Archive for December, 2009


Thursday, December 31st, 2009

Last day of the year. Some will say last day of the decade, even if it’s the last day of the ninth year of the century. With a light dusting of snow on the rooftops here in the eastern part of the Netherlands and firecrackers going off — pop pop pop — all day. The three families at the end of this dead-end street in a residential area will get together this evening for traditional Swiss fondue, traditional Dutch oliebollen and have a quiet time of it. The kids might even stay up until midnight this time, now that the oldest ones are six. I think we spent an aggregate of 3 EUR on fireworks (sparklers) and 40 EUR on cheese, which seems like a good set up for me. I like cheese. So around midnight, I shall raise a glass and hold aloft a gorgonzola to salute friends and family close by; if I’m feeling smarmy I might do the same for friends, colleagues, comrades and enemies in the Free Software world as well. If that means building a Plussy out of Emmenthal, then so be it.

On removing GPL code

Wednesday, December 30th, 2009

Last week, Diego Iastrubni asked removing GPL code, prompted by MonoDevelop’s announcement that it had removed all the GPL code in its codebase, thus opening the road to proprietary plugins.

Well Diego, there’s an app organization for that. Depending on your jurisdiction, you could ask the Free Software Foundation in the United States, the Free Software Foundation Europe in Europe, the Free Software Foundation Latin America in Latin America (are you seeing a pattern here?). The FSF in the United States is the steward of the GPL (all versions) and the organization in charge of interpreting the intent of the GPL. Of course, certain matters on interpretation will end up in courts — because it is not only about the intent of the license, but also what it actually says.

There are also national centres of competence regarding licensing issues and the use of Free Software. In Finland you might want to ask COSS; in Spain, CENATIC or ASOLIF; in the Netherlands, NOiV; in the United States, the Linux Foundation. Any of those might be able to help out with this kind of question. I won’t pretend that they definitely will: it depends on the context and workload and whether the question makes sense in their context.

Fortunately, an organization like FSFE has education and information provision written into its constitution (but not its budget: support the FSFE to help it continue to help you and the rest of the Free Software world). So here’s an attempt at an answer — which does not constitute legal advice and which does not constitute an interpretation of the GPL.

So let’s follow through Diego’s question:

I have this application which I license under the terms of BSD, and I saw a GPL library (lets call it libbar ) which might help me. I incorporate the library by dinamic linking. Now my application is effectly a GPL binary, sweet.

It is vitally important to distinguish between source and object forms of the software here, as well as keeping track of mechanisms of linking. Let’s try to strip this down to a bare minimum number of components. A program A written entirely by you using no external (third-party) components and released by you under the terms of the 2-clause BSD license. That’s fine. Now suppose you modify your application to use an interface provided by a GPL library (like libbar, in Diego’s example). Does that make your program a work that must be licensed under the GPL? Maybe. Does that make the object form of the program linked to GNU readline a work that can only be distributed under the terms of the GPL? Yes. So you must ship the object with the text of the GPL, with a source code offer (either the complete source or a written offer, as usual). Still, the sources retain the license that you originally put on them (BSD 2-clause, which is GPL-compatible, so this is possible).

Now you replace libbar (the GPL library) with a newly written, 2-clause BSD-licensed, libbar_bsd. It might implement the same API as libbar, or it might implement a slightly different one and you modify your application A accordingly. Does that change the licensing possibilities that you have? Yes. you can release A under the 2-clause BSD license — again, keeping in mind other obligations you might have. If you were forced to re-license the source under the GPL (see Maybe, above), then there may be issues. If you are the sole copyright holder, then of course you can re-license. But you need to double-check any contributions you may have received to the codebase. With the new A, you can release object versions including libbar_bsd, under the 2-clause BSD license.

Lets assume, my application uses (derives classes, whatever) code from libbar. If I remove the GPL code and change it by BSD code – my work even though it does not contain GPL code – it’s a derived work, due to compile time constrains. Am I correct?

I think this scenario has two different interpretations: if A uses functions from the library then — like I said previously — the object is definitely GPL licensed and the source might need to be. But if you actually have derived classes and modified code from libbar, then it’s going to be a great deal more difficult, because your source is in itself a derived work. I’m not sure how to understand the “remove the GPL code” here: if there is no GPL source code in the application and it doesn’t link to any GPL libraries in object form then there’s no reason that the GPL need apply.

Let’s look at Diego’s other scenario:

Lets assume that libbar, uses abstract classes/methods from libfoo (which is BSD). Lets assume that my application uses the interfaces exposed in libfoo, then libbar extends those interfaces, and I am not directly using libbar. When I use my new BSD library, my application is not compiled against any GPL code (just linked to) and it never used it directly. My old code was GPL by run-time constrains and, and the new one is BSD. Am I correct?

In this scenario, application A uses libfoo (presumably unrelated, although it apparently provides functionality to libbar), so there’s no GPL code involved at all. The parenthetical comment “(just linked to)” I don’t understand: why would the application A link to libbar at all if it doesn’t use it and libbar is en independent development?

So that leaves us with that dreaded “Maybe” from earlier. Paul Pacheco commented on Diego’s blog with exactly the right bits of the GPL — the trailer to clause 2 of the GPLv2; GPLv3 doesn’t have the same language. But perhaps even more important, the GPLv2 says:

Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program.

In other words, distributing your work which is both an identifiable part of the whole work and which is not derived from the GPL library (and I’ll claim that using an interface is not in itself sufficient to create a derivative work), then the source continues to be licensable however you like, but the object must be distributed under the GPL. The sources you provide that correspond to that object form must be distributed under the terms of the GPL — strange but true.

Understanding Licenses, bit by bit (4)

Tuesday, December 29th, 2009

It took a little while, but I wrapped up the licenses-as-icons with a summary in tabular form. It’s not on this blog, because I don’t know how to pull in fancy CSS and tables into wordpress. Instead, it lives on one of my personal sites for now. It will move to the FSFE pages in due course, once I’ve had some of the other people in the Freedom Task Force look over it. The page is largely auto-generated now by a little python program that understands the labels given to the different licenses. There is plenty of room for improvement: links to the license texts, better explanations of what the badges mean, etc.

One thing I’m quite happy with is the family overview: it shows which licenses are the same when compared using only the qualities reflected in the badges. So it shows MIT and BSD 2-clause as the same — which I’m willing to accept. Unfortunately, due to the granularity of the badges, it also shows some things together (or at least indistinguishable based on the badges) that do not belong together.

There’s one badge missing: “allows relicensing”, which would for instance distinguish between OSL and AFL (as I pointed out when reading them previously). And it might make sense for every license that gets a warning marker to be excluded from the family groupings entirely, so as to avoid the possibility of confusion there.

Thanks: I’d like to thank Mignon Engel and Egon Elbre for providing icons that can be used to symbolize the different badges. You can switch between the different style sheets in your browser’s View menu (unless you’ve got Safari, which doesn’t support that feature as far as I can tell).

Copyright: Some folks have asked about the license on the icons, the text, these blog entries. Since this is work I do as part of my job for the FSFE, it is copyrighted by my employer — the Free Software Foundation Europe (an independent sister organization representing Free Software in Europe). Most of the materials produced by the FSFE are released under a liberal license, for instance allowing unlimited verbatim copies as long as the copyright notice is preserved (otherwise it wouldn’t be verbatim, right?). However, this material hasn’t been licensed that way yet, so I’d have to answer that right now, it’s “All Rights Reserved.”

Next Steps: Refine the meaning of the badges. Add a relicensing badge. Add another dozen licenses (for instance there’s no Affero versions here yet). Clean up the text. Turn it into a nice booklet. Publish. …? Profit!

KDE SC 4.4 beta2 on OpenSolaris

Sunday, December 27th, 2009

The -440 repository — that is KDE4-OpenSolaris-speak for “the Mercurial repository which holds the specfiles that are being developed for building KDE SC 4.4.0 once it is released” — has been bumped to beta2 now (version 4.3.85). We’re still in the process of rebuilding everything, as there are some new dependencies and the usual fixes and patches to be updated. I count 66 patches still applied; we have started pushing more of them upstream — especially the trivial ones like adding newlines to the last line of a file. Thanks to SadEagle for picking up some of the patches to KHTML again as well — they’re a little odd in that they apply to code that isn’t ever called but that needs to compile anyway.

xz: this is a new dependency, a general purpose compression library. Very straightforward build, no other dependencies — something that we should be trying to foist off on SourceJuicer as quickly as possible so as to make it available to more people.

libattica: Frederik Gladhorn (and whoever else worked on that), I salute you. No patches required, builds without even a single warning. If I’m going to be really picky, I’d point out that the files are licensed GNU LGPL 2.1 (the Lesser GPL) while the included COPYING file is the GNU LGPL 2 (the Library one). And there’s no tests for it, so while I can see it compiles, I have no idea if it works. Good job, anyway.

The status continues to be: it works. It’s kind of slow, and backtraces involving the Flash plugin are non-ASCII text, but for straightforward web browsing and KMail and konsole — my desktop — it’s in OK shape. As usual additional compile and runtime testers are encouraged to step forward.

All I want for Christmas is an Office Suite?

Friday, December 25th, 2009

My friend Armijn pointed me to a thing called Orange Office (no link). I get a Dutch site, which is full of d/t errors (a fundament of Dutch grammar) which tries to sell me .. It comes down to a long spiel about Microsoft Office compatibility and how OOo works exactly the same as Microsoft Office and yet it’s so cheap! Buy now! Word! Powerpoint! Operators are standing by! Yes, they’re charging 15 EUR for an download. Going through the terms and conditions is hilarious (well, ok, I should take my medicines now) for disclaiming responsibility, disallowing resale (hello, LGPL!), disclaiming the applicability of refund law which applies to tele-sales. You know the drill. It gets better as the “buy now” page has a “limited quantity offer!” for Calc and Draw as well. The payment processing, somewhat to my surprise, seems to be legitimate — it’s still a heck of a way to rake in 15 bucks for an otherwise gratis download of 3.1.

John is a #$%!

Thursday, December 24th, 2009

Ah, libel. Publishing defamatory or damaging text. There’s various interpretations, and generally calling John a complete moron on a web forum or in a blog post might be libelous (which John? I dunno .. you decide). This has been troublesome regarding publications which are also available (like on the Internet) in Britain, because British libel law treats publication, certainly online, a little differently from how one might expect. It’s not the date of production that counts, but the day of reading. This has led to a notion of “libel tourism” in the UK.

In any case, that’s my background for being interested in the topic, so a Canadian result on the topic caught my eye. It has no impact on the UK, of course, but it shows how the interpretation of libel is changing elsewhere. The CBC reports and Michael Geist comments on the introduction of a new defense “responsible communication” against libel suits. Interestingly, the CBC claims that the Canadian Supreme Court looked (among others) at the UK and found the available defenses in Canada “too strict.”

In any case, it means that in Canada, as long as (1) I did some research (2) the communication is in the public interest (3) the judge in the case confirms that it is in the public interest, then I can publish “John is a moron”.

And on a totally unrelated note, does it not strike you as odd that John Turner (17th prime minister of Canada) is not listed on the category page for Johns? Neither is John (Maddog) Hall. Nor John Oates. It’s a travesty.

KDE SC 4.4 beta1 for OpenSolaris

Thursday, December 24th, 2009

Thanks to the efforts of the KDE4-OpenSolaris group — among whom I number myself, hnhn, Hajma, and Ben as well as various testers and supporters — the KDE SC 4.4 beta1 (version number 4.3.80) is available as OpenSolaris IPS packages. Note that beta2 has been released already so there is more updating to do. In the course of the beta cycles, the amount of patching that needs dealing with tends to drop — at least as long as there are no large code drops.

Speaking of large code drops, Dario tries to explain polkit — a good thing, but I’m still not sure if this thing actually exists for me or not.

Packages: there is an IPS server hosting packages for 4.3.80. This is still my FreeBSD port of the pkg.depotd, so I do hope it remains compatible with the pkg command — pkg is still under interesting development, and it does suffer from API changes every now and then. In theory, you can just add this IPS server (say, as kdedev-ips .. oh, hang on, that is one of the things that has changed: I don’t think you can free-form name your IPS servers anymore). This should be a straightforward upgrade of your existing KDE packages.

Korona 4.3.80: there is a new release of the OpenSolaris live CD Korona (by Pavel Heimlich). It is available from Genunix is where you can find all of the different OSOL distributions and specializations. You can also get Belenix there, which is the KDE4-with-gcc distribution of OSOL. Note that the most recent distro’s are based on an OSOL with ZFS data deduplication, which may help in reducing disk space requirements if you have virtual machines or multiple source trees checked out.

Next steps in KDE4 on OpenSolaris are bumping everything to beta2 and plenty of runtime testing. I’m pretty happy with the stability of the desktop and KDE PIM right now, even Akonadi works; I think my main annoyance is with hangups in name resolution. Konqueror, for instance, regularly hangs (up to 10 seconds) in a dbus call (yay pstack). I think that’s either name resolution or favicon handling.

Collection Agencies

Wednesday, December 23rd, 2009

A while back I wrote about the Dutch national collection agency for music rights (performance and otherwise). That was related to a plan which was to charge webpage owners (i.e. individuals) a flat rate for embedding up to six videos in the page. This met with — rather confused, I said at the time — political opposition, and the plan was subsequently shelved. Today the collection agency Buma announced that it had reached an agreement with YouTube for an undisclosed sum; for this, YouTube obtains blanket permission to host (and redisplay) videos containing music that are otherwise subject to licensing in the Netherlands. Recall that Dutch copyright law is a little peculiar and downloading is — for the time being — allowed, it’s the making available that violates the copyrights.

The Dutch privacy organization Bits of Freedom (site is in Dutch) is, on the one hand, happy to have clarity, but at the same time there’s now a very strange situation: music videos hosted on YouTube are “vogelvrij” while all other video platforms are still encumbered. In addition, the artists are once again screwed over, as Buma has just sold (for an undisclosed sum) all these rights — for 15000 domestic artists and 2 million foreign ones. So if I were an artist (those of you who have heard me sing at conferences .. well, lucky you) I’d be kind of annoyed at this point, either for being sold out for too little under a blanket or for being sold out at all.

Trouble on the Line

Wednesday, December 23rd, 2009

I want them to stop explaining my browser options to me. I don’t want to know my browser options. The more I know about my browser options, the more I feel like a fool.

So I feel like a real consumer fool about my money, and now I have to feel like a fool about my browser, too. I liked it better back when we all had to belong to the same Browser Company, and browsers were browsers — black heavy monolithic boxes, that were routinely used in the movies as murder weapons (try that with todays browsers!). Also, they were permanently attached to your computer and only highly trained Browser Company personnel could “install” them. … It was as close as most people came to experiencing what heroin addicts go through, the difference being that heroin addicts have the option of going to another supplier.

All that is taken directly from a column by Dave Barry (he still writes for the Miami Herald) which I stumbled across recently. It’s in “Dave Barry’s Greatest Hits”, published in 1988. I’ll admit to minor editing: I replaced “phone” with “browser”. There were no web browsers in 1988.

Not much changed, eh, in twenty-one years?

It’s just a matter of serendipity that I was flipping through this tatty old humor book in the weeks following the European Union’s anti-trust decision around browsers. You can see the EU decision (PDF, 1.1MB) and the FSFE’s reaction — the latter can be summed up as “yes, this is one problem sort-of out of the way, but there’s more issues to be dealt with.”

I like choice. But I suspect Dave’s missive on the phone still largely applies and that people don’t want a browser. They want a tool with which to order pet food from the comfort of sitting in a cardboard submarine in their basement. There’s another angle on the topic as well: encouraging installation click-through. I hadn’t considered that — although recommendations that all the balloted browsers be available in some (fairly) recent version on-disk were made. That would change the issue from downloading and installing software to activating software. However, if you follow Adrian’s train of thought (that zdnet link), you end up disabling all change to the device, returning to the era of fixed-function machines that nobody can change.

Except by the Browser Company, of course.

Who is the FSFE?

Monday, December 21st, 2009

The Free Software Foundation Europe (FSFE) is lots of people. I have tried to illustrate this previously, with lots of photos and drawings, but one of the best ways of showing just who is involved is through the Fellowship Interviews. This month, Simon Joseffson, who .. well, I guess you should just read the interview. Stian, who does the interviews, asks all the right questions.