Quick Guide of license compatibility with GPL
Summary: A call for advice on how to handle another Samsung violation of the GPL and betrayal of the community
As a quick reminder, over 6 years ago we called for a boycott of Samsung, which proved that it didn’t care about freedom and actively worked against it. In 2 posts [1, 2] from the past few weeks we covered yet another violation of the GPL by Samsung. This one required a leak to be shown and we spoke to the leaker, who prefers to remain anonymous. We consulted internally to see how this can be dealt with.
“Not enough data to do more than guess,” iophk wrote, “I do recall that the SFLC disapproved of the ‘robin hood’ approach to freeing code that had been ripped off.
“This one required a leak to be shown and we spoke to the leaker, who prefers to remain anonymous.”“I guess it depends on the provenance of the code. If it is ripped off from the kernel then it comes under GPLv2 or later (IIRC). Then it comes down to v2 or v3. I like what v3 accomplishes, but I do not. like mixing copyright with patents in the same license. Can v3 provide any protection if Microsoft starts to claim to have patents on *FAT?”
This is an interesting possibility that we are exploring. Samsung’s GPL violations are in an implementation of exFAT, a very common extortion tool against Linux distributors. “Here is the latest info from the most recent kernel,” writes iophk. “It is v2 only.”
It is v3 which deals with patent provisions. iophk continues: “Linus likes v2 very much but seems to have removed the “or later” clause that I vaguely recollect being there. Can rxrz [the leaker] say which version of the kernel exfat-nofuse came from? If it is a later one, then maybe v2 is the only option. If it is an earlier one, there might be a choice between v2 and v3.”
He later, upon further investigation, adds: “Here’s the oldest commit in Git, which has the same preamble. So I’m not sure under which circumstances v3 could be used. It is certainly a safe bet with v2.”
“We could like to relay the leaker’s question to the wider community.”We spoke with the leaker of this code, who wrote: “I just wanted to do a good thing.
“But now I have decided to put the LICENSE file there, containing GPLv2, since Samsung has stolen that code initially from the Linux kernel tree. (I believe it fits this code the best, v3 may be better though, I don’t know)”
We could like to relay the leaker’s question to the wider community. To quote her, the leaker: “Could you please help the project and make up a LICENSE file content for it? It happens that I’m not too good with legal things myself…”
I promised to work with our community at Techrights or anyone else who reads this to address this issue. Any suggestions of ways forward from here? Or licensing? █
Send this to a friend
Summary: The kernel debate that’s really worth having, not some storm in a teacup over feminism
The other day we wrote about the latest Samsung scandal [1, 2, 3] which looks like another GPL violation (not the first). Just like LG and smaller players such as TomTom, Samsung pays Microsoft for FAT patents. We need to stop this.
“Honestly,” says one person who took action, “I don’t understand how it’s even possible to patent any filesystem. It’s not a concept, it’s a variation of having a structured array of bytes on a block device.”
Here is who’s behind the code leak, which seems to reveal GPL violation and is therefore whistleblowing (protected by law):
A student and programmer using the name “rxrz” has posted a large chunk of a proprietary Microsoft file-system software to GitHub, claiming that she’s liberating it for the open source world. She says that the software was leaked from Samsung, and that it also contains some code from the Linux kernel. That, she argues, makes it de facto open source under the terms of the Gnu General Public License.
“All I’ve done is given the community of open source developers and linux/android users a way to finally share data between all major OS’s without any excessive impact on the performance,” she wrote on GitHub.
In an email interview, rxrz wouldn’t give her name, but said that she was a nineteen year old female student from the European Union.
She posted the code last month, but only gained widespread notice on Linux discussion forums this week.
This debate needs to go mainstream. Instead of debating a gender war on the Linux development lists (no, we won’t entertain this flamebait here) we should speak about GPL violations. It involves a female leaker showing code from a female developer at Samsung and it is about justice, not some self-inflicted offence over ‘rude’ words. Yes, Torvalds needs to tone down his language, but this has already mushroomed to become some distracting storm involving militant feminists (including an employee of a criminal company) and opportunistic misogynists, which just helps discredit Linux in the same way some tried to discredit GNU several years ago. Let’s talk about patents and technical issues, not some distracting gossip. █
Send this to a friend
From a patent with Joosun Hahn on it…
Summary: Samsung and its developers appear to be helping Microsoft’s patent war on Linux and also violating the GNU GPL at the same time
The mischievous role played by Samsung in advancing Microsoft’s Linux tax is nothing new. It turns out to be not only proprietary but quite likely a GPL violation. Companies like Tuxera are working for Microsoft by spreading exFAT to manufacture more victims like TomTom, a FAT scapegoat. Microsoft most routinely uses FAT-related patents to tax users and distributors of GNU/Linux (users are being silently taxed through secret deals). It is hard to work around these traps.
Samsung, a patent friend of Microsoft which we reported for GPL violations in the past, pays Microsoft for FAT and then spreads this patent trap further. We recently wrote about some mysterious code from Korea (more details are in IRC logs) and we studied the author of this code in order to better understand her interests and to find out why she may be promoting exFAT. Now there is clarification. Michael Larabel explains: “Last month there was news of a native Linux driver for Microsoft’s exFAT file-system. It turns out that the driver wasn’t developed through any clean-room reverse-engineering but was rather the apparent rebadging of a Samsung exFAT driver for Linux.
“After being informed via email by a user today with this open-source Linux exFAT driver appearing on GPL-Violations.org, the exFAT Linux driver comes with nefarious intentions.
“A lot of people have berated the alleged leaker, but if it proves GPL violations, then it may as well justify the leak and serve as a case of whistleblowing”“It appears (and evidently its “developer” is admitting it) that the exFAT Linux kernel module was based upon source-code found from a Samsung developer for their exFAT driver. The code likely leaked out of Samsung accidentally by a developer pushing their Linux kernel source tree externally to GitHub when it should have been made private.”
Now, the main question is, was the code modified before being uploaded? If so, whose GPL violation is it (assuming it has not been tampered with)?
The developer, Joosun Hahn, has almost nothing on the Web about her (at least not in English) but has various publications (connected Seongsoo Hong in some publications) in decent journals and also patents like this one. Assuming it’s the same person, a 2009 paper describes her as someone who “received her B.S. degree in Computer Science from Soongsil University, Seoul, Korea, in 1994. She received her M.S. and Ph.D. degrees in Computer Engineering from Seoul National University, Seoul, Korea, in 1996 and 2004, respectively. She is currently a research professor in the Department of Computer Engineering at Hongik University, Seoul, Korea. Her research interests include computer architecture, real-time computing, embedded systems, and wireless sensor networks.”
To quote Phoronix Forums (last page), “This source code is not under GPLv2. This source code cannot be redistributed. This code contains Microsoft’s IP. It cannot even be made publicly available – that’s a direct violation of the law.”
In a later thread someone points out: “I’d rather see exFAT burn in hell with its patents, it’s sad that we see this attempt instead.”
As pointed out here, “I examined exfat_super.c and compared it to fs/fat/misc.c, fs/fat/dir.c, fs/fat/namei_vfat.c, and fs/fat/file.c. I will avoid sharing my conclusions here, but any one else is free to look.”
exFAT needs to be killed at all costs. This is poison and those who develop it, be it a person or a brand (Samsung) needs to find other things to do. Right now it’s helping patent terrorists. GPL violations aside (the guilt cannot be established based only on allegations*, but Samsung has poor history when it comes to GPL compliance), the main issue here should be patents.
A lot of people have berated the alleged leaker, but if it proves GPL violations, then it may as well justify the leak and serve as a case of whistleblowing. We shall wait and see how this story evolves. █
* This page shows:
Send this to a friend
Summary: Microsoft proxies or offshoots are not managing to keep their cover and legitimate figures in the Free software world end up ostracising these
TECHRIGHTS recently wrote about the latest FUD from Black Duck, which has its roots in a person from Microsoft. Bruce Perens said that more people should call out this firm for its dubious claims about the GPL and now we see Simon Phipps, the president of the OSI, speaking about the problem. To quote:
So the real risk is much smaller than the headline numbers suggest. In all this, I can’t help feeling Black Duck want us to be afraid. It’s very important that Github takes its responsibilities seriously, and their new improvements show they are starting to do so. But the headline “60% of open source is dangerous” number from Black Duck, together with the “77% of Github is dangerous” number, seem over stated. Given their business model is to apply reassuring consulting and tools to corporate fears about open source, maybe that’s not surprising. But it’s regrettable.
Open source software is all about developers being able to achieve sufficient certainty to collaborate without the need to spend money on legal advice. OSI’s approved licenses deliver that, and the vast majority of active open source projects have this topic sorted. While Github’s laissez faire attitude to date has led to a good deal of inconvenience identifying the license in use for projects there, as well as pandering to the anti-bureaucratic instincts of the newer generation of developers, it’s now being sorted and it never rose to the level of a crisis for most people.
It must have been frustrating for Black Duck to have the PR spin on their new product thwarted by Github; I just wish they had responded by toning down the “danger, danger” message. Open source has a lower compliance burden than proprietary software and its endless, custom EULAs and developer licenses. Let’s shout that message, for a change.
Not too long ago Phipps also chastised a Microsoft proxy called Microsoft 'Open' Technologies.
After all the GPL fear that was spread by Black Duck it is too hard to believe anything it says. Black Duck was also honouring Microsoft with 'open source' awards (lending legitimacy with mere words and hype), not disclosing that it had a Microsoft business partnership and also a strong Microsoft connection (the firm’s founder) since its inception. The thing to remember about Black Duck is, they’re not selling FOSS or even any valuable information, just FUD and proprietary software. Moreover, they deserve no mercy or the benefit of the doubt (as there is doubt no more and the doubt only ever comes from them, along with fear and uncertainty about using FOSS code).
Yes, how profoundly ‘open source’. As long as the rest is all proprietary, everywhere else inside the stack… █
Send this to a friend
“There’s free software and then there’s open source… there is this thing called the GPL, which we disagree with.”
–Bill Gates, April 2008
“They’ll get sort of addicted, and then we’ll somehow figure out how to collect sometime in the next decade.”
Summary: The ongoing war by Microsoft and its proxies against software freedom, which gives more value to the world’s industry than the FUD would have people believe
There is another reason to abandon the term “Open Source”, which left the term “Free software” more vulnerable to abuse by bad people, makers of proprietary software. Here is Bill Gates’ latest attempt to run over Free/libre software, characterising his trap as “free”. To quote a Romanian site:
Bill Gates had a very interesting opening keynote speech at the Microsoft Research Faculty Summit 2013, explaining that he was grateful for the existence of free software, when asked about patents and their influence on technology.
“Thank God for commercial software. It actually funds salaries, gives people jobs. And thank God for free software, it lets people get things out there, you can play around, build on. The two work very well in an ecosystem,” stated Bill Gates during the Q&A.
This is nonsense, as anybody with a clue knows that commercial means not proprietary and Free/libre can be used commercially, paying wages to users and developers.
A lot of this kind of attacks on Free software usually goes back to Microsoft and its proxies. Right now we have Black Duck, a company created by a marketing guy from Microsoft, throwing around some numbers, looking for sites that will print them. Here is one:
Open source consulting firm BlackDuck says up to $59 billion may be locked up in open source projects with no explicit license. Is that lost revenue for channel partners and software companies?
Here is the press release. What nonsense. Trying to quantify code in terms of revenue is not the only silliness; it is the idea that money is being lost as a result of having no licence. Similar propaganda was previously used to describe FOSS as a jobs destroyer, as if people are writing software with such aims. Some tried to portray FOSS as a cause for losses in the industry, not a saver of money and elevator of productivity (which in turn makes room for more hirings per given budget). This is the type of propaganda we are up against and we keep seeing it brought up also in public talks.
Here is another new example of Black Duck being used to reinforce FUD — namely the idea that Free software is about cost, not freedom, and that it is chosen for price, not other qualities. Watch how the Black Duck-run Future of Open Source survey [1, 2, 3, 4] is being used to spread misconceptions. This new FOSS-hostile article (“The Hidden Cost of Free”) says: “Bottom line, open source may be “eating the software world,” but not all of it. For ISVs and other software development professionals, open source is a no-brainer. We use it in development and in our commercial products wherever and whenever it makes sense. It is free, after all, and the quality is second to none, as this year’s Future of Open Source survey reinforces.”
Black Duck reinforces all sorts of proprietary software talking points. Black Duck is, after all, a proprietary software company.
“This is the type of propaganda we are up against and we keep seeing it brought up also in public talks.”Speaking of FUD against FOSS, the latest Android security fear-mongering comes from a Microsoft partner created and managed by a Microsoft guy (who hopes to turn Android perceptions into Windows perceptions when it comes to security). To quote the company’s description: “He is also a Microsoft Most Valuable Professional (MVP) in Visual Developer Security, a frequent speaker, press resource, and is featured regularly in the Associated Press and global security media.”
“Bluebox was founded in mid-2012,” it says, and it was groomed by the Gartner Group (currently fully dedicated to Android FUD and monetisation attempts, akin to Black Duck).
The war on FOSS is very real and Microsoft partners are trying to remove the F from FOSS or altogether make it proprietary. A few days ago we showed how three Micrososft-controlled entities threw around (or under the bus) and blurred out the FOSS identity of Zimbra (here is more on that); we should also pay attention to the hallmark of effective FOSS FUD because it’s quite consistent. As explained a week ago by Eben Moglen at the EU Parliament, the GPL brought enormous value to the industry, more so than Apple and Microsoft combined. Unfortunately the video is only on YouTube, hence embedded below.
Will politicians ‘get’ it? █
Send this to a friend
EU Competition Commissioner Joaquin Almunia. Credit: EU OPEN DAYS 2012
Summary: Reminder to defeatists who believe that we should all ride Microsoft’s coattails rather than challenge unjust behaviour that may also be illegal
THERE are people out there who want us to believe that to play along with Microsoft on schemes like UEFI restricted boot is a necessary evil and maybe just necessary, not even evil. These people are serving Microsoft’s interests because they weaken antitrust complaints which exist rather than bolster these complaints. Here is a recent tale, as covered by Mike Masnick, of how regulatory intervention did help justice.
The United States’ highest court, SCOTUS, recently shocked a few people by ruling against large corporations’ interests (patents on genes). It later said that patents (referring to pharmaceutical patents) can violate antitrust law. Now that very ridiculous patents get granted and sometimes get ISO endorsement, as in the case of MPEG-LA patents, FOSS is facing anticompetitive practices from the likes of Nokia, Microsoft, and Apple. Google, for instance, is being almost prevented from giving codecs for free, even though it has copyrights on all the code, which is Free/open source software. To quote one recent piece about this subject:
A couple of years back, Techdirt wrote about Google’s laudable attempt to open source its VP8 video codec, based around technologies it had acquired with the On2 company in 2009. That was not simply a matter of releasing the code, though, because of claims by some that VP8 infringed on their patents. MPEG-LA, the private company that manages the H.264 patent pool, even went so far as to put out a call for patents that might cover VP8, which in turn led to the US Justice Department investigating whether the move violated anti-trust law.
Remember that Nero had filed an antitrust complaint. That was before other complaints.
This is what led to a deal that makes YouTube videos, for example, mostly accessible (soon entirely accessible) using Free/libre software acquired at zero cost (and GPL-compatible). Nokia, led by Microsoft, is still trying to interfere with this.
When people insist that there is no point to antitrust complaints tell them that many things including sexual and racial (e.g. slavery) discrimination did not end by passive action and hardly even by civil disobedience. People do need to take action. It’s not “whining”, it’s just not complicit with the abuser. █
Send this to a friend
The slandering of copyleft just two degrees away
A new paid ad in YouTube for Xamarin, an "open core" company serving Microsoft interests
Summary: The anti-copyleft camp grows with new additions and gradually-accumulating evidence from Black Duck, OpenLogic, and Outercurve (Microsoft proxy)
The head of a proprietary software company, not a FOSS proponent by any stretch of imagination, wrote the following article a few days ago. It got published in a high-profile news site:
Open source software is now a massive force in technology today. Yet many of us aren’t aware of the reach and influence open source has on our personal and professional lives.
This was written by the head of Black Duck, a company created by a guy from Microsoft. This is a proprietary software company which collects software patents and defends this practice, too. Another company whose head is from Microsoft says that “Monty Widenius, a primary author of MySQL, argues that typical open source licensing is a problem for entrepreneurs, and that a change is needed.”
This is subverting copyleft. The CTO and Founder of OpenLogic asks himself, “Change OSS Licenses to Make More Money?”
Using terms like “commercial license” to mean proprietary he concludes: “Even though OpenLogic provides support to enterprises in tracking and managing open source requests, approvals, policies, and governance, and we could certainly assist in automating processes around “business source” clock expirations, I hope – and expect – the impractical idea of “business source” will die on the vine.”
Remember that Monty worked for Microsoft, even if briefly. The disdain of the GPL there should not be all that shocking.
So basically the above firms don’t promote FOSS, they just provide advice on use of FOSS code. Steven L. Grandchamp, the President and CEO of the latter firm, comes from Microsoft, unlike the CTO. What we generally found is, both of these firms usually advise against copyleft. We gave plenty of examples. These firms are becoming parasites whose main goal is to discourage developers who choose a GPL-like licence. Joining those firms are other Microsoft proxies like Outercurve, which has just gotten itself another person qualified to antagonise copyleft. “Jagielski takes over the role of President from Sam Ramji of Apigee, who held the position for the past three years,” Steven J. Vaughan-Nichols says. His article’s summary is: “The open-source software foundation announced that Jim Jagielski, co-founder of the Apache Foundation and a Red Hat consulting software engineer, would be taking over as its President.”
The predecessor was a malicious mole inside the FOSS community [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13] and we can expect Jagielski to serve the Microsoft agenda of ending copyleft and weakening the likes of the FSF.
Those who believe that Microsoft cares about FOSS ought to know that Microsoft cannot stand the “f word” in FOSS. Microsoft is just trying to change FOSS, not embrace it. And at the core Microsoft wants proprietary software like Windows and Excel. It is not hard to see that. The evidence is too strong. █
“I would love to see all open source innovation happen on top of Windows.”
–Steve Ballmer, Microsoft CEO
Send this to a friend
Summary: VP8 is freedom-respecting even after the deal with a patent troll, according to a leading authority in this area
The SFLC, a recognised authority in the area of free (as in freedom) licences, analysed the licence (draft) of VP8 following the MPEG-LA deal, refuting what Simon Phipps had said [1, 2].
“Mr. Phipps is not hostile towards Free software. He even uses this term despite being the head of the “open source” camp.”The announcement says: “SFLC, like its client the Free Software Foundation, believes that software standing alone should not be patentable subject matter. We join skeptics of the VP8 license and the broader FOSS community in rejecting software patents in all forms, and we will continue to oppose them. But until software patents no longer threaten FOSS, we will look for every opportunity to preserve community development from their destructive effects. The VP8 cross-license provides such an opportunity, in an area of particularly active patenting. It’s not perfect, but no other modern web video format provides nearly the same degree of protection for FOSS implementations.”
Pamela Jones notes: “This is important news, because there have been several articles claiming the opposite, and it’s good to be precise and careful. It’s why I waited until the Software Freedom Law Center could tell us whether Google’s VP8 patent cross-license is or is not compatible with FOSS licensing.”
Mr. Phipps is not hostile towards Free software. He even uses this term despite being the head of the “open source” camp. A response from him might therefore be imminent, maybe a “mea culpa“. █
Update: Mr. Phipps has clarified his position by stating: “I just had a long talk with Aaron and we actually agree. I said that if it were part of a license it would render the license non-free. He agrees, but points out that it’s not part of a license and further that the clauses of GPLv3 that deal with patent license have a loophole that makes Google’s patent license technically OK.
“I still maintain that the Google license needs a great big sign over it saying “we don’t think you actually need this, it’s just to stop OEMs and pro-patent lowlife saying there’s a problem”.
Update #2: This new report from The H takes Phipps’ reaction into account. Privately, or rather publicly (available for viewing in Twitter/Identi.ca [1, 2, 3]) in a few exchanges with Phipps, I was told a couple of times that Microsoft Florian was behind some of the smears against him.
Update #3: Phipps has just published “Google’s VP8 codec license is OK after all” over at IDG.
Send this to a friend
« Previous Page — « Previous entries « Previous Page · Next Page » Next entries » — Next Page »