Who Enforces the Open Source Licenses? 296
sams asks: "Every few days now it seems that yet another corporate entity has tried to push the bounds of what is allowed under the open source licenses (GPL, etc..) so the question is: If a company violates the GPL license on a product, who will enforce the license? Who will take the violating company(s) to court to protect the open source intellectual work of others? Probably not the writers of the software, who probably can't afford a long drawn out trial with a company? The EFF? Ideas?" We've already had a close call with the Sun/Blackdown fiasco, and this has probably discussed in that topic. However, there is a high possibility that something like this will happen again, and we would do well to discuss this further.
Legal Firepower vs Developer Interest (Score:5)
This is certainly a problem, I agree. I don't think we CAN enforce the GPL-- not in the current legal climate. No individual developer or group of developers-- or the FSF-- can match in dollars spent on lawyers and months spent on courtroom time the power of a potential violator-- at least not until Congress passes tort reform (and would Clinton sign it-- I think not). So we can't really rely on legalism to protect Open Source software.
But that's ok. The key element to making an Open Source product work is mindshare. Closing up the source, embracing and extending, not giving credit where credit is due-- these are tactics that are counterproductive and alienate the network effects that make Open Source so attractive for businesses.
So even if this does happen, I wouldn't worry. We should fight to stop violations, but in the end, the power of the GPL is not in its language or legalisms, but in the community and mass entrepenurism that it makes possible. Break faith with the community, and you lose the one reason to go GPL in the first place.
Close call? (Score:2)
Um, close as in "not an open source license and not a contractual issue but a good ettiquette issue"?... Oh close call as in actually nothing at all to do with a close call. Funny how you don't say mention Corel and their Linux distribution instead and it's actually involving open source and a license violation?
Oh, I forgot, Corel Friend, Sun Enemy, Fire Hurt Mongo.
:)
For FSF-copyrighted code (Score:4)
No central body, but... (Score:2)
Well, I'd say the obvious answer is the FSF (Score:1)
I once talked with RMS about a company delivering emacs as their editor with some custom elisp code, and he immediately asked me to check the license on the company elisp code...
If this discussion on
--LG
Corel (Score:1)
Does it matter? (Score:2)
If its a closed source product that has used GPL code thats a different matter. It's also more difficult to detect. But if its open source, its open source for a reason. To please us. Therefore all we need to do is apply a little pressure, and get them them to sort things out. They are not going to try and alienate us, because there would be no reason for going GPL in the first place.
Granted, I gloss over some problems here, including license incompatibilities etc, but you get my jist.
The royal family of course.... (Score:2)
Prince Charles has been known to do so.....
QE2 herself loves RedHat and hates Solaris and the ol Queen Mum...well she has copies of the GPL hanging in her private art gallery in Buckingham Palace...
We Don't Need To (Score:2)
The first company to really clusterfuck on this issue will be made into toast - with the mindshare Open Source has in the press increasing everyday, a company had better be very careful when doing something stoopid.
-John
Tough to get legal fees (Score:1)
We simply ping them into submission! ; ) (Score:1)
Copyright holders (Score:2)
For all "GNU" software (different from software released under GNU GPL), FSF is the copyright holder, and FSF will fight in court if needs be. (As they did when NeXT tried to bundle gcc pieces with their Objective C compiler).
All the more reasons to assign your copyright to FSF, I'd think.
Pro Bono (Score:1)
Re:Tough to get legal fees (Score:2)
Why wouldn't there be monitary damages? OF COURSE I am willing to license any of my code for use in a proprietary system for only 40 billion dollars. Since all of the proprietary vendors seem to feel it's OK to assume for purposes of asessing damages that the 'pirate' would have paid the full license cost if not for the 'theft', I will assume that they would have cheerfully given me 40 billion dollars if not for their 'piracy'. Perhaps we could settle out of court for a penny on the dollar?
Re:Well, I'd say the obvious answer is the FSF (Score:1)
RMS has done that a long, long time ago. http://www.gnu.org/copyleft/gpl-violation.html [gnu.org].
The whole discussion seems to me like the typical GPL discussion: A bunch of people ranting about this or another open source license, without ever having read the relevant things...
A close call with Sun/Blackdown? (Score:5)
There was no close call with Sun and Blackdown. Sun was completely within their rights to do what they did with the software. Was it rude to not give some credit to Blackdown? Of course, but the GPL doesn't prevent rudeness (Heck, Christmas doesn't prevent rudeness either). The Blackdown folks need to get thicker skins; just because your "partner" goes and uses the product to the full extent of your contract, you don't start whining. Welcome to the business world.
Dear
Re:Legal Firepower vs Developer Interest (Score:2)
True - but I suspect a good try could be had to send suitable "cease and desist" letters to the vendors, rather than $BIG_CORPORATION, in the hope the resulting bad publicity and the thought of being a co-defendant in a court case will reduce the avenues of sale for the offending product.
For that matter, there must be SOME lawyers that would be willing to take on SUN or COREL both for a fraction of the damages and for the publicity they would get as a "defender of public software shamefully stolen".
--
Re:Well, I'd say the obvious answer is the FSF (Score:1)
RMS said that the FSF will only defend copyright when it is the FSF that holds copyright on a piece of software. He said that the FSF won't automatically defend any piece of GPL-ed software just because it's GPL-ed. He wasn't worried that this would create problems, too, in the case of a GPL copyright holder doing a poor job defending that copyright in court and having the copyright "struck down" or some such. Apparently, according to RMS, copyright decisions regarding a license on one product aren't transferable to another product.
Re:Legal Firepower vs Developer Interest (Score:2)
That's not to say that some reform isn't desirable, but what's been proposed is just CYA for the big boys.
Choosing a freer licence (Score:2)
Re:Sure, it matters (Score:1)
Companies who use open-sourced software aren't necessarily looking to jump on a bandwagon. They just want free (beer) software. And it doesn't matter if they alienate the OS community, because they may not be targeting us.
What if TiVO or Be hadn't released source? Would it have affected their bottom line?
Re:Legal Firepower vs Developer Interest (Score:1)
I don't mean this to say that open source projects and companies shouldn't protect themselves from abuses of open source licenses. But that is only one side of the issue.
Forget the Law: Voilate GPL, Beware Grits (Score:1)
If anyone blatently violated GPL, they wouldn't live long enough to go to court. Raving hoards of Ms. Portman-lusting Slashdotters would find the violater and FIRST POST the person to death (if you know what I mean -- and I think you do), ending the event in the ultimate punishment: hot grits down his pants.
While not nearly as painful as having to play with lawyers, it is certainly much more quick and decisive.
InitZero
Re:Sure, it matters (Score:1)
If they take the bold step of releasing it as open-source, then who else are they trying to please but the free software community??
Re:Choosing a freer licence (Score:1)
Diversity is usually good. Although sometimes it makes it difficult to take components from one piece of software and add them to another. If they have different licenses.
I'm not dancing on the rooftops over it, but I think the GPL is the best solution in an imperfect world.
Re:Legal Firepower v/s *self-destruct* (Score:1)
Non profit legal entity (Score:1)
Of course this begs the question of who will guard the guardians themselves... but it would be nice to have an org you could go to if you have problems.
Deep pockets... (Score:1)
Re:Sure, it matters (Score:1)
Perhaps the truth would be leaked by a community-minded programmer. Or maybe it would be obvious, from the way the software worked, that it was based on known GPL'ed software.
It's probably possible to reverse-engineer a binary to prove, in court, that it is based on certain source. Didn't say it was easy.
Re:Tough to get legal fees (Score:1)
When an open source developer sues a company for breach of copyright, their loss is loss of freedom of the code so the court needs to restore that by forcing the company to either make their work open source or to stop using the code.
If the court wished to award punative charges then that's a separate issue but the damages are not supposed to be some sort of punishment, they are meant to be compensation for the loss of meney caused by illegal actions.
If restoration of the free status of the code is not what you are after then the GPL isn't the correct license for you to apply to your code.
Re:The US legal system. (Score:1)
OSS companies should contribute (Score:2)
Re:Legal Firepower vs Developer Interest (Score:1)
Re:Legal Firepower vs Developer Interest (Score:1)
So if Micros~1 should pick up say, GCC and put a major part of it into the next VC++, we should get hold of their source clandestinely, then wait for them to sue us, and claim they have no grounds for complaint?
Risky proposition, but interesting.
preview,preview,preview
Re:A close call with Sun/Blackdown? (Score:3)
However, open source developers do not develop for money as their primary reward, as do corporate developers. Open source development is a social activity more than a business. It's for fun, not work. For this reason I think that social rules can be just as important as legal rules, if you want *effective* open source development. Not crediting the Blackdown folks was ethically akin to not paying their own developers -- a stupid mistake if you want further development. Sun should be civil towards those doing work for them, Blackdown's reaction was justified. That most of them think Java on Linux is important enough to continue after Sun apologized speaks well of their tolerance.
Course of action (Score:4)
Of course, I am not a lawyer -- but you don't need to be one to see this kind of thing unfolding.
Just imagine this: "Mr Gates, how do you explain your enormous company violated the rights of Mr John Q. LoneHacker, the creator of BlaBlaBla, by stealing his intellectual property, which was protected under the GPL?". =)
Just my $0.02...
Larger companies might help (Score:2)
And don't forgot, now that IBM, Compaq and other big companies are taking an interest in Free Software, and releasing some of their code, they'll have an interest, and the resources, to make sure people don't abuse their licenses.
Dana
You couldn't do a class action... (Score:1)
Will the FSF really protect any copyrights assigned to them (as opposed to just the ones that are officially part of the GNU project)?
Re:Legal Firepower vs Developer Interest (Score:2)
Erm, correction... (Score:1)
GPL is viral... (Score:2)
Christmas, Tithing, and the FSF (Score:1)
Since powerful business interests (Bill Gates) will try to interfere with this, here's what people should do in the meanwhile...
Does free software help you get your job done? Do you make money from free software? Have you written an article, or done consulting about free software? It's time for you to give something back to the community that allowed you to eat.
You who make all your money from free software should give 10% of your income to the FSF to make up for the government's slowness in implementing this tax. If you only use free software 50% of the time, that a half-tithe of 5% would be fair.
People used to do community service. They used to give of themselves. They used to tithe 10% to their church. Now we have nothing. Nobody goes to church. Nobody volunteers. Nobody gives of themselves.
Don't think of it as an FSF Tax. Think of it as tithing to the FSF for the greater good of all mankind. And since the FSF is a tax-deductable charity, just like a church, you aren't even charged for this money!
It's time to tithe. Do your part. Give to the FSF, for the love of Free Software. Your conscience will rest easier. It's Christmas. This is the season of giving. Think of how much God gave to you. Think of how much the Richard Stallman gave to you. For the love of everything that's good and true in this life and the next, give your 10% back to those who deserve it most.
Pro bono and qualification questions (broad) (Score:1)
On another note: What makes everyone think that they're not "stealing" code now? Who's to say that they're not finding ways to optimize their copyrighted ideas by examination of GPL code?
What qualifies as a copyright infringement? If Microsoft makes EDIT.EXE more like Emacs, say with a lisp-like extension language and the same control and meta keys. They ship it in the WinNT command line, are we in sue-able territory here?
Ubermensch, uber-alles! (Score:1)
The way I see it, why should we worry, if the companies have a clear sign of the way things are going to go *if* they do push? Pushing the license is pushing us, after all... and if it's pushable, so are we and there's just no way we can continue, sadly.
So drink well, eat hardy, and send in those emails. The minute it becomes a legal action legislated by a body that isn't YOURS, the game is up. Luckily, this isn't the case. So again: why worry? Fidgeting is going right back into reacting rather than getting on with what we've given ourselves to do as our lifeblood: code, document, and set about replacinbg order with disorder. Get some perspective!
(after all, it will be "they" who are looking to "us" before too long. Cry wolf no longer, or you'll weaken our stance with, as the /. Non-Anonymous Cowards say, FUD.)
Re:Sure, it matters (Score:1)
> community-minded programmer.
A whistle blower would be the ONLY way it would
happen.
> It's probably possible to reverse-engineer a
> binary to prove, in court, that it is based on
> certain source. Didn't say it was easy.
Actually, its probably impossible.
Unless there are copious amounts of debugging
info stored in the binary, then it would be hard
to go from machine language to any sort of
higher level code, much less prove that some
specific code had to have been used.
Think of compiler optimisations etc. However...
in court you could force the company to let you
see the source code itself (assuming you had a
whistle blower), then you could set about
proving it.
Re:The US vs. Canadian legal system (Score:1)
But this is sort of off topic, unless you wanted to bring damages into the situation, and thus into the tort. Besides which, it would be incredibly hard to prove culpability and influence on an entire community, although it IS highly interesting. I guess it all boils down to the legal system not being capable of sustaining the kind of communitarian idealism (or whatever you want to call it) that we're using. It's too bad, in a way, that precedents aren't part of the tort system, so at least we can see what warning shots are fired at those "viral marketing" goons and their schemes to take over the whirled[sic].
Of course, one could sign over their work to a corporation, like FSF, as we used to in ye olde days. But what is the status of FSF these days? Is it incorporated, corporated, international, non-profit? These things can really matter in torts and criminal proceedings, and might be our tunnel out if the answers are right.
{humor} Re:We Don't Need To (Score:1)
No, but it sure does put me in the Christmas spirit to see Alta Vista offer me the chance to
--
It's October 6th. Where's W2K? Over the horizon again, eh?
Re:Pro bono and qualification questions (broad) (Score:1)
Only (in GPL case) cases of actual distribution of GPL-software derived software under a non-GPL license is infringement.
John
Re:Rubbish (counter-flamebait) (Score:1)
The GPL probably CAN be enforced. The FSF has successfully taken legal steps (though none in court as yet) to get GPL-derived software released under the GPL.
The problem of WHO WILL SUE is the one at hand. If the FSF owns the rights to the software, then THEY can sue -- else the can't.
Question: If I GPL my software, and there is a violation, can I then assign the copyright to, saw RHAT or the FSF, such that they have rights to sue the infringing party?? (I -know- that this sounds like a use-them-at-your-convenience statement, but it is an important question.)
John
Re:Course of action (Score:2)
. You miss one important possibility which has been pushed to the limits by the Software Publishers Association and the Church of Scientology: the Copyright Act permits very aggressive ex parte action by the plaintiff. According to the precedents set by the SPA and the CoS, it is entirely within the realm of legality for the plaintiff to roll up to the offender's place of business with a Federal Marshal and several eighteen-wheelers, and cart off every computer in the place for investigation of copyright violations, at the plaintiff's leisure in a warehouse of the plaintiff's choosing.
IANAL, either, but that's what's been happening!
Re:Sure, it matters (Score:1)
If the source code they present as "the real source" compiles a binary that's identical to the one they're distributing, then this is almost surely the real source code (except maybe for comments and macros). If the binaries differ then they're lying about the source code.
Re:Legal Firepower v/s *self-destruct* (Score:2)
Jordan
I don't think so. (Score:1)
Now, if you're taking money from the public they're going to have some say in what you do and how it's done, aren't they? Do you really want Congress writing a law that says all open source code must be vetted for swear-words so we don't pollute the young impressionable minds of our children? Or one particular window manager WILL BE MANDATED in order to eliminate redundant distribution of public funds? Or maybe you'll need a license and certification to make sure you're REALLY a good open source guy.
So OK, it's Christmas - give some money to the homeless, but keep you're hand out of the public pocket.
Re:We Don't Need To (Score:1)
Doing something like that would be fairly easy to spin into something good.. X company today decided to extend the widely available Y software. Joe Schmoe of X said in a press release, "We think that our product is a real value-add that will make customers out there choose our product".
etc, etc.
LGPL (Score:1)
You forget that most libraries does not use the GPL license, but the LGPL license. This license allows further restrictions, and I don't think we kan make a case against software using such libraries.
GPL and enforcement (Score:1)
To me, the only true Open Source is Public Domain source code. GPL prevents companies from improving baselines with latest techniques. GPL prevents products from being released that would improve overall life.
I know it is hard to accept but I can only mess with OS products after work, because I need a job. It is terrible for me to have to reinvent the wheel just because it is GPL'd.
I envision a time where all source code would be release public domain so people could sell binary packages and the source code would be released say 1 year afterwards so others can deal.
OMIGOD, that is a real socialistic premise. I just want to make my job easier, and public domain software does, GPL does not.
As for enforcement, GPL states you can include items as long as you do not sell them. How can one prove that you sold a GPL piece of source in a overall package? ie: sell a software environment with gcc included. The company could always claim they sold thier custom products and not the gcc.
NRE is what drives prices, not reused code.
Re:Course of action (Score:1)
I had forgotten that!
Can you imagine this: "I am sorry, Mr Gates, but we need all your personal computers plus all 15000 Microsoft NT servers? Please stand back, sir"
Of course, what you refer to is not funny, but I can't help Micro$soft (one of the founders of the SPA) deserves a taste of its own medicine...
=)
Re:Legal Firepower vs Developer Interest (Score:1)
How do you know they haven't already? Or any other big company out there? (#include "stddisclaimer.h" - I'm not accusing anybody, just supposing... God bless American lawyers...)
Every major corporation seemes to feel the need for large parasitic departments like Marketing. And one of the first things Marketing does (apart from enjoying the two drink minimum
I'd like to think that if company X liked, say the parser of gcc, they'd give the accredited author a call with their cheque books waiting. But I'm unfortunately not that naive. So, even worse, Joe Coder at company X paraphrases the gcc parser modules and his/her PHB's think he is the next programming guru. And the original programmer never gets his name accredited in the closed source - effectively depriving him of "payment" - ie a bit of respect from other coders.
That said, I love being able to see the code behind something cool I just downloaded. It's nice to be able to see how it's done correctly all the time. And I don't care how good a coder you are, if you think you've nothing left to learn by reading other's code then you've given up advancing your skillset.
When Samba's GPL was broken... (Score:2)
and all ended well in the world of free software, or something like that.
Sorry I can't provide links to the article but I don't have time to search for where I might have read about it at the moment. Linear Algebra exam in 1 hour...
Hope this provides some case history for this subject.
Re:For FSF-copyrighted code -- not always true (Score:2)
I wrote him to let him know that he was violating the GPL, and what steps he might take to correct this (i.e. what clauses of his license would need to be removed and how he would have to make source code available) and he responded with a very rude "who gives you the right to tell me what to do" type email.
So I wrote the FSF about it, and they didn't really do anything. They looked into it a little bit but said that unless the original author of the code wanted to sue (and he didn't - he had since written a new version of the lib and was basing a commercial, non-GPL'ed product on it, and couldn't care less about his old code and the GPL violation), they couldn't do anything.
And that was that.
BTW, in case you are wondering, the library was Hashjava, the guilty party is Neil Aggarwal, the URL for the guilty product (Obfuscate & Obfuscate Pro) is
http://www.JAMMConsulting.com/servlets/JAMMServle
If you've got the time and the inclination, write Neil and give him hell.
Re:GPL is viral... (Score:1)
Re:GPL and enforcement (Score:1)
> I know it is hard to accept but I can only mess with OS
> products after work, because I need a job. It is terrible for me
> to have to reinvent the wheel just because it is GPL'd.
It's also pretty terrible that I have to either write my own word processor - that is, "reinvent the wheel" - or pay Microsoft to use Word 2000. Why can't I just steal Word 2000 instead? Just because the Microsoft Corporation spent millions of dollars to write and distribute Word 2000, and copyrighted it too, how does that give them any right to keep me from copying the Word 2000 CD, installing it and using it on my computer, and selling copies to others for profit, all the while not paying Microsoft a single penny? I don't know about "improving overall life," but it certainly would improve my life if I could start a business reselling hot commercial warez for big bux without those stupid police hassling me.
It's so unfair that greedy, selfish organizations, such as Microsoft and the FSF, get to keep legal control over their own property.
Yours WDK - Wkiernan@concentric.net
Re:Christmas, Tithing, and the FSF (Score:1)
I give back to the community by writing free software. Don't tax me, I've already given more than 10% of my working time back to the community. Church taxing monks doesn't make sense, eh?
And if you spent this money just on lawyers to defend free software, there's something terribly wrong. Laywers are utterly unproductive. I know, they are part of the Golgafrinchina's load of unproductive people who crashed here, but they still are unproductive.
I know, in the US, you can get almost any result out of a trial, if you pay enough to the right lawyer (good price/performance: OJ Simpson's lawyer, bad price/performance: Bill Gates' "we have our own render farm to generate faked videos" DoJ trial lawyers). I don't understand why you need a legal system if it just manages to keep an anarchistic state (the right of the stronger). Well, perhaps because the lawyers are strong enough
A better question might be... (Score:1)
Are Open Source licenses like the GPL defendable in court?
There is a lot of controversy surrounding the chained effects of GPL code - often referred to as the "GPL virus" - and I don't think this kind of licensing would hold up well in a court of law.
I don't stand strongly for or against the GPL to any great degree. But a license is a contract. My limited understanding of contract law (note: I am *not* a lawyer) that subsumes all subsequent or previous contracts to its own conditions and extends itself to cover objects (i.e. code) that were not written or released specifically under its own terms, probably violates a few basic contractual laws.
As I understand the GPL, if I write something and release it under a BSD or Artistic license, and someone comes along and includes my code in a GPL package, all subsequent derived works become automagically GPL'd. This may not have been my original intent. I may _want_ my code (and any derived code) to always be available for commercial, closed, shareware, etc. as well as GPL and other more open projects. But inclusion of my code in a GPL project by someone else has just ended my license (and intent) and subsumed it with the GPL.
As I see it, the GPL and RMS have provided all of us with lots of benefits, but I find there are areas where it seems to go a little too far, and I think a court would probably rule likewise.
We enforce it by our attention (Score:1)
Then it falls off our radar screen
and the software hopefully withers away
from lack of sales and bug fixes.
Who owns it? (Score:1)
Ideological fights, ideological confusions (Score:2)
RMS sees the interests of the developer and the corporation as, while not entirely orthogonal, at least not congruent. For that matter, I agree with him: if my company loses money on my employment, I'm out on my ass. My good judgement can be overridden at every turn. Any work that I do on their time, whether incorporated into client work or not, is their property. (I wonder if this post is their property, since I'm doing it at work - most likely, it is).
Is the GPL unenforceable? As much as any license, I presume. The power of a license dispute is that it almost invariably ties up the code in question prior to the suit being resolved. Given that the time between product revisions is much shorter than the time to go to trial, the business logic against using GPL'ed code surreptitiously is impeccable.
Look at the dispute between Symantec and McAfee. McAfee had to do a white-room rewrite of their antivirus software - *twice* - to avoid it being contaminated by a hundred-odd lines stolen by a programmer who had previously worked at Symantec. This was much cheaper and faster, believe it or not, than going out and litigating the matter to a settlement.
While free software advocates may not have the resources to reverse-engineer each and every possible violator, the stick is so much bigger than the carrot as to make it very difficult to rationalize using GPLed code on a systematic basis. I'm sure that small fragments have been grafted in by individual programmers, out of convenience or laziness, but violations are most likely to be individual, not organizational. (Of course, this was the case with McAfee, too).
--
Defenders Of The Public Interest (Score:3)
I grant the obvious--the original developer of the software is definitely in an ugly situation.
But why? Open Source Licenses are (by definition) distribution contracts. The original developer obviously has their own code, so how
much harm can come from a "licensee" refusing to return the developer's own code?
Ah, but the whole concept is that the developer isn't demanding the return of his own code, but rather the new code layered upon his own publically licensed work.
Therein lies the key. It is not merely the developer who is being deprived of content--it is the entire market of software users who are being deprived of that which they have every right to use. It is the horde of developers who wish to "scratch their itch" and improve upon an up-and-coming(or long-established!) codebase to which they have been so generously granted access to. It is the none-too-small number of investors--both large and small--who have put forth their money based upon a business model whose prime component is open access to the core software components and all future developments therein.
Open Source is indeed a public (if not natural) resource--possibly one of the few that is not depleted by usage but rather strengthened by it. However, it is alas not immune to the dangers of hoarding, pollution, and sheer misuse. Indeed, to paraphrase John Philpot Curran, eternal vigilance is the price of software liberty. Should the general perception become that the most basic precepts of Open Source licenses were being routinely ignored, both the stream of new open projects and the third party flow of incremental improvements to existing projects would dry up, as the latter group would feel no obligation to the former, and the former would notice.
Vigilance against such a situation--both real and generated by media manipulators(see Microsoft's aborted faux Letters To The Editor campaign)--is critical to the survival of the Open Source movement, and to the rights which have been granted to the public as a whole.
Is not the defense of public rights the raison d'etre of Government itself? The strip mining of communal codebases is something we've been spared thus far--should our "vigilante slashdotting" fail to sway an entrenched competitor, the involvement of government agencies and government lawyers is not something we should shy away from. There are a number of issues to consider, but Judge Jackson has shown that the U.S. Government can most assuredly "get it" when it comes to the socioeconomic issues surrounding the technology industry.
I'm not naive--although an attacking company would be harmed far more than we would by sheer public disapproval, it'd be better for everyone involved if we never had to travel down this route. Conviction does not negate the crime. However, a public statement of the willingness of government to defend us may have the peculiar effect of preventing us from needing their defense, and that is something I feel may be of value.
I'm interested in what the rest of you think about this. Feel free to disagree, or to provide insight as to what would be necessary to deal with the issues that I have brought up.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Re:über über über über über über (Score:1)
Re:Well, I'd say the obvious answer is the FSF (Score:1)
He could also have said that the FSF can only defend copyright when it is the FSF that holds copyright on a piece of software. One needs standing to sue in court. In the case of copyright violations, only the copyright holder has standing to sue. Other third parties have no such rights.
OSLU? (Score:1)
Re:For *FSF-copyrighted* code -- not always true (Score:1)
Corporate vs Open Source (Score:1)
Re:No central body, but... (Score:2)
Exactly right. There are already a half-dozen $Billion companies whose business plans and future stock price depends on defending the GPL licence. Consider this scenario:
Megacorp A snarfs a bagful of GPL code B into their proprietary product C and pretends they wrote it themselves.
Random Geek D notices something about Megacorp A's product C that reminds him of GPL'd code B and decides to investigate further. Disassembly reveals an exact correspondence to said GPL'd code.
Geek D contacts GPL code B's author E, who flies into a righteous rage. After calming down, author E posts the news on Slashdot. Things heat up.
Mega-wealthy geek F reads the slashdot article and immediately contacts author E with an offer to bankroll whatever legal action is required.
Meanwhile, outrage builds and a class-action suit is launched as well
Faced with a public relations disaster and the likelihood of losing badly in court, Megacorp A quickly decides to settle. The settlement amount is paid into a non-profit fund for future defences of the GPL
Geeks D and E are now famous and land high-paying jobs at a linux startup that goes public a year later, making them rich
Geeks F's company's stock doubles on news of the settlement, making him twice as wealthy.
Everybody lives happily ever after. Except Megacorp A, which have known better in the first place
Re:Legal Firepower vs Developer Interest (Score:2)
Indeed. The loss by many large corporations to lawsuits brought under a variety of contingency agreements is in fact proof that large corporations are vulnerable, no matter how big and powerful they are. Johns-Manville and Dow Corning are bankrupt. Phillip-Morris is hurting. Union Carbide was decimated. Hooker Chemical no longer exists.
If somebody does violate the GPL, they ARE vulnerable.
Re:Defenders Of The Public Interest (Score:2)
You're lucky I know so many french people, or else I'd have to make some grossly inappropriate comment like "*ARGH* FRENCH PEOPLE".
Actually, to be honest, I just didn't remember how to write the character in HTML, and didn't think it mattered all *that* much. Consider it...raison d'être as expressed in the American character set. What, you think Russia(R-U-S-S-I-A) is the actual Cyrillic character set?
Bah. I suppose I should thank you for keeping me honest. I'll try to use the correct accents next time.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Re:Pro Bono (Score:2)
Basically, the idea is that you are going after a big "Bucket O' Money" and all the lawyer wants is his or her third of that money. Basically, if the lawsuit is worth enough money (millions) and it looks like you have adequate proof to win, many IP attorneys will take the case on contingency
However, please note that I am not a lawyer, althouh I play one on the 'Net.
Re:Defenders Of The Public Interest (Score:2)
Yup, go look up ASCII. American subset, English Character Set. As far as I know, no American coined words outside of [a-z].
Hurm. Actually, genuine question--do modified characters show up in Perl regex's when Locale isn't set?
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
Distribute their binaries for them for free. (Score:2)
The problem is the solution! (Score:2)
1) Other corporations using the GPL software will sue them in order to level the playing field. For example, if Red Hat tried to do something that violated the GPL of linux, VA Linux, SUSE, Debian, IBM, Compaq and a few others would show up at their doorstep with a big pack of lawyers. It is corporate interest that threatens the GPL and it is the same interest that will protect it.
2) Evil Bad Corporation (unrelated to Microsoft), decides that it wants to take a piece of GPL'd software and put a bunch of modifications on it, then sell it under a closed or heavily modified OS license. Now, the question is, WHY ON GOD's GREEN EARTH WOULD YOU WANT TO DO THIS??? If you did this, and your product was successful you've just set yourself up for a nasty fall. If you get sued, and somebody can afford the attorneys, you will lose, and with it will go your lock on the source code. Your empire will crumble quickly.
One other thing to consider is that not only would the breaching of the license be a civil legal issue, it might also be considered criminal because of breach of copyright. I'm not sure about that one but it seems at least vaguely plausible.
---
Re:Closed source using GPL will get found out (Score:2)
Two such ways the news can possibly leak is: a) A disgruntled employee gets fired or leaves and leaks the news. b) A person is recruited from outside the company and does not agree with this and leaks.
Once the news is leaked will not this source get out and the brown stuff hit the fan.
Re:Corporate vs Open Source (Score:2)
Re:Defenders Of The Public Interest (Score:2)
Re:Legal Firepower vs Developer Interest (Score:2)
Who says they *have* to win? $BIG_COMPANY has to tie up lawyers, take the bad publicity, and RISK a judge making a ruling against them that costs them all their profits. Similarly, any of $BIG_COMPANY'S major Vendors will look twice at the package, not wanting to be caught up as a co-defendant or having to recall product, and then start looking at the GPL tree the product came from (which may even have incorporated 3rd party workalikes to the $BIG_CORP product by then, and wonder just WHY they have to pay $BIG_CORP 2/3 of the sales price if they can just *download* the same thing from the web and sell it for half the $BIG_CORP product price, and *still* make more from the deal?
yes, $BIG_CORP could retaliate by making $OTHER_PRODUCT more expensive for the vendor if he doesn't play ball, but MS have already found out about what happens when you get caught at that one.
Now look at it for $UNKNOWN_LAWYERs view. he gets national publicity, and a reputation of being a champion of the people against the big corporations; not bad for a few hours in court. And assuming he either wins, or $BIG_CORP decides to settle rather than having the PR Nightmare of being caught with their hands in the cookie jar, he gets his costs and possibly more from the deal - not to mention all the work as people recognise him as someone going to bat against big companies, and bringing their contingency-fee cases for faulty products and bad workmanship.
--
Re:Defenders Of The Public Interest (Score:2)
I don't know what that really means.
Does [a-z] catch e with a grave/aigu?
Does [d-e]?
Does [e-f]?
Does the Locale setting matter?
That's what I meant. (And YES, I'm regretting this entire thread! This wasn't what I came to discuss
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
man 1 slashdot (Score:2)
RESPONSE
SEE ALSO
EXAMPLES SIGNATURELibraries not viral: A Dick and Jane Story (Score:2)
As you see, mere aggregation with the infected Jack does not pass the virus back up to Mom, nor over to his sister Jane. Aggregation does not infect. This is true whether Dick and Jane are programs, or whether they are libraries. It doesn't matter. I'll say it once more for the logic-impaired: Aggregation does not infect. Otherwise they are trying to dictate what is or is not legitimate use. Copyright law does not permit this.
If the FSF shows up to break your kneecaps, as another poster semi-amusingly seemed to imply might happen, and so you feel need a more legalistic way around this library infection issue, here's why you're safe [perl.com].
It's time to let go of your fear. The virus doesn't transmit across library aggregation. The reign of terror is ended, and the black death is put back into its bottle. You are now free. Code in peace.
Re:Tough to get legal fees (Score:2)
One way to make money off GPLed software is to sell (nonexclusive) non-GPL licenses to folks who ask (mostly businesses with GPL-paranoid lawyers).
If someone puts my GPLed software under a non-GPL license without buying a license to do so, I just lost income.
So one can have both income and freedom, and be quite unhappy 'bout losing either.
Re:Cannot pirate free software (Score:2)
Not at all. 'Pirating' just means duplicating and distributing software in violation of its license agreement. The only software you can't do that with is public-domain software, which has no license and isn't the same thing as free software at all. Free software, as embodied by the GPL, is under a number of license restrictions on its distribution and use, and can therefore be pirated. E.g. if a company takes a GPL'd piece of software, modifies it, and sells it without the source, that would be piracy, or something similar, under the terms of the GPL.
Depends on what you're trying to do (Score:2)
You might even go as far as to ask the violator's competitors about whether they'd like to get in on the legal escapades (since they'll probably want to do anything to tear their rival down). But for that to work, your own software will have to be in a separate market from theirs, since they won't want to tear their rival down only to prop you up even further.
The sun/blackdown FIASCO? (Score:2)
It was not a GPL issue, and not an OSS issue. The terms of their porting were clear from the beginning.
And sun apologized..
so what's this 'fiasco' you are talking about?
Re:Tough to get legal fees (Score:2)
1) Company X will release some claim/license/software/something that appears to violate GPL.
2) The OSS community will go balistic and spam the shit out of them. (in other words, after this point, they can't claim they don't know about the issue)
3) Company X will state that the GPL is invalid or some such thing, or that it doesn't apply to them.
4) The original license holders will make a big damn fuss about it (or others will convince them to) and the whole OSS community will go into a flaming rage because it's challenging their license.
5) Class-action won't be necessary.... the authors will have all the backing they need to fight the case.
Note.. this is one reason why using a single license like GPL can be good... once we set court precedent.... it helps a lot.
Re:Choosing a freer licence (Score:2)
The GPL is about the CODE being free, as in having freedom. Pretend it's a living thing.. it is FREE... it can go where it wants, but nobody can restrain it.It's about your freedom to do anything you want with it.
Re:Go with BSD (Score:2)
You disagree with the person who said it was hidden then?
"He wants no one to own their own work."
Well, if we confine this to situations where the work is a piece of software and where ownership means the ability to restrict distribution then yes, I think that's a fair comment. I guess nobody thinks that he's trying to hide that?
"I can't recall the URL, but I read some great stuff from a BSD developer on his realization that Stallman is just a power hungry freak."
Well.. I'm glad you enjoyed yourself... not sure if you were trying to make some sort of point? You read somewhere, but you don't know where, that someone else has a low opinion of Stallman, is that it?
"The GPL is a virus."
Not really, at least it only affects those that choose to enter into the bargain - use GPL'd code and in return you have to GPL the works you derive from it.
"It is the number one reason that these other licenses keep popping up, and will continue to do so"
Which other licences? Whatever they are, why would people not need them if the GPL didn't exist, presumably their licencing needs would stay the same?
"GNU is a cult. They all follow RMS in lock step, and if you don't agree, they say that you are not enlightened. It is a software cult, fairly benign, but a cult nonetheless."
Hmmm.. not sure what you're getting at here. Care to say what you mean by a "cult" in this paragraph?
Who can enforce the GPL (Score:2)
Even though the FSF could not sue the violator, the copyright holder could have the FSF represent them as their lawyer in court. This would help to transfer the financial burden away from the copyright holder.
Simply changing the name of the copyright holder to the FSF would not give them enough standing to sue because it was requires signed documentation that the copyright is being transfered to a new party (see the GNU website [gnu.org] for more.
There isn't much chance of recieving monetary damages in an Open Source case because it is required to register a copyright with the copyright office (is that the USPTO?). All that a court could legally do is order a company to comply with the GPL, which is what is intended in the first place.
Matt Leese
Only the copyright holder (Score:2)
If your software is not in the public domain, then please, please, don't claim that you have given it away or are not the owner. This will be used against you in court. "Your honor, the plaintiff has an entire website arguing that he doesn't own the vimacs software..."
So what happens with Megasloth infringes upon the license of John Q. Hacker's tiny perl script? Without John's permission, the FSF, Slashdot readers, OSI, or anyone else is allowed to initiate a lawsuit. However, John Q. Hacker can initiate the suit. And anyone who subitted copyrighted code to the project can join in. Then funds are gathered from all the indigant bystanders from the FSF, Slashdot, OSI, etc.
Re:Defenders Of The Public Interest (Score:2)
Does [a-z] catch e with a grave/aigu?
Does [d-e]?
Does [e-f]?
RESPONSE
No, not really, although that certainly has been discussed.
Well FAQ me...;-)
Seriously, aside from ugly issues(are accented characters greater than, less than, or equal to their non accented equivalents), I don't think [:alpha:] is should be mandated. Perl's general concept is that things should behave as expected; [a-zA-Z] should grab all alphabetical characters, accented or not, if only because that's what the programmer is most likely to desire. "Give me all characters in this range that aren't accented" is a far less common operation than "give me all alphanumeric characters".
--Dan
Beg your pardon? (Score:2)
And it's not just about people making money. If folks want to make money off my code and follow the GPL (a la Cygnus, TiVo, WilburWorks, etc etc) they're free to do so, UNLESS THEY WANT TO HIDE THOSE DERIVITIVE WORKS.
Sheesh!
Re:Tough to get legal fees (Score:2)
When an open source developer sues a company for breach of copyright, their loss is loss of freedom of the code
Not actually, unless the company managed to erase all existing copies but theirs. It would be a suit to recover the income that would have been made had they opted to license (non exclusivly) the code for closed source use. Opening their source and restoring the proper copyright notices is adequate to avoid future royalties, but the existing proprietary sales must be addressed since they still made money based on violating the GPL.
Re:How to defeat this GPL violation, maybe (Score:2)