Hello all,
The Mobile Verification Toolkit[1] project (developed by the Amnesty
International Security Lab in light of the recent news about the Pegasus[2]
spyware) is using an adapted MPL 2.0 license, the MVT License.
I'd like for this license to be vetted by the legal team, and added to the
list of allowed licenses in Fedora so the software can be distributed
through Fedora channels.
From
https://github.com/mvt-project/mvt#license:
The purpose of MVT is to facilitate the consensual forensic analysis
of
devices of those who might be targets of sophisticated mobile spyware
attacks, especially members of civil society and marginalized communities.
We do not want MVT to enable privacy violations of non-consenting
individuals. Therefore, the goal of this license is to prohibit the use of
MVT (and any other software licensed the same) for the purpose of
adversarial forensics.
In order to achieve this, MVT is released under an adaptation of Mozilla
Public License v2.0. This modified license includes a new clause 3.0,
"Consensual Use Restriction" which permits the use of the licensed software
(and any "Larger Work" derived from it) exclusively with the explicit
consent of the person/s whose data is being extracted and/or analysed
("Data Owner").
Full License text at
https://github.com/mvt-project/mvt/blob/main/LICENSE
Thank you,
Christian
[1]
https://github.com/mvt-project/mvt
[2]
https://forbiddenstories.org/about-the-pegasus-project/