Language Selection

English French German Italian Portuguese Spanish

Legal

'This was bigger than GNOME and bigger than just this case.' GNOME Foundation exec director talks patent trolls and much, much more

Filed under
Interviews
GNOME
Legal

Patent assertion entities: do not pick a fight with open source. It won't end well for you. This is the message from GNOME Foundation executive director Neil McGovern, who will speak on the subject at the Open Source Summit Europe next week.

McGovern talked to The Register ahead of the event on patents, Microsoft, and more.

The open-source outfit develops the default desktop environment on major Linux distributions including Ubuntu and Red Hat. In late August 2019, Rothschild Patent Imaging filed a lawsuit against the GNOME foundation claiming that GNOME Shotwell, a photo manager, infringed one of its patents.

“We didn't receive a letter before the court documents were filed or any sort of warning, it was just filed and then within a week there was a settlement request for $75,000,” McGovern told us.

Read more

USDOJ Takes on Google, Mozilla Responds

Filed under
Google
Moz/FF
Web
Legal
  • Justice Department Sues Monopolist Google For Violating Antitrust Laws

    oday, the Department of Justice — along with eleven state Attorneys General — filed a civil antitrust lawsuit in the U.S. District Court for the District of Columbia to stop Google from unlawfully maintaining monopolies through anticompetitive and exclusionary practices in the search and search advertising markets and to remedy the competitive harms. The participating state Attorneys General offices represent Arkansas, Florida, Georgia, Indiana, Kentucky, Louisiana, Mississippi, Missouri, Montana, South Carolina, and Texas.

    “Today, millions of Americans rely on the Internet and online platforms for their daily lives. Competition in this industry is vitally important, which is why today’s challenge against Google — the gatekeeper of the Internet — for violating antitrust laws is a monumental case both for the Department of Justice and for the American people,” said Attorney General William Barr. “Since my confirmation, I have prioritized the Department’s review of online market-leading platforms to ensure that our technology industries remain competitive. This lawsuit strikes at the heart of Google’s grip over the internet for millions of American consumers, advertisers, small businesses and entrepreneurs beholden to an unlawful monopolist.”

  • Mozilla Reaction to U.S. v. Google

    Like millions of everyday internet users, we share concerns about how Big Tech’s growing power can deter innovation and reduce consumer choice. We believe that scrutiny of these issues is healthy, and critical if we’re going to build a better internet. We also know from firsthand experience there is no overnight solution to these complex issues. Mozilla’s origins are closely tied to the last major antitrust case against Microsoft in the nineties.

    In this new lawsuit, the DOJ referenced Google’s search agreement with Mozilla as one example of Google’s monopolization of the search engine market in the United States. Small and independent companies such as Mozilla thrive by innovating, disrupting and providing users with industry leading features and services in areas like search. The ultimate outcomes of an antitrust lawsuit should not cause collateral damage to the very organizations – like Mozilla – best positioned to drive competition and protect the interests of consumers on the web.

  • DOJ May Force Google To Sell Chrome To Settle Antitrust Case: Report

    he U.S. Department of Justice may force Google to sell its Chrome browser. The development came after the US Congress’ antitrust report on big tech companies.

    It is also told that the DOJ is targeting Google’s advertising business as well. The prosecutors aim at breaking Google’s monopoly on the $162 billion digital advertising market. Politico reported the development via anonymous sources.

Open source licensing and why we're changing Plausible to the AGPL license

Filed under
GNU
Legal

Plausible Analytics is a software as a service open source web analytics project. With the increase in popularity of Plausible in recent months, we’ve become aware that there are risks associated with permissive open source licenses that corporations that don’t care about open source are happy to take advantage of.

So we’re making a change to our license. This change doesn’t affect anyone subscribing to the Plausible Analytics Cloud and anyone who’s running Plausible Analytics Self-Hosted on their server. Everything stays the same.

The change will affect corporations that want to take our code and use it to create and sell proprietary tools that directly compete with us. Let’s look at the details.

[...]

These corporations use Google Analytics to track their users, have Facebook pixels to target the same users with advertising across the web and so on. Everything we stand against.

Their motives don’t seem to be to make the web more privacy-friendly and reduce the dominance of Google. It seems purely a business opportunity to make money from open source.

Read more

Via: Plausible relicenses to AGPL

Free Software Leftovers

Filed under
OSS
Legal
  • WordPress Mobile Engineers Propose Dual Licensing Gutenberg under GPL v2.0 and MPL v2.0

    During a Q&A session at WordCamp Europe 2020 online, Matt Mullenweg mentioned that Gutenberg contributors were considering dual licensing for embedding Gutenberg in mobile apps, along with the requirement that they would need to get an agreement from all contributors. WordPress mobile engineer Maxime Biais has just published a proposal for discussion, recommending dual licensing the editor under GPL v2.0 and MPL v2.0.

    [...]

    Mobile app developers are limited by the GPL, because it requires the entire app to be distributed under the same license. The team is proposing dual licensing under MPL v2.0, a weaker copyleft license that is often considered to be more “business-friendly.” It allows users to combine the software with proprietary code. MPL v2.0 requires the source code for any changes to be available under the MPL, ensuring improvements are shared back to the community. The rest of the app can be distributed under any terms with the MPL v2.0 code included as part of a “larger work.”

  • NoSQL databases: what is MongoDB and its use cases?

    Databases like MongoDB, a NoSQL document database, are commonly used in environments where flexibility is required with big, unstructured data with ever-changing schemas. This post explains what a NoSQL database is, and provides an overview of MongoDB, its use cases and a solution for running an open source MongoDB database at scale.

  • What Cassandra users think of their NoSQL DBMS

    With the NoSQL market expected to be worth $22 Billion by 2026, big business is paying Apache Cassandra a lot of attention. While MongoDB dominates NoSQL, 52.71% to Cassandra's 9.73%, Cassandra, with its ability to deliver continuous availability, high performance, and scalability to large volumes of unstructured data, will always be a player. Now, if only there were more expert Cassandra administrators!

    A global survey of 1,404 Cassandra practitioners found a plurality thought the lack of skilled staff and the challenge of migration was blocking Cassandra's adoption. To be exact, 36% of users currently using Cassandra for mission-critical apps said that a lack of Cassandra-skilled team members was deterring its broader adoption.

    When asked what it would take for practitioners to use Cassandra for more applications and features in production, they said it needs to be "easier to migrate" and "easier to integrate." That's because "we don't have time to train a ton of developers, so that time to deploy, time to onboard, that's really key. All the other stuff, scalability, that all sounds fine," said a London-based senior Cassandra user.

    That may be in part because of those surveyed, 89% were using open-source Cassandra. If they were using DataStax, the most popular Cassandra distro, it might be a different story.

  • Olauncher gives your home screen an open-source, minimalist makeover

    Android's open, customizable nature is one of the things that attract a lot of enthusiasts to the platform. From manufacturer-specific tweaks to third-party default app replacements, there's usually a way to make your phone look and act how you choose. Olauncher is a new home screen replacement app that endeavors to bring an open-source, lightweight, and minimal setup to your phone.

    And minimal it is — there's time and date info up top, a list of apps below ... and that's it. The clock and app list can be set to left, center, or right orientations. A maximum of six app names can be displayed, but if you're the most minimal of minimalists, you can set it to show no apps at all. But wouldn't that render it useless? Not quite! By default, swiping to the left launches the camera and swiping to the right opens up the dialer, but you can customize these as you choose. A swipe up opens the full app list organized alphabetically.

Cory Doctorow: IP

Filed under
GNU
Legal

You’ve probably heard of “open source software.” If you pay at­tention to the politics of this stuff, you might have heard of “free software” and even know a little about the ethical debate underpin­ning the war of words between these two labels. I’ve been involved since the last century, but even I never really understood what’s going on in the background until recently.

I was looking up the history of the first free soft­ware license, and I had a revelation that transformed the way I think about it, which is significant, since, to a first approximation, this stuff is all I think about.

Some background: “free software” had its origins with AI researcher-turned-activist Richard Stallman who started his GNU project in 1983, leading to the creation of the first “GNU Public License” (GPL). This is a copyright license for computer program­mers who want to share their work. If you release a program’s underlying source code under the GPL, anyone else is free to...

Read more

Ben Armstrong: Dronefly relicensed under copyleft licenses

Filed under
Legal

To ensure Dronefly always remains free, the Dronefly project has been relicensed under two copyleft licenses. Read the license change and learn more about copyleft at these links.

I was prompted to make this change after a recent incident in the Red DiscordBot development community that made me reconsider my prior position that the liberal MIT license was best for our project. While on the face of it, making your license as liberal as possible might seem like the most generous and hassle-free way to license any project, I was shocked into the realization that its liberality was also its fatal flaw: all is well and good so long as everyone is being cooperative, but it does not afford any protection to developers or users should things suddenly go sideways in how a project is run. A copyleft license is the best way to avoid such issues.

In this incident – a sad story of conflict between developers I respect on both sides of the rift, and owe a debt to for what they’ve taught me – three cogs we had come to depend on suddenly stopped being viable for us to use due to changes to the license & the code. Effectively, those cogs became unsupported and unsupportable. To avoid any such future disaster with the Dronefly project, I started shopping for a new license that would protect developers and users alike from similarly losing support, or losing control of their contributions. I am grateful to one particular team member who is skilled in licensing issues and went with their choices. We ran the new licenses by each contributor and arrived at this consensus: the AGPL is best suited for our server-based code, and CC-BY-SA is best suited for our documentation. The relicensing was made official this morning.

Read more

James Bottomley: Lessons from the GNOME Patent Troll Incident

Filed under
GNOME
Legal

First, for all the lawyers who are eager to see the Settlement Agreement, here it is. The reason I can do this is that I’ve released software under an OSI approved licence, so I’m covered by the Releases and thus entitled to a copy of the agreement under section 10, but I’m not a party to any of the Covenants so I’m not forbidden from disclosing it.

Analysis of the attack

The Rothschild Modus Operandi is to obtain a fairly bogus patent (in this case, patent 9,936,086), form a limited liability corporation (LLC) that only holds the one patent and then sue a load of companies with vaguely related businesses for infringement. A key element of the attack is to offer a settlement licensing the patent for a sum less than it would cost even to mount an initial defence (usually around US$50k), which is how the Troll makes money: since the cost to file is fairly low, as long as there’s no court appearance, the amount gained is close to US$50k if the target accepts the settlement offer and, since most targets know how much any defence of the patent would cost, they do.

One of the problems for the target is that once the patent is issued by the USPTO, the court must presume it is valid, so any defence that impugns the validity of the patent can’t be decided at summary judgment. In the GNOME case, the sued project, shotwell, predated the filing of the patent by several years, so it should be obvious that even if shotwell did infringe the patent, it would have been prior art which should have prevented the issuing of the patent in the first place. Unfortunately such an obvious problem can’t be used to get the case tossed on summary judgement because it impugns the validity of the patent. Put simply, once the USPTO issues a patent it’s pretty much impossible to defend against accusations of infringement without an expensive trial which makes the settlement for small sums look very tempting.

If the target puts up any sort of fight, Rothschild, knowing the lack of merits to the case, will usually reduce the amount offered for settlement or, in extreme cases, simply drop the lawsuit. The last line of defence is the LLC. If the target finds some way to win damages (as ADS did in 2017) , the only thing on the hook is the LLC with the limited liability shielding Rothschild personally.

[...]

While the lessons above should work if another Rothschild like Troll comes along, it’s by no means guaranteed and the fact that Open Source project don’t have the funding to defend themselves (even if they could raise it from the community) makes them look vulnerable. One thing the entire community could do to mitigate this problem is set up a community defence fund. We did this once before 16 years ago when SCO was threatening to sue Linux users and we could do it again. Knowing there was a deep pot to draw on would certainly make any Rothschild like Troll think twice about the vulnerability of an Open Source project, and may even deter the usual NPE type troll with more resources and better crafted patents.

Finally, it should be noted that this episode demonstrates how broken the patent system still is. The key element Rothschild like trolls require is the presumption of validity of a granted patent. In theory, in the light of the Alice decision, the USPTO should never have granted the patent but it did and once that happened the troll targets have no option than either to pay up the smaller sum requested or expend a larger sum on fighting in court. Perhaps if the USPTO can’t stop the issuing of bogus patents it’s time to remove the presumption of their validity in court … or at least provide some sort of prima facia invalidity test to apply at summary judgment (like the project is older than the patent, perhaps).

Read more

The Open Invention Network Aims to Protect Linux and Open-Source Software with a Patent Non-Aggression Pact

Filed under
Linux
OSS
Legal

When we covered Alibaba XT910 RISC-V processor earlier this week, the company confirmed working with open-source companies to make the source code is available for the chip, but that there were legal challenges to do so for a high-performance core.

The company did not expand on what legal challenges there were, but I’m pretty sure it’s about patents and potential lawsuits. But there may be a solution, or at least a way for companies to protect themselves to some degree against patent trolls, thanks to the Open Invention Network (OIN) which I discovered in a press release about UNISOC recently joined the organization.

Read more

FSFE: EU should reconsider the notion of "intellectual property"

Filed under
GNU
Legal

In order to contribute to the European Commission public consultation regarding the update of the "Intellectual Property (IP)" regulatory system, the FSFE has published a first feedback. Based on its world-wide experience with Free Software, the FSFE calls for a more inclusive and decentralized regulatory system that allows sustainable knowledge sharing and intangible wealth.

The European Commission has launched an evaluation on the update of the European "intellectual property" regulatory system. In order to contribute to a fair and inclusive assessment, the FSFE took a stand against the expansion of copyrights, patents and trade secrets. We understand that expanding their scope of protection does not necessarily lead to innovation, competition and progress. Instead, increasing patentable or copyrightable matter could rather have the effect of stagnating sustainable innovation by limiting access and improvements to know-how, raising unfairness, and leading to stronger monopolies.

The FSFE urges the Commission to question the outdated notion that expanding monopolies over knowledge means more progress, consider whether EU companies will really benefit under these regulatory tools, and question the existing trend to expand state granted monopolies on software.

Read more

SPDX for KF5/KF6 Status Update

Filed under
KDE
Legal

Converting source files from traditional license headers to SPDX expressions maybe is explained best to be like visiting a dentist: Usually it is not the most appealing thing in the world, while being there it can be slightly unpleasant and tedious for both, but at the end you are quite happy that the work was done. This is quite similar to my experience with the KDE Framework sources. Since many of the files are older than 10 years and some even older then 20, you can find surprisingly different copyright statement styles. However, finally after quite some moths task T11550 is done \o/

This small task tracks all the work that was done in the ~80 frameworks repositories, which finalle state all copyright and license statements in machine readable, modern SPDX syntax. In total, my “grep -nr “SPDX-License-Identifier” |wc” command (not completely accurate, but easiest to get an general direction) tells about ~7400 files that were converted. At this point, I want to thank especially Christophe Giboudeaux, who did most of the reviews of these changes. Even if we could do most of the conversions with tooling (see licensedigger, which is now in SDK Playground by the way) the whole conversion was quite time consuming because every change must be reviewed carefully.

Read more

Also: Sketchnotes at FOSDEM 2020

Syndicate content

More in Tux Machines

Leaving Mozilla and Recalling One's Job in Mozilla

  • yoric.steps.next()

    The web is getting darker. It is being weaponized by trolls, bullies and bad actors and, as we’ve witnessed, this can have extremely grave consequences for individuals, groups, sometimes entire countries. So far, most of the counter-measures proposed by either governments or private actors are even scarier. The creators of the Matrix protocol have recently published the most promising plan I have seen. One that I believe stands a chance of making real headway in this fight, while respecting openness, decentralization, open-source and privacy. I have been offered the opportunity to work on this plan. For this reason, after 9 years as an employee at Mozilla, I’ll be moving to Element, where I’ll try and contribute to making the web a better place. My last day at Mozilla will be October 30th.

  • Working open source | daniel.haxx.se

    I work full time on open source and this is how. Background I started learning how to program in my teens, well over thirty years ago and I’ve worked as a software engineer and developer since the early 1990s. My first employment as a developer was in 1993. I’ve since worked for and with lots of companies and I’ve worked on a huge amount of (proprietary) software products and devices over many years. Meaning: I certainly didn’t start my life open source. I had to earn it. When I was 20 years old I did my (then mandatory) military service in Sweden. After having endured that, I applied to the university while at the same time I was offered a job at IBM. I hesitated, but took the job. I figured I could always go to university later – but life took other turns and I never did. I didn’t do a single day of university. I haven’t regretted it. [...]    I’d like to emphasize that I worked as a contract and consultant developer for many years (over 20!), primarily on proprietary software and custom solutions, before I managed to land myself a position where I could primarily write open source as part of my job. [...] My work setup with Mozilla made it possible for me to spend even more time on curl, apart from the (still going) two daily spare time hours. Nobody at Mozilla cared much about (my work with) curl and no one there even asked me about it. I worked on Firefox for a living. For anyone wanting to do open source as part of their work, getting a job at a company that already does a lot of open source is probably the best path forward. Even if that might not be easy either, and it might also mean that you would have to accept working on some open source projects that you might not yourself be completely sold on. In late 2018 I quit Mozilla, in part because I wanted to try to work with curl “for real” (and part other reasons that I’ll leave out here). curl was then already over twenty years old and was used more than ever before.

Programming: Buzzwords, Meson, Tracealyzer, LLVM, Python and Rust

  • What is DevSecOps? Everything You Need To Know About DevSecOps

    Most people are familiar with the term “DevOps,” but they don’t know how to really utilize it. There’s more to DevOps than just development and operational teams. There’s an essential element of DevOps that is often missing from the equation; IT security. Security should be included in the lifecycle of apps.  The reason you need to include security is that security was once assigned to one team that integrated security near the end-stages of development. Taking such a lax approach to security wasn’t such a problem when apps were developed in months or years. The average development cycle has changed quite a bit, though, and apps can be developed in a matter of days or weeks. Outdated security practices like leaving security too late can bring DevOps initiatives to their knees. 

  •   
  • Nibble Stew: The Meson Manual: Good News, Bad News and Good News

    Starting with good news, the Meson Manual has been updated to a third edition. In addition to the usual set of typo fixes, there is an entirely new chapter on converting projects from an existing build system to Meson. Not only are there tips and tricks on each part of the conversion, there is even guidance on how to get it done on projects that are too big to be converted in one go.

  • Percepio Releases Tracealyzer Visual Trace Diagnostics Solution Version 4.4 with Support for Embedded Linux

    Percepio announced the availability of Tracealyzer version 4.4 with support for embedded Linux. Tracealyzer gives developers insight during software debugging and verification at the system level by enabling visual exploratory analysis from the top down. This makes the software suitable for spotting issues during full system testing and drill down into the details to find the cause. Version 4.4 adds several views optimized for Linux tracing, in addition to a set of visualizations already in Tracealyzer, and leverages Common Trace Format (CTF) and the widely supported LTTng, an open source tracing framework.

  •   
  • LLVM Adds A SPIR-V CPU Runner For Handling GPU Kernels On The CPU - Phoronix

    LLVM has merged an experimental MLIR-based SPIR-V CPU runner that the developers are working towards being able to handle CPU-based execution of GPU kernels.  This new SPIR-V runner is built around the MLIR intermediate representation (Multi-Level Intermediate Representation) with a focus of going from GPU-focused code translated through SPIR-V and to LLVM and then executed on the CPU. The runner focus is similar to that of the MLIR-based runners for NVIDIA CUDA, AMD ROCm, and Vulkan, but just executing on the CPU itself. It was earlier this year LLVM added the MLIR-Vulkan-Runner for handling MLIR on Vulkan hardware. 

  • Python Modulo in Practice: How to Use the % Operator – Real Python

    Python supports a wide range of arithmetic operators that you can use when working with numbers in your code. One of these operators is the modulo operator (%), which returns the remainder of dividing two numbers.

  • Test & Code : Python Testing for Software Engineering 136: Wearable Technology - Sophy Wong

    Wearable technology is not just smart consumer devices like watches and activity trackers. Wearable tech also includes one off projects by designers, makers, and hackers and there are more and more people producing tutorials on how to get started. Wearable tech is also a great way to get both kids and adults excited about coding, electronics, and in general, engineering skills. Sophy Wong is a designer who makes really cool stuff using code, technology, costuming, soldering, and even jewelry techniques to get tech onto the human body.

  • Librsvg's test suite is now in Rust

    Some days ago, Dunja Lalic rewrote the continuous integration scripts to be much faster. A complete pipeline used to take about 90 minutes to run, now it takes about 15 minutes on average. [...] The most complicated thing to port was the reference tests. These are the most important ones; each test loads an SVG document, renders it, and compares the result to a reference PNG image. There are some complications in the tests; they have to create a special configuration for Fontconfig and Pango, so as to have reproducible font rendering. The pango-rs bindings do not cover this part of Pango, so we had to do some things by hand.

ARM32 in Linux and Open Source Hardware Certification

  • ARM32 Page Tables

    As I continue to describe in different postings how the ARM32 start-up sequence works, it becomes necessary to explain in-depth the basic kernel concepts around page tables and how it is implemented on ARM32 platforms. To understand the paging setup, we need to repeat and extend some Linux paging lingo. Some good background is to read Mel Gormans description of the Linux page tables from his book “Understanding the Linux Virtual Memory Manager”. This book was published in 2007 and is based on Mel’s PhD thesis from 2003. Some stuff has happened in the 13 years since then, but the basics still hold. It is necessary to also understand the new layers in the page tables such as the five layers of page tables currently used in the Linux kernel. First a primer: the ARM32 architecture with a classic MMU has 2 levels of page tables and the more recent LPAE (Large Physical Address Extension) MMU has 3 levels of page tables. Only some of the ARMv7 architectures have LPAE, and it is only conditionally enabled, i.e. the machines can also use the classic MMU if they want, they have both. It is not enabled by default on the multi_v7 configuration: your machine has to explicitly turn it on during compilation. The layout is so different that the same binary image can never support both classic and LPAE MMU in the same kernel image.

  • Announcing the Open Source Hardware Certification API – Open Source Hardware Association

    Today we are excited to announce the launch of a read/write API for our Open Source Hardware Certification program. This API will make it easier to apply for certification directly from where you already document your hardware, as well as empower research, visualizations, and explorations of currently certified hardware. OSHWA’s Open Source Hardware Certification program has long been an easy way for creators and users alike to identify hardware that complies with the community definition of open source hardware. Since its creation in 2016, this free program has certified hardware from over 45 countries on every continent except Antarctica. Whenever you see the certification logo on hardware:

LibreOffice: Presentation Size Decreasing and New Presentations About LibreOffice