Ambassador Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@innocence" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>innocence</span></a></span> well, they <a href="https://element.io/blog/sustainable-licensing-at-element-with-agpl/" rel="nofollow noopener" target="_blank">switched</a> to an <a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a> model, maing the <a href="https://robots.net/news/new-matrix-licensing-shift-makes-building-on-the-protocol-less-appealing/" rel="nofollow noopener" target="_blank">reference implementation</a> now a <a href="https://techcrunch.com/2023/11/06/decentralized-communication-protocol-matrix-shifts-to-less-permissive-agpl-open-source-license/" rel="nofollow noopener" target="_blank">worse decision</a> and put the Matrix Protocol <a href="https://blakes.dev/posts/2023-11-06-element-closing-matrix/" rel="nofollow noopener" target="_blank">in danger</a>.</p><ul><li>Whereas <span class="h-card" translate="no"><a href="https://chaos.social/@delta" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>delta</span></a></span> / <a href="https://infosec.space/tags/deltaChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deltaChat</span></a> uses <a href="https://infosec.space/tags/PGP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PGP</span></a>/MIME as an open, <a href="https://infosec.space/tags/MultiVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MultiVendor</span></a> & <a href="https://infosec.space/tags/MultiProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MultiProvider</span></a> standard. Ditto for <span class="h-card" translate="no"><a href="https://monocles.social/@monocles" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>monocles</span></a></span> / <a href="https://infosec.space/tags/MonoclesChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MonoclesChat</span></a> & <span class="h-card" translate="no"><a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gajim</span></a></span> / <a href="https://infosec.space/tags/gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gajim</span></a> (<a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XMPP</span></a>+<a href="https://infosec.space/tags/OMEMO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OMEMO</span></a>)…</li></ul><p>And yes <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a> is an <a href="https://element.io/blog/tag/licensing/" rel="nofollow noopener" target="_blank">asshole license</a> as <a href="https://element.io/blog/element-to-adopt-agplv3/" rel="nofollow noopener" target="_blank">it</a> is inherently incompatible with a shitton of <a href="https://infosec.space/tags/IP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IP</span></a> laws and thus (oftentimes) cannot.be complied with.</p><ul><li>Choosing it or <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> is meant to <a href="https://infosec.space/tags/monopolize" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monopolize</span></a> the market for commercial hosting providers that offer <a href="https://infosec.space/tags/ManagedHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ManagedHosting</span></a> of <a href="https://infosec.space/tags/MatrixChat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MatrixChat</span></a>.</li></ul><p><a href="https://infosec.space/tags/Matrix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Matrix</span></a> <a href="https://infosec.space/tags/Chat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Chat</span></a></p>
photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
🌈 An inclusive place for your photos, silliness, and convos! 🌈
Administered by:
Server stats:
265active users
photog.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.4
#sspl
0 posts · 0 participants · 0 posts today
Fabio Manganiello<p>I missed <a href="https://www.theregister.com/2025/08/14/redis_redux/" rel="nofollow noopener" target="_blank">this news</a> a couple of days ago: <a class="hashtag" href="https://manganiello.social/tag/redis" rel="nofollow noopener" target="_blank">#Redis</a> is officially FOSS again, as it has backtracked from <a class="hashtag" href="https://manganiello.social/tag/sspl" rel="nofollow noopener" target="_blank">#SSPL</a> and moved to AGPL (which IMHO is what they should have adopted all along).</p><p>This closes the cycle of my prediction:</p><ol><li>That Redis had made a terrible mistake by switching to SSPL</li><li>That the switch to SSPL would have just resulted in a fork fever that would have critically eroded their user base and reputation</li><li>That those forks would have been eventually included in standard Linux distros instead of Redis itself because of their OSI-compatible licenses, and adopted as alternatives to Redis by the cloud providers (hence invalidating the whole point of SSPL)</li><li>That Redis would have eventually backtracked and switched back to AGPL</li></ol><p>There’s a 5th point in my prediction that hasn’t materialized yet though: that the damage is already done and it will be hard to revert.</p><p><a href="https://www.phoronix.com/news/Fedora-Replacing-Redis-Valkey" rel="nofollow noopener" target="_blank">Fedora</a>, <a href="https://www.phoronix.com/news/Arch-Linux-Going-Valkey" rel="nofollow noopener" target="_blank">Arch</a> and <a href="https://www.theregister.com/2024/05/29/alpine_linux_320_released" rel="nofollow noopener" target="_blank">Alpine</a> have all replaced Redis with Valkey in their repos already, and Debian has opted to temporarily provide both.</p><p>Many Docker configurations, cloud and on-prem deployments, Terraform templates, home servers etc. have already all migrated to Valkey.</p><p>Not only, but the seismic fork allowed Valkey to implement features that have been requested in Redis for a while but not implemented because of the most complex governance of the project (like <a href="https://valkey.io/topics/RDMA/" rel="nofollow noopener" target="_blank">RDMA</a>). Plus, while Valkey guarantees parity of features <a href="https://redis.io/blog/what-is-valkey/" rel="nofollow noopener" target="_blank">as of Redis 7.2.4</a>, the mismatch of features is only supposed to increase as the hard fork diverges. This makes it even more unlikely that an enterprise software that has already migrated to Valkey takes the risk of migrating back to Redis later.</p><p>Redis’ decision <a href="https://www.mongodb.com/legal/licensing/server-side-public-license" rel="nofollow noopener" target="_blank">leaves MongoDB as the only major SSPL-licensed project out there</a>. And that is also coming with its costs. For example, the Linux Foundation has just <a href="https://www.theregister.com/2025/08/25/linux_foundation_says_yes_to/" rel="nofollow noopener" target="_blank">opened its arms to Microsoft’s DocumentDB</a> rather than MongoDB because the former is released under an OSI-compatible MIT license rather than Mongo’s SSPL.</p><p>The other project that still partly uses SSPL is <a href="https://www.elastic.co/blog/elastic-license-v2" rel="nofollow noopener" target="_blank">Elastic</a>. And even in that case the decision has backfired. It opened the way to AWS to <a href="https://github.com/opensearch-project/OpenSearch?tab=Apache-2.0-1-ov-file#readme" rel="nofollow noopener" target="_blank">release OpenSearch under an Apache license</a>, and grab a lot of FOSS developers to power its proprietary cloud efforts for free instead.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://go.lema.org/santi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>santi</span></a></span> <span class="h-card" translate="no"><a href="https://studio8502.ca/@mos_8502" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mos_8502</span></a></span> <span class="h-card" translate="no"><a href="https://oldbytes.space/@Wintermute_BBS" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Wintermute_BBS</span></a></span> well, as for <a href="https://infosec.space/tags/GPLv2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv2</span></a> and <em>license enforcement</em>, using <a href="https://infosec.space/tags/copyleft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>copyleft</span></a> as a bat to club corporations with isn't effective.</p><p><span class="h-card" translate="no"><a href="https://mstdn.jp/@landley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>landley</span></a></span> still feels remorse for having started that with <a href="https://infosec.space/tags/BusyBox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BusyBox</span></a>. </p><p>Not to mention <a href="https://infosec.space/tags/GPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv3</span></a> & <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a> really is bad unless one wants to commit <em>"asset denial"</em> aka. be an anticompetitive dickhead and at that point it's close to <em>"asshole licensing"</em> of <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> & <a href="https://infosec.space/tags/RSAL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSAL</span></a>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.jacobian.org/@jacob" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>jacob</span></a></span> <em>yes</em>, and <em><a href="https://infosec.space/tags/OpenWashing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenWashing</span></a></em> is a real issue not just with <a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a> as seen with <a href="https://infosec.space/tags/Redis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Redis</span></a> & others using <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> as a literal <a href="https://infosec.space/tags/AssholeLicense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicense</span></a> which are just <em>"<a href="https://infosec.space/tags/SourceAvailable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SourceAvailable</span></a>"</em> instead of <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a>, but actual <a href="https://infosec.space/tags/donations" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>donations</span></a>.and <a href="https://infosec.space/tags/contributions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>contributions</span></a>.</p><ul><li>Try to convince any C-level decisionmakers to donate even 1% of the equivalent of licensing the <a href="https://infosec.space/tags/CCSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCSS</span></a> equivalents of the <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> deployed will get one laughed at, and suggesting 10% threatened woth getting fired.</li></ul><p><a href="https://infosec.space/tags/AskMeHowIKnow" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AskMeHowIKnow</span></a>…</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://kotaro.me/@kotaro" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>kotaro</span></a></span> gramted, all of tuhe <a href="https://infosec.space/tags/Forks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Forks</span></a> that are <a href="https://infosec.space/tags/BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BSD</span></a>-licensed had way more <a href="https://infosec.space/tags/effort" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>effort</span></a> put into them.</p><ul><li>I just think that <a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a> is as bad as <a href="https://infosec.space/tags/Tivolization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tivolization</span></a> in terms of <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> and <a href="https://infosec.space/tags/useability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>useability</span></a>.</li></ul><p><a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> is still worse than <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a>, but <a href="https://infosec.space/tags/AGPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPL</span></a> & <a href="https://infosec.space/tags/GPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv3</span></a> are just completely disregarding the legal reality of <a href="https://infosec.space/tags/IP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IP</span></a> and <a href="https://infosec.space/tags/Licensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Licensing</span></a>.</p><ul><li>If they don't want to accept <a href="https://infosec.space/tags/competition" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>competition</span></a>, they could've chosen <span class="h-card" translate="no"><a href="https://mastodon.social/@creativecommons" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>creativecommons</span></a></span> <a href="https://infosec.space/tags/CCBYNCSA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCBYNCSA</span></a> instead, but they did not! </li></ul><p>Needless to say if I were a <a href="https://infosec.space/tags/developer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>developer</span></a> of it and had contributed under <a href="https://infosec.space/tags/BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BSD</span></a> license I'd expect to either get my code removed entirely or the license to be kept the same.</p><ul><li>And now you know why I'll refuse to sign any <em>"<a href="https://infosec.space/tags/ContributorLicenseAgreement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ContributorLicenseAgreement</span></a>"</em> (<a href="https://infosec.space/tags/CLA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CLA</span></a>) <em>UNLESS</em> I get a paid, non - term-limited position as an enployee in return…</li></ul>
Björn Schießle :europa:<p>Last year, <a href="https://social.schiessle.eu/tags/Redis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Redis</span></a> changed its license to the <a href="https://social.schiessle.eu/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a>, which is neither an <a href="https://social.schiessle.eu/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> nor a <a href="https://social.schiessle.eu/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FreeSoftware</span></a> license. This led to <a href="https://social.schiessle.eu/tags/Valkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Valkey</span></a>, a fork and drop-in replacement.</p><p>Now Redis has decided to go back to a real Free Software license, the <a href="https://social.schiessle.eu/tags/GNU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNU</span></a> <a href="https://social.schiessle.eu/tags/AGPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPL</span></a>. This is a great decision, although it remains to be seen if they reverted their decision in time, or if it is too late and the community will continue with Valkey and not look back.</p><p><a href="https://redis.io/blog/agplv3/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">redis.io/blog/agplv3/</span><span class="invisible"></span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.jp/@landley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>landley</span></a></span> <span class="h-card" translate="no"><a href="https://todon.nl/@burnoutqueen" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>burnoutqueen</span></a></span> Yeah...</p><p><a href="https://infosec.space/tags/GPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv3</span></a> is a desaster as it's 99% ideology and 1% license text and alongside <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a> completely ignores the reality of how <a href="https://infosec.space/tags/licensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>licensing</span></a> and <a href="https://infosec.space/tags/patents" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>patents</span></a> and <a href="https://infosec.space/tags/IP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IP</span></a> works.</p><ul><li>Not that I like the status-quo, but we'd rather see businesses steer clear of anything GPLv2+ or GPLv3 or worse.</li></ul><p>And on the flipside we basically get <em>"source available"</em> stuff like <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> which only serves as a means to commit <a href="https://infosec.space/tags/AssetDenial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssetDenial</span></a> and monopolize commercial offerings...</p><ul><li>I think <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> being <a href="https://infosec.space/tags/GPLv2only" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv2only</span></a> is a good compromise and my personal gripes with <a href="https://infosec.space/tags/FSF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FSF</span></a> & <a href="https://infosec.space/tags/GNUtils" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GNUtils</span></a> as well as <a href="https://infosec.space/tags/GlibC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GlibC</span></a> are something different...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastos.online/@Nicholasr_ITSulu" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Nicholasr_ITSulu</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@nixCraft" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nixCraft</span></a></span> <em>nodds in agreement</em> and since there are so many stakeholders with opposing interests <em>and</em> a <a href="https://infosec.space/tags/copyleft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>copyleft</span></a> license, <a href="https://infosec.space/tags/GAFAMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GAFAMs</span></a> can't <a href="https://infosec.space/tags/enshittify" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>enshittify</span></a> or <a href="https://infosec.space/tags/tivolize" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tivolize</span></a> it!</p><ul><li>And due to <a href="https://infosec.space/tags/GPLv2only" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv2only</span></a> eben a move to <a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a> like <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a> or <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> is not possible!</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> consider putting all your content under <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a>, <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> or even better <a href="https://infosec.space/tags/CCBYNCND" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCBYNCND</span></a>?</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@xerxespersrex" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>xerxespersrex</span></a></span> <em>nodds in agreement</em>...</p><ul><li>Shit like <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> & <a href="https://infosec.space/tags/RSAL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSAL</span></a> is IMHO even <a href="https://www.youtube.com/watch?v=5v72pNaincM" rel="nofollow noopener" target="_blank">worse</a> than <a href="https://infosec.space/tags/SourceAvailable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SourceAvailable</span></a> as it's literally <em>"<a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a>"</em>...</li></ul><p>At least most <em>source available</em> products like <a href="https://infosec.space/tags/Tarsnap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tarsnap</span></a> are <a href="https://www.tarsnap.com/open-source.html" rel="nofollow noopener" target="_blank">honest</a> that they <em>are not <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></em>!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://hachyderm.io/@anderseknert" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>anderseknert</span></a></span> Everyone who uses <a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a> like <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> or tries to infringe upon users' <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> <a href="https://infosec.space/tags/Rights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rights</span></a> like <a href="https://infosec.space/tags/grsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grsecurity</span></a> & <a href="https://infosec.space/tags/RedHad" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedHad</span></a> do should be banned from any professional developments and supply chains as part of the <em><a href="https://infosec.space/tags/RiskAssessment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RiskAssessment</span></a> and <a href="https://infosec.space/tags/RiskAvoidance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RiskAvoidance</span></a></em> in <a href="https://infosec.space/tags/DueDiligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DueDiligence</span></a>.</p><ul><li>Anything else in criminal neglect at this point...</li></ul>
Kevin Karhan :verified:<p>One can really see <a href="https://www.youtube.com/watch?v=4hZxo96x48A&t=4m15s" rel="nofollow noopener" target="_blank">this</a> is an older video, as it misses not only <a href="https://infosec.space/tags/0BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0BSD</span></a> between <a href="https://infosec.space/tags/PublicDomain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PublicDomain</span></a> and <a href="https://infosec.space/tags/MIT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MIT</span></a> but also <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> right of <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a> in a tab that's right of it called <em>"<a href="https://infosec.space/tags/AssetDenial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssetDenial</span></a>"</em> or <em>"<a href="https://infosec.space/tags/Monopolistic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Monopolistic</span></a>"</em> or just <em>"<a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a>"</em> and a tab right of that for <em>"<a href="https://infosec.space/tags/SourceAvailable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SourceAvailable</span></a>"</em> licensing, but I get ahead of myself...</p><p><a href="https://infosec.space/tags/Sarcasm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sarcasm</span></a> <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://infosec.space/tags/Licensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Licensing</span></a> <a href="https://infosec.space/tags/Copyleft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Copyleft</span></a> <a href="https://infosec.space/tags/Cipyright" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cipyright</span></a> <a href="https://infosec.space/tags/Copywrong" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Copywrong</span></a> <a href="https://infosec.space/tags/rant" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rant</span></a> <a href="https://infosec.space/tags/vent" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vent</span></a> <a href="https://infosec.space/tags/venting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>venting</span></a></p>
Kevin Karhan :verified:rant, "open" "source", swearing, subtoot-ish
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://social.treehouse.systems/@marcan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>marcan</span></a></span> <span class="h-card" translate="no"><a href="https://oxytodon.com/@fuchsiii" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fuchsiii</span></a></span> Either way, like <span class="h-card" translate="no"><a href="https://mstdn.jp/@landley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>landley</span></a></span> I did the <a href="https://infosec.space/tags/copyleft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>copyleft</span></a> experiment and those projects didn't see even remotely as much resonance or contribution as when I embraced <a href="https://infosec.space/tags/0BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>0BSD</span></a> as a <a href="https://infosec.space/tags/PermissiveLicense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PermissiveLicense</span></a> (cuz <a href="https://infosec.space/tags/PublicDomain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PublicDomain</span></a> legally doesn't exist in <a href="https://infosec.space/tags/Germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Germany</span></a>: One cannot renounce <a href="https://infosec.space/tags/Authorship" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authorship</span></a> for legal reasons, otherwise <a href="https://infosec.space/tags/HateSpeech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HateSpeech</span></a> would be unprosecute-able, so only <a href="https://infosec.space/tags/Copyright" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Copyright</span></a> lapses 70 years post-mortem of the Authors)...</p><ul><li>I think <em>"<a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a>"</em> like <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> is inherently unfree and <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a> is just an act of <em>committing <a href="https://infosec.space/tags/AssetDenial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssetDenial</span></a></em> which doesn't work.</li></ul><p>TBH, the only way to preven <a href="https://infosec.space/tags/GAFAMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GAFAMs</span></a> <a href="https://youtu.be/ZzI9JE0i6Lc" rel="nofollow noopener" target="_blank">like Amazon</a> from leeching <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> is to either make <a href="https://infosec.space/tags/CCSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCSS</span></a> or offer the <em>superior [<a href="https://infosec.space/tags/SaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SaaS</span></a>] solution</em> by ticking boxes <a href="https://infosec.space/tags/aws" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aws</span></a> can't ( i.e. due to <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a>, like <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> compliance) or inherently won't hecause it's antithetical to their business ( i.e. [airgapped] <a href="https://infosec.space/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> & Support/Management Options for self-hosted systems)...</p><ul><li> <a href="https://infosec.space/tags/healthcare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthcare</span></a>-IT based startups in the <a href="https://infosec.space/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EU</span></a> pay Companies like <a href="https://infosec.space/tags/Telekom" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Telekom</span></a> to host their medical data because unlike <a href="https://infosec.space/tags/Amazon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Amazon</span></a> they can and will evidently enshure their U.S. division can't leak that data to U.S. govt. agencies and if one butters them with enough money, they'll likely sign the hardest NDAs one can throw at them...</li></ul>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://wetdry.world/@ohanamatsumae" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ohanamatsumae</span></a></span> ain't <a href="https://infosec.space/tags/MongoDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MongoDB</span></a> those <a href="https://infosec.space/tags/SaaS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SaaS</span></a>-only guys that basically use <a href="https://infosec.space/tags/AssholeLicensing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicensing</span></a> as per <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a>? </p><p><a href="https://en.wikipedia.org/wiki/MongoDB" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">en.wikipedia.org/wiki/MongoDB</span><span class="invisible"></span></a><br><a href="https://en.wikipedia.org/wiki/Server_Side_Public_License#Licensed_software" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.wikipedia.org/wiki/Server_S</span><span class="invisible">ide_Public_License#Licensed_software</span></a></p><p>To me that disqualifies them for any serious useage!</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Elucidating" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Elucidating</span></a></span> A license used to <a href="https://infosec.space/tags/monopolize" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>monopolize</span></a> the commercial offering of a <a href="https://infosec.space/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> (<a href="https://infosec.space/tags/AsAService" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AsAService</span></a>) whilst claiming it's <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a>...</p><p>Kinda like <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> does and also how <a href="https://infosec.space/tags/RedHat" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedHat</span></a> and <a href="https://infosec.space/tags/grsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>grsecurity</span></a> act by basically restricting access to <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a>...</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@xeraa" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>xeraa</span></a></span> <span class="h-card" translate="no"><a href="https://oxytodon.com/@fuchsiii" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>fuchsiii</span></a></span> <span class="h-card" translate="no"><a href="https://mk.absturztau.be/@puniko" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>puniko</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@linux_mclinuxface" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>linux_mclinuxface</span></a></span> Case in point, <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> is an <a href="https://infosec.space/tags/AssholeLicense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicense</span></a> even more than <a href="https://infosec.space/tags/AGPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AGPLv3</span></a> because it's sole purpose is to commit <a href="https://infosec.space/tags/AssetDenial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssetDenial</span></a> against <a href="https://infosec.space/tags/commercial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>commercial</span></a> users & <a href="https://infosec.space/tags/hosters" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hosters</span></a>.</p><p>It's worse than <a href="https://infosec.space/tags/GPLv3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GPLv3</span></a> because that one is <em>lunacy</em> in terms of <a href="https://infosec.space/tags/IP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IP</span></a> and espechally <a href="https://infosec.space/tags/Patents" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Patents</span></a> because it's solely ideologically motivated, but yeah...</p><p>IMHO everything under <a href="https://en.wikipedia.org/wiki/Server_Side_Public_License" rel="nofollow noopener" target="_blank">SSPL</a> is <a href="https://infosec.space/tags/UnfreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnfreeSoftware</span></a> in that it's <a href="https://infosec.space/tags/license" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>license</span></a> terms are worse than a <em><a href="https://infosec.space/tags/SourceAvailable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SourceAvailable</span></a></em> license as used by <a href="https://infosec.space/tags/Tarsnap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tarsnap</span></a> because they are at least honest about the <em>why</em>...</p><p>I really hope not just <a href="https://infosec.space/tags/GAFAMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GAFAMs</span></a> like <a href="https://infosec.space/tags/Amazon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Amazon</span></a> with <a href="https://infosec.space/tags/aws" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aws</span></a> forked the pre-<a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Enshittification</span></a> versions under <a href="https://infosec.space/tags/BSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BSD</span></a> and start publishing and maintaining these.</p><p><a href="https://infosec.space/tags/Redis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Redis</span></a>, like <a href="https://infosec.space/tags/Elastic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Elastic</span></a> and <a href="https://infosec.space/tags/MongoDB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MongoDB</span></a> have chosen to kick everyone in the groin out of <em>pettyness</em> against commercial hosters, and I hope <span class="h-card" translate="no"><a href="https://mastodon.social/@Mastodon" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Mastodon</span></a></span> & <span class="h-card" translate="no"><a href="https://mastodon.social/@MastodonEngineering" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>MastodonEngineering</span></a></span> as well as <span class="h-card" translate="no"><a href="https://mastodon.social/@Gargron" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Gargron</span></a></span> work hard to replace Redis with a real <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FLOSS</span></a> alternative like <a href="https://infosec.space/tags/RabbitMQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RabbitMQ</span></a> or even hetter, allow disabling a caching-DB in lieu of helping setup a <a href="https://infosec.space/tags/Ramdisk" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Ramdisk</span></a> with a <a href="https://infosec.space/tags/PostgreSQL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PostgreSQL</span></a> cache-DB on it.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Elucidating" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Elucidating</span></a></span> because the <a href="https://infosec.space/tags/SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> discriminates against <a href="https://infosec.space/tags/commercial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>commercial</span></a> use and demands absurd overrech beyond the <a href="https://infosec.space/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> in question.</p><p>IMHO it's an <a href="https://infosec.space/tags/AssholeLicense" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AssholeLicense</span></a>!</p>
Fabio Manganiello<p>Btw I’m wondering how this license may impact use-cases where the component A released under <a class="hashtag" href="https://manganiello.social/tag/sspl" rel="nofollow noopener" target="_blank">#SSPL</a> is not used directly by software B, but software B uses C (or it forks C), which in turn uses A (i.e. if the license is transitive).</p><p>An example: in <a class="hashtag" href="https://manganiello.social/tag/platypush" rel="nofollow noopener" target="_blank">#Platypush</a> I use <a class="hashtag" href="https://manganiello.social/tag/redis" rel="nofollow noopener" target="_blank">#Redis</a> quite heavily - as an in-memory cache, as a pub/sub framework for inter-process communication, and as a memory queue.</p><p>Platypush is already FOSS, but it’s released under a relatively permissive MIT license. (I’ve pondered a lot over the pros/cons of MIT vs. *GPL when licensing a product like Platypush, in the future I may also considering switching to AGPL, but for now MIT is a good trade-off).</p><p>This means that people are free to copy the code of a Platypush plugin into their projects. Or use its plugins as libraries for their own integrations. Or extend it with their own plugins. Or make a fork and expose it as a service on their cloud. And the MIT license doesn’t require anybody to redistribute the full source.</p><p>But Platypush also uses Redis, which is now under SSPL.</p><p>What should company X, which has made their closed fork of Platypush with a bunch of proprietary integrations, and maybe distribute it as a service, do now? They are basically exposing a closed service that uses Redis under the hood, which violates SSPL. But the service itself is a fork of an open service released under MIT, so there’s no violation from that point of view.</p><p>In other words, does SSPL override other more permissive licenses every time a product is exposed as a service?</p>
clacke: exhausted pixie dream boy 🇸🇪🇭🇰💙💛<p><a href="https://libranet.de/search?tag=Redis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Redis</span></a> abandons Open Core and moves to Open Nothing.</p><p>Redis Labs 2019:</p><p>"This change has zero effect on the Redis core license, which is and will always be licensed under the 3-Clause-BSD."</p><p><a href="https://redis.com/blog/redis-labs-modules-license-changes/" rel="nofollow noopener" target="_blank">redis.com/blog/redis-labs-modu…</a></p><p>Redis (just Redis[0]) 2024:</p><p>"Beginning today, all future versions of Redis will be released with source-available licenses. Starting with Redis 7.4, Redis will be dual-licensed under the Redis Source Available License (RSALv2) and Server Side Public License (SSPLv1). Consequently, Redis will no longer be distributed under the three-clause Berkeley Software Distribution (BSD)."</p><p><a href="https://redis.com/blog/redis-adopts-dual-source-available-licensing/" rel="nofollow noopener" target="_blank">redis.com/blog/redis-adopts-du…</a></p><p>[0] <a href="https://redis.com/press/redis-labs-becomes-simply-redis/" rel="nofollow noopener" target="_blank">redis.com/press/redis-labs-bec…</a></p><p><a href="https://libranet.de/search?tag=RedisSharedSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedisSharedSource</span></a> <a href="https://libranet.de/search?tag=RedisSourceAvailable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedisSourceAvailable</span></a> <a href="https://libranet.de/search?tag=RedisProprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedisProprietary</span></a> <a href="https://libranet.de/search?tag=RedisCore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedisCore</span></a><br><a href="https://libranet.de/search?tag=RedisSSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedisSSPL</span></a> <a href="https://libranet.de/search?tag=RedisRSAL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RedisRSAL</span></a> <a href="https://libranet.de/search?tag=SSPL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSPL</span></a> <a href="https://libranet.de/search?tag=RSAL" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSAL</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload