Language Selection

English French German Italian Portuguese Spanish

Legal

Eben Moglen is no longer a friend of the free software community

Filed under
Legal

Eben Moglen has done an amazing amount of work for the free software community, serving on the board of the Free Software Foundation and acting as its general counsel for many years, leading the drafting of GPLv3 and giving many forceful speeches on the importance of free software. However, his recent behaviour demonstrates that he is no longer willing to work with other members of the community, and we should reciprocate that.

In early 2016, the FSF board became aware that Eben was briefing clients on an interpretation of the GPL that was incompatible with that held by the FSF. He later released this position publicly with little coordination with the FSF, which was used by Canonical to justify their shipping ZFS in a GPL-violating way. He had provided similar advice to Debian, who were confused about the apparent conflict between the FSF's position and Eben's.

Read more

OpenChain and copyleft

Filed under
GNU
Legal
  • How OpenChain can transform the supply chain

    OpenChain is all about increasing open source compliance in the supply chain. This issue, which many people initially dismiss as a legal concern or a low priority, is actually tied to making sure that open source is as useful and frictionless as possible. In a nutshell, because open source is about the use of third-party code, compliance is the nexus where equality of access, safety of use, and reduction of risk can be found. OpenChain accomplishes this by building trust between organizations.

    Many companies today understand open source and act as major supporters of open source development; however, addressing open source license compliance in a systematic, industry-wide manner has proven to be a somewhat elusive challenge. The global IT market has not seen a significant reduction in the number of open source compliance issues in areas such as consumer electronics over the past decade.

    [...]

    The OpenChain Project, hosted by The Linux Foundation, is intended to make open source license compliance more predictable, understandable, and efficient for the software supply chain. Formally launched in October 2016, the OpenChain Project started three years earlier with discussions that continued at an increasing pace until a formal project was born. The basic idea was simple: Identify recommended processes for effective open source management. The goal was equally clear: Reduce bottlenecks and risk when using third-party code to make open source license compliance simple and consistent across the supply chain. The key was to pull things together in a manner that balanced comprehensiveness, broad applicability, and real-world usability.

  • Software Freedom Strategy with Community Projects

    All of those led me to understand how software freedom is under attack, in particular how copyleft in under attack. And, as I talked during FISL, though many might say that "Open Source has won", end users software freedom has not. Lots of companies have co-opted "free software" but give no software freedom to their users. They seem friends with free software, and they are. Because they want software to be free. But freedom should not be a value for software itself, it needs to be a value for people, not only companies or people who are labeled software developers, but all people.

    That's why I want to stop talking about free software, and talk more about software freedom. Because I believe the latter is more clear about what we are talking about. I don't mind that we use whatever label, as long as we stablish its meaning during conversations, and set the tone to distinguish them. The thing is: free software does not software freedom make. Not by itself. As Bradley Kuhn puts it: it's not magic pixie dust.

    Those who have known me for years might remember me as a person who studied free software licenses and how I valued copyleft, the GPL specifically, and how I concerned myself with topics like license compatibility and other licensing matters.

    Others might remember me as a person who valued a lot about upstreaming code. Not carrying changes to software openly developed that you had not made an effort to put upstream.

    I can't say I was wrong on both accounts. I still believe in those things. I still believe in the importance of copyleft and the GPL. I still value sharing your code in the commons by going upstream. But I was certaily wrong in valuing them too much. Or not giving as much or even more value to distribution efforts of getting software freedom to the users.

Copyleft and Licensing

Filed under
OSS
Legal
  • FSFE makes copyrights computer readable

    The Free Software Foundation Europe (FSFE) is proud to release its next version of our REUSE practices designed to make computers understand software copyrights and licenses.

    The REUSE practices help software developers make simple additions to license headers which make it easier for a computer to determine what license applies to the various parts of a programs source code. By following the REUSE practices, software developers can ensure their intent to license software under a particular license is understood and more readily adhered to.

    Together with the updated practices, which mostly clarify and make explicit some points, the FSFE is also releasing a set of developer tools and examples which show the REUSE practices in action. Three example repositories, together with an example walkthrough of the process used to make the cURL project REUSE compliant, are complemented with a simple tool to validate whether a program is REUSE compliant.

  • Apple Will No Longer Be Developing CUPS Under The GPL

    One decade after Apple bought out CUPS as the de facto printing system for Unix-like operating systems, they are changing the code license.

    The CUPS Common UNIX Printing System up to now had been developed under the GPLv2 license while now Apple will be switching it to the Apache 2.0 software license.

  • Software Freedom Law Center and Conservancy

    There’s been quite a bit of interest recently about the petition by Software Freedom Law Center to cancel the Software Freedom Conservancy’s trademark. A number of people have asked my views on it, so I thought I’d write up a quick blog on my experience with SFLC and Conservancy both during my time as Debian Project Leader, and since.

    It’s clear to me that for some time, there’s been quite a bit of animosity between SFLC and Conservancy, which for me started to become apparent around the time of the large debate over ZFS on Linux. I talked about this in my DebConf 16 talk, which fortunately was recorded (ZFS bit from 8:05 to 17:30).

Software Freedom Law Center/Conservancy Dispute Update

Filed under
GNU
Legal
  • Concerning a Statement by the Conservancy

    On Friday, while we were putting on our annual conference at Columbia Law School, a puff of near-apocalyptic rhetoric about us was published by SFLC’s former employees, Karen Sandler and Bradley Kuhn, who now manage the Conservancy, which was originally established and wholly funded by SFLC, and still bears our name. We were busy with our conference when this happened, which seems to have been the point. We are glad to have the chance now, after a little much-needed rest, to help everyone avoid unnecessary hyperventilation.

  • Concerning a Statement by the Conservancy (Software Freedom Law Center Blog)

    The Software Freedom Law Center (SFLC) has responded to a recent blog post from the Software Freedom Conservancy (SFC) regarding the SFC's trademark. SFLC has asked the US Patent and Trademark Office (PTO) to cancel the SFC trademark due to a likelihood of confusion between the two marks; SFC posted about the action on its blog.

Red Hat Explains GPL, New Dispute Surfaces

Filed under
GNU
Legal
  • Shedding light on foggy GPL licenses

    The terms in GPL v3 clause 14 are very similar to those in the GPL v2.

    Over the years, I've seen many open source projects that say they are GPL licensed without explicitly indicating a version number, while also including the text of an entire GPL license (e.g., v2 or v3). The ambiguity this potentially creates may be beneficial or detrimental to you, depending on factors such as whether you are the licensor or the licensee.

  • GPL bodies in bizarre trademark fight

    Senior Linux kernel developer Greg Kroah-Hartman has claimed he asked the Linux Foundation to withdraw funding from the Software Freedom Conservancy back in 2016, because he was unhappy with the way in which the SFC went about enforcing compliance with the GPL, the licence under which the Linux kernel is published.

    Kroah-Hartman's claim was made as part of a long discussion about a spat between the SFC and the Software Freedom Law Centre, a body provides pro-bono legal services to developers of free, libre, and open source software, in which the SFLC has asked a court to cancel the trademark of the SFC due to what it claims is "priority and likelihood of confusion" to its own trademark.

    The bizarre aspect of the legal fight between the two bodies, both of which are involved in activities around the GPL, is that the SFLC launched the SFC in 2006 to carry out GPL enforcement.

SFLC Files Bizarre Legal Action Against Its Former Client, Software Freedom Conservancy

Filed under
GNU
Legal

About a month ago, the Software Freedom Law Center (SFLC), the not-for-profit law firm which launched Conservancy in 2006 and served as Conservancy's law firm until July 2011, took the bizarre and frivolous step of filing a legal action in the United States Patent and Trademark Office seeking cancellation of Conservancy's trademark for our name, “Software Freedom Conservancy”. We were surprised by this spurious action. In our eleven years of coexistence, SFLC has raised no concerns nor complaints about our name, nor ever asked us to change it. We filed our formal answer to SFLC's action yesterday. In the interest of transparency for our thousands of volunteers, donors, Supporters, and friends, we at Conservancy today decided to talk publicly about the matter.

SFLC's action to cancel our trademark initiated a process nearly identical to litigation. As such, our legal counsel has asked us to limit what we say about the matter. However, we pride ourselves on our commitment to transparency. In those rare instances when we initiated or funded legal action — to defend the public interest through GPL enforcement — we have been as candid as possible about the circumstances. We always explain the extent to which we exhausted other possible solutions, and why we chose litigation as the last resort.

Read more

GitLab Changes its Contributor Licensing to Better Serve Open-Source Projects

Filed under
Development
Legal
  • GitLab Changes its Contributor Licensing to Better Serve Open-Source Projects

    Self-hosted Git repository management tool GitLab today announced that it is abandoning its Contributor Licensing Agreement (CLA) and adopting a Developer Certificate of Origin (DCO) and license.

    According to the company, which claims 67% market share in the self-hosted Git market, "the DCO gives developers greater flexibility and portability for their contributions."

  • GitLab Transitions Contributor Licensing to Developer Certificate of Origin to Better Support Open Source Projects; Empower Contributors

    GitLab, a software product used by 2/3 of all enterprises, today announced it was abandoning the industry-standard Contributor License Agreement (CLA) in favor of a Developer Certificate of Origin (DCO) and license. The DCO gives developers greater flexibility and portability for their contributions. The move has already attracted the attention of large open source projects who recognize the benefits. Debian and GNOME both plan to migrate their communities and open source projects to GitLab.

    GitLab's move away from a CLA is meant to modernize its code hosting and collaborative development infrastructure for all open source projects. Additionally, requiring a CLA became problematic for developers who didn't want to enter into legal terms; they weren't reviewing the CLA contract and they effectively gave up their rights to own and contribute to open source code.

Ensuring Openness Through and In Open Source Licensing

Filed under
OSS
Legal

Some of the largest forces in business today—consumer-facing companies like Google and Facebook, business-facing companies like SUSE, companies outside the tech industry such as BMW, Capital One, and Zalando, even first-gen tech corporations like Microsoft and IBM—all increasingly depend on open source software. Governments too, including the European Union, France, India, the United Kingdom, the United States, and many others have discovered the benefits of open source software and development models. Successful collaborative development of software and infrastructure used by these organizations is enabled by the “safe space” created when they use their IP in a new ways... to ensure an environment for co-creation where the four essential freedoms of software are guaranteed.

Read more

Control Or Consensus?

Filed under
OSS
Legal

In a recent conversation on the Apache Legal mailing list, a participant opined that “any license can be Open Source. OSI doesn’t ‘own’ the term.” He went on to explain “I could clone the Apache License and call it ‘Greg’s License’ and it would be an open source license.”

As long as the only people involved in the conversation are the speaker and people who defer to his authority, this might be OK. But as soon as there are others involved, it’s not. For the vast majority of people, the term “open source license” is not a personal conclusion resulting from considered evaluation, but rather a term of art applied to the consensus of the community. Individuals are obviously free to use words however they wish, just like Humpty Dumpty. But the power of the open source movement over two decades has arisen from a different approach.

The world before open source left every developer to make their own decision about whether software was under a license that delivers the liberty to use, improve and share code without seeking the permission of a rights holder. Inevitably that meant either uncertainty or seeking advice from a lawyer about the presence of software freedom. The introduction of the open source concept around the turn of the millennium solved that using the crystalisation of consensus to empower developers.

By holding a public discussion of each license around the Open Source Definition, a consensus emerged that could then by crystalised by the OSI Board. Once crystalised into “OSI Approval”, the community then has no need to revisit the discussion and the individual developer has no need to guess (or to buy advice) on the compatibility of a given license with software freedom. That in turn means proceeding with innovation or deployment without delay.

Read more

Licences: Eclipse Public Licence 2.0, GPL Copyright Troll, Fiduciary License Agreement 2.0

Filed under
Legal
  • Eclipse Public License version 2.0 added to license list

    We recently updated our list of various licenses and comments about them to include the Eclipse Public License version 2.0 (EPL).

    In terms of GPL compatibility, the Eclipse Public License version 2.0 is essentially equivalent to version 1.0. The only change is that it explicitly offers the option of designating the GNU GPL version 2 or later as a "secondary license" for a certain piece of code.

  • Linux kernel community tries to castrate GPL copyright troll

    Linux kernel maintainer Greg Kroah-Hartman and several other senior Linux figures have published a “Linux Kernel Community Enforcement Statement” to be included in future Linux documentation, in order to ensure contributions to the kernel don't fall foul of copyright claims that have already seen a single developer win "at least a few million Euros.”

    In a post released on Monday, October 16th, Kroah-Hartman explained the Statement's needed because not everyone who contributes to the kernel understands the obligations the GNU Public Licence 2.0 (GPL 2.0), and the licence has “ambiguities … that no one in our community has ever considered part of compliance.”

  • Fiduciary License Agreement 2.0

    After many years of working on it, it is with immense pleasure to see the FLA-2.0 – the full rewrite of the Fiduciary License Agreement – officially launch.

Syndicate content

More in Tux Machines

Purism's Linux Phone to Use Convergence for a Unified Experience Across Devices

For Purism, the company that sells quality computers using a Linux-based operating system and are intended to protect user's privacy and freedom, designing a convergent Linux phone is a long-term goal to unify the mobile experience across various devices. Purism's François Téchené shares some initial details on how the company plans to use convergence for their short and long-term design goals of Librem 5, the Linux smartphone that raised more than $2 million on Kickstarter last year, saying they're looking to unify the human experience across different device you might own. Read more

Leftovers: ExeeLinux Show/Unleaded Hangouts, Linux Foundation's CNCF/Akraino and More

  • What’s Holding Linux Back – Unleaded Hangouts
    What’s Holding Linux Back? Obviously we’ve seen some growth, but it does feel like there may be some things that hold Linux back a bit. We discuss.
  • ExeeLinux Show 18.9 | Mr. Desktop & Mr. Server Ep. 9 – PDisks
    ExeeLinux Show 18.9 | Mr. Desktop & Mr. Server Ep. 9 – PDisks
  • How Kubernetes became the solution for migrating legacy applications
    In 2015, Google released Kubernetes as an open source project. It was an implementation of Google's internal system called Borg. Google and the Linux Foundation created the Cloud-Native Computing Foundation (CNCF) to host Kubernetes (and other cloud-native projects) as an independent project governed by a community around it. Kubernetes quickly became one of the fastest growing open source projects in history, growing to thousands of contributors across dozens of companies and organizations. What makes Kubernetes so incredible is its implementation of Google's own experience with Borg. Nothing beats the scale of Google. Borg launches more than 2-billion containers per week, an average of 3,300 per second. At its peak, it's many, many more. Kubernetes was born in a cauldron of fire, battle-tested and ready for massive workloads.
  • Akraino, a New Linux Foundation Project, Aims to Drive Alignment Around High-Availability Cloud Services for Network Edge
    Akraino will offer users new levels of flexibility to scale edge cloud services quickly, to maximize the applications or subscribers supported on each server, and to help ensure the reliability of systems that must be up at all times. While several open source projects exist to help solve pieces of the puzzle, nothing currently meets the need for an edge infrastructure solution. Integration of existing efforts in this new project will help deliver ease of use, hardened reliability, unique features, and performance for carrier, provider, and IoT networks.
  • Absolute 15.0 Beta 4 released
    Based on Slackware64-current Another beta... with all the kernel updates, glib and such -- trying to make things easier on beta testers :-)
  • State of Wisconsin Investment Board Has $33.92 Million Stake in Red Hat Inc (RHT)

Security: Updates, Nintendo 'Hackers', Microsoft Windows Back Doors, and FlightSimLabs Malware

  • Security updates for Tuesday
  • Hackers Release Video Of Nintendo Switch Running A Linux Distro
    When it comes to porting software to potentially unsupported devices, hackers are quite comfortable to push themselves beyond the boundaries set by the manufactures.
  • Epidemic of cryptojacking can be traced to escaped NSA superweapon [Ed: It's a Microsoft Windows issue. All versions of Windows (ME onwards) have NSA back doors]
    It all started when the Shadow Brokers dumped a collection of NSA cyberweapons that the NSA had fashioned from unreported bugs in commonly used software, including versions of Windows. The NSA discovered these bugs and then hoarded them, rather than warning the public and/or the manufacturers about them, in order to develop weapons that turned these bugs into attacks that could be used against the NSA's enemies.
  • Flight Sim Company Embeds Malware to Steal Pirates’ Passwords

    Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure. Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.

Software and Games Leftovers

  • LXD Weekly Status #35
    This past week we’ve been focusing on a number of open pull requests, getting closer to merging improvements to our storage volume handling, unix char/block devices handling and the massive clustering branch that’s been cooking for a while. We’re hoping to see most of those land at some point this coming week. On the LXC side of things, the focus was on bugfixes and cleanups as well as preparing for the removal of the python3 and lua bindings from the main repository. We’re also making good progress on distrobuilder and hope to start moving some of our images to using it as the build tool very soon.
  • Performance Co-Pilot 4.0.0 released
    It gives me great pleasure to announce the first major-numbered PCP release in nine and a half years - PCP v4 - is here!
  • Performance Co-Pilot Sees First Major Version Bump In Nearly A Decade
    The Performance Co-Pilot open-source cross-platform monitoring/visualizing stack has reached version 4.0 as its first major version hike in almost ten years.
  •  
  • Sci-fi mystery 'The Station' has released, it’s a short but memorable experience
    What would happen if we discovered the existence of alien life? A question I've often asked and a question many games, films and books have covered in great detail. The Station [Steam] is a sci-fi mystery that sees you investigate The Espial, a space station sent to research a sentient alien civilization.
  • Halcyon 6: The Precursor Legacy DLC released, some good content for a small price
    Halcyon 6: The Precursor Legacy DLC [GOG, Steam] was released earlier this month, adding some really nice content at a small price to an already great game.
  • Parry and dodge your way to victory in 'Way of the Passive Fist', launching March 6th
    Way of the Passive Fist [Steam, Official Site] is a rather unique and very colourful arcade brawler and it's releasing with Linux support on March 6th.