leuk_he - Slashdot User

Submission + - Slashdot Alum Samzenpus's Fractured Veil Hits Kickstarter

Submitted by CmdrTaco on Tuesday September 07, 2021 @11:46AM

CmdrTaco writes: Long time Slashdot readers remember Samzenpus,who posted over 17,000 stories here, sadly crushing my record in the process! What you might NOT know is that he was frequently the Dungeon Master for D&D campaigns played by the original Slashdot crew, and for the last few years he has been applying these skills with fellow Slashdot editorial alum Chris DiBona to a Survival game called Fractured Veil. It's set in a post apocalyptic Hawaii with a huge world based on real map data to explore, as well as careful balance between PVP & PVE. I figured a lot of our old friends would love to help them meet their kickstarter goal and then help us build bases and murder monsters! The game is turning into something pretty great and I'm excited to see it in the wild!

Comment Re: I sure hope not (Score 1) 180

by Jeremy Allison - Sam on Sunday January 24, 2021 @05:10PM (#60986722) Attached to: Ask Slashdot: Is There a Battery-Powered Wi-Fi Security Camera That Supports FTP/SMB?

SMB3 is usually encrypted by default. The "locks" on it are very well designed these days.

Comment Re:I sure hope not (Score 2) 180

by Jeremy Allison - Sam on Sunday January 24, 2021 @03:56PM (#60986484) Attached to: Ask Slashdot: Is There a Battery-Powered Wi-Fi Security Camera That Supports FTP/SMB?

Microsoft considers SMB3 with transport encryption secure enough that it's used as an ingress point for their Azure cloud.

There are no known vulnerabilities in the SMB3 protocol. Implementations however, of course, can and do contain bugs.

Submission + - SPAM: Samba clarification around GPL and VFS modules.

Submitted by Jeremy Allison - Sam on Thursday October 22, 2020 @11:52AM

Jeremy Allison - Sam writes: People who follow Samba development may
have noticed the following commit that
just went into the Samba repo:

[spam URL stripped]...

For people who don't read git (I'm assuming
that's everyone :-) it's a clarification
around GPL license boundaries and Samba
VFS modules we've been discussing within
the Team for a long while now.

Here's the text of the new file so people
can understand what we're doing here.

Hopefully this will make it much clearer
to OEMs and vendors using Samba where their
GPL requirements begin and end when extending
Samba to work with their own unique filesystem
technology.

Cheers,

Jeremy.

----------------------------------------------------
A clarification of the GNU GPL License boundary within the Samba
Virtual File System (VFS) layer.

Samba is licensed under the GNU GPL. All code committed to the Samba
project or creating a derived work must be either licensed under the
GNU GPL or a compatible license.

Samba has several plug-in interfaces where external code may be called
from Samba GNU GPL licensed code. The most important of these is the
Samba VFS layer.

Samba VFS modules are intimately connected by header files and API
definitions to the part of the Samba code that provides file services,
and as such, code that implements a plug-in Samba VFS module must be
licensed under the GNU GPL or a compatible license.

However, Samba VFS modules may themselves call third-party external
libraries that are not part of the Samba project and are externally
developed and maintained.

As long as these third-party external libraries do not use any of the
Samba internal structure, APIs or interface definitions created by the
Samba project that are licensed under the GNU GPL then it is the view
of the Samba Team that such third-party external libraries called from
Samba VFS modules are not part of the Samba code and cannot be
considered a derived work of Samba for the purposes of GNU GPL
licensing. Thus such libraries are not required to be under the GNU
GPL or a GNU GPL compatible license.
----------------------------------------------------
Link to Original Source

Submission + - Conservancy Announces New Strategy for GPL Enforcement (sfconservancy.org)

Submitted by Jeremy Allison - Sam on Thursday October 01, 2020 @09:45PM

Jeremy Allison - Sam writes: Software Freedom Conservancy, the only organization actively engaged in General Public License (GPL) enforcement and compliance work for Linux, announces today a new strategy toward improving compliance and the freedom of users of devices that contain Linux-based systems. The new work has received an initial grant from Amateur Radio Digital Communications (ARDC).

Our new initiative features:

1) Litigation to enforce against license violators that do not voluntarily comply in a timely manner.

2) Coordinating the development of alternative firmware for devices where none currently exists.

3) Collaborating with other organizations to promote copyleft compliance as a feature for consumers to protect their privacy and get more out of their devices.

We take this holistic approach because compliance is not an end in itself, but rather a lever to help people advance technology for themselves and the world. Bradley Kuhn, Conservancy’s Policy Fellow and Hacker-in-Residence remarked: “GPL enforcement began as merely an education process more than twenty years ago. We all had hoped that industry-wide awareness of copyleft’s essential role in spreading software freedom would yield widespread, spontaneous compliance. We were simply wrong about that. Today, we observe almost universal failure in compliance throughout the (so-called) Internet of Things (IoT) market. Only unrelenting enforcement that holds companies accountable can change this abysmal reality. ARDC, a visionary grant-maker, recognizes the value of systemic enforcement that utilizes the legal system to regain software freedom. That process also catalyzes community-led projects to build liberated firmware for many devices.”

ARDC has long served the amateur radio community who were early adopters of Internet communication. These roots have grown from the deeper soils of wireless and digital communication and open access to technical information. Amateur radio operators have long practiced the tradition of individual technical experimentation that benefited the general public. These traditions also form the basis of software freedom. Hobbyists and volunteers built, modified and improved Free and Open Source Software (FOSS) first. Conservancy defends the rights of software developers to examine the code in their devices and assists their work to improve the platforms they rely on and to understand our communication technologies. Copyleft compliance enables this work to continue and expand to new kinds of devices.

Rosy Wolfe, ARDC’s Executive Director commented: “GPL enforcement is notoriously difficult, and yet it is necessary to deter self-serving actors who want the benefits of community software but won’t follow the rules. Thus Conservancy’s efforts in this arena are critical, and we are honored to support them in this work.”

When companies prevent us from actually modifying the software on our devices, software freedom remains only theoretical. In this new chapter of compliance work, Conservancy will leverage its technical and legal resources to help the public take control of the software on which they rely. This generous grant from ARDC is a first step. Please help in the next step through support of Conservancy’s work with a donation. You can also email compliance@sfconservancy.org to let us know about GPL violations or to discuss volunteering on these projects.

Comment Re: GPLv3 adoption/rejection and begged questions (Score 1) 40

by Jeremy Allison - Sam on Tuesday May 05, 2020 @02:06PM (#60025076) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

"companies still stuck with samba clients"

You mean running Windows :-). There are rather a lot of them by the way...

Comment Re: GPLv3 adoption/rejection and begged questions (Score 1) 40

by Jeremy Allison - Sam on Monday May 04, 2020 @10:00PM (#60022898) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

Dual licensing isn't the same as adding the GPLv3 termination conditions to GPLv2.

If you dual license, then if it's accepted under GPLv3 terms that means you have the replacability and anti-DRM provisions along with the termination grant.

If you accept under GPLv2 then you don't get the termination grant from GPLv3 but don't have to obey the replability or anti-DRM provisions.

Dual licensing isn't an 'AND' of licensing terms, it's an 'OR'.

Comment Re: GPLv3 adoption/rejection and begged questions (Score 1) 40

by Jeremy Allison - Sam on Monday May 04, 2020 @09:57PM (#60022886) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

https://www.zdnet.com/article/...

Comment Re:GPLv3 adoption/rejection and begged questions (Score 1) 40

by Jeremy Allison - Sam on Sunday May 03, 2020 @08:00PM (#60019054) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

A fellow Samba Team member and Red Hat engineer has just pointed out to me that it's unfair to call out Red Hat specifically for this, and in retrospect I agree with him and would like to apologize to Red Hat.

Many others including my own employer Google also signed on to this statement as well.

Sorry Red Hat. Hats off to you for all your sterling Open Source work :-).

Comment Re:GPLv3 adoption/rejection and begged questions (Score 2) 40

by Jeremy Allison - Sam on Saturday May 02, 2020 @11:03PM (#60016586) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

Here is a great retrospective on GPLv3 from a good friend of mine, Richard Fontana at Red Hat:

https://opensource.com/article...

One of the things he notes (that to be honest I'd forgotten about for my talk) is that Red Hat and others have lead the charge to adopt the "forgiveness" provisions of GPLv3 (which as I recall was one of the primary concerns of corporate lawyers taking part in the GPLv3 drafting process) into GPLv2.

To quote from the linked article:

> "This in turn was followed by a Red Hat-led series of corporate commitments to extend the GPLv3 cure provisions to GPLv2 and LGPLv2.x noncompliance, a
> campaign to get individual open source developers to extend the same commitment, and an announcement by Red Hat that henceforth GPLv2 and LGPLv2.x
> projects it leads will use the commitment language directly in project repositories."

From Richard's blog post:

https://www.redhat.com/en/blog...

> "As of today, all new Red Hat-initiated open source projects that opt to use GPLv2 or LGPLv2.1 will be expected to supplement the license with the cure
> commitment language of GPLv3."

A cynic would read that as an attempt by Red Hat to neuter possible adoption of GPLv3 with it's "problematic" (for corporations) anti-DRM provisions. In the words of one of my favorite fictional characters - "You might think that, I couldn't possibly comment" :-).

Comment Re: FTFY (Score 2) 40

by Jeremy Allison - Sam on Saturday May 02, 2020 @10:20PM (#60016490) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

Note that I'm not saying Conservancy shouldn't continue their enforcement efforts. Far from it. I just want to try other things as well.

Comment Re: GPLv3 adoption/rejection and begged questions (Score 2) 40

by Jeremy Allison - Sam on Saturday May 02, 2020 @10:18PM (#60016488) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

I have experience with license enforcement. I have done quite a bit of it behind the scenes (think about my own project to understand where this experience may have come from). It isn't working. There is a great asymmetry between individual developers and corporate legal departments that makes it virtually impossible for developers to successfully enforce their rights.

Look at the VMware case for the latest sorry example.

Comment Re:FTFY (Score 3, Informative) 40

by Jeremy Allison - Sam on Saturday May 02, 2020 @10:00PM (#60016456) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

Maybe. But not all software is written by large corps.

But this isn't the point of the talk, and I don't want people to get hung up on that one idea.

The main point of the talk is that the asymmetry in power between individual developers and corporate law departments means that even if you pick copyleft licenses, it's almost impossible to get them enforced. Most developers have given up - full disclosure, I'm on the Board of Directors of the Software Freedom Conservancy who is (I'm going to make another claim here) the *only* organization that still tries to enforce the GPL. The FSF have long since given up on enforcement.

So let's concentrate on things that have a better chance of working - concentrate on opening up the protocols between software components and not getting bogged down in the licensing.

Comment Re:For a long time the GPLv2 was rejected. (Score 2) 40

by Jeremy Allison - Sam on Saturday May 02, 2020 @08:55PM (#60016294) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

I have been around since "the early phase" of GPLv2. The adoption curve for GPLv3 and AGPL is different. It's unclear as to exactly why, although the co-opting of the most important FLOSS project (the Linux kernel) by corporations may be a big factor.

Remember, back when GPLv2 was created, gcc was one of the most important FLOSS (not that we called it that back then) projects and it was an early adopter of GPLv2. These days there is llvm as competitor. No compelling, category-defining GPLv3/AGPL programs exist to my knowledge.

Comment Re:GPLv3 adoption/rejection and begged questions (Score 4, Interesting) 40

by Jeremy Allison - Sam on Saturday May 02, 2020 @08:50PM (#60016278) Attached to: Copyleft and the Cloud: Where Do We Go From Here?

I don't have *any* problem with the GPL. I was one of the people who helped author the GPLv3. I think it's a great license.

"rejected soundly" to me means the fact that the creators and curators of the license, the FSF, refuse to license some of their most important code under it (glibc for example).

If you think I have a "religious/political problem with the GPL" you don't know me very well :-).

Slashdot Top Deals