|
|
|
06 Mar 2008
Comments:1
In their continual drive to satiate a market that demands faster, easier to use and more cost-effective products, Japanese firms have pioneered the use of embedded software in product manufacturing. From televisions, telephones, toys and refrigerators, open-source code has become prevalent. While open source accelerates time to market and reduces production costs, its use brings legal vulnerabilities.
Many electronic components from the Asian market are used in manufacturing and production throughout the UK. However, as open-source code is already embedded by the time it arrives, manufacturers are not aware of its existence. Without a clear understanding of the downstream inheritance of open source, firms are open to legal risks especially with regard to the General Public Licence versions 2 and 3 (GPL v2 and GPL v3).
Most devices shipping today, such as handsets, contain digital rights management (DRM) software. In GPL v2, the provisions of the licence prohibit redistribution of the code without making the source code publicly available. GPL v3 contains anti-DRM provisions that make its use in embedded products prohibitive.
A telecommunications provider in the UK raised the ire of the open-source community after it used code released under GPL v2 in one of its commercial products, but failed to immediately release the code to the public.
In today’s litigious climate, the
Software
Freedom Law Center (SFLC) would have filed suit against that firm for
violation of the GPL v2 a pattern of accountability gaining momentum in the
US.
Add vulnerability risks to the concerns of not knowing whether your company is
beholden to applicable open-source obligations, and the importance of proper
open-source use management emerges.
Firms must understand the scope of their open-source inventory and its associated licence restrictions to be able to manage its inherent vulnerabilities, which will empower them to use open source to their best advantage.
Mark Tolliver is chief executive of Palamida.
Related articles
In this video find out about the fast-growing Chinese vendor's plans for market domination and how the channel is its route of choice
Find out what gifts Acer has in store for partners for 2012 in this exclusive roundup of its recent conference
CRN's premier networking event is back on 17 May at the Ricoh Arena
Date: Thu 17 May 2012
Channel fighters preparing to square up once more on 24 May
Date: Thu 24 May 2012
The proliferation of endpoint devices within the enterprise has highlighted the shortcomings of one of the traditional approaches to data security
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Dave discovers that rozzers are seemingly living in the technology dark ages
Mark Needham, founder of distributor Widget, argues that John Browett leaves for Apple with Dixons in better shape than when he arrived
|
|
|
Do you agree?
Palamida provides clarification of article
Mark Tolliver would like to clarify that space limitations in CRN seem to have changed the context of his bylined piece. The article has been edited such that it appears Palamida's stance is that open source is both insecure and a legal risk. What was said, however, is that open source use is prevalent and an important component of software development and may (?may being the operative word) pose legal, business and security threats ?if not managed? - which is true of any undocumented code, whether open source or proprietary. With proper management and process open source can be used to its full potential - furthering adoption in the enterprise environment. We regret that the editing of this article would make it appear otherwise.
Posted by Melisa LaBancz-Bleasdale | 07 Mar 2008
Have your say