Slashdot Mirror
'Infectious' Open Source Software?
Gavo writes "Law firm Chapmann Tripp advises New Zealand State Services Commission that the New Zealand Government should be wary of using 'infectious' open source software. They claim 'While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software.'"
The only legal risks are patent issues, which, I don't think they have in New Zealand. Otherwise, most FOSS software licenses don't kick in unless you redistribute the software. So long as the NZ authorities aren't modifying the code, they'll be fine.
They should try reading the EULAs some time...
Lawyers are parasites, empowering them expose you to number of legal risks.
Much better.
I am the bastard of base minus 12! Turing was the ejaculate of my complete machine!
From TFA: "Exposure to faults and intellectual property claims.
Relevant to all open source use.
Disclosure of confidential code/ No rights to use.
Relevant where software has been infected by an open source licence."
They talk about it like there aren't IP claims with proprietary source code. I would argue that these "legal issues" are in fact features of open source that are hampered generally in commercial closed-source software. Closed source tends to have more of the issues above by default, right? Sure looks that way to me!
stuff |
"We've noticed a substantial drop in the amount of EULA's being drafted, as well as an air of goodwill and cheer creeping into the normally sour and beligerent computer software industry, leading naturally to a decrease in important economy stimulating litigation.
Time to break out the FUD cakes!"
May the Maths Be with you!
Because open source is open its safety measurement should be easily attainable. I say the more the better.
Laugh It Off
There's more risk of OSS being called on IP violations. YOU CAN SEE THE CODE!!!!!!!!
MS has been sued how many times now for IP violations? - and that's with people having to either "steal" the code or sue to see it.
Unfortunately, I do see more IP challenges to OSS in the future. On the up side I also see those challenges being handled by the OSS community with rapid patches to remove the problem - unless it's something like BT sueing over links.
It's all true!! I set up one little Linux box, and the next morning my phone, toaster, and kitchen sink were all being freely updated and improved by thousands of collaborators all over the world! Insidious stuff, that open-source.
Slashdot Burying Stories About Slashdot Media Owned
Though the article (yes I have RTFA) uses flaming terms like "risks" and "infectious", it's actually a plain HowTo on opensource licenses in goverment environment. It includes guidelines like the following:
Managing open source software risks can be complicated. To help simplify matters, SSC makes the following general recommendations to cover most open source legal risks facing government agencies:
* Using stand-alone, open source applications:
(a) Only use open source licences that have been legally reviewed, including the GPL, LGPL, CAL, MBSD, MIT, which have been reviewed and are recommended by SSC for use in accordance with this guide.
(b) Obtain performance and intellectual property warranties from the supplier of the open source software, where appropriate and available.
* In-house modification or integration of open source software: In addition to the above recommendations:
(a) Choose one of the following distribution strategies for the resulting software:
(i) Closed distribution, i.e. only within the agency's legal entity.
(ii) Limited distribution, i.e. to other legal entities on non-open source terms.
(iii) Open distribution, i.e. on open source terms.
(b) Manage the chosen licence to match the chosen distribution strategy as follows:
Licence Open distribution Limited or closed distribution
GPL: May use Quarantine
LGPL: May use Quarantine or meet LGPL exception
CAL: May use Quarantine or meet CAL exception
MBSD: May use May use
MIT: May use May use
The entire slant of the document is incorrect. There are certainly concerns with the open source licenses, especially for someone unfamiliar with them who is used to using proprietary software, tweaking it, and reselling without every publishing the modifications to their clients or to the authors.
But the use of closed source and proprietary software has a generally greater risk due to risk of copyright violation and patent violation and user agreement violation. Simply reverse-engineering a proprietary protocol in order to get your work done or to fix a serious issue in closed source software can cause serious legal problems which are often far greater, even though they are more familiar. And the closed source tools are far more likely to contain backdoors or to have vital features discarded in new revisions, forcing a painful and expensive upgrade process for both software and its configurations to the new setups, or to simply be discarded and the data or tools permanently lost to users.
The shutdown of companies or their abandonment of products is a real problem in the closed source world.
an increased risk of exposure to faults
More public review, code that tends to be of higher quality, and the ability to fix problems yourself
intellectual property claims
And since when proprietary software was free from litigation?
the risk of forced disclosure of confidential code
"confidential code" -- whose? If yours, you wouldn't even be able to put it there otherwise. And someone has to reread the GPL again -- no one says the gov agency in question has to distribute any source of things they use internally. If the agency in question releases some software itself -- that "confidential code" will be disclosed anyway, just in a form that is harder to read. Back in the days, I learned how to program a particular SVGA chipset by debugging through BIOS code, and my asm skills are low -- are you going to tell me that if the "confidential code" has any real value, no one will get to it anyway?
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
It's not FUD, it is simply "OSS for the uninitiated - be warned that if you're developing software, you might want to actually read the license of anything else you or your contractors plan to use rather than just ignoring it like you usually do". The general tone is "You can use OSS, but be careful".
It's not terribly well written, mainly because it seems to add a load of guff to licenses which are by and large pretty easy to read. And it uses some contentious terminology which is likely to cause concern. ("Infectious", anyone?)
Doubtless a whole boatload of slashbots who didn't RTFA will be a long in a moment to say "yeah but no but it's microsoft FUD ignore it don't give it publicity etc etc" - I'm not going to debate that one. I actually think it's more likely to be an attempt on the part of the law firm to drum up a bit of business. Something along the lines of "Now you've read this article, contact us for further advice!"
What a bunch of baloney. What's this about "risk of forced disclosure of confidential code"? Risk makes it sound like it is some kind of roll of the dice thing where if you're unlucky, and you get busted, you have to disclose the code.
How about "agencies should read the licence agreement and abide by it whether open source or not"?
And what about "include an increased risk of exposure to faults". Is that supposed to mean open source has a higher "risk" (there's that word again) of faults, because it is bad quality? Or does it mean you have to make sure you pay for support if you can't support it yourself? Why don't they call a spade a spade?
And what of intellectual property claims? Paying somebody for your software, frankly doesn't guarantee anything. It may give you someone to sue, but when did you last see a goverment department sueing a software house? Uh, it aint going to happen.
It's not as though Chapman Tripp could have been unapprised of how utterly stupid their claims are -- Simpson Grierson tried this FUD on a year or so ago, as well: (see The Fud Buster pages of the New Zealand Open Source Society. )
I hope the New Zealand Serious Fraud Office goes after Chapman Tripp's spreading such lies which bring tangible monetary injury to the New Zealand Open Source community, measurable every time we hear a prospect repeat the utter and unadulterated and deliberate bullshit that these pathetic excuses for "IP Lawyers" are putting out.
It seems that after recent press coverage, that legal staff around the world are trying to cover business risks. Obviously the marketing machines of the software industry are zooming in on some of the mistakes bussiness have made when using f.i. GPL software.
At the edge of a cliff, a step forward is not always progress.
While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software. These include an increased risk of exposure to faults and intellectual property claims, and the risk of forced disclosure of confidential code.
As we all know, when proprietary software breaks, it's always fixed. And proprietary software doesn't ever infringe on other organisations' "intellectual property". And of course, you should take the advice of an organisation so unfamiliar with open-source software that they think it's non-commercial. And of course, the law allows people whose copyrights you have infringed to publish your proprietary software.
There is no reason why agencies should not consider open source software on the same basis as commercial software.
And it gets even more fun when you compare the F/OSS licenses with the common proprietary ones. When our company decided Legal needed to review any F/OSS license used here, I got them to agree to do the same level of review on the proprietary licenses. Not surprisingly, there were *way* more proprietary licenses (the original concern was too many licenses), and the proprietary ones had way more questionable terms that raised the eyebrows of legal.
I'm amused that license terms is the new argument of the proprietary industry - because I *really* think they don't want their customers sending their license terms through legal.
For example, it's not uncommon for proprietary licenses to have terms that effectively say ("we have the right to take over your computer and/or install random crap on it" - from anti-virus-company patches to Skype supernodes). Compared to clauses like that, the GPL's a plesant dream to our legal dept.
May Peace Prevail On Earth
I've given it a quick read through and it's actually a pretty sensible document in most places, with some useful advice. You need to bear in mind that the target audience is other NZ government agencies, so the information presented is specifically written with them in mind. I'll argue that the choice of language could be considered negative or inflamitory, but the actual content of the document is decent enough. For example the table in section 9 and the text in sections 15-17 put the legal requirements for various licences in pretty clear terms. They even define terms such as "library" and "device driver" and how the licences relate to those types of components.
However, section 25 is pretty stupid:
"25 There is a risk that open source software contains functional defects, or breaches a third party's intellectual property rights (e.g. where it contains code misappropriated from proprietary software or functionality in breach of a patent). The absence of warranties and indemnities in most open source licences means the licensee bears this risk. This can be contrasted with the protection usually available under commercial software licences."
I'm not sure what EULAs they've read, but commercial software agreements generally contain similiar indemnification. So whats all this about "protection usually available under commercial software licences."?
If it wern't for that nonsense, it'd be a good document.
But viruses may be the precursors of all life. So if GPL is a virus ... well, draw your own conclusions :-)
The Tao of math: The numbers you can count are not the real numbers.
Perhaps there is some kind of license Anti-Virus app that will stop these 'infectious' licenses from spreading even further!
Just don't create a file called -rf.
How many people and/or companies have been sued for just using F/OSS? I don't know of any. BTW: all the scox-scam lawsuits are over bogus contract violation. Scox has not sued anybody for just using Linux.
Innocent parties have been sued for using proprietary software. The msft/time-line case is one example. How many people have been harassed, or fined, by the BSA, because they couldn't find their certificate of ownership?
These articles always assert that F/OSS is a legal minefield, whereas proprietary is completely. But all logic, and evidence, say otherwise.
Read the actual document, not just the summary. The actual document isn't that bad.
The stuff inside isn't that big a secret to most folks. It mainly boils down to, "Using open source software under licenses we've reviewed is okay, but be careful if you're developing code using open source software that we don't want released to the masses, because under some licenses, we may be obligated to."
In fact, this document is probably a good thing, in spite of a somewhat badly written summary. Check out Chapter 2:
This only makes sense. I can't imagine anyone disagreeing, saying that you should use software with a license we're not familiar with, or to disregard the IP of open source authors.
Also, look just below it. It says that for software development that is for open distribution, it's okay to use open source software. For software that is for limited or closed distribution, don't. Is this new? Am I missing something? If anything, people who are interested in open source software can look at this document as permission to go forward, not as a hinderance!
I mean, I realize that the words "infectious" has negative connotations, but I just don't see this document in and of itself as a bad thing. And even though I'm a strong FOSS advocate, the stuff that's in there is stuff that I would recommend to any company, government or organization to consider in their decision whether to use closed- or open source software.
I can see what they're talking about - the viral nature of the GNU license could end up forcing a company to expose all their source code to their competitors, and the problem only worsens with GPLv3. This, of course, was RMS' goal all along.
For companies that do not want their source code plastered all over the internet, avoiding GPL'd software just makes good sense.
Some people just prefer the old business model, y'know?
Oh, and I AM a lawyer.
slashbots who didn't RTFA will be a long in a moment to say "yeah but no but it's microsoft FUD ignore it don't give it publicity etc etc" - I'm not going to debate that one. I actually think it's more likely to be an attempt on the part of the law firm to drum up a bit of business. Something along the lines of "Now you've read this article, contact us for further advice!"
So in other words, it's FUD but not from Microsoft? It really shouldn't be rocket science to figure it out if only someone reads it - or even the first FAQ they can find on google. Sure, some might use the code without paying attention to the license at all, but I presume that's the same kind of business that pass around the one Windows CD.
Live today, because you never know what tomorrow brings
No offense, but these countries are not exactly international economic power-houses.
It has often surprised me how much of the F/OSS v proprietary battle goes on over there.
It was prepared by the State Services Commission and therefore presumably carries a stronger imprimatur than if it were just some private law firm making this analysis.
Then again, IANAK (I Am Not A Kiwi), so I may be giving this agency more credit than it is due...
The Busy Coder's Guide to Android Development
Maybe Computers will never be as intelligent as Humans.
For sure they won't ever become so stupid. [VR-1988]
Any smart software consumer should "zoom in on" the fact that Monoposoft Office (a.k.a. The Enterprise Ready Virus-Development Environment) has cost the entire PLANET billions of dollars in downtime and that over 99% of all viruses are M-Windows viruses.
There is no mistake so dear as using Monoposoft products.
Rich And Stupid is not so bad as Working For Rich And Stupid.
Nice to see lawyers are good at dragging up the same old arguments decade after decade.
What will be next? claims that OSS is more insecure because of it's Openness?
I cant wait!
REmember you can tell when lawyers are lying... their lips are moving.
Legal risks with using software are a real issue in our world.
That's why it would be in the best interests of all computer users and IT decision makers to explore the issue fully, to look closely at what kinds of risks exist, what kinds of risks tend to occur most often in the real world and what their consequences are.
My experience has been that folks using proprietary software are frequently in the position of bending over backwards (particularly in a large corporate or government environment) to make sure that they have licenses for every piece of software that their employees are running on the their PCs. The IT folks spend some serious time auditing to avoid the even larger risk of a BSA audit.
As for legal risks associated with open source software I have yet to encounter any. All I've seen are press reports of legal actions that show no outcome but to prove they were based on frivolous premises and some PR statements talking about legal indemnification which are excellent marketing strategies for certain vendors of proprietary software keenly afraid of their revenue stream becoming commoditised by free and open source software. About the only genuine risk I've seen with FOSS is for developers that disobey the "Share and share alike" GPL by releasing modified binaries without releasing modified source.
Perhaps I'm missing a serious issue and these folks could show some evidence of real people and real companies that have experienced harm due to lack of vigilance concerning the legal risks of FOSS. And they could explain why my personal experience doesn't reflect reality of serious legal risks with hard statistics concerning how much time and money are lost to risk mitigation and handling legal mishaps with users of FOSS compared to users of proprietary software.
"Provided by the management for your protection."
Some people just prefer the old business model, y'know?
Yes, of course they do. It's called Stockholm Syndrome.
The GPL does not expose a company's source code to competitors unless they choose to incorporate GPL code into their own. This is a choice, a conscious decision. It's a decision you don't even have with proprietary closed-source software.
To claim GPL'd code is somehow inferior to closed-source commercial software because of this is laughable. Simply laughable.
You can make all kinds of flame arguments about GPL vs. BSD vs. MPL vs. . . . well, any of the other open / free licenses. Go on, I dare you.
Microsoft is to software what Budweiser is to beer.
You are under no circumstances forced to disclose your source code. You may decide to do so and maybe that's smart but no court will force you to disclose your own source code against your will.
For example, if you modify a program which is licensed under the GPL and you distribute it, in violation of the license, in binary-only form with no written offer to obtain the source code, you are in violation of copyright law and the author(s) of the GPLed program may get injunctions prohibiting you to distribute the modified program and they may seek damages, however, you are NOT forced to disclose the source code. It may be a smart move to do so because then the author(s) of the original GPLed program won't sue you and they may even restore your terminated (due to the violation) license to the program but you CAN decide against it and just duke it out. You may have to pay substantial damages but you won't be forced to reveal your source code.
Really, one would think at least lawyers would know about the law...
"... leading naturally to a decrease in important economy stimulating litigation."
Well, they are lawyers, and lawyers do generally want more litigation, but who knew they'd be so brazen...
"In order to make an apple pie from scratch, you must first create the universe." -- Carl Sagan, Cosmos
Earnie Ball, for one.
Microsoft is to software what Budweiser is to beer.
It's not FUD, it is simply "OSS for the uninitiated - be warned that if you're developing software, you might want to actually read the license of anything else you or your contractors plan to use rather than just ignoring it like you usually do". The general tone is "You can use OSS, but be careful".
Yes, the actual content is reasonable and sensible. It even specifically identifies the GPL as an appropriate license that has been approved for use in the case where software will either only be distributed internally, or can be distributed in compliance with the license. Which is exactly the advice anyone considering using GPL software needs to hear.
But the use of "infected" is FUD. The deliberately emotive language does create fear, uncertainty, and doubt in the reader's mind: it leaves you in no doubt whatsoever that the authors considered such licenses to be negative. And describing it in terms of "software that has been infected by an open source license", as though the software was just minding its own business when a nasty license crept up and attacked it, when in fact it's "software that the developers have chosen to offer you under an open source license", all out in the open and carefully thought out, is utterly ludicrous.
Great content, horrible language. I only hope the NZ government agencies that read this document employ people who are smart enough to filter out the FUD and benefit from the facts.
The crackberry crowd was using "proprietary software" and still are about to get hung out to dry over patent and IP issues. There almost needs to be a "starre decisis" for technology, an idea of "settled technology" that happens when and IP claim is brought against a company using software that has been marketed for a number of years without complaint. Is there such a thing? I'm thinking an IP holder should have 3 months from the time a technology is widely marketed (a fuzzy term, I know) where they have to crap or get off the pot as far as preventing another entity from continuing to use the technology. This might help eliminate the practice of buying up a patent long after a product possibly using that IP has been used widely and then suing. The attitude at that time should be "Hey, buddy, if you cared so much about this patent, you'd have contacted us years ago." Most of these software patents after mass usage are nothing more than parasitic attempts to benifit from other's work.
I agree with you. Lesser GPL
Here's parts of Section (bold mine):5. A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law.
It looks to me that if I link to any library, my code is now a derivative. I'm sorry but the Q&A up on GNU is not a license so it doesn't matter what is said. The license will be what a judge will rule on.
My point is I will need a lawyer to understand this stuff and make sure I don't violate it. I'm not knocking it or anything, I'm just saying that a PRUDENT organization will understand the license completely - including getting legal advice.
I'm trying to find the article about Stallman's suit against NeXT regarding the Objective-C compiler. That is an example of what happens when you think you understand the GNU licenses.
Saturday is April 1. Slashdot will be shut down. Sorry for the inconvenience.
Yes, if you paste OSS code into your software project, you will need to follow their license. As opposed to copying proprietary source code ... which will merely LAND YOU IN COURT for piracy, hacking &/or theft of trade secrets. See, isn't that a much better option?
part of the problem is that people just talk about Free software and open source software as if they are all under the same licence. I think the guy is right in saying that you need to becareful. Consider the fate of a person who thinks he is using a BSD licenced app as a base for his own stuff only to reliaze it is GPL. Sure they are both open source and financially free, but you are not as free to do what you want with it under the GPL as you are with the BSD licence. It gets even more complicated when you have Mozilla licence, Apache licence, php licence , mysql licence and so on.
The war with islam is a war on the beast
The war on terror is a war for peace
OSS is by no means as infectious a proprietary code.
If you use OSS code in your in-house project, no problem - you are welcome to do so. But if you copy and use some Microsoft code in you in-house project, big problem unless you negotiate to pay them per copy first, probably repeatedly, every few years.
If you wish to copy and use OSS code in a product you distribute, you must do so according to the license requirements - which generally involves applying the same OSS licence to the derivative work. This restriction will prevent you from keeping your code secret or proprietary.
But if you wish to copy and use Microsoft code in a product you distribute, you must do so according to the license requirements (if Microsoft choose too allow it at all), generally involving handing them lots of money for every copy distributed, and every copy of those copies etc. This restriction will prevent you from freely giving your code to others or allowing them to use it freely.
I use Microsoft as an example here, but all proprietary code is similarly infectious. Generally, every copy of a derivative work, whether sold, given away or just used in-house is infected with an obligatiion to pay the "intellectual property" owner.
Can someone actually post a law and prove this whole concept of Intellectual Property. Everything I have seen; when it comes to court; people (companies) are tried on the following suits:
1) Copyright
2) Trademark
3) Patent
As it stands; the people that actually spout off IP either:
a) Don't know what the F* their talking about
b) Are intentionally confusing the issue.
Either way (a or b) it is plain old BS.
The statement is true. It's also OLD NEWS.
Why was this posted? It's just flame bait...
I read it. The FUD is both explicit and implicit. The failure to compare the copyright or patent violation risks of open source software to those of closed source software, where the intellectual property you may be duplicating accidentally is invisible to you, is an implicit FUD. And the indemnification clause is an explicit FUD, since the resolution to most open source copyright violations is simply to publish your modifications to your clients.
The person who wrote this has clearly never examined the history of intellectual property lawsuits in the closed source world, where code theft is harder to discover but tends to be more destructive to the original author's property rights.
My understanding of the GPL was that basically you couldn't plan to distribute just an executable binary. That the person who the software is distributed too can also get the source.
:)
Now if the government is producing code based on GPL products, then typically they will be the only customer. The only one the code would be distributed to would be the NZ goverment itself. So the government would be the only customer that could ask for the source code.
Its going to worry about asking itself?
Just don't ask. Take the position that the product is an in-house development, and is never distributed outside of 'in-house'. No outside distribution, no GPL problem.
About the only thing I can think of that might propose a problem would be if the government produced standard programs for third parties. Like standardized tax preperation programs in lieu of distributing paper forms.
But as that would make sense, I don't think we have to worry much about a government doing it.
Joking aside, if the government doesn't go into the business of distributing software outside itself, this issue is a no-starter.
-- 3 events that reshaped the world in the 20th century: WW1, WW2, and WWW
FTFA "These include an increased risk of exposure to faults"
Thank goodness my employer has always insisted on proprietory Microsoft software, right from Windows v3.1. It has never had any faults. Nearly never. Only occasionally in fact; sometimes several hours could pass between "Unrecoverable Application Errors" or BSOD's.
Even those faults don't really matter when, as we all know, Microsoft insists on paying us for every penny of the value of the hours (professional engineer's rate) we waste rebooting, fault finding, struggling with Word formatting, and trying to open old data files with later versions of their own apps.
Where could we find such dependability in the Open Source world?
Let me guess... (peers into crystal ball)... Oh yeah, that law firm represented Microsoft in New Zealand. They even cite Intellectual Property as one of their area of expertise.
Case closed. Move along, folks, nothing to see here.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
That six chapters of nonsense is not worth reading. It's full of the same "get the facts" nonsense you've seen 100 times since Microsoft decided free software was the only remaining threat to market domination. You could read the original licenses or talk to a real lawyer in less time than it takes to read M$ BS. I can only hope the people of New Zealand did not pay for it.
Friends don't help friends install M$ junk.
Regardless of risks of actual litigation and those idiotic software patents (doesn't even apply in NZ), the likelihood that there is copyrighted code in a proprietary application is higher than in an open source one.
Copyrighted code in a closed source app will be far less conspicuous than in an open source app, and therefore the programmer is more likely to think "well, no one will notice, anyway." In open source apps, the risk of being caught is so much higher, and therefore it's more likely to be free of copyrighted code.
> While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software.
[F]OSS operates under the same laws as commercial software, and with the possible rare exception gives you more usage rights than commercial software. There shouldn't be any legal problem per se.
However, there is the social problem of people thinking that free(beer) means they can do whatever they want with it, which often isn't the case.
Teach your employees to use [F]OSS just like they would commercial software that they had a license to view, and you won't get in trouble. If your employees want to make use of the additional options made possible by a [F]OSS license, make them get a permit from someone in the company who understands the issues.
(In principle that would be the lawyers, but lawyers have a habit of saying 'no' as a knee-jerk response.)
Sheesh, evil *and* a jerk. -- Jade
Replying to myself, but the content really isn't as great as I thought it would be from the executive summary section.
For example, they assert that the output of GPL programs will be covered by the GPL - a point of view expressedly disavowed by most legal experts and by the authors of the GPL itself! I quote:
The GPL expressly provides that software compiled with the GNU Compiler Collection (GCC) is not infected by the GPL. Presumably the Free Software Foundation considers other GPL compilers will infect the compiled software.
Which is utter BS. The FSF's opinion on the matter is clearly stated here: that not only is program output not covered by the GPL, but that it would probably impossible to arrange for it to be even if you wanted it to be.
Then on the subject of writing GUIs, network clients, and the like, which interact with GPL'd programs without actually deriving any code from them or linking directly to the GPL'd code, the authors of this report say:
It has been argued that if these programs are written with specific open source software in mind, they will be infected by the relevant open source licence . . . The legal position is unsettled.
It "has been argued" by whom, we wonder? No answer is forthcoming. This is classic weaselling. Again, the FSF explicitly state here that the intent of the license is that if two programs are separate executables, the license of the one does not affect the other. So if even the very creators of the GPL do not argue that such programs are "infected", where IS this alleged controversy coming from?
Seriously, either New Zealand law is very different from US law and the GPL has a very different meaning in New Zealand, or this is FUD, or it's merely poorly researched. But my opinion of this report is falling fast the more of it I read.
What is wrong with you nerds? You make my head spin with all this technobable! An open source is a useful fool, not software - whatever that is. I'll get you yet for making me look stupid and incompetent about things I know nothing about! I know the LAW, so there! You can't just let people be free, let alone give them stuff at no cost, see 1 of British Trading Standard if you don't believe me.
It's a legitimate concern. At many companies where I've worked, they do use open source and free software, but they are careful when it comes to the license as they don't want to inadvertantly make all of thier work go under the GPL if it's distributed.
All the document is saying is to evaluate each piece of software by it's merits on an individual basis. Further, it says that there is "no reason why open source should not be considered on the same basis as commercial software" but that there could be some licensing concerns.
All in all, it's a sound and reasonable policy.
GJC
Gregory Casamento
## Chief Maintainer for GNUstep
> It was prepared by the State Services Commission
Actually from TFA: "this guide was prepared for the State Services Commission (SSC) by Chapmann Tripp" (my emphasis).
it brings with it a number of legal risks not posed by proprietary or commercial software.
Oh really the advice-writer... has obviously never read some of the EULA associated with proprietary software (including dev kits), have they? Shit... a few years ago Hotmail (after being bought by Microsoft) even tried to claim ownership of anything sent via their shitty webmail service.
Legal risks indeed. The legal risk of FOSS is much lower than any proprietary software. The only legal traps in FOSS are those from companies like Trolltech and MySql, who do deliberately have nasty little GPL gotchas in their libraries... but even so, it's minor compared to the howlers in propreitary software.
That, however, isn't a GPL infection. It is an infection brought on by the copyright laws. Linking in this way creates a derivative work. If you want that infection excised, you'll have to talk to congress/the berne treaty commission to ask them to modify it.
Great, read the fine license, that's a fine idea. Read every one of the hundreds of pages behind every "I agree" or "I submit" buttons. Read every page of every SDK use license you use. Read the back of every bill you pay to a non free software company, it's likely to change every month. I hate doing that, so I no longer use non free software.
I've read the GPL and the FSF license summary pages. It took about an hour, once. Apt-get has never sent me an "I agree" button, so I've never had to read any of those. It's really easy because they say what they mean then mean what they say. The license stays the same for a decade.
Friends don't help friends install M$ junk.
Of course it turns out that the patents are no good but if they had been would this lawfirm claim that buying closed source products is a huge risk since you never know if some patent abuser doesn't decide to shut you down?
Lawyers are like nukes. If the other guy has them you got to have them as well but on the whole the world would be a better place without them.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
Then again:
c e-legal/chapter1.html
c e-legal/ )
"This guide was prepared by the State Services Commission (SSC)"
http://www.e.govt.nz/policy/open-source/open-sour
(The previous quote came from http://www.e.govt.nz/policy/open-source/open-sour
Alert: Companies must ensure they do not use the evil open source software.
The use of this software will clearly open you up to legal attacks, hence the word 'open' in it's name.
Instead, We advise that companies use commercial and non-open technology including:
1. Blackberry
2. Microsoft Products
3. Mp3 and MPEG
4. JPEG and GIF
By using these products, you ensure that you will never be stuck in the middle of a patent dispute, and that your product will not be recalled, modified, or discontinued.
Big ones, small ones, some as big as yer 'ead!
Give 'em a twist, a flick o' the wrist...
Comments about the pejorative connotation of "infectious" as used in this article should be read in light of why the authors say they use that word. They reference this paper as justification for their terminology. Seems reasonable to me; that document is informative and useful, as is the one from down under.
As others have already said, this is boilerplate advice in the software development world. I work at a large tech company and our legal department maintains a list of FOSS licenses which we can use, and for anything else you have to submit a request for approval.
... yeah, not so good :). We're supposed to clear all shareware/etc with them as well, but plenty of people don't.
It's a pain in the ass, but it makes sense. We're trained to ignore EULAs and licenses by years of just clicking "ok" but when it boils down to it, a company can lose substantial IP by the actions of a single developer who does that.
The funny part is we still have problems; they're just ignored. If a developer does some work using a nifty shareware text editor he's downloaded, and the license says something like "free for non-commercial use, costs one billion dollars for commercial use"
Not representing or approved by my company or anybody else.
Ok, grandpa will bite; What are they? Or is this some kind of smoke your trying to blow up my, (where the sun don't shine body part).
Actually from TFA: "this guide was prepared for the State Services Commission (SSC) by Chapmann Tripp" (my emphasis).
And if you browse Chapman-Tripp's website you'll notice a prominent client:
Advising Microsoft Corporation on a number of e-commerce initiatives.
I don't notice any open-source companies in their list of clients, what makes this firm an expert in open source?
Enigma
can someone explain why it would be infectious? I thought that if you *modify* the OSS, and distribute the binary, then you must also release the modified source. But if you just *build* on OSS - don't modify it but just incorporate it, like say a library - then the rest of the software remains proprietary. Is that not correct?
that puts stipulations on USE. Hell there is absolutely no EULA in most OSS. Because the license does not in any way matter to someone simply using the software...
However, read a real EULA in commercial software....
The phrase "more better" is acceptable English. suck it grammar Nazis
Wow, I didn't know that applying political pressure in order to make someone obey a contract was illegal! Does the RIAA know this?
You are reading a copy of my copyrighted post.
Lawyers lying through their teeth! Oooh the humanity! It never ceases to amaze me when lawyers babble and spew BS about things that they have NO idea about. The only question I have is why do we keep listening to them?
"The GPL is not entirely clear on the degree or methods of separation necessary to prevent the GPL "
Umm... Yes it is the GPL is based on copyright, if you don't include anything copyrightable then you are separated from the GPLed code/application.
The GPL isn't an EULA in the classic sense it's just a bunch of copy restrictions.
thank God the internet isn't a human right.
It's truly overstating the risks.
Why, I once spent a wild weekend with a couple of computers, installed everything in sight. Played the games. Ran the compilers.
Oh, how we cavorted, without a care in the world.
Turns out that one of those "open source" programs had a past, and gave me one of those "infectious viruses."
Oh, the horror. Splotches on my skin, and had to stay out of the sun.
Should I have been more careful? Sure; practicing safe computing would have prevented the problem entirely.
However, uncomfortable as it made me, a couple of shots of antibiotics made me good as new.
So be careful out there, but its not the end of the world if something goes wrong . . .
hawk
Have the read the EULA associated with Windows use? I certainly hope they have, because the terms are pretty outrageous, and potentially dangerous for anyone (corporation, person, government agency, etc).
Here's a systematic comparison of the two.
Here's a summary:
Some features about software covered by the EULA:
* copying was prohibited
* could be used only on one computer with a maximum of 2 processors
* cannot be used as a webserver or fileserver
* required registration after 30 days
* could stop working if hardware changes were made
* updates could change the EULA if the company so wished
* could be transferred to another user only once
* the new user must agree to the licence terms (no specification how this could be achieved)
* imposes limitations on reverse engineering
* gives Microsoft rights to collect information about the system and the its use
* gives Microsoft the right to supply this information to other organisations
* gives Microsoft the right to make changes to the computer without having to ask.
* warranty for the first 90 days
* fixes, updates or patches carry no warranty
Some features found in the GPL:
* freedom to copy, modify and redistribute the software
* precludes one party from preventing another from having these same freedoms
* provides coverage for rights of users to copy, modify and redistribute the software
* no warranty as there is no fee
* can be sold if the user so decides and services for such software can be charged for
* any patents must be licensed for everyone's use or not licensed at all
* modified software must carry no licence fees
* source code must be provided
* if there is a change in license, the general terms of the existing one will be maintained.
How can referencing someone else's library, regardless of their license, encumber my source code?
If I write, "call function SuperSecretMicrosoftThing in library MsftWinXYZ" how could that prevent me from putting my code under whatever license I want? I'm not distributing MsftWinXYZ, I'm just referencing it.
'It looks to me that if I link to any library, my code is now a derivative.'
Your work is only a derived work if you include anything that can be copyrighted (interfaces cannot be copyrighted!), so a statically linked binary will include the copyrighted library so the work is derived, a dynamically linked binary contants no copyrightable part of the library it was linked against (innlines in the headers are copyrightable so watch out) and isn't a derived work.
From the GPL:
0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law : that is to say, a work containing the Program or a portion of it , either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you".
It has been argued that the GPL cannot prevent dynamic linking, e.g. I linked against ATI's opengl implementation and then used MESA when I ran the application since the GPL cannot infect ATI's opengl then how can it infect my application? or something to that effect...
For more info lookup Abstraction, Filtration, Comparison
thank God the internet isn't a human right.
Damn ... this shyte is the best they can come up with?
If you think imaginary property and real property are the same, when does your house become public domain?
Okay, so I'm just curious. Exactly how many people have been exposed to legal loss from violating an open source license? I'm sure somewhat at some point in time must have, but I vaguely remember seeing once somewhere that nobody had ever shelled out any money over a GPL violation (and the GPL is at least the most widely used license).
But you can infringe the copyrights on on commercial closed-source software just as well as open source software, and I'm willing to bet that BSA audits and fines create much more loss and hassle than open source software *ever* has.
Come on. Your business might get in trouble for having unlicensed copies of WinXP or Office floating around, but it's damned unlikely that it will get in trouble for violating the GPL internally (not that I think you should, just trying to inject some reality into the conversation) -- plus, the GPL is a *hell* of a lot more lenient that just about any closed-source license that I can think of. The average user has little interested in violating the GPL, but the average user can *easily* infringe on closed-source software and has incentive to do so.
Consider how many unlicensed shareware products get used on a typical Windows desktop, then consider how much illegal software is on a typical Linux desktop (probably not much).
I mean, warning about the risks of OSS, when the risks of closed source software are far greater, is just silly.
Any program relying on (nontrivial) preemptive multithreading will be buggy.
I offer an alternative perspective. I know this will be taken as flame bait, and that's unfortunate but... This is a news flash that people on these forums seem to ignore/miss every single day so pay attention: *you are in the minority*. 99% of the people who USE software don't WANT to fix it themselves! 99% of the people who use software CAN'T fix it themselves!!!
You know this, but somehow you DON'T know this: you are in the computer-user elite. You are way fucking smarter than they are!!! That's not a compliment, it's the truth.
Every day people can't and won't run an OS where you have to compile your own apps (yum doesn't get you everything, ya know), or recompile a kernel to get such-and-such support. Every day people do NOT automate their *whatever* with python and shell script. Every day people want to put CD ROMs in their drive and have friendly questions asked with pretty pictures, then all their software just works. They are willing to PAY for this, too, as the last 50 years of commercialized software businesses seems to fail to teach us.
PROGRAMMERS want to run Linux and OSS software. PROGRAMMERS!!!! Most companies and governments and grandmas want to run easy-to-use software and they don't care if someome else owns the source code. They also don't care that Mazda owns the design specs to their car. I have the blueprints to my house but I write software for a living, I am incapable of adding a deck or extending a room: I will never need the blueprints to my house.
The point is, stop the preaching! OSS is all fine and good, FOR YOU! It's not the right choice for everybody.
I see the rampaging goat and his cronies have gotten an infestation in NZ as well anyone got a goat gun if so use it then parcel it up with an experienced user and send em to redmond for a bit more target practice..
The irony reaches unbearable levels when one reads, in its vision statement,
Open source eliminates those divisions. By definition, proprietary software creates and perpetuates them.
Perhaps a concerned New Zealand citizen should call them on the contradiction between the paid lies and propaganda and E-government's stated vision.
you had me at #!
The BSD removes the incentive to share. From corporations even more than individuals. A corp setting out some GPL code knows if a competitor wants a competitive advantage from their code, they will have to share those improvements and changes back to them. If they released the code BSD, anyone can take the IP and get advantage from it without giving anything back to the originator (apart from kudos, and where is that on the balance sheet?).
Infected? Nooo, if the distribution has been altered, md5sum will give a different hash back.
NAME
md5sum - compute and check MD5 message digest
SYNOPSIS
md5sum [OPTION] [FILE]...
md5sum [OPTION] --check [FILE]
(relax, it's a joke)
--- I am known for the ones who want to find me on the net. Is that a privacy risk or a privilege? One might wonder..
I suppose there COULD be a problem with patent infringement. But the same holds true for any product. For the moment, it looks like Blackberry has more trouble with patents than the entire OSS world combined. I am not a lawyer, but somehow I suspect most of the patent infringement action (if it ever happens) will be against the authors of software, not the customers. Given the distributed/international nature of OSS development, patent enforcement might be futile. In some ways, it would be like the IRS trying to get Osama bin Laden indicted for tax evasion -- lotsa luck. I'll admit it's an unpredictable situation, but the closed-source alternative is not an automatic solution.
Then we have copyright infringment. Take any organization with more than a handful of PCs, and you have a fulltime job of license management. The more closed-source applications you have, the more license terms you can be noncompliant with. Users download and install all kinds of things they shouldn't. I doubt there is a single corporation in America that could get through a BSA audit unscathed.
Now, time for simple evaulation of the risks. Total number of BSA audits and total "fines" assessed for copyright infringement vs. total number of software patent lawsuits against OSS end users and damages paid to settle those cases. Both closed source and open source have been around for quite a while, so there should be plenty of real data to give the hypesters a day off. Based on ACTUAL PAYOUTS, which is the bigger risk? You decide.
Linux!!!!
/ /www.e.govt.nz
http://toolbar.netcraft.com/site_report?url=http:
However, the report itself is emblazoned with the SSC logo and, from all appearances, was published by the SSC. Whether in-house counsel or a third party wrote it is immaterial in terms of how credible it will seem.
The Busy Coder's Guide to Android Development
The feedback form brings up a page that looks very much like is was generated by plone... a quick check of the source for the page, and yep... plone powered.
While the use of open source software can save you money, you really should consider spending that money on something useful, like getting lawyers to invent some legal risks they can advise you on.
Remember IBM is not being sued by SCO for illegally using OSS. IBM is being sued by SCO for illegally using proprietary code. (whether they did that or not)
SCO has shown beyond a shadow of a doubt that starting with proprietary code can be viral and prevent you from having full control of your own "property" in the future. Once that proprietary code touches your, you are no longer the full owner of your software.
Dear Mr. Carruthers:
Your firm's recent dissemination of information with regards to Open Source legal issues needs some serious revision.
To get a sense of what the IT community is saying, please read the comments that ensue from the article: Slashdot Article
Using an inflammatory term like 'infectious' to describe open source software will only serve to alienate the millions of contributors who give portions of their lives to developping alternatives to commercial software.
We all use both proprietary and open source software in our day-to-day lives. Your position paper only serves to make the NZ government look foolish for hiring your firm.
*** Don't be dull.***
One of the most prominent cases where there is a threat to ongoing software availability in recent years is the NTP vs RIM patent suit. SCO vs The World may have had more publicity back in the day, but there was never a serious legal threat, whereas with NTP and RIM, an injunction blocking the use of RIM software was sought and hearings were held.
Is RIM's software Open Source? No. So is this letter from these lawyers pure bullshit? Yes.
... still have a section forbiding the use of the compilers to create a product that competes with a Microsoft product?
According to this link, Chapman Tripp Sheffield Young represents Microsoft in New Zealand. Can you say "conflict of interest"?
To say that patents are the only legal issues with using open source software shows you are either lying or ignorant.
Just one example of a non-patent issue is reverse-engineering. GPL and LGPL require works to allow reverse-engineering. With LGPL, your own terms (EULA), is *required* to allow reverse-engineering even if you dynamically link to an unmodified LGPL library!
Reverse-engineering is a separate issue from patents because it deals with trade secrets--the exact opposite strategy used by patents.
Patents generally negate the need for reverse-engineering because patent applications *must* provide sufficient disclosure to enable others to build the patented invention in order for that patent to be issued. In exchange for giving the public a *full and enabling disclosure* the inventor is rewarded with a temporary monopoly--this discourages trade secrets and the need for reverse-engineering.
I had to investigate Artistic, BSD, GPL, LGPL, MIT and derived licenses that provide for certain exclusions to these. More than one project had to be rewritten at substantial cost because of non-patent issues caused by linking to certain open source libraries--and it could've been avoided if developers
actually took the time to read & understand the licenses of libraries they use instead of relying on idiots like you spewing misinformation online.
For more info about GPL and LGPL, read them yourself and then directly contact the GPL/LGPL compliance people at FSF with your questions. I did, and the answers I got about LGPL proved that most people have no clue whatsoever regarding their obgligations when linking to LGPL libraries.
Way to go with the selective quoting. Bravo.
You deleted the very next paragraph which describes the licenses rules for this "not precisely defined by law" statement:
If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.)
And you deleted the very next paragraph, which says that all this is only describing things where the LGPL is totally irrelevant because it is not a copyright violation. Otherwise the LGPL is explicitly granting you rights to violate the copyright:
Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself.
You also deleted all of "section 6" which describes how you can distribute without source code.
Now personally I think this section has some nasty problems in that RMS claims the end user should be able to change the library and relink, which is seriously out of touch with how modern software works, it would only be possible by distributing (perhaps obfuscated) source code to your program, making the difference between the LGPL and GPL nearly meaningless. I add an exception to my LGPL code to explicitly state that static linking, or any other use of the code that does not modify the code itself, it allowed. Adding such an exception is very common and I wish there was an official version of this, or the LGPL was fixed in this way.
I read the full report. Damn near every single section in the report would have been equal or "worse" had it been written about non-opensource software. Non-opensource copyright is at a minium equally "infectious", and generally vastly more "infectious". Any government agency should be critically aware of the severe legal risks of modifying or redistributing non-opensource software. Any government agency should be critically aware of the severe legal risks of using non-opensource software which generaly have extensive and complex licenses with a limitess variability of arbitrary contract terms. Any government agency should be critically aware non-opensource software generally has an army of lawyers on retainer to legally prosecute any perceived infringment or terms violation.
Had this exact same sort of report been written about non-opensource it would have to horrifyingly portray the vastly greater legal risks, pitfalls, and liabilites of such software. A fair legal assessment would be that any government should avoid touching any externally generated non-opensource software, except in extrodinarily narrow circumstances.
Virtually the only circumstance where you would need to take the heavy legal risk of using non-opensource software is when you want to externally redistribute that outside code while imposing a legal stricture on the receiver not to further redistribute it. It can only after obtaining carefully crafted licensing terms from the rightsholder of that non-opensource software, and should only be attempted under the strict advice of a lawyer reviewing such terms. And even after getting that expert legal review of contractual terms for such a project, it still remains a minefield of potential legal problems.
Sure my comments about using non-opensource are deathly overdramatic. However it is all an entirely fair comparison to this New Zealand report. Non-opensource legal issues really are far more hazardous than non-opensource issues. The report is misleading at best and blatantly fraudulent at worst, laying out the "dangers" of opensource while silently implying that non-opensource is safer.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
No your company is a bunch of idiots who have bought the FUD from Microsoft.
they don't want to inadvertantly make all of thier work go under the GPL if it's distributed
This is WRONG. It DOES NOT HAPPEN, it is a lie from Microsoft and one of the biggest and hardest to eradicate.
If you distribute without obeying the GPL, you are VIOLATING COPYRIGHT. You are then required to cease distribution, and you may be liable for monetary damages. You are NOT "forced to give away your source code". In fact even if you put every piece of source code you have in the public domain, it does not mean you did not violate copyright, so you are still liable. So not only are you not forced to give away the code, doing so does not get you out of anything, so this lie is doubly untrue!
Think hard. If the NY Tiimes was accused of plagarism, would this cause all their articles to now be the property of the person who wrote the one copied article?
There were a few areas I took exception to, for example the idea that the risk was high for internal line of business tools but low for public distribution.
But the basic point of the article was to manage the development of open source software with a team that included lawyers for license review. Which should happen for all development, IMO.
LedgerSMB: Open source Accounting/ERP
The New Zealand Open Source Society's website says that Chapman Tripp represents Microsoft in New Zealand.
just pull the plug
This piece tells you that if you don't read the license agreement, you might get stung. For example, if you pull code from a GPLed program, you may have to state that on your product.
If the author were not a lying weasel, he would admit that proprietary software has the same problems. For example, did you know that on many Microsoft license agreements, they used to put that you could not use that software to compete with Microsoft? Unilt the anti-trust litigation started, you could not use MS Windows to test a competitor to MS office.
Andy Out!
Reading the article I am struck by the fact that in tables it repeatedly shows that the BSD-derived licenses are not infectious, but never references this in any discussions of the problems or the solutions. Given that government agencies may wish to share software developed with other agencies, concern for the infectious provisions of GPL are a valid concern. A law enforcement agency may be willing to share its added code with other law enforcement agencies, but not with the general public. Since a different state's law enforcement agency is not the same entity this is a valid concern. But doing customization from a proprietary base is not going to be any more accomodating.
The article is crap, pure and utter FUD. It was prepared by a New Zealand corporate law firm, Chapman Tripp. Anyone want to take a bet that they have business ties to Microsoft and whatever big proprietary software firms are currently feeding of the government trough in New Zealand?
The bottom line reality is that for virtually any government agency, using GPL'd software would be a far better choice than proprietary--the agency has FULL RIGHTS to USE the GPL'd software however they choose, to modify it to meet their needs, and to benefit from improvements others make, all at no cost to the taxpayer. Using proprietary, closed-source licences is the real risk, turning over essential government operations and data to the whims of a private company, suffering from inevitable vendor-lock-in and intentionally incompatibility, and paying for the privilage.
The so-called "infectiousness" (a clever linquistic escalation; I guess "viral" wasn't testing negatively enough in the focus groups) is a non-issue; how many government agencys are DISTRIBUTING software at all as opposed to USING it? To those few that might be distributing software, how many are distributing PROPRIETARY software? If any are, they shouldn't be.
The GPLs share-and-share-alike requirements which this article tries to depict as frightening and "infectious" only come into effect when you are DISTRIBUTING software, not USING it. The only people who need to worry about that are crooks who want to sell Free Software (written by other people) as their own, without sharing the the source as they agreed to.
The truth is, the real risk for governments, legally and economically, is the unwarranted use of proprietary, closed souce software, often entailing bizare or extreme restrictions in USE (forget about distribution, no sharing allowed), foisted on agencys by clever salespeople backed up by lobbiests with thick wallets. Open source is the safer type of licence for governments and should be the preferred choice.
This study was done for a tax collecting government. The product of government programmers should all be open source. It is produced with tax money after all! They, most of all, should want to use infectious licensing. I am at a loss trying to figure out what software they would need to protect.
because I have an open source infection!
Can I take antibiotics to clear it up?
Who wouldda thunk freedom was infectious?
Chapman Tripp's website says they work for Microsoft. Here's a quote from their track record:
Acting for Microsoft on a range of issues and transactions including the computers in schools project with the Ministry of Education.
and describing it in terms of "software that has been infected by an open source license", as though the software was just minding its own business when a nasty license crept up and attacked it
Yeah, sort of like some REAL viruses are? "Yes Doctor, there I was minding more own business, when this nasty HIV virus crept up and attacked me! I wasn't doing anything!"
A Government Is a Body of People, Usually Notably Ungoverned
Thank you!
I wish people would realise that share-alike open source licences are 'infectious' or 'viral' in exactly the same way that all copyright licences are.
If I merge GPL/CC-BY-SA licenced material into my work, the derivative work is not entirely under my control any more. I can still use and propagate the derivative work, but the original licence 'infects' my code with its terms.
But if I merge a standard copyright file into my work, suddenly - depending on the exact licence terms - I may have no rights to do *anything* with the derivative work at all, and instantly become a criminal. Or I may be restricted in all sorts of weird ways - perhaps I am not allowed to write a competing product, perhaps I have to pay royalties. Perhaps the original contract I signed will be purchased by a whole chain of corporate entities who have different views as to what my obligations are, and will come back to me in ten years time looking for half of my profits.
See the SCO lawsuit for how this works.
In any case, as soon as I merge any copyrighted material into a derivative work, my work is 'infected' by the original's licencing terms. This is the nature of copyright.
You are not a brain: http://books.google.com/books?id=2oV61CeDx-YC
I think it's a real shame that whoever wrote their guidelines was more interested in spreading FUD than in giving unbiased information. But it's pretty clear to me that that person is a minority.
Dear Mr. Carruthers:
With all due respect, your firm's recent dissemination of information with regards to Open Source legal issues needs some serious revision.
While some of your firm's assessment in terms of risks of using Open Source software can be considered a fact of life, they are in no way particular to this type of software. In fact, most commerical, non-open source software carry similar risks and legal disclaimers, and I would argue that most users of such software are ignorant of the risks that are implied.
Further, using an inflammatory term like 'infectious' to describe open source software will only serve to alienate the millions of contributors who give portions of their lives to developping alternatives to commercial software. Also the report gives a wrong impression when it talks of software licenses "infecting" other software components used at a government agency, for most OSS licenses' distribution terms (including GNU.org's GPL) do not apply for agency-internally used software.
To get a sense of what the IT community is saying, please read the comments that ensue from the article: Slashdot Article [slashdot.org]
According to http://www.chapmantripp.co.nz/track_record/track_r ecord.asp?id=112, Chapman Tripp's roles include:
"Advising Microsoft Corporation on digital copyright, parallel
importation and copyright enforcement issues, including submissions to
the Ministry of Economic Development and the select committee."
"Acting as general counsel for Microsoft Corporation on its anti-piracy
campaign in New Zealand, including conducting copyright infringement
litigation generally."
Of course he won't have any bias towards OSS.
"Nine times out of ten, starting a fire is not the best way to solve the problem." - my wife
This same comment was sent to the New Zealand paper that published that article:
The only hazard to using open source software is that your bank account will start to grow larger. You won't be forced to spend large amounts of money for nonsense like 'licenses' and 'usage charges' and 're-activation charges', ad nauseum. Once you buy it at less than a tenth the cost of secret software, you never have to buy it again, and updates are free, and you CAN go back to the old open source version if you do not like the new one. Try that with a 'windows' secret software version. Secret software can also cheat you and not even ask. I have a copy of 'Ancestry Family History version 8 that my wife uses for genealogy. It was published by Broderbund, since purchased by a large television cable monopoly and movie and media monopoly. My ad-ware scanner found that this program has been stealing my wife's hard earned research for years. Up front it would ask for her to 'donate' her research; behind her back it would steal it. She liked to use windows. Now she is moving to linux to preserve what little or HER intellectual property she has left. When enough people find out as we have that closed or secret software hides a multitude of sins, none of them beneficial, the dirty secret of secret closed software will no longer be able to be kept secret and the truth will be out for all to see.
If that isn't FUD-for-food, I don't know what is. Furthermore, the document itself does not stand up to scrutiny. It's the usual diet of carefully phrased lies and bogus insinuations. As zcat on Groklaw pointed out, you can't even get past the introduction without finding several unsupportable insinuations:
you had me at #!
I think this a slight misinterpretation of the GPL. All the 1st agency needs to do is release the code to the recipient of the software, under the terms of the GPL. If the recipient has no interest in distribution then the code stops there.
-- Free software on every PC on every desk
This may be redundant but just in case...
Here's the Groklaw article.
IIRC they cannot be printed and only are visible for a few fleeting seconds during the beginning of the install process. I've tried to get MS enthusiasts in IT departments to cough up a license, but all they can get out of MS HQ (their real bosses) are reams and reams of happy horse shit about the licenses, never any actual license.
I am curious as to how you actually did it, assuming your shop hasn't actually long since moved beyond MS.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
As PJ from Groklaw says:
Interesting, no? Or should we blindly accept any old document from any old law firm who work for the opposition?insecurity asks the wrong question irritation gives the wrong answer
Having had a look through this site; here is a good link: http://www.e.govt.nz/policy/open-source/open-sourc e-200303/chapter1.html which goes into explaining OpenSource.
People look at the original legal text, and they're assuming that you already know all the ups and downs of closed source software, and their legal ramafications, so hence, if we look at it from our perspective it sounds like an OpenSource bash, when in reality, its on the side of caution; its more, "before you use opensource, look at all the facts that make up the arguments for and against".
It IS FUD... Chapman Tripp works for fricken Microsoft! He's an MS employee.
Check out what wikipedia has to say about FUD http://en.wikipedia.org/wiki/FUD#Non-computer_uses
Groklaw later posted a story on it, btw, pointing out the conflict of interest. Or at least, paid propaganda masquerading as a guide in the public interest. Disgusting really.
you had me at #!