Language Selection

English French German Italian Portuguese Spanish

Legal

Bruce Perens quits Open Source Initiative amid row over new data-sharing crypto license: 'We've gone the wrong way with licensing'

Filed under
OSS
Legal

Last year, lawyer Van Lindberg drafted a software license called the Cryptographic Autonomy License (CAL) on behalf of distributed development platform Holo – and submitted it to the Open Source Initiative (OSI) for approval as an Open Source Definition-compliant (OSD) license.

The debate over whether or not to approve the license, now in its fourth draft, has proven contentious enough to prompt OSI co-founder Bruce Perens to resign from the organization, for a second time, based on concern that OSI members have already made up their minds.

"Well, it seems to me that the organization is rather enthusiastically headed toward accepting a license that isn't freedom respecting," Perens wrote in a missive to the OSI's license review mailing list on Thursday. "Fine, do it without me, please."

Perens, for what it's worth, drafted the original OSD.

Another open-source-community leader familiar with the debate – who spoke with The Register on condition of anonymity – claimed Lindberg lobbied OSI directors privately to green-light the license, contrary to an approval process that's supposed to be carried out in public.

"I don't think that's an appropriate characterization," said Lindberg, of law firm Dykema, in a phone interview with The Register. "I think there are number of people who from the beginning made up their minds about the CAL. You'll see a lot of people jumping onto any pretext they can find in order to oppose it."

Read more

Allison Randal Joins Conservancy Board

Filed under
Legal

We're very excited to welcome Allison Randal to Conservancy's Board of Directors. When it comes to free and open source software, there are few people who have had so much experience in so many different ways. Over the last 30 years, she has taken on projects that became instrumental in welcoming more people to the software freedom cause. She's made numerous critical technical contributions in addition to her impressive leadership contributions. She's also worked hard to get folks from very different organizations to collaborate on languages, licensing and events. We're very lucky that Randal has chosen to bring her uniquely broad and historical perspective to her work as a Conservancy Director.

Randal is a board member at the Perl Foundation, a board member at the OpenStack Foundation, and co-founder of the FLOSS Foundations group for free software community leaders. At various points in the past she has served as president of the Open Source Initiative, president of the Perl Foundation, board member of the Python Software Foundation, chairman of the Parrot Foundation, chief architect of the Parrot virtual machine, Open Source Evangelist at O’Reilly Media, conference chair of OSCON, Technical Architect of Ubuntu, Open Source Advisor at Canonical, Distinguished Technologist and Open Source Strategist at HP, and Distinguished Engineer at SUSE. She collaborates in the Debian project, and is currently taking a mid-career research sabbatical at the University of Cambridge. While on sabbatical, she has been teaching computer science.

Read more

A Brief History of Open Source Software, Part 2: OSS Licenses and Legalities

Filed under
GNU
Legal

It would not be an exaggeration to say that the magic of open source software (OSS) is based as much on legal innovation as it is on collaboration. Indeed, the essential innovation that launched free and open source software was not Richard Stallmans GNU Project, but his announcement of a revolutionary new licensing philosophy, and the actual license agreements needed to put that philosophy into effect. Only later did global collaboration among developers explode, riding the wave of Stallman's licenses, Linus Torvald's pioneering work in creating the distributed development process, and rapidly increasing telecommunications bandwidth.

In this installment, we'll explore how Stallman's philosophy spread and forked, and where it has taken us to today.

The legal theories, agreements, and documentation that relate to OSS, and its precursor, Free and Open Source Software (for convenience, in this installment I'll refer to both types collectively as FOSS), are far too complex to explore more than superficially in an article of this type. But for current purposes, it is less important to acquire a deep knowledge of FOSS legal terms than it is to gain insight into why the legalities of FOSS are so important.

Read more

Nginx/Rambler Dispute Over Code

Filed under
Development
Server
Legal
  • What’s yours is ours Rambler Group claims exclusive rights to world’s most popular web-server software, six months after it's sold to U.S. company for 670 million dollars

    On Thursday, December 12, Russian law enforcement raided the Moscow office of the IT company “Nginx,” which owns the eponymous web-server used by almost 500 million websites around the world. According to several reports, Nginx co-founders Igor Sysoev and Maxim Konovalov spent several hours in police interrogation. The search is part of a criminal case based on charges by a company tied to the Russian billionaire and Rambler Group co-owner Alexander Mamut, whose businesses believe they own the rights to the Nginx web-server because Sysoev started developing the code while working for Rambler in 2004. Meduza’s correspondent Maria Kolomychenko looks at how Sysoev and his partners spent 15 years creating the world’s most popular web-server before selling it to an American firm for $670 million, and how Rambler decided, half a year later, that it owns the technology.

  • ‘A typical racket, simple as that’ Nginx co-founder Maxim Konovalov explains Rambler's litigation against his company, which develops the world’s most popular web-server

    Russia’s IT industry is in the midst of a major conflict between businesses belonging to “Rambler Group” co-owner Alexander Mamut and the company “Nginx,” created by Igor Sysoev and his partner Maxim Konovalov. Nginx’s key product is the eponymous web-server used by more than a third of the world’s websites. Sysoev first released the software in 2004, while still an employee at Rambler, which is now claiming exclusive rights to Nginx, based on its interpretation of Russian law. The police have already joined the dispute, launching a criminal investigation and searching Nginx’s Moscow office. In an interview with Meduza, Nginx co-founder Maxim Konovalov described the police raid and explained why he thinks it took Rambler 15 years to claim ownership over the coveted web-server technology, which recently sold to the American corporation “F5 Networks” for $670 million.

OSI Transparency Reports

Filed under
OSS
Legal
  • October 2019 License-Discuss Summary

    We would like to introduce (and thank!) Amol Meshram, who has joined us here at the OSI to provide monthly summaries of both the License-Discuss and License-Review mailing lists. We hope these reports provide you with a helpful snapshot of the monthly activities on the lists, keeping you up to date with the latest topics, while also providing a reference point for further discussion. Of course all suggestions are welcome as we continue to enhance our reporting. We will try our best to include the feedback from OSI community members to make the summaries as accurate as possible and the discussions lively and fruitful.

  • October 2019 License-Review Summary

    Carlo Piana is not in favour of The Vaccine License and feels it is a trolling exercise. Filli Liberandum suggested to Carlo Paina to read the mailing list code of conduct. In furtherance to it, Filli Liberandum explained why there is a necessity of acknowledging The Vaccine License by OSI board and its members.
    Anand Chowdhary based on his experience of adding privacy compliance under twente open source license pointed out that there are better ways to protect privacy of individuals like local/national/international regulation instead of protecting it through open source license. He is of the opinion that there are better ways to advocate for vaccination and open source license is not the better way to advocate for it.
    Filli Liberandum countered to Anand Chowdhary by citing example of Cryptography Autonomy License of Mr. Lindstrom which ask for some release of data as a condition and head of OSI has publicly accepted this condition. Pamela Chestek brought into notice of Filli Liberandum that OSI did not endorse the view of Simon Phipps (referred head of OSI by Filli) on Cryptography Autonomy License data condition clause. Simon Phipps is member of the board along with others. Simon Phipps views on CAL are personal.
    Filli Liberandum raised a concern with respect to archives as it is stuck in a plaintext mode.
    Simon Phipps suggested to Filli Liberandum to familiarize with License-review process and change the tone of message and requested to leave moderating to the moderators to which Filli agreed and responded that here onwards Filli will directly reach out to concerned members.
    Gil Yehuda responded to Fil that Licenses usually do ask for things in return and appreciated the efforts of Fil in writing The Vaccine License, while considering the OSD. Gil raised an important point of enforceability of The Vaccine License in the real life scenario. Gil is of the opinion that one can right a blog and promote the importance of the idea instead of restricting it with copyright license. To buttress claim, Gil cited article written by Selam G which convinced Gil to support Free Software Movement. The reason behind citing this article is to explore other platforms instead of publishing work under copyright license.

    Carlo Piana responded to Fil that The Vaccine License is discriminatory and non-enforceable in nature. Carlo thinks that vaccination can be achieved through local authorities instead of enforcing it through copyright license. Carlo believes one should provoke reactions rather than genuine attempt of having a license approved.
    Josh Berkus agrees with Carlo on provoking reactions from members on license instead of attempting for approving the license. Josh suggested to take this submission as a use case and put it on opensource.org for future reference.
    Carlo Piana is of the same view that opensource.org should take this submission as a use case for future submissions to avoid duplication of work.
    Bruce Perens is also of the opinion that a direct law on vaccination will be more effective than a license. Similarly, Bruce also wrote two blog posts on the issue of “ethical” licenses wherein Bruce referred the proposed The Vaccine License.
    Grahame Grieve replied to Bruce’s blog post and appreciated the efforts of writing blog post on ethical license and also the basic arguments put forwards by Bruce. But Grahame bothered by the lack of ethics in the Vaccine License, judging vaccine license solely based on enforceability clause. Similarly, Grahame wanted to know whether the lawyers, courts and violators laugh at license and is there any precedent on when someone gives something of value away, on the condition that it not used in a particular way? Bruce Perens replied to all the queries of Graham Grieve. Firstly, Bruce Perens claims blog post argument is based on law instead of license terms. Secondly, Bruce has experience in handling litigation for various reasons and Bruce wants other should not get into litigation for same cause of action. Lastly, Bruce said Lawyers, courts and violators laugh at license and this whole exercise will be term as a ‘‘copyright misuse’’.
    Kevin P. Fleming replied to Graham and pointed that The Vaccine License does not talk about goals instead it focusses on action to be performed which is not in sync with the use of the software. Similarly, Kevin is of the opinion that The Vaccine License violates the OSD 5. To this Grahame Grieve countered by saying if The Vaccine license is applied to health software then in such scenario would Kevin change his opinion.
    Van Lindberg appreciated various aspect of the Vaccine License and efforts put forward by Fil in creating the vaccine license. But Van feels the Vaccine License does not qualify for OSS because it imposes conditions which are logically separate from and wholly unrelated to scope intellectual property rights that are licensed. Similarly, Van attempted to answer the question on what scope of action can be required of a license? Van observed if restrictions are closely related to the exercise of the intellectual property rights granted under license then such restrictions make sense and compatible with OSD.
    Filli Liberandum replied to analysis of Van and requested to reverse engineer the rules from the approved licenses which Fil believe will lead us to conclusion that the Vaccine License attempt is not an accidental in nature.
    Josh Berkus feels that The Vaccine License is very good example for ‘’unrelated conditions’’ license which can be referred in future as a textbook example to differentiate between what kind of licenses OSS supports and what can’t be supported by OSS license.

The Road Towards KF6 & SPDX License Identifiers

Filed under
KDE
Legal

With KF6, I want to see SPDX license identifiers being introduced into KDE frameworks in order to ease the framework re-use in other projects. This follows the same approach e.g. the Linux Kernel took over the last years.

The problem that the SPDX markers address is the following: When publishing source code under an open source license, each source code file shall explicitly state the license it is released with. The usual way this is done is that a developer copies a license header text from the KDE licensing policies wiki, from another source file, or from somewhere else from the internet and puts it at the top of their newly created source code file. Thus the result is that today we have many slightly different license headers all over our frameworks source files (even if they only differ in formatting). Yet, these small differences make it very hard to introduce automatic checks for the source code licenses in terms of static analysis. This problem becomes even more urgent when one wants to check that a library, which consists of several source files with different licenses, does only contain compatible licenses.

The SPDX headers solve this problem by introducing a standardized language that annotates every source code file with license information in the SPDX syntax. This syntax is rich enough to express all of our existing license information and it can also cover more complicated cases like e.g. dual-licensed source files.

Read more

FSFE on Licensing in REUSE Initiative and Racket Moves to Apache 2.0/MIT Licence

Filed under
GNU
Legal
  • The last 12 months in the light of software freedom

    In the last 12 months, we have achieved a lot with the help of our volunteers, through their donations and hard work. Thanks to their support, we were able to successfully continue our PMPC campaign, simplify licensing practices through our REUSE initiative, and stand up for router freedom in Europe. We will be back in 2020 with even more vigour towards our work. Please help us with a donation so that we can continue our successful commitment to Free Software.

  • Racket 7.5 Changes License

    Racket has been updated and is being released under a new, less-restrictive license: either the Apache 2.0 license or the MIT license. The new release also adds a standard JSON MIME type for the Web Server.

    Racket is described as a “full-spectrum programming language” that goes beyond Lisp and Scheme with dialects that support objects, types and laziness. When coding in it, you can link components written in different dialects, and write your own project-specific dialect if you want. The Racket libraries support applications from web servers and databases to GUIs and charts.

    [...]

    Chez Scheme is both a programming language and an implementation of that language, with supporting tools and documentation. It is a superset of the language described in the Revised Report on the Algorithmic Language Scheme (R6RS). Chez Scheme supports all standard features of Scheme, including first-class procedures, proper treatment of tail calls, continuations, user-defined records, libraries, exceptions, and hygienic macro expansion. The Racket team says they expect that Racket CS will be ready for production use by the next release.

    Elsewhere in this release, the Web Server now provides a standard JSON MIME type, including a response/jsexpr form for HTTP responses bearing JSON; and GNU MPFR operations run about three times faster.

Input for the BEREC's guidelines on Router Freedom in Europe

Filed under
Hardware
Legal

Router Freedom is the right of customers of any Internet Service Provider (ISP) to choose and use a private modem and router instead of a router that the ISP forces them to use. The Body of European Regulators for Electronic Communications (BEREC) drafted guidelines for national agencies how to deal with Router Freedom in their countries. The Free Software Foundation Europe (FSFE) provided mixed feedback to an ongoing public consultation.

The status of Router Freedom in Europe differs from country to country as the monitoring by the FSFE shows. The core of the debate is the question of where the Network Termination Point (NTP) is located. This defines where the network of the ISP ends and where the network of the user begins. If the modem and router are considered part of the ISP's infrastructure, a user cannot claim sovereignty of their communication and security.

The patchwork rug of different rules may change soon as BEREC, the Body of European Regulators for Electronic Communications, has been commissioned to create guidelines for the National Regulatory Agencies (NRAs) and help them with implementing European regulation in a harmonised way. BEREC's current draft of the guidelines is up for public consultation until 21 November 2019. We analysed this draft and the EU Directives and Regulations it references, and provided our conclusion in a brief document.

Read more

Java License Fallout Continues Impacting IBM i Shops

Filed under
Development
Legal

Oracle’s decision to restrict the previously free distribution of Java version 8 tools and runtimes is impacting the entire IT industry. In our little neck of the woods, the decision to charge businesses for using Oracle’s Java has forced IBM i shops to take a hard look at the technology platform, and in some cases look for alternative solutions.

Oracle ruffled feathers in the Java community in 2017, when it made substantial changes to its Java roadmap. The company announced that Java Standard Edition (SE) version 8, which is a legacy version of Java but is still in widespread use, “will not be available for business, commercial or production use without a commercial license” after January 2019. Licenses for Java SE 8 could be purchased for $30 per desktop per year or $300 per processor for server licenses.

Oracle’s stated plan for the move was to accelerate the development and release cycle for Java in a bid to keep up today’s fast-paced DevOps environments (and perhaps part of its unstated plan, which was to squeeze Java users for revenue). The tech giant and the Java community hammered out Java SE versions 9 and 10 in quick fashion, in late 2017 and early 2018, respectively.

Read more

Graphics and Standards

Filed under
Graphics/Benchmarks
Web
Legal
  • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

    SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

  • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

    Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension.

    Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

  • Making Movies Accessible for Everyone

    For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

Syndicate content

More in Tux Machines

One open source chat tool to rule them all

Last year, I brought you 19 days of new (to you) productivity tools for 2019. This year, I'm taking a different approach: building an environment that will allow you to be more productive in the new year, using tools you may or may not already be using. Instant messaging and chat have become a staple of the online world. And if you are like me, you probably have about five or six different apps running to talk to your friends, co-workers, and others. It really is a pain to keep up with it all. Thankfully, you can use one app (OK, two apps) to consolidate a lot of those chats into a single point. Read more

Android Leftovers

Programming: GNU, Git, Perl, Python and Django

  • Experimental Support For C++20 Coroutines Has Landed In GCC 10

    As of this morning experimental support for C++20 coroutines has been merged into the GCC 10 compiler! Coroutines allow a function to have its execution stopped/suspended and then to be resumed later. Coroutines is one of the big features of C++20. Sample syntax and more details on C++ coroutines can be found at cppreference.com. Coroutines support for GCC has been under development for months and now as a late addition to GCC 10 is the experimental implementation.

  • GNU Binutils 2.34 Branched - Bringing With It "debuginfod" HTTP Server Support

    With GNU Binutils 2.34 comes debuginfod support, which is the HTTP server catching our eye while the debuginfod server is distributed as part of the latest elfutils package. This isn't for a general purpose web server thankfully but is an HTTP server for distributing ELF/DWARF debugging information and source code. With debuginfod enabled, Binutils' readelf and objdump utilities can query the HTTP server(s) for debug files that cannot otherwise be found. Enabling this option requires building Binutils using --with-debuginfod.

  • Announcing git-cinnabar 0.5.3

    Git-cinnabar is a git remote helper to interact with mercurial repositories. It allows to clone, pull and push from/to mercurial remote repositories, using git.

  • Steve Kemp: Announce: github2mr

    myrepos is an excellent tool for applying git operations to multiple repositories, and I use it extensively. I've written several scripts to dump remote repository-lists into a suitable configuration format, and hopefully I've done that for the last time.

  • Term::ANSIColor 5.01

    This is the module included in Perl core that provides support for ANSI color escape sequences. This release adds support for the NO_COLOR environment variable (thanks, Andrea Telatin) and fixes an error in the example of uncolor() in the documentation (thanks, Joe Smith). It also documents that color aliases are expanded during alias definition, so while you can define an alias in terms of another alias, they don't remain linked during future changes.

  • Python 3.7.5 : Django security issues - part 001.

    Django like any website development and framework implementation requires security settings and configurations. Today I will present some aspects of this topic and then I will come back with other information.

  • How to display flash messages in Django templates

    Sometimes we need to show the one-time notification, also known as the flash messages in our Django application. For this Django provides the messages framework. We are going to use the same here. To show flash messages in the Django application, we will extend our previous project Hello World in Django 2.2. Clone the git repository, check out the master branch and set up the project on your local machine by following the instructions in the README file.

KDE: Videos, Plasma and Itinerary

  • So you want to make a KDE video...

    KDE is running a competition in search of the next great promotional video for KDE's Plasma desktop and KDE's applications. The prizes are two fantastic TUXEDO computers, one per category, which will undoubtedly boost your film rendering capacity. There are also 12 goodie packages for runner-ups, and who doesn't need more Linux shirts, caps and stickers? Although we have already received some interesting entries, we feel it may be time to help video artists out there with ideas from the judges themselves. Below, Julian Schraner, Ivana Isadora Devčić, and Paul Brown from the Promo team and Farid Abdelnour from the Kdenlive team give their views on what a KDE promotional video should look like, where to find resources, and which pitfalls may hurt your film if you fall for them.

  • Learning about our users

    In a product like Plasma, knowing the kind of things our existing users care about and use sheds light on what needs polishing or improving. At the moment, the input we have is either the one from the loudest most involved people or outright bug reports, which lead to a confirmation bias. What do our users like about Plasma? On which hardware do people use Plasma? Are we testing Plasma on the same kind of hardware Plasma is being used for? Some time ago, Volker Krause started up the KUserFeedback framework with two main features. First, allowing to send information about application’s usage depending on certain users’ preferences and include mechanisms to ask users for feedback explicitly. This has been deployed into several products already, like GammaRay and Qt Creator, but we never adopted it in KDE software. The first step has been to allow our users to tune how much information Plasma products should be telling KDE about the systems they run on.

  • [KDE] Itinerary extraction in Nextcloud Hub

    Nextcloud announced their latest release and among the many new features is itinerary extraction from emails. That’s using KDE’s extraction engine, the same that powers similar features in KMail as well.