Slashdot Mirror
'Infectious' Open Source Software?
Gavo writes "Law firm Chapmann Tripp advises New Zealand State Services Commission that the New Zealand Government should be wary of using 'infectious' open source software. They claim 'While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software.'"
Lawyers are parasites, empowering them expose you to number of legal risks.
Much better.
I am the bastard of base minus 12! Turing was the ejaculate of my complete machine!
"We've noticed a substantial drop in the amount of EULA's being drafted, as well as an air of goodwill and cheer creeping into the normally sour and beligerent computer software industry, leading naturally to a decrease in important economy stimulating litigation.
Time to break out the FUD cakes!"
May the Maths Be with you!
There's more risk of OSS being called on IP violations. YOU CAN SEE THE CODE!!!!!!!!
MS has been sued how many times now for IP violations? - and that's with people having to either "steal" the code or sue to see it.
Unfortunately, I do see more IP challenges to OSS in the future. On the up side I also see those challenges being handled by the OSS community with rapid patches to remove the problem - unless it's something like BT sueing over links.
It's all true!! I set up one little Linux box, and the next morning my phone, toaster, and kitchen sink were all being freely updated and improved by thousands of collaborators all over the world! Insidious stuff, that open-source.
Slashdot Burying Stories About Slashdot Media Owned
The entire slant of the document is incorrect. There are certainly concerns with the open source licenses, especially for someone unfamiliar with them who is used to using proprietary software, tweaking it, and reselling without every publishing the modifications to their clients or to the authors.
But the use of closed source and proprietary software has a generally greater risk due to risk of copyright violation and patent violation and user agreement violation. Simply reverse-engineering a proprietary protocol in order to get your work done or to fix a serious issue in closed source software can cause serious legal problems which are often far greater, even though they are more familiar. And the closed source tools are far more likely to contain backdoors or to have vital features discarded in new revisions, forcing a painful and expensive upgrade process for both software and its configurations to the new setups, or to simply be discarded and the data or tools permanently lost to users.
The shutdown of companies or their abandonment of products is a real problem in the closed source world.
an increased risk of exposure to faults
More public review, code that tends to be of higher quality, and the ability to fix problems yourself
intellectual property claims
And since when proprietary software was free from litigation?
the risk of forced disclosure of confidential code
"confidential code" -- whose? If yours, you wouldn't even be able to put it there otherwise. And someone has to reread the GPL again -- no one says the gov agency in question has to distribute any source of things they use internally. If the agency in question releases some software itself -- that "confidential code" will be disclosed anyway, just in a form that is harder to read. Back in the days, I learned how to program a particular SVGA chipset by debugging through BIOS code, and my asm skills are low -- are you going to tell me that if the "confidential code" has any real value, no one will get to it anyway?
The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
It's not FUD, it is simply "OSS for the uninitiated - be warned that if you're developing software, you might want to actually read the license of anything else you or your contractors plan to use rather than just ignoring it like you usually do". The general tone is "You can use OSS, but be careful".
It's not terribly well written, mainly because it seems to add a load of guff to licenses which are by and large pretty easy to read. And it uses some contentious terminology which is likely to cause concern. ("Infectious", anyone?)
Doubtless a whole boatload of slashbots who didn't RTFA will be a long in a moment to say "yeah but no but it's microsoft FUD ignore it don't give it publicity etc etc" - I'm not going to debate that one. I actually think it's more likely to be an attempt on the part of the law firm to drum up a bit of business. Something along the lines of "Now you've read this article, contact us for further advice!"
It seems that after recent press coverage, that legal staff around the world are trying to cover business risks. Obviously the marketing machines of the software industry are zooming in on some of the mistakes bussiness have made when using f.i. GPL software.
At the edge of a cliff, a step forward is not always progress.
And it gets even more fun when you compare the F/OSS licenses with the common proprietary ones. When our company decided Legal needed to review any F/OSS license used here, I got them to agree to do the same level of review on the proprietary licenses. Not surprisingly, there were *way* more proprietary licenses (the original concern was too many licenses), and the proprietary ones had way more questionable terms that raised the eyebrows of legal.
I'm amused that license terms is the new argument of the proprietary industry - because I *really* think they don't want their customers sending their license terms through legal.
For example, it's not uncommon for proprietary licenses to have terms that effectively say ("we have the right to take over your computer and/or install random crap on it" - from anti-virus-company patches to Skype supernodes). Compared to clauses like that, the GPL's a plesant dream to our legal dept.
Read the actual document, not just the summary. The actual document isn't that bad.
The stuff inside isn't that big a secret to most folks. It mainly boils down to, "Using open source software under licenses we've reviewed is okay, but be careful if you're developing code using open source software that we don't want released to the masses, because under some licenses, we may be obligated to."
In fact, this document is probably a good thing, in spite of a somewhat badly written summary. Check out Chapter 2:
This only makes sense. I can't imagine anyone disagreeing, saying that you should use software with a license we're not familiar with, or to disregard the IP of open source authors.
Also, look just below it. It says that for software development that is for open distribution, it's okay to use open source software. For software that is for limited or closed distribution, don't. Is this new? Am I missing something? If anything, people who are interested in open source software can look at this document as permission to go forward, not as a hinderance!
I mean, I realize that the words "infectious" has negative connotations, but I just don't see this document in and of itself as a bad thing. And even though I'm a strong FOSS advocate, the stuff that's in there is stuff that I would recommend to any company, government or organization to consider in their decision whether to use closed- or open source software.
Ehh... sort of. You can still use open-source software: you can develop in emacs on GNU/Linux and write up all the documentation using LyX or OpenOffice or whatever. As long as your product is all your own work that's fine. It's when you start shipping, say... an Integrated Firewall Solution that happens to run on a modified Linux kernel that you might run into GPL issues.
That's the quarrel we generally have with this kind of article: it can confuse the issue between use of GPL software - which you can do freely, even if you don't accept the terms of the GPL itself - and redistribution of GPL software or derived works, which is just plain illegal under standard copyright law unless you do so under the terms of the GPL.
Real Daleks don't climb stairs - they level the building.
Legal risks with using software are a real issue in our world.
That's why it would be in the best interests of all computer users and IT decision makers to explore the issue fully, to look closely at what kinds of risks exist, what kinds of risks tend to occur most often in the real world and what their consequences are.
My experience has been that folks using proprietary software are frequently in the position of bending over backwards (particularly in a large corporate or government environment) to make sure that they have licenses for every piece of software that their employees are running on the their PCs. The IT folks spend some serious time auditing to avoid the even larger risk of a BSA audit.
As for legal risks associated with open source software I have yet to encounter any. All I've seen are press reports of legal actions that show no outcome but to prove they were based on frivolous premises and some PR statements talking about legal indemnification which are excellent marketing strategies for certain vendors of proprietary software keenly afraid of their revenue stream becoming commoditised by free and open source software. About the only genuine risk I've seen with FOSS is for developers that disobey the "Share and share alike" GPL by releasing modified binaries without releasing modified source.
Perhaps I'm missing a serious issue and these folks could show some evidence of real people and real companies that have experienced harm due to lack of vigilance concerning the legal risks of FOSS. And they could explain why my personal experience doesn't reflect reality of serious legal risks with hard statistics concerning how much time and money are lost to risk mitigation and handling legal mishaps with users of FOSS compared to users of proprietary software.
"Provided by the management for your protection."
Whereas, of course, you can legally use closed source a part of your own products all you want.
If corporations are people, aren't stockholders guilty of slavery?
Yes, if you paste OSS code into your software project, you will need to follow their license. As opposed to copying proprietary source code ... which will merely LAND YOU IN COURT for piracy, hacking &/or theft of trade secrets. See, isn't that a much better option?
Regardless of risks of actual litigation and those idiotic software patents (doesn't even apply in NZ), the likelihood that there is copyrighted code in a proprietary application is higher than in an open source one.
Copyrighted code in a closed source app will be far less conspicuous than in an open source app, and therefore the programmer is more likely to think "well, no one will notice, anyway." In open source apps, the risk of being caught is so much higher, and therefore it's more likely to be free of copyrighted code.