Linux Foundation Announces Open Compliance Program
Major names in open source and enterprise lend support.
The Linux Foundation began LinuxCon with a bang when it announced the formation of the Open Compliance Program, Tuesday.
The Open Compliance Program is an initiative meant to help companies abide by open source licenses and alleviate legal concerns within the marketplace. The program consists of six elements:
Training: The Linux Foundation offers additional documentation and training models that cover open source licensing fundamentals and activities geared toward enterprise. The foundation also will offer offer on-site or online training.
Tools: The Linux Foundation also developed complementary tools to improve due diligence. This is done via three tools, a dependency checker that identifies code combinations at dynamic and static levels, a Bill of Material (BoM) Difference Checker, and a code janitor that provides linguistic review capabilities. The Code Janitor ensures that developers don’t leave comments in the source code by scanning source code files for a series of keywords stored in a database.
Self-Assessment Checklist: A checklist developed by The Linux Foundation that gives companies a list of compliance criteria to self-evaluate a given project’s level of compliance.
The SPDX Standard and Workgroup: A labeling standard meant to easily identify and categorize open source components within a project. Visit www.linuxfoundation.org/workgroup/spdx/ for more details.
A Compliance Directory and Rapid Alert System: The Linux Foundation created a master list of compliance officers at companies implementing open source code in their commercial products. The database can be accessed and added to by visiting http://www.linuxfoundation.org/programs/legal/compliance/directory/
Community: These tools join the FOSSBazaar workgroup. The workgroup can be found at FOSSBazaar.org or http://www.linuxfoundation.org/workgroups/fossbazaar/.
“Our mission is to enable the expansion of free and open source software, so we created this program to give companies the information, tools and processes they need to get the most out of their investment, while governing the software,” Jim Zemlin, executive director of The Linux Foundation said.
Along with those tools, The Linux Foundation also announced the founding participants in the program. HP, Intel, IBM, AMD, ARM Limited, Cisco Systems, Google , Novell, Samsung, Adobe, Nokia, NEC, Motorola, Sony Electronics, and Software Freedom Law Center are all members of the Open Compliance Program.
“By creating the Open Compliance Program, The Linux Foundation once again has stepped up to the challenge of providing the unifying force in an arena experiencing explosive growth, while decreasing the FUD around Linux and Open Source. IBM proudly supports the Open Compliance Program, which is an invaluable step in furthering the standards, tools, training and certification so needed by the industry,” said Dan Frye, VP open systems development at IBM.
Currently, the foundation has released initial builds of the complimentary tools and encourages developers to contribute to them. The BoM Difference Checker will be available later this year. A finalized version of the Self-Assessment Checklist will be formally released in Q4 2010. For more information about the Open Compliance Program, visit http://www.linuxfoundation.org/programs/legal/compliance/.
Symantec says Linux-Darlioz burrows in through PHP.
Dell renews its quest for the ultimate developer machine.
Innovative back door looks like normal SSH traffic.
One of CeBITs most successful forums opens the new year with a new name. The popular Open Source Forum continues in 2014 under the name Special Conference: Open Source. This year, the forum will be bigger and offer a wider range of possibilities for sponsors.
New release offers better graphics drivers and expands filesystem support.
New mail protocol will shut out the NSA and prevent snooping on metadata.
A new web application helps users visualize distributed denial-of-service attacks.
Ubuntu 13.10 takes a step toward convergence, with lots of mobility, but Mir only partly here.
Galileo board is targeted to embedded developers and educational institutions.