[conspire] The old stealth licence change trick

Rick Moen rick at linuxmafia.com
Wed Sep 29 19:49:59 PDT 2010


One of these days, I might do an article on the trickier ways to attempt
to con the open source community into not noticing a covert change to
proprietary licensing (**COUGH** SourceForge **COUGH**).  Today, I have 
just a small example of one of the more overt ways.

TACO (Targeted Advertising Cookie Opt-Out) was Christopher Soghoian's 
Firefox extension, released under the open source Apache Public License
2.0, that stuffs a bunch of protective HTML cookies into Firefox (or
MSIE) to pre-empt a bunch of the more notorious tracking cookies.
Article:  

http://www.pcworld.com/businesscenter/article/161380/browser_addon_locks_out_targeted_advertising.html

I'd been trying out the thing (see
http://linuxmafia.com/~rick/faq/index.php?page=kicking#linuxbrowser),
but for some reason didn't include it in my February 2010 rundown on
recommended Firefox extensions and customisations, 
http://linuxmafia.com/~rick/firefox.html .

I felt bad about that, and was considering adding a post-publication
footnote to http://linuxmafia.com/~rick/firefox.html adding mention of
TACO -- but something made me want to check the project status and new
versions, first.

Hmm, that's odd.  Attempting to check for new versions no longer goes to
http://taco.dubfire.net/ , but redirects to
http://www.getabine.com/more/privacyalerts.php , instead, and talks
about installing something called 'Abine Privacy Suite'.  Wait, why
isn't Debian packaging this?

Sometimes, unavailability of something interesting from Debian just
means nobody's yet done it.  Other times, it's an early heads-up about
restrictive licensing.  Aha, the upstream site's download link goes to
the 'License Agreement' page, http://www.getabine.com/agreement.php ,
which includes:

  You are hereby granted a non-exclusive, non-transferable,
  non-sublicensable limited license to use the Products (in object code
  form only) for non-commercial uses consistent with the description of
  the Products we provided with the Products. This Agreement shall
  immediately terminate upon any breach of its terms. Reverse engineering
  or use of the Products other than as specifically provided herein is
  strictly prohibited.

Ah, right.  Funny the change from open source to proprietary licensing 
isn't talked about on the main pages.  (But it never is.)

Uninstalling TACO makes your browser open a tab to
http://www.abine.com/feedback.php .  'Sorry things didn't work out...
Send us your comments.'  I'm saying:

  Sorry, Christopher.  The former APL 2.0 licensing was fine, but I have
  no interest in running proprietary code in an open-source Web browser.

Beware when searching Firefox extensions listings (anywhere but Debian's
package search pages), because proprietary licensing is pretty much
always (at least somewhat) downplayed.  For example:
https://addons.mozilla.org/en-US/firefox/addon/11073/versions/

To give credit where due, addons.mozilla.org pages do have a 
'Source Code License" section at the bottom of each release's details.
It's not really prominent, but it's there.  In TACO's case, there's a
link labelled 'Custom License', that takes you to the License Agreement
page.





More information about the conspire mailing list