136
submitted 8 months ago* (last edited 8 months ago) by starman@programming.dev to c/opensource@lemmy.ml

Relevant parts:

Partner represents and warrants that it shall not introduce into WhatsApp’s Systems or Infrastructure, the Sublicensed Encryption Software, or otherwise make accessible to WhatsApp any viruses or any software licensed under the General Public Licence or any similar licence (e.g. GNU Affero General Public License (AGPL), GNU General Public License (GPL), GNU Lesser General Public License (LGPL)) containing a "copyleft" requirement during performance of the Services.

Partner shall not: (i) combine Sublicensed Encryption Software with any software licensed under any version of or derivative of the GNU General Public License (e.g.; GNU Affero General Public License (AGPL), GNU General Public License (GPL), GNU Lesser General Public License (LGPL) in any manner that could cause, or could be interpreted or asserted to cause, the Sublicensed Encryption Software or any modifications to the Sublicensed Encryption Software to become subject to the terms of any version of or derivative of the GNU General Public License or other copyleft open source software

all 41 comments
sorted by: hot top controversial new old
[-] haui_lemmy@lemmy.giftedmc.com 72 points 8 months ago

What is that bs? So they only interoperate with closed source, for profit services or what? I hope the EU rips them a new one.

[-] poVoq@slrpnk.net 20 points 8 months ago

All the closed source for profit services that might be relevant already said that this crippled access is of no interest, and the only ones left (Matrix and some hobbiists) will be likely prevented from ever using it by these legal shenanigans. Malicious compliance accomplished 😒

[-] haui_lemmy@lemmy.giftedmc.com 1 points 8 months ago

Well, the DSA goes in the right direction so I am still hopeful. Feel free to write to your representative how exactly these laws need to be changed. Be the change you want to see.

[-] RecallMadness@lemmy.nz 9 points 8 months ago

No, just GPL licensed source.

MIT, BSD, Apache, and all the other OSI licenses are fair game.

[-] haui_lemmy@lemmy.giftedmc.com 4 points 8 months ago

i‘m not familiar with the differences. I know they differ in terms of „can the end product be closed source“ but no idea which one does what. I read up every time i need to use one but hasnt been too often.

[-] lemmyvore@feddit.nl 10 points 8 months ago

GPL is a "copyleft" license aka a "viral" license. It forces anybody who uses it to keep the software open but not just the code, also the way it is being used, and to use the same license if they modify the code, or distribute anything made with the code, and these terms are perpetual and unrevokable.

Basically anything GPL will keep being GPL and anything that comes into contact with it will have to be GPL or take certain precautions to avoid becoming GPL.

[-] haui_lemmy@lemmy.giftedmc.com 2 points 8 months ago

Thanks for clarifying. I have read something like this but now its more clear.

[-] onlinepersona@programming.dev 3 points 8 months ago

I just hope the elections in June don't get the EU a parliament of right wingers dead set on "smaller government" and "free market". Given that EU citizens are just humans and very influenced by the republicans of the USA, it wouldn't surprise me though. Let us enjoy what could've been while 30% of the population ignores its democratic duty and 60% give in to USAian + Russian propaganda 🍷

CC BY-NC-SA 4.0

[-] haui_lemmy@lemmy.giftedmc.com 1 points 8 months ago

I hope so too but we have to admit that it is hard enough for a lot of people to get by so besides going to protests and talking, I cant fret too much about it anymore or I risk permanent damage to my life which wont bring anyone any good.

I have since blocked all american politics and topics that I cant change and dont have the energy to advocate for. My family and community need me for a couple years longer so I have to choose my fights. Sorry if thats not enough for you.

[-] onlinepersona@programming.dev 1 points 8 months ago

I have blocked American politics too. Just take and evening out of your life to look at which parties will be on the ballot and their election program points (just bullet points), take another hour on election day and that's it. There's nothing more to it.

It happens every 4 years. Is that really too much?

CC BY-NC-SA 4.0

[-] haui_lemmy@lemmy.giftedmc.com 2 points 8 months ago

Since I‘m not in the US, my times are a little different but I go vote and I go protest (which is more than most) if stuff is bad. But reading bad things every day sends me into defeatism so I need to keep it away from me so I can stay being productive (not only work but also live and vote)

[-] onlinepersona@programming.dev 1 points 8 months ago

Then you're doing fine 👍 I know many people who don't follow politics because it's theatre, and no world news because it's just depressing. Totally understandable. You haven't given up and still vote, which is good. I can only hope you vote for the good of all, but at least you show up.

Have a good day, mate.

CC BY-NC-SA 4.0

[-] haui_lemmy@lemmy.giftedmc.com 1 points 8 months ago* (last edited 8 months ago)

Well, thats quite a broad term. As a minority member, I feel responsible to vote for equality and inclusion. Thats not great for those who would like „a strong leader“ or „just let the markets decide“ but I consider going against others‘ opinion less of an offense than going against their personhood.

Edit: you have a good one as well. :) Edit2: do you put that license in manually or automatically?

[-] onlinepersona@programming.dev 1 points 8 months ago

For me, egoistic altruism shaped my voting behavior.

Edit2: do you put that license in manually or automatically?

I'd appreciate a "signature" function in a lemmy frontend client, so until then, it's manual.

CC BY-NC-SA 4.0

[-] PipedLinkBot@feddit.rocks 1 points 8 months ago

Here is an alternative Piped link(s):

egoistic altruism

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[-] haui_lemmy@lemmy.giftedmc.com 1 points 8 months ago

Thats actually a very interesting and healthy take imo. I‘m an altruist from birth and need to take better care of myself. But otherwise I‘m on the same track.

Also, I‘m strongly against the thing they left out (probably to not polarise, which makes the point come across easier), people still trying to get a bigger pie than anybody else.

But I guess both approaches are helpful.

[-] starman@programming.dev 18 points 8 months ago

Not to mention that interoperability is limited to EU (EEA to be specific)

[-] sweng@programming.dev 15 points 8 months ago

Just dual-license your software under the TNGPL (Totally Not GPL) license that just so happens to afford the same protections.

[-] lemmyvore@feddit.nl 20 points 8 months ago* (last edited 8 months ago)

Fun fact: the GPL license is itself under copyright, held by the FSF, and subject to certain conditions. That's why there's only one "GPL" and it remains the same and everybody can rely on what's in it.

Besides, they did mention that derived licenses or any copyleft licenses are not ok either.

[-] sweng@programming.dev 4 points 8 months ago* (last edited 8 months ago)

They actually did not. They clearly state (at least in the text posted by the OP) that you are not allowed to license under a version or derivative of the GPL if it would end up copyleft. The main condition is that it is licensed under a version of the GPL.

(To be clear, I'm talking about the second quote, about combining)

[-] fenndev@leminal.space 12 points 8 months ago

Pardon me, but would this not interfere with partners' ability to host services via 99% of Linux-based servers?

[-] RecallMadness@lemmy.nz 13 points 8 months ago

No, running software on GPL licensed systems does not make the guest software GPL.

But, The AGPL is “infectious”, and one bit of AGPL can make your entire project subject to the AGPL. It’s a legal nightmare and many businesses outright ban the use of AGPL software.

Presumably, they’ve just blanket banned GPL to avoid any ambiguity.

[-] pupbiru@aussie.zone 10 points 8 months ago

i THINK they’re saying that they sublicense a library to do encryption in order to talk to WhatsApp and that it’s this software that they won’t be allowed to be included in GPL-licensed software because it may be that in the future that implies a release of source code?

this doesn’t seem unreasonable as long as you can create a facade or abstraction that’s NOT GPL-licensed to interact with WhatsApp that then interacts with your GPL code?

or i could be misreading entirely

[-] citytree@lemmy.ml 4 points 8 months ago

Does this mean that the Eclipse Public License is allowed (unless GPL is listed as a "Secondary License") but the Mozilla Public License is not allowed (unless "Incompatible With Secondary Licenses")?

[-] avidamoeba@lemmy.ca 4 points 8 months ago* (last edited 8 months ago)

This looks written to protect against copyleft infection. It's probably fine to link.

[-] maynarkh@feddit.nl 4 points 8 months ago

otherwise make accessible

This sounds very, very broad. Broad enough for at least a chilling effect.

[-] charonn0@startrek.website 3 points 8 months ago* (last edited 8 months ago)

Partner represents and warrants that it shall not introduce into WhatsApp’s Systems or Infrastructure, the Sublicensed Encryption Software, or otherwise make accessible to WhatsApp any viruses

The technical definition of a "computer virus" is actually quite narrow, and true viruses are rare these days because they are passive and slow compared to more modern malware types.

A strict, literal reading of the text says that all other kinds of malware are acceptable.

[-] d3Xt3r@lemmy.nz 3 points 8 months ago* (last edited 8 months ago)

Paragraph 3.1.5. expands on that though:

To transmit, send or upload any material that contains viruses, Trojan horses, worms, time-bombs, keystroke loggers, spyware, adware or any other harmful programs or similar computer code designed to adversely affect the operation of any computer software or hardware.

I'm not a lawyer, but under the definition of "Infrastructure" on page 5, they state that they will construe WhatsApp Infrastructure and Partner Infrastructure accordingly, which to my untrained eye is prima facie evidence to their acknowledgement that these are separate systems, at least one (the Partner's) of which is not under their custodianship and not named as subject of the first stipulation you quoted. In other words "do not make it so WhatsApp's own infrastructure would run GPL material" and potentially "do not send GPL material through our systems"

The second one I interpret to mean "nothing with licenses that apply that runtime operation is copy left"

[-] xilliah@beehaw.org 2 points 8 months ago

Well they did pay an ungodly amount of money for a freaking chat program.

[-] toastal@lemmy.ml 7 points 8 months ago

You mean a metadata & contact list harvester

[-] lemmyvore@feddit.nl 3 points 8 months ago

Don't sell it short, it probably collects the gist of the chats too.

[-] mukt@lemmy.ml 3 points 8 months ago

Don't be paranoid. They scans our chats against problematic keywords to find out bad guys, and metadata helps law enforcement in catching these bad guys. /s

this post was submitted on 07 Mar 2024
136 points (97.2% liked)

Open Source

31217 readers
430 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS