Re: XZ upstream thinks about switching from PD to 0BSD.

2024-02-13 Thread Daniel Hakimi 
The BSD 0-clause license is effectively a public domain grant in
jurisdictions that acknowledge public domain grants, and an extremely
permissive license in jurisdictions that do not. This does not seem like an
issue. attribution is not required in either case.

On Tue, Feb 13, 2024, 15:49 Sebastian Andrzej Siewior <
sebast...@breakpoint.cc> wrote:

> Hi,
>
> the XZ upstream project thinks about changing the license from Public
> Domain to BSD Zero clause license:
> https://github.com/tukaani-project/xz/issues/79
>
> I *think* the PD "license" has no copyright and this isn't an issue for
> Debian.
> Could someone please comment on behalf of the Debian Project?
>
> Sebastian
>
>

Re: Possible GPL violation

2023-06-20 Thread Daniel Hakimi 
You are allowed to modify works licensed under the GPL. You are not allowed
to modify the GPL itself.

On Tue, Jun 20, 2023, 21:27 Joshua Allen  wrote:

> In the debian manual, it says
>
> "This manual is free software; you may redistribute it and/or modify it
> under
> the terms of the GNU General Public License. Please refer to the license in
> Appendix F, GNU General Public License."
>
> It then includes verbatim the license which says
>
> "Appendix F. GNU General Public License
>
> Version 2, June 1991
>
> Copyright (C) 1989, 1991 Free Software Foundation, Inc.
> 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
>
> Everyone is permitted to copy and distribute verbatim copies
> of this license document, but changing it is not allowed."
>
> Since the GPL cannot be changed or modified, henceforth there is a
> contradiction that goes against the GPL by including the very wording of
> the form license.
>
> Because of this, the debian should consider removing the form license.
> Or relicense the manual under the GFDL and putting Appendix F under an
> invariant section, which I doubt since Debian doesnt consider the GFDL
> with invariant clauses to be free documentation.
>
>

Re: About distribution of modified copy of Debian OS

2023-05-19 Thread Daniel Hakimi 
As long as you comply with the GPL, this is perfectly acceptable. Note that
this includes making source code available and allowing licensees to
redistribute your OS freely, so charging for your version might not be the
most effective way go make money—I could just throw up an iso torrent for
free—but it could work.

RedHat, for example, charges for RHEL (packaged with support). CentOS was a
famous fork that originally only changed trademarkable features (names and
logos) and charged one vent per copy. This didn't stop RedHat from becoming
a profitable venture, of course.

On Fri, May 19, 2023, 12:51 Borja Sanchez 
wrote:

> Dear Debian Project Team,
>
> My name is Borja Sanchez, writting from Spain. I am currently planning to
> run a paid course where I will distribute a modified version of Debian,
> rebranded and renamed. This software will be offered at no extra cost as
> part of the course materials.
>
> In addition to this, I wish to inform you that I am also considering
> charging a fee for this customized software in the future, separate from
> the course fees.
>
> The custom OS version will be built from the latest Debian stable version,
> by running a live-build process to build a ISO image with custom packages,
> scripts, assests pre-installed.
>
> With these points in mind, I have two key questions:
>
> 1. I would like to confirm that these proposed actions comply with the
> GPL's guidelines and Debian's policies.
>
>
> 2. I am interested to know if there are any other considerations,
> requirements, or permissions I should be aware of before proceeding with
> this plan.
>
>
> Your expert advice and guidance on this matter would be greatly
> appreciated. I value your work and aim to respect the open-source
> principles that Debian upholds.
>
> Thank you for your time. I look forward to your response.
>
> Best regards,
> Borja Sanchez
>
>

Re: Microsoft Bing or Windows Spotlight daily picture as wallpaper?

2022-10-09 Thread Daniel Hakimi 
Technically, one could very easily argue this is illegal as you're
reproducing copies of the images without permission. Obviously, this sort
of thing is very standard on a lot of the internet, and most people know
the risks of putting their photos up online. But there are also copyright
trolls out there who love sending companies demand letters over small,
accidental infringements.

It's theoretically possible for companies distributing Debian to be sued
for contributory infringement in a case like this. Very unlikely, but
*possible*. Especially if the program downloads the same images for all
users, because then I can know for sure that some huge swath of Debian
users have downloaded my photo. The program also creates an easily
discoverable directory of evidence, which might make things worse if a
lawsuit ever gets going.

Would you be able to write a version that only downloads images with a
known license on a certain list of good licenses, or images known to be in
the public domain?

On Sun, Oct 9, 2022, 07:33 Patrice Coni  wrote:

> Dear debian-legal people,
>
> I develop a software that downloads the daily picture from Bing or
> Windows Spotlight and set it as wallpaper on a X11 desktop environment.
> Bing or Windows Spotlight are features of Microsoft.
> The daily picture is obtained from www.bing.com or from arc.msn.com.
> Each image appears to be copyrighted by its owner.
>
> The software (DailyDesktopWallpaperPlus) not only downloads the picture,
> but the copyright and description of each image is stored in a local
> database.
> The images are saved and can be reused later.
> Is this legal? What do I have to consider?
>
> My goal is that the software to be included by Debian.
>
> Link: https://github.com/pgc062020/DailyDesktopWallpaperPlus
>
> Thanks in advance.
>
> Best regards
>
> Patrice Coni
>
>

Re: Thoughts on GPL's Appropriate Legal Notices? or the CPAL?

2021-10-08 Thread Daniel Hakimi 
What about them?

On Fri, Oct 8, 2021, 16:42 Benito Garcia  wrote:

> 
>

Re: Legal status of Audacity in releases newer than Bullseye

2021-07-04 Thread Daniel Hakimi 
At a glance, while Debian shouldn't distribute it and the community should
certainly fork, I'm not sure it's technically a GPL violation. Is there a
clickwrap page requiring you to agree to the privacy policy to use
audacity? Does Audacity as they distribute it involve any network-related
services?

GPL packages are allowed to ship with privacy policies (although they
usually don't need them), and those policies normally cover your use of
certain services alongside the software (here, telemetry services, which
you're hardly "using," but you know, use a fork). Now, you can't be
required to agree to the policy to use Audacity... that's a problem for
them, but are they requiring it? As I mentioned above -- is it
clickwrapped, or just linked to on their website?

Regards,

Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015


On Sun, Jul 4, 2021 at 9:15 PM  wrote:

> To who it may concern
>
> As you know the audacity project has been recently acquired by musegroup.
> Since then there have been a series of changes impacting Audacity. One such
> change is that telemetry has been included in newer versions of audacity no
> the one currently in the Debian repository for Bullseye and Sid (version
> 2.4.2), and has a requirement which both violates the GPLv2 license, the
> GPLv3 license as well as the Debian Free Software Guidelines. There has
> been a fork, which removes the questionable code, which can be found here:
> https://github.com/cookiengineer/audacity. Here is the github issue
> thread explaining the license violation issue with regards to the privacy
> policy: https://github.com/audacity/audacity/issues/1213 What is the plan
> going forward, after the release of Debian 11 (since version 2.4.2 is
> unaffected by the licensing isuse) in regards to Audacity in the Debian
> package repository? Should this GPL2 violation be reported, if so to what
> organization? How will it impact the audacity package in
> bullseye-backports, bookworm as well as newer versions?
>
> Looking forward towards your answers
>
> Regards
>
> Jorkano
>

Re: tomboy-ng package with non standard license.

2020-09-12 Thread Daniel Hakimi 
Is this  the conversation
they had about the license? It doesn't seem very robust...

First of all, did they even have the authority to modify the license? Were
there contributors? Did the contributors sign a CLA that allowed the
license to be changed in this way? Or was it just the package maintainer
deciding to change the license? Or, does the package just have a single
author?

Second of all, nobody seems to have explained why they aren't using a
standard license. They removed the clause about modifications, but the new
license still doesn't clarify whether modifications are allowed or not.
Very confusing.

They do mention modified code, so I agree that this probably does imply a
permission to modify... But I always find it so annoying when developers
are hostile to any clear and straightforward licensing practice.

Regards,

Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015


On Sat, Sep 12, 2020 at 2:03 AM David Bannon 
wrote:

> Thank you Paul, I am afraid I am a still a little unsure however.
>
>
> On 12/9/20 11:29 am, Paul Wise wrote:
> > Dependencies should be packaged separately, not copied into the
> > package that depends on them.
>
> Yes, I understand that. However, LCL Packages usually have no existence
> outside the Lazarus IDE. The IDE has built in tools to fetch and install
> such packages and most Lazarus based applications are built from within
> the IDE. However, that will not work with the Debian build system. It
> would not be possible to make a general purpose KControls Debian
> package, the Lazarus IDE uses a 'pull' model for its packages, it will
> not accept a 'push'. Packages need to be installed in user space,
> normally, on Linux, this is in a configuration dependent hidden
> directory in $HOME.
>
> Alternatively, if I was to make a Debian KControls package intended only
> for command line building of my specific app, and thats what it would
> have to be, I am quite sure it would be judged as inappropriate. I would
> need to 'invent' a specific place to put the files and then when
> building tomboy-ng, would look for them in that place. Thats wrong !
>
>
> >> This code is distributed as a freeware. You are free to use it as part
> of your application for any purpose including freeware, commercial and
> shareware applications. The origin of this source code must not be
>  misrepresented; you must not claim your authorship. All redistributions
> of the original or modified source code must retain the original copyright
> notice. The Author accepts no liability for any damage that may result
> from using this code.
> > This license contains an implicit permission to modify, but it would
> > be much better to make it explicit. If you are going to go to the
> > trouble of asking upstream to get permission from all the copyright
> > holders to change the license, it would be much better to just switch
> > to a standard license (GPL, MIT or BSD) though.
>
> Sorry, unsure of what you mean here. I don't intend asking upstream to
> change its license. Its unlikely I will get TK (the KControls author) to
> change the KControls license. When he first moved to Github, we
> discussed the license extensively, his original license would,
> unintentionally, have prevented it use. What we have now is the best we
> can hope for. Or do you mean I should change my license (that applies to
> my app, tomboy-ng) to make it somehow more compatible ?
>
>
> Paul, I wonder if we can talk about the "should"s and the "must"s ? I
> really have no control over TK's license. If its unacceptable, then
> thats what it is. At some time in the future, its just possible i will
> use RichMemo instead but until then, this approach is the only one open
> to me.
>
>
> David
>
>
>
>

Re: Subpoena regarding ongoing patent matter

2020-07-01 Thread Daniel Hakimi 
There is nobody "at" Debian because Debian is not a place or a legal
organization. Depending on what you want out of your subpoena, the
information might already be publicly available. Otherwise, there *may* be
individuals or related nonprofits or large contributing corporations you
could ask for certain information, but it's hard to guess who you'd be
looking for without an idea of what information you want.

On Tue, Jun 30, 2020, 23:33 Van Handel, Michael <
michael.vanhan...@dlapiper.com> wrote:

> Hello,
>
>
>
> I’m a patent attorney at the law firm DLA Piper, and we came across some
> software written for Debian that is relevant to the validity of a patent at
> issue in one of our cases.  As a result, we want to issue a subpoena to
> Debian to gather evidence relevant to our case.
>
>
>
> Is there a registered agent for service of process of the subpoena, or
> somebody else at Debian that will accept service of a subpoena?
>
>
>
> We appreciate your help.
>
>
>
> *Michael Van Handel*
> Associate
>
>
> *T* +1 617.406.6047
> *F* +1 617.406.6147
> *E* michael.vanhan...@dlapiper.com
>
>
>
> [image: DLA Piper Logo]
>
>
>
> DLA Piper LLP (US)
> 33 Arch Street, 26th Floor
> Boston, Massachusetts 02110-1447
> United States
> www.dlapiper.com
>
>
>
>
> The information contained in this email may be confidential and/or legally
> privileged. It has been sent for the sole use of the intended recipient(s).
> If the reader of this message is not an intended recipient, you are hereby
> notified that any unauthorized review, use, disclosure, dissemination,
> distribution, or copying of this communication, or any of its contents, is
> strictly prohibited. If you have received this communication in error,
> please reply to the sender and destroy all copies of the message. To
> contact us directly, send to postmas...@dlapiper.com. Thank you.
>

Re: Maxmind GeoIP/Geolite license change

2020-06-15 Thread Daniel Hakimi 
What do you mean by "it should  not be possible to sell the database?" The
CC-BY-SA and all other Free licenses allow commercial uses, including paid
licenses.

On Mon, Jun 15, 2020, 16:51 Michael Tremer 
wrote:

> Thank you for your feedback.
>
> As you will have noticed, I am not an expert on licenses and have picked
> CC BY-SA 4.0 because I believe Maxmind’s database was licensed under this
> before.
>
> We can of course change the license and I am happy to take your
> suggestions. What I would like the license to be is the following:
>
> * it should be free for anyone to use but not possible to sell the
> database
> * it would be nice to encourage users to give back to the project and help
> them to help us to improve the data wherever possible
>
> I cannot come up with anything else this license should or could cover.
>
> Best,
> -Michael
>
> > On 15 Jun 2020, at 21:14, Francesco Poli 
> wrote:
> >
> > On Mon, 15 Jun 2020 21:24:45 +0200 Roberto wrote:
> >
> >>> On Mon, Jun 15, 2020 at 08:04:47PM +0200, Francesco Poli wrote:
> >>> The reason is that the one-way compatibility mechanism of CC-by-sa v4.0
> >>> is not exceptionally clear, and, without that compatibility, the
> >>> CC-by-sa v4.0 license itself has a number of controversial clauses
> >>> (non-free, in my own personal opinion).
> >>
> >> CC-BY 4.0 (without SA) may be better than CC-BY-SA in that case,
> >> according to the FSF it's compatible and accepted as a free license (for
> >> content which is not a program).
> >
> > Actually, although the FSF [claims] that CC-by v4.0 is compatible with
> > the GNU GPL, it does not explain how the restrictions found in CC-by
> > v4.0 can be reconciled with the GNU GPL.
> >
> > [claims]: 
> >
> > I asked the FSF to publish a reasoned analysis on this.
> > I did so back in 2015, but nothing has been disclosed yet (as far as I
> > know).   :-(
> >
> > I am personally *not* convinced that CC-by v4.0 is GPL-compatible.
> > Please note that the CC-by v4.0 has no explicit compatibility clause
> > (contrary to CC-by-sa v4.0, which has a one-way compatibility
> > mechanism)...
> >
> >
> > --
> > http://www.inventati.org/frx/
> > There's not a second to spare! To the laboratory!
> > . Francesco Poli .
> > GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE
>
>

Re: FreeMedForms projet

2020-01-10 Thread Daniel Hakimi 
Can you please clarify -- you said the license was the same, but you didn't
say what that license actually was. What license is your code available
under?

On Fri, Jan 10, 2020, 07:18 Eric Maeker  wrote:

> Hi,
>
> For now, our NPO is too poor to engage in consulting or to pay external
> developments and we awfully miss time to manage all aspects of a widely
> collaborative project.
> Sounds like we are travelling to "contrib" or "non-free" package ? Or may
> be "non-debian" ?
>
> Belle journée
> Cordialement
>
>
>  *Dr Maeker Éric*
>
> *Gériatre, psychogériatre*
> eric.mae...@gmail.com
> Twitter  @DrMaeker 
> RPPS 10002307964
>
> maeker.fr  Site personnel
> empathies.fr  Association Emp@thies
> freemedforms.com  Logiciel médical
>
> La gériatrie, c'est la médecine pour les pères et les mères Noël
>
>
> Le ven. 10 janv. 2020 à 03:03, Paul Wise  a écrit :
>
>> On Thu, Jan 9, 2020 at 8:00 PM Eric Maeker wrote:
>>
>> > Free Source code is provided to any demander approved by the NPO, code
>> licence is still the same.
>>
>> I don't like this, people seeking source code should not have to get
>> approval first. That said, I note that the source code is available
>> directly from the site without approval.
>>
>> > But, the code documentation is only reserved to approved developers by
>> this NPO.
>>
>> I definitely don't like this, it would be much better to publish the
>> code documentation to everyone under a free license.
>>
>> > We do encourage new dev to apply to our NPO and to sign a CLA (which is
>> still a draft piece of text actually).
>>
>> I don't like this either, it would be much better for devs to release
>> their contributions under the same license that you do, then you can
>> incorporate their changes, preserving their copyright over their
>> changes and passing on their license to you to downstream users. So
>> the whole of the software is then owned by a variety of copyright
>> holders, each of whom also have to abide by the license given to them
>> by the other contributors. The license on the software then cannot be
>> changed without contributor consensus, so it becomes a much more solid
>> project from a user perspective. Single-owner projects are much more
>> easy to turn proprietary.
>>
>> http://ebb.org/bkuhn/blog/2014/06/09/do-not-need-cla.html
>>
>> > The problem is that FreeMedForms EHR needs access to private data
>>
>> Could you explain why this data needs to be private? It would be much
>> better to release it publicly under a free license.
>>
>> > The private data are only available to paying partners to the NPO.
>>
>> Is this the only form of income that the NPO has available to it? It
>> sounds like the NPO is seeking what is called an "Open Core" business
>> model, where the core part of the project is public and freely
>> licensed but addons are proprietary. The incentives here can be quite
>> perverse, often companies seek to prevent outside contributions to the
>> core or even remove features from the core so that more people start
>> paying them for the proprietary addons. So I encourage you to consider
>> alternative income streams.
>>
>> I think the best option for the would be to consult with as many of
>> the practices, clinics, hospitals and emergency departments that you
>> know about that use the software and find out the best way for the NPO
>> to have enough resources to continue development consistent with the
>> interests of the community of folks who use the software. Examples of
>> potential income models could include: large grants/sponsorships that
>> cover development and other costs, a membership subscriber base that
>> pays for all maintenance and development costs, or more of a
>> crowd-funding model where folks interested in specific features pay
>> for their development, or a community of consultants that do all work
>> on the project as requested by their customers or possibly a
>> combination of these and other options.
>>
>> > Forks trie to access our private data using the open sourced server
>> protocol (query to a php script).
>>
>> I would suggest to just make the data public and under a free license,
>> but if you don't want to do that, the way to go would be to setup an
>> e-commerce site where people have to pay before they can download the
>> private data and then have in the software a way to load the locally
>> saved data that has been downloaded from the site. I believe there are
>> some freely licensed e-commerce tools in Debian and the consultants
>> that offer support for Debian in your area might be able to help with
>> finding, installing and configuring them.
>>
>> https://www.debian.org/consultants/
>> https://lists.debian.org/debian-consultants/
>>
>> --
>> bye,
>> pabs
>>
>> https://wiki.debian.org/PaulWise
>>
>

Re: Transity: GPL-licensed but Free only for Non-Commercials

2019-12-20 Thread Daniel Hakimi 
So I agree that the language, as worded, seems like it might not be
binding... But it at least reflects a contradictory intent, if not a hard
contradiction. The licensors are certainly confused. Has somebody tried
contacting them to clarify their intent?

On Fri, Dec 20, 2019, 06:44 Roberto  wrote:

> There was a similar case with LinuxSampler a few years ago, restricting
> *use* of the program in commercial applications. It was removed from
> Debian and it was concluded that its license is inconsistent, nobody can
> actually comply with it, because the GPL and the added restriction
> contradict each other. It was also rejected from non-free
> (undistributable software).
>
> https://lists.debian.org/debian-legal/2005/09/msg00271.html
>
>

Re: GPL2 + required to have the place to get the recent version

2019-11-13 Thread Daniel Hakimi 
I mean, that's not entirely relevant in the context of this discussion.
That file tells users not to use the software if they don't agree to the
license, but section 9 of both the GPL and AGPL 3.0 say that a license is
not required to receive and run a copy of the program, and copyright does
not limit use in the first place. Actually, even the SSPL contains that
clause. So the text in question is unambiguously inconsistent with all of
those licenses.

The debate over whether the limitations on using AGPL or SSPL software in a
SaaS product in certain ways without making your own source available meet
various free software definitions is not really relevant to the discussion
of this particular text.

On Wed, Nov 13, 2019, 17:11 Francesco Poli 
wrote:

> On Wed, 13 Nov 2019 08:00:04 -0500 Daniel Hakimi wrote:
>
> > But even the AGPL does not restrict *use*.
> [...]
>
> I personally think the GNU AfferoGPL v3 *does* restrict use.
>
> That's one of the main [reasons] why I think the AfferoGPL does *not*
> meet the DFSG. The Debian FTP Masters don't agree with me,
> unfortunately, but I still believe AfferoGPL-licensed works should not
> have entered (or continue entering) Debian main...
>
> [reasons]: <https://lists.debian.org/debian-legal/2007/11/msg00233.html>
>
>
> --
>  http://www.inventati.org/frx/
>  There's not a second to spare! To the laboratory!
> . Francesco Poli .
>  GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE
>

Re: GPL2 + required to have the place to get the recent version

2019-11-13 Thread Daniel Hakimi 
But even the AGPL does not restrict *use*. The text seems generally
uninformed to me, and I wouldn't assume much of anything, especially not
when I could communicate with the people who wrote it instead.

On Wed, Nov 13, 2019, 06:20 Giovanni Mascellani  wrote:

> Il 13/11/19 01:03, Daniel Hakimi ha scritto:
> > But the text is informal and the party seems to not really understand
> > the license to begin with (again, he's talking about "use," that's not
> > really even relevant to copyright law), so he might not really mean
> > anything by it. I would not assume ill intent. It might be worthwhile to
> > informally reach out to this community and help develop language that
> > just clarifies what the GPL already says, instead of conflicting with
> > it. The community might appreciate that. Worst case, they get angry and
> > defensive, and attempt to move to a different (presumably proprietary)
> > license, in which case, you learned the easy way that they don't play
> > nice. Don't learn the hard way.
>
> The second clause the original email mentions seems to be a request in
> the direction of the AGPL license. If they really want to impose code
> publication when the software is used to offer a remote service, maybe
> they should consider AGPL instead of home-made notices. But maybe they
> are not aware of it. If they opt for this way, I don't think that AGPL
> has DFSG problems.
>
> Giovanni.
> --
> Giovanni Mascellani 
> Postdoc researcher - Université Libre de Bruxelles
>
>

Re: GPL2 + required to have the place to get the recent version

2019-11-12 Thread Daniel Hakimi 
So, technically, he can't actually add restrictions to the license after
he's license them, and if these are taken to not be part of the license,
you'd be safe to just follow the license as usual.

But if this informal text *is* taken to reflect the intent of the parties,
then it might kind of reflect on how the license is meant to be followed,
which isn't great. It's not only inconsistent with the spirit of the GPL,
but also the language, as it talks about "use," seems to require a direct
link to "the recent version..." A lot of companies have been offering
alternative interpretations of the GPL, and theoretically if those
interpretations are taken as evidence of the intent of the parties, they
might affect the contract. Or they might be seen as parol evidence, IE not
relevant to the contract, but it's hard to say. So I wouldn't advise
risking it...

But the text is informal and the party seems to not really understand the
license to begin with (again, he's talking about "use," that's not really
even relevant to copyright law), so he might not really mean anything by
it. I would not assume ill intent. It might be worthwhile to informally
reach out to this community and help develop language that just clarifies
what the GPL already says, instead of conflicting with it. The community
might appreciate that. Worst case, they get angry and defensive, and
attempt to move to a different (presumably proprietary) license, in which
case, you learned the easy way that they don't play nice. Don't learn the
hard way.

Regards,

Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015


On Tue, Nov 12, 2019 at 6:36 PM Samuel Henrique 
wrote:

> Hello legal,
>
> So I stumbled upon this rather interesting case of a software licensed by
> GPL2 but with an extra "clause" to it:
> "
> # If you enclose this script or parts of it in your software, it has to
> # be accompanied by the same license (see link) and the place where to get
> # the recent version of this program. Do not violate the license and if
> # you do not agree to all of these terms, do not use it in the first
> place.
> "
>
> https://github.com/drwetter/testssl.sh/blob/3b89dc6b0a41299fbf462789998e4c103f4f0210/testssl.sh#L19-L22
>
> The release notes for 3.0. r5 also mentions:
> "
> This program is licensed under GPL-2. Please note also that if you're
> using the program for a paid or free public service you need mention where
> you got this program from.
> "
>
> It seems that the author is trying to prevent people from setting up
> webpages using this
> software as a backend without crediting it. It seems like a reasonable
> think to ask for.
>
> My question is regarding DFSG compliance around this, I believe there is
> nothing wrong with
> it, but the fact that upstream expose is as GPL-2 seems a little
> misleading, as it's not plain GPL-2 and I think we should change something
> in d/copyright to address this.
>
> Are you aware of other software that are in a similar situation? I would
> like to see what
> d/copyright looks like. For this case the package was accepted by
> ftp-master with a
> d/copyright that states it as GPL-2.
>
> Regards,
>
> --
> Samuel Henrique 
>

Re: Content Rating System - DFSG-free?

2019-06-27 Thread Daniel Hakimi 
Is this an issue relating to the software license, or just to the general
spirit of the DFSG?

It would be nice if the rating system could be opt-in, warning based, easy
to opt out of, etc. But as long as the software is Free, users can
recompile it without the rating system... The point being that this doesn't
seem like a legal issue.

Regards,

Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015

On Thu, Jun 27, 2019, 08:09 Bagas Sanjaya  wrote:

> Hello,
>
> In discussion about Content Rating System (CRS) implementation in 
> debian-devel mailing list, Gard Spreemann questioned
> whether CRS would conflict with DFSG:
>
> Bagas Sanjaya   writes:
>
> > Regarding freedom, yes it can be affected by CRS because CRS can limit 
> > freedom to use programs for some users
> > (particularly non-adults). But CRS limit such freedom in order to protect 
> > psychology users for long term from negative
> > impacts of programs they used.
>
> Surely this would be a direct conflict with the DFSG?
>
> However, DFSG is only applied to software licenses, not software usage.
> IMO, when DFSG is applied to the usage of CRS, the CRS wouldn't satisfy
> DFSG #6 (No Discrimination against Fields of Endeavor) and DFSG #5 (No
> Discrimination against Persons or Groups). Why? Because when CRS is applied
> into Debian, and suppose that a child user wants to install game package
> which rated for teen, the CRS system will reject the installation, and thus
> restrict the package from being used by children. What are your
> opinions/thoughts/positions about CRS and is it DFSG-free, in sense of
> usage? Regards, Bagas.
>
>

Re: redistribution of the ARIN TAL

2019-02-16 Thread Daniel Hakimi 
I just looked up their terms of service, and I don't see any problem at
all...

Marco, can you tell us what they actually said, and in what context? Is
there an email you can forward?

Regards,

Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015

On Sat, Feb 16, 2019, 03:35 Landry, Walter  Marco d'Itri  writes:
> > ARIN believes that they have a right to limit distribution of this RSA
> > public key (used for verification of routing security):
> >
> > https://www.arin.net/resources/rpki/arin-rfc7730.tal
>
> I can see that URL without agreeing to anything.  So the only
> restrictions on redistribution I can think of would be due to copyright.
>
> > (This is basically an X.509 subjectPublicKeyInfo, which can be parsed
> > with openssl asn1parse.)
> >
> > And they are arguing that people cannot download this file from
> > a well-known location without first agreeing to some conditions.
> >
> > Does everybody agree that this is bullshit and that we can distribute
> > this data in Debian packages as much as we like?
>
> This feels very similar to distributing HD-DVD keys [1].  The legal
> problem with HD-DVD keys is the US DMCA.  It sounds like that would not
> be an issue here.  ARIN might think that they can restrict the
> distribution of this file via copyright, but it seems like a pretty
> clear case of fair use.
>
> As always, ftpmaster is the one who makes the actual decision.
>
> Cheers,
> Walter Landry
>
> [1] https://lists.debian.org/debian-devel/2007/05/msg00043.html
>
>

Re: redistribution of the ARIN TAL

2019-02-15 Thread Daniel Hakimi 
Are they talking about redistribution, or access? Are they saying that
we're not allowed to distribute the file ourselves, or are they saying that
we're not allowed to download the file without agreeing to the terms?

We might need to agree to their terms of use to use their website. This
makes sense -- having every Debian user access their website regularly via
some background script would probably have annoying bandwidth costs for
them. In the worst case, that could amount to a breach of the CFAA (in the
US).

There might also be reasons we can't redistribute the file ourselves, but
those are less likely to be a problem -- I would agree that this file
probably isn't copyrightable.

Regards,

Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015


On Sat, Feb 16, 2019 at 12:38 AM Paul Wise  wrote:

> On Fri, Feb 15, 2019 at 7:00 PM Marco d'Itri wrote:
>
> > And they are arguing that people cannot download this file from
> > a well-known location without first agreeing to some conditions.
>
> Do you have any info on the conditions?
>
> > Does everybody agree that this is bullshit and that we can distribute
> > this data in Debian packages as much as we like?
>
> IANAL, but it doesn't seem copyrightable to me. I guess there could be
> other laws affecting this though.
>
> > (Please Cc: me on replies.)
>
> Done.
>
> --
> bye,
> pabs
>
> https://wiki.debian.org/PaulWise
>
>

Re: Hacking License

2018-11-30 Thread Daniel Hakimi 
Why?

This license is only more work for the community to understand, and
incompatible with everything else out there. What's the upside of using
your own license over the GPL?

Regards,

Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015

On Fri, Nov 30, 2018, 22:29 Giacomo Tesio  Hi, I'm going to distribute a C library I wrote from scratch and with
> no dependencies (except for some POSIX system calls) under a new
> strong copyleft, the Hacking License.
> AFAIK, it conforms to the DFGL and pass the three corner-case tests,
> but I'd like to know your legal opinions and criticisms, as I'm going
> to package such library for Debian too.
> This license and the library it will cover are part of a larger hack
> that includes an operating system ( http://jehanne.io ) and an
> education method for kids (successfully tested in an elementary school
> but still undocumented, sorry).
> As you will read, its ultimate goal is to incentivize all users to
> understand and modify the software they use, turning them to hackers.
>
> You can find the text at http://www.tesio.it/documents/HACK.txt
> (SHA256: 7c3bc821d8e32f644ff0cead738e3db1888e7f029c823189a74b3dcaae2be0ed),
> but it is included after this message for your convenience.
>
> Thanks for your feedback!
>
> Giacomo
>
>
> Hacking License
> ===
>
> Our Curiosity serves Humanity through Freedom, Candor and Communion.
>
> This license grants you the right to hack with us, to learn what we ignore
> and to challenge our assumptions by teaching us what you will learn.
>
>
> 1. Definitions
> --
>
> For the purpose of this License:
>
> - "License" refers to this License.
> - "Copyright" means copyright-like laws that apply to other literary works.
> - "Hack" refers to the software, the documentation and the contents
>   distributed under this License.
> - "Hacker" refers to any Copyright holder of the Hack.
> - "Human" is every live being with humans among its genetic ancestors.
> - "Application" refers to a set of software exchanging data.
> - "Runtime" refers to any runtime system, any operating system, any
>   virtual machine and/or any interpreter that is required to run the Hack.
> - "Source" refers to the human-readable form of a software which is the
>   most convenient for people to study and modify, and that can be used
>   to generate a new identical copy of the software itself.
> - "User" refers to any human receiving a copy of the Hack or its source
>   and/or performing any action permitted by this License.
> - To "study" a software means to perform any activity that could help
>   the User to deeply understand it, to understand how to modify it or to
>   explain its usage and inner working to other Users.
> - To "copy" means to create an new exact copy of a software, for any
>   purpose and on any medium, even after applying one or more lossless
>   transformations to the software, including, but not limited to,
>   compression or encryption.
> - To "distribute" means any action that enable a human or organization
>   to perform any of the activities permitted by this License.
> - To "use" a software means to generate a new copy of the software from
>   its source, to run it for any purpose, to install it, to interact with
>   it through any medium or proxy (even asynchronously), to provide data
>   for its input or to consume its output (or any part of it), and/or to
>   store and use a Derived Work in place of the software itself.
> - To "wrap" a software means to integrate it into an Application.
>   The programs that collect, store, transform and/or transfer data
>   for the User or between the User and the Hack are called "Wrappers".
>   Wrappers do not include any program or library that Users can find in
>   off-the-shelf distributions of the required Runtime, but include any
>   modified version of such programs, libraries, Runtime that are required
>   to run the Application.
>   The license of a Wrapper is compatible with this License if it grants
>   to the Users access to its source and the right to study, copy, use,
>   wrap, modify and/or distribute the Wrapper and/or the Application
>   and/or any modified version of them, in any form.
> - To "modify" a software means to perform any action that would require
>   Copyright permission, except for studying, copying, using, wrapping
>   and distributing the software, including, but not limited to, to adapt
>   all or part of the software, to translate all or part of it to a
>   different language or form, to create or modify its documentation,
>   to refactor its source, or to combine the software or parts of it with
>   other works. The resulting work is called a "Derived Work", whereas
>   "Inspiring Hack" is the original work modified to create it.
>
>
> 2. Grants
> -
>
> Permission is hereby granted to any User of the Hack to study, copy,
> use, wrap, modify and/or distribute the Hack, and to distribute any
>

Re: GPL-2+ with additional trademark spice

2018-01-30 Thread Daniel Hakimi 
This is allowed, but it is not an exception or modification to the GPL. You
cannot remove permissions from the GPL under any circumstances. Rather,
this is allowed because the GPL is, in no way, a trademark license. If
anything, the above comment merely clarifies that fact. While many projects
are not trademarked, or, if they are, do not aggressively enforce their
trademarks, some are and do, and this is fine.

See, for example, Kodi/XMBC's trademark policy FAQ:
http://kodi.wiki/view/Official:Trademark_Policy_FAQ. They enforce their
policy because their application is sometimes used for illegal means, and
if it is, they don't want to be associated with this illegal action.

This is perfectly consistent with the DFSG (see 4)
https://www.debian.org/social_contract. It is also allowed under the FSD
("Thus, it is acceptable for the license to require that you change the
name of the modified version, remove a logo, or identify your modifications
as yours.", https://www.gnu.org/philosophy/free-sw.en.html) and the OSD
(again, see 4) https://opensource.org/osd.

In the specific case of RedHat -- I trust you've heard of CentOS? CentOS is
essentially RedHat with the RedHat trademarks removed.


Daniel J. Hakimi
B.S. Philosophy, RPI 2012
B.S. Computer Science, RPI 2012
J.D. Cardozo Law 2015

On Tue, Jan 30, 2018 at 5:31 AM, Mihai Moldovan  wrote:

> Hi
>
>
> While working on a package (not yet part of Debian), I noticed the
> following
> copyright and license notice:
>
> # This copyrighted material is made available to anyone wishing to use,
> # modify, copy, or redistribute it subject to the terms and conditions of
> # the GNU General Public License v.2, or (at your option) any later
> version.
> # This program is distributed in the hope that it will be useful, but
> WITHOUT
> # ANY WARRANTY expressed or implied, including the implied warranties of
> # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General
> # Public License for more details.  You should have received a copy of the
> # GNU General Public License along with this program; if not, write to the
> # Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
> MA
> # 02110-1301, USA.  Any Red Hat trademarks that are incorporated in the
> # source code or documentation are not subject to the GNU General Public
> # License and may only be used or replicated with the express permission of
> # Red Hat, Inc.
>
> The first part obviously is just stating that the file in question is
> being made
> available under the GPL-2 (or any later version) license. However, how
> does the
> trademark notice play with that?
>
>
> If that was a BSD-3-clause license, I assume that this additional
> specification
> wouldn't interact badly (as long as the trademark holder and author as the
> same
> legal person), but I am unsure how GPL-2+ compatible that actually is.
>
> One might argue that this a combination of the third BSD-3-clause license
> clause
> with GPL-2+ and since BSD-3-clause is compatible (to a degree) with GPL-2+
> through LGPL-2.1(+), this usage should be fine. Pure speculation on my side
> only, though.
>
>
> Additionally, if the trademark clause as such does not cause licensing
> issues,
> do I have to mention it in debian/copyright explicitly? How would I do so
> correctly? By "creating" a new tag like "GPL-2+-with-trademark-exception"
> and
> copying the full notice?
>
>
> Thank you for any advice.
>
>
>
> Mihai
>
>