Language Selection

English French German Italian Portuguese Spanish

Legal

MongoDB and Server Side Public License (SSPL) Controversy in the News This Past Week

Filed under
Red Hat
OSS
Legal
  • Red Hat Drops MongoDB Over License

    MongoDB's attempts to make some money from its NoSQL database have hit another snag as Red Hat has now dropped it from its Enterprise Linux distribution.

    This is the latest in a sequence of moves and countermoves that started when MongoDB changed its license terms to use a Server Side Public License (SSPL) that explicitly says that if a company wanted to reuse and rebadge its database, explicitly to offer MongoDB as a service, then that company either needs to buy a commercial license or to open source the service.

  • Why more may be the wrong measure of open source contributions
  • Battle Of The Document Databases

    Cloud providers can be like sharks in that they have to keep moving forward – in their case, growing the number of services they can offer enterprises – or be overtaken by competitors.

    That need to continually grow the service portfolio isn’t going to go away any time soon. Cloud adoption is accelerating, moving past the early adopter stage and into what Paul Teich, principal analyst with Liftr Cloud Insights and a contributor here at The Next Platform, calls the “early majority” phase, and enterprises are moving forward with strategies that involve leveraging more than one public cloud provider.

    At the same time, the pile of data being generated by organizations is growing rapidly – and the cloud is becoming the place to collect, store, process, and analyze much of that data – but only a portion of enterprise workloads – about 20 percent – are being run in the cloud. That means that four out of five are still run in on-premises environments, so there is still a lot of applications that need to make their way from behind the firewall and into the cloud.

  • What Does Open Source Mean in the Era of Cloud APIs?

    One of the most interesting and unsurprising characteristics of conversations with organizations that have adopted one of the emerging hybrid or “non-compete” style of licenses is that they are universally insistent on being differentiated from one another. Which is understandable on the one hand, given that there are major structural differences between the Commons Clause and the SSPL, to pick two recent examples. Whether it’s reasonable to expect a market which by and large has little appetite for the nuances of different licensing approaches to care is, of course, a separate question.

    What is perhaps more interesting, however, is a central, foundational assumption that every member of this category of licenses shares. On the surface, examples like the Business Source License, the Cockroach Community License, the Commons Clause, the Confluent Community License, the Fair Source License, the TimeScale license or the SSPL would seem to have little in common. Some have ambitions to be considered open source, some do not but invoke open source-like terminology, and some are unambiguously and unapologetically proprietary. Some merely require contributions back copyleft-style, some prohibit usage within prescribed business models (read: cloud) and others restrict business usage without distinction. And so on; while typically rolled up and discussed as a category, they are no more unified in their intent and purpose than open source licenses broadly.

Server Side Public License (SSPL), Red Hat and Fedora

Filed under
Red Hat
OSS
Legal
  • Red Hat/Fedora decide MongoDB’s SSLP doesn’t fit

    MongoDB’s January blues deepened this week as the team behind the Red Hat-backed Fedora Linux distribution confirmed it had added the open source database’s Server Side Public License to its “bad”list.

    The move came as it emerged Red Hat – Fedora’s sponsor – had nixed MongoDB support in RHEL 8.0.

  • AWS Raised Its Hand Lest Of Open Source Platform

    Even though AWS stands by MongoDB as the best the customers find it difficult to build and vastly accessible applications on the open-source platform can range from multiple terabytes to hundreds of thousands of reads and writes per second. Thus, the company built its own document database with an Apache 2.0 open source MongoDB 3.6 API compatibility. The open-sources politics are quite difficult to grasp. AWS has been blamed for taking the top open-source projects and re-branding plus re-using it without providing the communities. The catch here is that MongoDB was the company behind putting a halt to the re-licensing of the open-source tools under a novel license that clearly stated the companies willing to do this will have to purchase a commercial license.

  • Red Hat gets heebie-jeebies over MongoDB's T&Cs squeeze: NoSQL database dropped from RHEL 8B over license

    MongoDB justified its decision last October to shift the free version of its NoSQL database software, MongoDB Community Server, from the open-source GNU Affero General Public License to the not-quite-so-open Server Side Public License (SSPL) by arguing that cloud providers sell open-source software as a service without giving back.

    The following month, and not widely noticed until this week, Red Hat said it would no longer include MongoDB in version 8 of Red Hat Enterprise Linux. The removal notice came in the release notes for Red Hat Enterprise Linux Beta 8.0.

    Under section 4.7, the release notes say, "Note that the NoSQL MongoDB database server is not included in RHEL 8.0 Beta because it uses the Server Side Public License (SSPL)."

  • Server Side Public License struggles to gain open-source support

    MongoDB first announced the release of the new software license in October as a way to protect itself and other open-source projects like it from being taken advantage of by larger companies for monetary gain.

    At the time, MongoDB co-founder and CTO Eliot Horowitz explained: “This should be a time of incredible opportunity for open source. The revenue generated by a service can be a great source of funding for open-source projects, far greater than what has historically been available. The reality, however, is that once an open-source project becomes interesting, it is too easy for large cloud vendors to capture most of the value while contributing little or nothing back to the community.”

    Other open-source businesses have developed their own licenses or adopted others in recent months, citing the same issues. However, the problem with these new licenses is that if they are not approved by the Open Source Initiative (OSI), an organization created to promote and protect the open-source ecosystem, the software behind the license is technically not considered open source, and it will have a hard time getting acceptance from members in the community.

  • Open source has a problem with monetization, not AWS
  • Why you should take notice of the open source in enterprise suckers conundrum

    In the MongoDB case, AWS is widely regarded as responding to a licensing change MongoDB made in October 2018 that has caused something of a stir among the open source cognoscenti.

  • Fedora Community Blog: FPgM report: 2019-03

    Here’s your report of what has happened in Fedora Program Management this week.

    I’ve set up weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

ZFS On Linux Landing Workaround For Linux 5.0 Kernel Support

Filed under
Linux
Legal

Last week I reported on ZFS On Linux breaking with Linux 5.0 due to some kernel symbols sought by this out-of-tree file-system driver no longer being exported and the upstream developers not willing to adjust for the ZoL code. That's still the case but the ZFS On Linux developers have a patch so at least the file-system driver will be able to build on Linux 5.0.

This ZOL + Linux 5.0 issue stems from a set of functions used by this ZFS Linux port for vectorized file-system checksums no longer being exported. The kernel developers don't want to re-export the functionality since as Greg Kroah-Hartman put it, "my tolerance for ZFS is pretty non-existant."

Since that Phoronix article last week, Greg KH followed up on the mailing list with, "Sorry, no, we do not keep symbols exported for no in-kernel users." Longtime Linux kernel developer Christoph Hellwig also suggested users switch instead to FreeBSD if caring about ZFS.

Read more

Some More Attacks on the GPL and Latest Compliance Story

Filed under
GNU
Legal
  • GPL Cooperation Commitment: Promise of Collaborative Interpretation [Ed: IP Kat perpetuates the Microsoft-connected (and funded) lie that GPL "popularity has dropped dramatically during the past decade," citing Jono Bacon and Microsoft-funded 'analysts', proxies like Black Duck. To this date, in light of the GitHub takeover, Microsoft managers are badmouthing the GPL and many anti-GPL 'studies' are based on this Microsoft site alone.]

    GNU General Public Licence version 2 (GPLv2) was written in the early nineties to ensure compliant distribution of copyleft-licensed software. Even though its popularity has dropped dramatically during the past decade, it nevertheless continues to be one of the most widely used and important open source licences.

    Notedly, GPLv2 was drafted by non-legal free (as in “free speech,” not as in “free beer”) software enthusiasts and yet it has necessitated legal interpretation and application in accordance with IP and contract law principles. For nearly two decades, compliance and enforceability of the licence by its users has had to deal with ambiguity and uncertainty with respect to its terms.

  • HMD releases source code for Nokia 8 Sirocco

    HMD has released the source code for Nokia 8 Sirocco and it is now available for download on the official Nokia website.

Fedora Decides To Not Allow SSPLv1 Licensed Software Into Its Repositories

Filed under
Red Hat
Server
OSS
Legal

Back in October, MongoDB announced the Server Side Public License v1 (SSPLv1) as their new license moving forward for this document-oriented database server over their existing AGPL code. SSPL was met with much controversy upon its unveiling and Fedora's legal team has now ruled it an invalid free software license for packaged software in its repositories.

The intent of MongoDB developing the Server Side Public License was to ensure that public cloud vendors and other companies using their software as a service are giving back to the community / the upstream project. SSPL v1 was based on the GPLv3 but lays clear that a company publicly offering the SSPL-licensed software as a service must in turn open-source their software that it uses to offer said service. That stipulation applies only to organizations making use of MongoDB for public software services.

Read more

Licensing: GPL Compliance and the Server Side Public License (SSPL)

Filed under
OSS
Legal
  • arter97’s custom kernel and vendor images greatly improve the Xiaomi Mi Pad 4’s performance

    Xiaomi (and a lot of Chinese OEMs) have had a difficult time complying with the rules of the GNU GPL when it comes to releasing the kernel source code for their Android products. The company said they would start doing this 3 months after the release of a new product, but that wasn’t the case with the Xiaomi Mi Pad 4. The device launched in June of last year and, as of October, they had yet to comply with the GPL. Thankfully, they finally released it (a month after we reported on their tardiness) and it has helped developers work their magic on the device.

  • Amazon Web Services’ DocumentDB Takes Aims At MongoDB Workloads

    DocumentDB uses version 3.6 of the MongoDB application programming interface (API) to interact with MongoDB clients.

    That version, dating back to 2017, is covered by the open source Apache licence, a move intended to circumvent MongoDB’s new licensing structure, based on the specially created Server Side Public License (SSPL).

Licensing/Legal: Android-Related Code and Amazon 'Forcing' Companies to Reduce Licence Freedom

Filed under
OSS
Legal
  • Kernel source for Nokia 5.1 and 6.1 Plus, 7.1, Redmi Note 6 Pro, and LG G7 released
  • Kernel source for the Xiaomi Redmi Note 6 Pro, Nokia 6.1 Plus/5.1 Plus/7.1, and LG G7’s Android Pie release are live
  • Nokia 5.1 Plus too] HMD releases kernel source code for the Nokia 7.1 and Nokia 6.1 Plus

    The Nokia 7.1 and 6.1 Plus are mid-range Android One devices that were recently updated to Android 9.0 Pie. Following the update, HMD Global has published their kernel source code on its website.

    [...]

    If HMD Global allows the rest of its Android phones to be bootloader unlocked too, it might just make them a more attractive option for the enthusiast crowd, who want to be able to run their favorite custom ROMs on their smartphones. And though the manufacturer is currently doing a good job of keeping its devices updated, if that support's ever to slow down, it sure would be nice to have the ability to root and unlock — just in case.

  • Amazon fires open-source shot with DocumentDB launch

    In a move that will surely upset the open-source community, AWS has launched a new database offering compatible with the MongoDB API called DocumentDB.

    The cloud giant describes its new product as a “fast, scalable, and highly available document database that is designed to be compatible with your existing MongoDB applications and tools.” However, it is essentially a replacement for MongoDB that uses its API but none of its code.

    According to AWS, its customers have found it difficult to build fast and highly available applications that are able to scale to multiple terabytes with hundreds of thousands of reads and writes per second. So instead, the company built its own document database that is compatible with Apace 2.0 open source MongoDB 3.6 API.

  • The week in tech: NHS long-term plan, Amazon vs. open source, plus more

    However, Amazon claimed that customers find it challenging to “build performant, highly available applications on MongoDB that can quickly scale to multiple Terabytes (TBs) and hundreds of thousands of reads and writes-per-second because of the complexity that comes with setting up and managing MongoDB clusters.”

    This is controversial, as Amazons’ announcement comes just months after MangoDB presented a new licence aimed at stopping tech giants taking advantage of their database.

CLA proliferation and the Island of Dr. Moreau

Filed under
OSS
Legal

The community response to license proliferation over the last many years has been positive, and I am pleased to see that the majority of open source projects are choosing to select from a certain set of options (e.g., GPL, LGPL, AGPL, BSD, MIT, Apache 2) that are all well-understood by engineers and lawyers. As such, there is no time wasted interpreting their terms and a low-friction ecosystem is fully enabled.

Once a project adopts an open source license, it usually adopts the standard "inbound=outbound" model; a phrase coined by Richard Fontana. Fontana describes the inbound=outbound model as contributions that are understood to be licensed under the applicable outbound project license, making it easy for contributors to participate in projects without intimidation and red tape. This is a very simple model that dovetails well with a smart license choice detailed above.

Unfortunately, many open source projects have chosen not to adopt inbound=outbound and, instead, require some form of a contributor license agreement (CLA). CLAs vary in scope and purpose. A good description of CLAs and Developer Certificates of Origin (DCOs; discussed below) may be found in Ben Cotton's article "CLA vs. DCO: What's the difference?"

Read more

Linux Foundation's AGL, ACT (Copyleft Compliance) and Upcoming Copyleft Conf (Conservancy)

Filed under
Linux
OSS
Legal
  • Toyota Motors and its Linux Journey

    I spoke with Brian R Lyons of TMNA Toyota Motor Corp North America about the implementation of Linux in Toyota and Lexus infotainment systems. I came to find out there is an Automotive Grade Linux (AGL) being used by several autmobile manufacturers.

    I put together a short article comprising of my discussion with Brian about Toyota and its tryst with Linux. I hope that Linux enthusiasts will like this quick little chat.

    All Toyota vehicles and Lexus vehicles are going to use Automotive Grade Linux (AGL) majorly for the infotainment system. This is instrumental in Toyota Motor Corp because as per Mr. Lyons “As a technology leader, Toyota realized that adopting open source development methodology is the best way to keep up with the rapid pace of new technologies”.

  • Simplifying and Harmonizing Open Source for More Efficient Compliance

    Using open source code comes with a responsibility to comply with the terms of that code’s license, which can sometimes be challenging for users and organizations to manage. The goal of ACT is to consolidate investment in and increase interoperability and usability of, open source compliance tooling, which helps organizations manage compliance obligations.

    Software widely includes an assortment of open source code with multiple licenses and a mix of proprietary code. Sorting and managing all these can be a major hassle, but the alternative is potential legal action and damaged relations with the open source community.

    The projects in ACT are poised to boost existing Linux Foundation compliance projects like OpenChain, which identifies recommended processes and make open source license compliance simpler and consistent, and the Open Compliance Program, which educates and helps developers and companies understand their license requirements. ACT provides tooling to help support efficient workflows.

  • Copyleft Conf: Registration is Open

    Conservancy is very excited to share the schedule for the first ever Copyleft Conf with you! Copyleft Conf is a one day event, taking place in downtown Brussels at Digityser. Registration begins at 9:30am and we'll be finishing by 6pm. We'll have talks, a panel and participatory discussions near the end of the day.

    Participants from throughout the copyleft world — developers, strategists, enforcement organizations, scholars and critics — will be welcomed for an in-depth, high bandwidth, and expert-level discussion about the day-to-day details of using copyleft licensing, obstacles facing copyleft and the future of copyleft as a strategy to advance and defend software freedom for users and developers around the world.

Licensing in Mobile Devices (GPL Compliance)

Filed under
OSS
Legal
  • Asus Zenfone Max M2 update brings EIS to the front camera, Max Pro M2 gets an update too

    So far, there have been mixed feelings about these two phones as the specs and price are impressive, but then the company ended up releasing the kernel source code for them that was encrypted. It’s required for an Android OEM to release the kernel source for their devices but releasing an encrypted file without proper means of decryption is pointless. This still ends up with ASUS violating the GPL and it’s not a good sign for the enthusiast community that was starting to swell around these two devices.

  • Nokia 7.1 and Nokia 6.1 Plus kernel source code now available for download

    HMD’s source code for Nokia Android smartphones is licensed under GPL or LGPL which allows source code distribution. And by distributing the source code the company also contribute to the open source community which in turn is beneficial to the end users. Visit Nokia’s official download page where you can find the source code for both the smartphones, Nokia 6.1 Plus and Nokia 7.1.

Syndicate content

More in Tux Machines

Solus Brightens Computing Across the Linux User Spectrum

Regardless of how you spend your time at the keyboard, Solus can be an ideal solution for all your computing needs. It comes with a collection of specially designed tools to make using and maintaining the operating system a uniquely easy experience. For technically minded users, Solus supports a wide variety of editors, programming languages, compilers and version-control systems. It has tools for containerization/virtualization technology, such as Docker and Vagrant. Whether you're writing drivers in C or writing backend Web services in Go, there is software that will fit your needs. Home or office users will be pleased with the latest LibreOffice suite version 6.2.1.2. The Solus Software Center has options for accounting, Personal Information Management and more. Content Creators can animate in Synfig Studio, produce music with Musescore or Mixxx, do graphic designing with GIMP or Inkscape, and edit videos with Avidemux, Kdenlive or Shotcut. Gamers can enjoy open source games natively configured for Solus with support for many gamepads and controllers. With little or no setup required, gamers can play Steam titles for Linux with a modern, optimized gaming runtime. There is also built-in support for the Itch.io and Lutris gaming platforms. Read more

today's leftovers

  • Molly de Blanc: Autonomy and consent

    When I was an undergraduate, I took a course on medical ethics. The core takeaways from the class were that autonomy is necessary for consent, and consent is necessary for ethical action. There is a reciprocal relationship between autonomy and consent. We are autonomous creatures, we are self-governing. In being self-governing, we have the ability to consent, to give permission to others to interact with us in the ways we agree on. We can only really consent when we are self-governing, otherwise, it’s not proper consent. Consent also allows us to continue to be self-governing. By giving others permission, we are giving up some control, but doing so on our own terms. In order to actually consent, we have to grasp the situation we’re in, and as much about it as possible. Decision making needs to come from a place of understanding.

  • Ritesh Raj Sarraf: User Mode Linux 5.2

    User Mode Linux version 5.2 has been uploaded to Debian Unstable and will soon be available on the supported architectures. This upload took more time than usual as I ran into a build time failure caused by newer PCAP library. Thanks to active upstream developers, this got sorted out quick. In the longer run, we may have a much better fix for it.

  • PCLinuxOS MATE Review

    Published for Patreons on Oct 8th 2019. Available to the public Oct. 17th, 2019 – Become a Patreon today to get this plus exclusive Linux tips not found anywhere else!

  • Worn Out EMMC Chips Are Crippling Older Teslas

    Much like the rockets and spacecraft of sister company SpaceX, Tesla’s vehicles are powered by Linux running on what’s essentially off-the-shelf computing hardware. Until 2018 the Model S and X were running the open source operating system on a NVIDIA Tegra 3, at which point they switched the Media Control Unit (MCU) over to an Intel Atom solution. In either event, the Linux system is stored on an embedded Multi-Media Controller (eMMC) flash chip instead of a removable storage device as you might expect. Now under normal circumstances, this wouldn’t be an issue. There are literally billions of devices running Linux from an eMMC chip. But any competent embedded Linux developer would take the steps necessary to make sure the operating system’s various log files are not being written to a non-replaceable storage device soldered onto the board Unfortunately, for reasons that still remain somewhat unclear, the build of Linux running on the MCU is doing exactly that. What’s worse, Tesla’s graphical interface appears to be generating its own additional log messages. Despite the likelihood that nobody will ever actually read them, for every second a Tesla is driving down the road, more lines are being added to the log files. Now, it appears that the near continuous writing of data to the eMMC chips on the older Tegra-based MCUs has finally started to take its toll. Owners on Tesla forums are reporting that their MCUs are crashing and leaving the expensive vehicles in “Limp Home Mode”, which allows the car to remain drivable but unable to charge. The prescribed fix for this issue by Tesla is a complete MCU replacement at the cost of several thousand dollars. As this failure will almost certainly happen after the factory warranty has lapsed, the owner will have to foot the bill themselves.

  • Seven more videos from the auditorium at LibreOffice Conference 2019

    Yes, here’s anther bunch of videos from our recent LibreOffice Conference 2019 in Almeria, Spain.

  • Self-publishing using LibreOffice Writer 6

    My new book, Self-publishing using LibreOffice Writer 6, is now available in paperback or PDF.

  • Montreal Subway Foot Traffic Data

    STM kindly sent me daily values for each subway stations from 2001 to 2018. Armed with all this data, I decided to play a little with R and came up with some interesting graphs. Behold this semi-interactive map of Montreal's subway! By clicking on a subway station, you'll be redirected to a graph of the station's foot traffic.

  • Is your Internet up-to-date?

    Modern Internet Standards provide for more reliability and further growth of the Internet. Are you using them?

  • Call of Duty: Modern Warfare ditches loot boxes for a battle pass

    Popularized by Fortnite, the battle pass system allows for players to buy the pass at the beginning of the season, and unlock a variety of items as they progress. Modern Warfare’s system sounds like it’ll be extremely similar to the Fortnite model (which has since been adopted by other major titles, like Destiny 2 and PUBG). Players will be able to buy a pass at the beginning of a season, with full transparency as to what the items included are, and how and when they’ll be unlocked.

  • Innr Smart White A19 bulb review: This inexpensive smart bulb seamlessly connects with a Philips Hue Bridge

    If you’re shopping for your first smart bulb and you’re not ready to invest in a hub, an Innr bulb isn’t the cheapest way to go. Instead, you’d be better off with a Bluetooth- or Wi-Fi-enabled bulb that can operate with just a smartphone app. The latest Philips Hue White bulb, for example, which can be controlled via Bluetooth as well as Zigbee), or a Wi-Fi-connected bulb like the $8 Wyze Bulb, which offers the bonus of being color-temperature-tunable.

  • The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive [Computer Attack] in History [iophk: Windows TCO]

    All nine of the Olympic staff's domain controllers, the powerful machines that governed which employee could access which computers in the network, had somehow been paralyzed, crippling the entire system. The staff decided on a temporary workaround: They set all the surviving servers that powered some basic services, such as Wi-Fi and the internet-linked TVs, to bypass the dead gatekeeper machines. By doing so, they managed to bring those bare-minimum systems back online just minutes before the end of the ceremony.

  • [Old] Olympic Destroyer Takes Aim At Winter Olympics

    The purpose is to copy the initial stage to the remote system in %ProgramData%\%COMPUTERNAME%.exe and to execute it via a VBScript.

Apache Rya matures open source triple store database

The open source Apache Rya database effort is continuing to move forward as it reaches a new level of project maturity and acceptance. Rya (pronounced "ree-uh") is an RDF (resource description framework) triple store database. The project started at the U.S. government's Laboratory for Telecommunication Sciences with an initial research paper published in 2012. The project joined the Apache Software Foundation (ASF) in 2015 as an incubated project, and in September 2019 achieved what is known as Top-Level Project status. The Top-Level status is an indication and validation of the project's maturity, code quality and community. The ASF is home to Hadoop, Spark and other widely used database and data management programs. Read more Also: Yahoo Groups is being prepared for shutdown, with all stored archives to be deleted on Dec 14

The Spectre Mitigation Impact For Intel Ice Lake With Core i7-1065G7

For those wondering if -- or how much -- of a performance impact mitigations still make regarding Spectre for Intel's long-awaited 10nm+ Ice Lake processors, here is the rundown on the mitigation state and the performance impact. One of the areas that Phoronix readers have requested testing on with the recent purchase of the Dell XPS 7390 with Core i7 1065G7 is regarding the mitigation state and performance. Ice Lake with its Sunny Cove microarchitecture -- similar to Cascade Lake -- is no longer affected by Meltdown, MDS, or L1TF / Foreshadow. Read more