Archive for April 5, 2021

Monday, April 5, 2021

Copying the Java API Was Fair Use

James Romoser (tweet, Hacker News):

The Supreme Court on Monday sided with Google over Oracle in a major copyright battle, ruling that Google’s copying of a portion of the Java SE computer program is protected as “fair use.”

The ruling in Google v. Oracle was 6-2, with Justice Stephen Breyer delivering the opinion of the court.

[…]

In siding with Google, Breyer wrote that, assuming for the sake of argument that the lines of code can be copyrighted, Google’s copying is nonetheless fair use.

Mike Masnick:

The background of this case is actually kind of important to understanding what just happened, so here’s a quick(ish) recap.

[…]

One of the big debates in the lead up to the case, and at oral arguments, was what “analogy” best represented what an API was. You can see above Breyer mention the Dewey Decimal System, which is a pretty good analogy.

[…]

Breyer then notes that even though Google asked the Court to say APIs are not covered by copyright, since they can answer the fair use question and dispose of the issue, the court will just assume that APIs are subject to copyright for the sake of exploring fair use, and leave the actual question of copyright and APIs to another day (groan).

Charles Duan:

SCOTUS doesn’t just rule in favor of Google in @googlevoracle, but says that API reimplementation is fair use as a matter of law, meaning that the decision applies to all APIs

[…]

Anyway, this is great news for software folks. The concern was that SCOTUS could just let the jury decision stand, solving Google’s case but leaving an open question for all future software developers.

Florian Mueller:

Given that the justices were pretty much unanimously leaning toward copyrightability in October, it would be quite risky for anyone to consider API declaring code uncopyrightable. However, technically the Federal Circuit’s copyrightability decision hasn’t been affirmed either.

[…]

There’s plenty of people out there now who are celebrating today’s Supreme Court decision as promoting innovation, competition, and openness. In reality, the net effect will be the opposite. When Sun created Java, they allowed everyone to make and publish apps for it. Sun adopted a dual-licensing model under which you could either get Java under the GPL free software license or take a commercial license. Sun is history--it was acquired by Oracle. The next company contemplating the development of a comparable platform will look at what happened in Oracle v. Google. Against that background, it may either be discouraged from making the investment in the first place--or it may be encouraged to pursue an Apple-like platform business model (“walled garden”) and create network effects through a non-open system with cloud components, an exclusive app store, and so forth. In other words, if you can’t own software, you’ll try to own (access to) users.

Jesper:

The ruling managed to find its way to a reasonable outcome, but if these are the tools used to chisel fundamental conditions for developers, companies and people the world over, we are all in bad shape for the future.

John McCall:

Yes, I think this decision does strongly imply that the GNU position that linking a library can be controlled by copyright is incorrect

Previously:

Facebook Breach

Tim Hardwick (Hacker News):

The personal details of more than 553 million Facebook users have been published on a website for hackers, according to multiple reports over the weekend.

[…]

In a statement, Facebook said the data was from a breach of its servers that had occurred in 2019 and it had since plugged the security hole that allowed it to take place.

While the information appears to be old, the details in the shared database include phone numbers, Facebook IDs, names, locations, birthdates and email addresses, all of which could be used in social engineering attacks or hacking attempts.

None of those is easy for users to change.

David Sparks:

If you have a Facebook account, now is the time to be on alert for scammy phone calls from people who will try and social engineer their way into your credit card numbers and bank accounts. There is already a scam where they call and claim to be the IRS and need “immediate payment to avoid criminal prosecution”. I’m sure they’ll come up with even more dreadful ways to abuse this treasure trove of data.

Previously:

Update (2021-04-15): Elizabeth Culliford (via Hacker News):

Facebook Inc did not notify the more than 530 million users whose details were obtained through the misuse of a feature before 2019 and recently made public in a database, and does not currently have plans to do so, a company spokesman said on Wednesday.

Lily Hay Newman (via Hacker News):

De Ceukelaire and other researchers had already alerted Facebook to similar issues. In 2012, Facebook made changes that resulted in the site's “Download Your Information” tool leaking phone numbers and email addresses that users had not supplied themselves through the contact import feature. A researcher disclosed the issue to Facebook in 2013; in 2018, the Office of the Privacy Commissioner of Canada and the Office of the Data Protection Commissioner of Ireland investigated the finding.

[…]

That incident differs from the more recent Facebook controversy, in which attackers were able to "scrape” Facebook by enumerating batches of possible phone numbers from more than 100 countries, submitting them to the contact import tool, and manipulating it to return the names, Facebook IDs, and other data users had posted on their profiles. Still, the lapse spoke to the potential for the contact import tool to access sensitive data and the need to look carefully for bugs and inadvertent behavior in the feature.

Yahoo Answers Shutting Down

Nick Statt:

Yahoo Answers, one of the longest-running and most storied web Q&A platforms in the history of the internet, is shutting down on May 4th. That’s the day the Yahoo Answers website will start redirecting to the Yahoo homepage, and all of the platform’s archives will apparently cease to exist. The platform has been operating since 2005.

Yahoo, which is now part of Verizon Media Group following the company’s sale to the telecom for nearly $5 billion in 2017, announced the change at the top of the Yahoo Answers homepage. The message links to an FAQ, which details the timeline of the shutdown.

Previously:

Tim Cook on Sideloading

Sami Fathi (tweet):

In a wide-ranging interview with The New York Times’ Kara Swisher, on her podcast “Sway,” Apple CEO Tim Cook talks about Apple’s feud with Facebook, its stance on privacy, Apple’s legal battle with Epic Games, and possible future Apple innovations such as Apple Glasses.

[…]

One of Epic Games’ biggest arguments about the Apple ecosystem is the lack of so-called “freedom” for users to download apps from places other than the App Store. Many have long voiced their hope that Apple would allow users to sideload apps onto their device, such as the iPhone. Cook says that sideloading apps, however, would “break the privacy and security” model of the iPhone.

Previously:

Update (2021-04-14): Joe Rossignol:

Notably, Cook said that Epic Games’ desire for Apple to let developers offer their own payment systems in apps “would make the App Store a flea market”:

At the heart of the Epic complaint is they’d like developers to each put in their own payment information. But that would make the App Store a flea market and you know the confidence level you have at the flea market.

The volume of people going into such a market would be dramatically lower, which would be bad for the user, because they would miss out on the innovation like we just heard with the four developers. And the developers would be left out because they wouldn’t have a huge audience to sell to. So nobody wins in that environment.

This is some preztel logic. Of course, there are already lots of apps where customers enter payment information—just not apps selling certain kinds of digital services where Apple prohibits that.

Apple’s dictionary defines a flea market as “a market, typically outdoors, selling secondhand goods,” and the term comes from the idea that the resold items may be infested with fleas. Does an app become secondhand when you buy it directly from the developer rather than through Apple? Does Tim Cook think Apple is making sure there are no bugs?

Kosta Eleftheriou:

Apple has turned the magic of software development from “How cool would this be?” to “How cool would Apple be with this?”

That’s an environment of software suppression, not innovation.

Florian Mueller:

Sooner than I’d have thought, here’s my first follow-up to the publication of the summaries of Apple’s expert witness reports in the Epic Games v. Apple App Store antitrust case.

When I read those summaries for the first time, I tweeted about some of the statements I found in them. This is my tweet about the claim that Apple couldn’t support alternative app stores without not only software but even hardware changes.

Update (2021-04-22): See also: Accidental Tech Podcast.

Apple Music macOS Review

Your Product Sucks:

Apple Music app on macOS Catalina is “not so great”

This one can’t be blamed on Catalyst.

Via John Gruber:

Music on Mac is just an utter embarrassment for Apple. Truly an ignominious fate for iTunes, which started 20 years ago as an exemplar of a great Mac app.

Previously:

Update (2021-04-15): Cabel Sasser:

That is definitely not the UI experience I expected when clicking “more” in Music

Update (2021-08-13): Mark Hughes:

So, I was listening to my last playlist, and realized I don’t own one of the albums, so I figure I’ll grab it off iTunes…

No iTunes app. No “show in iTune Store” action on the album page (Share has since shown back up, because Apple Music is non-deterministic). There’s an iTunes Store on my phone, but I want to download it here on my desktop. Fine, where’s the store page. It’s… missing. After some duck searches, turns out you have to open Apple Music Preferences, check “iTunes Store” in a little grid. I didn’t deselect this, it came deselected, meaning NOBODY is going to see it.