Conversation

Notices

1. Embed this notice
   bert hubert 🇺🇦🇪🇺 (bert_hubert@fosstodon.org)'s status on Saturday, 02-Dec-2023 01:07:50 JST bert hubert 🇺🇦🇪🇺

   The EU has reached agreement on the Cyber Resilience Act. The situation for open source has changed remarkably compared to earlier versions, it appears in a good way. Before issuing fresh hot takes, please take the time to understand what the (not yet published text) actually says. Even people well versed are still processing things!
   https://ec.europa.eu/commission/presscorner/detail/en/IP_23_6168

   • Embed this notice
     Aral Balkan (aral@mastodon.ar.al)'s status on Saturday, 02-Dec-2023 01:07:42 JST Aral Balkan

     in reply to

     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @0xtdec @bert_hubert Here it is in English: https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:52022PC0454

     And the relevant clause for free and open source is #10.

     From my reading of it, if you make money in any way from your free and open source product the free and open source exemption does not apply to it.

   • Embed this notice
     0xtdec 🇧🇪🇸🇪🇪🇺 (0xtdec@infosec.exchange)'s status on Saturday, 02-Dec-2023 01:07:50 JST 0xtdec 🇧🇪🇸🇪🇪🇺

     in reply to

     @bert_hubert Hi Bert, where can we find the final/current text ? Thanks !

   • Embed this notice
     Aral Balkan (aral@mastodon.ar.al)'s status on Saturday, 02-Dec-2023 05:57:02 JST Aral Balkan

     in reply to

     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @bert_hubert @0xtdec Is there a link to the latest version? This is what I found from the link in your original post.

   • Embed this notice
     bert hubert 🇺🇦🇪🇺 (bert_hubert@fosstodon.org)'s status on Saturday, 02-Dec-2023 05:57:03 JST bert hubert 🇺🇦🇪🇺

     in reply to

     • Aral Balkan
     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @0xtdec @aral these clauses have all been revamped in the latest version.

   • Embed this notice
     0xtdec 🇧🇪🇸🇪🇪🇺 (0xtdec@infosec.exchange)'s status on Saturday, 02-Dec-2023 05:57:04 JST 0xtdec 🇧🇪🇸🇪🇪🇺

     in reply to

     • Aral Balkan

     @aral @bert_hubert Thanks Aral ! I believe these definition here will be key:

     (10)In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.

     and

     (23)‘making available on the market’ means any supply of a product with digital elements for distribution or use on the Union market in the course of a commercial activity, whether in return for payment or free of charge;

     But IANAL.

   • Embed this notice
     Aral Balkan (aral@mastodon.ar.al)'s status on Saturday, 02-Dec-2023 06:45:37 JST Aral Balkan

     in reply to

     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @bert_hubert @0xtdec Why isn’t what was agreed public?

     Do you know when it will be?

   • Embed this notice
     bert hubert 🇺🇦🇪🇺 (bert_hubert@fosstodon.org)'s status on Saturday, 02-Dec-2023 06:45:38 JST bert hubert 🇺🇦🇪🇺

     in reply to

     • Aral Balkan
     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @aral @0xtdec no there is nothing public, but I assure you that the September version you cited is not close to what was agreed yesterday.

   • Embed this notice
     bert hubert 🇺🇦🇪🇺 (bert_hubert@fosstodon.org)'s status on Saturday, 02-Dec-2023 07:21:39 JST bert hubert 🇺🇦🇪🇺

     in reply to

     • Aral Balkan
     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @aral @0xtdec they worked on it until midnight, I assume they need some time to formalise the results of their negotiations. I don't know when the new stuff becomes public. Meanwhile your misleading post that refers to the September version as the current version is still up, which is not helpful for anyone.

   • Embed this notice
     Aral Balkan (aral@mastodon.ar.al)'s status on Saturday, 02-Dec-2023 07:21:39 JST Aral Balkan

     in reply to

     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @bert_hubert @0xtdec Misleading post? Calm down, tiger. It’s a reply with a link to the only publicly-available version at the moment and this thread provides the context. When the latest version is live, we can post a link to that also. No need to go throwing about accusations when we’re having a conversation here.

   • Embed this notice
     Aral Balkan (aral@mastodon.ar.al)'s status on Saturday, 02-Dec-2023 07:31:51 JST Aral Balkan

     in reply to

     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @bert_hubert @0xtdec Bloody hell, dude, what the fuck is your problem? Which part of “it’s the only publicly available text I could find” do you not get? Actually, forget it. Why am I wasting time with this bullshit?

     Goodbye.

   • Embed this notice
     bert hubert 🇺🇦🇪🇺 (bert_hubert@fosstodon.org)'s status on Saturday, 02-Dec-2023 07:31:52 JST bert hubert 🇺🇦🇪🇺

     in reply to

     • Aral Balkan
     • 0xtdec 🇧🇪🇸🇪🇪🇺

     @aral @0xtdec no you are needlessly leaving up information you know is false. There is enough misinformation already in this world without adding more of it. But apparently that is fine with you.