Javier Sancho jsancho@identi.ca

Aspirante a hacker, doy charlas sobre software libre, patentes de software o DRM. Lisp y C corren por mis venas.

  • GPL Violations Related to Combining ZFS and Linux

    Software Freedom Conservancy at 2016-02-25T16:51:14Z

    URL: https://sfconservancy.org/blog/2016/feb/25/zfs-and-linux/


    February 25, 2016 by Bradley M. Kuhn and Karen M. Sandler

    GPL Violations Related to Combining ZFS and Linux

    This post discusses an atypical GPL violation. Unlike most GPL violations Conservancy faces, in this case, a third-party entity holds a magic wand that can instantly resolve the situation. Oracle is the primary copyright holder of ZFS, and, despite nearly eight years (going back to the days of Sun's control of the code) of the anti-license-proliferation community's urging, Oracle continues to license their code under their own, GPL-incompatible license. While this violation has many facets, and Oracle did not themselves violate GPL in this specific case, they hold the keys to this particular kingdom and they forbid the Linux community to enter. While there are complexities that we must address, in this context, Oracle could make everyone's life easier by waving their magic relicensing wand. Nevertheless, until they do, since GPL-incompatible licenses are the root of all GPL violations, combinations of GPL'd code with Oracle's GPL-incompatible code yield GPL violations, such as the ongoing violation by Canonical, Ltd.

    The Basic Facts

    Sun released the Z File System (ZFS) code under the Common Development and Distribution License, version 1 (CDDLv1) as part of OpenSolaris. Sun was ultimately acquired by Oracle. Community members, mostly acting non-commercially, have improved ZFS and adapted it to function with Linux, but unfortunately, CDDLv1 is incompatible with GPLv2, so distribution of binaries is not permitted (see below for details). Many community members have been frustrated for years that Oracle didn't simply relicense the code under a GPLv2-compatible license.

    The situation escalated last week because Canonical, Ltd. announced their plans to commercially distribute, in Ubuntu 16.04, a binary distribution of ZFS as a Linux kernel module, which adapts ZFS natively for Linux. Conservancy contacted Canonical to inform them of their GPL violation, and Canonical encouraged us to speak publicly. We're glad to do so to clarify the differing views on this issue. As you'll read below, Conservancy disagrees with Canonical's decision, and Conservancy hopes to continue dialogue with Canonical regarding their violation. We do not give up on friendly resolution of a GPL violation easily and are glad Canonical seeks to transparently discuss both sides of this issue in public.

    Summary of our Conclusion

    We are sympathetic to Canonical's frustration in this desire to easily support more features for their users. However, as set out below, we have concluded that their distribution of zfs.ko violates the GPL. We have written this statement to answer, from the point of view of many key Linux copyright holders, the community questions that we've seen on this matter.

    Specifically, we provide our detailed analysis of the incompatibility between CDDLv1 and GPLv2 — and its potential impact on the trajectory of free software development — below. However, our conclusion is simple: Conservancy and the Linux copyright holders in the GPL Compliance Project for Linux Developers believe that distribution of ZFS binaries is a GPL violation and infringes Linux's copyright. We are also concerned that it may infringe Oracle's copyrights in ZFS. As such, we again ask Oracle to respect community norms against license proliferation and simply relicense its copyrights in ZFS under a GPLv2-compatible license.

    GPL Incompatibility

    The license of Linux, the GNU General Public License, version 2 (GPLv2), is conceptually known as a strong copyleft license. A strong copyleft license extends software freedom policies as far as copyright law allows. As such, GPLv2 requires that, when combinations and/or derivatives are made under copyright law with GPLv2'd works, the license of the resulting combination and/or derivative is also GPLv2.

    The Free Software Foundation (FSF) has long discussed the question of licenses incompatible with the GPL, pointing out that:

    In order to combine two programs (or substantial parts of them) into a larger work, you need to have permission to use both programs in this way. If the two programs' licenses permit this, they are compatible. If there is no way to satisfy both licenses at once, they are incompatible.

    License compatibility is not merely a question for Free Software licenses. We can analyze any two copyright licenses and consider whether they are compatible.

    In the proprietary software world, rarely are two licenses ever compatible. You can't, by default, license a copy of Oracle's database, and then make a combination with Apple's iOS. To do so, you would need to negotiate (and pay for) a special license from both Apple and Oracle to make that combination.

    Furthermore, with proprietary software, there is a practical problem somewhat unrelated to the legal permission: you must procure (again, likely for a rather expensive fee) a copy of the source code for Apple's and Oracle's proprietary software to have the practical ability to make the combination.

    Since the GPL, and all copyleft licenses, are fundamentally copyright licenses, the analysis is similar. However, GPL requires that all software distributions include complete corresponding source code to any binaries, so the practical problem never presents itself. Nevertheless, when you wish to combine GPL'd software with some other software and distribute the resulting combination, both the copyright holders of the GPL'd software and the copyright holders of the other software must provide a license that allows distribution of the combination.

    Most prefer to discuss the issue of combining truly proprietary, no-source-available copyrighted material with GPL'd software, as it creates the most stark practical contrast, and is the most offensive fact pattern. Proprietary software gives the users no freedom to even examine, let alone modify, rebuild, and reinstall the software. The proprietary license doesn't allow nor even give the practical ability to redistribute source code, and the GPL mandates source distribution when binary distribution occurs. The incompatibility is intuitively obvious. Few consider the fact that proprietary software licensing is just one (rather egregious) example of a GPL-incompatible license.

    In that context, we can imagine licenses that are GPL-incompatible, but do give some interesting permissions to users. An example is source-code-available systems that prohibit commercial distribution and forbid modification to the source code. The GPL has terms that permit modification and allow commercial distribution of GPL'd software, and as such, even though source code is available for non-commercial, non-modifiable software, the license is nonetheless GPL-incompatible.

    Finally, we can consider the most subtle class of GPL-incompatibility, in which we find ZFS's license, the Common Development and Distribution License, version 1 (CDDLv1). The CDDLv1 is considered both a Free Software and an Open Source license, and is a weak copyleft license. Nevertheless, neither CDDLv1 nor GPLv2 permits combination of copyrighted material under the other license.

    To understand this non-intuitive incompatibility, we can analyze in detail the requirements of both licenses. First, GPLv2 requires:

    [§2](b) You must cause any work that you distribute … that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole … under the terms of this License.…

    [§]3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also…

    a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above…

    [§]6. …You may not impose any further restrictions on the recipients' exercise of the rights granted herein.

    According to these provisions of GPLv2, if you create a binary work that incorporates components from the GPLv2'd program, you must provide the complete corresponding source for that entire work with the binary, and the terms of the GPLv2 apply to that source. If the sources as a whole cannot be outbound-licensed under GPLv2, you have no permission under copyright law to distribute the binary work, since GPLv2 didn't grant you that permission.

    GPLv2-compatible licenses do not contradict the requirements of GPLv2, which is what makes them compatible. For example, highly permissive licenses like the ISC license allow imposition of additional licensing requirements (even proprietary ones), and so combining ISC-licensed source and GPLv2'd source into a binary work is permitted; compliance with GPLv2 is possible when distributing binaries based on the combined sources.

    CDDLv1, however, contains various provisions that are incompatible with that outcome. Specifically, CDDLv1 requires (emphasis ours):

    [§]3.1 … Any Covered Software that You distribute or otherwise make available in Executable form must also be made available in Source Code form and that Source Code form must be distributed only under the terms of this License. …

    [§] 3.4 … You may not offer or impose any terms on any Covered Software in Source Code form that alters or restricts the applicable version of this License

    CDDLv1 is a weak copyleft license in that it allows you create a binary work with components under different terms (see CDDLv1§3.6). However, as seen in the text above, with regard to the specific copyrighted material already under CDDLv1, that material must remain only licensed under the terms of the CDDLv1. Furthermore, when redistributing the source code, you cannot alter the terms of the license on that copyrighted material.

    GPLv2, as shown above, requires that you alter those terms for the source code — namely, as a strong copyleft, the terms of GPLv2 apply to the entire complete corresponding source for any binary work. Furthermore, downstream users must have to permission make GPLv2'd modifications to that source. This creates a contradiction; you cannot simultaneously satisfy that obligation of GPLv2 and also avoid alter[ing] the terms of CDDLv1-licensed source. Thus, the licenses are incompatible, and redistributing a binary work incorporating CDDLv1'd and GPLv2'd copyrighted portions constitutes copyright infringement in both directions. (In addition to this big incompatibility, there are also other smaller incompatibilities throughout CDDLv1.)

    We believe Sun was aware when drafting CDDLv1 of the incompatibilities; in fact, our research into its history indicates the GPLv2-incompatibility was Sun's design choice. At the time, Sun's apparent goal was to draw developers away from GNU and Linux development into Solaris. Not only did Sun not want code from GNU and Linux in Solaris, more importantly, Sun did not want technological advantages from Solaris' kernel to appear in Linux.

    Much has changed in the seven and a half years since CDDLv1's publication and promulgation. OpenSolaris has been discontinued; CDDLv1 codebases never became an active area of Free Software development like GNU and Linux. Oracle could now easily indicate that combination of ZFS with Linux into binary works is permitted, (e.g., as the overwhelming majority copyright holder0, Oracle could make a decree like the one University of California did to fix a similar incompatibility). Until Oracle takes an action like that, it remains a license violation of both CDDLv1 and GPLv2 to distribute binary works that combine together and/or derive from both GPLv2 and CDDLv1 sources.

    What Constitutes a Combined/Derivative Work?

    Once license incompatibility is established, the remaining question is solely whether or not combining ZFS with Linux creates a combined and/or derivative work under copyright law (which then would, in turn, trigger the GPLv2 obligations on the ZFS code).

    Conservancy has helped put similar questions (still pending) before a Court, in Hellwig's VMware case that Conservancy currently funds. In fact, the same questions come up with all sorts of GPL-incompatible Linux modules and reuses of Linux code.

    Courts have not spoken specifically on this question; precedents that exist are not perfectly on-topic. Citing an opinion of a lawyer is often not helpful in this context, because lawyers advise clients, and argue zealously for their clients' views. When Courts are unclear on a matter, it generates disputes, and only Courts (or possibly new legislation) can ultimately resolve those disputes.

    Nevertheless, our lawyers have analyzed these situations with the assistance of our license compliance and software forensics staff for many years, and we have yet to encounter a Linux module that — when distributed in binary form — did not, in our view, yield combined work with Linux. The FSF, stewards of the GPL, have stated many times over the past decades that they believe there is no legal distinction between dynamic and static linking of a C program and we agree. Accordingly, the analysis is quite obvious to us1: if ZFS were statically linked with Linux and shipped as a single work, few would argue it was not a “work based on the Program” under GPLv2. And, if we believe there is no legal difference when we change that linking from static to dynamic, we conclude easily that binary distribution of ZFS plus Linux — even with ZFS in a .ko file — constitutes distribution of a combined work, which we name Linux+ZFS.

    Canonical has found some lawyers who disagree — a minority position, from our understanding of community norms. But Canonical's public position on the matter contributes to license uncertainty, and opponents of Free Software may use this as an opportunity to marginalize copyleft enforcement generally. Canonical can resolve the situation by ceasing the infringing distribution, but Oracle can also unilaterally resolve this trivially with a simple relicense of ZFS to a GPL-compatible license.

    Thus, all parties currently stand at an impasse. Conservancy (as a Linux copyright holder ourselves), along with the members of our coalition in the GPL Compliance Project for Linux Developers, all agree that Canonical and others infringe Linux copyrights when they distribute zfs.ko. Canonical's lawyers disagree. Oracle refuses to relicense their ZFS copyrights under a GPL-compatible license.

    Ultimately, various Courts in the world will have to rule on the more general question of Linux combinations. Conservancy is committed to working towards achieving clarity on these questions in the long term. That work began in earnest last year with the VMware lawsuit, and our work in this area will continue indefinitely, as resources permit. We must do so, because, too often, companies are complacent about compliance. While we and other community-driven organizations have historically avoided lawsuits at any cost in the past, the absence of litigation on these questions caused many companies to treat the GPL as a weaker copyleft than it actually is.

    Why Conservancy Does Not Use Litigation Immediately

    As discussed in our principles, Conservancy, while willing to litigate, uses litigation only as a last resort. Compliance actions are primarily education and assistance processes to aid those who are not following the license. We completely exhaust every other diplomatic option for compliance before seeking resolution from the Courts.

    “Almost There” is More Painful Than Proprietary

    Conservancy and our GPL Compliance Project for Linux Developers are quite sympathetic to the feeling of “almost there” that exists with ZFS for Linux. CDDL is a Free Software license, but sadly a GPL-incompatible one. Like a partial fix for a problematic bug, a GPL-incompatible Free Software license feels like a solution that's “oh-so-close”. Everyone wants to try to tweak that incomplete solution into a full one. We hope this explanation helps bring clarity that the seemingly “almost there” of combining CDDL'd and GPL'd code is a mirage. The community must seek together a better solution.

    Oracle holds the better solution in their hands; like waving a magic wand, they can take any of a myriad of actions to communicate permission to relicense ZFS under GPL. Conservancy encourages Free Software enthusiasts and for-profit companies alike to lobby Oracle to relicense their ZFS copyrights. While this change by Oracle cannot resolve Canonical's violation, Oracle's relicensing would create a path for Canonical that might ultimately yield a compliant binary distribution of Linux+ZFS. As such, we've asked Canonical to commit to lobbying Oracle for this change.

    Is The Analysis Different With Source-Only Distribution?

    We cannot close discussion without considering one final unique aspect to this situation. CDDLv1 does allow for free redistribution of ZFS source code. We can also therefore consider the requirements when distributing Linux and ZFS in source code form only.

    Pure distribution of source with no binaries is undeniably different. When distributing source code and no binaries, requirements in those sections of GPLv2 and CDDLv1 that cover modification and/or binary (or “Executable”, as CDDLv1 calls it) distribution do not activate. Therefore, the analysis is simpler, and we find no specific clause in either license that prohibits source-only redistribution of Linux and ZFS, even on the same distribution media.

    Nevertheless, there may be arguments for contributory and/or indirect copyright infringement in many jurisdictions. We present no specific analysis ourselves on the efficacy of a contributory infringement claim regarding source-only distributions of ZFS and Linux. However, in our GPL litigation experience, we have noticed that judges are savvy at sniffing out attempts to circumvent legal requirements, and they are skeptical about attempts to exploit loopholes. Furthermore, we cannot predict Oracle's view — given its past willingness to enforce copyleft licenses, and Oracle's recent attempts to adjudicate the limits of copyright in Court. Downstream users should consider carefully before engaging in even source-only distribution.

    We note that Debian's decision to place source-only ZFS in a relegated area of their archive called contrib, is an innovative solution. Debian fortunately had a long-standing policy that contrib was specifically designed for source code that, while licensed under an acceptable license for Debian's Free Software Guidelines, also has a default use that can cause licensing problems for downstream Debian users. Therefore, Debian communicates clearly to their users that this code is problematic by keeping it out of their main archive. Furthermore, Debian does not distribute any binary form of zfs.ko.

    (Full disclosure: Conservancy has a services agreement with Debian in which Conservancy occasionally gives its opinions, in a non-legal capacity, to Debian on topics of Free Software licensing, and gave Debian advice on this matter under that agreement. Conservancy is not Debian's legal counsel.)

    Do Not Rely On This Document As Legal Advice

    You cannot and should not rely on this document as legal advice. Our lawyers, in conjunction with our GPL compliance and software forensics experts, have analyzed the Linux+ZFS that Canonical includes in their Ubuntu 16.04 prereleases. Conservancy has determined, with the advice of both inside and outside law firm legal counsel, that the binary distribution constitutes a derivative and/or combined work of ZFS and Linux together, and therefore violates the GPL, as explained above. We also know from Canonical's blog post that they have found other lawyers to give them contradictory advice. Such situations are common on groundbreaking legal issues, and, after all, copyleft is perhaps the most novel legal construction for copyright in its history. Lawyers and their clients who oppose copyleft will attempt to limit copyleft's scope (with litigation, FUD, and moxie), and those of us who use copyleft as a tool for software freedom will diametrically seek to uphold its scope to achieve the license drafter's and licensors' intended broad impact for software freedom.

    Indeed, Conservancy believes this situation is one battle in a larger proxy war by those who seek to limit the scope of strong copyleft generally. Yet, the GPL not only benefits charitable community organizations like Conservancy, but also for-profit companies, since GPL ensures your competitors cannot circumvent the license and gain an unfair advantage. We therefore urge charities, trade associations and companies who care about Linux to stand with us in opposition of GPL violations like this one.


    0 More work might be required to relicense all modern ZFS code, since others have contributed, but we expect that those contributors would gladly relicense in the same manner if Oracle does first.

    1 More discussion on these issues can be found in this section of Copyleft and the GNU General Public License: A Comprehensive Tutorial and Guide, which is part of copyleft.org, a project co-sponsored by the FSF and Software Freedom Conservancy.

    Posted by Bradley M. Kuhn and Karen M. Sandler on February 25, 2016. Please email any comments on this entry to info@sfconservancy.org.

    Luis Ángel Fernández Fernández, Jure Repinc (JLP), Elena ``of Valhalla'', Javier Sancho and 8 others likes this.

    Jure Repinc (JLP), Javier Sancho, GNUstav Huarcaya, Stephen Michael Kellat and 6 others shared this.

  • 8sync is now a GNU project

    at 2016-02-10T00:40:27Z

    My project 8sync, an asynchronous programming library for Guile, is now a GNU project officially!

    More on 8sync and how it could be useful to you soon!

    pingi, David Thompson, j1mc, Jason Self and 7 others likes this.

    Javier Sancho shared this.

    Yay! Congratulations!

    Out of curiosity, what exactly goes into becoming a GNU project officially? Is there some application form one has to fill out?

    Sean Tilley at 2016-02-10T01:36:02Z

    @Sean Tilley There's an application process, and it does involve a plaintext form. There's also an evaluation committee and finally, rms.

    Christopher Allan Webber at 2016-02-10T01:44:59Z

    Sean Tilley likes this.

  • GNU Guile 2.1.2 released! Help out Guile's compiler!

    guile at 2016-02-04T23:27:49Z

    There's a new Guile beta out! This is a speed-focused release! A lot of cool compiler stuff in there!

    Does working on Guile's compiler sound interesting to you? Andy Wingo has a new blogpost on getting involved in Guile compiler tasks!

    If you ever wanted to dig in to compiler work, now's a great time to stretch your wings!

    Javier Sancho, Luis, David Thompson, Claes Wallin (韋嘉誠) and 1 others likes this.

    Javier Sancho, David Thompson, Claes Wallin (韋嘉誠), Christopher Allan Webber shared this.

  • Edward Snowden will kick off LibrePlanet 2016: Will you be there?

    Free Software Foundation at 2016-01-27T21:49:47Z

    This is huge: the opening keynote for LibrePlanet 2016: Fork the System is a conversation with National Security Agency (NSA) whistleblower Edward Snowden and American Civil Liberties Union (ACLU) Technologist Daniel Kahn Gillmor.

    https://www.fsf.org/blogs/community/edward-snowden-will-kick-off-libreplanet-2016-will-you-be-there

    j1mc, Luis R. Rodriguez, aldobelus, João Patrício and 13 others likes this.

    Adonay Felipe Nogueira, dbillyx, victorhck, Javier Sancho and 2 others shared this.

    And now I cannot attend even if I could afford to.

    Stephen Michael Kellat at 2016-01-28T02:56:13Z

    Likewise. Sometimes, being a federal employee sucks.

    lnxwalt@microca.st at 2016-01-28T22:15:07Z

  • Stripe Open Source Retreat day 1

    Christopher Allan Webber at 2016-01-19T20:18:15Z

    In the Stripe office for their Open Source Retreat, day 1.

    The office is super posh. I'm not used to this much luxury. For-profit tech companies are weird!

    Sitting at my desk. They're mostly like: here's your desk, use whatever stuff you want, make cool stuff happen.

    Time to make cool things happen! The next few months are targeting towards MediaGoblin 1.0.

    Claes Wallin (韋嘉誠), lfam, Javier Sancho, Tyng-Ruey Chuang and 6 others likes this.

    Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Javier Sancho shared this.

  • Killling the password via total surveillance

    Christopher Allan Webber at 2016-01-17T18:54:53Z

    Google/Alphabet planning on a total surveillance approach to replacing your password.

    Yikes!

    X11R5, Javier Sancho likes this.

    Javier Sancho, Kevin Everets, lnxwalt@microca.st, lnxwalt@microca.st shared this.

    This will "just happen" to enhance their ad-targeting.

    They still don't get it. I don't want targeted ads, because they are creepy. I don't want an electronic spy deciding whether I am allowed to log into some service I use, either.

    lnxwalt@microca.st at 2016-01-17T19:22:57Z

    X11R5 likes this.

    Prior to seeing this, we've had discussions at work about how there is "ambient" security in the physical world. For instance, my coworkers know me. It would be very difficult for somebody to impersonate me in the work place. So one of the people at work has suggested that his phone or his computer could know him in a similar way. This might actually be acceptable as long as the data that is used to create the knowledge remained strictly confined to the device. Of course, I doubt that is the model that will be pursued.

    Charles Stanhope at 2016-01-17T22:39:31Z

    If people would be concerned with privacy, Facebook and the likes wouldn't be that successful and everybody would know and remember Snowden.
    Truth is, the majority doesn't care about privacy as long as they can share funny cat pictures.

    gdk at 2016-01-18T10:28:03Z

    Luis likes this.

    I've working on a slightly different approach based on password-less cross-domain decentralised authentication. But this is Google and they want all your data and they've got the support of the US government so I reckon that will probably win against any ethical solution.

    macgirvin at 2016-01-27T02:00:36Z

  • Sean Tilley at 2016-01-15T18:22:39Z

    Is privacy Free Software's Next Milestone?

    I am concerned. In the past years, it has become clear that real privacy has become harder to come by. Our society is quickly heading into a situation where an unknown number of entities and people can follow my every single step, and it’s not possible to keep to myself what I don’t want others to know. With every step into that direction, there’s less and less things about my life of which I don’t control who knows about it.


    A great write-up by Sebastian Kugler, who contributes to the #KDE project. I feel that privacy-respecting software is a huge boon to Free Software, and is one of its primary benefits. My hope is that people within the Free Software space might use federated technologies someday to do exactly that.

    Tyng-Ruey Chuang, Efraim Flashner, Claes Wallin (韋嘉誠), Javier Sancho and 6 others likes this.

    Claes Wallin (韋嘉誠), Javier Sancho, AJ Jordan, Christopher Allan Webber shared this.

    I think privacy has long been a priority for many free software projects. But plugging privacy gaps in a feasible way for the average person is a challenge free software needs to constantly rise to....

    Christopher Allan Webber at 2016-01-15T18:28:24Z

    Efraim Flashner, Claes Wallin (韋嘉誠), AJ Jordan likes this.

    I'm inclined to agree, but I think we're getting to a point where the benefit of privacy in Free Software is shifting from implicit to explicit.

    Sean Tilley at 2016-01-15T23:59:50Z

    Efraim Flashner, Claes Wallin (韋嘉誠), Christopher Allan Webber likes this.

  • Replicant

    EVAnaRkISTO at 2016-01-12T17:19:22Z

    dbillyx, Javier Sancho, CUENTA NO ACTIVA likes this.

    dbillyx, victorhck, Javier Sancho, Colegota and 1 others shared this.

    Espero que sirva para crecer en desarrolladores interesados en Replicant. Hace, mucha falta.

    CUENTA NO ACTIVA at 2016-01-12T17:47:50Z

    EVAnaRkISTO likes this.

    >> trinux:

    “Espero que sirva para crecer en desarrolladores interesados en Replicant. Hace, mucha falta.”


    Sip!!

    EVAnaRkISTO at 2016-01-12T19:16:32Z

  • La Free software Foundation certifica hardware que Respeta Tu Libertad

    victorhck at 2016-01-08T14:41:47Z

    NUEVO artículo en mi blog:


    Tan importante como la necesidad de poder disponer de software libre es disponer de hardware libre que respete la libertad y privacidad del usuario.


    https://victorhckinthefreeworld.wordpress.com/2016/01/08/la-free-software-foundation-certifica-hardware-que-respeta-tu-libertad/ 




    RiveraValdez, Javier Sancho, dbillyx, EVAnaRkISTO and 1 others likes this.

    maxxcan, RiveraValdez, Javier Sancho, Colegota and 4 others shared this.

    >> victorhck:

    “[...] Tan importante como la necesidad de poder disponer de software libre es disponer de hardware libre que respete la libertad y privacidad del usuario. [...]”

    Y tanto! De poco sirve fiarte del software si tu hardware lleva firmware que realiza actividades "dudosas" a tus espaldas.

    JanKusanagi @i at 2016-01-08T14:53:15Z

    Colegota likes this.

    >> JanKusanagi:

    “>> victorhck:
    “[...] Tan importante como la necesidad de poder disponer de software libre es disponer de hardware libre que respete la libertad y privacidad del usuario. [...]”
    Y tanto! De poco sirve fiarte del software si tu hardware lleva firmware que realiza actividades "dudosas" a tus espaldas.”

    Qué opinas[n] de los firmware cargados en el propio hardware (muy típico en los móviles) y que no es modificable. Mi opinión que a parte de ser (casi) imposible de modificar entramos ya en el terreno de la especulación pura y dura. Al parecer es una práctica habitual para abaratar costes de fabricación.

    CUENTA NO ACTIVA at 2016-01-09T07:30:06Z

    >> trinux:

    “>> JanKusanagi:
    “>> victorhck:
    “[...] Tan importante como la necesidad de poder disponer de software libre es disponer de hardware libre que respete la libertad y privacidad del usuario. [...]”
    Y tanto! De poco sirve fiarte del software si tu hardware lleva firmware que realiza actividades "dudosas" a tus espaldas.”
    Qué opinas[n] de los firmware cargados en el propio hardware (muy típico en los móviles) y que no es modificable. Mi opinión que a parte de ser (casi) imposible de modificar entramos ya en el terreno de la especulación pura y dura. Al parecer es una práctica habitual para abaratar costes de fabricación.”


    Confío en que con el tiempo avanzará el Hardware Libre, aunque es más complicado que el Software. Pero mientras tanto nos tendremos que fiar de muchas cosas para poder usar otras.

    Colegota at 2016-01-09T13:20:05Z

    CUENTA NO ACTIVA likes this.

  • EVAnaRkISTO at 2016-01-05T17:38:08Z

    >> trinux:

    Replicant se basa en CyanogenMod. Al no meter blobs, su suporte es muy limitado. Y como dices, meter blobs a Replicant y usar CyanogenMod apenas hay diferencia a efectos de libertad como usuario de móviles.”


    Para mí, como usuario de Replicant (con blobs), la diferencia entre Replicant y CM está en que Replicant tiene como propósito el hacer un verdadero sistema operativo libre. Mientras no lo logran, uso bajo mi responsabilidad blobs privativos para wifi, gps y bluetooth.

    Javier Sancho, CUENTA NO ACTIVA likes this.

  • Guix 0.9.0 is out!

    guile at 2015-11-05T14:52:56Z

    Congrats to the Guix team for getting out the 0.9.0 release of Guix! This is a big release, including 543 new packages, container suppport, a new service composition system (important for future deployability work!), and much more.

    Guix is a functional package manager built on top of GNU Guile, and GuixSD is a purely free software GNU/Linux distribution built on top of Guix.

    Great work, Guix folks!

    firnen, Claes Wallin (韋嘉誠), mray INACTIVE, Javier Sancho and 2 others likes this.

    Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Javier Sancho, Christopher Allan Webber shared this.

  • Brand GNU: Guile launches a new website design

    Christopher Allan Webber at 2015-11-04T18:31:12Z

    GNU Guile has a new site design by @sirgazil and it's absolutely glorious!

    Outreach and presentation are really important! I hope we see more and more of this.

    Btw, @sirgazil also did the amazing Guix website design too!

    Javier Sancho, guido, j1mc, David Thompson and 2 others likes this.

    Shevek, Shevek, Iñaki Arenaza, Javier Sancho and 4 others shared this.

    >> sirgazil:

    “\o/ Glad to help!”

    ¡Gran trabajo, compi!

    CUENTA NO ACTIVA at 2015-11-05T13:36:50Z

    sirgazil likes this.

  • Wingo on the future of Guile's VM

    guile at 2015-11-04T21:07:19Z

    Well, much of http://wingolog.org/ is on the future of Guile's VM, but this post especially! If terms like "AOT optimization", "adaptive optimization" and "Just In Time compilation" are your jam, this post is for you.

    Also, we can't leave without this quote:

    The usual strategy for this kind of implementation is to write it all in C++. The latency requirements are too strict to do otherwise. Once you start down this road, you never stop: your life as an implementor is that of a powerful, bitter C++ wizard.

    Javier Sancho, Claes Wallin (韋嘉誠), Christopher Allan Webber likes this.

    Javier Sancho, Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Christopher Allan Webber shared this.

    (... This has been a really eventful day to start this account, yeah?)

    guile at 2015-11-04T21:11:51Z

    Christopher Allan Webber likes this.

  • Guile 2.1.1 released! [Beta for 2.2 series!]

    guile at 2015-11-04T19:53:20Z

    Busy morning! Guile 2.1.1 has been released!

    Lots of improvements, including lots of rewrites to the VM bringing performance improvements, improvements on the Emacs Lisp layer, GOOPS reimplemented in Scheme, and more!

    This is fresh on the heels of our new site design landing (which we announced here just earlier this morning), so when we say it's been a busy morning, we really aren't kidding! :)

    Javier Sancho, Luis, Claes Wallin (韋嘉誠), sirgazil and 2 others likes this.

    Javier Sancho, Claes Wallin (韋嘉誠), David Thompson, Christopher Allan Webber shared this.

  • why use OpenStreetMap

    Krugor at 2015-10-26T09:15:21Z

    N'Guessan Wilfried, Luis, Francisco M García Claramonte, Javier Sancho and 5 others likes this.

    Javier Sancho, Christopher Allan Webber, EVAnaRkISTO, Christophe Schockaert shared this.

    Thank you for sharing this article providing history and details about cartography and their handling as public good.


    Also, I have a question: how do you share posts from Diaspora* to pump.io, and probably the reverse ? I am interested in that :)


    I could didn't see anything like that there as pointed by JanKusanagi , but I may not have looked deeply enough: http://pumpio.readthedocs.org/en/latest/clients.html

    Christophe Schockaert at 2015-10-26T10:52:05Z

    >> Christophe Schockaert:

    “[...] how do you share posts from Diaspora* to pump.io, and probably the reverse ? [...]”

    Some people use the spigot tool to auto-post to Pump from their Diaspora RSS feed. I don't think you can auto-post to Diaspora in this way, since they still don't have an API.

    JanKusanagi @i at 2015-10-26T12:24:30Z

    >> JanKusanagi:

    Some people use the spigot tool to auto-post to Pump from their Diaspora RSS feed. I don't think you can auto-post to Diaspora in this way, since they still don't have an API.”

    Ah, thank you. So it was indeed on the tool page you showed me :)

    I was missing the conclusion that could arise from the features...

    Christophe Schockaert at 2015-10-26T13:13:08Z

    Some people use the spigot tool to auto-post to Pump from their Diaspora RSS feed. I don't think you can auto-post to Diaspora in this way, since they still don't have an API.

    This is actually something that is in upstream development right now. There's been loads of progress with implementing OpenID Connect and setting up a number of API routes for third-party clients. So, hypothetically it wouldn't be long to officially allow to cross-posting to Diaspora.

    Sean Tilley at 2015-10-26T19:16:10Z

  • Christopher Allan Webber at 2015-10-15T19:04:15Z

    http://ring.cx/ looks cool as hell. P2P videochat with a nice interface? Time to package for Guix.

    Javier Sancho, AJ Jordan, jrobb, Elinvention and 5 others likes this.

    Javier Sancho, Stephen Michael Kellat, Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠) shared this.

    Show all 7 replies
    Id like to know more about it. Tox has several major setbacks because its fully p2p, for instance same account on multiple devices, offline messaging, and group voice/video.  Has ring accomplished any of these things?
    Ive found that we need solutions to internet problems like a skype replacement, or more severe solutions like an easy ISP replacement, etc, but then 10 projects create something that solves some subset of said problems in 10 different or similar ways, with a few of those projects having solutions to problems that the others dont, and vice versa.




    veleiro at 2015-10-15T20:46:04Z

    Claes Wallin (韋嘉誠), Douglas Perkins, Christopher Allan Webber likes this.

    @Taylor Gunnoe I don't know the answer to that! All I know is that some friends are using it and like it, and that it's under the GPL.

    Christopher Allan Webber at 2015-10-15T20:52:33Z

    X11R5 likes this.

    @cwebber@identi.ca can't wait to "guix package -i ring"

    Kevin Everets at 2015-10-15T21:23:56Z

    Claes Wallin (韋嘉誠) likes this.

  • Charles Stanhope at 2015-10-14T19:58:01Z

    Wow! A corporation promoting the use of the GPL? I am amazed. "Permissive licenses, community, and copyleft" http://lwn.net/SubscriberLink/660428/2be1b3a592c63b92/

    lnxwalt@microca.st, Yutaka Niibe, jrobb, Javier Sancho and 7 others likes this.

    jrobb, Javier Sancho, Claes Wallin (韋嘉誠), Jason Self and 2 others shared this.

    He then ended the session with an extended appeal to move the open-source software industry away from permissive licenses like Apache 2.0 and toward copyleft licenses like the GPL. Not doing so, he said, puts the FOSS community at just as much risk of collapse as license proliferation threatened to in years past.

    Didn't expect to hear that out of HP's CTO! Great though!

    Christopher Allan Webber at 2015-10-14T20:24:37Z

    Douglas Perkins, Efraim Flashner, Claes Wallin (韋嘉誠), Stephen Compall and 1 others likes this.

  • Lars Wirzenius at 2015-10-06T11:43:42Z

    Unacceptable excuses for bad behaviour in free software development:
    1. Linus and other kernel developers do it.
    2. You have self-diagnosed as having Asperger's.
    3. You value code quality over other people's feelings.
    4. You get angry a lot.
    5. You think other people are just wrong about everything.
    6. You thought of a funny insult.
    7. You're uneasy having people in the project who're unlike you.

    Mikkel Kirkgaard Nielsen, Sean Tilley, Charles Stanhope, The Anarcat and 18 others likes this.

    delib, Claes Wallin (韋嘉誠), Claes Wallin (韋嘉誠), Javier Sancho and 7 others shared this.

    Show all 5 replies
    Number 3 ("code quality is more important than people's feelings") is often used to justify things like the Linux kernel development atmosphere.

    Lars Wirzenius at 2015-10-06T15:50:03Z

    Claes Wallin (韋嘉誠), Christopher Allan Webber likes this.

    They believe bad behaviour is what gets them ahead because that's what got them where they are so far. We are somehow meant to feel sorry for them because they come from broken family backgrounds even though they are spoiled rotten.

    jrobertson at 2015-10-06T17:16:08Z

    Claes Wallin (韋嘉誠) likes this.

    > because that's what got them where they are so far.

    They could have gotten where they are so far in spite of (rather than because of) the behaviors. There's always the chance that several people saying "I'm not going to take this anymore" around the same time will shift momentum away from a previously-successful project or organization.

    lnxwalt@microca.st at 2015-10-07T01:53:35Z

    Claes Wallin (韋嘉誠), jrobertson likes this.

    @lnxwalt That's true, the person with the bad behaviour has typically proved they can make the grade, give the company what they want, work hard, demonstrate their talents. At this point they use their value as a kind of credit system to get away with behaviour that others don't seem to get away with.

    jrobertson at 2015-10-07T05:53:13Z

    Claes Wallin (韋嘉誠) likes this.