Language Selection

English French German Italian Portuguese Spanish

Legal

Not So Open Any More: Elasticsearch Relicensing and Implications for Open Source Search

Filed under
OSS
Legal

Elastic, the company founded by the creators of the Elasticsearch search server, recently announced a change to the license of its core product. Previously under the permissive Apache 2 license, future versions of the software will be dual-licensed allowing users to choose between Elastic’s own license or the Server Side Public License (SSPL) created by MongoDB.

What does this change mean for users of the software? At this point I should note that although I am very familiar with open source search engines, I am not a lawyer — so please do take your own legal advice!

Read more

I took FSFE to court. This is my story

Filed under
Legal

Soon after the first lockdown in Berlin this year I filed a public case in the Berlin Tribunal of Labour Court against the president of Free Software Foundation Europe (FSFE), Matthias Kirschner, for workplace bullying.
Why? A female colleague and me had dared to discuss wage transparency and gender pay gap in the office. Apparently it is common in Germany that this gap exceeds 20%, but we both felt secure that the free software movement is progressive, and cares about being inclusive and equal opportunities oriented.
Unfortunately we miscalculated – our boss Matthias was beyond furious.
After that office meeting, he told my colleague “there will be consequences”. Our efforts coincided with the resignation of Richard Stallman from the US-based sister organisation of FSFE due to careless revictimisation of female victims of sexual abuse- another gender discrimination issue in our community that would cause the situation in our office to deteriorate quickly.
In its reluctant press release on this pivotal change in leadership in the largest free software organisation in the world, the FSFE had opted to honour Stallman for his undeniably long service and overlook the social issues underlying the change – something with which I expressed dissatisfaction, and not without support from colleagues.
It led to immediate retribution.
I was ordered to rewrite the text and was warned that I had “three hours to do it. Whether we will publish it or not, is going to be my [Matthias', my rem.] decision, not yours”. Free software is in most of our digital infrastructure, and I care a lot about inclusivity in this community to ensure that our most basic tools can be developed by everyone's perspectives for everyone's needs, so I rewrote our announcement. But not only was it never published – it was not even honoured with his feedback.

Read more

The road to software freedom is paved with licensing

Filed under
GNU
Legal

For many people, the path towards software freedom begins with a single program. They may not even know what free software is; they may just need a tool or a program to do a particular job. But in their search for that tool, the Free Software Directory, which is one of the key resources run by the Licensing and Compliance Lab, can often be a starting point for a much larger journey.

The Directory catalogues over 16,000 free software packages. Users can find free software packages for almost any activity, from playing games and reading books, to software libraries and developer tools. Every entry in the Directory is meticulously vetted by volunteers and FSF staff to ensure that users have the freedom to run, modify, copy, and share their modified versions of the work. Millions of users have visited the Directory looking for a particular piece of software, and upon finding it, have been introduced to the wider world of software freedom.

While the Directory already acts as a great starting point for many on their free software journey, there's so much more we can still do. We want to make it easier for people, once introduced to free software, to likewise help introduce others. We need resources and financial support for staff in order to organize and mentor volunteers to help us keep those thousands of entries up to date, and to write code to automate various kinds of imports and entry updates to help keep everything current, and so we can add thousands more.

The Directory is one of the best tools that we have for showing what is possible with free software, but we need your help to reach millions more.

Read more

'Open' 'Invention' 'Network' Turns 15

Filed under
Legal
  • Open Invention Network Celebrates Its 15th Year Protecting Core Linux and Open Source from Patent Aggression [Ed: This is nonsense. OIN is not protecting us, it is protecting software patents from our scrutiny]

    Open Invention Network (OIN) is celebrating its 15th year protecting the Open Source Software (OSS) community from patent risk. OIN’s efforts have enabled businesses and organizations to confidently invest their resources to develop, integrate and use OSS, safeguarding them from patent risk in core Linux and adjacent OSS technologies.

  • Open Invention Network Linux patent protection group turns 15

    Now, 15 years later, the Open Invention Network (OIN), the largest patent non-aggression consortium ever, is still protecting Linux and open-source software from patent attacks and patent trolls. Indeed, its scope has grown ever larger. Recently, it expanded its intellectual property protection from core Linux programs and adjacent open-source code by expanding its Linux System Definition. In particular, that means patents relating to the Android Open Source Project (AOSP) 10 and the Extended File Allocation Table exFAT file system are now protected.

POCO X3 kernel sources are still not available, despite a promise of launch-day release

Filed under
GNU
Linux
Legal

The POCO X3 NFC was launched back on September 7, 2020, bringing around a very high-value package at an affordable price tag. POCO repeated the same act with the POCO X3 in India, launched on September 22, 2020, but with slight differences from the globally launched variant: a bigger battery and no NFC. Two months on, the device remains one of the best purchases overall in the mid-range, for both the Global and the Indian variants. But what disappoints us is the fact that the kernel source for the device(s) has still not been released, despite a promise to release it on launch day.

[...]

Since it has been more than 2 months now since the phone has been released, there is very little excuse left on POCO’s end for not having released the source code. The phone is in the hands of consumers, and a fair few updates have also been delivered. Releasing kernel sources promptly should be something that every OEM does anyway. But POCO explicitly promised a very quick kernel release. And not releasing it so far trudges upon these claims of developer-friendliness and the trust of customers (and legal contracts, too).

The POCO X3/NFC remains an excellent value device in the age of rising flagship prices. While the phone is no flagship, nor does it pretend to be, it’s very easy to recommend to average users in the regions where it is officially sold. You get a lot of phone for the money. We hope POCO releases kernel sources as soon as possible, to keep up its promise to its fans. And while they’re at it, we hope they release kernel sources for the POCO M2 (device codename: shiva) and POCO C3 (device codename: angelicain) as well.

Read more

NASA ROSES-20 Amendment 64: Release of Final text of E.8 Supplemental Open Source Software Awards

Filed under
OSS
Sci/Tech
Legal

Supplemental open source software awards are used to encourage the conversion of legacy software into modern code to be released under a generally accepted, open source license (e.g., Apache-2, BSD-2-clause, GPL). The supplement would add a software component to their previously selected "parent" research and analysis award.

ROSES-2020 Amendment 64 Releases Final text for E.8 Supplemental Open Source Software Awards. Notices of Intent are not requested. Proposals will be accepted on a rolling basis with a final due date of April 14, 2021.

Read more

'This was bigger than GNOME and bigger than just this case.' GNOME Foundation exec director talks patent trolls and much, much more

Filed under
Interviews
GNOME
Legal

Patent assertion entities: do not pick a fight with open source. It won't end well for you. This is the message from GNOME Foundation executive director Neil McGovern, who will speak on the subject at the Open Source Summit Europe next week.

McGovern talked to The Register ahead of the event on patents, Microsoft, and more.

The open-source outfit develops the default desktop environment on major Linux distributions including Ubuntu and Red Hat. In late August 2019, Rothschild Patent Imaging filed a lawsuit against the GNOME foundation claiming that GNOME Shotwell, a photo manager, infringed one of its patents.

“We didn't receive a letter before the court documents were filed or any sort of warning, it was just filed and then within a week there was a settlement request for $75,000,” McGovern told us.

Read more

USDOJ Takes on Google, Mozilla Responds

Filed under
Google
Moz/FF
Web
Legal
  • Justice Department Sues Monopolist Google For Violating Antitrust Laws

    oday, the Department of Justice — along with eleven state Attorneys General — filed a civil antitrust lawsuit in the U.S. District Court for the District of Columbia to stop Google from unlawfully maintaining monopolies through anticompetitive and exclusionary practices in the search and search advertising markets and to remedy the competitive harms. The participating state Attorneys General offices represent Arkansas, Florida, Georgia, Indiana, Kentucky, Louisiana, Mississippi, Missouri, Montana, South Carolina, and Texas.

    “Today, millions of Americans rely on the Internet and online platforms for their daily lives. Competition in this industry is vitally important, which is why today’s challenge against Google — the gatekeeper of the Internet — for violating antitrust laws is a monumental case both for the Department of Justice and for the American people,” said Attorney General William Barr. “Since my confirmation, I have prioritized the Department’s review of online market-leading platforms to ensure that our technology industries remain competitive. This lawsuit strikes at the heart of Google’s grip over the internet for millions of American consumers, advertisers, small businesses and entrepreneurs beholden to an unlawful monopolist.”

  • Mozilla Reaction to U.S. v. Google

    Like millions of everyday internet users, we share concerns about how Big Tech’s growing power can deter innovation and reduce consumer choice. We believe that scrutiny of these issues is healthy, and critical if we’re going to build a better internet. We also know from firsthand experience there is no overnight solution to these complex issues. Mozilla’s origins are closely tied to the last major antitrust case against Microsoft in the nineties.

    In this new lawsuit, the DOJ referenced Google’s search agreement with Mozilla as one example of Google’s monopolization of the search engine market in the United States. Small and independent companies such as Mozilla thrive by innovating, disrupting and providing users with industry leading features and services in areas like search. The ultimate outcomes of an antitrust lawsuit should not cause collateral damage to the very organizations – like Mozilla – best positioned to drive competition and protect the interests of consumers on the web.

  • DOJ May Force Google To Sell Chrome To Settle Antitrust Case: Report

    he U.S. Department of Justice may force Google to sell its Chrome browser. The development came after the US Congress’ antitrust report on big tech companies.

    It is also told that the DOJ is targeting Google’s advertising business as well. The prosecutors aim at breaking Google’s monopoly on the $162 billion digital advertising market. Politico reported the development via anonymous sources.

Open source licensing and why we're changing Plausible to the AGPL license

Filed under
GNU
Legal

Plausible Analytics is a software as a service open source web analytics project. With the increase in popularity of Plausible in recent months, we’ve become aware that there are risks associated with permissive open source licenses that corporations that don’t care about open source are happy to take advantage of.

So we’re making a change to our license. This change doesn’t affect anyone subscribing to the Plausible Analytics Cloud and anyone who’s running Plausible Analytics Self-Hosted on their server. Everything stays the same.

The change will affect corporations that want to take our code and use it to create and sell proprietary tools that directly compete with us. Let’s look at the details.

[...]

These corporations use Google Analytics to track their users, have Facebook pixels to target the same users with advertising across the web and so on. Everything we stand against.

Their motives don’t seem to be to make the web more privacy-friendly and reduce the dominance of Google. It seems purely a business opportunity to make money from open source.

Read more

Via: Plausible relicenses to AGPL

Free Software Leftovers

Filed under
OSS
Legal
  • WordPress Mobile Engineers Propose Dual Licensing Gutenberg under GPL v2.0 and MPL v2.0

    During a Q&A session at WordCamp Europe 2020 online, Matt Mullenweg mentioned that Gutenberg contributors were considering dual licensing for embedding Gutenberg in mobile apps, along with the requirement that they would need to get an agreement from all contributors. WordPress mobile engineer Maxime Biais has just published a proposal for discussion, recommending dual licensing the editor under GPL v2.0 and MPL v2.0.

    [...]

    Mobile app developers are limited by the GPL, because it requires the entire app to be distributed under the same license. The team is proposing dual licensing under MPL v2.0, a weaker copyleft license that is often considered to be more “business-friendly.” It allows users to combine the software with proprietary code. MPL v2.0 requires the source code for any changes to be available under the MPL, ensuring improvements are shared back to the community. The rest of the app can be distributed under any terms with the MPL v2.0 code included as part of a “larger work.”

  • NoSQL databases: what is MongoDB and its use cases?

    Databases like MongoDB, a NoSQL document database, are commonly used in environments where flexibility is required with big, unstructured data with ever-changing schemas. This post explains what a NoSQL database is, and provides an overview of MongoDB, its use cases and a solution for running an open source MongoDB database at scale.

  • What Cassandra users think of their NoSQL DBMS

    With the NoSQL market expected to be worth $22 Billion by 2026, big business is paying Apache Cassandra a lot of attention. While MongoDB dominates NoSQL, 52.71% to Cassandra's 9.73%, Cassandra, with its ability to deliver continuous availability, high performance, and scalability to large volumes of unstructured data, will always be a player. Now, if only there were more expert Cassandra administrators!

    A global survey of 1,404 Cassandra practitioners found a plurality thought the lack of skilled staff and the challenge of migration was blocking Cassandra's adoption. To be exact, 36% of users currently using Cassandra for mission-critical apps said that a lack of Cassandra-skilled team members was deterring its broader adoption.

    When asked what it would take for practitioners to use Cassandra for more applications and features in production, they said it needs to be "easier to migrate" and "easier to integrate." That's because "we don't have time to train a ton of developers, so that time to deploy, time to onboard, that's really key. All the other stuff, scalability, that all sounds fine," said a London-based senior Cassandra user.

    That may be in part because of those surveyed, 89% were using open-source Cassandra. If they were using DataStax, the most popular Cassandra distro, it might be a different story.

  • Olauncher gives your home screen an open-source, minimalist makeover

    Android's open, customizable nature is one of the things that attract a lot of enthusiasts to the platform. From manufacturer-specific tweaks to third-party default app replacements, there's usually a way to make your phone look and act how you choose. Olauncher is a new home screen replacement app that endeavors to bring an open-source, lightweight, and minimal setup to your phone.

    And minimal it is — there's time and date info up top, a list of apps below ... and that's it. The clock and app list can be set to left, center, or right orientations. A maximum of six app names can be displayed, but if you're the most minimal of minimalists, you can set it to show no apps at all. But wouldn't that render it useless? Not quite! By default, swiping to the left launches the camera and swiping to the right opens up the dialer, but you can customize these as you choose. A swipe up opens the full app list organized alphabetically.

Syndicate content

More in Tux Machines

New in Linux 5.12

  • Linux 5.12 To Allow Voltage/Temperature Reporting On Some ASRock Motherboards - Phoronix

    Voltage, temperature, and fan speed reporting among desktop motherboards under Linux remains one of the unfortunate areas even in 2021... Many SIO ICs remain publicly undocumented and the Linux driver support is often left up to the community and usually through reverse-engineering. Thus the mainline Linux kernel support is left to suffer especially among newer desktop motherboards.

  • [Older] F2FS With Linux 5.12 To Allow Configuring Compression Level

    While the Flash-Friendly File-System (F2FS) allows selecting between your choice of optional compression algorithms like LZO, LZ4, and Zstd -- plus even specifying specific file extensions to optionally limit the transparent file-system compression to -- it doesn't allow easily specifying a compression level. That is fortunately set to change with the Linux 5.12 kernel this spring. Queued now into the F2FS "dev" tree ahead of the Linux 5.12 merge window is a patch that's been floating around for some weeks to allow easily configuring the compression level. The compress_algorithm mount option is expanded to allow also specifying a level, such that the format supported is [algorithm]:[level] should you want to override any level preference like with the LZ4 and Zstd compression algorithms.

Security and Proprietary Software

  • diffoscope 165 released

    The diffoscope maintainers are pleased to announce the release of diffoscope version 165. This version includes the following changes:

    [ Dimitrios Apostolou ]
    * Introduce the --no-acl and --no-xattr arguments [later collapsed to
      --extended-filesystem-attributes] to improve performance.
    * Avoid calling the external stat command.
    
    [ Chris Lamb ]
    * Collapse --acl and --xattr into --extended-filesystem-attributes to cover
      all of these extended attributes, defaulting the new option to false (ie.
      to not check these very expensive external calls).
    
    [ Mattia Rizzolo ]
    * Override several lintian warnings regarding prebuilt binaries in the
    * source.
    * Add a pytest.ini file to explicitly use Junit's xunit2 format.
    * Ignore the Python DeprecationWarning message regarding the `imp` module
      deprecation as it comes from a third-party library.
    * debian/rules: filter the content of the d/*.substvars files

  • SonicWall hardware VPNs hit by worst-case 0-zero-day-exploit attacks

    “…have information about hacking of a well-known firewall vendor and other security products by this they are silent and do not release press releases for their clients who are under attack due to several 0 days in particular very large companies are vulnerable technology companies,” BleepingComputer was told via email.

  • Cyber Firm SonicWall Says It Was Victim of ‘Sophisticated’ Hack

    The Silicon Valley-based company said in a statement that the two products compromised provide users with remote access to internal resources.

    The attackers exploited so-called “zero days” -- a newly discovered software flaw -- on certain SonicWall remote access products, the company said in a statement.

  • Former manager of Microsoft Taiwan investigated for fraud

    A former manager at the Taiwanese branch of software giant Microsoft was questioned Friday (Jan. 22) about an alleged fraud scam directed against the company.

    In 2016 and 2017, Chang Ming-fang (張銘芳) allegedly colluded with managers of other companies to forge orders to obtain discounts and products at lower prices, UDN reported.

  • School laptops sent by government arrive loaded with malware [iophk: Windows TCO]

    A number of the devices were found to be infected with a "self-propagating network worm", according to the forum, and they also appeared to be contacting Russian servers, one teacher wrote. The Windows-based laptops were specifically infected with Gamarue.1, a worm Microsoft identified in 2012.

  • Ransomware provides the perfect cover

    Look at any list of security challenges that CISOs are most concerned about and you’ll consistently find ransomware on them. It’s no wonder: ransomware attacks cripple organizations due to the costs of downtime, recovery, regulatory penalties, and lost revenue. Unfortunately, cybercriminals have added an extra sting to these attacks: they are using ransomware as a smokescreen to divert security teams from other clandestine activities behind the scenes.

    Attackers are using the noise of ransomware to their advantage as it provides the perfect cover to distract attention so they can take aim at their real target: exfiltrating IP [sic], research, and other valuable data from the corporate network.

  • Global ransom DDoS extortionists are retargeting companies

    According to Radware, companies that received this letter also received threats in August and September 2020. Security researchers’ analysis of this new wave of ransom letters suggested that the same threat actors from the middle of 2020 are behind these malicious communications.

    When the DDoS extortion campaign started in August of 2020, a single Bitcoin was worth approximately $10,000. It’s now worth roughly $30,000. The attackers cited this in the latest round of ransom letters, and it represents the impact the rising price of Bitcoin is having on the threat landscape.

    A few hours after receiving the message, organizations were hit by DDoS attacks that exceeded 200 Gbps and lasted over nine hours without slowdown or interruption. A maximum attack size of 237 Gbps was reached with a total duration of nearly 10 hours, the alert warned.

  • Boeing 737 MAX is a reminder of the REAL problem with software | Stop at Zona-M

    And that problem almost never is software.

7 Linux Distros to Look Forward in 2021

Here is a list of most anticipated Linux distributions you should keep an eye on in the year 2021. Read more

Games Leftovers

  • Gaming Like It's 1925: Last Week To Join The Public Domain Game Jam!

    Sign up for the Public Domain Game Jam on itch.io »

  • ujoy(4) added to -current

    With the following commit, Thomas Frohwein (thfr@) added a joystick/gamecontroller driver to -current: [...]

  • The First Online Conference Is Happening Today For The Godot Game Engine - Phoronix

    For those interested in Godot as the premiere open-source 2D/3D game engine or just looking for some interesting technical talks to enjoy this weekend, the first GodotCon Online is today. GodotCon 2021 is the open-source game engine's first entirely online conference for developers, users, and other contributors to this promising open-source project. The YouTube-based event has been running from 8:45 UTC today until 16:00 UTC, but fear not if you missed out as you can already go back and listen to the prior talks in the stream. The recordings will remain available for those wanting to enjoy it in the days ahead. All of the content is free of charge.