One of the more recent discoveries resulting from the breach two weeks ago of malware-as-a-service provider Hacking Team is sure to interest Android enthusiasts. To wit, it's the source code to a fully featured malware suite that had the ability to infect devices even when they were running newer versions of the Google-developed mobile operating system.
The leak of the code base for RCSAndroid—short for Remote Control System Android—is a mixed blessing. On the one hand, it provides the blueprints to a sophisticated, real-world surveillance program that can help Google and others better defend the Android platform against malware attacks. On the other, it provides even unskilled hackers with all the raw materials they need to deploy what's arguably one of the world's more advanced Android surveillance suites.
A respected security researcher has denied any involvement with Hacking Team after open-source code he wrote was found in smartphone spyware sold by the surveillance-ware maker.
The company behind the Ubuntu Linux operating system, Canonical, has changed the licensing terms of Ubuntu to comply with the GNU General Public License and other free software licences.
This week, Canonical added a “trump clause” that says that when Canonical’s license contradicts the widely accepted “copyleft” license GPL, GPL shall prevail.
Activist groups, including the Free Software Foundation and the Software Freedom Conservancy have been in discussion with Canonical for nearly two years, trying to get Canonical’s policy to unequivocally comply with the generally accepted GNU GPL software license.
Most of you by now have probably seen Conservancy's and FSF's statements regarding the today's update to Canonical, Ltd.'s Ubuntu IP Policy. I have a few personal comments, speaking only for myself, that I want to add that don't appear in the FSF's nor Conservancy's analysis. (I wrote nearly all of Conservancy's analysis and did some editing on FSF's analysis, but the statements here I add are my personal opinions and don't necessarily reflect the views of the FSF nor Conservancy, notwithstanding that I have affiliations with both orgs.)
In the world of FOSS, a small change to a license can be a big deal. For users of proprietary software, changes in the EULA are hardly even registered. Those users click "Ok" and forget about it in the blink of an eye. They have accepted that they are severely limited as far as their rights to alter or redistribute the software is concerned.
But for users of free software, such as Linux or any of the hundreds of packages that make up a modern operating system, a license change has the potential to change their rights dramatically. So, these events are usually the cause of controversy.
The Free Software Foundation (FSF) and the Software Freedom Conservancy (SFC) have been bickering with Canonical since 2013 over concerns that certain clauses of the Ubuntu IP rights policy seemed to claim to override provisions of the GNU General Public License (GPL) – something the GPL explicitly forbids.
Today, Canonical, Ltd. announced an updated “Intellectual Property” policy. Conservancy has analyzed this policy and confirms that the policy complies with the terms of the GNU General Public License (GPL), but Conservancy and the FSF believe that the policy still creates confusion and possible risk for users who wish to exercise their rights under GPL.
Compilation copyright is an idea exclusive to the US (or North America anyway). It restricts collections of items which otherwise have unrelated copyright restrictions. A classic example is a book collection of poetry where the poems are all out of copyright but the selection and ordering of poems is new and has copyright owned by whoever did it.
The Software Freedom Conservancy's Bradley Kuhn is probably best known for his work in enforcing the GNU General Public License (GPL). Enforcement-by-litigation might get the headlines, but Kuhn treats the courts as a last resort.
Longtime open-source graphics developer Luc Verhaegen has written on the Linux-SunXI about further Allwinner misbehavior. Five days ago they updated their media codec framework with various new "proprietary" files that is then being built together with LGPL-licensed code and the binary is being dlopen'ed into the LGPL'ed code.
The times are changing for open/free/libre software and OSes, and what the words mean. Make no mistake: collaborative, truly open projects are powerful sources of innovation and problem solving. The only way proprietary, corporate models can even survive is through sheer bullying and anti-competition tactics, as have been used for years to keep Linux from wider adoption. Now that that is changing, the tactics are changing too.
The latest trend in this area seems to be bringing disinformation and propaganda tactics into the fray.