Public Safety is not a matter of Private Concern
In a recent article,
Slate's Farhad Manjoo attempts to play down fears of faulty software
in car braking systems as a potential cause of traffic
accidents. Citing numerous studies which conclude that “the
overwhelming reason we get in crashes is driver error,” Manjoo
reasons that “the less driving people do, the fewer people will
die on the roads.”
While it may certainly be true that most crashes occur because of
intoxication, distraction, or driver fatigue, and that computer
controlled cars may decrease driver error, Manjoo doesn't seem to see
the obvious implication of his own assumptions -- “opaque”
and “inherently buggy” software which could endanger
public safety should be subject to review.
New York Times reporters John Markoff and Ashlee Vance correctly pointed out that "nations, private corporations, and even bands of rogue programmers are capable of covertly tunneling into information systems," by exploiting bugs in a program's source code in their January 20th story, "Fearing Hackers Who Leave no Trace."
This is the first installment of a weekly blog about the SFLC 's work or a development in the free software community.
I spent last Thursday and Friday in Brussels, attending the European Commission’s Oral Hearing in the competition investigation of the acquisition of Sun Microsystems by Oracle. The proceedings at the Oral Hearing were confidential; I cannot write about the presentations made there by others. I can, however, summarize the three points I made during my brief presentation on Friday; my previous written submission to the commission is already available. I want to explain what I said and where I think we stand now that the Oral Hearing is over.
Full post here
Black Duck Software recently published some summary statistics
about free and open source software license adoption, based on data it
collected by crawling the web.
The report lists “top 20 licenses that are used in open
source projects” and the proportion of projects which use each
license, as well as historical figures purportedly representing the
number of projects using and planning to use GPLv3 variants for each
month of the last two years. Because of inherent difficulties in collecting this kind of data, and because Black Duck's own methods are opaque and unverifiable, the report is largely meaningless.
Law.com recently ran a sensationalist piece by Edmund J. Walsh warning
of the impending “dangerous real world business dispute” in store for
any for-profit company that uses free software. Walsh points to
lawsuits filed by SFLC on behalf BusyBox as a source of this danger,
and having worked on those lawsuits, I hope I can provide a helpful