|
|
Subscribe / Log in / New account

why?

why?

Posted Oct 1, 2025 23:52 UTC (Wed) by pizza (subscriber, #46)
In reply to: why? by Wol
Parent article: F-Droid and Google's Developer Registration Decree

> But I'm rather fed up with this continually repeated FUD that merely offering software - FOR FREE - will trigger a liability under the CRA.

In other words, the ONE COOL TRICK to avoid any sort of liabilities for the quality of your unabashedly-commercial software is to publish it for anyone to download for $0...

That seems quite suboptimal from a public policy perspective.

After all, why would anyone ever sell hardware with anything other than the bare minimum software (ie some sort of bootloader) to install install a free[1] operating system from someone else?

[1] gratis, not libre. Because development costs (and potentially significant profits) are covered by hoovering up data about everything you do, mining cryptocurrency on your hardware, forced advertisements, etc etc.

to post comments

why?

Posted Oct 2, 2025 7:18 UTC (Thu) by johill (subscriber, #25196) [Link] (2 responses)

Yes, in a way I guess you could? But ...

>> Yes there are anti-evasion provisions in place

and if you sell hardware that's useless without (specific) software, you trivially trigger these. So you either don't have a business model (sell hardware that's actually useless) or you have the CRA (sell hardware and software in combination.)

why?

Posted Oct 2, 2025 17:11 UTC (Thu) by pizza (subscriber, #46) [Link] (1 responses)

> if you sell hardware that's useless without (specific) software, you trivially trigger these [anti-evasion provisions]

I can buy a operating-system-less PC from numerous vendors large and small, with the full expectation that I will install an operating system of my choice onto it.

Who is responsible for my chosen OS working (or not) on that hardware combination? The hardware manufacturer(s), the OS vendor, some random person in Nebraska, or me?

Anti-evasion provisions in the CRA

Posted Oct 2, 2025 17:50 UTC (Thu) by farnz (subscriber, #17727) [Link]

In all cases, if you buy the hardware without software, you are responsible for your chosen OS working, unless the vendor you bought from explicitly represented to you that the hardware would work with your chosen OS - e.g. "yes, you can buy and install Windows 11 on here", or "we recommend Oracle Solaris for this hardware". That's long-established, and predates the CRA.

The new liability the CRA adds is that they are also responsible for you being supplied with updates to security issues at no extra cost for the lifetime of the product, as long as they've done something to become responsible for your chosen software working. They can't say "well, we can persuade RHEL 7.5 to work, as long as you don't upgrade to a later RHEL version, so we're done"; they need to ensure that you can get security updates at no extra cost until the expected end of life of the hardware.

In turn, expected end of life is not defined by the vendor; for a high-end PC, it could well be 10 years, and so a system they sell that's designed to support RHEL 7 might also have to support RHEL 8 because you can't get the security fixes for RHEL 7 after 2028.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds