Language Selection

English French German Italian Portuguese Spanish

Legal

My personal journey from MIT to GPL

Filed under
GNU
Legal

As I got started writing open source software, I generally preferred the MIT license. I actually made fun of the “copyleft” GPL licenses, on the grounds that they are less free. I still hold this opinion today: the GPL license is less free than the MIT license - but today, I believe this in a good way.

[...]

I don’t plan on relicensing my historical projects, but my new projects have used the GPL family of licenses for a while now. I think you should seriously consider it as well.

Read more

GPL Dodge and Compliance

Filed under
GNU
Legal
  • Why does macOS Catalina use Zsh instead of Bash? Licensing [iophk: "s/patents/software patents/g; :("]

    So, it’s no surprise that Apple’s moving its users away from Bash. I’m also not surprised to see Apple favor Zsh. For starters, it’s licensed under the MIT License, and therefore doesn’t contain the controversial language surrounding patents and Tivoization.

  • The Redmi S2, aka Y2, gets its Android Pie update

    That may not be a huge deal to some users, however. Xiaomi is also obliged to release the S2/Y2's kernel sources in order to remain compliant with GNU's general public licence.

EFF and Open Rights Group Defend the Right to Publish Open Source Software to the UK Government

Filed under
OSS
Security
Legal

EFF and Open Rights Group today submitted formal comments to the British Treasury, urging restraint in applying anti-money-laundering regulations to the publication of open-source software.

The UK government sought public feedback on proposals to update its financial regulations pertaining to money laundering and terrorism in alignment with a larger European directive. The consultation asked for feedback on applying onerous customer due diligence regulations to the cryptocurrency space as well as what approach the government should take in addressing “privacy coins” like Zcash and Monero. Most worrisome, the government also asked “whether the publication of open-source software should be subject to [customer due diligence] requirements.”

We’ve seen these kind of attacks on the publication of open source software before, in fights dating back to the 90s, when the Clinton administration attempted to require that anyone merely publishing cryptography source code obtain a government-issued license as an arms dealer. Attempting to force today’s open-source software publishers to follow financial regulations designed to go after those engaged in money laundering is equally obtuse.

Read more

Licensing Changes

Filed under
GNU
OSS
Legal
  • CockroachDB changes its open-source licensing model [Ed: Waffling tom avoid saying it became proprietary]

    Cockroach Labs has announced that it is switching CockroachDB away from the Apache License version 2 (APL).

    According to Cockroach Labs, its business model has long relied on the assumption that “companies could build a business around a strong open source core product without a much larger technology platform company coming along and offering the same product as a service.” But this is no longer the case, the company explained.

  • Another open-source database company will tighten its licensing strategy, wary of Amazon Web Services [Ed: Another reminder that all the cloudwashing by corporate media is an assault on FOSS because people are shamed into ceding control, giving all money and data to GAFAM]

    Cockroach Labs, the New York-based database company behind the open-source CockroachDB database, will change the terms of the license agreement in the next version of the open-source project to prohibit cloud providers like Amazon Web Services from offering a commercial version of that project as a service.

  • CockroachDB shelters from AWS extermination under Business Software License [Ed: Amazon's assault on FOSS using the AWS/cloudwashing craze yields results; FOSS becoming proprietary software and GAFAM couldn't care less.]

    Cockroach Labs has become the latest open source vendor to run for cover from AWS and other cloud vendors, by relicensing its CockroachDB under the Business Source License.

    In a post explaining the move, the companies’ founders wrote “We’re witnessing the rise of highly-integrated providers take advantage of their unique position to offer “as-a-service” versions of OSS products, and offer a superior user experience as a consequence of their integrations.” They cited AWS’ forked version of ElasticSearch.

  • Latest FSF Updates To Software Licenses

    If you've ever felt confused about open source licensing you are not alone. The good news is that the Free Software Foundation has a highly informative and well-maintained list of licenses, not only for software but also for documentation and for other works, drawing a distinction between free and non-free.

    The fact that that the Personal Public Licence Version 3a and the Anti-996 Licence have both been added to the non-free list isn't really the important bit of this news item. It is that the existence of the Various Licences and Comments about Them that deserves being better known.

Licensing: Companies That Close Down FOSS 'in the Cloud' and Latest GPL Compliance at OnePlus

Filed under
OSS
Legal
  • Confluent says it has the first cloud-native Kafka streaming platform

    Open-source unicorn Confluent Inc. is ready to go head-to-head with cloud computing giants with the release of a cloud-native and fully managed service based upon the Apache Kafka streaming platform.

  • For open source vs. proprietary, AWS might have it both ways [Ed: Mac Asay, Adobe, proponent of calling proprietary "open". IDG has just received money from Adobe (“BrandPost Sponsored by Adobe”) and Asay is now publishing articles owing to his employer paying the media. He’s is some kind of editor at InfoWorld (IDG). So the corporations basically buy ‘journalism’ (their staff as editors) at IDG.]
  • Why Open Source Should Remain Open

    On one hand, the validation that comes along with major tech players offering open source fuels growth in the software. On the other, it also changes the platform from one that’s always been free and available to one that is only available with limitations and has red tape all around it. As some of these companies join in the open source community, they’re losing sight of the original goal and community. Instead, they are building artificial walls and shutting down many parts of what makes open source open. This isn’t a unique occurrence, it’s happening more and more frequently and is something that will completely rearrange the core of open source as we know it.

  • BREAKING: OnePlus 7 Pro root achieved on global and Indian variants, kernel source codes released

    OnePlus phones are known for their developer friendliness as well as strong aftermarket development community. The Chinese OEM prefers to mandate GPL and push kernel source codes in a timely manner, which is a godsend compared to most of their competitors.

  • OnePlus 7 / 7 Pro kernel source code is now out, expect custom ROMs soon

    OnePlus announced the most-awaited OnePlus 7 and OnePlus 7 Pro last week. Both the smartphones are already on sale and can be bought in all the countries they are available. Even the OnePlus 7 Pro received its maiden update which brings April security patch and more. As usual, the kernel source for the OnePlus 7 series is now out too in a timely manner. Thus, users can expect custom ROMS sooner than later.

Google GPL Compliance and Free Software Legal and Licensing Workshop 2019

Filed under
OSS
Legal
  • Google Pixel 3a and Pixel 3a XL forums and kernel source code are up

    Google’s newly launched Pixel 3a series matches up to the photography skills of the flagship Pixel 3 series, even while being priced at only half. But besides bringing the characteristic photography acumen of a Google Pixel, the Pixel 3a devices also share some part of their DNA with the erstwhile Google Nexus lineup. This is because they’re easy on the pocket (at least in the Western markets) and should, thus, be preferred by developers as devices meant to test the latest features in Android.

  • Renewed focus on REUSE

    Following the Free Software Legal and Licensing Workshop 2019 in Barcelona, I managed to get in touch with some people to put a renewed focus on the REUSE initiative by the FSFE.

  • ClearlyDefined: Putting license information in one place [Ed: Why is an FSFE workshop led by a Microsoft employee? Explains some things I've seen about FSFE lately (not good things). Be careful of ClearlyDefined because mostly Microsoft people promote it (everywhere they can). So you know it's Microsoft-leaning an effort and Microsoft is a serial GPL violator that got caught many times.]

    As the stats page shows, there are nearly five million definitions currently in the database (as of this writing, anyway). Multiple repositories are being harvested, including npm for Node.js, PyPI for Python, Maven for Java, Crate for Rust, GitHub, and others. ClearlyDefined was the subject of a lively workshop at the recent FSFE Legal and Licensing Workshop (LLW), led by project lead Jeff McAffer of GitHub. The project has lots of partners, such as Google, Microsoft, Amazon Web Services, Qualcomm, Software Heritage, and Codescoop.

FOSS Licensing Debates at OSI and New Open Data From Recursion

Filed under
OSS
Legal
  • April 2019 License-Discuss Summary

    Antoine Thomas asks whether a contributor would be able to revoke/remove their contributions from a project, and how this would affect old versions of a project.

    Kevin Fleming responds that legitimately provided open source licenses are not revocable, but that a project might honor a request out of courtesy.

    Brendan Hickey points out that copyright law may provide special revocation rights, e.g. 17 USC §203. And even without revocation, a contributor could make life difficult for users.

  • April 2019 License-Review Summary

    Van Lindberg submits his Cryptographic Autonomy License (CAL) to the review process. This is a network copyleft license, but with a broader scope than the AGPL. The CAL is motivated by ensuring user autonomy in blockchain-based applications. Lindberg has also written an in-depth blog post that serves as a rationale document. Last month, there had already been preliminary discussion about the license on the license-discuss list (see the summary).

    [...]

    Pamela Chestek provides a careful analysis of unclear language in the license.

    Henrik Ingo is concerned that the anti-DRM provision might not be effective, which leads to some comparisons with the GPLv3 [1,2,3,4].

  • Recursion Releases Open-Source Data from Largest Ever Dataset of Biological Images, Inviting Data Science Community to Develop New and Improved Machine Learning Algorithms for the Life Sciences Industry

Licensing/Legal Facets of FOSS

Filed under
OSS
Legal
  • 5 Best Drag and Drop Builders For WordPress of 2019 [Ed: And proprietary software with "free bait".]

    Depends on your requirements, really. One thing that you need to keep in mind is that the prices are different for different packages, so money is a factor you need to consider before making the decision. For example, Elementor could as well have been the best for beginners had their license not been so restrictive. Also, their Pro version is not GPL.

    Other such drawbacks for other builders make Beaver Builder and Divi clearly the most preferred WordPress page builders. Visual Composer comes very close to these two. So, while there may be a bit of a pocket pinch, you can go for any of these if you want to be on safe hands. Also, while the recent Gutenberg editor holds a lot of promise, it is still going to be a while before it comes anywhere close to any of these powerful builders.

  • Upstream First

    This talk was mostly aimed at managers of engineering teams and projects with fairly little experience in shipping open source, and much less experience in shipping open source through upstream cross vendor projects like the kernel. It goes through all the usual failings and missteps and explains why an upstream first strategy is the right one, but with a twist: Instead of technical reasons, it’s all based on economical considerations of why open source is succeeding. Fundamentally it’s not about the better software, or the cheaper prize, or that the software freedoms are a good thing worth supporting.

    Instead open source is eating the world because it enables a much more competitive software market. And all the best practices around open development are just to enable that highly competitive market. Instead of arguing that open source has open development and strongly favours public discussions because that results in better collaboration and better software we put on the economic lens, and private discussions become insider trading and collusions. And that’s just not considered cool in a competitive market. Similar arguments can be made with everything else going on in open source projects.

  • The sustainability of open source for the long term

    The problem of "sustainability" for open-source software is a common topic of conversation in our community these days. We covered a talk by Bradley Kuhn on sustainability a month ago. Another longtime community member, Luis Villa, gave his take on the problem of making open-source projects sustainable at the 2019 Legal and Licensing Workshop (LLW) in Barcelona. Villa is one of the co-founders of Tidelift, which is a company dedicated to helping close the gap so that the maintainers of open-source projects get paid in order to continue their work.

  • On technological liberty

    In his keynote at the 2019 Legal and Licensing Workshop (LLW), longtime workshop participant Andrew Wilson looked at the past, but he went much further back than, say, the history of free software—or even computers. His talk looked at technological liberty in the context of classical liberal philosophic thinking. He mapped some of that thinking to the world of free and open-source software (FOSS) and to some other areas where our liberties are under attack.

    He began by showing a video of the band "Tears for Fears" playing their 1985 hit song "Everybody wants to rule the world", though audio problems made it impossible to actually hear the song; calls for Wilson to sing it himself were shot down, perhaps sadly, though he and the audience did give the chorus a whirl. In 1985, the band members were young and so was open source, he said. But there were new digital synthesizers available, with an open standard (MIDI) that allowed these instruments to talk to one another. It freed musicians from the need for expensive studio time, since they could write and polish their music anywhere: a great example of technological freedom.

Crowdsourcing license compliance with ClearlyDefined

Filed under
OSS
Legal

Open source use continues to skyrocket, not just in use cases and scenarios but also in volume. It is trivial for a developer to depend on a 1,000 JavaScript packages from a single run of npm install or have thousands of packages in a Docker image. At the same time, there is increased interest in ensuring license compliance.

Without the right license you may not be able to legally use a software component in the way you intend or may have obligations that run counter to your business model. For instance, a JavaScript package could be marked as MIT license, which allows commercial reuse, while one of its dependencies is licensed has a copyleft license that requires you give your software away under the same license. Complying means finding the applicable license(s), and assessing and adhering to the terms, which is not too bad for individual components adn can be daunting for large initiatives.

Read more

GNU and GPL Picks

Filed under
GNU
Legal
  • The decade long wait for Bash 5

    It's a coincidence that the Linux kernel and Bash jumped to version 5.0 at about the same time. While Linus assigns the numbers as he sees fit, Bash changes its version when major adjustments are made. Here's what users can expect in Bash 5.

    My last article about a Bash version change is 10 years old [1]. Version 4 was in the starting blocks at that time, but it took some time for all distributions to switch to this version. Nobody puts their production system at risk without good reason.

    Nevertheless, the change was very attractive for developers of complex scripts, because – thanks to associative arrays – a completely new data structure was introduced. The advantages were more elegant, simpler programs that were also easier to maintain. Other important changes included the coproc command (which supports parallelization) and redirection operators.

  • Stack Clash mitigation in GCC: Why -fstack-check is not the answer

    In our previous article about Stack Clash, we covered the basics of the Stack Clash vulnerability. To summarize, an attacker first uses various means to bring the heap and stack close together. A large stack allocation is then used to “jump the stack guard.” Subsequent stores into the stack may modify objects in the heap or vice versa. This, in turn, can be used by attackers to gain control over applications.

  • Cooperation and freedom for all

    The GPL's "freedom zero" can be applied to more than just open-source software.

    Recently, a discussion came up on one of the mailing lists for a GNU/Linux distribution, on which I feel it is necessary to comment. Because this discussion has a place in world politics today, I am bringing my input to this column.

    I started working for Digital Equipment Corporation (DEC) in 1983. At that time, I had traveled only domestically in the USA, never internationally.

  • Software Freedom Conservancy Announces End to VMware Lawsuit

    Linux developer Christoph Hellwig has announced that he is discontinuing his lawsuit against VMware for non-compliance with the terms of the GPL. Hellwig and the Software Freedom Conservancy accused VMware of including GPLed code associated with vmklinux into VMware's proprietary vSphere product. A German appeals court dismissed the case on February 28. Hellwig and the Software Freedom Conservancy have decided they will not appeal the case further in German courts.

Syndicate content

More in Tux Machines