RE: https://mastodon.social/@Gargron/1

10 years today.

What's going on here? The matplotlib maintainer this story is about correctly notes that all the quotes from his post in the article are made up.

UPDATE: Link was pulled; see below.

https://arstechnica.com/ai/2026/02/after-a-routine-code-rejection-an-ai-agent-published-a-hit-piece-on-someone-by-name

One of the Finnish Government ICT Centre (Valtori) MDM services was compromised. Apparently the attacker(s) employed a vulnerability that did not have security fix available at the time of the breach.

The attacker extracted at least name, email address, phone number and device information for the impacted users. Actual mobile devices have not been known to be targeted.

Valtori provides service to 77000 users. While not all of them had devices under the affected system, this is still quite concerning.

Source: https://valtori.fi/-/osassa-valtionhallinnon-mobiililaitehallintaa-tietomurto-hyokkaajan-toiminta-estetty (in finnish)

#infosec #cybersecurity #compromise #breach

GPLv2 affirmation…

I don’t generally post here as people have probably noticed, but here’s a pdf of a recent court ruling, and this turns out to be the easiest way for me to link to a copy of it, since I don’t really maintain any web presence normally and I don’t want to post pdf’s to the kernel mailing lists or anything like that.

And the reason I want to post about it, is that it basically validates my long-held views that the GPLv2 is about making source code available, not controlling the access to the hardware that it runs on.

The court case itself is a mess of two bad parties: Vizio and the SFC. Both of them look horribly bad in court - for different reasons.

Vizio used Linux in their TVs without originally making the source code available, and that was obviously not ok.

And the Software Freedom Conservancy then tries to make the argument that the license forces you to make your installation keys etc available, even though that is not the case, and the reason why the kernel is very much GPLv2 only. The people involved know that very well, but have argued otherwise in court.

End result: both parties have acted badly. But at least Vizio did fix their behavior, even if it apparently took this lawsuit to do so. I can’t say the same about the SFC.

Please, SFC - stop using the kernel for your bogus legal arguments where you try to expand the GPLv2 to be something it isn’t. You just look like a bunch of incompetent a**holes.

The only party that looks competent here is the judge, which in this ruling says

Plaintiff contends the phrases, “machine-readable” and “scripts used to control compilation and installation” support their assertion in response to special interrogatory no. 4 that Defendant should “deliver files such that a person of ordinary skill can compile the source code into a functional executable and install it onto the same device, such that all features of the original program are retained, without undue difficulty.”

The language of the Agreements is unambiguous. It does not impose the duty which is the subject of this motion.

Read as a whole, the Agreements require Vizio to make the source code available in such a manner that the source code can be readily obtained and modified by Plaintiff or other third parties. While source code is defined to include “the scripts used to control compilation and installation,” this does not mean that Vizio must allow users to reinstall the software, modified or otherwise, back onto its smart TVs in a manner that preserves all features of the original program and/or ensures the smart TVs continue to function properly. Rather, in the context of the Agreements, the disputed language means that Vizio must provide the source code in a manner that allows the source code to be obtained and revised by Plaintiff or others for use in other applications.

In other words, Vizio must ensure the ability of users to copy, change/modify, and distribute the source code, including using the code in other free programs consistent with the Preamble and Terms and Conditions of the Agreements. However, nothing in the language of the Agreements requires Vizio to allow modified source code to be reinstalled on its devices while ensuring the devices remain operable after the source code is modified. If this was the intent of the Agreements, the Agreements could have been readily modified to state that users must be permitted to modify and reinstall modified software on products which use the program while ensuring the products continue to function. The absence of such language is dispositive and there is no basis to find that such a term was implied here. Therefore, the motion is granted.

IOW, this makes it clear that yes, you have to make source code available, but no, the GPLv2 does not in any way force you to then open up your hardware.

My intention - and the GPLv2 - is clear: the kernel copyright licence covers the software, and does not extend to the hardware it runs on. The same way the kernel copyright license does not extend to user space programs that run on it.

📰 Announcing .NET 10

Announcing the release of .NET 10, the most productive, modern, secure, intelligent, and performant release of .NET yet. With updates across ASP.NET Core, C# 14, .NET MAUI, Aspire, and so much more.

https://devblogs.microsoft.com/dotnet/announcing-dotnet-10/ #dotnet