Forgot your password?
typodupeerror

'Infectious' Open Source Software? 270

Posted by ScuttleMonkey
from the spreading-the-infection dept.
Gavo writes "Law firm Chapmann Tripp advises New Zealand State Services Commission that the New Zealand Government should be wary of using 'infectious' open source software. They claim 'While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software.'"
This discussion has been archived. No new comments can be posted.

'Infectious' Open Source Software?

Comments Filter:
  • The only legal risks are patent issues, which, I don't think they have in New Zealand. Otherwise, most FOSS software licenses don't kick in unless you redistribute the software. So long as the NZ authorities aren't modifying the code, they'll be fine.
    • So long as the NZ authorities aren't modifying the code, they'll be fine.

      So long as they aren't modifying and (as you did mention) the code. They can can modify it as much as they want and not have to release their source code if they just use it internally.
    • by Anonymous Coward
      Otherwise, most FOSS software licenses don't kick in unless you redistribute the software.

      And it gets even more fun when you compare the F/OSS licenses with the common proprietary ones. When our company decided Legal needed to review any F/OSS license used here, I got them to agree to do the same level of review on the proprietary licenses. Not surprisingly, there were *way* more proprietary licenses (the original concern was too many licenses), and the proprietary ones had way more questionable terms t

    • Actually, copyright would be a potential risk as well.

      Ofcourse, commercial software is just as vulnerable to patent/copyright infringements as well, and so are it's users since most commercial software includes disclaimers.

      The only way a commercial package may be better protected is by "obfuscation"; you can't check the source to see if they stole your code. As such an open source package might be better, since you atleast can verify it's code.
      • Ofcourse, commercial software is just as vulnerable to patent/copyright infringements as well, and so are it's users since most commercial software includes disclaimers.

        The GPL also contains such disclaimers; it's extremely rare that a software licence doesn't.
        • I just mentioned it to say that commercial software doesn't indemnify it's users any more than open source software does.
          • I just mentioned it to say that commercial software doesn't indemnify it's users any more than open source software does.

            According to TFA it does:

            Exposure to faults and intellectual property claims

            25 There is a risk that open source software contains functional defects, or breaches a third party's intellectual property rights (e.g. where it contains code misappropriated from proprietary software or functionality in breach of a patent). The absence of warranties and indemnities in most open source licences
            • I realize that's what the guide says, but do you know of such a warranty the guide says exists? Take for instance this nugget from the Microsoft Office EULA:

              Microsoft and its suppliers provide the Software and support services (if any) AS IS AND WITH ALL FAULTS, and hereby disclaim all other warranties and conditions, whether express, implied or statutory, including, but not limited to, any (if any) implied warranties, duties or conditions of merchantability, of fitness for a particular purpose, of reliabi

    • Those aren't the only risks. The guy in New Zealand is being pretty alarmist in the way he puts things, but is right in at least one respect: If you use Open Source software as part of your own products, be aware of what the license says so you can make an informed decision on whether you're going to be able to use it in the way you want.

      I have to say "infectious" is a bit over the top. He probably only did that to get people to talk about it....and well, here we are.
      • Re:Not really (Score:2, Insightful)

        by DavidTC (10147)
        If you use Open Source software as part of your own products

        Whereas, of course, you can legally use closed source a part of your own products all you want.

        • Uh, yeah....right.

          If software comes with a license, people should be aware of what it says. That's just common sense. Understand now?
  • Lawyers are parasites, empowering them expose you to number of legal risks.

    Much better.
    • these guys seem to be FUD spreading fucktards, check this out;

      The GPL expressly provides that software compiled with the GNU Compiler Collection (GCC) is not infected by the GPL. Presumably the Free Software Foundation considers other GPL compilers will infect the compiled software.

      I guess by that considered legal opinion it follows that if I compile my software with a microsoft compiler, the generated program belongs to Microsoft.

      No warranties: Open source software is generally provided "as is", without an

  • From TFA: "Exposure to faults and intellectual property claims.
    Relevant to all open source use.

    Disclosure of confidential code/ No rights to use.
    Relevant where software has been infected by an open source licence."

    They talk about it like there aren't IP claims with proprietary source code. I would argue that these "legal issues" are in fact features of open source that are hampered generally in commercial closed-source software. Closed source tends to have more of the issues above by defau
    • by frankie (91710) on Wednesday March 01, 2006 @10:15AM (#14826019) Journal
      Yes, if you paste OSS code into your software project, you will need to follow their license. As opposed to copying proprietary source code ... which will merely LAND YOU IN COURT for piracy, hacking &/or theft of trade secrets. See, isn't that a much better option?
      • Yes, if you paste OSS code into your software project, you will need to follow their license.

        If you link to a library you have to follow the license as well. And, sadly, this is where many (I'd even say most) developers just don't get it. They don't understand the differences between the varying licenses, or the difference between OSS licensing and commercial licensing. Most developers are familiar with commercial licenses where you buy the code once and you can now link to the library, using the documented
    • Bought by goverments thinking they bought a safe closed source product and bam! some patent creeps in and threathens to shut it all down.

      Of course it turns out that the patents are no good but if they had been would this lawfirm claim that buying closed source products is a huge risk since you never know if some patent abuser doesn't decide to shut you down?

      Lawyers are like nukes. If the other guy has them you got to have them as well but on the whole the world would be a better place without them.

  • Between The Lines (Score:3, Insightful)

    by ObsessiveMathsFreak (773371) <obsessivemathsfreakNO@SPAMeircom.net> on Wednesday March 01, 2006 @09:43AM (#14825828) Homepage Journal
    "We've noticed a substantial drop in the amount of EULA's being drafted, as well as an air of goodwill and cheer creeping into the normally sour and beligerent computer software industry, leading naturally to a decrease in important economy stimulating litigation.

    Time to break out the FUD cakes!"

  • Of course .... (Score:3, Interesting)

    by tinkerghost (944862) on Wednesday March 01, 2006 @09:44AM (#14825837) Homepage
    There's more risk of OSS being called on IP violations. YOU CAN SEE THE CODE!!!!!!!!
    MS has been sued how many times now for IP violations? - and that's with people having to either "steal" the code or sue to see it.
    Unfortunately, I do see more IP challenges to OSS in the future. On the up side I also see those challenges being handled by the OSS community with rapid patches to remove the problem - unless it's something like BT sueing over links.
  • Infectious! (Score:3, Funny)

    by Rob T Firefly (844560) on Wednesday March 01, 2006 @09:46AM (#14825840) Homepage Journal
    It's all true!! I set up one little Linux box, and the next morning my phone, toaster, and kitchen sink were all being freely updated and improved by thousands of collaborators all over the world! Insidious stuff, that open-source.
  • by Antique Geekmeister (740220) on Wednesday March 01, 2006 @09:47AM (#14825849)
    The entire slant of the document is incorrect. There are certainly concerns with the open source licenses, especially for someone unfamiliar with them who is used to using proprietary software, tweaking it, and reselling without every publishing the modifications to their clients or to the authors.

    But the use of closed source and proprietary software has a generally greater risk due to risk of copyright violation and patent violation and user agreement violation. Simply reverse-engineering a proprietary protocol in order to get your work done or to fix a serious issue in closed source software can cause serious legal problems which are often far greater, even though they are more familiar. And the closed source tools are far more likely to contain backdoors or to have vital features discarded in new revisions, forcing a painful and expensive upgrade process for both software and its configurations to the new setups, or to simply be discarded and the data or tools permanently lost to users.

    The shutdown of companies or their abandonment of products is a real problem in the closed source world.
    • If commercial software comes under fire from a patent violation the company that owns the commercial software takes on that liability and deals with the issue. It's likely to be different for open source created by many individuals. It's easier for the patent predators to go after the users which have more money for the patent violations.

      --
      Q
      • This is exactly the point. I don't know about NZ but here in the UK government procurement is actually done on the basis that there needs to be an audit trail along which blame can be proportioned (and presumably someone sued if need be). Open source breaks that trail and public bodies find that *really* hard to get their heads around.

        Everything in the public sector is goverened by rules designed to stop people taking risks (like having 'bright ideas' and trying to make things better). Everything is done a
    • Another place in which open-source is safer than proprietary is in the case where you do break the license agreement. If you commit some minor indiscretion with OSS software, it's unlikely that anyone is going to come after you. After all, what OSS group has the money or desire to attack people in court for violating their license. The GPL is mainly a good-faith agreement. Let's look at the flip side. If you commit the same minor indiscretion on a piece of commercial software, get ready to be sued off
  • by KiloByte (825081) on Wednesday March 01, 2006 @09:47AM (#14825850)
    an increased risk of exposure to faults
    More public review, code that tends to be of higher quality, and the ability to fix problems yourself

    intellectual property claims
    And since when proprietary software was free from litigation?

    the risk of forced disclosure of confidential code
    "confidential code" -- whose? If yours, you wouldn't even be able to put it there otherwise. And someone has to reread the GPL again -- no one says the gov agency in question has to distribute any source of things they use internally. If the agency in question releases some software itself -- that "confidential code" will be disclosed anyway, just in a form that is harder to read. Back in the days, I learned how to program a particular SVGA chipset by debugging through BIOS code, and my asm skills are low -- are you going to tell me that if the "confidential code" has any real value, no one will get to it anyway?
    • And someone has to reread the GPL again -- no one says the gov agency in question has to distribute any source of things they use internally.

      Well, as I read the GPL, if said government agency creates a GPLed tool and distributes it internally, then they must also make the source available internally; I see no exceptions allowing you to not provide source to employees on demand. I also see no exceptions allowing you to require that said receiving employees do not distribute the code outside of the agency.

      So
      • Within an organization != distribution. The GPL FAQ [gnu.org] is quite clear on that.
        • Interesting. I can't say that I necessarily agree with it - it gives me an uncomfortable feeling that I could be considered to be merely part of my company, rather than an individual in my own right no matter the context, but fair enough.

          Incidentally, congratulations on being the first person to actually answer this point, which I've made a couple of times before...
      • In normal legal understanding, distributing software to your employees is essentially distributing the code to yourself as a company, since its the company as an entity that accepts the license terms, not any individual within the company (same as any license or contract, the contract remains valid if the signature signed or accepted on behalf of the company and then left).

        Thats why you can argue that you dont have to distribute the sourcecode to employees, because they are part of the company entity an
  • Sigh. Another one. (Score:5, Insightful)

    by jimicus (737525) on Wednesday March 01, 2006 @09:47AM (#14825854)
    It's not FUD, it is simply "OSS for the uninitiated - be warned that if you're developing software, you might want to actually read the license of anything else you or your contractors plan to use rather than just ignoring it like you usually do". The general tone is "You can use OSS, but be careful".

    It's not terribly well written, mainly because it seems to add a load of guff to licenses which are by and large pretty easy to read. And it uses some contentious terminology which is likely to cause concern. ("Infectious", anyone?)

    Doubtless a whole boatload of slashbots who didn't RTFA will be a long in a moment to say "yeah but no but it's microsoft FUD ignore it don't give it publicity etc etc" - I'm not going to debate that one. I actually think it's more likely to be an attempt on the part of the law firm to drum up a bit of business. Something along the lines of "Now you've read this article, contact us for further advice!"
    • slashbots who didn't RTFA will be a long in a moment to say "yeah but no but it's microsoft FUD ignore it don't give it publicity etc etc" - I'm not going to debate that one. I actually think it's more likely to be an attempt on the part of the law firm to drum up a bit of business. Something along the lines of "Now you've read this article, contact us for further advice!"

      So in other words, it's FUD but not from Microsoft? It really shouldn't be rocket science to figure it out if only someone reads it - or
    • I actually think it's more likely to be an attempt on the part of the law firm to drum up a bit of business.

      It was prepared by the State Services Commission [ssc.govt.nz] and therefore presumably carries a stronger imprimatur than if it were just some private law firm making this analysis.

      Then again, IANAK (I Am Not A Kiwi [wikipedia.org]), so I may be giving this agency more credit than it is due...

    • It's not FUD, it is simply "OSS for the uninitiated - be warned that if you're developing software, you might want to actually read the license of anything else you or your contractors plan to use rather than just ignoring it like you usually do". The general tone is "You can use OSS, but be careful".

      Yes, the actual content is reasonable and sensible. It even specifically identifies the GPL as an appropriate license that has been approved for use in the case where software will either only be distributed i
      • Replying to myself, but the content really isn't as great as I thought it would be from the executive summary section.

        For example, they assert that the output of GPL programs will be covered by the GPL - a point of view expressedly disavowed by most legal experts and by the authors of the GPL itself! I quote:

        The GPL expressly provides that software compiled with the GNU Compiler Collection (GCC) is not infected by the GPL. Presumably the Free Software Foundation considers other GPL compilers will infect th
    • I read it. The FUD is both explicit and implicit. The failure to compare the copyright or patent violation risks of open source software to those of closed source software, where the intellectual property you may be duplicating accidentally is invisible to you, is an implicit FUD. And the indemnification clause is an explicit FUD, since the resolution to most open source copyright violations is simply to publish your modifications to your clients.

      The person who wrote this has clearly never examined the his
    • Repeat after me, Jimicus:
      1. FOSS licenses are less restrictive than non free licenses in every way.
      2. FOSS is easier to acquire, own, and develop than non free.
      3. The only unique legal issue regarding the use of free software is one dead lawsuit from SCO that was funded by Microsoft.
      4. All software has problems with faults but Microsoft is by far the worst.
      5. All software is threatened by bogus "IP" claims as anyone with a Blackberry can tell you.

      That six chapters of nonsense is not worth reading. It's full of th

      • I'm not actually trolling, but it's sweet of you to say so.

        The GPL does have one restriction - which is considered by many commercial organisations to be a pretty damn big restriction. You know, that bit where it says "derivative code must also be GPL'd". Essentially, all the article is saying boils down to "if you are not aware of this, and you don't read the license, such a restriction may come back and bite you".

        Well, duh. But seriously, is there anyone in IT today who is completely unaware of the GPL
    • It's truly overstating the risks.

      Why, I once spent a wild weekend with a couple of computers, installed everything in sight. Played the games. Ran the compilers.

      Oh, how we cavorted, without a care in the world.

      Turns out that one of those "open source" programs had a past, and gave me one of those "infectious viruses."

      Oh, the horror. Splotches on my skin, and had to stay out of the sun.

      Should I have been more careful? Sure; practicing safe computing would have prevented the problem entirely.

      However, unco
  • What a bunch of baloney. What's this about "risk of forced disclosure of confidential code"? Risk makes it sound like it is some kind of roll of the dice thing where if you're unlucky, and you get busted, you have to disclose the code.

    How about "agencies should read the licence agreement and abide by it whether open source or not"?

    And what about "include an increased risk of exposure to faults". Is that supposed to mean open source has a higher "risk" (there's that word again) of faults, because it is bad q
    • No-ones ever, AFAIK, forced a company to disclose its own code. They've all been given the choice of rewriting without the GPLed code or disclosing.

      "First think we do, let's kill all the lawyers" especially ones who can't read, don't understand, and use FUD to get business.

      Justin.
      • Of course, this is a lot of work. So you want to avoid it whenever possible.

        As much as you and the parent poster would like it to be, its not a cut-and-dried issue.

        If, for example, I write a page in PHP that uses a javascript menu-building library which is GPL (because the author didn't think enough about it to make it LGPL and clear up the whole issue), do I have to give out the PHP code that I wrote to anyone who asks for it? Is what I wrote a derivative work of that library, or does this merely count a
        • It is literally always possible to create edge cases whenever there is an in/out division (I think yours is pretty obviously not a GPL issue btw - the libraries are in no way combined), so I'm afraid I'd call that a straw man (although I don't believe you are deliberately trolling, unless you are also trolling yourself ;-).

          You could equally well licence some proprietary code and then come up with edge cases, eg SCO claiming duplication of 'methods and concepts' is not covered by their UnixWare licence to IB
          • The point I was making is that the risk of expense is there. If you have an especially large site, it may cost you tens of thousands of dollars to move over to using a new library. So that's not really a viable option. In that case, treating GPL a bit like the plague ahead of time may be well worth it.

            I don't see how you're justifying this offhand as an edge case. The internet is exploding with activity, and all kinds of little scripts are being used all over the place. This is a classic example of som
        • aug24 said:
          "First think we do, let's kill all the lawyers" especially ones who can't read, don't understand, and use FUD to get business.
          fireboy1919 replied:
          Of course, this is a lot of work. So you want to avoid it whenever possible.
          Was I the only one that related these two statements, but decided that a big workload didn't mean we shouldn't at least try?
  • It's not as though Chapman Tripp could have been unapprised of how utterly stupid their claims are -- Simpson Grierson tried this FUD on a year or so ago, as well: (see The Fud Buster pages of the New Zealand Open Source Society. )

    I hope the New Zealand Serious Fraud Office goes after Chapman Tripp's spreading such lies which bring tangible monetary injury to the New Zealand Open Source community, measurable every time we hear a prospect repeat the utter and unadulterated and deliberate bullshit th

  • It seems that after recent press coverage, that legal staff around the world are trying to cover business risks. Obviously the marketing machines of the software industry are zooming in on some of the mistakes bussiness have made when using f.i. GPL software.
    • the marketing machines of the software industry are zooming in on some of the mistakes bussiness have made when using f.i. GPL software


      Any smart software consumer should "zoom in on" the fact that Monoposoft Office (a.k.a. The Enterprise Ready Virus-Development Environment) has cost the entire PLANET billions of dollars in downtime and that over 99% of all viruses are M-Windows viruses.

      There is no mistake so dear as using Monoposoft products.
  • From TFA:

    * "Infectious" nature: Many open source licences are "infectious", meaning that the original open source licence may apply to:
    (a) the original software if re-distributed
    (b) any modification of the original software if redistributed
    (c) software containing or integrated with the original software, if redistributed
    (d) software used in conjunction with the original software to provide a web based service.

    Correct me if I'm wrong, but I don't know any OSI licenses that enforce (d). See

  • How many people and/or companies have been sued for just using F/OSS? I don't know of any. BTW: all the scox-scam lawsuits are over bogus contract violation. Scox has not sued anybody for just using Linux.

    Innocent parties have been sued for using proprietary software. The msft/time-line case is one example. How many people have been harassed, or fined, by the BSA, because they couldn't find their certificate of ownership?

    These articles always assert that F/OSS is a legal minefield, whereas proprietary is co
  • RTF Document (Score:5, Informative)

    by KingSkippus (799657) * on Wednesday March 01, 2006 @09:59AM (#14825923) Homepage Journal

    Read the actual document [e.govt.nz], not just the summary. The actual document isn't that bad.

    The stuff inside isn't that big a secret to most folks. It mainly boils down to, "Using open source software under licenses we've reviewed is okay, but be careful if you're developing code using open source software that we don't want released to the masses, because under some licenses, we may be obligated to."

    In fact, this document is probably a good thing, in spite of a somewhat badly written summary. Check out Chapter 2 [e.govt.nz]:

    (a) Only use open source licences that have been legally reviewed, including the GPL, LGPL, CAL, MBSD, MIT, which have been reviewed and are recommended by SSC for use in accordance with this guide.
    (b) Obtain performance and intellectual property warranties from the supplier of the open source software, where appropriate and available.

    This only makes sense. I can't imagine anyone disagreeing, saying that you should use software with a license we're not familiar with, or to disregard the IP of open source authors.

    Also, look just below it. It says that for software development that is for open distribution, it's okay to use open source software. For software that is for limited or closed distribution, don't. Is this new? Am I missing something? If anything, people who are interested in open source software can look at this document as permission to go forward, not as a hinderance!

    I mean, I realize that the words "infectious" has negative connotations, but I just don't see this document in and of itself as a bad thing. And even though I'm a strong FOSS advocate, the stuff that's in there is stuff that I would recommend to any company, government or organization to consider in their decision whether to use closed- or open source software.

    • This only makes sense. I can't imagine anyone disagreeing, saying that you should use software with a license we're not familiar with, or to disregard the IP of open source authors.

      Great, read the fine license, that's a fine idea. Read every one of the hundreds of pages behind every "I agree" or "I submit" buttons. Read every page of every SDK use license you use. Read the back of every bill you pay to a non free software company, it's likely to change every month. I hate doing that, so I no longer use

      • Great, read the fine license, that's a fine idea. Read every one of the hundreds of pages behind every "I agree" or "I submit" buttons. Read every page of every SDK use license you use.

        I don't think you can claim that you did your due diligence if you don't. A lot of companies have a review process of the license of any piece of software before they will use it. Those who do not are running on a hope and a prayer.

    • I agree, all in all the document isn't that bad. The only thing that bugged me was the clause regarding the contracting of third-party developers:

      (a) As the standard contractual position, prohibit use of open source software in all development contracts.

      It goes on to say if you REALLY REALLY REALLY need the developer to use open source software, I guess that's OK.

      I don't understand why you would necessarily have a default position of prohibiting contractors from using open source software. Worse, I think
    • You're oh so close to coming up with a new acronym for RTFA there. Maybe, REad The Actual Real Document (RETARD)? Got to be a better way to get the R in though.
    • Re:RTF Document (Score:5, Insightful)

      by bani (467531) on Friday March 03, 2006 @04:03AM (#14841245)
      I mean, I realize that the words "infectious" has negative connotations, but I just don't see this document in and of itself as a bad thing.

      You might think that, with your head screwed on properly. However the pointy hairs who read this document are going to go apeshit when they read the emotional words "infectious" and "quarantine".

      This document is written for pointy hairs, not engineers. It's designed to scare them into submission, make them freak out and think that open source is going to steal all their company patents, intellectual propery, their baby, and kick their dog too.
  • No offense, but these countries are not exactly international economic power-houses.

    It has often surprised me how much of the F/OSS v proprietary battle goes on over there.
  • Good Point (Score:3, Interesting)

    by 4of12 (97621) on Wednesday March 01, 2006 @10:08AM (#14825975) Homepage Journal

    Legal risks with using software are a real issue in our world.

    That's why it would be in the best interests of all computer users and IT decision makers to explore the issue fully, to look closely at what kinds of risks exist, what kinds of risks tend to occur most often in the real world and what their consequences are.

    My experience has been that folks using proprietary software are frequently in the position of bending over backwards (particularly in a large corporate or government environment) to make sure that they have licenses for every piece of software that their employees are running on the their PCs. The IT folks spend some serious time auditing to avoid the even larger risk of a BSA audit.

    As for legal risks associated with open source software I have yet to encounter any. All I've seen are press reports of legal actions that show no outcome but to prove they were based on frivolous premises and some PR statements talking about legal indemnification which are excellent marketing strategies for certain vendors of proprietary software keenly afraid of their revenue stream becoming commoditised by free and open source software. About the only genuine risk I've seen with FOSS is for developers that disobey the "Share and share alike" GPL by releasing modified binaries without releasing modified source.

    Perhaps I'm missing a serious issue and these folks could show some evidence of real people and real companies that have experienced harm due to lack of vigilance concerning the legal risks of FOSS. And they could explain why my personal experience doesn't reflect reality of serious legal risks with hard statistics concerning how much time and money are lost to risk mitigation and handling legal mishaps with users of FOSS compared to users of proprietary software.

  • part of the problem is that people just talk about Free software and open source software as if they are all under the same licence. I think the guy is right in saying that you need to becareful. Consider the fate of a person who thinks he is using a BSD licenced app as a base for his own stuff only to reliaze it is GPL. Sure they are both open source and financially free, but you are not as free to do what you want with it under the GPL as you are with the BSD licence. It gets even more complicated when y
  • My understanding of the GPL was that basically you couldn't plan to distribute just an executable binary. That the person who the software is distributed too can also get the source.

    Now if the government is producing code based on GPL products, then typically they will be the only customer. The only one the code would be distributed to would be the NZ goverment itself. So the government would be the only customer that could ask for the source code.

    Its going to worry about asking itself?

    Just don't ask. T
  • Let me guess... (peers into crystal ball)... Oh yeah, that law firm represented Microsoft in New Zealand [chapmantripp.co.nz]. They even cite Intellectual Property as one of their area of expertise.

    Case closed. Move along, folks, nothing to see here.
  • Regardless of risks of actual litigation and those idiotic software patents (doesn't even apply in NZ), the likelihood that there is copyrighted code in a proprietary application is higher than in an open source one.

    Copyrighted code in a closed source app will be far less conspicuous than in an open source app, and therefore the programmer is more likely to think "well, no one will notice, anyway." In open source apps, the risk of being caught is so much higher, and therefore it's more likely to be free o

  • > While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software.

    [F]OSS operates under the same laws as commercial software, and with the possible rare exception gives you more usage rights than commercial software. There shouldn't be any legal problem per se.

    However, there is the social problem of people thinking that free(beer) means they can do whatever they want with it, which often isn't the case.

    Teach your employees
  • It's a legitimate concern. At many companies where I've worked, they do use open source and free software, but they are careful when it comes to the license as they don't want to inadvertantly make all of thier work go under the GPL if it's distributed.

    All the document is saying is to evaluate each piece of software by it's merits on an individual basis. Further, it says that there is "no reason why open source should not be considered on the same basis as commercial software" but that there could be so
  • Alert: Companies must ensure they do not use the evil open source software.

    The use of this software will clearly open you up to legal attacks, hence the word 'open' in it's name.

    Instead, We advise that companies use commercial and non-open technology including:
    1. Blackberry
    2. Microsoft Products
    3. Mp3 and MPEG
    4. JPEG and GIF

    By using these products, you ensure that you will never be stuck in the middle of a patent dispute, and that your product will not be recalled, modified, or discontinued.
  • Comments about the pejorative connotation of "infectious" as used in this article should be read in light of why the authors say they use that word. They reference this paper [mit.edu] as justification for their terminology. Seems reasonable to me; that document is informative and useful, as is the one from down under.
  • As others have already said, this is boilerplate advice in the software development world. I work at a large tech company and our legal department maintains a list of FOSS licenses which we can use, and for anything else you have to submit a request for approval.

    It's a pain in the ass, but it makes sense. We're trained to ignore EULAs and licenses by years of just clicking "ok" but when it boils down to it, a company can lose substantial IP by the actions of a single developer who does that.

    The funny part
  • Quotes from TFA:

    Government agencies acquire open source software through a variety of channels, whether it be staff downloading open source code from the internet,

    If staff downloads and installs random OSS code from the net ... err, OSS or not, if end-users are downloading and installing random code from the net, you don't have an OSS problem: you have a systems/network policy/configuration problem. Nuthin' to do with OSS.

    or external developers providing software that includes open source components

  • Okay, so I'm just curious. Exactly how many people have been exposed to legal loss from violating an open source license? I'm sure somewhat at some point in time must have, but I vaguely remember seeing once somewhere that nobody had ever shelled out any money over a GPL violation (and the GPL is at least the most widely used license).

    But you can infringe the copyrights on on commercial closed-source software just as well as open source software, and I'm willing to bet that BSA audits and fines create muc
  • The appearance of this FUD on the e-govt site is particularly ironic given that the 'E-government' strategy is to

    ensure that the public sector was able to make best use of information and technology to improve its service delivery, internal performance and overall capability.

    They're going to have a hard time doing that if they deprecate open source.

    The irony reaches unbearable levels when one reads, in its vision statement [e.govt.nz],

    But, left to develop by itself, it has the potential to create new divisions

  • Infected? Nooo, if the distribution has been altered, md5sum will give a different hash back.


    NAME
                  md5sum - compute and check MD5 message digest

    SYNOPSIS
                  md5sum [OPTION] [FILE]...
                  md5sum [OPTION] --check [FILE]


    (relax, it's a joke)
  • I suppose there COULD be a problem with patent infringement. But the same holds true for any product. For the moment, it looks like Blackberry has more trouble with patents than the entire OSS world combined. I am not a lawyer, but somehow I suspect most of the patent infringement action (if it ever happens) will be against the authors of software, not the customers. Given the distributed/international nature of OSS development, patent enforcement might be futile. In some ways, it would be like the IR
  • One of the most prominent cases where there is a threat to ongoing software availability in recent years is the NTP vs RIM patent suit. SCO vs The World may have had more publicity back in the day, but there was never a serious legal threat, whereas with NTP and RIM, an injunction blocking the use of RIM software was sought and hearings were held.

    Is RIM's software Open Source? No. So is this letter from these lawyers pure bullshit? Yes.
  • ... still have a section forbiding the use of the compilers to create a product that competes with a Microsoft product?

The relative importance of files depends on their cost in terms of the human effort needed to regenerate them. -- T.A. Dolotta

Working...