In the last few years I have come across the CLA topic several times. It is and will be a popular topic in automotive the coming years, like in any industry that moves from being an Open Source Producer towards becoming an Open Source Contributor.

In my experience, many organizations take the CLA as a given by looking at the google, microsoft or intels of the world and replicate their model. But more and more organizations are learning about alternatives, even if they do not adopt them.

What I find interesting about discussing the alternatives is that it brings to the discussion the contributor perspective and not just the company one. This enrichs the debate and, in some cases, leads to a more balanced framework between any organization behind a project and the contriibutor base, which benefits both.

Throughout these years I have read a lot about it but I have never written anything. It is one of those topics I do not feel comfortable enough to write about in public probably because I know lots of people more qualified than I am to do so. What I can do is to provide some articles and links that I like or that have been recommended to me in the past.

• One Weird Law That Interferes With Security Research, Remix Culture, and Even Car Repair

  How can a single, ill-conceived law wreak havoc in so many ways? It prevents you from making remix videos. It blocks computer security research. It keeps those with print disabilities from reading ebooks. It makes it illegal to repair people's cars. It makes it harder to compete with tech companies by designing interoperable products. It's even been used in an attempt to block third-party ink cartridges for printers.

  It's hard to believe, but these are just some of the consequences of Section 1201 of the Digital Millennium Copyright Act, which gives legal teeth to "access controls" (like DRM). Courts have mostly interpreted the law as abandoning the traditional limitations on copyright's scope, such as fair use, in favor of a strict regime that penalizes any bypassing of access controls (such as DRM) on a copyrighted work regardless of your noninfringing purpose, regardless of the fact that you own that copy of the work.  

• One Weird Law That Interferes With Security Research, Remix Culture, and Even Car Repair

• Spotify is Defective by Design

  I never used Spotify, since it contains DRM. Instead I still buy DRM-free CDs. Most of my audio collection is stored in free formats such as FLAC and Ogg Vorbis, or Red Book in the case of CDs, everything can be played by free players such as VLC or mpd.

  Spotify, which uses a central server, also spies on the listener. Everytime you listen a song, Spotify knows which song you have listened and when and where. By contrast free embedded operating systems such as Rockbox do not phone home. CDs can be baught anonymously and ripped using free software, there is no need for an internet commection.

Merula Limited, a UK-based network service provider, recently received a bill from Oracle for $12,200 for using the company's proprietary VirtualBox Extension Pack, which provides extra capabilities for the free GPL-licensed VirtualBox hypervisor.

For Richard Palmer, director of the company, this was a perplexing demand. As he explained to The Register, "Merula does not operate or manage any computer using VirtualBox or any Oracle software."

Oracle provided the company with a range of IP addresses, more than 100, that it claimed had been using its proprietary VirtualBox Extension Pack in conjunction with VirtualBox installations.

It's claimed that Oracle's software phones home to report where it's being used, though the company may be repurposing VirtualBox telemetry for its audits. Or it may simply be checking the IP addresses associated with downloads of the software and contacting address registrants to seek payment.

My name is Craig Topham, and I’m the latest to have the honor of being a copyright and licensing associate for the Free Software Foundation (FSF). I started work in November, and the delay in assembling my introductory blog post is a testament to how busy I have been. Although my post feels late, it gives me a chance to share my experience here at the FSF, along with sharing a little bit more about myself.

From 2005 to 2017, I worked as a PC/Network Technician for the City of Eugene, Oregon. The role had the inherent reward of allowing me to be a part of something much larger than myself. I was helping local government function. From the mayor and city council all the way to the summer staff that worked the front desk at the recreation department's swimming pools, I was one of many making it all work. It was even a part of my job to support some free software the city used! Sadly, a vast majority of the software that we used was proprietary, but despite the painful duty of supporting nonfree software, the overall experience felt pretty great. As I close that chapter of my life with all the wonderful memories and marks made, I am beset with a wild sense of relief. Like finding a rock in my shoe after twelve years, the alleviation is palatable: I never have to labor to master proprietary software again!

For unknown reasons (which I contemplate often), I did not learn about the free software movement until 2004, despite a lifetime of using computers. Like so many before me, my initial education on the movement came via Free Software, Free Society: Selected Essays of Richard M. Stallman. What so instantaneously drew me to free software was the simplicity of the four freedoms: run, edit, share, contribute. These freedoms, coupled with the ethical nature of the movement, made it a natural fit for me. It did not take me long to realize that this is what I needed to soothe my “How can I make the world a better place?” angst. Inevitably, I became an FSF associate member on October 28, 2007 because it was (and still is) the easiest way to help out. If you are reading this and you are not a member, I encourage you to change that and help make the world a better place.