Language Selection

English French German Italian Portuguese Spanish

Legal

How the EU's Copyright Reform Threatens Open Source--and How to Fight It

Filed under
OSS
Legal

Translated into practical terms, this means that sites with major holdings of material uploaded by users will be required to filter everything before allowing it to be posted. The problems with this idea are evident. It represents constant surveillance of people's online activities on these sites, with all that this implies for loss of privacy. False positives are inevitable, not least because the complexities of copyright law cannot be reduced to a few algorithmic rules that can be applied automatically. That, and the chilling effect it will have on people's desire to upload material, will have a negative impact on freedom of expression and undermine the public domain.

The high cost of implementing upload filters—Google's ContentID system required 50,000 hours of coding and $60 million to build—means that a few big companies will end up controlling the market for censorship systems. Their oligopoly power potentially gives them the ability to charge high prices for their services, which will impose burdens on companies in the EU and lead to fewer online startups in the region. Other problems with the idea include the important fact that it seems to go against existing EU law.

Article 13 has been drawn up mainly to satisfy the barely disguised desire of the European copyright industry to attack successful US companies like Google and Facebook. But the upload filter is a very crude weapon, and it will affect many others who—ironically—will be less able than internet giants to comply with the onerous requirement to censor. For example, it is likely that Wikipedia will be caught by the new rule. After all, it hosts huge amounts of "subject-matter" that is uploaded by users. As a post on the Wikimedia blog pointed out: "it would be absurd to require the Wikimedia Foundation to implement costly and technologically impractical automated systems for detecting copyright infringement."

Read more

Keep the IoT Free (Patent Battles Not Welcome)

Filed under
OSS
Legal

While it has experienced nearly exponential growth, the successful adoption and use of open-source by banking networks, mobile phone manufacturers, telecom networks, smart cars, cloud computing and blockchain platforms, among numerous others, was not a foregone conclusion. In 2003, there was an IP-based attack on Linux, the most prevalent open-source software project.

While the claims underlying the litigation ultimately were found to be without merit in the court proceeding, it was a wake-up call to several IP-savvy companies as to the potential negative impact of patent aggression on the growth of Linux and open source software projects. IBM, Red Hat and SUSE (then Novell) coordinated an effort with Sony, Philips and NEC to conceptualize and implement a solution designed to create a patent no-fly zone around the core of Linux.

Read more

​FOSSA: Open-sourcing open-source license management

Filed under
OSS
Legal

Kevin Wang, CEO of FOSSA, has a different approach. The 22-year-old founder told me at Open Source Leadership Summit in Sonoma, CA: "Code scanning is not enough anymore. FOSSA's approach to dependency scanning leverages both static and dynamic code analysis. Dynamic analysis allows FOSSA to get an accurate, live view of what dependencies are pulled into builds. Static analysis supplements the results with metadata on how dependencies are included to power deep intelligence features and recommendation engines. Both these approaches are used to build the most accurate, performant, and intelligent infrastructure for managing your open source."

Read more

EUPL planned actions

Filed under
OSS
Legal

A revised set of guidelines and recommendations on the use of the open source licence EUPL v1.2 published by the Commission on 19 May 2017 will be developed, involving the DIGIT unit B.3 (Reusable Solutions) and the JRC 1.4 (Joint Research Centre – Intellectual Property and Technology Transfer). The existing licence wizard will be updated. New ways of promoting public administrations' use of open source will be investigated and planned (such as hackathons or app challenges on open source software). The target date for the release of this set of guidelines on the use of the European Public Licence EUPL v1.2, including a modified Licence Wizard, is planned Q2 2018.

Read more

FOSS Licensing: Good Compliance Practices and "Do I Have to Use a Free/Open Source License?"

Filed under
OSS
Legal
  • Good Compliance Practices Are Good Engineering Practices

    Companies across all industries use, participate in, and contribute to open source projects, and open source compliance is an integral part of the use and development of any open source software. It’s particularly important to get compliance right when your company is considering a merger or acquisition. The key, according to Ibrahim Haddad, is knowing what’s in your code, right down to the exact versions of the open source components.

  • Do I Have to Use a Free/Open Source License?

    That, as we all probably already know, is not the case. The only licenses that can be called "open source" are those that are reviewed and approved as such by the Open Source Initiative (aka OSI). Its list of OSI-Approved licenses allows developers to choose and apply a license without having to hire a lawyer. It also means that companies no longer need to have their own lawyers review every single license in every piece of software they use. Can you imagine how expensive it would be if every company needed to do this? Aside from the legal costs, the duplication of effort alone would lead to millions of dollars in lost productivity. While the OSI's other outreach and advocacy efforts are important, there's no doubt that its license approval process is a service that provides an outsized amount of value for developers and companies alike.

Microsoft Openwashing and Revisionism

Filed under
GNU
Microsoft
Legal
  • Microsoft joins effort to cure open source license noncompliance [Ed: Pushing Microsoft lies under the false pretenses that Microsoft plays along with the GPL (it violates, smears and undermines it)]
  • Microsoft joins group working to 'cure' open-source licensing issues [Ed: Mary Jo Foley uses this initiative to whitewash Microsoft after it repeatedly violated the GPL and attacked it publicly, behind the scenes etc. And watch the image she uses: a lie.]

    It's kind of amazing that just over a decade ago, Microsoft was threatening Linux vendors by claiming free and open-source software infringed on 235 of Microsoft's patents. In 2007, Microsoft was very openly and publicly anti-GPLv3, claiming it was an attempt "to tear down the bridge between proprietary and open source technology that Microsoft has worked to build with the industry and customers."

  • Today's channel rundown - 19 March 2018

    The six have committed to extending additional rights "to cure open source license noncompliance".

    The announcement was made by Red Hat, which says the move will lead to greater cooperation with distributors of open source software to correct errors.

    In a statement, Red Hat referenced widely used open source software licenses, GNU General Public License (GPL) and GNU Lesser General Public License, which cover software projects including the Linux kernel.

    GPL version 3 offers distributors of the code an opportunity to correct errors and mistakes in license compliance.

  • Tails Security Update, Companies Team Up to Cure Open Source License Noncompliance, LG Expanding webOS and More

    According to a Red Hat press release this morning: "six additional companies have joined efforts to promote greater predictability in open source licensing. These marquee technology companies—CA Technologies, Cisco, HPE, Microsoft, SAP, and SUSE—have committed to extending additional rights to cure open source license noncompliance. This will lead to greater cooperation with distributors of open source software to correct errors and increased participation in open source software development."

What legal remedies exist for breach of GPL software?

Filed under
Legal

Last April, a federal court in California handed down a decision in Artifex Software, Inc. v. Hancom, Inc., 2017 WL 1477373 (N.D. Cal. 2017), adding a new perspective to the forms of remedies available for breach of the General Public License (GPL). Sadly, this case reignited the decades-old license/contract debate due to some misinterpretations under which the court ruled the GPL to be a contract. Before looking at the remedy developments, it’s worth reviewing why the license debate even exists.

Read more

CLA vs. DCO: What's the difference?

Filed under
Legal

In your open source adventures, you may have heard the acronyms CLA and DCO, and you may have said "LOL WTF BBQ?!?" These letters stand for Contributor License Agreement and Developer Certificate of Origin, respectively. Both have a similar intent: To say that the contributor is allowed to make the contribution and that the project has the right to distribute it under its license. With some significant projects moving from CLAs to DCOs (like Chef in late 2016 and GitLab in late 2017), the matter has received more attention lately.

So what are they? The Contributor License Agreement is the older of the two mechanisms and is often used by projects with large institutional backing (either corporate or nonprofit). Unlike software licenses, CLAs are not standardized. CLAs can vary from project to project. In some cases, they simply assert that you're submitting work that you're authorized to submit, and you permit the project to use it. Other CLAs (for example the Apache Software Foundation's) may grant copyright and/or patent licenses.

Read more

​Linux beats legal threat from one of its own developers

Filed under
Linux
Legal

In a German court earlier this week, former Linux developer Patrick McHardy gave up on his Gnu General Public License version 2 (GPLv2) violation case against Geniatech Europe GmbH. Now, you may ask, "How can a Linux programmer dropping a case against a company that violates the GPL count as a win?"

It's complicated.

First, anyone who knows the least thing about Linux's legal infrastructure knows its licensed under the GPLv2. Many don't know that anyone who has copyrighted code in the Linux kernel can take action against companies that violate the GPLv2. Usually, that's a non-issue.

People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center (SFLC) to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2.

Read more

Black Duck Still FUDing, Licenses and Contracts Debate at FOSDEM

Filed under
Legal
  • Building Open Source Security into DevOps [Ed: The Microsoft-connected liars from Black Duck are still at it]
  • Licenses and contracts

    Some days it seems that wherever two or more free-software enthusiasts gather together, there also shall be licensing discussions. One such, which can get quite heated, is the question of whether a given free-software license is a license, or whether it is really a contract. This distinction is important, because most legal systems treat the two differently. I know from personal experience that that discussion can go on, unresolved, for long periods, but it had not previously occurred to me to wonder whether this might be due to the answer being different in different jurisdictions. Fortunately, it has occurred to some lawyers to wonder just that, and three of them came together at FOSDEM 2018 to present their conclusions.

    The talk was given by Pamela Chestek of Chestek Legal, Andrew Katz of Moorcrofts, and Michaela MacDonald of Queen Mary University of London. Chestek focused on the US legal system, Katz on that of England and Wales, while MacDonald focused on the civil law tradition that is characteristic of many EU member states. The four licenses they chose to consider were the "Modified" or "three-clause" BSD, the Apache License, the GNU General Public License (their presentation was not specific to GPLv3, but the passage they quoted to make a point was from GPLv3), and the Fair License. The first three are among the most common free-software licenses currently in use. The latter is the shortest license the Open Source Initiative has ever approved, and though it is used by hardly any free software, it was included as an example of the maximum possible simplicity in a license.

Syndicate content

More in Tux Machines

Red Hat and Fedora Leftovers

OSS, Openwashing and More

  • Speak at Open Source Summit Europe – Submit by July 1
    Open Source Summit Europe is the leading technical conference for professional open source. Join developers, sysadmins, DevOps professionals, architects and community members, to collaborate and learn about the latest open source technologies, and to gain a competitive advantage by using innovative open solutions.
  • MariaDB launches Oracle compatible enterprise open source database
    Enterprise computing has often been reliant on proprietary database architecture, but this can be both complex and costly, putting up a barrier to innovation. Now open source database specialist MariaDB is launching its latest enterprise offering with Oracle compatibility. This allows existing Oracle Database users to reuse existing code and established skill sets when migrating applications or deploying new ones. MariaDB TX 3.0 introduces built-in, system-versioned tables, enabling developers to easily build temporal features into applications. This eliminates the need to manually create columns, tables and triggers in order to maintain row history, freeing DBAs to simply create new tables with system versioning or alter existing tables to add it, streamlining the process significantly. Developers can query a table with standard SQL to see what data looked like at a previous point in time, such as looking at a customer's profile history to see how preferences have changed over time.
  • MariaDB TX 3.0 Delivers First Enterprise Open Source Database to Beat Oracle, Microsoft and IBM
    MariaDB® Corporation today announced the release of MariaDB TX 3.0, the first enterprise open source database solution to deliver advanced features that, until now, required expensive, proprietary and complex databases.
  • 5 Open-Source SQL IDEs for You to Learn and Explore
    If you’ve done a lot with SQL, you’ve probably used some form of SQL IDE to help you complete that work. Yes, it’s possible to do everything in SQL from the command line; but creating or even maintaining databases and tables that way is an exercise in masochism. There are some nice commercial IDEs such as dbArtisan and SQL Server’s Management Studio, but IDEs is one area where open-source can do just as well (or in some cases, even better).
  • LibreOffice 6.1 Branches & Now Under Feature Freeze, LibreOffice 6.2 On Master
    LibreOffice has reached its hard feature freeze and branching period with the first beta release being imminent. As of yesterday is now the libreoffice-6-1 branch for continued with on this next open-source office suite while the Git master code is tracking what will later become LibreOffice 6.2.
  • Securing Third-Party and Open Source Code Components: A Primer [Ed: Citing, as usual, firms that try to sell their proprietary software by badmouthing FOSS]
    The increasing popularity of open source code continues to be a boon for developers across the industry, allowing them to increase efficiency and streamline delivery. But there are security risks to be considered when leveraging open source and commercial code components, as each carries with it a significant risk of becoming the enemy within, creating a vulnerability in the program it helps build.
  • FOSSID Awarded Grant for Artificial Intelligence in Open Source Auditing by Sweden's Government Agency for Innovation
  • Intel AI Lab open-sources library for deep learning-driven NLP
    The Intel AI Lab has open-sourced a library for natural language processing to help researchers and developers give conversational agents like chatbots and virtual assistants the smarts necessary to function, such as name entity recognition, intent extraction, and semantic parsing to identify the action a person wants to take from their words. Just a few months old, the Intel AI Lab plans to open-source more libraries to help developers train and deploy artificial intelligence, publish research, and reproduce the latest innovative techniques from members of the AI research community in order to “push AI and deep learning into domains it’s not a part of yet.”
  • 'monitor mode for iwm(4)'
  • FSFE Newsletter - May 2018
    Following a more than a decade long tradition, the FSFE once again led its annual Free Software Legal and Licensing Workshop (LLW) in Barcelona, Spain, as a meeting point for world-leading legal exper...
  • 24 best free security tools

Firefox 63 Plans and Mozilla's Error Code Plans

  • Firefox 63 to Get Improved Tracking Protection That Blocks In-Browser Miners
    Mozilla developers are working on an improved Tracking Protection system for the Firefox browser that will land in version 63, scheduled for release in mid-October. Tracking Protection is a feature that blocks Firefox from loading scripts from abusive trackers. It was first launched with Firefox's Private Browsing mode a few years back, but since Firefox 57, released in November 2017, users can enable it for normal browsing sessions at any time.
  • Firefox 63 To Block Cryptojackers With Advanced Tracking Protection
    It has been reported by Bleeping Computer, a security blog, that Firefox 63 will be launched with an improved tracking protection system to ward off the threats and security concerns posed by in-browser miners. With the surge in incidents involving mining malware trying to use your CPU power to perform some CPU-intensive calculations for their own benefit, many browsers have raised their guards by providing additional security features. (You can read more about blocking cryptocurrency mining in your browser in our earlier published article.)
  • What’s the 411 on 404 messages: Internet error messages explained
    Nothing’s worse than a broken website. Well, maybe an asteroid strike. Or a plague. So maybe a broken website isn’t the end of the world, but it’s still annoying. And it’s even more annoying not knowing what those weird error messages mean. That’s why we’ve decoded the most common HTTP error messages.

OpenStack News/Leftovers

  • Canonical founder calls out OpenStack suppliers for ‘lack of focus’ on datacentre cost savings
    The OpenStack supplier community’s reluctance to prioritise the delivery of datacentre cost savings to their users could prove “fatal”, says Canonical co-founder Mark Shuttleworth.
  • OpenStack in transition
    OpenStack is one of the most important and complex open-source projects you’ve never heard of. It’s a set of tools that allows large enterprises ranging from Comcast and PayPal to stock exchanges and telecom providers to run their own AWS-like cloud services inside their data centers. Only a few years ago, there was a lot of hype around OpenStack as the project went through the usual hype cycle. Now, we’re talking about a stable project that many of the most valuable companies on earth rely on. But this also means the ecosystem around it — and the foundation that shepherds it — is now trying to transition to this next phase.
  • Free OpenStack Training Resources
  • How the OpenStack Foundation Is Evolving Beyond Its Roots
    The OpenStack Foundation is in a period of transition as it seeks to enable a broader set of open infrastructure efforts than just the OpenStack cloud project itself. In a video interview at the OpenStack Summit here, OpenStack Foundation Executive Director Jonathan Bryce and Chief Operating Officer Mark Collier discussed how the open-source organization is still thriving, even as corporate sponsorship changes and attendance at events declines. At the event, Collier said there were approximately 2,600 registered attendees, which is nearly half the number that came to the OpenStack Boston 2017 event. OpenStack's corporate sponsorship has also changed, with both IBM and Canonical dropping from the Platinum tier of membership.