Language Selection

English French German Italian Portuguese Spanish

The open source patent war

Filed under
OSS

Due to the fact that Linux is free software and belongs to no-one, it is often assumed that Linux is "surrounded by legal uncertainties."

However, Linux is no more or less prone to legal uncertainties, by which we usually mean potential patent infringements, than any other software application or platform. The problem is not the software nor the license, but the legal framework within which the software industry operates. Software patents have become part of the standard software industry model but are antithetical to the objectives of open source software and are seen as problematic for the good health of future software development by free software developers.

The problem for proprietary software companies is that free software pulls the rug from under traditional software models. By definition free software is collaborative. Numerous individuals, hardware companies and academic establishments contribute to the code that is contained in a Linux distribution, and all have a vested interest in its success. The customer gains because the software is free and tends to be more adventurous, versatile and secure. The only potential loser is the traditional software vendor.

So it has been suggested, sometimes by the software vendors themselves, that those who are threatened by the competitive success of open source might seek to challenge Linux through the courts, on the grounds that the software, and Linux in particular, might include "stolen IP", and infringe the patents or copyrights of others. This is unlikely. The accusation has often been made, but the code is there for all to see, and no convincing evidence has ever been presented of any infringement.

The more likely action is of the type affected by Microsoft in its recent agreement with Novell.

Full Story.

More in Tux Machines

Games: Ostriv, Back to Bed, EVERSPACE, Hiveswap: Act 1

Openwashing and Microsoft FUD

BlueBorne Vulnerability Is Patched in All Supported Ubuntu Releases, Update Now

Canonical released today new kernel updates for all of its supported Ubuntu Linux releases, patching recently discovered security vulnerabilities, including the infamous BlueBorne that exposes billions of Bluetooth devices. The BlueBorne vulnerability (CVE-2017-1000251) appears to affect all supported Ubuntu versions, including Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus) up to 16.04.3, Ubuntu 14.04 LTS (Trusty Tahr) up to 14.04.5, and Ubuntu 12.04 LTS (Precise Pangolin) up to 12.04.5. Read more

Security: Updates, 2017 Linux Security Summit, Software Updates for Embedded Linux and More

  • Security updates for Tuesday
  • The 2017 Linux Security Summit
    The past Thursday and Friday was the 2017 Linux Security Summit, and once again I think it was a great success. A round of thanks to James Morris for leading the effort, the program committee for selecting a solid set of talks (we saw a big increase in submissions this year), the presenters, the attendees, the Linux Foundation, and our sponsor - thank you all! Unfortunately we don't have recordings of the talks, but I've included my notes on each of the presentations below. I've also included links to the slides, but not all of the slides were available at the time of writing; check the LSS 2017 slide archive for updates.
  • Key Considerations for Software Updates for Embedded Linux and IoT
    The Mirai botnet attack that enslaved poorly secured connected embedded devices is yet another tangible example of the importance of security before bringing your embedded devices online. A new strain of Mirai has caused network outages to about a million Deutsche Telekom customers due to poorly secured routers. Many of these embedded devices run a variant of embedded Linux; typically, the distribution size is around 16MB today. Unfortunately, the Linux kernel, although very widely used, is far from immune to critical security vulnerabilities as well. In fact, in a presentation at Linux Security Summit 2016, Kees Cook highlighted two examples of critical security vulnerabilities in the Linux kernel: one being present in kernel versions from 2.6.1 all the way to 3.15, the other from 3.4 to 3.14. He also showed that a myriad of high severity vulnerabilities are continuously being found and addressed—more than 30 in his data set.
  • APNIC-sponsored proposal could vastly improve DNS resilience against DDoS