SourceForge Removes Blanket Blocking

Recently there was much gnashing of teeth as SourceForge (which shares a corporate overlord with Slashdot) started programmatically blocking users in certain countries to comply with US export restrictions. Thankfully they didn't let it end there and have found a way to put the power back in the hands of the users. "Beginning now, every project admin can click on Develop -> Project Admin -> Project Settings to find a new section called Export Control. By default, we've ticked the more restrictive setting. If you conclude that your project is *not* subject to export regulations, or any other related prohibitions, you may now tick the other check mark and click Update. After that, all users will be able to download your project files as they did before last month's change."

Re:Dump sourceforge

[Infiniti2000]

Google Code is awesome by comparison.

I'm guessing you didn't bother to read the Google Code TOS [google.com]? It puts the blame solely on the developer. Given that it's Google with a boatload of money to throw at attorneys, chances are that it's airtight for them in a legal battle should the need arise.

Re:And these restrictions makes so much sense

[JoshuaZ]

Not exactly. In 1996, Clinton issued an executive order which took commercial encryption off the munitions list. It is still on the list of controled commecial exports but that's a lot less restrictive (much, much easier to get permission to export, less severe punishments for violations, and lower priorities for federal investigators).

Re:Debian has never found this sort of blocking...

[vlm]

Never say never... Admittedly this battle ended about a decade ago. Not sure how/why SF caught up with the 90s and had their little fit.

http://www.debian.org/legal/cryptoinmain [debian.org]

Re:Duh

[NeoSkandranon]

As was said many times in the original article, the issue is the country the business is based in and the laws there. It doesn't matter one ounce where the servers are located.

Re:Liability?

[casualsax3]

The distribution of source code (encryption in particular) is explicitly protected under the First Amendment:

http://en.wikipedia.org/wiki/Bernstein_v._United_States [wikipedia.org]

Whoa there Tiger

[mpapet]

My project FileUniq is plain python, and executes a call to "md5" in order to get a hash.

MD5 is non-special (and deprecated anyway) no one at the BIS would give you a moment's difficulty. Worst case scenario, notify the BIS and they send you an official reply. I know this because I've worked with the BIS to export encryption technology. They were very easy to work with and tolerated my inexperience. Call them and explain your situation.

Sourceforge's language is a little daunting. A (new?) lawyer (justifying his job?) at sourceforge MegaCorp probably has quite a bit to do with the entire fiasco.

Re:This is completely stupid.

[harlows_monkeys]

Only the kind of stupid Americans that though that restricting the export of encryption technology would actually work[...]

I'm curious. How do the stupid Americans who think that differ from the stupid Europeans who think that? Or were you not aware that European countries and the EU also have similar export restrictions?