• jherazob@beehaw.org
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      The new organization is at https://github.com/FossifyX. For now all the apps have updates disabled, i’m quite open to alternatives for all EXCEPT Gallery, so i hope the fork goes well, at least from the discussions it looks like it’s off to a decent start.

      Of note, the apps on FDroid are still uncrapped so you can still take them from there.

  • noodlejetski@lemm.ee
    link
    fedilink
    arrow-up
    45
    ·
    edit-2
    1 year ago

    oh man, it’s the QuickPic fiasco all over again. at least this time the apps can be forked by someone.

  • Oh, this is going to be a ride.

    These tools are all licensed as GPLv3 and I don’t see a CLA anywhere. From what I can tell, any commit (that takes actual creativity and work, basic copyright requirements and all) seems to be licensed under GPLv3 as well.

    That means that if they decide to close the apps, or fork them with a paid version, they’re breaking the terms of the GPL license. The infectious nature of GPL means that any customer has the legal right to demand the source code of the application, and is allowed to republish that source code if they so choose.

    Now, I expect the new owner to just ignore the GPLv3 license, which would then allow contributors to demand either compliance or, in the worse case, revoke the company’s permission to use their work, thereby giving them the legal right to issue takedowns under the DMCA and similar laws.

    Of course I’m not a lawyer so it’s hard to predict how this will work out exactly and what the exact rights of the individual contributors are, but this has the potential to be one hell of a shitstorm if the new owners think they can close up shop.

    This is also why you need a CLA if you’re going to use GPL or a similar license for your open source project of you ever want to sell the project, dual license it, change the license, or do any legal work other than enforcing trademark, really.

    • twei@feddit.de
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Dumb question because I’m not fluent in License-Lore: which license would be best at preventing others (or me from the future) from selling / closing down the licensed work? Would it be GPL, AGPL, MPL, something else?

      • It’s hard to tell. I think AGPL is one of the better “fuck business opportunities” licenses. If it scares the Google lawyers enough that Googlers aren’t allowed to use AGPL code or use AGPL software on company computers, that makes it seem pretty good to me.

        When it comes to “big company forking and taking over”: customise the license. Software licensing is hard, and known licenses make it a little easier. Big companies hate custom licenses because Legal needs to sign off on it. Just adding a little throwaway line to the license used for JSLint has ended up with IBM having written permission to use JSLint for evil.

        If you are the sole author of your code, you can relicense as much as you want. Other people may have received a licensed copy before the relicensing, but new additions don’t need to follow that same license model, and you’re not bound by any restrictions on the old code either. The license determines under which terms you’re giving something away, but you can decide those terms for yourself! In other words, it’s almost impossible to prevent yourself from selling your code in the future through licenses alone.

        However, when other people come in and help, this becomes complicated. Now you need their permission to relicense their code, because you’re not the owner of that code. You can use it, under the license provided by the alterations, but you can’t just change the license.

        A Contributor License Agreement is a document others sign (digitally, usually) that will grant you certain rights to their work. Using the right CLA (and you’ll need a legal professional to determine what is “right” for you!) you can make contributors hand over either full authorship of their work or give you an irrevocable license to reuse and relicense the code. Without such a signed document, you’re bound by the whims of the contributions’ authors, which can be a real issue for “open core” projects that want to relicense (for example, when Amazon takes the code for their open source SaaS and provides a dirt-cheap alternative you cannot compete with).

        So, if you want to prevent yourself from ever selling your code: take contributions from as many people as possible, under as open a license as possible. Of course you can always sell your product, but the business would be buying a complex and most likely expensive copyright situation along with the code.

        There are licenses that can help prevent business interest. If you don’t mind being classified as a proprietary project, you could use CC-NC. When others contribute to your project and use the same license, you’ve essentially screwed yourself over. However, most people interested in open source software don’t really care when a small shop down the road uses their open source calculator app, so CC-NC isn’t very popular.

      • brie@beehaw.org
        link
        fedilink
        arrow-up
        4
        ·
        1 year ago

        Obligatorily: I am not a lawyer, and license law is complicated.

        MPL wouldn’t be the best choice, since it is per-file. GPL is copyleft and viral, meaning that if you make a modification and distribute the software, you must provide your modified source code under the GPL. AGPL is stricter in terms of when source code must be released; primarily it targets server software where the user interacts with the software, but does not actually download the software itself. The GPL wouldn’t require releasing source code, but the AGPL would.

        As skullgiver mentioned, if you want to relicense, it would be best to use a CLA. The key to preventing yourself from being able to relicense your project (to a proprietary license or otherwise) is to ensure that other people are licensing their contributions to you under the GPL, without a CLA giving you exceptions, so that you yourself must follow their licensing terms. The Linux kernel for example is locked into the GPLv2, because they used a version of the GPL that does not provide for “upgrading” to newer versions of the GPL, and there are too many people who have contributed to the code to get all together to agree on a relicensing.

        • twei@feddit.de
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Thanks for the response. Seems like I made a good choice by going with the AGPL

  • Pantherina@feddit.de
    link
    fedilink
    arrow-up
    13
    ·
    edit-2
    1 year ago

    So this just looks like the Community has to take care of the projects and/or find alternatives

    Alternatives

    File manager - Material Files

    That one doesnt have the security vulnerability and I think it is also better. But they are pretty much equal.

    Simple Gallery - Aves

    I prefer Simple Gallery though, it is pretty great

    Simple dialer - Welefon

    Very basic, I personally use ACR phone for call recording, with disabled internet permissions. The Dev asked on Reddit about opensourcing the App and got negative responses, so maybe unlikely.

    Simple Keyboard - Florisboard

    Currently unmaintained but awesome. I hope it gets revived.

    Simple Calculator

    My favourite: Mint Calculator

    Calculator

    yetCalc

    Unitto

    Simple SMS

    AOSP SMS/MMS, Quik Sms

    Deku SMS supports encryption. This is not a replacement for secure messengers, metadata is still a mess, but it is pretty cool.

    AOSP SMS is poorly hard to find. That would be great on F-Droid. It also uses old libraries.

    All these look way better and have unit transformations.

    Some Gems

    Some apps have no good replacement

    Simple Gallery

    Also in my opinion just the best. The Amaze Videoplayer and tools are great though.

    Simple Contacts SE

    That is the better version with some enhanced features.

    Simple Calendar

    I just got way better results than using Etar. The Widget is great too.

    • DeltaTangoLima@reddrefuge.com
      link
      fedilink
      English
      arrow-up
      6
      ·
      edit-2
      1 year ago

      Lucky you - you have the latest and greatest of these specific apps. Now, depending on how you installed them, go ahead and disable any automatic updating.

      Then, just keep an eye on the forked versions in Github, which were created by another dev who worked very closely on the Simple Mobile Tools.

      Eventually there’ll be new releases that you can install via Obtainium or F-droid. All the main SMT apps had settings export/import capability, so I imagine you’ll be able to bring your settings across to the forked versions too.

      Bit of short term pain to change over, but not all is lost.

      • kratoz29@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Now, depending on how you installed them, go ahead and disable any automatic updating.

        I only have the Simple File Manager Pro installed from F-droid? What should I do next?

        • DeltaTangoLima@reddrefuge.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Honestly, I can’t recall. I uninstalled F-droid a while back, as I use Obtainium. Have a look around the F-droid page for the app you have installed. There should be a setting somewhere to prevent that app from being automatically updated, maybe to just notify you there’s an update ready.

          That said, you’ll probably be OK if you installed via F-droid, as they have pretty good policies on preventing spammy apps or apps that mine user data.

          I’m more concerned for those people that installed via the Play store and are unaware of this change - they’ll probably automatically get the newer, shittier versions without even realising it. This is the community’s biggest concern about the way this particular dev has sold out their userbase like this.