Re: Corporate lawsuit exposure Was: k4t4949b (September 2016 refresh of the z/OS 2.2 manuals)

2016-09-21 Thread Jesse 1 Robinson 
I detect a drift from Dilbert into the realm of Bat Man. If some poor soul 
chops off his own foot with an ax, we would not accuse him of inventing a new 
self-amputation tool. It's an unfortunate but unintended consequence of using 
an old tool improperly. Maybe we could find a cadre of available OSOs in the 
rear of the Bat Cave, but in practice we might find this effort a hard sell to 
the CFO. Especially because it runs counter to established corporate wisdom. 

The whole point of share-ware is to achieve maximum flexibility at least cost. 
A new bureaucracy is not likely to garner many champions. OTOH I could eagerly 
invest in whatever industry manufactures red tape. 

.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler 
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-302-7535 Office
robin...@sce.com

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Jack J. Woehr
Sent: Tuesday, September 20, 2016 4:40 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: (External):Re: Corporate lawsuit exposure Was: k4t4949b (September 
2016 refresh of the z/OS 2.2 manuals)

Joel C. Ewing wrote:
> Unfortunately in a large corporate environment you may have a large 
> number of users with access to workstations who are not sophisticated 
> enough to understand software licensing distinctions.

My experience in Fortune 100 Land is that these policies readily transmute 
themselves into tools for maintaining the status quo and shielding the 
incompetent rather than protecting the institution or the customers.

My suggestion is that institutions create trained cadres of Open Source 
Officers (OSO, The Bear) and have one in each technical dep't. empowere to 
approve/disapprovite in a timely fashion all requests to install specific open 
source packages.

If the glasshouse doesn't get a shovel handy, it's going to suffocate under its 
own mountain of bullfeathers. When I was younger and studying Roman history, I 
could understand the Roman Republic and the early Empire, but found the 
Byzantine Era impenetrable. At this point in my life, I understand the 
Byzantine Era much better than I did before!

-- 
Jack J. Woehr # Science is more than a body of knowledge. It's a way of
www.well.com/~jax # thinking, a way of skeptically interrogating the universe 
www.softwoehr.com # with a fine understanding of human fallibility. - Carl Sagan


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Corporate lawsuit exposure Was: k4t4949b (September 2016 refresh of the z/OS 2.2 manuals)

2016-09-20 Thread Jack J. Woehr 

Joel C. Ewing wrote:

Unfortunately in a large corporate environment you may have a large
number of users with access to workstations who are not sophisticated
enough to understand software licensing distinctions.


My experience in Fortune 100 Land is that these policies readily transmute themselves into tools for maintaining the 
status quo

and shielding the incompetent rather than protecting the institution or the 
customers.

My suggestion is that institutions create trained cadres of Open Source Officers (OSO, The Bear) and have one in each 
technical

dep't. empowere to approve/disapprovite in a timely fashion all requests to 
install specific open source packages.

If the glasshouse doesn't get a shovel handy, it's going to suffocate under its own mountain of bullfeathers. When I was 
younger and studying

Roman history, I could understand the Roman Republic and the early Empire, but 
found the Byzantine Era impenetrable. At this
point in my life, I understand the Byzantine Era much better than I did before!

--
Jack J. Woehr # Science is more than a body of knowledge. It's a way of
www.well.com/~jax # thinking, a way of skeptically interrogating the universe
www.softwoehr.com # with a fine understanding of human fallibility. - Carl Sagan

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Corporate lawsuit exposure Was: k4t4949b (September 2016 refresh of the z/OS 2.2 manuals)

2016-09-20 Thread Lester, Bob 
Hi Joel,

 Indeed.  We are a fairly small shop  (less than 2,000 employees).  We do 
not allow end-users or most IT folks to install software on their company 
device.  Too many variables - Licensing is a big one for use, but we're also 
concerned about any software that talks to our infrastructure - we have to 
review any new software - regardless of the licensing policy of the product.  

 Occasionally, this is a pain in the butt for us techie types.  Even though 
I'm a senior MF guy with 26 years on the job (and also doing linux and unix), I 
have personally fought that battle and lost.

IMHO, With all the threats out there, companies (like mine and many others, 
I suspect) are just doing whey that have to do to protect themselves and their 
customers.

 It's a much different world in IT than it was (even) 10 years ago.  Yes, I 
miss those days!

Thanks!
BobL


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Joel C. Ewing
Sent: Tuesday, September 20, 2016 3:43 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Corporate lawsuit exposure Was: k4t4949b (September 2016 refresh of 
the z/OS 2.2 manuals) [ EXTERNAL ]

On 09/20/2016 11:53 AM, Jack J. Woehr wrote:
> Jesse 1 Robinson wrote:
> ...
>>   It takes only one software-piracy lawsuit to devour far more than 
>> our own contribution to the bottom line. We have to live by rules 
>> that may or may not be intended to protect us. The penalty for 
>> violating corporate policy can be severe in the extreme.
>
> Using without altering or redistributing open source licensed under 
> standard licenses (GNU/BSD-2/Apache/IBM Common, etc) is never software 
> piracy.
>
> Downloading a compiled "free" piece of software from random vendors is 
> legally dicey. Installing an RPM on z/Linux is not at all dicey.
> ...
>
Unfortunately in a large corporate environment you may have a large number of 
users with access to workstations who are not sophisticated
enough to understand software licensing distinctions.   A blanket
restriction on user installation of any additional software on a workstation or 
of running software from any unapproved external media is a policy that has 
some hope of being communicated to such users and possibly even enforced.  If 
you open up the flexibility to do otherwise, how do you explain to such users 
that just because they can freely download or install some software that they 
use at home and it runs OK at work without complaining, that this doesn't 
necessarily mean it's legal?  

I have seen a lot of software out there that is free for personal home use but 
requires a paid license to be legal in a business environment.  
There also used to be some personal software licenses that explicitly granted 
the user the right to use the same software on both his home and business 
workstations; but how is the company, if asked, able to prove in such cases 
that the software usage is legit and covered by a license in home-possession of 
a user acting within the scope of his personal license? And what if by some 
oversight that software fails to get deleted from the office workstation when 
that user leaves the company and takes his license with him?

I suspect the Linux case may not be 100% clear either.  I don't know of any 
specific cases with zLinux, but can one for certain rule out the possibility 
that one might install without restriction an RPM that adds a software 
repository, but that some RPMs within that repository might in fact be 
use-restricted in some way?  I'm pretty sure that in the case of Fedora Linux 
there are some packages that have migrated out of the main Fedora repositories 
over the years into other repositories precisely because of licensing issues; 
yet adding those other repositories without concern for those distinctions is a 
common accepted practice for many users.  And, when installing packages from a 
collection of repositories, how carefully does one even note which repository 
is the source?
Joel C. Ewing, Bentonville, AR

-- 
Joel C. Ewing,Bentonville, AR   jcew...@acm.org 

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

This e-mail transmission may contain information that is proprietary, 
privileged and/or confidential and is intended exclusively for the person(s) to 
whom it is addressed. Any use, copying, retention or disclosure by any person 
other than the intended recipient or the intended recipient's designees is 
strictly prohibited. If you are not the intended recipient or their designee, 
please notify the sender immediately by return e-mail and delete all copies. 
OppenheimerFunds may, at its sole discretion, monitor, review, retain and/or 
disclose the content of all email communications.