Schlagwort-Archive: FLOSS

GPL compliance and the persistent cancer theory

In the golden age of Open Source compliance offerings, one of the key marketing argument still appears to be: „The General Public License (GPL) is sooo risky. In case of GPL infringement, you will have to release all of your code – speak your intellectual property (IP) – under the same terms. Take our license scanner as we are the best to protect you against such nightmares.“

That statement simply is not correct. But very effective if you want to sell your services. Which company wants to be forced to release its valuable IP into the public only by not following specific license terms?

This myth was supposedly framed by Steve Balmer of Microsoft who once said back in 2001: „The way the license is written, if you use any open-source software, you have to make the rest of your software open source. […] Linux is a cancer that attaches itself in an intellectual property sense to everything it touches. That’s the way that the license works.“

His general understanding of one of the basic principles of Free Software and the GPL – reciprocity – speaks of great intellectual power. However this muddle-headed theory in total is utterly wrong but still persistent today serving as one of the main arguments to sell license compliance offerings.

Even infringing the terms of the GPL will never force you to put your own source code under the same license. Simple as that.

Sure, in the worst case you have violated a software license. In this aspect there is no difference between the GPL or any other even proprietary license. Copyright infringement claims are caused by

  • the actual violation of the license and
  • the unlicensed use of software.

You have to cope with its consequences. Legal remedies are

  • punitive damages and
  • injunction to not distribute your product any further.

Not more, not less.

The most straight forward way out of this would naturally be to release your source code also under the terms of the GPL. Thereby making it public. This is what is understood as reciprocity – others can also benefit from your work, as you did from the original work. It is the recommended choice of the Free Software community.

But in case you want to protect your IP by keeping your own code secret, you are still left with various other options:

  • Remove it. Double check if the GPL-licensed component is really needed by your product. In case not, just remove it.
  • Refactor it. Either re-write the functionality provided by the component from scratch or replace it by another one that comes with a more permissive license.
  • Relicense it. Ask the original author(s) if they are open to re-license it. Either under a more permissive license or a commercial license for proprietary use.

The best wrap-up I have read is given by Heather J. Meeker in her book „Open (Source) for Business: A Practical Guide to Open Source Software Licensing“. A must read not only regarding this issue.

To conclude – whenever you hear such statement, be alarmed and listen more carefully to assure that the talking alleged expert really offers the necessary expertise to help you with license compliance.

Öffentliche Gelder nur für offenen Code

Warum es eigentlich essentiell wäre, den Quellcode jeder Software, die im Interesse der Allgemeinheit beschafft und betrieben wird, öffentlich zu machen, hat zuletzt der Chaos Computer Club vorgeführt und beängstigende Details zu fehlerhafter Wahlsoftware ans Licht der Öffentlichkeit gebracht. Stichwort „PC-Wahl“, siehe „Software zur Auswertung der Bundestagswahl unsicher und angreifbar“ und „Open-Source-Spende: CCC schließt größte Schwachstelle in PC-Wahl“.

Nahezu zeitgleich hat die Free Software Foundation Europe eine Kampagne gestartet, in der in einem offenen Brief „Public Money, Public Code“ die Abgeordneten aufgefordert werden, genau dafür eine rechtliche Grundlage zu schaffen. Konkret, dass mit öffentlichen Geldern für öffentliche Verwaltungen entwickelte Software unter einer Freie-Software- und Open-Source Lizenz veröffentlicht werden muss.

Nachdem auf diesem Blog bereits viel über Freie Software geschrieben wurden, lassen wir stattdessen das offizielle Video der Kampagne sprechen. Anschauen und falls überzeugt, den offenen Brief unterschreiben.

https://vimeo.com/232524527

Public Money? Public Code! from Free Software Foundation Europe on Vimeo.

Die WhatsApp-Alternative, auf die wir alle gewartet haben?

Vor einiger Zeit ging ein Aufschrei der Empörung durch die WhatsApp-Nutzerbasis, als Facebook den Dienst gekauft hatte. Es blieb beim Aufschrei.

Vielleicht auch, weil es keine vertrauenswürdigen und brauchbaren Alternativen gab. Vertrauenswürdig, weil die Software den Grundsätzen von Freier Software und Open Source folgt und die Kommunikation Ende-zu-Ende verschlüsselt ist. Brauchbar, weil man damit plattformübergreifend, zumindest zwischen Android und iOS, mit seinen Freunden kommunizieren kann, neben Text auch Bilder und Videos austauschen kann und nicht zu vernachlässigen Gruppenchats unterstützt werden.

Mit dem Release von Signal 2.0 für iOS scheint diese lang ersehnte Alternative nun endlich verfügbar zu sein. Die App entstammt dem Community-Projekt Open Whispersystems. Dieses hatte vor einiger Zeit bereits das entsprechende Pendant für Android veröffentlicht. Auch wenn die Apps auf der jeweiligen Plattform noch unterschiedliche Namen führen, lässt sich damit trotzdem plattformübergreifend verschlüsselt kommunizieren:

Die WhatsApp-Alternative, auf die wir alle gewartet haben? weiterlesen

HowTo: Installing Yosemite into VirtualBox

This post should give a quick overview and some background on how to install Mac OS X 10.10 Yosemite in VirtualBox version 4.3.22.

VirtualBox is great because it is probably the only free and open source software based virtualization environment that supports most common platforms (like GNU/Linux, Windows, and Macintosh) and where the virtual machines are portable in case you want to switch the host’s operating system.

HowTo: Installing Yosemite into VirtualBox weiterlesen

Email encryption

As more and more people want to encrypt their personal communication to preserve and to protect their privacy, this post should give a quick introduction and some useful hints regarding email encryption based on OpenPGP.

First of all: It may initially look like being quite complicated. The available guide will require some thorough reading. But in the end it is not that complex and absolutely worth the effort. As soon as one is familiar with the basic concepts and techniques it will be nothing more than locking/unlocking your front door. And probably you did not yet remove your door lock for reasons of simplicity?

Email encryption weiterlesen

HowTo: Automatically generating image galleries based on Galleria.io

As you might have noticed all image galleries of this blog are meanwhile based on the Galleria.io framework.

Galleria.io is great because it is Free/Libre Software (MIT-licensed), simply does what it is supposed to do, and requires not yet another plugin for WordPress nor a database backend. It also supports mobile devices and its typical touch gestures. Furthermore it enables self-hosted galleries and does not require to rely on any cloud services where you might loose control on your data.

The only thing that I was missing was a straight forward way to automatically generate a gallery. Creating it by hand – as for example described in Galleria.io’s „Beginners Guide“ – is time-consuming, cumbersome, and error-prone. So the overall idea was to create a ready-to-run Galleria.io gallery based on a given folder that contains just the image files by using a shell script.

In detail I wanted to have the following functionality:
HowTo: Automatically generating image galleries based on Galleria.io weiterlesen

Use of Open Source Software in Health Care Delivery – Results of a Qualitative Field Study

The article about my previous research has finally been published in the IMIA Yearbook 2013. It is meant to provide a practitioner’s perspective on the use of medical free/libre and open source software (FLOSS) in clinical routine. In this context I examined and presented the opinions and experiences of chief information officers (CIO) working at larger hospitals. The abstract reads like this:

Objectives: To assess and analyze the attitude of health IT executives towards the utilization of specialized medical Open Source software (OSS) in Germany’s and other European countries’ health care delivery.

Methods: After an initial literature review a field study was carried out based on semi-structured expert interviews. Eight German and 11 other European health IT executives were surveyed. The results were qualitatively analyzed using the grounded theory approach. Identified concepts were reviewed using SWOT analysis.

Results: In total, 13 strengths, 11 weaknesses, 3 opportunities, and 8 threats of the utilization of OSS in a clinical setting could be identified. Additionally, closely related aspects like general software procurement criteria, the overall attitude of health IT executives, users, and management towards OSS and its current and future use could as well be assessed.

Conclusions: Medical OSS is rarely used in health care delivery. In order to capitalize the unique advantages of OSS in a clinical setting, complex requirements need to be addressed. Short-comings of OSS describe an attractive breeding ground for new commercial offerings and services that need yet to be seen.

Schmuhl, H., Heinze, O., & Bergh, B. (2013). Use of Open Source Software in Health Care Delivery – Results of a Qualitative Field Study. Contribution of the EFMI LIFOSS Working Group. Yearbook of medical informatics, 8(1), 107–13.

The full text article available via: Apfelkraut.org | PubMed | Schattauer

I am looking forward to your feedback!