Language Selection

English French German Italian Portuguese Spanish

GPL Enforcement and Violations: Stockfish and More

Filed under
GNU
Legal
  • Our lawsuit against ChessBase

    The Stockfish project strongly believes in free and open-source software and data. Collaboration is what made this engine the strongest chess engine in the world. We license our software using the GNU General Public License, Version 3 (GPL) with the intent to guarantee all chess enthusiasts the freedom to use, share and change all versions of the program.

    Unfortunately, not everybody shares this vision of openness. We have come to realize that ChessBase concealed from their customers Stockfish as the true origin of key parts of their products (see also earlier blog posts by us and the joint Lichess, Leela Chess Zero, and Stockfish teams). Indeed, few customers know they obtained a modified version of Stockfish when they paid for Fat Fritz 2 or Houdini 6 - both Stockfish derivatives - and they thus have good reason to be upset. ChessBase repeatedly violated central obligations of the GPL, which ensures that the user of the software is informed of their rights. These rights are explicit in the license and include access to the corresponding sources, and the right to reproduce, modify and distribute GPLed programs royalty-free.

  • Stockfish sues ChessBase

    The Stockfish project, which distributes a chess engine under GPLv3, has announced the filing of a GPL-enforcement lawsuit against ChessBase, which has been (and evidently still is) distributing proprietary versions of the Stockfish code.

  • Are you compliant with open-source license obligations?

    A short answer is no. Your piece of software will not be open-source if it doesn’t have an open-source license. Under copyright law, such software is copyrighted by default, with all the restrictions that this implies.

    If you want anyone to use your code freely, you should ensure certain liberties commonly called “the four freedoms“. They say that OS software may be used, studied, modified, and distributed freely, as long as the license is respected.

    For the first three, there are no conditions of any kind; you are free to use, study, and modify the code for any purpose. If you move beyond that and decide to distribute your modified version (or the original), this is when open-source license compliance starts.

    Missing license texts are the number one cause of license infringement cases, which, as we’ve seen above, can lead to the loss of ownership rights and enforcement actions such as an interim injunction.

Stockfish Contributors Sue ChessBase for GPL Violations

  • Stockfish Contributors Sue ChessBase for GPL Violations

    A legal reckoning is brewing in the world of open source chess engines. Stockfish, a GPL-licensed chess engine widely recognized as one of the strongest in the world, has filed a lawsuit against ChessBase. The German-based company makes and sells chess software that relies heavily on the Stockfish engine, maintains a prominent chess news site, and runs a chess server for online games.

    [...]

    “This chess engine is a Stockfish derivative, with a few lines of code modification (engine name, authors list and a few parameters), and a new set of NNUE net weights considered proprietary,” current Stockfish maintainer Joost VandeVondele said. “ChessBase’s communication on Fat Fritz 2, claiming originality where there is none, has shocked our community. Furthermore, the engine Fat Fritz 2 fails to convince on independent rating lists, casting doubt on the usefulness of those modifications. Indeed, we feel that customers buying Fat Fritz 2 get very little added value for money. Claims to the contrary appear misleading.”

Stockfish Developers Sue Chessbase Claiming Copyright Violation

  • Stockfish Developers Sue Chessbase Claiming Copyright Violation

    The Stockfish team has filed a lawsuit against Chessbase, claiming that the German chess software company is selling their software without having the license to do so. The lawsuit, filed in a German court, was announced last Tuesday in a blog on the Stockfish website.

    The Stockfish team argues that Chessbase has "concealed from their customers Stockfish as the true origin of key parts of their products," namely Fat Fritz 2 and Houdini 6. According to the Stockfish team, Chessbase has "repeatedly violated central obligations of the GPL," which refers to informing software users of their rights. "These rights are explicit in the license and include access to the corresponding sources, and the right to reproduce, modify and distribute GPLed programs royalty-free," the Stockfish team writes.

  • GitHub Copilot sparks debates around open-source licenses

    A few weeks ago GitHub released its Copilot solution, which uses AI to suggest code to developers. Developers can write a comment in their code and Copilot will automatically write the code it thinks is appropriate. It’s an impressive example of the power of AI, but has many developers and members of the open-source community upset and worrying over what it means for the future of open source.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Linux Devices, Open Hardware, and DRM Setback

  • Home Automation Terminal With Cyberpunk Style

    The OLKB-Terminal designed by [Jeff Eberl] doesn’t have a battery, can’t fold up (even if it seems like it could), and is only portable in the sense that you can literally pick it up and move it somewhere else. So arguably it’s not really a cyberdeck per se, but it certainly does look the part. If you need to be furiously typing out lines of code in a dimly lit near-future hacker’s den, this should do you nicely. [Jeff] has provided everything you’d need to recreate this slick little machine on your own, though he does warn that some of the hardware decisions were based simply on what he had on-hand at the time, and that better or cheaper options may exist. So for example if you don’t want to use the Raspberry Pi 4, you can easily swap it out for some other single-board computer. Though if you want to change something better integrated, like the LCD panel, it will probably require modifications to the 3D printed components.

  • 4 most popular IoT Linux distros: Which is best for you?

    Linux is the operating system of choice for Internet of Things device manufacturers looking to fit their resource-constrained embedded devices with lightweight software systems. As an open-source project, Linux offers a stable, low-cost, secure, and up-to-date platform that can be run on a variety of microprocessor architectures, powering a range of devices from IoT sensors at the low end to powerful supercomputers.

  • Nvidia cosies up to Open Robotics for hardware-accelerated ROS

    Nvidia has linked up with Open Robotics to drive new artificial intelligence capabilities in the Robot Operating System (ROS). The non-exclusive agreement will see Open Robotics extending ROS 2, the latest version of the open-source robotics framework, to better support Nvidia hardware – and in particular its Jetson range, low-power parts which combine Arm cores with the company's own GPU and deep-learning accelerator cores to drive edge and embedded artificial intelligence applications. "Our users have been building and simulating robots with Nvidia hardware for years, and we want to make sure that ROS 2 and Ignition work well on those platforms," Brian Gerkey, Open Robotics' chief exec, told The Register.

  • UP Xtreme i11 Edge Compute Enabling Kit supports 5G, WiFi 6, Myriad X AI accelerator cards - CNX Software

    The computer is compatible with Microsoft Windows 10 full version, Yocto project 3.0/3.1 using Linux 5.4, and Ubuntu 20.04 with Linux 5.8, as well as Intel OpenVINO toolkit 2021 R1 with support for TensorFlow and Caffe AI frameworks. Ubuntu and OpenVINO are also part of the Intel Software Foundation Kit that may be installed on the device upon request, and also includes MRAA and UPM I/O and sensor libraries, Docker, k3s Kubernetes, AWS Greengrass, and more.

  • This robotic bartender serves up drinks using a Nano RP2040 Connect and the Arduino Cloud | Arduino Blog

    Mixing up perfect, custom cocktails often requires months or even years of training, in addition to having to know a plethora of recipes. But Jithin Sanal wanted to pour his favorite drinks without spending the extra time and effort, so he concocted a robotic cocktail mixer to perform this task for him. It operates by using a series of ingredient reservoirs, pumps, an Arduino Nano RP2040 Connect, and a few relays to dispense a precise quantity of the desired ingredient into a container. Sanal also designed and fabricated his own circuit board to connect each component together in a circuit. Rather than having a bunch of physical buttons on the front of the robotic cocktail mixer, Sanal instead opted to use the Arduino Cloud with five virtual ones that each correspond to a single drink. When a button is pressed, a function is executed on the Nano RP2040 Connect that activates the correct pumps in the specified order for a certain duration. By utilizing this method, users can be confident their drink is perfectly made every single time. More drinks can be added to the system simply by adding another button within the IoT Cloud and creating the associated function in the RP2040’s code.

  • Firmware Find Hints At Subscription Plan for reMarkable Tablet

    To their credit, at least reMarkable is being upfront by admitting a subscription model is being considered. It also sounds like existing users will be grandfathered in when it goes live, which should come as some comfort to current owners. But for prospective buyers, this could literally change everything. It’s bad enough that cloud synchronization of documents would potentially be time-limited, though we’ll admit there’s some justification in that the company is obviously incurring costs by hosting these files. Limiting features based on subscription tier on the other hand is simply a step too far, especially on a device that the user purchased outright. We’ve already seen the first tentative steps towards developing a free and open source operating system for the reMarkable tablet, and this news is only going to redouble the efforts of those who wish to liberate this very promising piece of hardware from the overbearing software it ships with. What worries us is how the company is likely to respond to such projects if they’ve found themselves in a situation where recurring charges have become necessary to balance the books. We’ve already seen a motorcycle airbag that will only deploy if the wearer has paid up for the year, so is a tablet that won’t let you install additional applications unless you’ve sprung for the premium membership really that far fetched? Sadly, we all know the answer.

Programming Leftovers

  • Jakub Kadlčík: Building RHEL packages with Tito

    Are you a Fedora packager and consider Tito to be a valuable asset in your toolbox? Do you know it can be used for maintaining RHEL packages as well? Or any downstream packaging? I didn’t. This article explains how it can be done.

  • linuxium.com.au: New release of 'isorespin.sh'

    Following news of the GRUB2 Secure Boot Bypass 2021 and as a result of Google's security changes on Google Drive together with the first daily build's from Canonical of Ubuntu 21.10 (impish) and point releases for 20.04.3 and 18.04.6 I've updated my ‘isorespin.sh‘ script and respun some ISOs suitable for Intel Atom and Intel Apollo Lake devices.

  • PHP maintains an enormous lead in server-side programming languages

    The venerable web programming language PHP is a source of frequent complaints and frustration, but according to a report W3Techs released today, it doesn't seem to be going away any time soon. W3Techs' web server survey looks for technologies in use by sites in Alexa's top 10 million list; today's report includes a year-on-year chart beginning with January 2010, running all the way through 2021. The survey only includes top sites not out of elitism, but as one part of its effort to avoid data-skewing returns from domain-parking services and spammers, which would otherwise dominate legitimate websites through sheer volume. Within that dataset, the story told is clear. Apart from PHP—which held a 72.5 percent share in 2010 and holds a 78.9 percent share as of today—only one other server-side language ever broke a 10 percent share. That one competitor is ASP.NET, which held an impressive 24.4 percent share in 2010 but was down to 9.3 percent in January and 8.3 percent this month. Amongst the small fry, the only truly impressive growth to be seen is in Ruby—which at 5.2 percent this month is still seeing continued uninterrupted growth in W3Techs' survey. This might come as a shock if you're mostly familiar with Ruby on Rails, which itself remains viable but seems to be on the decline in popularity.

  • PHP Holds Impressive Lead Among Server-Side Languages

    This share constitutes an enormous lead over PHP’s rivals, with only one other server-side language ever reaching a 10 percent share. As Jim Salter reports, ASP.NET held a 24 percent share in 2010 but usage has now declined to 8.3 percent.

  • 10 Best Open Source Linux Code Editors [Ed: Very bad list. The first two in the list are Microsoft and even proprietary software with surveillance or 'telemetry' that spies on coders]

    Coding is part of every developer’s life and IDE (Integrated Development Environment) makes this job easier for them. IDEs come with tons of handy features and support programming of various languages within the same environment. Furthermore, IDEs provide users with plug-ins for adding the extra capability to the program and auto-complete tags and classes to make programming faster. Users can also utilize the pre-provided piece of code in their programs. IDEs make coding faster and easier and hence today we’re here to discuss the 10 best Code Editors (IDEs) available for Linux.

Microsoft Exchange Autodiscover protocol found leaking hundreds of thousands of credentials

A flaw in Microsoft's Autodiscover protocol, used to configure Exchange clients like Outlook, can cause user credentials to leak to miscreants in certain circumstances. The upshot is that your Exchange-connected email client may give away your username and password to a stranger, if the flaw is successfully exploited. In a report scheduled to be published on Wednesday, security firm Guardicore said it has identified a design blunder that leaks web requests to Autodiscover domains that are outside the user's domain but within the same top-level domain (TLD). Exchange's Autodiscover protocol, specifically the version based on POX XML, provides a way for client applications to obtain the configuration data necessary to communicate with the Exchange server. It gets invoked, for example, when adding a new Exchange account to Outlook. After a user supplies a name, email address, and password, Outlook tries to use Autodiscover to set up the client. Read more

Mozilla Firefox and Google Chrome

  • Firefox Add-on Reviews: YouTube your way—browser extensions put you in charge of your video experience

    YouTube wants you to experience YouTube in very prescribed ways. But with the right browser extension, you’re free to alter YouTube to taste. Change the way the site looks, behaves, and delivers your favorite videos. [...] Though its primary function is to automatically play all YouTube videos in their highest possible resolution, YouTube High Definition has a few other fine features to offer.

  • Location history: How your location is tracked and how you can limit sharing it

    In real estate, the age old mantra is “location, location, location,” meaning that location drives value. That’s true even when it comes to data collection in the online world, too — your location history is valuable, authentic information. In all likelihood, you’re leaving a breadcrumb trail of location data every day, but there are a few things you can do to clean that up and keep more of your goings-on to yourself. [...] For some apps, location helps them function better, like navigating with a GPS or following a map. Location history can also be useful for retracing your steps to past places, like finding your way back to that tiny shop in Florence where you picked up beautiful stationery two years ago. On the other hand, marketing companies use location data for marketing and advertising purposes. They can also use location to conduct “geomarketing,” which is targeting you with promotions based on where you are. Near a certain restaurant while you’re out doing errands at midday? You might see an ad for it on your phone just as you’re thinking about lunch. Location can also be used to grant or deny access to certain content. In some parts of the world, content on the internet is “geo-blocked” or geographically-restricted based on your IP address, which is kind of like a mailing address, associated with your online activity. Geo-blocking can happen due to things like copyright restrictions, limited licensing rights or even government control.

  • An update on Memory Safety in Chrome [LWN.net]

    The Google security blog provides an overview of what is being done to address memory-safety problems in the Chrome browser.

  • Chrome 94 Released for Android, macOS, Windows, Linux: What's New | Technology News

    Chrome 94 stable update has been released by Google for Android, iOS, Mac, and Windows operating systems. The update will be rolled out over the coming weeks and it brings new security features, new functionality, and bug fixes. Google Chrome 94 stable is the first version of Chrome of the new four-week release cycle. Previously, Chrome update was released every six weeks. Its features include HTTPS-First mode that makes users browsing more secure. Also, Google said that 19 different security issues were fixed in the Chrome 94 version. The update for Google Chrome was announced through a blog post on September 21. Chrome 94 introduces HTTPS-First mode. It is available in Chrome for desktop systems and for Android. HTTPS is a more secure version of HTTP and many websites support it. With the latest update, the browser will also show a full-page warning when the user loads a site that doesn't support HTTPS. This ensures privacy when using public Wi-Fi. Google says this was previously planned for Chrome 92.

  • Google emits Chrome 94 with 'Idle Detection' API to detect user inactivity amid opposition

    Google has released Chrome 94 for desktop and Android, complete with an "Idle Detection" API to detect user inactivity, despite privacy concerns expressed by Mozilla and Apple. New and changed features in Chrome 94 are listed here and include the removal of the AppCache feature, described as a "security and stability liability", and something which has "imposed a tax on all of Chrome's significant architectural efforts." There is also a new VirtualKeyboard API with more control over its shape and an event fired when it covers page content; more efficient low-level access to media encoders and decoders; and a new JavaScript Self Profiling API which enables developers to collect JavaScript performance profiles from end users.