of England and Wales, while MacDonald focused on the civil law tradition that is characteristic of many EU member states. The four licenses they chose to consider were the "Modified" or "three-clause" BSD, the Apache License, the GNU General Public License (their presentation was not specific to GPLv3, but the passage they quoted to make a point was from GPLv3), and the Fair License. The first three are among the most common free-software licenses currently in use. The latter is the shortest license the Open Source Initiative has ever approved, and though it is used by hardly any free software, it was included as an example of the maximum possible simplicity in a license.

Top 10 open source legal stories that shook 2017

Filed under
OSS
Legal

Like every year, legal issues were a hot topic in the open source world in 2017. While we're deep into the first quarter of the year, it's still worthwhile to look back at the top legal news in open source last year.

Read more

How to make sense of the Apache 2 patent license

Filed under
Red Hat
OSS
Legal

In essence, when a software developer contributes code to a project (i.e., the Work under the license), he or she becomes a Contributor. Under the above term, Contributors are granting permission to use any of their patents that may read on their contribution. This provides peace of mind to users since the Contributor would likely be prevented from pursuing patent royalties from any users of the software covering that contribution to the project.

Complexities arise when the software developer contributes code that is not claimed by any of the Contributor's patents by itself, but only when combined with the Apache 2.0 licensed open source program to which the contribution was made (i.e., the Work under the license). Thus, the Contributor owning such a patent could pursue patent royalties against a user of that revised Work. The authors of the Apache 2.0 license were forward thinking and account for this scenario. Section 3 states that the license applies to "patent claims licensable by such Contributor that are necessarily infringed... by a combination of their Contribution(s) with the Work to which such Contributions was submitted."

Read more

Bruce Perens Suffers for Copyleft Defense, Microsoft Still Openwashing

Filed under
Legal

Free Electrons becomes Bootlin (After Trademark Bullying/Trolling by FREE SAS)

Filed under
Linux
Legal

The services we offer are different, we target a different audience (professionals instead of individuals), and most of our communication efforts are in English, to reach an international audience. Therefore Michael Opdenacker and Free Electrons’ management believe that there is no risk of confusion between Free Electrons and FREE SAS. However, FREE SAS has filed in excess of 100 oppositions and District Court actions against trademarks or name containing “free”. In view of the resources needed to fight this case, Free Electrons has decided to change name without waiting for the decision of the District Court. This will allow us to stay focused on our projects rather than exhausting ourselves fighting a long legal battle.

[...]

Nothing else changes in the company. We are the same engineers, the same Linux kernel contributors and maintainers (now 6 of us have their names in the Linux MAINTAINERS file), with the same technical skills and appetite for new technical challenges.

More than ever, we remain united by the passion we all share in the company since the beginning: working with hardware and low-level software, working together with the free software community, and sharing the experience with others so that they can at least get the best of what the community offers and hopefully one day become active contributors too. “Get the best of the community” is effectively one of our slogans.

Read more

Open-source civil war: Olive branch offered in trademark spat... with live grenade attached

Filed under
GNU
Legal

A few days before the Christmas holiday, the Software Freedom Law Center (SFLC) made a peace offering of sorts in an ostensible effort to resolve its trademark dispute with the Software Freedom Conservancy (SFC).

In September last year, SFLC sued the SFC claiming that the SFC trademark "Software Freedom Conservancy" is confusingly similar to the SFLC's "Software Freedom Law Center" trademark.

The SFLC was formed in 2005 to provide legal services for open-source projects. And in 2006, it helped set up the SFC, so it could provide infrastructure support – including legal services – for open-source developers.

That shared history and similarity of purpose has made the intellectual property dispute between two organizations rather confusing to folks in the open source community.

Read more

Multiple-guess quiz will make Brit fliers safer, hopes drone-maker DJI

Filed under
GNU
Security
Legal

Meanwhile, security researcher Jon Sawyer has published a root exploit for DJI drones called DUMLRacer. It would appear to allow the technically competent dronie to completely ignore DJI's height and location restrictions, which form a large part of its please-don't-regulate-us-out-of-existence offering to governments around the world.

In his tweet announcing the release, Sawyer said: "Dear DJI, next time I ask for some GPL source code, maybe don't tell me no."

At the heart of DJI's software is GNU General Public Licensed (open source) code. While the firm does publish some of its source code, as previously reported, the company is not exactly clear about what elements of its drones' firmware are based on GPL-licensed code. The GPL contains a provision stating that anyone can modify GPL-licensed code provided that the source of any publicly available modded version is also made public, as the GPL FAQ makes clear.

Read more

Syndicate content

More in Tux Machines

Server: HTTP Clients, IIS DDoS and 'DevOps' Hype From Red Hat

  • What are good command line HTTP clients?
    The whole is greater than the sum of its parts is a very famous quote from Aristotle, a Greek philosopher and scientist. This quote is particularly pertinent to Linux. In my view, one of Linux’s biggest strengths is its synergy. The usefulness of Linux doesn’t derive only from the huge raft of open source (command line) utilities. Instead, it’s the synergy generated by using them together, sometimes in conjunction with larger applications. The Unix philosophy spawned a “software tools” movement which focused on developing concise, basic, clear, modular and extensible code that can be used for other projects. This philosophy remains an important element for many Linux projects. Good open source developers writing utilities seek to make sure the utility does its job as well as possible, and work well with other utilities. The goal is that users have a handful of tools, each of which seeks to excel at one thing. Some utilities work well independently. This article looks at 4 open source command line HTTP clients. These clients let you download files over the internet from the command line. But they can also be used for many more interesting purposes such as testing, debugging and interacting with HTTP servers and web applications. Working with HTTP from the command-line is a worthwhile skill for HTTP architects and API designers. If you need to play around with an API, HTTPie and curl will be invaluable.
  • Microsoft publishes security alert on IIS bug that causes 100% CPU usage spikes
    The Microsoft Security Response Center published yesterday a security advisory about a denial of service (DOS) issue impacting IIS (Internet Information Services), Microsoft's web server technology.
  • 5 things to master to be a DevOps engineer
    There's an increasing global demand for DevOps professionals, IT pros who are skilled in software development and operations. In fact, the Linux Foundation's Open Source Jobs Report ranked DevOps as the most in-demand skill, and DevOps career opportunities are thriving worldwide. The main focus of DevOps is bridging the gap between development and operations teams by reducing painful handoffs and increasing collaboration. This is not accomplished by making developers work on operations tasks nor by making system administrators work on development tasks. Instead, both of these roles are replaced by a single role, DevOps, that works on tasks within a cooperative team. As Dave Zwieback wrote in DevOps Hiring, "organizations that have embraced DevOps need people who would naturally resist organization silos."

Purism's Privacy and Security-Focused Librem 5 Linux Phone to Arrive in Q3 2019

Initially planned to ship in early 2019, the revolutionary Librem 5 mobile phone was delayed for April 2019, but now it suffered just one more delay due to the CPU choices the development team had to make to deliver a stable and reliable device that won't heat up or discharge too quickly. Purism had to choose between the i.MX8M Quad or the i.MX8M Mini processors for their Librem 5 Linux-powered smartphone, but after many trials and errors they decided to go with the i.MX8M Quad CPU as manufacturer NXP recently released a new software stack solving all previous power consumption and heating issues. Read more

Qt Creator 4.9 Beta released

We are happy to announce the release of Qt Creator 4.9 Beta! There are many improvements and fixes included in Qt Creator 4.9. I’ll just mention some highlights in this blog post. Please refer to our change log for a more thorough overview. Read more

Hack Week - Browsersync integration for Online

Recently my LibreOffice work is mostly focused on the Online. It's nice to see how it is growing with new features and has better UI. But when I was working on improving toolbars (eg. folding menubar or reorganization of items) I noticed one annoying thing from the developer perspective. After every small change, I had to restart the server to provide updated content for the browser. It takes few seconds for switching windows, killing old server then running new one which requires some tests to be passed. Last week during the Hack Week funded by Collabora Productivity I was able to work on my own projects. It was a good opportunity for me to try to improve the process mentioned above. I've heard previously about browsersync so I decided to try it out. It is a tool which can automatically reload used .css and .js files in all browser sessions after change detection. To make it work browsersync can start proxy server watching files on the original server and sending events to the browser clients if needed. Read more