Since the Linux project removed in October a number of entries from the MAINTAINERS file, all of whom were putatively Russian, we've been receiving questions about U.S. sanctions against Russia and what, if anything, we should do about them. As I explain below, our position is that such drastic action, though defensible, is unnecessary.

What would compel the Linux project to take action against specifically Russian contributors—and is it a good enough reason such that other FOSS project should follow suit? The Linux project has access to the lawyers of the Linux Foundation, after all. Unfortunately, the Linux project's initial announcement said only that the removals were due to various compliance requirements. The announcement added that the Russian contributors can come back in the future if sufficient documentation is provided. But it didn't say what sort of documentation would be required. Linus Torvalds added a little clarity when he said that "sanctions" were the cause.

CC-BY-NA 4.0 Patrick Masson

We're so happy to feature our incredible matchers this year! Thanks to all of them for contributing to our largest match goal yet. Today we're talking with Patrick Masson, Executive Director of the Apereo Foundation.

Software cannot run without hardware. To have software freedom, we need hardware to run our software. Sadly, the vast majority of hardware is not built with software freedom in mind. Too often, we are beholden to the big hardware companies that sell us our laptops, phones, routers, TVs and other devices. Few manufacturers today build devices with user modifiability and longevity in mind. And it's getting worse. Hardware is becoming more and more locked down, making the need for devices that will work in our interests more and more acute.

Software Freedom Conservancy announced on Friday, in conjuction with our OpenWrt member project, that the first router designed from the ground up by the OpenWrt community is now shipping. OpenWrt developers and SFC staff have been coordinating over the past year to design and produce a hardware device (link is to an unofficial reseller; the official seller will have more in January) that showcases the best of what OpenWrt has to offer. From the upstream-first approach, to the up-front source code availability, no stone was left unturned in ensuring the device would give people flexibility and control over the software (and hardware) that runs their network.

Today is Thanksgiving in the United States, and I am so grateful for all of the amazing people worldwide who are working together towards software freedom.

I am excited to share with you this video where I recently sat down with Anna e só, one of our intrepid Outreachy organizers. Anna is one of the voices I'm most excited to hear from, especially about the most important issues concerning our digital freedoms.

In the interview, we got so excited talking about Anna's experiences and thoughts that we didn't even get to topics related to diversity and inclusion. We'll have to do it again! I'm sure you'll understand from watching this discussion why I'm so thankful to work with Anna!

This week, the Open Source Initiative (OSI) made their new Open Source Artificial Intelligence Definition (OSAID) official with its 1.0 release. With this announcement, the definition of “open source” — with which OSI was entrusted — now differs in significant ways from the views of most software freedom advocates.

This blog post explores the implications and problems with the OSAID as the offical definition of “Open Source AI” and considers next steps.

We were excited and very happy to participate in Linux Plumbers Conference this year, which happened last month (Sep 18-20) in Vienna. As one of the premiere programs using a software right to repair license (GPLv2), Linux is crucial for the future of software freedom in our devices, from those we use to develop and write new code, to the phones many of us carry with us, to the many appliances and even cars that bring conveniences to our lives. And so we were delighted to discuss Linux and its role in our connected future with Linux kernel developers and other enthusiasts who attended this technical conference.

We hosted a BoF, Let's talk about GPL and LGPL enforcement!, which brought dozens of developers together to discuss the hard questions of how we can ensure that Linux's license is enforced so people can get the code they're entitled to, and the current state of GPL and LGPL enforcement across the board. After some discussion of how often companies use software under the GPL and LGPL without honoring the license terms (it's unfortunately very very common), we fielded some questions about source candidates that people had received. The first example that a participant provided as a positive example of a company meeting its obligations turned out to actually be from a company that SFC had sued in the past, that SFC's prior enforcement efforts were helping to change behavior, causing companies to provide GPL/LGPL source code when they hadn't before.

Across organizations who develop and deploy software, there are a wide range of time-sensitive concerns that arise. Perhaps the most diligent team that responds to such time-sensitive concerns is the cybersecurity team. It is crucial for them to quickly understand the security concern, patch it without introducing any regressions, and deploy it. In extreme cases this is all done within a few hours — a monumental task crammed into less time than a dinner party (and often replacing such a social event at the last minute; these teams are truly dedicated).

Many other teams exist across organizations for different levels of risk and concern. In our experience, on average among many companies, the team that receives among the lowest priorities is the team that responds to concerns about a company's copyleft compliance. Now we can think of some reasons for this: the team is often not connected to the team that collated the software containing copylefted code, or that latter team was not given proper instruction for how to comply with the licenses (and/or does not read the licenses themselves). So the team responding when someone notes a copyleft compliance deficiency is ill-equipped to handle it, and is often stonewalled by developer teams when they ask them for help, so the requests for correct source code under copyleft licenses usually languish.

CC-BY-NA 4.0 Lucy Voigt

Thanks so much to one of our matching supporters, The Voigt Family! We're so happy to highlight a young family involved in free software and hear from about what they think about our work and the future. Read on to hear from Eli from a quick interview we did!

There appears to be some debate over whether a certain billionaire said on November 22 that "Tesla Roadster is now fully open source", or maybe that "All design & engineering of the original @Tesla Roadster is now fully open source". In any case, as the people who work every day on whether or not what companies say is FOSS really is FOSS, we reviewed the materials Tesla provided on the Tesla Roadster Service Information page. We found no source code — and last time we reviewed the Open Source Definition, providing source code was mandatory to meet it. But this situation is worse than that. Tesla did include several copies of the Linux kernel in only binary form, with no offer for source whatsoever. That's a GPL violation. We immediately emailed Tesla to ask them where the source code was but (now 3 weeks later) we have still heard nothing back.

Just when I think that I've really grokked the implications of the technology I have woven into my life, I find that life throws completely new challenges my way that make me realize the extent of the work that we have ahead of us for software freedom.

Front of hospital in Brussels CC-BY-SA 4.0 Karen Sandler

Sourceware is a Free Software hosting project for core toolchain and developer tools. Projects like Cygwin, a UNIX API for Win32 systems, the GNU Toolchain, including GCC, the GNU Compiler Colection, two C libraries, glibc and newlib, binary tools, binutils and elfutils, debuggers and profilers, GDB, systemtap and valgrind. Sourceware also hosts standard groups like gnu-gabi and the DWARF Debugging Standard.

In SFC's ongoing [lawsuit against Vizio asking to receive the source code for the copylefted components on their TVs](https://sfconservancy.org/vizio), last week we had a hearing with the judge to discuss the Motion for Summary Judgment that Vizio filed (requesting that the court reject our case before it even went to trial). A couple of our staff attended in-person (in an Orange County courthouse in Southern California) while others, like myself, watched remotely.

When it comes to the law, people working on software freedom are often most concerned about copyright and contract law (and the licenses we use under both), since these appear to most directly affect software freedom. How people can use, study, modify, and redistribute the software is naturally of paramount importance and these laws heavily affect those rights. Generally FOSS projects don't consider their brand as much as the software and community being built, and so other fields of law, like trademark, get less consideration.

At FOSSY 2023, there was a panel discusison about the Red Hat Enterprise Linux (RHEL) issue

For approximately twenty years, Red Hat has experimented with building the Red Hat Enterprise Linux (RHEL) business model. Namely, Red Hat strives to create an operating system deployment and distribution model that looks, feels, and acts like a proprietary one, but nonetheless complies with the GPL and other standard copyleft terms. Software rights activists, including SFC, have spent decades talking to IBM's Red Hat and its attorneys about how the Red Hat Enterprise Linux (RHEL) business model courts disaster and is actively unfriendly to community-oriented Free and Open Source Software (FOSS). This article discusses the issue in depth, including the details related to GPL compliance with the RHEL business model.

I grew up on a farm. My parents worked hard to grow crops and manage the farm business. My parents also found additional jobs to make ends meet. As farmers have done for millennia, my family used tools to farm. Some of those tools were tractors. Farmers now, as they have for thousands of years, rely on their ability and right to fix their tools. Perhaps that's bending a hand rake back into shape. Maybe they need to weld a broken three-point hitch back together. Agriculture was humanity's first truly revolutionary technological advancement. Since its inception, each generation of farmers exercised their right to repair their tools. This has allowed agriculture to grow and improve immeasurably. We take for granted the benefits that this has given us, and the abundance of food it provides.

Today Software Freedom Conservancy is officially opening our call for track proposals for our first annual FOSSY conference! We will be holding the conference in Portland, Oregon July 13-16, 2023 at the Oregon Convention Center. We are looking for community driven tracks that can balance important and in depth technical and non-technical issues, while uplifting contributors of all experiences. Tracks will be modeled after the DevRooms at FOSDEM and the miniconfs at linux.conf.au. They may be between 1 and 4 days, and the organizers of the tracks will be in charge of outreach, calls for submissions, communicating with potential speakers in the track, determining the schedule and hosting the track in person at FOSSY.

Software Freedom Conservancy has today submitted its reply to the FTC's request for comments on how repair information should be displayed on EnergyGuide labels. In particular, SFC has recommended that the FTC mandate a "Software Repair Instructions" section on the EnergyGuide labels that are already required on a variety of home appliances, including televisions, refrigerators, clothes washers, and dishwashers. This would not be a new notice requirement for most manufacturers, since it (currently) only requires manufacturers to provide the notice when they already had obligations under copyleft licenses to offer source code already. This merely changes the prominence of such notices, so that users can more easily see which products contain copylefted software (and thus software repair instructions) or not. This is important because many manufacturers make efforts to deemphasize or obscure their offers (if they have them at all), which prevents consumers from learning that they have rights with respect to their software.

Photo CC-BY-NC-SA Jondale Stratton

Next in our interview series, we have Jondale Stratton, a long time supporter of Software Freedom Conservancy. Jondale is the IT Manager for the National Institute for Mathematical and Biological Synthesis and the Technical Director for his local hackerspace, Knox Makers. In his spare time he enjoys laser cutting, tractors, playing with his bunnies, and replacing people with shell scripts.

Photo CC-BY Justin W. Flory

This year for our fundraising season, we are highlighting some of the incredible donors contributing to our matching fund (of $104,759!!). First up in our interview series is Justin W. Flory who has generously provided matching funds. He has repped Software Freedom Conservancy at a lot of recent conferences and it's always exciting to see him handing out our stickers and speaking to people about it. We were so happy to catch up with them and see what drives his passion behind software freedom and ethical technology.