Language Selection

English French German Italian Portuguese Spanish

Legal

There Is a Linux Detergent Out There and It's Trademarked

Filed under
Linux
Legal

There's a Linux clothes detergent out there, and it's a real one, from a company that has a trademark on it and that's selling it today. Welcome to the bizarre world of trademark rules.

Read more

Openwashing And Other Deceptions In Linux

Filed under
Linux
OSS
Legal

The times are changing for open/free/libre software and OSes, and what the words mean. Make no mistake: collaborative, truly open projects are powerful sources of innovation and problem solving. The only way proprietary, corporate models can even survive is through sheer bullying and anti-competition tactics, as have been used for years to keep Linux from wider adoption. Now that that is changing, the tactics are changing too.

The latest trend in this area seems to be bringing disinformation and propaganda tactics into the fray.

Read more

Why Greet Apple's Swift 2.0 With Open Arms?

Filed under
Mac
OSS
Legal

Apple announced last week that its Swift programming language — a currently fully proprietary software successor to Objective C — will probably be partially released under an OSI-approved license eventually. Apple explicitly stated though that such released software will not be copylefted. (Apple's pathological hatred of copyleft is reasonably well documented.) Apple's announcement remained completely silent on patents, and we should expect the chosen non-copyleft license will not contain a patent grant. (I've explained at great length in the past why software patents are a particularly dangerous threat to programming language infrastructure.)

Read more

GPL-Violator Allwinner Joins The Linux Foundation

Filed under
Linux
Legal

Allwinner Technology is the Chinese company producing a range of low-end SoCs for Android tablets and other devices. Allwinner hardware is popular with many in the open-source community due to their SoCs appearing in lower-cost hardware and the thriving Linux-SunXi community. Unfortunately, Allwinner as a company is still "learning" to be open-source friendly and to not violate the GPL and other licenses.

Read more

The Licensing and Compliance Lab interviews François Marier, creator of Libravatar

Filed under
GNU
Legal

In this edition, we conducted an email-based interview with François Marier, a free software developer from New Zealand. He is the creator and lead developer of Libravatar. In addition to his passion for decentralization, he contributes to the Debian project and volunteers on the FSF licensing team.

Libravatar is a free network service providing profile photos for a number of Web sites, including bugs.debian.org and git.kernel.org. Its flexible architecture allows end users to host their own images and allows Web sites to use Gravatar as a fallback when necessary. It is licensed under the GNU Affero General Public License version 3, or end user can opt for any later version (GNU AGPLv3+).

Read more

Conservancy Seeks Your Questions on GPL Enforcement

Filed under
GNU
Legal

Historically, Conservancy has published extensive materials about enforcement of the GPL, including blog posts, announcements regarding compliance actions, many sections appearing in the definitive Copyleft Guide (a joint initiative with the Free Software Foundation). After Conservancy's recent announcement of its funding of Christoph Hellwig's lawsuit against VMware, Conservancy has sought to answer as many questions as possible about GPL enforcement.

Read more

Trade agreement could prohibit open source code supply

Filed under
OSS
Legal

An international trade agreement under negotiation with Australia, the United States, the European Union and others may have wide-ranging implications for the technology users, according to civil liberties groups.

The Electronic Frontier Foundation has analysed leaked drafts of texts for the Trade In Services Agreement (TISA) written in February this year, and claims it would prohibit countries involved from forcing vendors to disclose source code used for applications in their equipment.

Read more

Relicensing Dolphin: The long road to GPLv2+

Filed under
GNU
Legal

Since its resurfacing as an open source project in 2008, Dolphin has been licensed under the GNU General Public License version 2 (GPLv2). This license, created in 1991, is still a fairly common license used in the open source world. But as with anything that deals with technology, times are changing at a rapid rate. More recent projects are using GNU Public License version 3 and Apache 2.0, for their additional freedoms, protections from outside liability, and improved inter-license compatibility. Unfortunately these newer licenses are not compatible with GPLv2, and any project using these licenses cannot link to Dolphin and thus, Dolphin cannot link to them.

Read more

Oracle v. Google: We're not screwed yet

Filed under
Android
Google
Legal

Superficially, the Solicitor General's advice to SCOTUS to find against Google and reject its appeal looks like bad news. But there are some substantial straws to grasp

Read more

Related: Let Oracle own APIs, Justice Dept tells top court in surprise filing

Obama administration asks U.S. top court to decline Google copyright appeal

Allwinner Publishes New CedarX Open-Source Code

Filed under
OSS
Legal

For months now Allwinner has been violating the GPL and have attempted to cover it up by obfuscating their code and playing around with their licenses while jerking around the open-source community. At least today they've made a positive change in open-sourcing more of their "CedarX" code.

Read more

Syndicate content

More in Tux Machines

NuTyX 10.1-rc1 Available

I'm very please to propose you the first release candidate version of the next version 10.1 stable version of NuTyX As they have been so many security issues, I took the chance to recompile all the collections (1701 packages) for this coming next stable NuTyX version. Read more

Android Leftovers

Events: FOSDEM Samba Talks, USENIX Enigma, LCA (linux.conf.au) and FAST18

  • Authentication and authorization in Samba 4
    Volker Lendecke is one of the first contributors to Samba, having submitted his first patches in 1994. In addition to developing other important file-sharing tools, he's heavily involved in development of the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller (DC) code was written by his colleague Stefan Metzmacher, winbind is a crucial component of Samba's AD functionality. In his information-packed talk at FOSDEM 2018, Lendecke said he aimed to give a high-level overview of what AD and Samba authentication is, and in particular the communication pathways and trust relationships between the parts of Samba that authenticate a Samba user in an AD environment.
  • Two FOSDEM talks on Samba 4
    Much as some of us would love never to have to deal with Windows, it exists. It wants to authenticate its users and share resources like files and printers over the network. Although many enterprises use Microsoft tools to do this, there is a free alternative, in the form of Samba. While Samba 3 has been happily providing authentication along with file and print sharing to Windows clients for many years, the Microsoft world has been slowly moving toward Active Directory (AD). Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has been increasingly ready for deployment. Three short talks at FOSDEM 2018 provided three different views of Samba 4, also known as Samba-AD, and left behind a pretty clear picture that Samba 4 is truly ready for use. I will cover the first two talks in this article, and the third in a later one.
  • A report from the Enigma conference
    The 2018 USENIX Enigma conference was held for the third time in January. Among many interesting talks, three presentations dealing with human security behaviors stood out. This article covers the key messages of these talks, namely the finding that humans are social in their security behaviors: their decision to adopt a good security practice is hardly ever an isolated decision. Security conferences tend to be dominated by security researchers demonstrating their latest exploits. The talks are attack-oriented, they keep a narrow focus, and usually they close with a dark outlook. The security industry has been doing security conferences like this for twenty years and seems to prefer this format. Yet, if you are tired of this style, the annual USENIX Enigma conference is a welcome change of pace. Most of the talks are defense-oriented, they have a horizon going far beyond technology alone, and they are generally focused on successful solutions.
  • DIY biology
    A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at linux.conf.au 2018 about the current trends in "do it yourself" (DIY) biology or "biohacking". He is perhaps most famous for being prosecuted for implanting an Opal card RFID chip into his hand; the Opal card is used for public transportation fares in Sydney. He gave more details about his implant as well as describing some other biohacking projects in an engaging presentation. Meow-Meow is a politician with the Australian Science Party, he said by way of introduction; he has run in the last two elections. He founded BioFoundry, which is "Australia's first open-access molecular biology lab"; there are now two such labs in the country. He is also speaks frequently as "an emerging technology evangelist" for biology as well as other topics.
  • Notes from FAST18

    I attended the technical sessions of Usenix's File And Storage Technology conference this week. Below the fold, notes on the papers that caught my attention.

Security: Vista10 and uTorrent Holes Found by Google

  • Google drops new Edge zero-day as Microsoft misses 90-day deadline

    Google originally shared details of the flaw with Microsoft on 17 November 2017, but Microsoft wasn’t able to come up with a patch within Google’s non-negotiable “you have 90 days to do this” period.

  • Google Goes Public with Another Major Windows 10 Bug
    After revealing an Edge browser vulnerability that Microsoft failed to fix, Google is now back with another disclosure, this time aimed at Windows 10 Fall Creators Update (version 1709), but potentially affecting other Windows versions as well. James Forshaw, a security researcher that’s part of Google’s Project Zero program, says the elevation of privilege vulnerability can be exploited because of the way the operating system handles calls to Advanced Local Procedure Call (ALPC). This means a standard user could obtain administrator privileges on a Windows 10 computer, which in the case of an attack, could eventually lead to full control over the impacted system. But as Neowin noted, this is the second bug discovered in the same function, and both of them, labeled as 1427 and 1428, were reported to Microsoft on November 10, 2017. Microsoft said it fixed them with the release of the February 2018 Patch Tuesday updates, yet as it turns out, only issue 1427 was addressed.
  • uTorrent bugs let websites control your computer and steal your downloads

    The vulnerabilities, according to Project Zero, make it possible for any website a user visits to control key functions in both the uTorrent desktop app for Windows and in uTorrent Web, an alternative to desktop BitTorrent apps that uses a web interface and is controlled by a browser. The biggest threat is posed by malicious sites that could exploit the flaw to download malicious code into the Windows startup folder, where it will be automatically run the next time the computer boots up. Any site a user visits can also access downloaded files and browse download histories.

  • BitTorrent Client uTorrent Suffers Security Vulnerability (Updated)

    BitTorrent client uTorrent is suffering from an as yet undisclosed vulnerability. The security flaw was discovered by Google security researcher Tavis Ormandy, who previously said he would reveal a series of "remote code execution flaws" in torrent clients. BitTorrent Inc. has rolled out a 'patch' in the latest Beta release and hopes to fix the stable uTorrent client later this week.