[arch-general] An old, tiresome discussion: cdrtools vs cdrkit

Joerg Schilling Joerg.Schilling at fokus.fraunhofer.de
Tue Jan 26 07:57:57 EST 2010 

Loui Chang <louipc.ist at gmail.com> wrote:

> If there are outstanding licensing or legal issues they may decide to
> avoid that particular software.

This would be a reason to avoid cdrkit. Cdrkit is in a clear conflict with the 
Copyright law and I as the owner of the rights on the software did already 
inform the creators of this fork that I may sue them in case that they continue 
to ignore the law.

> The issue isn't really about bugs vs. no bugs. So let's stay on topic.
> It's more about licenses and the legal ramifications that may come with
> improper usage. I think Arch followed Debian because they seem to know a
> lot more than we do. On the other hand, maybe we should be using debs
> rather than .pkg.tar.gz if that's the case. (hah)

This is a social issue. A hostile Debian packager did spread untrue claims
on a OSS project and Debian (and others) have become a victim of these claims.
If Debian really would know a lot about licensing, they did not believe
the claims of the hostile packager.

All decent legal systems require people who claim that others are in conflict
wit the law or in conflict with contracts (like the GPL) to prove their claims.
It is not the attacked people who need to defend against unsubstancial claims.

Now It would be intersting why parts of the OSS community did leave the base of 
every decent legal system, believe in unsubstancial attacks from a hostile 
person and ask me to defend.... This is a serious attack against the ethics
in OSS and we need to find a way to deal with similar attacks in future. As 
long as things like the attack against cdrtools may be successful, the OSS eco 
system is not yet stable enough to withstand attacks from outside.

> It is important to respect the caution that the devs are taking.
> Personally, if it was my decision, I'd encourage any Arch dev or
> TU who is interested in maintaining cdrtools to go ahead with it. I
> don't have the same faith in Debian that a lot of others might.
>
> Anyways, this package could easily be made available in an unofficial
> repository until everyone is comfortable with the licensing. Don't rely
> on the devs to do everything for you.

>From my understanding, what Arch Linux does is a matter of how Arch Linux likes 
to deal with it's users. If Arch Linux does not care about the users, nbothing
needs to change. In the other case, a change seems to be important in order to 
get rid of the bugs in the fork.

I can just point to the fact that the original software has no known bugs and 
that bugs in the original software are typically fixed within a few hours.
Becoming a packet maintainer for cdrtools thus takes a lot less effort than
doing the same for "cdrkit".

Jörg

-- 
 EMail:joerg at schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin
       js at cs.tu-berlin.de                (uni)  
       joerg.schilling at fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/
 URL:  http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily

More information about the arch-general mailing list