Florida man accused of breaking Mastodon's open-source license with botched social network launch

Golf enthusiast given 30 days to cough up code


Updated A Florida man has been accused of breaking the copyleft license of Mastodon by running an online instance of the software without providing its source code as required.

And not only that, the real-estate baron and wannabe tech tycoon has been told he has a month to fall in line with the fine print or put himself potentially at risk of further action.

Mastodon is a Twitter-like microblogging service that you host yourself. Servers running this software can form a larger, decentralized social network.

The code is made available under version three of the Affero GPL. That means if someone modifies the software and runs it as a network-accessible service, such as a website, their users need to be offered a way to get hold of that customized source.

The aforementioned Palm Beach businessman, known for his failed casino, discontinued line of steaks, and a recent stint in public office, chairs an online media group that this week promised to launch a social network for selected users next month. A wider rollout is expected in the new year following a period of beta testing, apparently.

The web service, which alleges it wants to foster "honest global conversation without discriminating against political ideology," has curiously in its terms-of-use banned one of its supremo's most favorite things in the whole wide world: "excessive use of capital letters."

After an announcement went out about the social network, netizens found they were able to sign up early at will to what looked like a test deployment of the platform, and posted prank announcements and other material on it. Someone was even able to create a profile in the name of the cancelled reality TV star, using it to share a photo of a pig defecating on itself.

The service, which was soon taken down, appeared to be powered by a version of Mastodon modified to mostly remove any mention of its origins, though its HTML source and design signaled where the code came from.

Now the Software Freedom Conservancy – a non-profit that defends free software and just now sued TV manufacturer Vizio for allegedly breaking the GPL – has called out the half-baked social network project, accusing it of violating the Affero GPL by not distributing its modified source code as necessary. The platform has 30 days to remedy the situation, and if it doesn't, it opens itself to legal action.

Bradley Kuhn, a policy fellow at the conservancy, said in a statement on Thursday that "early evidence strongly supports" claims that the social network was "based on the AGPLv3'd Mastodon software platform."

"Many users were able to create accounts and use it — briefly," he continued.

"However, when you put any site on the internet licensed under AGPLv3, the AGPLv3 requires that you provide to every user an opportunity to receive the entire corresponding source for the website based on that code. These early users did not receive that source code."

Kuhn also said "very public requests" for the code were being ignored, adding that the source code must be made available by the online media group:

If they fail to do this within 30 days, their rights and permissions in the software are automatically and permanently terminated. That's how AGPLv3's cure provision works — no exceptions — even if you're a real estate mogul

Also, addressing concerns that the social network was compromised by pranksters, Kuhn concluded:

It's worth noting that we could find no evidence that someone illegally broke into the website. All the evidence available on the internet (as of 22:00 US/Eastern on Thursday 2021-10-21) indicates that the site was simply deployed live early as a test, and without proper configuration (such as pre-reserving some account names). Once discovered, people merely used the site legitimately to register accounts and use its features.

Spokespeople for the botched social network did not reply to a request for further comment. ®

Updated to add:

On 29 October, Eugen Rochko, Mastodon's founder and lead developer, said in a statement on the outfit's blog: "On Oct 26, we sent a formal letter to Truth Social's chief legal officer, requesting the source code to be made publicly available in compliance with the license. According to AGPLv3, after being notified by the copyright holder, Truth Social has 30 days to comply or the license may be permanently revoked."

Rochko also said the fact that the Florida man's platform's terms of service claimed the site was "proprietary property" was "worrying."

As far as personal feelings are concerned, of course we would prefer if people so antithetical to our values did not use and benefit from our labour, but the reality of working on free software is that you give up the possibility of choosing who can and cannot use it from the get-go, so in a practical sense the only issue we can take with something like Truth Social is if they don’t even comply with the free software license we release our work under.


Other stories you might like

  • Prisons transcribe private phone calls with inmates using speech-to-text AI

    Plus: A drug designed by machine learning algorithms to treat liver disease reaches human clinical trials and more

    In brief Prisons around the US are installing AI speech-to-text models to automatically transcribe conversations with inmates during their phone calls.

    A series of contracts and emails from eight different states revealed how Verus, an AI application developed by LEO Technologies and based on a speech-to-text system offered by Amazon, was used to eavesdrop on prisoners’ phone calls.

    In a sales pitch, LEO’s CEO James Sexton told officials working for a jail in Cook County, Illinois, that one of its customers in Calhoun County, Alabama, uses the software to protect prisons from getting sued, according to an investigation by the Thomson Reuters Foundation.

    Continue reading
  • Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

    Another terrible launch, but DICE is already working on improvements

    The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

    I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

    The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

    Continue reading
  • American diplomats' iPhones reportedly compromised by NSO Group intrusion software

    Reuters claims nine State Department employees outside the US had their devices hacked

    The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters.

    NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

    "Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case."

    Continue reading

Biting the hand that feeds IT © 1998–2021