Language Selection

English French German Italian Portuguese Spanish

Legal

Latest Black Duck Attack on Free/Open Source Software

Filed under
OSS
Security
Legal
  • M&A deals imperilled by failure to manage open source software risk, says expert [Ed: As is so common these days, today it's Microsoft's proxy Black Duck attacking FOSS and trying to scare people]
  • Open Source: Know It Before You Embrace It [Ed: By Josh Software, not Black Duck FUD about security and licences]

    Open source has already taken the world by storm. Businesses from across industries are embracing it. Earlier open source was just a tiny revolutionary idea that was not given any hope, but it has now become not just mainstream but possibly the only stream. The world has realized its importance and benefits over other closed source languages and tools. More importantly, start-ups have started embracing open source whole heartedly to gain an edge over their competitors. But the question is, how are they utilizing it to their advantage and how is it benefiting them?

FOSS Licensing

Filed under
OSS
Legal
  • [Older] Licensing resource series: License Violations and Compliance
  • [Older] The Licensing and Compliance Lab interviews Micah Lee of GPG Sync

    This is the latest installment of our Licensing and Compliance Lab's series on free software developers who choose GNU licenses for their work. In this edition, we conducted an email-based interview with Micah Lee of GPG Sync.

    GPG Sync is a recently launched project for managing the sharing of GPG keys, particularly within an organization. Micah Lee made the project internally at First Look Media and has now shared it with the world.

  • Apache and the JSON license

    The JSON license is a slightly modified variant of the MIT license, but that variation has led it to be rejected as a free-software or open-source license by several organizations. The change is a simple—rather innocuous at some level—addition of one line: "The Software shall be used for Good, not Evil.". Up until recently, code using the JSON license was acceptable for Apache projects, but that line and the ambiguity it engenders was enough for Apache to put it on the list of disallowed licenses.

    At the end of October, Ted Dunning brought up the license on the Apache legal-discuss mailing list. He suggested that classifying the JSON license as acceptable (i.e. on the list of Category A licenses) was an "erroneous decision". That decision was made, he said, "apparently based on a determination that the no-evil clause was 'clearly a joke'". He pointed to a thread from 2008 where a "lazy consensus" formed that the "not evil" condition did not preclude Apache projects from using the license.

Open Source Software A Core Competency For Effective Tech M&A

Filed under
OSS
Legal

Imagine your company just acquired its competitor for $100 million. Now imagine the company’s most important asset – its proprietary software – is subject to third-party license conditions that require the proprietary software to be distributed free of charge or in source code form. Or, imagine these license conditions are discovered late in the diligence process, and the cost to replace the offending third-party software will costs tens of thousands of dollars and take months to remediate. Both scenarios exemplify the acute, distinct and often overlooked risks inherent to the commercial use of open source software. An effective tech M&A attorney must appreciate these risks and be prepared to take the steps necessary to mitigate or eliminate them.

Over the past decade, open source software has become a mainstay in the technology community. Since its beginnings, open source software has always been viewed as a way to save money and jumpstart development projects, but it is increasingly being looked to for its quality solutions and operational advantages. Today, only a fraction of technology companies do not use open source software in any way. For most of the rest, it is mission critical.

Read more

Microsoft & Linux & Patents & Tweets

Filed under
GNU
Linux
Microsoft
Legal

Fact-checking some tweets about Linux Foundation’s newest member and their harvesting of other members’ money.

Read more

Also: Microsoft Loves Linux Patent Tax

FOSS CMS News

Filed under
OSS
Legal
  • Newly Redesigned Boston.gov Just Went Open Source

    Boston is open sourcing its municipal website, three months after redesigning Boston.gov.

    Taking the source code public, a move overseen by the city’s Digital Team, will speed the rate at which the site evolves through the addition of new features developed by local software designers, academic institutions and organizations.

  • WordPress attacks Wix, and Wix strikes back
  • The WordPress-Wix Dispute
  • The Price Of GPL [Ed: hatred of the GPL]

    Wix’s CEO, Avishai Abrahami, responded with a round of non-sequiturs that carefully evade the point that his product is built from source code for which they have not paid. One of his engineers equally misses the point, focusing on the circumstances surrounding the violation, rather than taking responsibility for the theft.

    Some will take issue with the use of strong words like “stolen code,” and “theft,” with respect to a GPL violation. But that’s exactly what it is: software has been taken and deployed in Wix’s product, but the price for doing so has not been paid.

    [...]

    Many developers understand, and view the price of GPL as perfectly justified, while others (myself included) find it unacceptable. So what am I supposed to do? Not use any GPL source code at all in any of my proprietary products? Exactly. Because the price of GPL is too much for me, and I don’t steal source code.

FOSS Licensing

Filed under
GNU
OSS
Legal
  • Conservancy Promotes Transparency by Publishing Template Agreements for Linux Compliance Program

    Today at the Linux Plumbers Conference, Software Freedom Conservancy hosts its second feedback session on the GPL Compliance Program for Linux Developers. These sessions, which Conservancy is hosting at relevant events over the next year and summarizing for public review, will seek input and ideas from the Linux community about GPL enforcement, answer questions, and plan strategies to deal with GPL enforcement actions that do not follow Conservancy and FSF's Principles of Community-Oriented GPL Enforcement.

  • Eben Moglen on GPL Compliance and Building Communities: What Works

    Software Freedom Law Center, the pro-bono law firm led by Eben Moglen, Professor of law at Columbia Law School and the world's foremost authority on Free and Open Source Software law held its annual fall conference at Columbia Law School, New York on Oct. 28. The full-day program featured technical and legal presentations on Blockchain, FinTech, Automotive FOSS and GPL Compliance by industry and community stalwarts.

    The program culminated in remarks by Moglen that highlighted the roles of engagement and education in building effective, ever-lasting communities. While expressing his gratitude to his colleague, friend and comrade Richard M. Stallman, Moglen emphasized the positive message relayed by Greg Kroah-Hartman and Theodore Ts'o --earlier in the day-- for creating win-win solutions and spreading users' freedom.

  • Freedom In Moderation [Ed: Freedom insistence (in software) equated with “extremism”, worse a term than “purism”]

    I must define some terminology in case readers are unfamiliar. Free software is defined by the Free Software Foundation (FSF) as software that carries four fundamental freedoms: the freedom to run the program for any purpose, the to study and change it, to redistribute unmodified copies, and to redistribute modified copies. The “free” refers not to price but to freedom, and is sometimes called “libre”, from the same Latin root as “liberate”.

    The Free Software Foundation has been campaigning for “users’ freedom” since 1985. They advocate for the release of software under licenses they approve that give users those freedoms. Some of their notable successes include the GNU project, which develops various low-level and mid-level system tools, and their Defective By Design campaign to oppose digital rights management (DRM).

Distributing encryption software may break the law

Filed under
OSS
Security
Legal

Developers, distributors, and users of Free and Open Source Software (FOSS) often face a host of legal issues which they need to keep in mind. Although areas of law such as copyright, trademark, and patents are frequently discussed, these are not the only legal concerns for FOSS. One area that often escapes notice is export controls. It may come as a surprise that sharing software that performs or uses cryptographic functions on a public website could be a violation of U.S. export control law.

Export controls is a term for the various legal rules which together have the effect of placing restrictions, conditions, or even wholesale prohibitions on certain types of export as a means to promote national security interests and foreign policy objectives. Export control has a long history in the United States that goes back to the Revolutionary War with an embargo of trade with Great Britain by the First Continental Congress. The modern United States export control regime includes the Department of State's regulations covering export of munitions, the Treasury Department's enforcement of United States' foreign embargoes and sanctions regimes, and the Department of Commerce's regulations applying to exports of "dual-use" items, i.e. items which have civil applications as well as terrorism, military, or weapons of mass destruction-related applications.

Read more

GCC RISC-V Support Allegedly Held Up Due To University Lawyers

Filed under
Development
GNU
Legal

While there has been talk about RISC-V architecture support in the GCC compiler and for LLVM too going back months, a developer is reporting that the GCC RISC-V support is being delayed due to UC Berkeley lawyers.

Contributions to the GNU Compiler Collection (GCC) require a copyright assignment to the Free Software Foundation for this GPLv3-licensed compiler. It turns out the University of California Berkeley lawyers are taking issue with this, temporarily holding up the compiler back-end from merging.

Read more

FOSS Licensing

Filed under
Legal
  • Making money from copylefted code

    I wanted to put this out there while I still have it fresh in my mind. Here at the copyleft BoF with Bradlely Kuhn at LAS GNOME. One of the biggest take away from this is something that Bryan Lunduke said that people are able to make money off from copyleft if we don’t actually brand it as free and open source software. So it seems that if we don’t advertise something as free or open source or that there is software available, then there is a decent chance that you can make money.

  • Help Send Conservancy to Embedded Linux Conference Europe

    Last month, Conservancy made a public commitment to attend Linux-related events to get feedback from developers about our work generally, and Conservancy's GPL Compliance Program for Linux Developers specifically. As always, even before that, we were regularly submitting talks to nearly any event with Linux in its name. As a small charity, we always request travel funding from the organizers, who are often quite gracious. As I mentioned in my blog posts about LCA 2016 and GUADEC 2016, the organizers covered my travel funding there, and recently both Karen and I both received travel funding to speak at LCA 2017 and DebConf 2016, as well as many other events this year.

  • Copyleft, attribution, and data: other considerations

    When looking at solutions, it is important to understand that the practical concerns I blogged about aren’t just theoretical — they matter in practice too. For example, Peter Desmet has done a great job showing how overreaching licenses make bullfrog maps (and other data combinations) illegal. Alex Barth of OpenStreetMap has also discussed how ODbL creates problems for OSM users (though he got some Wikipedia-related facts wrong). And I’ve spoken to very well-intentioned organizations (including thoughtful, impactful non-profits) scared off from OSM for similar reasons.

OSI Approved Licenses, a Foundation for Federal Source Code Policy

Filed under
OSS
Legal

The Federal Source Code memorandum includes a subject line that clearly communicates the federal government's commitment, "Achieving Efficiency, Transparency, and Innovation through Reusable and Open Source Software," and we applaud the OMB for their compressive work: introducing the benefits of open source software, development and communities to a bureaucracy often challenged to move away from traditional modes of practice and policy; engaging with the larger technology sector in a inclusive and comprehensive review of current, and potential future-states for software development and use within the government, and; actually delivering a policy that can serve as a foundation to build on.

Read more

Syndicate content

More in Tux Machines

Linux and FOSS Events

  • Debian SunCamp 2017 Is Taking Place May 18-21 in the Province of Girona, Spain
    It looks like last year's Debian SunCamp event for Debian developers was a total success and Martín Ferrari is back with a new proposal that should take place later this spring during four days full of hacking, socializing, and fun. That's right, we're talking about Debian SunCamp 2017, an event any Debian developer, contributor, or user can attend to meet his or hers Debian buddies, hack together on new projects or improve existing ones by sharing their knowledge, plan upcoming features and discuss ideas for the Debian GNU/Linux operating system.
  • Pieter Hintjens In Memoriam
    Pieter Hintjens was a writer, programmer and thinker who has spent decades building large software systems and on-line communities, which he describes as "Living Systems". He was an expert in distributed computing, having written over 30 protocols and distributed software systems. He designed AMQP in 2004, and founded the ZeroMQ free software project in 2007. He was the author of the O'Reilly ZeroMQ book, "Culture and Empire", "The Psychopath Code", "Social Architecture", and "Confessions of a Necromancer". He was the president of the Foundation for a Free Information Infrastructure (FFII), and fought the software patent directive and the standardisation of the Microsoft OOXML Office format. He also organized the Internet of Things (IOT) Devroom here at FOSDEM for the last 3 years. In April 2016 he was diagnosed with terminal metastasis of a previous cancer.
  • foss-gbg on Wednesday
    The topics are Yocto Linux on FPGA-based hardware, risk and license management in open source projects and a product release by the local start-up Zifra (an encryptable SD-card). More information and free tickets are available at the foss-gbg site.

Leftovers: OSS

  • When Open Source Meets the Enterprise
    Open source solutions have long been an option for the enterprise, but lately it seems they are becoming more of a necessity for advanced data operations than merely a luxury for IT techs who like to play with code. While it’s true that open platforms tend to provide a broader feature set compared to their proprietary brethren, due to their larger and more diverse development communities, this often comes at the cost of increased operational complexity. At a time when most enterprises are looking to shed their responsibilities for infrastructure and architecture to focus instead on core money-making services, open source requires a fairly high level of in-house technical skill. But as data environments become more distributed and reliant upon increasingly complex compilations of third-party systems, open source can provide at least a base layer of commonality for resources that support a given distribution.
  • EngineerBetter CTO: the logical truth about software 'packaging'
    Technologies such as Docker have blended these responsibilities, causing developers to need to care about what operating system and native libraries are available to their applications – after years of the industry striving for more abstraction and increased decoupling!
  • What will we do when everything is automated?
    Just translate the term "productivity of American factories" into the word "automation" and you get the picture. Other workers are not taking jobs away from the gainfully employed, machines are. This is not a new trend. It's been going on since before Eli Whitney invented the cotton gin. Industry creates machines that do the work of humans faster, cheaper, with more accuracy and with less failure. That's the nature of industry—nothing new here. However, what is new is the rate by which the displacement of human beings from the workforce in happening.
  • Want OpenStack benefits? Put your private cloud plan in place first
    The open source software promises hard-to-come-by cloud standards and no vendor lock-in, says Forrester's Lauren Nelson. But there's more to consider -- including containers.
  • Set the Agenda at OpenStack Summit Boston
    The next OpenStack Summit is just three months away now, and as is their custom, the organizers have once again invited you–the OpenStack Community–to vote on which presentations will and will not be featured at the event.
  • What’s new in the world of OpenStack Ambassadors
    Ambassadors act as liaisons between multiple User Groups, the Foundation and the community in their regions. Launched in 2013, the OpenStack Ambassador program aims to create a framework of community leaders to sustainably expand the reach of OpenStack around the world.
  • Boston summit preview, Ambassador program updates, and more OpenStack news

Proprietary Traps and Openwashing

  • Integrate ONLYOFFICE Online Editors with ownCloud [Ed: Proprietary software latches onto FOSS]
    ONLYOFFICE editors and ownCloud is the match made in heaven, wrote once one of our users. Inspired by this idea, we developed an integration app for you to use our online editors in ownCloud web interface.
  • Microsoft India projects itself as open source champion, says AI is the next step [Ed: Microsoft bribes to sabotage FOSS and blackmails it with patents; calls itself "open source"]
  • Open Source WSO2 IoT Server Advances Integration and Analytic Capabilities
    WSO2 has announced a new, fully-open-source WSO2 Internet of Things Server edition that "lowers the barriers to delivering enterprise-grad IoT and mobile solutions."
  • SAP license fees are due even for indirect users, court says
    SAP's named-user licensing fees apply even to related applications that only offer users indirect visibility of SAP data, a U.K. judge ruled Thursday in a case pitting SAP against Diageo, the alcoholic beverage giant behind Smirnoff vodka and Guinness beer. The consequences could be far-reaching for businesses that have integrated their customer-facing systems with an SAP database, potentially leaving them liable for license fees for every customer that accesses their online store. "If any SAP systems are being indirectly triggered, even if incidentally, and from anywhere in the world, then there are uncategorized and unpriced costs stacking up in the background," warned Robin Fry, a director at software licensing consultancy Cerno Professional Services, who has been following the case.
  • “Active Hours” in Windows 10 emphasizes how you are not in control of your own devices
    No edition of Windows 10, except Professional and Enterprise, is expected to function for more than 12 hours of the day. Microsoft most generously lets you set a block of 12 hours where you’re in control of the system, and will reserve the remaining 12 hours for it’s own purposes. How come we’re all fine with this? Windows 10 introduced the concept of “Active Hours”, a period of up to 12 hours when you expect to use the device, meant to reflect your work hours. The settings for changing the device’s active hours is hidden away among Windows Update settings, and it poorly fits with today’s lifestyles. Say you use your PC in the afternoon and into the late evening during the work week, but use it from morning to early afternoon in the weekends. You can’t fit all those hours nor accommodate home office hours in a period of just 12 hours. We’re always connected, and expect our devices to always be there for us when we need them.
  • Chrome 57 Will Permanently Enable DRM
    The next stable version of Chrome (Chrome 57) will not allow users to disable the Widevine DRM plugin anymore, therefore making it an always-on, permanent feature of Chrome. The new version of Chrome will also eliminate the “chrome://plugins” internal URL, which means if you want to disable Flash, you’ll have to do it from the Settings page.

Linux Mint 18.1 Serena - The glass is half full

Linux Mint 18.1 Serena is an okay distro. It has more merit than Sarah, but then, it's also had almost a year to work on polishing some of the issues, and while a few have been ironed out, big quality issues that were never the domain of Mint before still persist. The live session experience is underwhelming, the default theme is not vibrant enough and can lead to ocular exhaustion quickly, there were problems with stability, multimedia playback, and the promise of Spotify never came to be. On the other hand, most of the stuff works out of the box, the repos are rich, the distro can be tamed relatively easily, and at the end of the day, you have a supported, popular system full of goodies and shiny colors with only a slight aftertaste of betrayal in your proverbial mouth. Good, but only if you've just started playing around with Linux. This distro has no flair. It doesn't have the magic and fire of yore. No fire, no nothing. It's not super green. And it must pop pop pop. So I guess, grade wise, 6.5/10 or some such. All in all, 'tis Linux Mint all right, but not the best offering by a long shot. Read more Also: Linux Mint 18.2 Features – What’s Ahead In the Next Release