This is not a good trend
This is not a good trend
Posted Mar 1, 2025 1:39 UTC (Sat) by intelfx (subscriber, #130118)Parent article: Fedora discusses Flatpak priorities
It is deeply disturbing that more and more free software projects are using trademarks and legal threats as a means to manipulate and exert control over how others are allowed to package, deliver, and consume said free software.
Posted Mar 1, 2025 2:09 UTC (Sat)
by roc (subscriber, #30627)
[Link] (8 responses)
Posted Mar 1, 2025 2:54 UTC (Sat)
by bgilbert (subscriber, #4738)
[Link] (7 responses)
Historically there's been an understanding that the freedoms of free software must include the freedom to ship broken versions of it. That's necessary in order to also have the freedom to ship improved versions, such as versions with antifeatures removed.
Posted Mar 1, 2025 8:56 UTC (Sat)
by mjg59 (subscriber, #23239)
[Link] (4 responses)
Posted Mar 2, 2025 2:35 UTC (Sun)
by bgilbert (subscriber, #4738)
[Link] (3 responses)
Posted Mar 2, 2025 12:38 UTC (Sun)
by khim (subscriber, #9252)
[Link] (2 responses)
And what's wrong with that? If distros insist on playing the middleman then they have to shoulder the support burden. It's the same story as with with that damn DMA API: either you support something – and then you can impose demands, or you don't support something – and then you don't have any say on how app is supposed to work. For ages distros were trying to play games where they have been trying to impose their rules on everyone while refusing to do the support work. Flatpacks and SNAPs gave technical means of solving the issue, but the will to relinquish control is still not there. Which is sad: the ability to build apps and deliver them to users was so natural, it's, essentially, the basis of a general-purpose OS that it's really hard to even believe that someone may still fight that basic need. If distros want or need to include some third-party code – that's fine… but there shouldn't be any confusion about who is the support contact… today we have that confusion and it needs to be fixed, one way or another.
Posted Mar 2, 2025 13:05 UTC (Sun)
by bluca (subscriber, #118303)
[Link]
This is abject nonsense, and just shows you haven't the faintest clue about the work distro developers actually do. If you hate Linux distros so much, just switch to Windows - everyone ships their own apps as .exe to download from random websites, I hear it works really great, especially for security
Posted Mar 2, 2025 13:34 UTC (Sun)
by pizza (subscriber, #46)
[Link]
*ahem*
To quote https://github.com/obsproject/obs-studio/blob/master/COPYING --
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
Posted Mar 1, 2025 19:03 UTC (Sat)
by Mook (subscriber, #71173)
[Link] (1 responses)
See also specific comment describing their experience: https://gitlab.com/fedora/sigs/flatpak/fedora-flatpaks/-/...
The issue was that Fedora was shipping broken versions, but making the users think they were getting the upstream version (because it's a Flatpak), so upstream was getting all the bug reports. Historically, when distros ship broken versions (e.g. Debian and keepassxc for a while) at least the users can figure out where the issue lied.
Posted Mar 2, 2025 2:54 UTC (Sun)
by bgilbert (subscriber, #4738)
[Link]
Posted Mar 1, 2025 7:22 UTC (Sat)
by epa (subscriber, #39769)
[Link] (54 responses)
Posted Mar 1, 2025 8:31 UTC (Sat)
by cjwatson (subscriber, #7322)
[Link] (24 responses)
Posted Mar 1, 2025 9:37 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (19 responses)
So if I realise a bastardised version of "Watson's Medicinal Compound" that doesn't work, and moreover is harmful to users' computers, you'd be happy to get the blame for it?
A trademark is the user's way of knowing that they are getting the *genuine* *article*. It doesn't matter in the slightest whether you think your version is better or not. It doesn't matter in the slightest whether your version *really* *is* better or not (and that's down to the user, anyway, not you).
The fact is, your version is not the genuine original, and for you to mislead people into thinking it is is called fraud. You HAVE to strip trademarks - that's all there is to it.
(with apologies to Lily :-)
Cheers,
Posted Mar 1, 2025 22:12 UTC (Sat)
by dvdeug (guest, #10998)
[Link] (18 responses)
> You HAVE to strip trademarks - that's all there is to it.
"Reverse passing off"--the act of stripping the trademarks off and releasing it under your trademarks--can get you sued just like trademark infringement. It's illegal at least in the US and India.
Posted Mar 2, 2025 0:23 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (14 responses)
That would be nice, yes, but it's not a requirement. It IS a legal requirement not to mis-use other peoples' trademarks. I understand Red Hat do that, but it's a lot of work - YOU are expecting volunteers to do loads of work for your benefit, not theirs? If you want - or need - it, you have to do it. You can't expect others to do unpaid work for your benefit.
> "Reverse passing off"--the act of stripping the trademarks off and releasing it under your trademarks--can get you sued just like trademark infringement. It's illegal at least in the US and India.
Even if the licence explicitly permits it?
At the end of the day, as I see it, FLOSS people should be respectful of other people. That includes their reputation and livelihood, and as such Intellectual Property extremism, whether maximalist or minimalist, tends to be driven by people standing on their rights to be jerks :-(
We object to Big Business trying to lock everything up behind "intellectual property" so they can rip everybody else off. Why do we have so many people in our own camp who want to abolish intellectual property so that they can rip other people off and destroy their livelihood and reputation?
Because this particular incident is a perfect example of the latter - the project's reputation is being damaged by people who don't appear to care that their actions are benefiting themselves at the expense of the people actually doing the work. That shouldn't be acceptable behaviour in our community.
Cheers,
Posted Mar 2, 2025 2:15 UTC (Sun)
by bgilbert (subscriber, #4738)
[Link] (1 responses)
This is free software. No one is being ripped off if someone ships a modified version; it's the whole point of the exercise.
It's good when people can make a livelihood from their work, but sometimes they come to think they're owed one, and that's where the bad behavior often starts. FOSS upstreams are stewards of their projects, not owners, and should not expect to have ultimate say over how the code is deployed or used.
Posted Mar 2, 2025 9:08 UTC (Sun)
by pabs (subscriber, #43278)
[Link]
Posted Mar 2, 2025 7:04 UTC (Sun)
by dvdeug (guest, #10998)
[Link] (11 responses)
You want people to not use your trademarks on Free software, make it easy to not use your trademarks.
> It IS a legal requirement not to mis-use other peoples' trademarks. / Even if the licence explicitly permits it?
What does the license and the law actually say? I'm not aware that either statement is clearly true. Do you have a right to distribute Mozilla Firefox under the Mozilla Firefox name? What if you've had to add a minor patch? What if your only changes are around the code? You're still distributing the item that trademark describes.
On the flip side, what license explicitly permits replacing trademarks? The GPL 3 gives options:
Notwithstanding any other provision of this License, for material you
a) Disclaiming warranty or limiting liability differently from the
b) Requiring preservation of specified reasonable legal notices or
c) Prohibiting misrepresentation of the origin of that material, or
d) Limiting the use for publicity purposes of names of licensors or
e) Declining to grant rights under trademark law for use of some
f) Requiring indemnification of licensors and authors of that
Those are options, and b) and c) edge towards demanding people do preserve trademarks.
> Because this particular incident is a perfect example of the latter - the project's reputation is being damaged by people who don't appear to care that their actions are benefiting themselves at the expense of the people actually doing the work.
Or Fedora's packagers are the standard overloaded people trying to handle way too much.
Posted Mar 2, 2025 10:20 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (10 responses)
> You want people to not use your trademarks on Free software, make it easy to not use your trademarks.
On the flip side, don't abuse other peoples' property, DON'T ABUSE YOUR OWN DOWNSTREAM, don't be a jerk!
> > It IS a legal requirement not to mis-use other peoples' trademarks. / Even if the licence explicitly permits it?
> What does the license and the law actually say? I'm not aware that either statement is clearly true. Do you have a right to distribute Mozilla Firefox under the Mozilla Firefox name? What if you've had to add a minor patch? What if your only changes are around the code? You're still distributing the item that trademark describes.
As I see it, if the licence permits it, then it can't be mis-use, so reverse passing off as you called it can't be mis-use if the licence says that's okay. I've got a WebOS TV which I believe is linux under the hood. So I guess that makes it reverse passing off. And the GPL is PERFECTLY HAPPY with that.
As PJ had a habit of saying, the law is "squishy".
On the strict side, if Firefox is a trademark, then the law is extremely clear - if you get your copy of Firefox from Mozilla, then there is no trademark abuse whatsoever. And yes, people have tried to abuse that and complain that 3rd parties distributing the genuine article are in breach of trademark.
On the flip side of that, how would you like to go to a main dealer, get your brake pads replaced with "Genuine Ford Parts", and then get involved in a possibly fatal crash after maybe only 200 miles because somebody had tricked the supply chain into accepting cheap rip-offs and your brakes failed. It's happened! Which is why trademark abuse is taken very seriously.
It basically boils down to whatever the trademark holder is happy with. Take Linux for example, so long as (a) it's clearly based on an original version of Linux curated by Linus, and so long as it's made clear that an altered version is an altered version (eg I expect my gentoo kernel to have modifications made by the gentoo team), then they're fine with it.
Put differently - don't be a jerk! The trademark is meant to protect the time, effort and money the trademark holder has put into building up a brand. For you to mark your version - and dupe your downstream - into believing what they have is the original, is basically abusing upstream's property. And that's what's happened here.
Fedora received a notice "You are shipping a broken product as if it were the genuine original. Please desist", and they acted like complete jerks. This is very clearly the "Ford Brakes" end of the spectrum. And it could easily end up with upstream shutting down. THAT is why this is serious from the FLOSS point of view. This is quite capable of destroying a project, and all because downstream couldn't care what damage they are causing.
> c) Prohibiting misrepresentation of the origin of that material, or
That clause pretty much describes what a trademark is - a mark that represents the origin of the material. So to leave those marks in your modified version AND NOT ADD YOUR OWN CLEARLY DISTINGUISHING MARKS is clearly, AND EXPLICITLY, a possible licence breach. And the existence of trademarks is clearly invoking that clause and saying it IS a licence breach.
Cheers,
Posted Mar 2, 2025 14:36 UTC (Sun)
by PastyAndroid (subscriber, #168019)
[Link] (9 responses)
It could be made very clear that they need to do this and the software may have modifications[1]. This would solve the issue of upstream dealing with reports that may not necessarily apply. Thus, not wasting their time/effort.
Perhaps even the software developers themselves could do this, force all distribution users to report to the distribution first while automatically closing new reports that have not done this.
Finally, FOSS applications which have trademark issues (legal threats) can be dropped from distributions to avoid legal issues, ensuring that users only obtain the software from official and authorized sources.
[1] Though, I figured this was common knowledge, a good chunk of software across all distributions has always been modified in some way to make it blend in with the distributions other software, this is standard practice. For example, regardless of distribution you'll rarely get a vanilla kernel (no modifications) or vanilla glibc, vanilla plasma, etc.
Posted Mar 2, 2025 19:57 UTC (Sun)
by NAR (subscriber, #1313)
[Link] (5 responses)
Exactly how? And should the software developer really care about the dozen(!) major Linux distributions out there, especially if most if its users are on Mac OS or Windows?
Posted Mar 2, 2025 20:30 UTC (Sun)
by roc (subscriber, #30627)
[Link] (4 responses)
"Just focus on the important distros" people say, but of course no-one agrees on what are the important ones, and of course every distro that one of your users uses is important to them.
For a lot of apps an upstream-provided Flatpak seems like a pretty good solution. Upstreams like OBS should be able to declare that they don't want distro-packaged distribution. Friendly people should honor the requests of people whose work they're benefiting from, even when they don't legally have to. Therefore distros that don't respect such a request should be shamed and required to do the hard work of ripping out the trademarks.
"Upstreams benefit from downstream packager work too" people say, but it's incredibly asymmetric in general.
Posted Mar 3, 2025 13:35 UTC (Mon)
by PastyAndroid (subscriber, #168019)
[Link] (3 responses)
I said that bug reports could be handled by the distribution first, the user knows which distribution they are using and it is their responsibility to report bugs to the correct place.
Distributions could make this clearer before downloading. E.g, something like "Software included in this distribution is packaged and redistributed by distribution X and may be modified, sometimes this may cause unforeseen issues with the software operation as such if you experience issues we recommend reporting it to our bug tracker <link> first or seeking support from our community at <locations>."[1]
Perhaps even a dialog on first boot could do similar. Thus, the developers in most instances will not have to do anything since the user has already been directed.
As for dealing with it themselves, I did say automated. Perhaps requiring a link to the distributions bug report before accepting a report, for example.
Do note, this mostly only applies to developers who are worried about this kind of thing and how their software is used/distributed.
[1] I'm not a writer or people person, I'm a coder. This will have to be re-written entirely, but you get the point. :-P
Posted Mar 3, 2025 13:45 UTC (Mon)
by pizza (subscriber, #46)
[Link]
Distributions can (and do!) do this until they are blue in the face, but end-users will routinely ignore any such notificaitons (even if done on *every* program notificaiton) and go straight for the upstream, nearly every single time.
Posted Mar 3, 2025 14:46 UTC (Mon)
by NAR (subscriber, #1313)
[Link] (1 responses)
Posted Mar 3, 2025 16:23 UTC (Mon)
by PastyAndroid (subscriber, #168019)
[Link]
The issue we're discussing here is where Fedora compiled the application with different versions of software than the application author did, this caused issues with the software. That is a distribution specific issue and would apply in this case and thus, this belongs as a report for the distribution and not the original authors. Such issues should always be first reported to the distribution, not the authors.
The line can get a little blurry as to who is responsible from a users perspective and so, I suggested reporting all issues to the distribution first as a matter of course, the distribution can help guide the user as to whether it's a distribution specific issue or an upstream issue - perhaps the package maintainer or someone on behalf of the distribution could open the upstream bug report as they are in a much better position to provide the necessary information (think debugging and otherwise).
In any case, authors who do not wish to deal with such potential issues can use flathub or other official distribution methods and avoid their packages being redistributed in a distribution using their trademark rights to refuse it. Thus, any issues are solely on the original authors as they control the whole chain in that case.
Overall the key would be to ensure users are properly guided in how to report their problems, removing any ambiguity or need to question it. The easier you make this for users, the better.
We really do not want to be an 'open community' that sues each other using trademark rights when we are unhappy with something. That doesn't sound very open at all. Instead we should aim to solve the underlying issues as opposed to putting a band-aid on issues or ignoring them.
Posted Mar 2, 2025 21:51 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (2 responses)
Why? Are you advocating punishing upstream, because downstream is being a jerk? All you need to do is abide by the GPL, take responsbility for your own actions, and then there won't be a problem.
This all boils down to the fact that much of Fedora's downstream doesn't realise that this is a Fedora-modified project, and hence upstream gets blamed for Fedora's blunders. To punish upstream, because Fedora screwed up, is completely unacceptable.
At the end of the day, if YOU screw up, OWN IT. Just try it - you'll be amazed. It'll do your reputation (amongst decent people) no harm whatsoever. And if it WILL harm you, to be blunt, that's society I'd rather avoid, thank you very much ... (and if it's work, I'd be looking to jump ship!).
Cheers,
Posted Mar 3, 2025 13:26 UTC (Mon)
by PastyAndroid (subscriber, #168019)
[Link] (1 responses)
Also, this does not 'punish' upstream in the slightest. It simply gives them control over their project, if they wish to be the sole distributor then they can be by eliminating the middle man and thus protecting their reputation and project, in this way people are not redistributing it in a form they are unhappy with.
Personally, I'm against the concept of FOSS being treated this way, but I can see it is something some FOSS devs need.
Posted Mar 3, 2025 17:43 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
But they don't.
People keep on attributing other things to upstream, but all upstream wants is *not* to be blamed for downstream's mistake!
That is it!
Cheers,
Posted Mar 2, 2025 20:55 UTC (Sun)
by NYKevin (subscriber, #129325)
[Link] (2 responses)
No, it is not illegal in the US. Fox tried to litigate this exact issue many decades ago, and SCOTUS slapped them down. See https://www.oyez.org/cases/2002/02-428
(In that case, the original was in the public domain - but SCOTUS did not stop there, and instead made a blanket ruling that "reverse passing off" is only a thing for physical goods, so you certainly can't apply it to intangible software.)
Posted Mar 2, 2025 23:37 UTC (Sun)
by NYKevin (subscriber, #129325)
[Link] (1 responses)
In the case of the GPL (and most FOSS licenses), there is indeed a requirement to preserve the copyright notice. But a copyright notice is a single line, usually at the top of LICENSE.txt (or COPYING.txt, or whatever your FOSS project decided to call it), that names the author(s) of the software. Hardly anyone ever looks at it, except incidentally when they're trying to check what license is applicable. The name and branding of the product is an entirely different thing altogether, and no FOSS license (that I have ever heard of) explicitly requires you to preserve such branding.
Posted Mar 3, 2025 9:44 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
Cheers,
Posted Mar 1, 2025 9:51 UTC (Sat)
by epa (subscriber, #39769)
[Link]
Sadly nowadays the branding is “Firefox”, or “Firefox browser” for the pedantic, but the program is not installed as /usr/bin/browser. This makes it hard to preserve the freedom to make and distribute any changes you want.
Posted Mar 3, 2025 15:29 UTC (Mon)
by amarao (guest, #87073)
[Link] (2 responses)
We should have this. It is already true for Chromium (patented trade mark: chrome), codium (patented name vs code).
Should be the same for all other software. Something to identify, and something to brag about.
Posted Mar 27, 2025 9:02 UTC (Thu)
by sammythesnake (guest, #17693)
[Link] (1 responses)
In this case, you're talking about "trademark" , not "patent".
In brief, trademark law deals with names/logos etc. that identify the creator/purveyor of a product (protecting consumers from getting the wrong thing and creators/purveyors from reputation damage) while patent law deals with inventions, giving inventors a temporary monopoly over the market for their invention in exchange for making the invention available for others to replicate once three patent period ends.
For completeness, copyright is the third "intellectual property" law often conflated, which gives creators a monopoly over copying/performing the work, and the fourth (less spoken of) one is "trade secret" which provides protections against ”secret recipes" being leaked, but it's really rather different from the other three, and doesn't make much sense in a context with published source code(!)
There are details I've glided over, but that's the general gist...
Posted Mar 27, 2025 11:56 UTC (Thu)
by Wol (subscriber, #4433)
[Link]
Where you protect the appearance of your product - competitors can make stuff which does the same thing, but they can't make it look the same.
(NB - the word "patent" comes from "letters patent", which is why it doesn't (in law) mean what most people assume it means.)
Cheers,
Posted Mar 1, 2025 13:49 UTC (Sat)
by draco (subscriber, #1792)
[Link] (8 responses)
So to follow your rule, you wouldn't be able to call them "Linux distributions" since none of them would distribute "Linux."
That seems like a huge problem.
Posted Mar 1, 2025 15:12 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (7 responses)
Which - IF APPROACHED WITH RESPECT - really isn't.
If I bought Linux in Scandinavia, I think I'd be going home with a box of Washing Powder :-). Yes really! And that's fine, the user is not being mislead.
If I buy a Linux distro, Linux itself is only part of the distro. And the linux project is openly happy with being shipped as part of another product. But - and actually - Fedora shipping this flatpack looks like a GPL breach! - if I buy, let's say gentoo, linux, the mere name of the distro is notification that the project has probably modified linux. As required by the GPL - a "prominent notice that this is a modified version of the software".
So the fact that Fedora are shipping a modified version of the flatpack - with NO apparent indication that it is modified - is a clear black-letter breach of the GPL's requirement to ensure "prominent notices" telling the user it's been modified!
Cheers,
Posted Mar 1, 2025 17:20 UTC (Sat)
by jkingweb (subscriber, #113039)
[Link] (6 responses)
Is it actually modified? My impression is that it's just configured differently.
Posted Mar 1, 2025 17:37 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (5 responses)
It's probably got different bundled dependencies. Editing the configurations IS a modification. Etc etc. The binary has been built from the rpm so is almost certainly "modified" as far as the GPL is concerned ...
The thing is, shipping the rpm is fine - the mere fact that it is an rpm (and the R in rpm originally stood for Red Hat, no?) tells the user that this is not the original version from the original project.
But flatpacks are meant to be distro-agnostic. The Fedora flatpack is modified and different from the project's flatpack. AND THERE IS NO VISIBLE DIFFERENCE TO THE USER. The user expects the flatpack to come from the project. It doesn't, and there is no way for a naive user to realise that. So if it isn't a GPL violation, Fedora are skating very close to the edge of the ice ... it's certainly not within the spirit of the GPL for users to be misled ...
Cheers,
Posted Mar 1, 2025 21:11 UTC (Sat)
by pizza (subscriber, #46)
[Link] (3 responses)
Uh, not necessarily. Run the configure (or cmake, or whatever) command line with different options, you're not modifying the source at all. Different dependencies present (or not) can also affect the build, again without modifying any source code.
Posted Mar 3, 2025 6:15 UTC (Mon)
by NYKevin (subscriber, #129325)
[Link] (2 responses)
> To “modify” a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a “modified version” of the earlier work or a work “based on” the earlier work.
In other words: If you distribute any file that is not 100% identical to a file provided by upstream, then you have modified the work.
You can scream until you're blue in the face that this is inconvenient, unreasonable, not what people do in practice, overly strict, etc., but if you get sued, the courts will not be interested in anything outside of the four corners of the license as it is actually written. So you should comply with the license as it is written, or at least be prepared to comply when some upstream inevitably asks you to do so.
Posted Mar 3, 2025 13:55 UTC (Mon)
by pizza (subscriber, #46)
[Link] (1 responses)
...but that only matters if you do so "in a fashion that requires copyright permission".
Meanwhile. These copyright holders don't get to scream "BUT MAH TRADEMARKS!!!" if you create derivatives of their F/OSS that contain their trademarks, but also scream "BUT MAH TRADEMARKS!!!" if you first *strip out* every one of their trademarks and call it something completely different.
Posted Mar 3, 2025 18:59 UTC (Mon)
by NYKevin (subscriber, #129325)
[Link]
I agree. But I have never heard of the latter happening. I think you just made it up.
Posted Mar 1, 2025 23:36 UTC (Sat)
by jkingweb (subscriber, #113039)
[Link]
Moreover, I believe the Fedora flatpak being different from the OBS flatpak is a red herring since the former is (if I understand correctly) not derived from the latter, but rather built from the OBS source, with a different flatpak runtime environment.
I don't disagree that it's a crummy situation and that Fedora should not distribute poor-quality packages which may be misconstrued as coming from upstream, but I don't see how it rises to a license violation, based on the facts presented.
Posted Mar 2, 2025 9:03 UTC (Sun)
by pabs (subscriber, #43278)
[Link] (19 responses)
Posted Mar 2, 2025 10:23 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (18 responses)
Why should upstream do your dirty work for you? This is, unfortunately, a perfect example of FLOSS's entitlement culture - other people, WHO ARE WORKING FOR FREE (usually), should do EXTRA work for your benefit.
Cheers,
Posted Mar 2, 2025 13:25 UTC (Sun)
by pizza (subscriber, #46)
[Link] (14 responses)
This cuts both ways. You don't want your stuff "used" in certain ways, don't release it under F/OSS licenses.
Posted Mar 2, 2025 13:42 UTC (Sun)
by Wol (subscriber, #4433)
[Link] (4 responses)
I don't know about you, but I personally would like to take credit, and responsibility, for my own work. Are you telling me I need to release it totally anonymously so so other people can steal the credit?
As I've said repeatedly, don't be a jerk. Don't hide where stuff came from. Don't dupe your own downstream.
If I take ScarletDME, modify it, and market it as "Wol's DME", that's not a problem. If, however, I market my version as if it was upstream, that's FRAUD.
And you know what - I don't want my work used in "certain ways". I don't want it FRAUDULENTLY MISREPRESENTED. If you take my work, leave my trademarks in, AND PROMINENTLY ADD YOUR OWN (as *demanded* by the GPL!!!), that's fine by me.
Cheers,
Posted Mar 2, 2025 23:06 UTC (Sun)
by interalia (subscriber, #26615)
[Link] (3 responses)
Huh? How did you get that reading? To me, the opposite of "releasing under F/OSS licence" would be "releasing it under a proprietary licence". I don't know you got "release anonymously" from that.
And can we have less shouting, please? For such an old timer as you profess to be, you use a lot of all caps. Please take some deep breaths for your own good and that of the site.
Posted Mar 3, 2025 9:41 UTC (Mon)
by Wol (subscriber, #4433)
[Link] (2 responses)
I'm enough of an old timer to remember when "all caps" was all there was! And I've reached the age where I'm a "grumpy old man" :-)
> To me, the opposite of "releasing under F/OSS licence" would be "releasing it under a proprietary licence".
Read the thread. The parent that provoked that was basically saying "if you don't want to do loads of (unpaid) work to enable other people to rip you off, you shouldn't use a FLOSS licence". I know big business has taken over large swathes of the FLOSS landscape, but we don't need to encourage them by driving the small guy out ...
Cheers,
Posted Mar 3, 2025 9:50 UTC (Mon)
by rschroev (subscriber, #4164)
[Link]
I'm sorry but that is a very weak excuse. We've had lower case for a very long time now. The convention that all caps means shouting, and that it therefore should be used very sparingly, has existed for 30 years at the very least by now. It has been pointed out to you multiple times here. Yet you still continue to use all caps, which in my opinion shows a lack of respect for the people you want to communicate with.
Posted Mar 3, 2025 10:20 UTC (Mon)
by interalia (subscriber, #26615)
[Link]
Cool story bro, now since we can see you mastered the world wide web just fine, you're perfectly capable of not shouting so stop doing it every time a thread goes more than 2 comments deep.
> The parent that provoked that was basically saying "if you don't want to do loads of (unpaid) work to enable other people to rip you off, you shouldn't use a FLOSS licence".
So as I understand it, being "ripped off" here means having someone else pass their modified app as the original. I don't want to get caught up in who's being "entitled" about it, that's not really productive.
We often say FLOSS is scratching your own itch, well if the trademark use is a concern then isn't it fundamentally an itch of the upstream trademark holder? If an upstream feels strongly about their trademark being misused by a downstream, then I'd say it's mutually beneficial to both of them if it's straightforward to distribute an unaffiliated version without the trademarks, since the easier it is to do then the more likely it is that the downstreams will dutifully strip the trademark out rather than saying it's too much effort and daring the trademark owner to file suit.
But on a practical level there is one upstream and multiple downstreams, and if I was upstream and cared about this I think I'd prefer to do it once to have a consistent result rather than have each downstream distro patch the app individually at varying effort and quality levels. This is not about who's entitled to what work, but what would give me the best outcome.
Posted Mar 2, 2025 20:59 UTC (Sun)
by NYKevin (subscriber, #129325)
[Link] (8 responses)
The fact that this is inconvenient to you is, as far as the law is concerned, entirely your problem to solve.
Posted Mar 3, 2025 7:08 UTC (Mon)
by gdt (subscriber, #6284)
[Link] (1 responses)
Further to this comment about trademarks, trademarks are not the only issue: there is the question of 'trade dress'. Unlike many packaging formats, Flatpak typically displays much of the trade dress used by the project. This was the essential point for OBS: the two Flatpaks were dressed so similarly that people were confusing the genuine product and the copy (a copyright-permitted copy, but a copy all the same). Fedora could perhaps make the trade dress of its own Flatpaks different enough to avoid this issue re-occuring.
Posted Mar 3, 2025 9:52 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
Do we really want to go back to those days, and give the enemies of FLOSS a free reign to trash our reputations?
Even if we don't know about NCR, I'm sure we know all about the Windows stores that wrapped FLOSS programs in a malware or PUP containing installer, and did lots of damage. I think we've managed to stamp that out - do you really want to go back to those days?
Cheers,
Posted Mar 4, 2025 12:45 UTC (Tue)
by ballombe (subscriber, #9523)
[Link] (5 responses)
But fundamentaly, if the trademark make it too onerous to modify the software, we still have option to declare the software non-free. This is not a legal determination.
Posted Mar 4, 2025 13:36 UTC (Tue)
by Wol (subscriber, #4433)
[Link] (4 responses)
> But fundamentaly, if the trademark make it too onerous to modify the software, we still have option to declare the software non-free. This is not a legal determination.
Your problem, then, is that you are unable to copy the software without breaking the GPL !!!
I think it was Nintendo? - lost a lawsuit over "unremovable trademarks" probably thirty years ago. If removing the trademark breaks the software, then the trademark is "essential to the operation" and loses its protection.
But why is everybody so obsessed with defrauding their own downstream? Why is everybody so obsessed (in the name of freedom) with violating the GPL?
The GPL itself requires you - unless it's a verbatim copy! - to *prominently* *mark* *it* *as* *your* *own* *version*. This is the problem with Fedora - their own users simply had no idea it was not the genuine upstream article. That's a GPL violation!
The threat of trademarks is simply a way of enforcing the GPL - "If you don't add your own marks, you have to remove mine". That's not a demand to remove marks - it's a demand that you follow your GPL obligations!
Cheers,
Posted Mar 4, 2025 14:48 UTC (Tue)
by draco (subscriber, #1792)
[Link] (1 responses)
Wol, please cite the exact license text (and context/location in the license)
The only things I find in GPLv3, GPLv2, & LGPLv2.1 are:
There is nothing about "must mark the resulting version as your own"—just that it must be clear what the license is (so they know they can request source) and then that source must make the modification clear.
I dunno about flatpaks, but assuming there's some way to track them back to their sources/build recipes, then it should be clear they're based on the RPM.
RPM versions inherently identify themselves as distinct from the upstream version (due to the RPM release version added) so that format plus its storage in Git by the Fedora project addresses all the license terms of use (or should).
I didn't read the terms exhaustively, so if I missed something, please point it out.
You've also filed a bug, I assume? From what I've seen, the project takes licensing extremely seriously (they've done intensive license audits, catching numerous violations and defective licenses that other distributions missed)
Posted Mar 4, 2025 19:44 UTC (Tue)
by Wol (subscriber, #4433)
[Link]
> 5. Conveying Modified Source Versions.
>You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
> a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
> 7. Additional Terms.
> c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
Hmm ... so it sounds like misrepresenting the origin isn't *automatically* a GPL violation, but it's certainly acceptable for it to be one.
Cheers,
Posted Mar 4, 2025 18:10 UTC (Tue)
by ballombe (subscriber, #9523)
[Link] (1 responses)
Quite the contrary. I do not want to defraud anyone. If upstream does not want that I distribute modified versions, I will not do it. But then I will not consider the software FOSS. That is as simple as that.
Posted Mar 4, 2025 19:50 UTC (Tue)
by Wol (subscriber, #4433)
[Link]
So why don't you care that *your* *downstream* has no idea of the true origin of the software in question? It's morally indefensible (and quite likely illegal) to misrepresent someone else's software as your own; so why do you consider it perfectly acceptable to misrepresent your software as someone else's? That's what I mean about defrauding your own downstream.
(And that's why trademarks got dragged into this, that is exactly what trademarks are for.)
Cheers,
Posted Mar 3, 2025 2:15 UTC (Mon)
by pabs (subscriber, #43278)
[Link] (2 responses)
As a monopoly power, trademarks exist to control what other people do with your software. Force them to stick to your rules about what are acceptable changes, or put in a lot of effort to manually strip out every instance of the trademark. Think about the Firefox/Iceweasel situation (which we may have to go back to given Mozilla's recent changes), or Chef or Docker or many other trademark related situations. Adding trademarks littered throughout your source code is simply a demonstration of your intent to control or penalise downstream redistributors. Not adding trademarks to your source code demonstrates that you understand that FOSS means surrendering your monopoly over your own work. It also makes FOSS feel more like a *community* and less like a jungle
https://drewdevault.com/2021/01/20/FOSS-is-to-surrender-y...
People who are working for free on FOSS projects, do not register trademarks at all. It is mainly commercial vendors like RedHat, or large projects with large donation streams. Such projects could definitely afford the time to make the trademark a runtime or build-time parameter. As an example; in recent years RedHat finally released the source code for their non-upstreamed enterprise documentation. With the switch to systemd, most of it probably applies on Debian too, so I would like to package it for Debian, but their trademarks are everywhere so removing them is going to be months of work to do in my non-paid spare time, so it will probably never happen.
https://gitlab.com/redhat/centos-stream/docs/enterprise-d...
Removing trademarks from source also makes your work as upstream simpler, since making the trademarks a runtime or build-time parameter means that when you get a branding refresh, a new logo, or even a name change, then it is one change in one place, not everywhere you ended up copying it. Imagine if every Debian desktop and window manager package had a copy of the Debian logo and the Debian wallpaper, it would be a nightmare to update the wallpaper once per release, or to go from the chicken logo to the swirl logo. We sensibly separate that out into the desktop-base package.
Posted Mar 5, 2025 12:58 UTC (Wed)
by epa (subscriber, #39769)
[Link] (1 responses)
I agree that it's good practice to isolate logos, product names and so on in one place, so they can easily be stripped out or changed. A single subdirectory of the source tree would work; then package builders could remove or patch that at the start of the build process.
Posted Mar 5, 2025 13:23 UTC (Wed)
by Wol (subscriber, #4433)
[Link]
That's actually *extremely* *dangerous* to upstream, and that's why FLOSS (and the GPL) has (or should have) absolutely no problems with trademarks.
And again, that's why all this blew up with Fedora.
We're all happy with DCOs and Linux enforcing them (along with lots of other Free Software projects). What exactly is the difference between a DCO, and a trademark (other than *registered* trademarks having legal clout)?
A DCO is all about a developer taking responsibility for their code. A trademark is all about a project taking responsibility for their code. You'd get well pissed off if I submitted (broken) code and put your DCO on it, wouldn't you? So why is everyone up in arms about a project getting upset because somebody is using their trademarks to pass off a broken version of the project as being upstream's fault?
A DCO is all about taking responsibility for your own work - good OR bad. A trademark is all about taking responsibility for your own work - good OR bad. And you don't put *somebody* *else's* marks on your own work so that you can avoid responsibility when it all goes pear shaped!!!
(That's why I, and I suspect most other FLOSS guys, have no trouble with you taking my work AND ADDING YOUR OWN MARKS. The problem here, is Fedora didn't - or if they did those marks were rather too well hidden.)
The GPL actually *demands* you add your marks to the source. I actually think it's a bug it doesn't demand you add them to the binary (if distributed where the end user is unlikely to see the source)!
Cheers,
Posted Mar 1, 2025 23:45 UTC (Sat)
by Phantom_Hoover (subscriber, #167627)
[Link]
This is not a good trend
This is not a good trend
This is not a good trend
The FSF indeed says so, but they also have some reservations about degree of burden, as do some of their license analyses and as you have done in the past (in an extreme case, admittedly). Community norms seem relevant here. Firefox/Iceweasel has caused major pain in the past, and that's just one package. If it became common for upstreams to require renaming patched versions, the burden on distros (and indeed on users trying to find distro packages) could be quite substantial.
This is not a good trend
> If it became common for upstreams to require renaming patched versions, the burden on distros (and indeed on users trying to find distro packages) could be quite substantial.
This is not a good trend
This is not a good trend
This is not a good trend
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
This is not a good trend
Those problems aren't new to Flatpaks, though. As long as there have been downstreams, users have misunderstood the ecosystem and reported downstream bugs upstream, and downstreams have been uncooperative (sometimes very uncooperative). None of that is good, and it requires finesse, but it doesn't seem like a problem meriting legal threats.
This is not a good trend
This is not a good trend
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
This is not a good trend
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
terms of sections 15 and 16 of this License; or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
authors of the material; or
trade names, trademarks, or service marks; or
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
This is not a good trend
> requiring that modified versions of such material be marked in
> reasonable ways as different from the original version; or
Wol
This is not a good trend
E.g, users are always directed to the distributions bug tracker for any software running on the distribution ... Perhaps even the software developers themselves could do this
This is not a good trend
This is not a good trend
This is not a good trend
This is not a good trend
This is not how users behave. They see an error message or experience an issue, they search it on Google which will find the original author of the software and not the distribution. Especially if that error message or issue was seen in the Windows or Mac OS versions too. Users don't want to use distributions (or even operating systems for that matter), they want to use a specific set of applications (sometimes with specific versions).
This is not a good trend
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
Wol
This is not a good trend
This is not a good trend
This is not a good trend
This is not a good trend
This is not a good trend
No trademarks in upstream source
No trademarks in upstream source
Wol
No trademarks in upstream source
No trademarks in upstream source
Wol
No trademarks in upstream source
No trademarks in upstream source
Wol
caps
No trademarks in upstream source
No trademarks in upstream source
No trademarks in upstream source
No trademarks in upstream source
Wol
No trademarks in upstream source
No trademarks in upstream source
Wol
No trademarks in upstream source
* In the preamble, it says modified versions should be clearly identified so the original author isn't besmirched. It then says the exact terms are specified later, so while there's an intent there, it's not (as I read it) the binding text
* Later it says that the *sources* must be marked as modified and when (but not how)
* License must be clearly marked
* Original source must be clearly marked if in a combined work
* GPLv3 does allow you to add licence terms to strengthen this further, but it's not the default.
No trademarks in upstream source
Wol
No trademarks in upstream source
No trademarks in upstream source
Wol
No trademarks in upstream source
No trademarks in upstream source
No trademarks in upstream source
Wol
This is not a good trend