Bra podcast
Sveriges mest populära poddar
FLOSS 815
Jonathan: Hey folks, this week, Randall joins me. We talked with Matthias Schakla about open source and the law. We can talk about, uh, contributor license agreements, software licenses themselves, and lots more. You don't want to miss it. So stay tuned. This is Floss Weekly episode 815 recorded Tuesday, January 7th.
You win some.
It's time for Floss Weekly. That's the show about free Libre and open source software. I'm your host, Jonathan Bennett, and we've got something a lot of fun today, but also really, really important. And, uh, if you are, but let's see, let's count. If you're part of an open source project, If you're doing any security research at all, uh, if you're an employee anywhere in the IT sector, you probably need to pay attention to this because we're talking about the, the intersection between the law and open source software and probably other technology questions.
And, uh, it's not just me, of course, I've got a lovely and talented co host, as we like to say, Mr. Randall Schwartz. Welcome.
Randal: Hey, Jonathan, thanks for having me back on this show. This is great.
Jonathan: Yeah. Thanks for jumping in kind of at the last minute. My scheduling got further behind that I wanted it to. And so last night I was just messaging a few people like, I know it's like 10 PM where you're at.
Could you please come on the show tomorrow? And I asked Randall, he's like, yeah, yeah, yeah, sure. I'll do it.
Randal: Yeah, uh, well, I was looking at, uh, at this week's schedule and I said, Oh, Tuesday, I'm blocking out FOSS Weekly. I wonder if I'm needed for that. And that's when I contacted you at 10 o'clock last night saying, I still have an open slot tomorrow morning.
What do you think? Yeah, it worked out.
Jonathan: It worked out. We are. It worked out real well. Um, so our guest is Mattia, Mattia Cioche. And I, I'm sure I killed that last name. I did not pronounce that correctly. It sounded right in my brain and then my lips started moving and it was terrible. Um, but he is a legal expert and sort of a geek.
And, uh, he said it's been a while since he has compiled the kernel, but used to do it all the time back when he was running Gentoo. And, uh, I think that makes him one of our people, you know, at least, uh, one of my people, I think tangential to being one of Randall's people, right? Have you ever compiled the Linux kernel, Randall?
Randal: I don't believe I ever have. It's true.
Jonathan: That's all right. We still love you.
Randal: I've installed it a few times, but it's not my primary install when I pick up a computer. So yeah, sure.
Jonathan: So let's bring it. Mattia on welcome, sir, to the show. Hello. Uh, it's an honor to be here. We are absolutely thrilled to have you.
Um, so what, let's start, let's start with your background. Because you, you come at this from sort of an interesting, uh, direction. Your, your background is mainly the law and the, the IT computer stuff was sort of a hobby that got picked up. And then from what I understand, it's sort of become part of your career now.
Matija: Um, yeah, that's the long, long short version of it. Um, so. The longer, slightly longer version is, I've been interested in computers since forever. Um, me and my brother Noah, we had, we got some really old books on computers, um, which, that included like, uh, you know, the whole page is full of basic, um, that you could, you know, type in to your computer to get, uh, something that looked like Tetris out of it.
It never worked. Because that was some other basic and we tried it on DOS. So the QBasic didn't work, but we spent like days doing that. So I then got infected by the Linux virus, mid nineties at, uh, uh, high school. Um, because there was like all these computers in the hallway, um, that you could use to go online and all had, you know, nine, Windows 95 or 98 or something like that.
But in the middle there was this one with black screen, white text.
Jonathan: But what I
Matija: saw is like, they changed, like on every other computer, it took like, because we had like the whole high school had a dual ISDN line for the whole school. So somebody knows what that meant, right? Uh, I see nodding, which meant that when you logged into your Yahoo mail, which was usually what you had back then.
And you know, the Netscape times, um, it took like the whole break before you managed to log in. And so you, you saw you had new mail. So you, then you had to go through into the next break and try to be the first one at the computer to manage, to click on the first mail, to see what it is. But then on the.
That black screen computer I saw like people rotating and it turned out that was a Linux machine and people had mails on the machine itself. And I think we used the pine or something like that. I think it was already pine. And so we just learned from each other how to use this weird contraption. Um, so, you know, we learned how to use, I apologize, the program was actually called like that, uh, Bitch X, which is an awesome IRC client back then, um, especially with the ASCII art.
Yeah. Um, and we learned together how to use that machine. And then through that I got into the, into the early essays, uh, by Stallman and, uh, uh, from the esr Cathed, yeah. Sr. Yeah. Um, and that's kind how I got into the whole thing. Um, but I always want, I always knew law was what interested me in general. Um, and that's another.
You know, interesting story why, but that was kind of how it went. It's like always while I was studying law, um, I was also part of the local hackerspace, um, so, and the Linux user group. Um, so, you know, I don't have any IT, um, training official, but, um, I've dabbled with it for a while. Many years. Far from being a good coder.
Far from being a coder.
Jonathan: I do some tech support for some lawyers, and I just have to say, The fact that you know what Linux is, puts you so far ahead of some of that crowd. Yeah.
Matija: I mean, I probably run around a different crowd of lawyers than the average crowd of lawyers. Yeah. But yes, in general, I do agree.
Like, when I remember when, when it was, when, um, at university, yeah, it was, turning on the PC was a challenge for some people.
Jonathan: And so did that, did that kind of affect the, uh, the trajectory of your career, your legal career that you knew sort of this, this whole. computer and open source side of things existed.
Um, is, is that sort of where you, where you went with your legal career?
Matija: Um, kind of maybe, but it was also a bit of a chance. So, while I was, um, working, uh, with the hackerspace and, uh, and the Linux user group, um, we did, you know, we clearly, we did some advocating like in the late 90s and, you know, against software patents in Europe, et cetera, et cetera.
Um, I did. You know, through that, through advocating for more FOSS and, uh, and all that, um, I found out that there's actually a pan European, um, organization that does that, uh, the Free Software Foundation Europe, which is like the sister, uh, organization of the USFSF. Um, and I messaged them, just said, well, you know, you know, do you have anything in Slovenia, which, which is where I'm from?
Um, and if not, can we do anything? And they said, yeah, you just, you know, there you are, you know, you should start a chapter. And so we did. Um, and then at some point, um, when I was volunteering for the FSV as a, you know, running the Slovenian chapter, um, at some point, In my studies, um, there was a, I had an option to go study abroad, um, and, uh, in the U.
S. actually. And, uh, I, um, asked the president back then, of the FSFE if that was okay, um, because there was some, you know, then I wouldn't be in Europe anymore, et cetera, et cetera. And uh, he messaged me back like saying, I'll, um, I'll give you a call and I'm like, oh crap. What did I do now? Um, and so I run out of the law, uh, faculty's library and I, you know, pick up the phone and, you know, that's still when, you know, even in Europe, you know, the.
And he was in Germany, I was in Slovenia, that was still like kind of a costly call. It wasn't super expensive, but it wasn't local yet, as it is nowadays. So, um, I pick it up and he's like, well, we actually wanted to, we wanted to employ you. Like, what? So, that's how I became, uh, FSFE's, um, What was it called back then?
Legal coordinator. So I was responsible for open source or free software, uh, legal matters within FSFE. And that kind of, I'll be honest, I mean, if that didn't happen, I don't know what I would have been nowadays, because that, you know, not just, you know, open doors, et cetera, but introduced me, part of the, part of the job was, um, there is this, uh, legal network.
Um, that, uh, FSFE facilitates, which is the largest, uh, network of, uh, FOSS specialists, lawyers, and technical people who have a lot of knowledge when it comes to, like, license compliance, etc. Um, and, uh, for many years, I was in charge of that network. So that's clearly, you know, you learn a lot on that by that, doing that by.
Organizing conferences for, and workshops and all that great stuff. Um, so that's, that's how it happened. And I'm very grateful for that because otherwise. I don't know, I would probably as a, just, you know, a box standard attorney, I probably wouldn't be great, pretty good at what I do, but, you know, when, when I was looking for a job and I was looking at my grades, um, in school, because I know I was, you know, Helping with the hackerspace, you know, it took me forever to finish law school.
It was, you know, on paper, this was not looking good, man.
Jonathan: Yes, I very much get that. My, uh, my college career went very similarly to that. Uh, so one of the things that Randall and I were wondering before the show, Is, are you a, and I don't, honestly I don't even know how this works for sure, are you an American lawyer, a Slovenian lawyer, are you licensed in both places?
How, how does that, that bit of international law work?
Matija: Um, I'm a lawyer, I'm not an attorney. That's the first thing. So I am, I am, I finished Master of Laws. Okay.
Jonathan: So
Matija: I have, um, it's because it was the old system. It's, um, we're not allowed to call it LLM, but it translates to LLM. Um, not the new LLM. Not the new, yeah, yeah, yeah.
We're not talking about artificial intelligence here. We're talking like the title. Right, right. And, um, but then if you want to be an attorney, so attorney at law, that means you can represent people in court. I mean, there's to, to some extent, to some level of court, anybody can represent. Right. But from a certain point onward, you have to have an attorney.
Um, and that is, and different places have different, uh, exams, how they do that. Um, and, um, Um, when you do an exam, you're only allowed to do it in that jurisdiction. So even in, within the EU, if I did mine in Slovenia, I couldn't be practicing in Austria, which is across the border. I would need to take, I would need to take at least the partial exam to get it re evaluated from just for Austrian law.
Because the, the thing is like, Counter to how, you know, tech and, and natural sciences work is like jurisdictions, like every country has their own laws and their own history of laws. So you need to be trained in that specific history. Um, so I'm not admitted to any bar. So attorney at law means also like.
In English, it would be a barrister, um, so that is, you know, when you take the bar exam and you're admitted to the bar. Got it. I
Jonathan: appreciate the, uh, the clarification there. Um, Randall, this seems like this would be a good, a good time for you to, uh, fill us in on your, your history with legal issues, and maybe we can kind of jump off from there.
Randal: Yeah, so I also wanted to jump in with like maybe what you're closer to and say the U. S. would be like a paralegal, which is somebody who isn't a lawyer because lawyer here actually means probably the same thing that attorney means to you. If I say somebody is a lawyer in the U. S., they, they are somebody who can represent me in a court, in all court actions, things like that.
So, um, so I think, I think our terminology is a little different here in the U. S. So I would say you're probably closer to someone who can do filings on behalf of people and, and, uh, and, and, and understand the law in an area and have been at least certified to a certain degree. That, that would be paralegal here.
I don't think so,
Matija: honestly. I think paralegal is somebody who just has, uh, who just has an exam. It doesn't have like the whole schooling.
Randal: Oh, okay. Okay. Maybe, maybe not, but here, here, a lawyer and attorney mean exactly the same thing. There's not a distinction for those.
Jonathan: Although that may be, that may be one of those cases where if you're a lawyer, there is a distinction, but just for the rest of us, we don't know what the distinction is.
Maybe that might be what's going on there too.
Randal: A software engineer, not a programmer. Okay. Okay, here we go. It's probably the same sort of thing. I'm not a coder. I'm actually a software engineer, right? Like that means anything really come on guys Um, so just uh, just the brief version many people in our audience are familiar with my legal case But just to bring you up to speed a little bit on that Uh, I, uh, I am, uh, I am a three times over felon as a result of doing my job for one of my clients with a bit too much enthusiasm, as in I was doing, uh, unsolicited pen testing.
Jonathan: Uh,
Randal: against a machine that, uh, was no longer in my jurisdiction, but had been earlier and I was still concerned about the new people that had taken my job over there. So, uh, so I just got crazy and started doing some pen testing without asking my boss. And, uh, that eventually led to cops showing up at my door and, uh, 270, 000 later, um, I'm still ultimately restricted from going to Canada or Australia.
Although I've been in 68 countries, I can't go back to Canada or Australia ever again, uh, which is really just weird. But, um, uh, I think from that, I actually want to start asking questions about liability, uh, in an open source project. So here I am contributing to an open source project. How careful do I need to be as an individual contributor, contributing to a business project that the project's not going to get in trouble somehow, but also like, I'm not going to be individually liable somehow as I'm contributing.
That was kind of my first volley of a question.
Matija: Oh, that's an ungrateful question because that like literally I just started reading there's there's you guys in the US have the executive order number, whatever, whatever, uh, national security thing, uh, that was a big thing like five years ago or a few years ago.
Um, And I did read through that one, uh, because of work, um, and I'm just right now reading the European kind of variation of that, which is the Cyber Resilience Act, um, and I haven't gone through it yet, um, so I know just, you know, Secondhand information, um, but from what I gather so far, at least it, it depends on jurisdiction to jurisdiction, but in this case, it would be like EU will be pretty stable.
Standardized between itself, uh, within itself and, uh, U. S. will have its own thing. And then I think Brazil has something already cooking if it's not done yet. Um, so there is legislation happening on that case, uh, on that side. Um, I don't know about the rest, but from what I seen. And, uh, in the CRA, so the Cyber Resilience Act in the EU, um, I noticed that the, uh, the, the likes of, uh, the FSFE and, uh, OSI, so the Open Source Initiative, and I think the Eclipse Foundation was involved as well.
Um, they were very involved with the European Union, uh, when it came to, you know, Honestly, to lobbying to make sure that FOSS gets excluded or, you know, gets preferential treatment. Um, and to some extent that's what happened. Um, so, in your case, I mean, you were pen testing, that's different. That's not contributing to an open source project, let's be honest.
Um, And I don't know enough about that case to, you know, make it sure, make a statement, what I think about it. Um, but, um, yeah, it sucks to be you.
Randal: I have said that frequently. Yes. Yeah. Uh, but, but, but we, there, there are issues, I think, both from the level of civilian penalties, as well as criminal penalties, if you cross certain lines, even being an individual contributor to an open source project. Right.
Matija: Um, the question of an individual contributor is a good one.
Um, because from, again, I haven't finished reading it yet. Um, but from what I've read in the CRA, um, they do distinguish between Manufacturer which may also include open source project or components or, you know, maybe the whole thing is an open source thing and then they just make money, um, shipping it on, you know, Computers or, or offering as a SaaS or whatever, and, um, open source stewards, that is actually like a defined term in the, in that law and, um, open source stewards is defined to encapsulate things like, um, like the Eclipse foundation or, you know, you're Linux Foundation is already kind of huge.
Um, they do a lot of stuff, but you know, kind of like those, like GNOME Foundation, KDEV and stuff like that. So you have like, it's a preferably non profit or not even necessarily an organization that is a steward of an open source project. Um, they may have, they may get some money from donations or otherwise to work on it, but they're not.
You know, they're making the software, you know, publicly available and they're not necessarily primarily monetizing it. Um, and there they got like preferential treatment according to the CRA. So this is what is happening, at least in Europe is that we've seen now that the trend is that. for years now, they, they, they had preferential treatment for small and medium enterprises and, you know, even micro enterprises, of course, um, that they're now also are starting, like starting to, um, make exceptions also for FOSS, uh, how that works in the U S I don't know.
I've followed the, that executive order and, um, That's as far as I got, um, because that was, uh, relevant for work. Um, but, the, and, and here's a, as I said, this is what is interesting when you point it out from an individual contributor is,
Here, in this case, it could be like a company is using, you know, some foundations, open source software, the company would need to make sure that it's secure. And it has, like, depending on how serious the use case is, um, whether it's critical or, or just severe or just You know, everyday stuff, um, depending on the severity of the use case, they have different levels of what they need to, how much they need to take into account that the use of that software that they, you know, manufacture, you know, this is actually secure to use, uh, safe to use.
Um, and then the foundation, the open source foundation. The project has a much, much, much, much, much lower, um, barrier they need to meet, meet is, um, I, I mean, there's one of the obligations is, for example, if you see as a manufacturer, if you see a, if you find, uh, security hole, you have to report it to the EU agency.
That's, you know, for security of software. I forgot what the name was. It's a new one. Um, and also if there's an upstream also reported to the upstream, and if you have a fix, ideally also ship the fix. So in this use case, it would be if the, if the company finds a bug in the open source component and they patched it, they have to report it.
And then they also have to submit the patch. The patch with the report to the upstream, uh, open source, uh, project as well. Um, and there's, you know, the open source project doesn't have as many obligations. I don't think there's, I think they need to, again, I haven't gone that far. Uh, so, so far it seems like they might need to report an issue if they found a serious issue, but they don't have to do it in 24 hours because there's, you If you're critical infrastructure, you need to report it within 24 or 48 hours.
Um, and I don't think I've seen individual contributors mentioned yet in the text. So that's an interesting question. It is a good question who they would be, who they would be liable to. I mean, most Pretty much all open source licenses have, you know, the, as honestly, pretty much all software licenses. We don't, there's no warranty to the extent, to the extent permitted by law, et cetera, et cetera.
So it's going to be, I would say, following on that, I would say that, building on that, I would say that the contributor wouldn't be liable Unless they would be liable under just general law, period. For example, like, if they would be, if they were malicious interacting. So, and a malicious actor would be liable regardless.
Um, uh, but a, you know, if a contributor just, Made a boo boo. I don't think that would be a big problem. Um, but again, haven't finished reading it yet. So just got feelings so far.
Randal: As a follow up to that, I'm looking at the angle for individual contributor to an open source project. I think one of the other obligations as an individual contributor I have is that.
Uh, the, the chain of, of creation is proper. In other words, I created this software, therefore I have the rights to contribute it, but we can get into trouble by, uh, taking things that actually have proprietary licenses or incompatible licenses and contributing them to an open source project. And I just, that's one point that I want to look at, but I also, I'm thinking about.
Like licenses, like say the Mac, Mac OS user licenses, you have to be running on Apple hardware. Does that mean that if I'm using a hackintosh to make software that I'm contributing to an open source project that relates to a Mac M M where, where did that cross the line and is the project liable for accepting my stuff?
Or am I the only one liable here? Cause I'm the one that violated Apple's contract. I mean, where, where do we go there? Wow.
Matija: I mean, you'd be the one who violated the Apple's contract. So that, that would be on you. I mean, how, how would, and, and, I mean, there's also what you, what the output of your work here.
And I'm slightly oversimplifying here, of course, but it's also like. If I understand the situation here is, it's kind of like, if I use a, if I use a cracked pirated version of, for example, Microsoft Office to write a document, who's, who's liable for using that document? They're like, I don't care. I mean, the document is a separate piece of work.
It just happened to be, you know, I managed, I, I did something illegal to get it. done, but, um, the document itself should be fine. There's no, you know, if, if that was a problem, we'd be in all sorts of hell.
Jonathan: I I'm, I'm curious with this idea of, uh, the individual contributors and liability for open source, uh, in the United States, we've seen, I don't think it's a Supreme court precedent, but we've seen a court precedent that. Source code is First Amendment protected speech. And I'm wondering if that helps. Like, does that help protect the individual contributors?
When we're talking about these projects.
Matija: I'm not U. S. trained, so I do know a bit of U. S. legislation. I do have a Harvard online course in copyright, in U. S. copyright, apart from my own master's, but, um, I think like the First Amendment gets thrown around quite a bit. Um, and, uh, From the history I've heard about the First Amendment, it's, um, it's been stretched in different ways and different forms through the decades, so I don't know how that would work.
Um, but
I'm not sure. I'm not sure. I'd be, I'd be, literally, I'd be just pulling something. Well, ding,
Jonathan: ding, ding, ding. We've
Matija: stumped the expert. No, I mean, I can theorize on it, just that this is not a jurisdiction I'm familiar with. Familiar with enough, you know, specifically the first amendment. I'm not as familiar with the first amendment to make it I can make an educated guess but right well I don't know if an educated guess would be a fair answer at this point
Jonathan: So I mean we we see things the United States like there are there are open source projects that are essentially Malicious software, right?
And so, you know, someone will publish it and throw on there, you know, this is for uh Entertainment not even entertainment education education purposes only gets published under an open source project license And then the next thing you know that piece of software is used in an attack somewhere and I don't know that i've ever seen someone get Prosecuted just for writing the software and my understanding has been that that's always basically been because they are protected because that is protected speech, even though it's code.
Matija: Eh, I think it's more like if, if it's, like it's similar to the, um, to the CRA here, right? When I said, I mean, if, if it's an open source project, they're not liable, but as soon as you, you know, use it, the, the one who's using it is liable. Um, and I mean, from the first amendment, I mean, here's the way I would approach the first amendment question is, um, if I.
Violated, if I copied like half of, you know, let's, let's, let's use a blatant, um, examples. If I copied like half of a Disney movie, um, and remixed it a bit, maybe, and then release that as my own. Would the First Amendment protect me? I mean, it would probably protect me that I can say that, but I'm still gonna get into trouble.
I mean, nobody's preventing me. Nobody's telling me I'm not, I can't do that. It's just that, you know, I will face the consequences. So I think it would be similar in this case. But again, I'm not an expert on the U. S. constitutional law and its amendments, but Sure. So, um, but you're, you're the other part of, uh, Randall's question was, um, if I understood you correctly, was the liability for introducing not a security issue or a bug, but, uh, introducing a license issue or copyright infringement.
Um, and that's something I'm usually working with. So that's more of a home territory for me. But if you, but, um, if you had a. Further question, just please continue and we can get back to that one later.
Jonathan: No, I think that's an interesting, an interesting direction to go. Um, and one of the, one of the things I saw that you were involved in is some, some, uh, some CLAs.
The, uh, the, what is it, the CLA 2. 0? What, um, Fiduciary License Agreement. The FLA 2. 0. Yeah. Okay. So that's, that's kind of a, it's, it's one of the solutions, I think, to this question about, you know, licenses and whether they're compatible, at least it's something that I've seen businesses try to use as a solution is, well, we'll just have everybody sign a CLA and then if we find a license incompatibility in the future, well, then we can just relicense it.
And, uh, I, I'm, yeah. I'm very curious, like, kind of your perspective, maybe even your background on the idea of CLAs and what the FLA 2. 0 is and what the purpose is.
Matija: Ooh, oh yeah, that's a, that's a pet project of mine. I actually, my master's thesis was specifically about the FLA, so the versions 1. x and the 2.
0 was a result of my thesis. Um, but you know, if we just go back to the basics, as if, you know, as Randall said, like, what you're, what you're As a project, you're getting in code, you have to understand there's like this concept, you know, you, you understand the concept of inbound and outbound code or, you know, upstream, downstream, right?
Um, so the same is with rights. So, you know, rights have to flow with the code. Otherwise, you're not allowed to do anything with it. Because of copyright and it being automatic and all that stuff. So you also have like inbound licenses and outbound licenses. So the outbound license of a project would be, you know, what you would typically find in the readme or the license file.
So this is everybody out there to the public. This is the license the project is published under. It, you know, in practice, it gets more complicated. There's usually like a dozen of them in there. But, you know, let's keep it simple. Um, and, you know, typically a. Open source project pretty,
I'm not going to say easily, maybe sometimes too easily decides what their outbound license is and then they try to backpedal later on. But, um, at least, you know, that's a relatively, you know, at least you have like one main license that you choose as a project. But then, you know, if every piece of code is protected by copyright, By default, um, then what do you do with all the contributions?
So the contributors have to agree to give it to you under a license. So for a long time, and, you know, still, um, the assumption. Was, and it is an assumption, you know, this has to be said. If it's not explicit, it's an assumption that contributors are contributing the code under the same license that the project is under.
Um, but that's an assumption, right? Um, and that is usually called like the inbound equals outbound, um, licensing situation, which is, uh, I think a term that Richard Fontana coined. Um, he's a really smart lawyer, uh, with red hats. And you can formulate, the best way would be that you formalize that. You put somewhere in the README or some other documentation that's easy to find, a contributing file or something like that, where you explicitly say that, you know, every contribution you make is going to be under the same license as our outbound license.
So if the project is under GPL2, then whatever you contribute is under the GPL2. Like, for example, for the Linux kernel. Then, as you guys alluded to, there's, there's, there's The CLAs and CAAs. So, and there's a distinction, a small, but big distinction between the two that people mix up because, um, a CLA is a contributor licensing agreement, um, which means that it is an agreement on what the licensing will be for contributions or between contributors, and that can be whatever.
That is a very, very broad spectrum. What you can write in there. Um, It's just an umbrella term. It's like, you know, just basically, you know, this is our inbound licensing policy. Um, But then you also have, um, the CAAs, so which are copyright assignment agreements, which, you know, means, you know, if you sign that one, you're assigning all your copyrights to, you know, this project or this company, typically.
And this is usually, you know, people conflate the two, uh, you know, some companies explain especially make sure that they, they're vague about that. They call it the CLA, but in practice, it's a copyright assignment. So you actually need to read the text to figure out the difference. Um, and that's, you know, that's as Randall said, I was like, that's, you know, the basis of it is if, you know, the company has, if, if, They only allow contributions that are, that have signed a CAA or CLA, all the contributions are covered by those.
And then, you know, the, the upside is that the company or open source project then has all the rights it wants. or needs to change the license if they need to do it later on. For companies, there may be different reasons for, you know, open source foundations or projects. There could be different reasons to do that.
Um, CIA is the, the copyright assignment is like the Most extreme way, but then you have like with the CLA, as I said, there's a big spectrum and the fiduciary license agreement is one of those. Um, and the fiduciary license agreement specifically What it does differently than most CLAs is that it ensures that, you know, first of all, you know, if I signed the FLA, um, you know, for example, like even with a company, like, let's say I signed the FLA with a company.
And that means I give all my exclusive rights. Um, and, you know, we can discuss this, there's, you know, jurisdiction reasons why you cannot assign full copyright in most jurisdictions, um, outside of US, um, mainly most of Europe, you cannot assign copyright, period. You can just assign exclusive rights.
Effectively, same crap, but different and for practical purposes, this is like 99 percent the same. So with the FLA, I would assign all my rights to the code that I contributed to the, you know, foundation, um, company, whatever. Um, but the company foundation would at the same time contribute, uh, give me back a non exclusive rights of the exact same kind, like everything that I could you know, gave them the rights to, I get all the rights back.
They keep the exclusivity, but I get non exclusive rights and I can do with my code, whatever I want. So I can still, I can run my own code as a closed source. If I want to, I can contribute to a different project under a different condition if I want to. The only difference is that they keep the exclusivity, which is a bit not really because I get a full copy of the rights as well.
Um, so that's. One part of the balance and the other part of the balance that the FLA brings is crucial and that is that as soon as, um, that it includes the clause that the fiduciary, so the company or foundation that received my rights, they are under the obligation by the FLA. They're under the obligation to keep the code that I contributed to them also under an open source license.
So they can, they can run a dual license situation where they have a proprietary version that they monetize or whatever. But my code, if there's code in the, proprietary version that I wrote, that, that code also has to be present in an open source version. And if they don't do that, I can just say, I can automatically say, well, I returned, I, you know, you broke the FLA.
Which means you don't have my rights anymore. So they lose, automatically lose the rights to my contribution. So that's the, that's the interesting part of the FA.
Jonathan: Yeah. And so I, I'm, I'm, I'm super curious that that bit right there, that they lose their rights if they break it. Like that's, that's in a lot of other open source licenses, I believe, like that's part of the GPL and, and all of that.
I, I think, uh, something, something sort of to that effect. Yeah. Um, it, it in that it has, it's, it, it is. Ideally, it has some teeth, right? Of some sort. Um, has, has that ever actually been tested in court?
Matija: Yes. How did that go? Um, I don't think I'm allowed to say because I was. Part of the, I was part of the, it was not part of the court case, but, um, there was a situation where a company and a different company, um, both held, uh, used code, a lot of code, um, that was contributed, that was, uh, under the FLA to a different entity, to a foundation.
Um, and they, interestingly enough, they sued each other. So the company and the company, the other company sued each other for copyright infringement, which was interesting because most copyright, like most exclusive rights were held by the foundation. Right. So the foundation had to go, you know, had to, it wasn't directly involved in the court case, but, You know, they had to bring in statements, et cetera, et cetera.
Um, and because that's when I was kind of involved with the foundation. I don't think I'm allowed to say too much, but it did it, I can tell you, it does have teeth. Both companies are still alive and there's a, there had to be a three way agreement on how to settle that. And it was settled in a way where, um, both companies and both projects are alive and they both have to also be open source.
Jonathan: And so that was the, the FLA. And so it, it survived because I know this is a,
Matija: It was in court, but it was, it was settled. So it wasn't,
Jonathan: I know this is, I know this is one of the things that it's kind of like a nightmare scenario to some open source people. It was pretty bad. Well, so the, the nightmare scenario is that the, say the GPL, Gets pulled up in a court case.
You've got a, you've got a court case and the GPL is the center star. And in that court case, the judge looks at it and goes, for reason XYZ, this is not binding, right? This is, this is not a valid license agreement. It doesn't have the teeth that you thought it did. Um, and that's, that's kind of the for, for some of us that are all in on open source, like that is the scenario that keeps us up at night.
Matija: But I mean, here's the thing is like on the other hand, um, and there's the distinction, this is going to be similar distinction as with the CIA and the CLA is what's the distinction between a license, like an open source license, um, and, uh, and a EULA. And if, you know, by default, copyright law allows you to run a piece of software as long as you legally obtained it.
So if, you know, I get some code from Randall, um, and he will willingly gives it to me, but there's no license attached, you know, nothing. Um, and I run that code. Um, he can't sue me for running the code if he didn't explicitly provide you know, prevent me from running the code. He gave me the code, I illegally obtained it.
And if I downloaded from, you know, if I found it on the internet, um, I knew that I don't have the rights in it, then I'm, you know, I'm probably not allowed to run it, but, you know, like pirated games and stuff, you know, you didn't legally obtain it. But if you did, Did obtain a legal copy, um, then, then it's fine.
So the thing is like a license is by definition something that gives you more rights than what you get by law. So an open source license is a license by legal definition because it gives you, you know, the right to use, study, share, and approve. Mm, the code. Whereas, you know, by, by copyright law, you only get the right to use it.
You're not allowed to copy it. I mean, it's copy left or right, right? Mm-hmm . So you're not allowed to copy it. So also the other things don't fall off. I mean, there's some exceptions for interoperability reasons, et cetera, et cetera. But so whatever gives you more rights as you know, the receiver, then you don't need to agree with it because.
You know, you did notice you don't have to click on I agree when you download a piece of when you install a piece of software with GPL or BSD or whatever, because you're not agreeing to less, which is opposed to the EULA, which is, you know, it does say end user license agreement, but the trick is it's not a license, it's an agreement, it just happens to be called the EULA, but it's technically it's an agreement because typically in a EULA, Um, and they differ wildly, but typically in a EULA, uh, when you read it, you notice that they tell you you're not allowed, you're only allowed to use it on X amount of CPUs, you're only allowed to use it for X amount of time.
You're only allowed to use it for certain purposes. Um, your. You're not allowed to, to, to share it. You're not allowed to do copies. You're not allowed to do basically anything. So you agree because you get less rights, uh, through the EULA, you actively have to agree with it as you know, the other party. Um, because it's not in your benefit.
It's, it's, you know, compared to just copyright law, it is, you know, potentially to your detriment.
Jonathan: Interesting. Are there, are there any cases where like, and this is a question from David Ruggles, one of our live audience members, uh, are there any cases or what would happen if different nations? Treat the same open source license differently.
Are there is that happens? Yeah, so what what what do you what do we do? Like what's the that just has to make everything more complex, right?
Matija: I mean it does but so coming back to to finish that thought on the GPL where you said what happens if If if a court says well the GPL is you know, it's not it's worth this piece of paper piece of text It's what happens then so that means that the GPL You Didn't give you all the four rights or the four freedoms.
So, you know, the cop, the copyright owners, uh, are the ones who still have all the rights. And, um, so depends on what you're looking at. If you're, you know, if you're. The court cases rarely go into the point of are you allowed to use this as an end user. They typically go into the, into, oh, somebody violated the GPL because they didn't provide the source code or they didn't provide the, You know, provide the full source code or they didn't mention it's under the GPL to the, to their users, et cetera.
And in that case, if the GPL went away, you are still completely violating the copyright. So, so, eh.
When it comes to treating licenses differently, interpreting licenses differently in different jurisdictions, that actually does happen. But that's also, you know, it's, it's a question of, What is, again, what is the issue here is like, I know that I think there was a Chinese or a Korean court case that was a bit different than what you would expect.
Um, but ultimately it didn't, you know, it's usually the court cases, um, in most jurisdictions out there, of course. You know, U. S. and the U. K., et cetera, do have this common law system where you have to take into account legal proceedings, et cetera. In most other jurisdictions, the law is the law, and the court cases are court cases.
They're between the parties. Um, yes, you know, in If it comes to a, you know, very high instance, you know, it would be odd for a lower court to, to say otherwise than the higher court in an exact same or a very similar case. Um, but they would just need to, you know, argument why this is not the same as it, you know, the, you know, 10 years ago, um, uh, Supreme Court, uh, ruled.
Um, but yeah, potentially. You know, potentially it could introduce some ambiguity and the ecosystem, but in practice, it doesn't affect that much. I mean, there's very, for how long we've known free and open source software and for how, in how many places it's used https: otter. ai
And, uh, in most of those court cases, it was more like a between the parties thing. And a lot of them just settle out of court anyway. So there's what is,
Jonathan: ah, now I lost the thought. Are you, are you watching, have you been watching the, uh, the software Freedom Conservancy versus Vizio out in California?
Matija: I, I'm following on the sidelines.
I'm not deeply following. Um, personally, I mean, from, if, if I did that in Europe, I would Take a different approach, but this is also probably a bit of a, you know, jurisdiction difference. Um, but, um, yeah, it's an interesting one. It's an interesting one. It's let's see happens. Um, it's is it going to like, what, whether it goes one way or the other.
Will it defect the whole world? I don't think so. I mean, it's, you know, we we've been People do, in other jurisdictions, do sometimes quote, you know, courts from other jurisdictions. But that's, I mean, if, if quoting your local court isn't binding, this is very much not binding. This is just like, somebody looked at this in their own jurisdiction, and this is what they found out.
And they're like, okay, that's an interesting thought. But I just had that thought again and then I lost it. Oh, yeah, so an example of You know different jurisdictions and different courts interpreting it differently on the mailing list of the Open source legal experts that I mentioned there's been like an evergreen discussion Or argument was whether the GPL is a license or a contract
Jonathan: mm-hmm
Matija: And, uh, in the US that's actually, you know, it, it depends on which court it goes to, et cetera. Right. Um, and then also, you know, which, what kind of damages you can expect or what kind of outcome is possible at all. Uh, and eu, that's a nonsense question because it's both. It's a license in a contract, and the U.
S. situation here is, it cannot be a contract, or at least used to be, that it's, it's, it could be weird to be a contract because a contract needs to have, um, consideration. So it needs to have, like, both parties need to have something to exchange. And that was the main argument for a lot of U. S. lawyers to say that, you know, it's not a contract.
Um, I think it was like a few years ago that it came to a, it was another court case. I don't remember. I remember which one it was, where in the U. S. where it actually did say, well, it's also a contract. But the, you know, the consideration is like all the worth that The software brings, right? Like all the rights are actually a consideration.
Jonathan: Yeah. I'm, I'm looking for this. It was a, uh, a California district court. Um, she ruled that the GNU General public License is an enforceable legal contract and I'm not seeing exactly why. Yeah. Yeah. Uh, south Korean company hand com. Yeah. Hand com. And what was the
Matija: artifacts thing?
Jonathan: Yes. Yeah. Yeah. Yeah. The artifacts thing.
Yeah. It's hand combed artifacts. Yeah. Yeah. So that, uh, that's, that's one of those, that's one of those examples of, uh, you know, it, it actually got tested and the results of that sort of changed things for, well, I guess didn't change in this case, didn't change anything, just clarified. Um, but yeah, super interesting.
Matija: Yeah. They did change, you know, the things in a lot of U S lawyers mindsets when it comes to, yeah. This situation, but yeah, it just clarified it.
Jonathan: Yeah, yeah. Okay, so I would be, I would be remiss if I didn't ask you about this, and that is, If an open source project or an open source contributor has a concern, and I can even give you, I can demonstrate one for you that, that is not very real for us, Um, I've, I'm part of an open source project and we run an MQTT server and we let people upload data to it.
And one of the things that gets uploaded is location information, totally opt in. You know, we're not collecting that, but still it gets uploaded there sometimes. And the question that we have then is, well, what about the PII laws? You know, the, the California consumer protection act and all of that. Uh, What sort of, um, you know, like what, what's our liability under that?
And I know that you haven't researched like this particular question, so you don't have an answer for me at the moment. But the bigger question is, though, when an open source project has a concern like this, where is there a place that they can turn to? Is there a, you know, a panel of experts out there?
Is there a legal group that we can say, Hey, we don't, we don't really have a whole lot of money, but we need, You know, we need opinion, but we also need like the equivalent of a lawyer on retainer just in case this blows up in our face. Is, is there any kind of solution like that out there?
Matija: Oh, um, back when I was, when I was the legal coordinator for FSFP, I would have had the answer.
Um, um, so we did use to have the, the, FSFE used to have a legal team, uh, which did comprise several, um, mostly European though. It was actually only European, but very, very experienced lawyers in these things. Um, and we did answer, like, if it was something that you can just send an email and it's not a thing that you need an attorney for, so you don't need to actually go to court or have some, you know, attorney privilege, et cetera, uh, somebody would just answer.
Um, So that was a mailing list for that. I don't know if, I think they started something similar with FSV again. Um, so that's one way I would, I would look at, uh, FSV. org and then search on their, um, legal team or whatever they call it nowadays, I think they have a. Place where you can ask questions. Um, and if it's something that's like a deep problem, like a very specialized problem, they have access to the, to the legal network.
So there's like, I think like 400 or 500, uh, legal experts on that mailing list, um, that they can just, you know, ask, um, if there's any questions. There's, I know OSI, uh, the open source initiative has, um, uh, license mailing list, which is public, um, and there's also a license review, but it's, uh, for a different use.
Um, so that one is a, that is one where you can ask potentially questions about licensing, not maybe personal information, uh, liability laws, but, um, there's a lot of lawyers there as well. Um, and, um, probably FSF has something as well set up, I don't know. Um, I was never actively involved with the FSF, so I don't know what they have, but they, I, probably they have something.
Um, so when it comes to GPL, that they might have something. Um, so that would be options. I mean, you're, it's not 100 percent sure you're going to get an answer. Um, because you have like the attorney privilege is. is a very important thing when it comes to lawyers. Um, and there's also liability. You know, if you're acting as a lawyer for somebody or acting as an attorney for somebody and you're not, especially in the U.
S., there's serious liability for that, for the lawyer in question. Um, so So, but if any, it, at least it's going to be, it's, I would say that would be the best foot in the door. Um, so it could peak, you could pick, pick some, uh, somebody's interest and they'll just, you know, answer your off list and say, well, you know, you didn't hear it from me, but maybe you should read this and this for more information.
Um, oh yeah. And the, yeah, yeah, of course. And this SFLC as well.
Jonathan: So that's the, those would be. Yeah. The Electronic Frontier Foundation and the Software Freedom Law Center.
Matija: I don't know how active they are. Right now anymore, but yes, FSFLC was, uh, had a thing going for a while. And there's also the Software Freedom Conservancy, um, that's also an option.
And clearly if you're near or if you're a member or near one of the big, Open source foundation. So like, you know, Apache, Eclipse, um, Linux foundation, et cetera. All of those have, um, legal people on board or have access to teams. So if you have a problem, especially if you're a member, you know, you ask it there and you might, you know, you probably will either get an answer or get, you know, put Told where to go.
Jonathan: Yeah. Oh, that's, that's interesting. I hadn't, I had not thought of the Linux foundation as one of the places to turn to, that's actually really useful. Um, all right, Randall, did you have any, any final questions that you wanted to get in?
Randal: It was, uh, I was just going to point out that, uh, when my case first started, the people of the EFF were very helpful in contacting me with, uh, Mike Godwin.
As sort of initial contact, and he was their point guy for years on, uh, where to go to about legal issues relating to look to your foundation's sort of charter. Of course, he couldn't represent me, so he got me directions to get to the local guys, and he also supported my local guys. And, uh, and helping me defend against that, uh, the pen testing shouldn't make you a triple felon.
But, you know, um, it was, uh, it was really interesting, um, uh, being able to work with them as an outsider. Uh, it was kind of fun.
Matija: Yeah, but maybe an important thing here also to mention is if we're not talking about the big Foundations that have like a very wide net You know EFF is is it's relatively big and pretty important, but it's also very u.
s. Centric. Yeah And the same would be for a lot of others. So As, as, as I said, like, you know, the jurisdiction by jurisdiction, you're going to have different issues. And as Randall said, you're, you know, if you get, if you get into a court case, it's going to be a local thing. So, you know, if you're going to come, if you're going to go have a, have something in Canada, you know, a U.
S. lawyer is not going to do you much. Um, they could be really smart and everything, but, you know, they're, they're different. There's, you know, they're not allowed to, they're not admitted to the bar. And if they're not admitted to the bar there, then they're not admitted to the bar. Um, so maybe, you know, depending on, you know, who listens to this podcast as also, you know, make sure that you search for something in your jurisdictions.
Like, you know, for the EFF equivalent in Europe would be something in France. It would be something like, like what the, or April. For open source or, uh, Edry, so European digital rights initiative is maybe something that if you don't have an open source issue or a free software issue, but you have like something else, like EFF ish, um, Edry would be one of those that I would go to if I had a question that was, you know, maybe PII related or something like that.
And because the, the really good thing about Edry is also their network. Um, Um, they're not just an organization, so they know who to send you to, so that would be
Randal: the, this might be a 15 minute question, but let me at least get it started and see how far we can get in a short amount of time, um, over the years, there have been.
Sort of misunderstandings and gaps in interpretations of what legislators think software is about and what we all know software is about leading to some really weird laws like the DMCA. Um, is that getting better? You think over time, or is that getting worse? Is it getting worse because it's international?
I mean, what, what's, what's your take on how well. Legislation is keeping up with the technologies that we have.
Matija: I mean, legislation will always, almost always. So that, that's come, that brings me back to my, you know, something I mentioned, like at the very start is why I started studying law is, um, I found. I find law interesting because on one hand, it has two functions.
On one hand, it has the function of, it has to be, it has to represent the situation, um, that we have. So it has to be applicable to the real world. Um, And if it doesn't, there's a legal theory, I think it was by Jelinek, an important figure in legal theory, uh, who said that if it doesn't, if law doesn't correspond with, you know, real life anymore, it becomes unlaw, and therefore ignored.
Um, and on the other hand, you have the other side is law Not always, um, but sometimes also has the function of pushing society in a specific direction. So it predicts the future in a way. Um, so this is something that you would have, like, when you know, you know, where you have things like, um, when, uh, women were given voting rights, where they didn't have them before, that was definitely something that, it didn't just happen, you know, you had to enact a law for that.
Um, and this is, you know, the interesting, this bipolarity of, um, the functions is what I find interesting. And I think, I mean, the cardinal sin of, of. Intellectual property in general is that it's not something that's very new. It's like, you know, 200, depends on how you look at it, 200, 400 years old. Um, so like most of the stuff that was written before or drawn before or composed before doesn't fall under copyright at all.
It never did. It didn't exist.
Jonathan: Right.
Matija: Um, And now then we suddenly have this thing, which started depending on, you know, where you look at it, if you look at it from the UK, or which then, you know, developed into the US as well, copyright law, or you'd look at it from the, from the French authors rights, which developed to most of continental Europe, you have different spins on how, what was important.
Um, and why, uh, copyright happened, uh, roughly ish at the same time. Um, so that's already a cardinal sin in IP is that it exists. Um, and then it's how do you shoehorn something that is software into this? Um, and early there was a debate whether software is, you know, before, before I, I'm gonna, it, it, interestingly, I like, there was a time where software wasn't copyrightable.
It was public domain, period. And it was actually, I think IBM, actually, software licenses predate software copyright because IBM was slapping on licenses on their software, on their source code, because back then it was just source code. Um, on source code. With the intent of, you know, this is either going to be a contract, um, uh, or ignored or might happen to be something.
Um, so
It was always, I think copyright was always a bad option, um, for software because software, like part of, there's a, you have like the technical distinction is like, there's a test of originality, um, in software, uh, and in, in, in copyright in general, and the thing is like the more formal something is, Okay, now, coming back, um, copyright doesn't, copyright protects the expression, it doesn't express an idea.
So, If the expression and the idea, you know, if there's only one way how you can express an idea, then it becomes a fact, then it's not protected by copyright. Because that is, for example, would be, you know, arguably is the case with, uh, config files. Um, because there's your, you know, if you want to set up a config configuration in a file to do this, you know, the idea, very, very little you can do, you can be completely wrong.
interesting things around there. Um, so it's, it's a mismatch already. And then, you know, the length of the term for copyright protection is, you know, for in general, is, you know, A bit silly, you know, who gives a, I mean, if I die, I mean, now I need to, now, now, now, now people need to wait another 70 years or 90 years after I croak that they can use my, that my stuff gets into public domain.
I mean, what, how does that benefit me? It doesn't mean theory benefits my heirs, et cetera, et cetera. Um, but it's also, um,
It's also a mismatch in the sense of, I lost it. Um, it's, it's late here. So just so you, just so you know, there's a, there's a, it's, it's not dark because I'm in a basement.
Jonathan: It, it, it reminds me of the, uh, the recipe book, right? Like the actual recipes in a recipe book. Yeah. You can't copyright because they're just, they're mechanical.
Matija: Yeah. So, and, and this is why there's a mismatch already in the start. Um, you know, you could argue that. You know, patents would be a better option, but then, you know, we get into a completely different problem. Patents have their own problems. Yes, everything has its own problems. So the question originally was, is it getting better or worse?
Both.
Randal: Wonderful answer.
Matija: That's fair. So it's, it's like, it's similar is like with the CRAs as an example or the security legislation that we have on even in also in the U. S. Um, There's on one hand, you know, legislators seem to understand software better from the point of view. Oh, there's Security issues there.
Somebody needs to make sure it's it's it's done properly and then you know, how do you do that? So, I don't know. I'm
I have mixed feelings on this. I wouldn't say I would I wouldn't say I'm cautiously optimistic. I wouldn't say I'm pessimistic. I'm just, um, it's, it's the way it is. And, um, you win some, you lose some. Yeah. I think, I think they understand more than they used to. Um, but whether they understand enough to make everything better is a good question.
Yeah. Yeah. And the problem with law is always, I mean, it's not gonna, the law is typically Um, written by politicians and you have a lot of lobbying and a lot of, uh, stakeholders involved in pushing the agenda here and there. And this is maybe an important call through for all the open source, uh, you know, software advocates out there that you need to make yourself heard because, you know, the, those who have an interest to have, you know, to keep copyright as difficult to use in software Those guys typically also have a lot of money, and they do lobby.
It's not like they don't.
Jonathan: All right. Well, we have hit the bottom of the hour again, and I've, there's a couple of questions that I've absolutely got to ask you, and that is, what's your favorite, and it's totally different, what's your favorite text editor and scripting language?
Matija: Ooh, um, I mean, the geeky answer is Vim and Python, but in practice, I mean, uh, I use most of the time I use Kate.
So the Katie's, uh, advanced, uh, text editor. Um, I did try Helix and I liked it a lot. Um, there's one or two things that I don't like about it. I, if you like the idea of VIM or VI, but you're not in, you know, you don't have the muscle memory yet. Helix makes a lot of sense. Um, it does things in a more logical way than VIM does.
Um, But I just, when I, when I don't use it for a while, I just start doing Vim things and then they don't work. It's like, ah, um, but, and same with, I'm, I'm not really good at programming. I did, you know, ages ago I did in school. I did try to learn, uh, I did go to a course on, uh, Pascal. Uh, I was never good at it.
I just know, I just still remember a lot of semicolons and read lines and write lines. Um, I was, at some point I knew, I learned how to program in Python, I, but, um, in practice, I use fish a lot. I have a lot of scripts in fish. I love fish. Cool. Fish is great.
Jonathan: Yeah.
All right. Uh, we appreciate you being here.
Uh, very, very much. That is, uh, Mattia Mattia Shukla. Yes. Uh, that's, that's what it sounded like in my brain. I just couldn't get it to come out of my lips. We appreciate you being here very much talking about some legal issues and, uh, it was a lot of fun. I appreciate it.
Matija: Likewise. Thanks for having me.
Jonathan: All right.
Uh, so yes, thanks for staying up. We appreciate it. Yeah, no problem. All right. What do you think, Randall?
Randal: Well, uh, covered a lot of areas. Uh, it's, uh, it's, it's never uninteresting to talk about computers in the law. Uh, particularly for those of us who have been at the, Short end of the pointy stick. So it's like, okay, what's going on now with how these are all working out?
A couple of subjects that we didn't get into that would have been interesting, but you know, for a matter of time, I didn't want to bring up anything else. But, um, the idea of, uh, my personal liability is an individual contributor contributor using LLM based solutions to create my code that are later found Themselves liable for reproducing copyrighted code without disclosure, and I'm wondering at what point Who's we haven't tested this yet in court like we were talking about earlier It says it hasn't been tested yet It's going to be interesting to see what the first test case actually comes out to be where Uh, uh, I'm using something like co pilot and it inserts GPL code into my code.
I then submit it to a BSD style project, uh, which would not have the same GPL protections. Uh, what, where do the fingers point to in that chain?
Jonathan: Yeah.
Randal: And
Jonathan: that is interesting. It is, it is such a big question that several projects have simply said, we will not accept any code that's written by AI or LLM,
Randal: right?
Jonathan: So
Randal: that's, uh, it's interesting. And that's also why I stopped using Copilot once I sort of discovered that was happening. Uh, Codium, uh, C O D E I U M promises that they're training only on licensed appropriate material. So that does help a bit. Uh, and I'm hoping that Gemini also trains only that, because I'm also using Gemini quite a lot these days for that sort of stuff, so.
Yeah, Gemini is getting pretty smart. Uh, for those of you who haven't tried it yet, check it out. They're doing some really cool stuff.
Jonathan: That is an interesting segue, because next week, the plan is to have the guys on and talk about the open source AI definition. And that has been, yeah, that's a big deal.
That has been kind of a, uh, a brouhaha because everybody has a little bit different idea of what open source should mean when you're talking about artificial intelligence. Yeah.
Randal: So
Jonathan: OSI has put their oar in and they've got a definition and we're going to talk to them about it. Hopefully. That's the plan.
Awesome.
Randal: Awesome. That sounds good. I may watch that show.
Jonathan: Yeah. Did you have anything you wanted to plug, Randall, before we let folks go? Ooh.
Randal: Just in general. I am doing, uh, these days, I'm not doing anything with Pearl. I am, uh, for those of you that know me as the Pearl guy, uh, I'm doing everything with, as you can see, by reading the hat.
Flutter, flutter and dart are my, uh, primary things. I'm one of the 10. Uh, Google developer experts in the United States about the Dart and Flutter arena. So I spent a lot of my time teaching online, uh, making presentations, uh, answering questions on things like Stack Overflow and Discord and stuff. And, uh, I'm also always looking for commercial contracts for that and have to keep me off the street and out of jails.
I like to say that was more literal than before.
I would say it's a joke before all that happened and then I started to say, oh, that's a little too real now, but, um, but yeah, uh, and, uh, other than that, uh, I'm, uh, I'm, I'm happy. I'm getting a lot of stuff done in my life. Uh, I'm, uh, I've taken up karaoke, uh, running a karaoke show on Friday nights now, so I'm having a great time helping other people sing and choose songs, stuff like that.
It's a lot of fun. So yeah, it's all good. And, and thanks for having me back on the show as always. Cause I. I do kind of miss the hosting role for this,
Jonathan: but
Randal: not enough, not enough to actually do it, except when asked on temporarily. I, I, I am very happy to have the five hours a week back that I was putting into this show for 13 years.
So I'm very happy that you're doing that now. And all y'all do is tell me. Minutes before we go on air that here's the button. I gotta press so i'm much happier with that now
Jonathan: Yeah, well, we we appreciate having you it's always fun to have you back and we'll have you again in a few weeks All right If uh, if folks want to find me, of course Pack a day is one of the places is where the security column glows live on friday morning That is the home of floss weekly now.
We appreciate them for that And then I still have the untitled linux show over at twitch. tv Twitter. tv and we have a lot of fun with that covering the news and the tips and all the things with Linux. So you can check that out as well. We appreciate everybody that caught us that watch us live and those that get us on the download and we will see you next week on Floss Weekly.
00:00
-00:00