Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Infectious' Open Source Software?

Posted by ryuzaki0 on from the spreading-the-infection dept.

Gavo writes "Law firm Chapmann Tripp advises New Zealand State Services Commission that the New Zealand Government should be wary of using 'infectious' open source software. They claim 'While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software.'"

7 of 270 comments (clear)

  1. Of course .... by tinkerghost · · Score: 3, Interesting

    There's more risk of OSS being called on IP violations. YOU CAN SEE THE CODE!!!!!!!!
    MS has been sued how many times now for IP violations? - and that's with people having to either "steal" the code or sue to see it.
    Unfortunately, I do see more IP challenges to OSS in the future. On the up side I also see those challenges being handled by the OSS community with rapid patches to remove the problem - unless it's something like BT sueing over links.

  2. Nothing but the usual FUD by KiloByte · · Score: 2, Interesting

    an increased risk of exposure to faults
    More public review, code that tends to be of higher quality, and the ability to fix problems yourself

    intellectual property claims
    And since when proprietary software was free from litigation?

    the risk of forced disclosure of confidential code
    "confidential code" -- whose? If yours, you wouldn't even be able to put it there otherwise. And someone has to reread the GPL again -- no one says the gov agency in question has to distribute any source of things they use internally. If the agency in question releases some software itself -- that "confidential code" will be disclosed anyway, just in a form that is harder to read. Back in the days, I learned how to program a particular SVGA chipset by debugging through BIOS code, and my asm skills are low -- are you going to tell me that if the "confidential code" has any real value, no one will get to it anyway?

    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  3. Communication about OS licencing needs improvement by zaphod31 · · Score: 2, Interesting

    It seems that after recent press coverage, that legal staff around the world are trying to cover business risks. Obviously the marketing machines of the software industry are zooming in on some of the mistakes bussiness have made when using f.i. GPL software.

    --
    At the edge of a cliff, a step forward is not always progress.
  4. Even more fun when you compare to proprietary by Anonymous Coward · · Score: 2, Interesting
    Otherwise, most FOSS software licenses don't kick in unless you redistribute the software.


    And it gets even more fun when you compare the F/OSS licenses with the common proprietary ones. When our company decided Legal needed to review any F/OSS license used here, I got them to agree to do the same level of review on the proprietary licenses. Not surprisingly, there were *way* more proprietary licenses (the original concern was too many licenses), and the proprietary ones had way more questionable terms that raised the eyebrows of legal.


    I'm amused that license terms is the new argument of the proprietary industry - because I *really* think they don't want their customers sending their license terms through legal.


    For example, it's not uncommon for proprietary licenses to have terms that effectively say ("we have the right to take over your computer and/or install random crap on it" - from anti-virus-company patches to Skype supernodes). Compared to clauses like that, the GPL's a plesant dream to our legal dept.

  5. Odd use of language but quite sensible by Anonymous Coward · · Score: 1, Interesting

    I've given it a quick read through and it's actually a pretty sensible document in most places, with some useful advice. You need to bear in mind that the target audience is other NZ government agencies, so the information presented is specifically written with them in mind. I'll argue that the choice of language could be considered negative or inflamitory, but the actual content of the document is decent enough. For example the table in section 9 and the text in sections 15-17 put the legal requirements for various licences in pretty clear terms. They even define terms such as "library" and "device driver" and how the licences relate to those types of components.

    However, section 25 is pretty stupid:

    "25 There is a risk that open source software contains functional defects, or breaches a third party's intellectual property rights (e.g. where it contains code misappropriated from proprietary software or functionality in breach of a patent). The absence of warranties and indemnities in most open source licences means the licensee bears this risk. This can be contrasted with the protection usually available under commercial software licences."

    I'm not sure what EULAs they've read, but commercial software agreements generally contain similiar indemnification. So whats all this about "protection usually available under commercial software licences."?

    If it wern't for that nonsense, it'd be a good document.

  6. Good Point by 4of12 · · Score: 2, Interesting

    Legal risks with using software are a real issue in our world.

    That's why it would be in the best interests of all computer users and IT decision makers to explore the issue fully, to look closely at what kinds of risks exist, what kinds of risks tend to occur most often in the real world and what their consequences are.

    My experience has been that folks using proprietary software are frequently in the position of bending over backwards (particularly in a large corporate or government environment) to make sure that they have licenses for every piece of software that their employees are running on the their PCs. The IT folks spend some serious time auditing to avoid the even larger risk of a BSA audit.

    As for legal risks associated with open source software I have yet to encounter any. All I've seen are press reports of legal actions that show no outcome but to prove they were based on frivolous premises and some PR statements talking about legal indemnification which are excellent marketing strategies for certain vendors of proprietary software keenly afraid of their revenue stream becoming commoditised by free and open source software. About the only genuine risk I've seen with FOSS is for developers that disobey the "Share and share alike" GPL by releasing modified binaries without releasing modified source.

    Perhaps I'm missing a serious issue and these folks could show some evidence of real people and real companies that have experienced harm due to lack of vigilance concerning the legal risks of FOSS. And they could explain why my personal experience doesn't reflect reality of serious legal risks with hard statistics concerning how much time and money are lost to risk mitigation and handling legal mishaps with users of FOSS compared to users of proprietary software.

    --
    "Provided by the management for your protection."
  7. Actually, it's the other way round by eturro · · Score: 2, Interesting

    Regardless of risks of actual litigation and those idiotic software patents (doesn't even apply in NZ), the likelihood that there is copyrighted code in a proprietary application is higher than in an open source one.

    Copyrighted code in a closed source app will be far less conspicuous than in an open source app, and therefore the programmer is more likely to think "well, no one will notice, anyway." In open source apps, the risk of being caught is so much higher, and therefore it's more likely to be free of copyrighted code.