Software Development

Describes motivation process for creativity with emphasis on intrinsic motivation by Corey K Katir

Blog post by Aaron Williamson. Please email any comments on this entry to .

The Software Freedom Law Center is seeking legal, technology, and administrative interns for the summer of 2012.

Legal interns assist SFLC counsel in all areas of our practice, including copyright and trademark licensing, patent review, and nonprofit corporate formation and compliance. Typical work includes legal research and writing, drafting educational materials, and assisting with registrations and other filing.

Summer internships are full-time and generally last 10 weeks or longer, although splits may be possible in some cases. All interns will work from our New York office. Internships are unpaid; students may seek seek funding from their school’s public interest program or another sponsorship arrangement.

Applicants should have a demonstrated interest in software freedom and be conversant in legal and technical concepts related to free and open source software. Familiarity with at least one programming language and with general software development practices is preferred, as is course work or practical experience with copyrights, patents, trademarks, or nonprofit law.

Law students of all levels will be considered. Law school graduates seeking placement for funded public interest fellowships are encouraged to apply. To apply, please send a resume, cover letter, transcript, and writing sample, in a free and open format, to internships@softwarefreedom.org before February 15, 2012.

Technology and administrative internships are also available. For more information please visit our Internships page.

A news item from SFLC.

SFLC Asks Copyright Office to Let Users Choose Their Software

The Software Freedom Law Center submitted comments yesterday to the U.S. Copyright Office proposing an exemption from the Digital Millennium Copyright Act’s anti-circumvention provisions. If granted, the exemption would ensure that owners of personal computing devices have the right to install whatever software they choose on their devices.

SFLC’s request responds to a growing trend among mobile device manufacturers to lock users out of their own devices by controlling application distribution channels and preventing replacement of devices’ operating systems. In its comments, SFLC says these practices were first broadly seen on mobile phones but are now commonplace on tablets and other mobile devices, and may soon extend to personal computers via PC “app stores” and the Unified Extensible Firmware Interface (UEFI) specification’s “secure boot” provision.

“People must have the right to control the software running on devices they own,” said SFLC counsel Aaron Williamson. “That right is essential to the continued development of free and open source software and is foundational to our privacy, security, and freedom, online and off.”

The requested exemption would expand on similar protections, requested by the Electronic Frontier Foundation in 2009, that apply only to mobile phones. It would not only broaden those protections to reach all personal computing devices but would clarify that users can replace their devices’ operating systems as well as install their choice of applications.

• Read SFLC’s comments
• Learn more about the exemption process

Blog post by Clint Adams. Please email any comments on this entry to .

At the Software Freedom Law Center, we do our internal accounting with free software. We had been using John Wiegley’s Ledger for quite some time, and now we are also using Simon Michael’s hledger.

We log most of our transactions either through manual entry in hledger-web (the hledger web interface) or import from .csv files via hledger convert. hledger can read comma-separated values from a file you might retrieve from a financial institution, and outputs entries in ledger format according to a set of rules that you specify. In some cases the data quality is poor enough that we do some preprocessing before feeding it to hledger.

Since we have no need for a large database-backed ERP system, we can take advantage of the benefits of the plain-text ledger format, and view reports from ledger, hledger, and hledger-web. We also plan to automate the generation of spreadsheets from the ledger entries.

There are some features we would like to see in or accompanying hledger-web: interactive CSV conversion, a VCS backend (through Data.FileStore), per-transaction atomic edits, tracking of which user made which changes, and the ability to intelligently deduplicate transactions.

If you know Haskell and would like to help us out, please take a look at this guide.

An oggcast from the Software Freedom Law Center.

Show Notes

An oggcast from the Software Freedom Law Center.

Show Notes

An oggcast from the Software Freedom Law Center.

Show Notes

A news item from SFLC.

The United States Supreme Court will decide a case this term that could determine whether free software developers are liable for patent infringement by users of their software. In the case, Global-Tech Appliances v. SEB, the Court will decide whether a person can be liable for inducing another’s infringement of a patent by being “deliberately indifferent” to the likelihood that the patent exists. The Software Freedom Law Center, in the “friend of the court” brief it filed today, argued that this new standard would create uncertainty and discourage free software development.

The case involves a patent on the thermal-resistant components of inexpensive deep-fat fryers, but the new standard could have negative consequences for independent software developers. Under the previous standard, it was impossible to induce infringement of a patent without knowing the patent existed. The new standard, adopted by the Federal Circuit in the case below, undermines that limitation, potentially expanding inducement doctrine to reach previously noninfringing conduct. This expansion is of particular concern to free software developers, SFLC says, because they typically produce and distribute only source code, which merely embodies abstract ideas and therefore cannot infringe patents directly.

“The unpatentability of abstract ideas has allowed free software developers to innovate freely for decades,” said Aaron Williamson, counsel for SFLC. “By removing the clear limits on inducement claims, the Federal Circuit may have inadvertently exposed free software developers to claims they couldn’t possibly anticipate. The Supreme Court should reaffirm its own standard, which has demonstrated no need for renovation.”

The Court’s decision to hear the SEB case comes shortly after its landmark ruling in Bilski v. Kappos, which addressed the legal test for patent-elligibility of processes. SFLC filed an amicus brief in that case as well, and published a collection of resources related to the case.

The SFLC is a nonprofit legal services organization established in 2005 to provide pro bono assistance to developers of free software. For press inquiries and interview requests, e-mail press@softwarefreedom.org or contact Ian Sullivan at (212) 461a1905.

An oggcast from the Software Freedom Law Center.

Show Notes

An oggcast from the Software Freedom Law Center.

Show Notes

Blog post by James Vasile. Please email any comments on this entry to .

Earlier this week, the Office of Foreign Assets Control announced the relaxation of rules prohibiting export of software to Iran and Sudan. The new exemptions build on a recent easing of some rules governing exporting telecommunications technology to Cuba. These moves are surely an attempt to capitalize on the Iranian election demonstrations last summer that some called the “Twitter Revolution”. They are also a sign that the Obama Administration is carrying out its plans to make internet freedom a pillar of US diplomacy.

I hope the revised OFAC rules are the beginning of a broad and nuanced re-examination of US technology export policy. They are certainly good news for Free Software developers who are currently prohibited from distributing their software in embargoed countries.

Generally speaking, US companies have been prohibited from trading with Iran and Sudan, despite some exemptions for humanitarian and medical reasons. To my knowledge, those exemptions have never been applied to Free Software. Against that backdrop of general prohibition, OFAC promulgated new exceptions allowing the exportation of “certain services and software incident to the exchange of personal communications over the Internet.” As examples, OFAC lists “instant messaging, chat and e-mail, social networking, sharing of photos and movies, web browsing and blogging.”

That list, however, is not exhaustive. The exemption is broad and applies to a wide range of technology. I asked an OFAC representative how broadly to interpret “incident to,” and he confirmed that the exemption includes such software as web servers, content management systems or operating systems on which one could run an IM client. If those are incident to personal communication, presumably much other Free Software is too.

Though the decision to loosen export regulations is a step in the right direction, it falls far short of what the Free Software world really needs: permission to publicly distribute Free Software everywhere on the planet without jumping through invisible and innumerable hoops. First, the new rules are limited to Iran and Sudan. Other embargoed countries are still off limits. Second, while “incident to personal communication” applies to a lot of software, it does not describe everything, and its limits are unclear. Third, the exception is limited to software that is publicly available at no cost to the user.

This last point deserves some extra attention. If you charge for Free Software, the exemption does not apply. Also, other export controls are still in effect. This is true no matter how you structure it. A download fee to recoup the cost of distribution would be a problem. A paid service agreement to support the software would be a problem. Accepting donations from embargoed countries could be problematic. In other words, if your project gives away software but raises money by accepting money for ancillary goods or services, those ancillary charges can run afoul of the embargo rules.

Other caveats exist (especially regarding software that does encryption), and this post isn’t meant to be legal advice on how to comply. My objective is to shed light on a decision that could signal the beginning of a gradual shift in US technology policy and a shift in the Free Software development landscape. If your project is trying to comply with export regulation, you should seek legal advice.

Export regulation is a patchwork quilt of mystifying rules. Most projects are wholly unaware that putting their code on the web might put them at risk of violating export laws they’ve never heard of. Those that try to comply face many difficulties. It’s heartening to see inter-agency cooperation aimed at simplifying the legal environment for Free Software developers. By broadening exemptions to include certain communication technologies, the government acknowledges that internet access is a fundamental human right. These are welcome signs for the SFLC and the free software community overall. I hope the Commerce Department joins in and extends the personal communication technology exemption to include trade with Cuba and Syria as well.

An oggcast from the Software Freedom Law Center.

Show Notes

An oggcast from the Software Freedom Law Center.

Show Notes

Blog post by Aaron Williamson. Please email any comments on this entry to .

Black Duck Software recently published some summary statistics about free and open source software license adoption, based on data it collected by crawling the web. The report lists “top 20 licenses that are used in open source projects” and the proportion of projects which use each license, as well as historical figures purportedly representing the number of projects using and planning to use GPLv3 variants for each month of the last two years.

In its press release, Black Duck focuses on a supposed 5% decline in the use of GPL-variant licenses in the year since its 2008 report. Taking Black Duck’s cue, commentators have drawn all sorts of conclusions from this figure, including that licensing is becoming increasingly irrelevant as web services replace traditional software, or that more software is being produced by universities. Black Duck’s own (carefully implicit) conclusion is that the community is simply warming up to proprietary software companies: “Many developers are selecting licenses that are less restrictive, a move that underscores the broader adoption and value of open source in today’s multi-source development environments.”

Any of these conclusions might be reasonable if the 5% figure was meaningful, but Black Duck has given us no reason to believe it is; if anything, their own statements suggest it isn’t. Programatically capturing data on the prevalence of various FOSS licenses is inherently difficult. At its edges, it’s an artificial intelligence problem (specifically a natural language understanding problem), because the many home-grown and modified licenses in the world don’t necessarily adhere to standard language. But even the core task of cataloging the use of the most common licenses is fraught: by the wide dispersal of projects across centralized hosting services and single-project sites (and the movement of individual projects between them), by inconsistencies in how developers apply licenses to code (e.g. idiosyncratic headers and directory structures), and by countless other variables.

Black Duck’s techniques and algorithms for dealing with these difficulties did not emerge fully formed. The company’s engineers no doubt continually refine the license-identification code. If these refinements affected the data on all licenses equally, their effect on the figures from year to year would probably be insignificant. But in reality, GPL variants are much easier to identify than the whole set of permissive licenses whose use has supposedly increased over the last year. Each GPL variant’s text is fixed. On the other hand, there exists a whole category of licenses which are popularly referred to as “BSD-style” licenses because, while the individual licenses resemble the original BSD license in scope and style, they have been adapted and rewritten liberally by various developers, universities, and companies. These variations make permissive licenses particularly difficult to identify, and for this reason improvements in Black Duck’s algorithms are likely to disproportionately capture more previously unidentified uses of permissive rather than GPL-variant licenses.

Black Duck’s dataset has also changed: the company has begun crawling 300 new sites (7.5% of its current total) just since last year’s report. We the nonpaying public have no way of knowing the extent of the effect, because Black Duck’s system is a black box: the company doesn’t disclose how the inclusion of new sources of data affects its numbers.

For these reasons, it is impossible to know whether the 5% GPL delta is meaningful until we know how the source data and the algorithms have changed from one year to the next. The process of cataloging and quantifying the use of FOSS licenses is a scientific one, requiring the application of principles of computer science and statistical analysis. As with any scientific pursuit, the methods used must be verifiable before the results can be considered trustworthy. I encourage Black Duck Software to release its own software under a free software license—whether by joining the alleged groundswell and using a permissive license, or by resort to a retrograde copyleft license—so that its methods can be evaluated by the community (not to mention its customers) and its reports can be rendered meaningful.

Correction: this post previously said that Black Duck only began crawling Microsoft’s CodePlex site in May 2009. The press release cited in fact says that Microsoft began pushing data from CodePlex to Black Duck in May. Peter Vescuso of Black Duck says that the company has been crawling CodePlex “for years.”

An oggcast from the Software Freedom Law Center.

Show Notes

An oggcast from the Software Freedom Law Center.

Show Notes

A few months ago I saw a great little blog post about state machines on the Shopify blog. The message was that state machines are great and developers should use them more – given my recent experiences with state machines at CrowdHired, I could certainly agree with that. But it got me thinking, how many [...] Related posts:

1. Why Your Developers Don’t Want To Swap Pairs – Practical Agility
2. The Current State Of The Agile Nation – Agile Process Adoption
3. Fitness for Software Developers (and Other IT Professionals)

“I will learn it when I need it”! I’ve heard that phrase a lot over the years; it seems like a highly pragmatic attitude to foster when you’re in an industry as fast-paced as software development. On some level it actually IS quite pragmatic, but on another level I am annoyed by the phrase. It [...] Related posts:

1. Software Development And The Sunk Cost Fallacy
2. Here Are Some Words That Rhyme With Orange!
3. You Don’t Need Math Skills To Be A Good Developer But You Do Need Them To Be A Great One

I’ve talked about interviews from one perspective or another on several occasions, you might even say it is a pet subject of mine. It’s fascinating because most people are no good at interviews and when it comes to developer interviews – well; let’s just say there is a whole new dimension for us to suck [...] Related posts:

1. The Best Way To Interview A Developer
2. How To Answer A Programming Interview Question And Look Good Doing It
3. When A ‘Mount Fuji’ Question Is Not Really A ‘Mount Fuji’ Question (Are You As Smart As You Think You Are)

Microsoft held its first Security Development Conference in Washington, D.C., to share information about computer security with industry, government and academia, as well as to promote the Microsoft Security Development Lifecycle (SDL).At Microsoft’s Security Development Conference 2012 in Washington, D.C., a diverse set of companies, government agencies and academic institutions shared their own experiences with adopting a Security Development Lifecycle (SDL). The event, held May 15 and 16 at Washington’s Fairmont hotel, included information for leaders in software engineering, process and business management who are responsible for implementing or accelerating the adoption and effectiveness of secure development practices in their organizations. The 2012 conference was the first in what is to be an annual series of SDC events, Microsoft said. Keynote speakers included Scott Carney, corporate vice president for Trustworthy Computing at Microsoft; Richard A. Clarke, chairman of Good Harbor Consulting and former special adviser to the President for cyber-security; and General Michael V. Hayden, principal at the Chertoff Group and former director of the Central Intelligence Agency and National Security Agency. Diamond sponsors of the SDC were Adobe, Cisco and Microsoft. In a blog post about the event, Steve Lipner, partner director of program management for Trustworthy Computing at Microsoft, said: quot;To see more and more private and public organizations recognize the value and importance of implementing secure development practices makes me cautiously optimistic that in the future software will be more secure than the software we’ve seen in the past. I remember when in 1997 I attended the RSA Security Conference held in the basement of the Mark Hopkins Hotel in San Francisco with a few hundred attendees. Today, the annual RSA Conference is a major industry event with more than 10,000 attendees. I’m not certain that the Security Development Conference will follow that sort of trajectory, but I do believe that secure development is of growing importance, and I also know that industry commitment can start small and grow. quot; As part of the conference, Microsoft announced two new success stories: The government of India and Itron have both integrated the SDL into their processes. The government of India has recognized the importance of a holistic integration of security and is promoting that key concept by including secure coding practices in its draft national economic five-year plan, Lipner said. quot;They believe this is a significant step that will help improve the security of all software and services produced in their programs. India’s Computer Emergency Response Team (CERT-In), which leads the country’s response to cyber-threats, has already taken steps to implement the five-year plan by leveraging Microsoft’s SDL as one of the core tenets for application security, quot; he said. quot;In addition, the National Informatics Centre, part of the Central Government Office of India, requires training in SDL principles including the training of more than 10,000 of India’s cyber forensic investigators. The government of India is also encouraging domestic businesses to adopt similar processes, showcasing the significant role public-private partnerships play in making critical systems more secure. You can read more about the steps the government of India is taking to secure its environment in the case study available for download here. quot; Itron, a provider of energy and water resource management solutions for nearly 8,000 utilities around the world, also has incorporated the SDL into its development process. quot;With the increase in threats to critical infrastructures, Itron realized it needed to take proactive steps to protect its systems by building security in from the start, quot; Lipner said. quot;The company recently implemented Microsoft’s SDL, making it mandatory for the development of all of its software and hardware. Itron now has one of the most mature secure development programs in the Smart Grid space. You can read more about the steps Itron is taking to secure its systems through a case study we have published for download here. quot; In addition to the keynote speakers, other speakers at the event included representatives from IBM, Symantec, Red Hat, the National Security Agency, Itron, Cisco, Adobe, the National Institute of Standards and Technology (NIST), Lockheed Martin, EMC, Salesforce.com and a host of others, including several other speakers from Microsoft. To date, Microsoft’s free SDL tools and resources have been downloaded more than 940,000 times reaching over 150 regions around the world. Recent Microsoft research has demonstrated an overall decline in the exploitability of vulnerabilities in Microsoft products by greater than 30 percent when comparing the latest version of all Microsoft software to all supported previous versions over the past 18 months. Three hundred and fifty days after implementing the Microsoft SDL, MidAmerican Energy was the only business unit inside its parent holding company, MidAmerican Energy Holdings Co., that external auditors found to have no security vulnerabilities. And MidAmerican realized an overall productivity gain of up to 20 percent using Microsoft SDL. A recent study by the Aberdeen Group found the total cost of remediating an actual application security-related incident at about $300,000 and that organizations that implemented an SDL realized four times their return on annual investments in security. Forrester reconfirms this by stating those practicing SDL specifically reported visibly better ROI results than the overall population. To read the original eWeek article, click here: Microsoft Holds Security Development Conference

IBM announced enhancements to its SmartCloud cloud computing solution and highlighted several new customers and partners on the platform.IBM (NYSE: IBM) has announced advancements to its SmartCloud Services and added customers and partners. IBM said it has seen rapid adoption of its SmartCloud portfolio as customers and partners move to the cloud. Big Blue manages massive amounts of data and client transactions in its cloud environments, including 1 million enterprise application users working on the IBM Cloud, more than $100 billion in commerce transactions a year in the cloud and 4.5 million daily client transactions conducted through the IBM Cloud. Moreover, customers and partners are increasingly choosing IBM SmartCloud services, software and hardware to expand into new markets, enable their mobile workforces and develop enterprise applications more efficiently, IBM said. “Companies are starting to understand that cloud is more than just about gaining efficiencies and cost savings; it s about driving the kind of fundamental innovation that provides lasting marketplace advantage,” said Paul Loftus, general manager of IBM Global Technology Services, in a statement. “We are helping all kinds of clients manage enterprise applications and processes in the cloud as well as leverage new cloud-centric applications while meeting their unique requirements for governance, security and portability.” For instance, TopCoder, which maintains a community of competitive software developers, is moving its global community of more than 400,000 developers to IBM SmartCloud Enterprise. These developers help organizations succeed by supporting their entire innovation process–from ideation, software engineering and analytics to implementation, testing and support. TopCoder provides high-quality application development, mobile development, user experience and graphic design, and big data project work through this competitive, multidisciplinary, global community of developers. Ogilvy amp; Mather, an international advertising, marketing and public relations agency, also turned to IBM to upgrade its IT environment. The IBM team is migrating Ogilvy from its current hosted environment to the SmartCloud for SAP applications hosted in IBM’s state-of-the-art, green Smarter Data Center in Raleigh, N.C. The Ogilvy solution includes the latest infrastructure technology and full SAP service, and it is prebuilt, preconfigured and requires minimal client resources to maintain the company’s entire production SAP landscape. IBM’s SAP Cloud solution also offers Ogilvy the benefits of solution scalability and the ability to add resources for development projects with a short-term commitment. “Given the attention to cloud-based solutions, it’s easy to be overwhelmed with comparisons and multiple options,” said Yuri Aguiar, senior partner and CIO at Ogilvy amp; Mather. “However, when it comes to critical applications like SAP, we were looking for a mature model that could scale and cater to our unique prerequisites. The SCE+ SmartCloud Enterprise+ offering fit this need very well and had the backing of a reliable global partner.” To read the original eWeek article, click here: IBM Advances SmartCloud and Adds New Customers, Partners

Personal Injury Lawyer Los Angeles – FREE CONSULTATION by Personal Injury Attorney Los Angeles – Legal Defenders, Los Angeles Personal Injury Lawyers – Law Offices of Burg and Brock, who have won over $100 million in verdicts and settlements for clients

Page took 9 seconds to load.