Language Selection

English French German Italian Portuguese Spanish

Legal

FSF Licensing and Compliance Lab: 2018 and the future

Filed under
GNU
OSS
Legal

I am the current licensing and compliance manager for the FSF, though I've had several roles in my time here. The Lab handles all the free software licensing work for the FSF. Copyleft is the best legal tool we have for protecting the rights of users, and the Lab makes sure that tool is at full power by providing fundamental licensing education. From publishing articles and resources on free software licensing, to doing license compliance work for the GNU Project, to handling our certification programs like Respects Your Freedom, if there is a license involved, the Lab is on the case.

When I started working at the FSF part-time in 2008, the GNU General Public License version 3 (GPLv3) was only a year old. Our Respects Your Freedom certification program didn't yet exist. The Free Software Directory wasn't yet a wiki that could be updated by the community at large. Things have changed a lot over the years, as has our ability to help users to understand and share freely licensed works. I'd like to take just a moment as 2018 draws to a close to look back on some of the great work we accomplished.

Read more

Linux Foundation on Compliance and Openwashing Examples

Filed under
OSS
Legal
  • A new ACT for open source compliance from The Linux Foundation

    What’s new in the world of open source? The Linux Foundation announced that they are launching a new tooling project for improving open source compliance. This new project’s goal is to ensure that when using open source projects, users understand what they are complying with.

    The Linux Foundation continues to be a leading beacon in the FOSS world, with worldwide events and over one million professionals enrolled in their free training courses. Just some of the successful projects that the Linux Foundation hosts include Rook, Node.js, Kubernetes, and Linkerd (which just got a fancy new UI makeover). You don’t have to look far to see names and noteworthy tools that you’re familiar with!

  • The Linux Foundation forms new Automated Compliance Tooling project

    “There are numerous open source compliance tooling projects but the majority are unfunded and have limited scope to build out robust usability or advanced features,” said Kate Stewart, senior director of strategic programs at The Linux Foundation. “We have also heard from many organizations that the tools that do exist do not meet their current needs. Forming a neutral body under The Linux Foundation to work on these issues will allow us to increase funding and support for the compliance tooling development community.”

    As part of the announcement, ACT is also welcoming two new projects that will be hosted at the Linux Foundation: OpenChain, a project that identifies key recommended processes for open-source management; and the Open Compliance Project, which will educate and help developers and companies better understand license requirements.

  • A Closer Look At Tesla's Open-Source Patent Pledge
  • Why Amazon's customer obsession should make it more open source friendly [Ed: What "customer obsession"? Amazon is a surveillance company whose biggest AWS customer is the CIA (with which it shares tons of data from all around the world).]

GPL Licensing: FSF Update Rules Commons Clause Non-Free, Red Hat on Compliance

Filed under
Legal
  • FSF Update Rules Commons Clause Non-Free

    The Free Software Foundation has added the Commons Clause to its list of non-free licenses among a number of recent updates to its licensing materials. Other changes clarify the GNU GPL position on translating code into another language and how to handle projects that combine code under multiple licenses.

  • More companies want fairness to open source license enforcement

    The 16 new companies in this announcement are a diverse set of technology firms whose participation makes evident the worldwide reach of the GPL Cooperation Commitment. They comprise globally-operating companies based on four continents and mark a significant expansion of the initiative into the Asia-Pacific region. They represent various industries and areas of commercial focus, including IT services, software development tools and platforms, social networking, fintech, semiconductors, e-commerce, multimedia software and more.

    The GPL Cooperation Commitment is a means for companies, individual developers and open source projects to provide opportunities for licensees to correct errors in compliance with software licensed under the GPLv2 family of licenses before taking action to terminate the licenses. Version 2 of the GNU General Public License (GPLv2), version 2 of the GNU Library General Public License (LGPLv2), and version 2.1 of the GNU Lesser General Public License (LGPLv2.1) do not contain express “cure” periods to fix noncompliance prior to license termination. Version 3 of the GNU GPL (GPLv3) addressed this by adding an opportunity to correct mistakes in compliance. Those who adopt the GPL Cooperation Commitment extend the cure provisions of GPLv3 to their existing and future GPLv2 and LGPLv2.x-licensed code.

The Latest Relicensing Stories

Filed under
OSS
Legal
  • RISC OS goes Open Source, supports royalty-free Raspberry Pi projects

    As the new owners of Castle Technology Ltd, RISC OS Developments Ltd are proud to announce that RISC OS, the original OS for ARM processors is now available as a fully Open Source operating system (OS), via the Apache 2.0 licence under the continued stewardship of RISC OS Open Ltd.

    A high performance, low footprint OS, incorporating the world-renowned "BBC BASIC" provides a modern desktop interface coupled with easy access to programming, hardware and connectivity. RISC OS was one of the first operating systems to support the massively successful Raspberry Pi, for which it remains an ideal companion. Now truly Open, RISC OS make an ideal choice for royalty-free ARM-based projects.

  • Finally! The Venerable RISC OS is Now Open Source

    It was recently announced that RISC OS was going to be released as open-source. RISC OS has been around for over 30 years. It was the first operating system to run on ARM technology and is still available on modern ARM-powered single-board computers, like the Raspberry Pi.

  • Making the GPL more scary

    For some years now, one has not had to look far to find articles proclaiming the demise of the GNU General Public License. That license, we are told, is too frightening for many businesses, which prefer to use software under the far weaker permissive class of license. But there is a business model that is based on the allegedly scary nature of the GPL, and there are those who would like to make it more lucrative; the only problem is that the GPL isn't quite scary enough yet.

    The business of selling exceptions to the GPL, where one pays the copyright holder for a proprietary license to the code, has been around for a long time; MySQL AB was built on this model, for example. Companies that buy such a license normally do so because they fear that their own code may fall under the requirements of the GPL; vendors tend to take an expansive view of what constitutes a derivative work to feed those fears and encourage sales. It is a model that has been shown to work, and it has generally passed muster even with organizations that are committed to the spread of free software.

MongoDB Becomes Less Affero GPL-Like

Filed under
Server
OSS
Legal
  • Fed up with cloud giants ripping off its database, MongoDB forks new open-source license

    After Redis Labs relicensed the modules it developed to complement its open-source database, from AGPL to Apache v2.0 with a Commons Clause, the free-software community expressed dismay.

    And, inevitably, some responded by forking the affected code.

    Today, the maker of another open source database, MongoDB, plans to introduce a license of its own to deal with the issue cited by Redis: cloud service providers that sell hosted versions of open-source programs – such as Redis and MongoDB database servers – without offering anything in return.

    "Once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community," said Dev Ittycheria, CEO of MongoDB, in a phone interview with The Register.

    Ittycheria pointed to cloud service providers such as Alibaba, Tencent, and Yandex. Those companies, he claims, are testing the boundaries of the AGPL by benefiting from the work of others while failing to share their code.

  • MongoDB switches up its open-source license

    MongoDB is a bit miffed that some cloud providers — especially in Asia — are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. To combat this, MongoDB today announced it has issued a new software license, the Server Side Public License (SSPL), that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions.

    Previously, MongoDB used the GNU AGPLv3 license, but it has now submitted the SSPL for approval from the Open Source Initiative.

  • MongoDB license could push open source deeper into cloud: Is this what industry needs?

    Things just got serious in open source land. Despite the occasional Commons Clause or Fair Source licensing attempt to change the meaning of the words "open source" to include "the right for a private company to make money from its open source efforts," we've stuck to the Open Source Definition, and it has served us well. Open source communities have become the center of the innovation universe, giving us exceptional code like Linux, Kubernetes, Apache Kafka, and more.

  • It's MongoDB's turn to change its open source license

    The old maxim that the nice thing about standards is that there are so many to choose from could well apply to open source licensing. While now nearing a couple years old, the last WhiteSource Software survey of the top 10 open source licenses found close competition between the GPL, MIT, and Apache licenses. While the commercial-friendly Apache license has dominated the world of big data platforms and AI frameworks, MIT and GPL (which has "copyleft" provisions requiring developers to contribute back all modifications and enhancements) continues to be popular. GPL and variants such as the AGPL have been popular amongst vendors that seek to control their own open source projects, like MongoDB.

  • Matthew Garrett: Initial thoughts on MongoDB's new Server Side Public License

    MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

    "If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.

    “Service Source Code” means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available."

    MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:"We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI."

    At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

New Paper From Mark Shuttleworth and Eben Moglen

Filed under
Ubuntu
Legal
  • Automotive Software Governance and Copyleft

    The Software Freedom Law Center is proud to make available a whitepaper by Mark Shuttleworth, CEO of Canonical, Ltd., and Eben Moglen, Founding Director of the Software Freedom Law Center and Professor of Law at Columbia Law School. The whitepaper shows how new capabilities in the free and open source software stack enable highly regulated and sensitive industrial concerns to take advantage of the full spectrum of modern copyleft software.

    Software embedded in physical devices now determines how almost everything – from coffee pots and rice cookers to oil tankers and passenger airplanes – works. Safety and security, efficiency and repairability, fitness for purpose and adaptability to new conditions of all the physical products that we make and use now depend on our methods for developing, debugging, maintaining, securing and servicing the software embedded in them.

  • SFLC: Automotive Software Governance and Copyleft

    The Software Freedom Law Center has announced the availability of a whitepaper [PDF] about automotive software and copyleft, written by Mark Shuttleworth and Eben Moglen. At its core, it's an advertisement for Ubuntu and Snap, but it does look at some of the issues involved.

Open Invention Network is a Proponent of Software Patents -- Just Like Microsoft -- and Microsoft Keeps Patents It Uses to Blackmail Linux Vendors

Filed under
Linux
Microsoft
Legal

OIN loves Microsoft; OIN loves software patents as well. So Microsoft’s membership in OIN is hardly a surprise and it’s not solving the main issue either, as Microsoft can indirectly sue and “Microsoft has not included any patents they might hold on exfat into the patent non-aggression pact,” according to Bradley M. Kuhn

Read more

​Redis Labs and Common Clause attacked where it hurts: With open-source code

Filed under
OSS
Legal

After Redis Labs added a new license clause, Commons Clause, on top of popular open-source, in-memory data structure store Redis, open-source developers were mad as hell. Now, instead of just ranting about it, some have counterattacked by starting a project, GoodFORM, to fork the code in question.

Read more

Vember Audio’s Surge Plug-in Liberated Under GNU GPLv3

Filed under
GNU
OSS
Legal
  • Surge Synth Set Free

    Vember Audio tells us that, as of 21th September 2018, Surge stopped being a commerical product and became an open-source project released under the GNU GPL v3 license. They say that, for the existing users, this will allow the community to make sure that it remains compatible as plug-in standards and Operating Systems evolve and, for everyone else, it is an exiting new free synth to use, hack, port, improve or do whatever you want with.

  • Vember Audio’s Surge synth plugin is now free and open-source

    Reviewing Vember Audio’s Surge synth over a decade ago, we said: “This is a big, beautiful-sounding instrument. It's not cheap, but few plugins of this quality are.” Well, the sound hasn’t changed, but the price has; in fact, Surge has just been made free and open-source.

    Thanks to its wavetable oscillators and FM-style algorithms, Surge is capable of creating some pretty sparkling sounds, but it also has analogue-style functions that make it suitable for producing vintage keyboard tones.

    Vember Audio says that it’s been set free so that it can continue to be developed by the community and remain compatible with current standards and operating systems.

The Software Freedom Conservancy on GPLv2 irrevocability

Filed under
GNU
Linux
Legal

For anybody who has been concerned by the talk from a few outsiders about revoking GPL licensing, this new section in the Software Freedom Conservancy's copyleft guide is worth a read.

Read more

Syndicate content

More in Tux Machines

Graphics: Wayland's Weston, AMD, GitLab, NVIDIA

  • Wayland's Weston Switching Over To The Meson Build System
    Complementing the Meson build system support for Wayland itself, the Weston reference compositor now has been Meson-ized. Pekka Paalanen and Daniel Stone, both of Collabora, have landed the Meson build system support for the Weston compositor. At this stage the new build system should be fully working and correct.
  • AMDGPU DC Gets Polaris Corruption Fix, Some Code Refactoring
    AMD has published their latest batch of "DC" Display Core patches for the AMDGPU Linux kernel driver. This batch of 45 patches against this display code for the AMDGPU Direct Rendering Manager driver has some code cleanups and refactoring, changes some error messages to just warnings, and has a display corruption fix affecting some Polaris hardware.
  • Investigating GitLab
    The Direct Rendering Manager (DRM) kernel subsystem is a fairly small part of the kernel, he said. It is also a fairly small part of the open-source graphics stack, which is under the X.Org umbrella. DRM sits in the middle between the two, so the project has learned development tools and workflows from both of the larger projects. The kernel brought DRM into the Git world in 2006, which was just a year after Git came about; it was a "rough ride" back then, Vetter said. With Git came "proper commit messages". Prior to that, the X.org commit messages might just be a single, unhelpful line; now those messages explain why the change is being made and what it does. The idea of iterating on a patch series on the mailing list came from the kernel side as did the "benevolent dictator" model of maintainership. DRM, the X server, Wayland, and others all followed that model along the way. From the X.Org side came things like the committer model; in Mesa, every contributor had commit rights. That model has swept through the graphics community, so now DRM, the X server, and Wayland are all run using that scheme. Testing and continuous integration (CI) is something that DRM has adopted from X.Org; the kernel also does this, but DRM has adopted the X.Org approach, tooling, and test suites. For historical reasons, "almost everything" is under the MIT license, which comes from X.Org projects as well. There has been a lot of movement of tools and development strategies in both directions via the DRM subsystem. He thinks that using GitLab may be "the next big wave of changes" coming from the user-space side to kernel graphics, and maybe to the kernel itself eventually. This won't happen this year or next year, Vetter predicted, but over the next few years we will see GitLab being used more extensively.
  • AMDGPU For Linux 4.20 Gets The Final Radeon RX 590 Fix, Adds The New Vega PCI IDs
    With just over one week to go until the expected Linux 4.20 kernel release, Alex Deucher of AMD today sent in the latest batch of fixes to the DRM tree for landing at the end of this cycle. Notable about this latest set of "fixes" for the AMDGPU kernel graphics driver are: - The final Radeon RX 590 fix so this newer Polaris GPU no longer hangs under load. So once this Linux 4.20 material is merged to mainline, this month-old Polaris graphics card should now be happily running on Linux -- assuming you also have the latest Polaris firmware files and a recent version of Mesa. See our Radeon RX 590 benchmarks article for more details.
  • AMDVLK 2018.Q4.4 Driver Update Brings Performance Improvements, New Vulkan Bits
    AMD developers today outed their latest "AMDVLK" open-source Vulkan driver code drop dubbed AMDVLK 2018.Q4.4.
  • NVIDIA 415.23 Driver Fixes Build Issues Against Linux 4.20 Kernel
    The NVIDIA 415.23 driver was issued just to fix a build issue against the near-final Linux 4.20 kernels. In particular, there has been a build failure around the vm_insert_pfn function that is now worked around when building the NVIDIA proprietary driver's shim against the Linux 4.20 release candidates.
  • NVIDIA Now Shipping The Jetson AGX Xavier Module
    NVIDIA has been shipping the Jetson AGX Xavier Developer Kit the past few months while now they are beginning to ship the AGX Xavier Module intended for use in next-generation autonomous machines.

OpenSUSE/SUSE: 2018-2019 Elections Underway, SUSE Linux Enterprise 12 Service Pack 4, and 'Making the Selection' (Storage)

  • 2018-2019 Elections Underway with Calls for Candidates and New Members
    Earlier this week, on Tuesday, Dec. 11, 2018, the Elections Committee posted the Schedule for the 2018-2019 openSUSE Board Elections, along with the announcement of a Membership Drive and a call for nominations and applications for Candidates to fill three vacant seats on the openSUSE Board. The annual Board Elections are normally expected to run in November and December, with ballots cast and results published in time for the newly-elected Board Members to take their seats on the Board at the beginning of January. However, some additional work needed to be completed for this election, and the elections were delayed in part to accommodate the additional work.
  • SUSE Linux Enterprise 12 Service Pack 4 is Generally Available
    SUSE Linux Enterprise 12 Service Pack 4 is now generally available. Service Pack 4 marks the fourth generation of SUSE Linux Enterprise Server 12, a major code stream and product foundation with a lifecycle from 2014 to 2024 plus Long Term Support (10+3 years). This release consolidates all fixes and updates introduced since SUSE Linux Enterprise 12 Service Pack 3.
  • Making the Selection
    You’ve likely read or heard a lot about today’s data explosion and how it’s affecting enterprises. After combing through all the overexcited rhetoric about how quickly data is multiplying or how many petabytes you’ll soon have to handle, one thing remains clear: You need to find a new way to store and manage your data or you’ll get left behind. While that mandate puts pressure on your organization to act quickly, it’s also the catalyst to a whole new world of exciting opportunities. More data can mean deeper, more accurate insights into your operations and customer needs, which empowers you to streamline processes and personalize experiences like never before. More data can also lead to greater innovation and new sources of revenue.

Programming/Development: mental illness, newt, and more

  • One developer's road: Programming and mental illness
    The next year, I went to college and learned about SUSE Linux 6.1 and the Java SE 1.2 programming language. Another student introduced me to free software and the GNU GPL License and helped me install SuSE 7.1 on my new Compaq Evo N160c notebook. There was no more Microsoft software on my computer. The GNU/Linux operating system was exactly what I wanted, offering editors, compilers, and a command line that did auto-completion. Six months later, I installed Debian GNU/Linux. Since YaST2 was just a front end to configuration files, I had to use Debian Potato. My bootloader of choice was LILO, and the Second Extended File System was reliable—not buggy, like ReiserFS. In spring 2002, I read a book about the C programming language. I wanted to learn to do UIs like javax.swing, and a friend recommended Gtk+ 2.0, which was about to be released. At this point, I stopped using the KDE Desktop Environment. Gnome 2 was different and provided anti-aliased fonts with hinting. I used it to play Chromium B.S.U., and KNOPPIX did the magic.
  • newt
    I've been helping teach robotics programming to students in grades 5 and 6 for a number of years. The class uses Lego models for the mechanical bits, and a variety of development environments, including Robolab and Lego Logo on both Apple ][ and older Macintosh systems. Those environments are quite good, but when the Apple ][ equipment died, I decided to try exposing the students to an Arduino environment so that they could get another view of programming languages. The Arduino environment has produced mixed results. The general nature of a full C++ compiler and the standard Arduino libraries means that building even simple robots requires a considerable typing, including a lot of punctuation and upper case letters. Further, the edit/compile/test process is quite long making fixing errors slow. On the positive side, many of the students have gone on to use Arduinos in science research projects for middle and upper school (grades 7-12). In other environments, I've seen Python used as an effective teaching language; the direct interactive nature invites exploration and provides rapid feedback for the students. It seems like a pretty good language to consider for early education -- "real" enough to be useful in other projects, but simpler than C++/Arduino has been. However, I haven't found a version of Python that seems suitable for the smaller microcontrollers I'm comfortable building hardware with.
  • Preventing "Revenge of the Ancillaries" in DevOps
  • Wing Python IDE Version 7 Early Access
  • What's the future of the pandas library?

Manjaro 18.0 Released – What’s New in Manjaro Illyria?

Manjaro is an Arch Linux-based Operating System developed in Austria, Germany, and France with a focus on providing a beautiful user-friendly OS with the full power of Arch Linux to beginner computer users and experts at the same time. If you are not already familiar with Manjaro Linux then the developers have recently given more reasons for you to by dropping its latest release, Manjaro 18.0, codenamed “Illyria“. This update brings both major and minor updates to the OS and makes its overall experience more pleasant. It is fulfilling to see how well an OS that began as a hobby project has come this far with several UI scripts, support for NVIDIA’s Optimus technology, etc. right out of the box – features that come together to enhance its user experience. For an overview of its features, check out the 10 Reasons to Use Manjaro Linux. Read more