Language Selection

English French German Italian Portuguese Spanish

Legal

Another Month, Another Round Of Allwinner GPL-Violating Concerns

Filed under
GNU
Linux
Legal

Longtime open-source graphics developer Luc Verhaegen has written on the Linux-SunXI about further Allwinner misbehavior. Five days ago they updated their media codec framework with various new "proprietary" files that is then being built together with LGPL-licensed code and the binary is being dlopen'ed into the LGPL'ed code.

Read more

There Is a Linux Detergent Out There and It's Trademarked

Filed under
Linux
Legal

There's a Linux clothes detergent out there, and it's a real one, from a company that has a trademark on it and that's selling it today. Welcome to the bizarre world of trademark rules.

Read more

Openwashing And Other Deceptions In Linux

Filed under
Linux
OSS
Legal

The times are changing for open/free/libre software and OSes, and what the words mean. Make no mistake: collaborative, truly open projects are powerful sources of innovation and problem solving. The only way proprietary, corporate models can even survive is through sheer bullying and anti-competition tactics, as have been used for years to keep Linux from wider adoption. Now that that is changing, the tactics are changing too.

The latest trend in this area seems to be bringing disinformation and propaganda tactics into the fray.

Read more

Why Greet Apple's Swift 2.0 With Open Arms?

Filed under
Mac
OSS
Legal

Apple announced last week that its Swift programming language — a currently fully proprietary software successor to Objective C — will probably be partially released under an OSI-approved license eventually. Apple explicitly stated though that such released software will not be copylefted. (Apple's pathological hatred of copyleft is reasonably well documented.) Apple's announcement remained completely silent on patents, and we should expect the chosen non-copyleft license will not contain a patent grant. (I've explained at great length in the past why software patents are a particularly dangerous threat to programming language infrastructure.)

Read more

GPL-Violator Allwinner Joins The Linux Foundation

Filed under
Linux
Legal

Allwinner Technology is the Chinese company producing a range of low-end SoCs for Android tablets and other devices. Allwinner hardware is popular with many in the open-source community due to their SoCs appearing in lower-cost hardware and the thriving Linux-SunXi community. Unfortunately, Allwinner as a company is still "learning" to be open-source friendly and to not violate the GPL and other licenses.

Read more

The Licensing and Compliance Lab interviews François Marier, creator of Libravatar

Filed under
GNU
Legal

In this edition, we conducted an email-based interview with François Marier, a free software developer from New Zealand. He is the creator and lead developer of Libravatar. In addition to his passion for decentralization, he contributes to the Debian project and volunteers on the FSF licensing team.

Libravatar is a free network service providing profile photos for a number of Web sites, including bugs.debian.org and git.kernel.org. Its flexible architecture allows end users to host their own images and allows Web sites to use Gravatar as a fallback when necessary. It is licensed under the GNU Affero General Public License version 3, or end user can opt for any later version (GNU AGPLv3+).

Read more

Conservancy Seeks Your Questions on GPL Enforcement

Filed under
GNU
Legal

Historically, Conservancy has published extensive materials about enforcement of the GPL, including blog posts, announcements regarding compliance actions, many sections appearing in the definitive Copyleft Guide (a joint initiative with the Free Software Foundation). After Conservancy's recent announcement of its funding of Christoph Hellwig's lawsuit against VMware, Conservancy has sought to answer as many questions as possible about GPL enforcement.

Read more

Trade agreement could prohibit open source code supply

Filed under
OSS
Legal

An international trade agreement under negotiation with Australia, the United States, the European Union and others may have wide-ranging implications for the technology users, according to civil liberties groups.

The Electronic Frontier Foundation has analysed leaked drafts of texts for the Trade In Services Agreement (TISA) written in February this year, and claims it would prohibit countries involved from forcing vendors to disclose source code used for applications in their equipment.

Read more

Relicensing Dolphin: The long road to GPLv2+

Filed under
GNU
Legal

Since its resurfacing as an open source project in 2008, Dolphin has been licensed under the GNU General Public License version 2 (GPLv2). This license, created in 1991, is still a fairly common license used in the open source world. But as with anything that deals with technology, times are changing at a rapid rate. More recent projects are using GNU Public License version 3 and Apache 2.0, for their additional freedoms, protections from outside liability, and improved inter-license compatibility. Unfortunately these newer licenses are not compatible with GPLv2, and any project using these licenses cannot link to Dolphin and thus, Dolphin cannot link to them.

Read more

Oracle v. Google: We're not screwed yet

Filed under
Android
Google
Legal

Superficially, the Solicitor General's advice to SCOTUS to find against Google and reject its appeal looks like bad news. But there are some substantial straws to grasp

Read more

Related: Let Oracle own APIs, Justice Dept tells top court in surprise filing

Obama administration asks U.S. top court to decline Google copyright appeal

Syndicate content

More in Tux Machines

Android Leftovers

Security Leftovers

  • efail: Outdated Crypto Standards are to blame
    I have a lot of thoughts about the recently published efail vulnerability, so I thought I'd start to writeup some of them. I'd like to skip all the public outrage about the disclosure process for now, as I mainly wanted to get into the technical issues, explain what I think went wrong and how things can become more secure in the future. I read lots of wrong statements that "it's only the mail clients" and the underlying crypto standards are fine, so I'll start by explaining why I believe the OpenPGP and S/MIME standards are broken and why we still see these kinds of bugs in 2018. I plan to do a second writeup that will be titled "efail: HTML mails are to blame". I assume most will have heard of efail by now, but the quick version is this: By combining a weakness in cryptographic modes along with HTML emails a team of researchers was able to figure out a variety of ways in which mail clients can be tricked into exfiltrating the content of encrypted e-mails. Not all of the attack scenarios involve crypto, but those that do exploit a property of encryption modes that is called malleability. It means that under certain circumstances you can do controlled changes of the content of an encrypted message. [...] Properly using authenticated encryption modes can prevent a lot of problems. It's been a known issue in OpenPGP, but until know it wasn't pressing enough to fix it. The good news is that with minor modifications OpenPGP can still be used safely. And having a future OpenPGP standard with proper authenticated encryption is definitely possible. For S/MIME the situation is much more dire and it's probably best to just give up on it. It was never a good idea in the first place to have competing standards for e-mail encryption. For other crypto protocols there's a lesson to be learned as well: Stop using unauthenticated encryption modes. If anything efail should make that abundantly clear.
  • Comcast Leaked Customer Wi-Fi Logins in Plaintext, Change Your Passcode Now
    A Comcast Xfinity website was leaking Wi-Fi names and passwords, meaning now is a good time to change your Wi-Fi passcode. The site, intended to help new customers set up new routers, could easily be fooled into revealing the location of and password for any customer’s Wi-Fi network. A customer ID and a house or apartment number was all would-be attackers needed to get full access to your network, along with your full address.
  • Update Fedora Linux using terminal for latest software patches
  • Patch for New Spectre-Like CPU Bug Could Affect Your Performance
  • container_t versus svirt_lxc_net_t

today's howtos

Red Hat News

  • “Ultimate Private Cloud” Demo, Under The Hood!
    At the recent Red Hat Summit in San Francisco, and more recently the OpenStack Summit in Vancouver, the OpenStack engineering team worked on some interesting demos for the keynote talks. I’ve been directly involved with the deployment of Red Hat OpenShift Platform on bare metal using the Red Hat OpenStack Platform director deployment/management tool, integrated with openshift-ansible. I’ll give some details of this demo, the upstream TripleO features related to this work, and insight around the potential use-cases.
  • Discover the possibilities of hybrid cloud during a joint virtual event with Red Hat & Microsoft [Ed: [Ed: When Red Hat pus Microsoft executives at top positions inside Red Hat...]
  • Red Hat OpenStack Customer Survey 2018: containers, technical support top of mind
    In 2016, we surveyed our customer base on their use of OpenStack in production, getting a pulse-check on the top considerations, expectations, and benefits of a Red Hat OpenStack Platform deployment. With 2018 marking five years of Red Hat OpenStack Platform, we checked back in with our customers to see if their experiences or expectations of OpenStack have changed. Our survey found:
  • Red Hat CEO Jim Whitehurst On How He Plans To Win The Container Market
  • Juniper, Red Hat Tighten Integration to Fend Off VMware
    Juniper Networks and Red Hat have tightened their integration efforts in a move to help ease enterprise adoption of cloud-native platforms and bolster their own offerings against the likes of VMware and Cisco. The latest platform integration includes the Red Hat OpenStack Platform; Red Hat’s OpenShift Container Platform running as a platform-as-a-service (PaaS) on top of or next to the OpenStack platform depending on deployment architecture; and Juniper’s Contrail Enterprise Multi-Cloud platform running as the networking and security layer to unify those together. This integration is designed as a managed system to help deploy and run applications and services on any virtual machine (VM), container platform, and any cloud environment.
  • Red Hat OpenStack HCI Targets Telco Hybrid Cloud, 5G Deployments
    Red Hat today rolled out a hyperconverged infrastructure (HCI) platform based on OpenStack compute and Ceph storage. The new product targets service providers looking to deploy virtual network functions (VNFs) and 5G technologies on top of open source software. Launched at this week’s OpenStack Summit, the Red Hat Hyperconverged Infrastructure for Cloud combines Red Hat OpenStack Platform 13 and Red Hat Ceph Storage 3 into one product. Red Hat says it is the largest contributor to both open source projects.
  • Red Hat Hyperconverged Infrastructure for Cloud Bridges Datacenters and Edge Deployments
  • GSoC 2018: Week 1
    This time, I am working on improving the Fedora Community App with the Fedora project. It’s been a week since we started off our coding on may 14. The Fedora App is a central location for Fedora users and innovators to stay updated on The Fedora Project. News updates, social posts, Ask Fedora, as well as articles from Fedora Magazine are all held under this app.