Language Selection

English French German Italian Portuguese Spanish

Legal

Deb Nicholson Talks (What Else?) Software Patents

Filed under
Interviews
Legal

My work at OIN involves a lot of research. I read academic papers on litigation trends and try to stay on top of who’s getting sued this week. It also involves a lot of behind the scenes emailing. I have lots of informal conversations with people about how you run a free and open source software project. Sometimes, they don’t realize that lots of other companies are succeeding with FOSS business models and shared community resources. Once they see that it can be done, they often feel more confident.

Read more

New FCC Rules May Prevent Installing OpenWRT on WiFi Routers

Filed under
Linux
Legal

Many cheap WiFi routers are sold with the vendor firmware, but the most popular ones likely also support OpenWRT, which some users may prefer as it is much more customizable. However, this may soon become more difficult according to a talk at the upcoming “Wireless Battle of the Mesh” which will take place on August 3-8 in Maribor, Slovenia.

Read more

Oracle tries to beef up copyright case against Android

Filed under
Android
Google
Legal

With Oracle and Google headed back to court soon to resume their dispute over Android, Oracle is seeking to update its lawsuit to reflect the huge gains Android has made in the five years since the case began.

Read more

Advanced spyware for Android now available to script kiddies everywhere

Filed under
Android
Security
Legal
  • Advanced spyware for Android now available to script kiddies everywhere

    One of the more recent discoveries resulting from the breach two weeks ago of malware-as-a-service provider Hacking Team is sure to interest Android enthusiasts. To wit, it's the source code to a fully featured malware suite that had the ability to infect devices even when they were running newer versions of the Google-developed mobile operating system.

    The leak of the code base for RCSAndroid—short for Remote Control System Android—is a mixed blessing. On the one hand, it provides the blueprints to a sophisticated, real-world surveillance program that can help Google and others better defend the Android platform against malware attacks. On the other, it provides even unskilled hackers with all the raw materials they need to deploy what's arguably one of the world's more advanced Android surveillance suites.

  • Security tool bod's hell: People think I wrote code for Hacking Team!

    A respected security researcher has denied any involvement with Hacking Team after open-source code he wrote was found in smartphone spyware sold by the surveillance-ware maker.

Open source experts sound off on Canonical's IP policy reaching GPL compliance

Filed under
Interviews
OSS
Ubuntu
Legal

I spoke with several experts on free and open source software, some of whom were close to the situation itself, about the implications of the latest developments with Canonical's IP policy.

Read more

Your Ubuntu-based container image is probably a copyright violation

Filed under
Ubuntu
Legal

I wrote about Canonical's Ubuntu IP policy here, but primarily in terms of its broader impact, but I mentioned a few specific cases. People seem to have picked up on the case of container images (especially Docker ones), so here's an unambiguous statement:

Read more

Ubuntu Software License Updated to Comply with GNU GPL

Filed under
GNU
Ubuntu
Legal
  • Ubuntu Software License Updated to Comply with GNU GPL

    The company behind the Ubuntu Linux operating system, Canonical, has changed the licensing terms of Ubuntu to comply with the GNU General Public License and other free software licences.

    This week, Canonical added a “trump clause” that says that when Canonical’s license contradicts the widely accepted “copyleft” license GPL, GPL shall prevail.

    Activist groups, including the Free Software Foundation and the Software Freedom Conservancy have been in discussion with Canonical for nearly two years, trying to get Canonical’s policy to unequivocally comply with the generally accepted GNU GPL software license.

  • Thoughts on Canonical, Ltd.'s Updated Ubuntu IP Policy

    Most of you by now have probably seen Conservancy's and FSF's statements regarding the today's update to Canonical, Ltd.'s Ubuntu IP Policy. I have a few personal comments, speaking only for myself, that I want to add that don't appear in the FSF's nor Conservancy's analysis. (I wrote nearly all of Conservancy's analysis and did some editing on FSF's analysis, but the statements here I add are my personal opinions and don't necessarily reflect the views of the FSF nor Conservancy, notwithstanding that I have affiliations with both orgs.)

  • The Controversy Behind Canonical's Intellectual Property Policy

    In the world of FOSS, a small change to a license can be a big deal. For users of proprietary software, changes in the EULA are hardly even registered. Those users click "Ok" and forget about it in the blink of an eye. They have accepted that they are severely limited as far as their rights to alter or redistribute the software is concerned.

    But for users of free software, such as Linux or any of the hundreds of packages that make up a modern operating system, a license change has the potential to change their rights dramatically. So, these events are usually the cause of controversy.

Canonical and FSF: the Latest

Filed under
GNU
Ubuntu
Legal
  • Free software fans land crucial punch in Ubuntu row – but it's not over

    The Free Software Foundation (FSF) and the Software Freedom Conservancy (SFC) have been bickering with Canonical since 2013 over concerns that certain clauses of the Ubuntu IP rights policy seemed to claim to override provisions of the GNU General Public License (GPL) – something the GPL explicitly forbids.

  • Conservancy & the FSF Achieve GPL Compliance for Canonical, Ltd. “Intellectual Property” Policy

    Today, Canonical, Ltd. announced an updated “Intellectual Property” policy. Conservancy has analyzed this policy and confirms that the policy complies with the terms of the GNU General Public License (GPL), but Conservancy and the FSF believe that the policy still creates confusion and possible risk for users who wish to exercise their rights under GPL.

  • Compilation Copyright Irrelevant for Kubuntu

    Compilation copyright is an idea exclusive to the US (or North America anyway). It restricts collections of items which otherwise have unrelated copyright restrictions. A classic example is a book collection of poetry where the poems are all out of copyright but the selection and ordering of poems is new and has copyright owned by whoever did it.

How to win the copyleft fight—without litigation

Filed under
Legal

The Software Freedom Conservancy's Bradley Kuhn is probably best known for his work in enforcing the GNU General Public License (GPL). Enforcement-by-litigation might get the headlines, but Kuhn treats the courts as a last resort.

Read more

Also: Effective IPR Policies and Standards Organization Success

Another Month, Another Round Of Allwinner GPL-Violating Concerns

Filed under
GNU
Linux
Legal

Longtime open-source graphics developer Luc Verhaegen has written on the Linux-SunXI about further Allwinner misbehavior. Five days ago they updated their media codec framework with various new "proprietary" files that is then being built together with LGPL-licensed code and the binary is being dlopen'ed into the LGPL'ed code.

Read more

Syndicate content

More in Tux Machines

today's leftovers

  • MX Linux Review of MX-17 – For The Record
    MX Linux Review of MX-17. MX-17 is a cooperative venture between the antiX and former MEPIS Linux communities. It’s XFCE based, lightning fast, comes with both 32 and 64-bit CPU support…and the tools. Oh man, the tools available in this distro are both reminders of Mepis past and current tech found in modern distros.
  • Samsung Halts Android 8.0 Oreo Rollouts for Galaxy S8 Due to Unexpected Reboots
    Samsung stopped the distribution of the Android 8.0 Oreo operating system update for its Galaxy S8 and S8+ smartphones due to unexpected reboots reported by several users. SamMobile reported the other day that Samsung halted all Android 8.0 Oreo rollouts for its Galaxy S8/S8+ series of Android smartphones after approximately a week since the initial release. But only today Samsung published a statement to inform user why it stopped the rollouts, and the cause appears to be related to a limited number of cases of unexpected reboots after installing the update.
  • Xen Project Contributor Spotlight: Kevin Tian
    The Xen Project is comprised of a diverse set of member companies and contributors that are committed to the growth and success of the Xen Project Hypervisor. The Xen Project Hypervisor is a staple technology for server and cloud vendors, and is gaining traction in the embedded, security and automotive space. This blog series highlights the companies contributing to the changes and growth being made to the Xen Project and how the Xen Project technology bolsters their business.
  • Initial Intel Icelake Support Lands In Mesa OpenGL Driver, Vulkan Support Started
    A few days back I reported on Intel Icelake patches for the i965 Mesa driver in bringing up the OpenGL support now that several kernel patch series have been published for enabling these "Gen 11" graphics within the Direct Rendering Manager driver. This Icelake support has been quick to materialize even with Cannonlake hardware not yet being available.
  • LunarG's Vulkan Layer Factory Aims To Make Writing Vulkan Layers Easier
    Introduced as part of LunarG's recent Vulkan SDK update is the VLF, the Vulkan Layer Factory. The Vulkan Layer Factory aims to creating Vulkan layers easier by taking care of a lot of the boilerplate code for dealing with the initialization, etc. This framework also provides for "interceptor objects" for overriding functions pre/post API calls for Vulkan entry points of interest.

Logstash 6.2.0 Released, Alfresco Grabbed by Private Equity Firm

  • Logstash 6.2.0 Release Improves Open Source Data Processing Pipeline
    The "L" in the ELK stack gets updated with new features including advanced security capabilities. Many modern enterprises have adopted the ELK (Elasticsearch, Logstash, Kibana) stack to collect, process, search and visualize data. At the core of the ELK stack is the open-source Logstash project which defines itself as a server-side data processing pipeline - basically it helps to collect logs and then send them to a users' "stash" for searching, which in many cases is Elasticsearch.
  • Alfresco Software acquired by Private Equity Firm
    Enterprise apps company taken private in a deal that won't see a change in corporate direction. Alfresco has been developing its suite of Enterprise Content Management (ECM) and Business Process Management (BPM) technology since the company was founded back in June of 2005. On Feb. 8, Alfresco announced that it was being acquired by private equity firm Thomas H. Lee Partners (THL). Financial terms of the deal are not being publicly disclosed.

Servers and GPUs: Theano, DevOps, Kubernetes, AWS

  • Open Source Blockchain Computer Theano
    TigoCTM CEO Cindy Zimmerman says “we are excited to begin manufacturing our secure, private and open source desktops at our factory in the Panama Pacifico special economic zone. This is the first step towards a full line of secure, blockchain-powered hardware including desktops, servers, laptops, tablets, teller machines, and smartphones.” [...] Every component of each TigoCTM device is exhaustively researched and selected for its security profile based especially on open source hardware, firmware, and software. In addition, devices will run the GuldOS operating system, and open source applications like the Bitcoin, Ethereum and Dash blockchains. This fully auditable stack is ideal for use in enterprise signing environments such as banks and investment funds.
  • Enterprises identify 10 essential tools for DevOps [Ed: "Source code repository" and other old things co-opted to promote the stupid buzzword "devops"]
    Products branded with DevOps are everywhere, and the list of options grows every day, but the best DevOps tools are already well-known among enterprise IT pros.
  • The 4 Major Tenets of Kubernetes Security
    We look at security from the perspective of containers, Kubernetes deployment itself and network security. Such a holistic approach is needed to ensure that containers are deployed securely and that the attack surface is minimized. The best practices that arise from each of the above tenets apply to any Kubernetes deployment, whether you’re self-hosting a cluster or employing a managed service. We should note that there are related security controls outside of Kubernetes, such as the Secure Software Development Life Cycle (S-SDLC) or security monitoring, that can help reduce the likelihood of attacks and increase the defense posture. We strongly urge you to consider security across the entire application lifecycle rather than take a narrow focus on the deployment of containers with Kubernetes. However, for the sake of brevity, in this series, we will only cover security controls within the immediate Kubernetes environment.
  • GPUs on Google’s Kubernetes Engine are now available in open beta
    The Google Kubernetes Engine (previously known as the Google Container Engine and GKE) now allows all developers to attach Nvidia GPUs to their containers. GPUs on GKE (an acronym Google used to be quite fond of, but seems to be deemphasizing now) have been available in closed alpha for more than half a year. Now, however, this service is in beta and open to all developers who want to run machine learning applications or other workloads that could benefit from a GPU. As Google notes, the service offers access to both the Tesla P100 and K80 GPUs that are currently available on the Google Cloud Platform.
  • AWS lets users run SAP apps directly on SUSE Linux
  • SUSE collaborates with Amazon Web Services toaccelerate SAP migrations

Chrome and Firefox

  • The False Teeth of Chrome's Ad Filter.
    Today Google launched a new version of its Chrome browser with what they call an "ad filter"—which means that it sometimes blocks ads but is not an "ad blocker." EFF welcomes the elimination of the worst ad formats. But Google's approach here is a band-aid response to the crisis of trust in advertising that leaves massive user privacy issues unaddressed. Last year, a new industry organization, the Coalition for Better Ads, published user research investigating ad formats responsible for "bad ad experiences." The Coalition examined 55 ad formats, of which 12 were deemed unacceptable. These included various full page takeovers (prestitial, postitial, rollover), autoplay videos with sound, pop-ups of all types, and ad density of more than 35% on mobile. Google is supposed to check sites for the forbidden formats and give offenders 30 days to reform or have all their ads blocked in Chrome. Censured sites can purge the offending ads and request reexamination. [...] Some commentators have interpreted ad blocking as the "biggest boycott in history" against the abusive and intrusive nature of online advertising. Now the Coalition aims to slow the adoption of blockers by enacting minimal reforms. Pagefair, an adtech company that monitors adblocker use, estimates 600 million active users of blockers. Some see no ads at all, but most users of the two largest blockers, AdBlock and Adblock Plus, see ads "whitelisted" under the Acceptable Ads program. These companies leverage their position as gatekeepers to the user's eyeballs, obliging Google to buy back access to the "blocked" part of their user base through payments under Acceptable Ads. This is expensive (a German newspaper claims a figure as high as 25 million euros) and is viewed with disapproval by many advertisers and publishers.
  • Going Home
  • David Humphrey: Edge Cases
  • Experiments in productivity: the shared bug queue
    Over the next six months, Mozilla is planning to switch code review tools from mozreview/splinter to phabricator. Phabricator has more modern built-in tools like Herald that would have made setting up this shared queue a little easier, and that’s why I paused…briefly
  • Improving the web with small, composable tools
    Firefox Screenshots is the first Test Pilot experiment to graduate into Firefox, and it’s been surprisingly successful. You won’t see many people talking about it: it does what you expect, and it doesn’t cover new ground. Mozilla should do more of this.