Tag Archives: FLOSS

GPL compliance and permissive training data theory

This is the second post within a new series that I might start one day, about how companies abuse common misunderstanding of the GNU General Public License (GPL) to sell their stuff. Today, a slightly scary example. Scary, as it is so off the point.

The company Exafunction, Inc. claims that with their product “Codeium” they can provide intelligent programming assistance, based on a large language model (LLM). Just like Copilot of GitHub, Inc. and even better as they do not infringe any license and specifically not the GPL. Their writeup “GitHub Copilot Emits GPL. Codeium Does Not.” provides an adventurous interpretation about the GPL: You need consent to use it in a commercial context. Moreover training your model on purely permissive-licensed code will free you of any legal trouble.

Things are slightly different. Strange that nobody told them in their “… early conversations with the open source community”.

The GPL does not restrict commercial use. It does not even refer to it at all. You are fine in any fields of endeavour as long as you respect and fulfil its obligations.

The main problem with generative AI and the current ML-based programming assistants is that you cannot trace verbatim copies of code to its origin. Due to that you cannot fulfil the most essential obligation of any Free and Open Source Software license: attribution. Calling out the original authors.

It does not help if you train your model with just permissive-licensed code. You will infringe the underlying licensing terms if you do not provide any reference to the original authors and license(s). No matter if it is a permissive or copyleft license. Either way you will not have a valid legal base, speak license, to re-use the original work and it is as bad as any copyright violation with all of its consequences.

For more details or before starting the marketing campaign of your new programming assistant, it could be worth to take a closer look, for example at the ongoing GitHub Copilot litigation and its underlying motivation.

GPL compliance and the persistent cancer theory

In the golden age of Open Source compliance offerings, one of the key marketing argument still appears to be: “The General Public License (GPL) is sooo risky. In case of GPL infringement, you will have to release all of your code – speak your intellectual property (IP) – under the same terms. Take our license scanner as we are the best to protect you against such nightmares.”

That statement simply is not correct. But very effective if you want to sell your services. Which company wants to be forced to release its valuable IP into the public only by not following specific license terms?

This myth was supposedly framed by Steve Balmer of Microsoft who once said back in 2001: “The way the license is written, if you use any open-source software, you have to make the rest of your software open source. […] Linux is a cancer that attaches itself in an intellectual property sense to everything it touches. That’s the way that the license works.”

His general understanding of one of the basic principles of Free Software and the GPL – reciprocity – speaks of great intellectual power. However this muddle-headed theory in total is utterly wrong but still persistent today serving as one of the main arguments to sell license compliance offerings.

Even infringing the terms of the GPL will never force you to put your own source code under the same license. Simple as that.

Sure, in the worst case you have violated a software license. In this aspect there is no difference between the GPL or any other even proprietary license. Copyright infringement claims are caused by

  • the actual violation of the license and
  • the unlicensed use of software.

You have to cope with its consequences. Legal remedies are

  • punitive damages and
  • injunction to not distribute your product any further.

Not more, not less.

Continue reading GPL compliance and the persistent cancer theory

Öffentliche Gelder nur für offenen Code

Warum es eigentlich essentiell wäre, den Quellcode jeder Software, die im Interesse der Allgemeinheit beschafft und betrieben wird, öffentlich zu machen, hat zuletzt der Chaos Computer Club vorgeführt und beängstigende Details zu fehlerhafter Wahlsoftware ans Licht der Öffentlichkeit gebracht. Stichwort “PC-Wahl”, siehe “Software zur Auswertung der Bundestagswahl unsicher und angreifbar” und “Open-Source-Spende: CCC schließt größte Schwachstelle in PC-Wahl”.

Nahezu zeitgleich hat die Free Software Foundation Europe eine Kampagne gestartet, in der in einem offenen Brief “Public Money, Public Code” die Abgeordneten aufgefordert werden, genau dafür eine rechtliche Grundlage zu schaffen. Konkret, dass mit öffentlichen Geldern für öffentliche Verwaltungen entwickelte Software unter einer Freie-Software- und Open-Source Lizenz veröffentlicht werden muss.

Nachdem auf diesem Blog bereits viel über Freie Software geschrieben wurden, lassen wir stattdessen das offizielle Video der Kampagne sprechen. Anschauen und falls überzeugt, den offenen Brief unterschreiben.


Public Money? Public Code! from Free Software Foundation Europe on Vimeo.

Die WhatsApp-Alternative, auf die wir alle gewartet haben?

Vor einiger Zeit ging ein Aufschrei der Empörung durch die WhatsApp-Nutzerbasis, als Facebook den Dienst gekauft hatte. Es blieb beim Aufschrei.

Vielleicht auch, weil es keine vertrauenswürdigen und brauchbaren Alternativen gab. Vertrauenswürdig, weil die Software den Grundsätzen von Freier Software und Open Source folgt und die Kommunikation Ende-zu-Ende verschlüsselt ist. Brauchbar, weil man damit plattformübergreifend, zumindest zwischen Android und iOS, mit seinen Freunden kommunizieren kann, neben Text auch Bilder und Videos austauschen kann und nicht zu vernachlässigen Gruppenchats unterstützt werden.

Mit dem Release von Signal 2.0 für iOS scheint diese lang ersehnte Alternative nun endlich verfügbar zu sein. Die App entstammt dem Community-Projekt Open Whispersystems. Dieses hatte vor einiger Zeit bereits das entsprechende Pendant für Android veröffentlicht. Auch wenn die Apps auf der jeweiligen Plattform noch unterschiedliche Namen führen, lässt sich damit trotzdem plattformübergreifend verschlüsselt kommunizieren:

Continue reading Die WhatsApp-Alternative, auf die wir alle gewartet haben?

HowTo: Installing Yosemite into VirtualBox

This post should give a quick overview and some background on how to install Mac OS X 10.10 Yosemite in VirtualBox version 4.3.22.

VirtualBox is great because it is probably the only free and open source software based virtualization environment that supports most common platforms (like GNU/Linux, Windows, and Macintosh) and where the virtual machines are portable in case you want to switch the host’s operating system.

Continue reading HowTo: Installing Yosemite into VirtualBox

Email encryption

As more and more people want to encrypt their personal communication to preserve and to protect their privacy, this post should give a quick introduction and some useful hints regarding email encryption based on OpenPGP.

First of all: It may initially look like being quite complicated. The available guide will require some thorough reading. But in the end it is not that complex and absolutely worth the effort. As soon as one is familiar with the basic concepts and techniques it will be nothing more than locking/unlocking your front door. And probably you did not yet remove your door lock for reasons of simplicity?

Continue reading Email encryption

HowTo: Automatically generating image galleries based on Galleria.io

As you might have noticed all image galleries of this blog are meanwhile based on the Galleria.io framework.

Galleria.io is great because it is Free/Libre Software (MIT-licensed), simply does what it is supposed to do, and requires not yet another plugin for WordPress nor a database backend. It also supports mobile devices and its typical touch gestures. Furthermore it enables self-hosted galleries and does not require to rely on any cloud services where you might loose control on your data.

The only thing that I was missing was a straight forward way to automatically generate a gallery. Creating it by hand – as for example described in Galleria.io’s “Beginners Guide” – is time-consuming, cumbersome, and error-prone. So the overall idea was to create a ready-to-run Galleria.io gallery based on a given folder that contains just the image files by using a shell script.

In detail I wanted to have the following functionality:
Continue reading HowTo: Automatically generating image galleries based on Galleria.io