Move build servers out of Germany?

Due to German law, I can not package certain tools (metasploit, w3af, etc) with OBS because the build servers are located in Germany. This is a HUGE problem.

Take for example the choices made here:
#!/bin/the hacker’s choice - THC](

Either the build servers need to move to a country that does not impose these restrictions, or, I need to move to some other KDE centric distro. I know, I know, harsh choices to make :’(.

Has there been any discussion on moving these servers? All I have come across is talks saying don’t upload certain categories of software…not an option for me.

I believe that openSUSE offers the best KDE experience and its the reason why I’ve stuck with suse for the last 10 years. I would really like to see these servers moved instead of me switching distros. :slight_smile:

Why not ask packman to build?

Cheers Malcolm °¿° (Linux Counter #276890)
SUSE Linux Enterprise Desktop 11 (x86_64) Kernel
up 1 day 7:54, 2 users, load average: 0.04, 0.07, 0.11
GPU GeForce 8600 GTS Silent - CUDA Driver Version: 190.18

Packman has the exact same problem, that’s why libdvdcss isn’t provided anymore.

Packman isn’t “a repository where illegal software is allowed”. They provide only what they can legally distribute… that happens to be more that what can be distributed in other countries (even if, without being a lawyer, the “Europe hasn’t software patents” thing seems very simplistic, if no plain wrong, to me).

What I do in these cases is create the project in an special repository that doesn’t builds anything and upload the spec file. Then I can:

  • osc co <repo> <package>
  • Download tarball from upstream
  • osc build -k <path_to_my_local_repo> openSUSE_11.1 x86_64
    and have my RPMs ready (and anyone else can do the same easily).

Hrm, thought never occurred to me. Good suggestion, thank you. I did a quick check on pacman and it appears that they are hosted in Germany also. Same boat =

Instead of my rather hasty idea to just move the OBS servers out of Germany, I wonder if it would be possible to add an additional OBS server elsewhere, and allow packagers to select this server for special case software.

I realize that this law only impacts a small set of packages I would like to build, and I could deal with the inconveniences of not building/distributing them via OBS. I just feel that there is a larger principle at stake here and it should be addressed directly (maybe it has been?..I will google around) by the openSUSE community.

Thanks RedDwarf. …We posted at the same time heh.

I found this english language article which I believe clarifies that foresnic software with a dual purpose (ie can be used to legally test networks) and also planned for legal forensic purposes, is not illegal: Appeal to constitutional court over ‘hacker clauses’ inadmissible - News - The H Security: News and features

Hence based on that there would be no need to move servers outside of Germany.

The article is here:

20 June 2009, 02:18

Appeal to constitutional court over ‘hacker clauses’ inadmissible

The German Federal Constitutional Court has ruled that legislation criminalising the use of hacking software, which has now been in force for two years, is compatible with the German constitution. The court has ruled a complaint lodged by an IT company, an academic and a computer user, inadmissible. The appeal concerned two clauses which criminalise the production and distribution of programs for spying on and intercepting data. The plaintiffs believed that the wording of the legislation placed them at risk of prosecution because they use hacking programs, albeit with no criminal intent.

The Karlsruhe-based court considered that there had been no infringement of constitutional rights. According to the court, the legislation applies only to programs developed with illegal intent. According to a judgement released on Friday, the fact that a program can be used to carry out hacking attacks does not, of itself, make its use criminal (file number: 2 BvR 2233/07, 1151/08 and 1524/08, judgement of 18th May 2009).

Clauses 202a and 202a of the German Criminal Code, which implemented the Council of Europe’s Convention on Cybercrime, are intended to criminalise certain actions preparatory to committing criminal hacking attacks and are consequently fairly broad in scope. In a lengthy judgement, a chamber of the Second Senate clarified that the intention of the Bundestag in framing these clauses had been to expressly include only such software as was produced for a criminal purpose. Dual-use products, which could be used in the service of computer security, but were also capable of being used for carrying out hacking attacks are, according to the court, not covered by the legislation, because they serve a legal purpose. The court also noted that persons using such programs for legal activities would also lack the intent required for their actions to be criminal.

In March, the Hanover public prosecutor’s office dropped a case against Jürgen Seeger, editor in chief of IT magazine iX, The H’s associated publication in Germany. Seeger had reported himself to the police in late 2008 for publishing security software on the DVD included with the iX special “Staying safe online”.

*oldcpu - thanks for taking the time to generate this post. And yes, I’ve come to the same conclusion that there isn’t a need to move the OBS servers out of Germany.

With legalese, it can be really hard to envision how the courts will enforce that law. Especially when your not a native, as is my case.

The issue of “intent” was the portion that wasn’t clear to me, and this sums it up perfectly:

“The court also noted that persons using such programs for legal activities would also lack the intent required for their actions to be criminal.”