SlideShare uma empresa Scribd logo

nexB - FOSS Introduction

nexB Inc.
nexB Inc.

Introduction to Free and Open Source Software (FOSS) License by nexB. You can see a list of most popular FOSS license in DejaCode, visit us at https://enterprise.dejacode.com/landing/

TecnologiaEducação
1 de 12
Baixar para ler offline
Introduction to Free and Open Source Software (FOSS) Licenses © 2013 nexB Inc.
© 2013 nexB Inc. Introduction to FOSS Licenses Agenda •  Software License Definitions •  Software License Issues •  About nexB
© 2013 nexB Inc. Introduction to FOSS Licenses Definitions – FOSS Licenses •  FOSS = Free and Open Source Software –  aka FLOSS = Free/Libre Open Source Software •  Free means you have the right to study, use, change and redistribute the software •  Open Source means you have access to the source code –  Open Source also refers to a collaborative software development approach •  Examples of common FOSS licenses are: BSD, GPL, LGPL, MIT and MPL
© 2013 nexB Inc. Introduction to FOSS Licenses Free Software licenses source code available source with limitations (Proprietary) Copyleft FOSS Attribution Binary-only (Proprietary) Free Software Freeware / Shareware many Java libraries Microsoft shared source Sun SCSL GNU GPL GNU LGPL MPL CDDL BSD MIT ApacheEPL Adobe Reader
© 2013 nexB Inc. Introduction to FOSS Licenses Definitions - Free Proprietary Licenses •  Free Proprietary software is very important in many domains especially Java: –  The software is free for your own use AND –  You may be able to redistribute the software, BUT –  You cannot change it AND there may be other restrictions •  Some examples of free proprietary licenses: –  (Oracle)Sun Binary Code Licenses (esp. for JDK/JRE) –  Adobe Reader EULA and similar –  Oracle Technology Network Development and Distribution License Terms
© 2013 nexB Inc. Introduction to FOSS Licenses FOSS License Obligations Attribution Obligations are typically a combination of: •  Keeping license and copyright notices in the source code in the source file headers or in separate text files. •  Acknowledging the use of the software, the license and/or the copyright in documentation or a product (e.g. Help) Redistribution Obligations are typically a combination of: •  Making source code available for the original work, and •  For your changes (derivative works) – •  Possibly Including some of your proprietary code.
© 2013 nexB Inc. Introduction to FOSS Licenses FOSS – Permissive / Attribution Licenses Licenses with Attribution obligations only •  Apache 1.1 and 2.0 •  BSD – Original, Modified and Simplified •  MIT / X11 •  Creative Commons Attribution •  OpenSSL-SSLeay •  W3C •  Zlib and, of course, Beerware
© 2013 nexB Inc. Introduction to FOSS Licenses FOSS – Copyleft Licenses Copyleft licenses have Attribution and Redistribution obligations •  Copyleft Licenses (“strong”) –  GNU General Public License (GPL) –  Affero GPL •  Limited Copyleft Licenses (“weak”) –  GNU Lesser (or Library) General Public License (LGPL) –  Artistic License –  Common Development and Distribution License (CDDL) –  Common Public License (CPL) –  Eclipse Public License (EPL) –  Mozilla Public License (MPL)
© 2013 nexB Inc. Introduction to FOSS Licenses FOSS License Violation Risks •  “Copyleft” licenses require you to redistribute source code and may force you to release proprietary software as open source or rewrite your software to avoid that obligation •  Some FOSS activists (e.g. Busybox) are raising litigation stakes to “encourage” compliance with GPL •  Even “business-friendly” licenses (Apache, etc.) require you to identify and protect copyright owner rights and may impact your patent portfolio •  Negative reaction from OSS community may impair your brand
© 2013 nexB Inc. Introduction to FOSS Licenses Proprietary License Violation Risks •  Violation of a free proprietary software license may require you to acquire a commercial license and/or change your code: –  Most prominent example is misuse of Sun JDK/JRE in violation of the field-of-use restrictions (general purpose computer only) –  Oracle is aggressively looking for revenue from the Java products it acquired –  Including compensation for violations in the past •  Violation of a commercial software license may expose you to significant financial penalties and/or litigation
© 2013 nexB Inc. Introduction to FOSS Licenses About nexB •  Our mission is to enable a robust software component- based supply chain •  Our current focus is: –  Analysing software provenance (origin and license) and –  Providing a complete software inventory/BOM –  DejaCode Enterprise, a product suite that helps you better manage open source, third-party, and original components throughout the software development lifecycle •  Expertise in software IP analysis across all languages and environments •  Software audit services for acquisitions, software products and internal (IT) systems •  Active open source developers - lead committers and contributors to public projects
© 2013 nexB Inc. Introduction to FOSS Licenses Contact us Contact person: Pierre Lapointe, Customer Care Manager plapointe@nexb.com + 1 415 287-7643 More information: http://www.nexb.com http://www.dejacode.com/

Recomendados

nexB - Software audit for product release
nexB - Software audit for product releasenexB - Software audit for product release
nexB - Software audit for product release
nexB Inc.
 
How to Manage Open Source requirements with AboutCode
How to Manage Open Source requirements with AboutCodeHow to Manage Open Source requirements with AboutCode
How to Manage Open Source requirements with AboutCode
nexB Inc.
 
Rightsizing Open Source Software Identification
Rightsizing Open Source Software IdentificationRightsizing Open Source Software Identification
Rightsizing Open Source Software Identification
nexB Inc.
 
Open source governance with Dejacode
Open source governance with DejacodeOpen source governance with Dejacode
Open source governance with Dejacode
nexB Inc.
 
Identifying third party software with ScanCode
Identifying third party software with ScanCodeIdentifying third party software with ScanCode
Identifying third party software with ScanCode
nexB Inc.
 
Managing Software Inventories & Automating Open Source Software Compliance
Managing Software Inventories & Automating Open Source Software ComplianceManaging Software Inventories & Automating Open Source Software Compliance
Managing Software Inventories & Automating Open Source Software Compliance
nexB Inc.
 
Managing Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCodeManaging Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCode
nexB Inc.
 
Open source software governance with DejaCode
Open source software governance with DejaCodeOpen source software governance with DejaCode
Open source software governance with DejaCode
nexB Inc.
 

Recomendados

nexB - Software audit for product release
nexB - Software audit for product releasenexB - Software audit for product release
nexB - Software audit for product release
nexB Inc.
 
How to Manage Open Source requirements with AboutCode
How to Manage Open Source requirements with AboutCodeHow to Manage Open Source requirements with AboutCode
How to Manage Open Source requirements with AboutCode
nexB Inc.
 
Rightsizing Open Source Software Identification
Rightsizing Open Source Software IdentificationRightsizing Open Source Software Identification
Rightsizing Open Source Software Identification
nexB Inc.
 
Open source governance with Dejacode
Open source governance with DejacodeOpen source governance with Dejacode
Open source governance with Dejacode
nexB Inc.
 
Identifying third party software with ScanCode
Identifying third party software with ScanCodeIdentifying third party software with ScanCode
Identifying third party software with ScanCode
nexB Inc.
 
Managing Software Inventories & Automating Open Source Software Compliance
Managing Software Inventories & Automating Open Source Software ComplianceManaging Software Inventories & Automating Open Source Software Compliance
Managing Software Inventories & Automating Open Source Software Compliance
nexB Inc.
 
Managing Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCodeManaging Open Source Software License Compliance with DejaCode
Managing Open Source Software License Compliance with DejaCode
nexB Inc.
 
Open source software governance with DejaCode
Open source software governance with DejaCodeOpen source software governance with DejaCode
Open source software governance with DejaCode
nexB Inc.
 
Managing Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub EraManaging Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub Era
nexB Inc.
 
nexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a SellernexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a Seller
nexB Inc.
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexB
nexB Inc.
 
nexB: Software Audit for Acquisition Due Diligence
nexB: Software Audit for Acquisition Due DiligencenexB: Software Audit for Acquisition Due Diligence
nexB: Software Audit for Acquisition Due Diligence
nexB Inc.
 
Managing Open Source Software Supply Chains
Managing Open Source Software Supply ChainsManaging Open Source Software Supply Chains
Managing Open Source Software Supply Chains
nexB Inc.
 
Best practice recommendations for utilizing open source software (from a lega...
Best practice recommendations for utilizing open source software (from a lega...Best practice recommendations for utilizing open source software (from a lega...
Best practice recommendations for utilizing open source software (from a lega...
Rogue Wave Software
 
Vonk fhir facade (christiaan)
Vonk fhir facade (christiaan)Vonk fhir facade (christiaan)
Vonk fhir facade (christiaan)
DevDays
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash Course
NetSPI
 
IT due diligence and software quality for fintech startups
IT due diligence and software quality for fintech startupsIT due diligence and software quality for fintech startups
IT due diligence and software quality for fintech startups
Sieuwert van Otterloo
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
FINOS
 
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian CarrierOSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
Basis Technology
 
Don't Let Open Source be the Deal Breaker In Your M&A
Don't Let Open Source be the Deal Breaker In Your M&A Don't Let Open Source be the Deal Breaker In Your M&A
Don't Let Open Source be the Deal Breaker In Your M&A
Black Duck by Synopsys
 
Timelines
TimelinesTimelines
Timelines
primeteacher32
 
Customer Case Study: ScienceLogic - Many Paths to Compliance
Customer Case Study: ScienceLogic - Many Paths to ComplianceCustomer Case Study: ScienceLogic - Many Paths to Compliance
Customer Case Study: ScienceLogic - Many Paths to Compliance
Black Duck by Synopsys
 
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics PlatformAutopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Jason Letourneau
 
Securing APIs with Open Policy Agent
Securing APIs with Open Policy AgentSecuring APIs with Open Policy Agent
Securing APIs with Open Policy Agent
Anders Eknert
 
Securing Docker Containers
Securing Docker ContainersSecuring Docker Containers
Securing Docker Containers
Black Duck by Synopsys
 
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network EvidenceCNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence
Sam Bowne
 
Staying Close to Experts with Executable Specifications
Staying Close to Experts with Executable SpecificationsStaying Close to Experts with Executable Specifications
Staying Close to Experts with Executable Specifications
Vagif Abilov
 
audit report software
audit report softwareaudit report software
audit report software
easyoffice
 
IELTS tips and strategies tesol conference 2011
IELTS tips and strategies tesol conference 2011IELTS tips and strategies tesol conference 2011
IELTS tips and strategies tesol conference 2011
David Bartsch
 
Managing OSS license obligations
Managing OSS license obligationsManaging OSS license obligations
Managing OSS license obligations
nexB Inc.
 

Mais conteúdo relacionado

Mais procurados

Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexB
nexB Inc.
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash Course
NetSPI
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
FINOS
 
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics PlatformAutopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Jason Letourneau
 

Mais procurados (19)

Managing Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub EraManaging Open Source Software in the GitHub Era
Managing Open Source Software in the GitHub Era
 
nexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a SellernexB Software Audit M&A: What to expect as a Seller
nexB Software Audit M&A: What to expect as a Seller
 
Software audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexBSoftware audit for acquisition due diligence with nexB
Software audit for acquisition due diligence with nexB
 
nexB: Software Audit for Acquisition Due Diligence
nexB: Software Audit for Acquisition Due DiligencenexB: Software Audit for Acquisition Due Diligence
nexB: Software Audit for Acquisition Due Diligence
 
Managing Open Source Software Supply Chains
Managing Open Source Software Supply ChainsManaging Open Source Software Supply Chains
Managing Open Source Software Supply Chains
 
Best practice recommendations for utilizing open source software (from a lega...
Best practice recommendations for utilizing open source software (from a lega...Best practice recommendations for utilizing open source software (from a lega...
Best practice recommendations for utilizing open source software (from a lega...
 
Vonk fhir facade (christiaan)
Vonk fhir facade (christiaan)Vonk fhir facade (christiaan)
Vonk fhir facade (christiaan)
 
Thick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash CourseThick Application Penetration Testing - A Crash Course
Thick Application Penetration Testing - A Crash Course
 
IT due diligence and software quality for fintech startups
IT due diligence and software quality for fintech startupsIT due diligence and software quality for fintech startups
IT due diligence and software quality for fintech startups
 
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...Managing the Software Supply Chain: Policies that Promote Innovation While Op...
Managing the Software Supply Chain: Policies that Promote Innovation While Op...
 
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian CarrierOSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
OSDF 2013 - Autopsy 3: Extensible Desktop Forensics by Brian Carrier
 
Don't Let Open Source be the Deal Breaker In Your M&A
Don't Let Open Source be the Deal Breaker In Your M&A Don't Let Open Source be the Deal Breaker In Your M&A
Don't Let Open Source be the Deal Breaker In Your M&A
 
Timelines
TimelinesTimelines
Timelines
 
Customer Case Study: ScienceLogic - Many Paths to Compliance
Customer Case Study: ScienceLogic - Many Paths to ComplianceCustomer Case Study: ScienceLogic - Many Paths to Compliance
Customer Case Study: ScienceLogic - Many Paths to Compliance
 
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics PlatformAutopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
Autopsy 3: Free Open Source End-to-End Windows-based Digital Forensics Platform
 
Securing APIs with Open Policy Agent
Securing APIs with Open Policy AgentSecuring APIs with Open Policy Agent
Securing APIs with Open Policy Agent
 
Securing Docker Containers
Securing Docker ContainersSecuring Docker Containers
Securing Docker Containers
 
CNIT 152: 9 Network Evidence
CNIT 152: 9 Network EvidenceCNIT 152: 9 Network Evidence
CNIT 152: 9 Network Evidence
 
Staying Close to Experts with Executable Specifications
Staying Close to Experts with Executable SpecificationsStaying Close to Experts with Executable Specifications
Staying Close to Experts with Executable Specifications
 

Destaque

audit report software
audit report softwareaudit report software
audit report software
easyoffice
 
Improve your ielts writing skills
Improve your ielts writing skillsImprove your ielts writing skills
Improve your ielts writing skills
IELTSExpert
 
15 days practice for ielts writing
15 days practice for ielts writing15 days practice for ielts writing
15 days practice for ielts writing
shankyverma04
 

Destaque (10)

audit report software
audit report softwareaudit report software
audit report software
 
IELTS tips and strategies tesol conference 2011
IELTS tips and strategies tesol conference 2011IELTS tips and strategies tesol conference 2011
IELTS tips and strategies tesol conference 2011
 
Managing OSS license obligations
Managing OSS license obligationsManaging OSS license obligations
Managing OSS license obligations
 
Generalized audit-software
Generalized audit-softwareGeneralized audit-software
Generalized audit-software
 
IELTS Reading Overview, Tips and Matching Headings
IELTS Reading Overview, Tips and Matching Headings IELTS Reading Overview, Tips and Matching Headings
IELTS Reading Overview, Tips and Matching Headings
 
General tips for ielts reading
General tips for ielts readingGeneral tips for ielts reading
General tips for ielts reading
 
General training reading ielts
General training reading ielts General training reading ielts
General training reading ielts
 
IELTS Reading Preparation Tips
IELTS Reading Preparation TipsIELTS Reading Preparation Tips
IELTS Reading Preparation Tips
 
Improve your ielts writing skills
Improve your ielts writing skillsImprove your ielts writing skills
Improve your ielts writing skills
 
15 days practice for ielts writing
15 days practice for ielts writing15 days practice for ielts writing
15 days practice for ielts writing
 

Semelhante a nexB - FOSS Introduction

Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)
Rowan Wilson
 
Open Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial ServicesOpen Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial Services
FINOS
 
Intro to FOSS
Intro to FOSSIntro to FOSS
Intro to FOSS
mgamal87
 
Introduction to FOSS
Introduction to FOSSIntroduction to FOSS
Introduction to FOSS
mgamal87
 
Open source . . . Open Road
Open source . . . Open RoadOpen source . . . Open Road
Open source . . . Open Road
Mazen Elsayed
 
GoOpen 2010: David Elboth
GoOpen 2010: David ElbothGoOpen 2010: David Elboth
GoOpen 2010: David Elboth
Friprogsenteret
 

Semelhante a nexB - FOSS Introduction (20)

Understanding open source licenses
Understanding open source licensesUnderstanding open source licenses
Understanding open source licenses
 
Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)
 
Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017
 
Open Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial ServicesOpen Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial Services
 
JISC Webinar - An introduction to free and open source software
JISC Webinar - An introduction to free and open source softwareJISC Webinar - An introduction to free and open source software
JISC Webinar - An introduction to free and open source software
 
Intro to FOSS
Intro to FOSSIntro to FOSS
Intro to FOSS
 
Introduction to FOSS
Introduction to FOSSIntroduction to FOSS
Introduction to FOSS
 
QL-1FCJtCuf
QL-1FCJtCufQL-1FCJtCuf
QL-1FCJtCuf
 
Fundamentals of Free and Open Source Software
Fundamentals of Free and Open Source SoftwareFundamentals of Free and Open Source Software
Fundamentals of Free and Open Source Software
 
OSSF 2018 - Jilayne Lovejoy - Training: Intro to Open Source
OSSF 2018 - Jilayne Lovejoy - Training: Intro to Open SourceOSSF 2018 - Jilayne Lovejoy - Training: Intro to Open Source
OSSF 2018 - Jilayne Lovejoy - Training: Intro to Open Source
 
Open Source Your Project (With Jasig)
Open Source Your Project (With Jasig)Open Source Your Project (With Jasig)
Open Source Your Project (With Jasig)
 
Hidden gotcha’s of various open source licenses
Hidden gotcha’s of various open source licensesHidden gotcha’s of various open source licenses
Hidden gotcha’s of various open source licenses
 
OSOS SEM 4 Chapter 1
OSOS SEM 4 Chapter 1OSOS SEM 4 Chapter 1
OSOS SEM 4 Chapter 1
 
Open source . . . Open Road
Open source . . . Open RoadOpen source . . . Open Road
Open source . . . Open Road
 
Open Source Licenses
Open Source LicensesOpen Source Licenses
Open Source Licenses
 
Open Development
Open DevelopmentOpen Development
Open Development
 
Top Open Source Licenses Explained
Top Open Source Licenses ExplainedTop Open Source Licenses Explained
Top Open Source Licenses Explained
 
Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)
 
GoOpen 2010: David Elboth
GoOpen 2010: David ElbothGoOpen 2010: David Elboth
GoOpen 2010: David Elboth
 
Fosss
FosssFosss
Fosss
 

Último

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 

nexB - FOSS Introduction

  • 1. Introduction to Free and Open Source Software (FOSS) Licenses © 2013 nexB Inc.
  • 2. © 2013 nexB Inc. Introduction to FOSS Licenses Agenda •  Software License Definitions •  Software License Issues •  About nexB
  • 3. © 2013 nexB Inc. Introduction to FOSS Licenses Definitions – FOSS Licenses •  FOSS = Free and Open Source Software –  aka FLOSS = Free/Libre Open Source Software •  Free means you have the right to study, use, change and redistribute the software •  Open Source means you have access to the source code –  Open Source also refers to a collaborative software development approach •  Examples of common FOSS licenses are: BSD, GPL, LGPL, MIT and MPL
  • 4. © 2013 nexB Inc. Introduction to FOSS Licenses Free Software licenses source code available source with limitations (Proprietary) Copyleft FOSS Attribution Binary-only (Proprietary) Free Software Freeware / Shareware many Java libraries Microsoft shared source Sun SCSL GNU GPL GNU LGPL MPL CDDL BSD MIT ApacheEPL Adobe Reader
  • 5. © 2013 nexB Inc. Introduction to FOSS Licenses Definitions - Free Proprietary Licenses •  Free Proprietary software is very important in many domains especially Java: –  The software is free for your own use AND –  You may be able to redistribute the software, BUT –  You cannot change it AND there may be other restrictions •  Some examples of free proprietary licenses: –  (Oracle)Sun Binary Code Licenses (esp. for JDK/JRE) –  Adobe Reader EULA and similar –  Oracle Technology Network Development and Distribution License Terms
  • 6. © 2013 nexB Inc. Introduction to FOSS Licenses FOSS License Obligations Attribution Obligations are typically a combination of: •  Keeping license and copyright notices in the source code in the source file headers or in separate text files. •  Acknowledging the use of the software, the license and/or the copyright in documentation or a product (e.g. Help) Redistribution Obligations are typically a combination of: •  Making source code available for the original work, and •  For your changes (derivative works) – •  Possibly Including some of your proprietary code.
  • 7. © 2013 nexB Inc. Introduction to FOSS Licenses FOSS – Permissive / Attribution Licenses Licenses with Attribution obligations only •  Apache 1.1 and 2.0 •  BSD – Original, Modified and Simplified •  MIT / X11 •  Creative Commons Attribution •  OpenSSL-SSLeay •  W3C •  Zlib and, of course, Beerware
  • 8. © 2013 nexB Inc. Introduction to FOSS Licenses FOSS – Copyleft Licenses Copyleft licenses have Attribution and Redistribution obligations •  Copyleft Licenses (“strong”) –  GNU General Public License (GPL) –  Affero GPL •  Limited Copyleft Licenses (“weak”) –  GNU Lesser (or Library) General Public License (LGPL) –  Artistic License –  Common Development and Distribution License (CDDL) –  Common Public License (CPL) –  Eclipse Public License (EPL) –  Mozilla Public License (MPL)
  • 9. © 2013 nexB Inc. Introduction to FOSS Licenses FOSS License Violation Risks •  “Copyleft” licenses require you to redistribute source code and may force you to release proprietary software as open source or rewrite your software to avoid that obligation •  Some FOSS activists (e.g. Busybox) are raising litigation stakes to “encourage” compliance with GPL •  Even “business-friendly” licenses (Apache, etc.) require you to identify and protect copyright owner rights and may impact your patent portfolio •  Negative reaction from OSS community may impair your brand
  • 10. © 2013 nexB Inc. Introduction to FOSS Licenses Proprietary License Violation Risks •  Violation of a free proprietary software license may require you to acquire a commercial license and/or change your code: –  Most prominent example is misuse of Sun JDK/JRE in violation of the field-of-use restrictions (general purpose computer only) –  Oracle is aggressively looking for revenue from the Java products it acquired –  Including compensation for violations in the past •  Violation of a commercial software license may expose you to significant financial penalties and/or litigation
  • 11. © 2013 nexB Inc. Introduction to FOSS Licenses About nexB •  Our mission is to enable a robust software component- based supply chain •  Our current focus is: –  Analysing software provenance (origin and license) and –  Providing a complete software inventory/BOM –  DejaCode Enterprise, a product suite that helps you better manage open source, third-party, and original components throughout the software development lifecycle •  Expertise in software IP analysis across all languages and environments •  Software audit services for acquisitions, software products and internal (IT) systems •  Active open source developers - lead committers and contributors to public projects
  • 12. © 2013 nexB Inc. Introduction to FOSS Licenses Contact us Contact person: Pierre Lapointe, Customer Care Manager plapointe@nexb.com + 1 415 287-7643 More information: http://www.nexb.com http://www.dejacode.com/