Slashdot Mirror

Haralde Welte was able to get a court decision on infringement of Linux without having to round up EVERYONE who contributed to Linux:

http://www.gpl-violations.org/news/20061110-dlink-judgement_frankfurt_en.html

The same would happen for any other large project where copyright isn't assigned to a single entity. It doesn't mean that you can't enforce / protect the copyright.

I like the idea of some of the settlements by http://gpl-violations.org/ where the offending party makes a donation to the Open Source cause, e.g. the project violated, the FSF or EFF.

Please note that this homepage is not maintained very well. We're so busy in both technically and legally resolving GPL violations that there's hardly any time left to keep this page up-to-date.

tell http://gpl-violations.org/ ...as it is on slashdot I think they already know about it.

http://gpl-violations.org/

Didn't see it mentioned anywhere, so I thought I'd post it.

At a minimum, document everything and send a report to the GPL-violations homepage (in particular, refer to contact info). That website tracks GPL violations and is in contact with the FSF. They will probably pass the information along to those whose copyright is being infringed, so that they can take direct action.

The normal course of action is that the authors of the GPL code will send friendly "please comply with the license" messages. Usually the infringing party will comply with the GPL before threat of lawsuits are mentioned.

It's definitely unfortunate that consistent policing of proprietary vendors is necessary (they, of all people, should know better!)... but ultimately I think most projects can be made to comply with the GPL without too much trouble, once they are uncovered.

So, in short, document your findings and notify the appropriate people!

At a minimum, document everything and send a report to the GPL-violations homepage (in particular, refer to contact info). That website tracks GPL violations and is in contact with the FSF. They will probably pass the information along to those whose copyright is being infringed, so that they can take direct action.

The normal course of action is that the authors of the GPL code will send friendly "please comply with the license" messages. Usually the infringing party will comply with the GPL before threat of lawsuits are mentioned.

It's definitely unfortunate that consistent policing of proprietary vendors is necessary (they, of all people, should know better!)... but ultimately I think most projects can be made to comply with the GPL without too much trouble, once they are uncovered.

So, in short, document your findings and notify the appropriate people!

Well, I totally agree with you on this one. And I hope that, while they are at it, all these companies embracing GNU/Linux as their OS of choice declare it openly and distribute their GPL source code to the customers. Because there are sooooo bloody many GPL violations these days, specially in the embedded market...

If any of you know of any violation, PLEASE do report it at GPL Violations.

Keep up the community work!

If it is Linux, you can demand the source code. GPL allows you that. And if they do not have the source code, complain to the iptables guy Harald Welte [1][2]

[1] - http://en.wikipedia.org/wiki/Harald_Welte
[2] - http://gpl-violations.org/

the internet is hard :(
http://gpl-violations.org/

I had wondered about this. This warrants further investigation.

Steam applications all include some copy protection code that involves communicating with the main Steam.exe program: this is most visible in games that weren't designed for Steam, such as Defcon or one of the Popcap games. Like them, Dosbox must have been modified to include this copy protection code.

This is right at the heart of this licence discussion and I am very glad someone has spotted it. Will Valve licence Dosbox under a non-free licence? Or will they release some of the source for Steam? Or will they ignore the issue and be sued by http://gpl-violations.org/ ? How wonderfully ironic that copy protection code should actually cause a copyright problem :).

Seriously, looking at http://gpl-violations.org/support.html everyone can see that Harald is asking for help in maintaining the site - and the site badly needs it.

So, instead of talking about the GPL on /. why not help running gpl-violations.org?

Unless you conform to the GPL, you're violating copyright. It's not a
license violation since you haven't agreed to the license. You can't
agree to the license and then ignore the terms of that license.

If you provide a "written offer" with your distribution the GPL says
that you should ship the source code when asked for it; it doesn't
specify that you should do it overnight. I think that it would be very
reasonable to allow a company to collect requests and ship once a week.
Dragging the process more than a month, smells like GPL abuse to me.

Unless you conform to the GPL, you're violating copyright. It's not a
license violation since you haven't agreed to the license. You can't
agree to the license and then ignore the terms of that license.

If you provide a "written offer" with your distribution the GPL says
that you should ship the source code when asked for it; it doesn't
specify that you should do it overnight. I think that it would be very
reasonable to allow a company to collect requests and ship once a week.
Dragging the process more than a month, smells like GPL abuse to me.

> There is no way for anyone to take free code and "hijack it and close it".

Dlink?
TomTom?

For an insignificant (and hypothetical) case like this, we really are only just talking about principles and the ramifications seem innocuous. However these same principles have ensured that we still have an open and freely available OS/kernel even though it outperforms proprietary solutions. The fact that a person or corporation hasn't become fantastically wealthy through the success of GNU/Linux probably scares the bejesus out of all the brainwashed, vested interest, capitalists out there.

Talk about FUD and controlling others and pushing agendas. The proprietary industry has it's lobbyists and lawyers and all the money in the world (which they got from us, the long suffering and abused customer). All we have is an itty bitty license and they are scared shitless because regardless of what you think about the personalities of the drafter/s, they saw what was happening and gave us an alternative.

We didn't have to take it but we did and look where it's got us. I have a whale of a time with OSS. I am only limited by my abilities and imagination.

I already make my good living through specialising in OSS and my hope is that we can commoditise (?) the OS and utilities and then we can really start progressing, working on the really tricky problems rather than working out why the OS keeps crashing or doesn't scale.

Enough.

I choose GPL, you choose what you want and we'll see who's laughing in five years time.

> There is no way for anyone to take free code and "hijack it and close it".

Dlink?
TomTom?

For an insignificant (and hypothetical) case like this, we really are only just talking about principles and the ramifications seem innocuous. However these same principles have ensured that we still have an open and freely available OS/kernel even though it outperforms proprietary solutions. The fact that a person or corporation hasn't become fantastically wealthy through the success of GNU/Linux probably scares the bejesus out of all the brainwashed, vested interest, capitalists out there.

Talk about FUD and controlling others and pushing agendas. The proprietary industry has it's lobbyists and lawyers and all the money in the world (which they got from us, the long suffering and abused customer). All we have is an itty bitty license and they are scared shitless because regardless of what you think about the personalities of the drafter/s, they saw what was happening and gave us an alternative.

We didn't have to take it but we did and look where it's got us. I have a whale of a time with OSS. I am only limited by my abilities and imagination.

I already make my good living through specialising in OSS and my hope is that we can commoditise (?) the OS and utilities and then we can really start progressing, working on the really tricky problems rather than working out why the OS keeps crashing or doesn't scale.

Enough.

I choose GPL, you choose what you want and we'll see who's laughing in five years time.

1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?

dynamic linking is too much to bear

4. Could I be forced to publish this code by some 3-d party?

5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?

1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?

dynamic linking is too much to bear

4. Could I be forced to publish this code by some 3-d party?

5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?

You know, companies are mostly free to make deals with other companies provided no laws are broken.
Microsoft is free to use GPL'd code, provided they follow those (GPL, LGPL) agreements.

OTOH, if **any** company doesn't follow the agreement - GET THEM!
Too many of them - http://gpl-violations.org/
Linksys being the most famous: http://lwn.net/Articles/51570/

Personally, I'd love to see Microsoft found guilty of violating the GPL/LGPL, but I know how hard they work to ensure that doesn't happen - at least a few years ago they worked really hard.

OTOH, OSS developers should also respect when a company decides they don't wish to be part of any OSS-based licensing. Personally, I avoid doing business with those companies, unless absolutely necessary and I keep the amount of business to the minimum possible.

They infringe copyright.

Just like these people:
http://gpl-violations.org/news/20060922-dlink-judg ement_frankfurt.html

Fortinet was Founded in 2000 by Ken Xie, founder of NetScreen which later sold to Juniper for $3.5B.
Fortinet was accused of using Linux kernel in FortiOS w/o credit:
FORTINET VIOLATES GENERAL PUBLIC LICENSE IN SECURITY PRODUCTS

The FSF recommends that the primary request is for opening the code, not for monetary damages, just because proving monetary damages can be difficult to prove on an application you distribute for free. Thus, the primary options for the defendant is to open up the code or refrain from distribution.

That's why organizations like gpl-violations.org exist.

proponents of proprietary OSes would then immediately cite the case as an example of the "dangers" of using Linux

You might want to tell this to gpl-violations.org.

I think you're being overly cynical, the people who are involved in this include people like Harald Welde (of the campaign to stop GPL violations. I think they genuinely believe in this, they're not just marketing weenies out to make a quick buck.

I'm going to download the source to Media Player Classic. I'll make some changes to it, give it a new name, and sell a binary. Only the binary. My new video player is closed source. Yes there is no copyright on it, but it's still closed source. How are you going to get the C++ source to my changes?

Open source depends on copyright. Without it the source will completely ripped of by the scummers and nothing could be done about it. Some developers are fine with that, others are not.

Copyright is necessary, though I do feel it should expire with time. In the past I said 20 years plus an optional 20 year renewal. Some in this thread suggested something similar but with 30 years. Both are a good idea.

Does something go into public domain just because it is posted somewhere for free (example: Usenet):

False. Nothing modern and creative is in the public domain anymore unless the owner explicitly puts it in the public domain(*). Explicitly, as in you have a note from the author/owner saying, "I grant this to the public domain." Those exact words or words very much like them.
See Also: Out of Germany, but even someone like D-Link couldn't shake the GPL:

"The GPL Violations Project , based in Germany, have won (subject to appeal) a court case against D-Link, who had allegedly distributed parts of the Linux kernel in a product in a way which contravened the GPL. D-Link had claimed that the GPL was not 'legally binding' but have now agreed to cease and desist, and refrain from distributing the infringing product, a network attached storage device. Expenses, including legal expenses, were received by the plaintiffs; they did not request any damages, consistent with their policy . They have previously won a number of out of court settlements against other companies. Slashdot has previously mentioned the GPL Violations Project ."

Does something go into public domain just because it is posted somewhere for free (example: Usenet):

False. Nothing modern and creative is in the public domain anymore unless the owner explicitly puts it in the public domain(*). Explicitly, as in you have a note from the author/owner saying, "I grant this to the public domain." Those exact words or words very much like them.
See Also: Out of Germany, but even someone like D-Link couldn't shake the GPL:

"The GPL Violations Project , based in Germany, have won (subject to appeal) a court case against D-Link, who had allegedly distributed parts of the Linux kernel in a product in a way which contravened the GPL. D-Link had claimed that the GPL was not 'legally binding' but have now agreed to cease and desist, and refrain from distributing the infringing product, a network attached storage device. Expenses, including legal expenses, were received by the plaintiffs; they did not request any damages, consistent with their policy . They have previously won a number of out of court settlements against other companies. Slashdot has previously mentioned the GPL Violations Project ."

Does something go into public domain just because it is posted somewhere for free (example: Usenet):

False. Nothing modern and creative is in the public domain anymore unless the owner explicitly puts it in the public domain(*). Explicitly, as in you have a note from the author/owner saying, "I grant this to the public domain." Those exact words or words very much like them.
See Also: Out of Germany, but even someone like D-Link couldn't shake the GPL:

"The GPL Violations Project , based in Germany, have won (subject to appeal) a court case against D-Link, who had allegedly distributed parts of the Linux kernel in a product in a way which contravened the GPL. D-Link had claimed that the GPL was not 'legally binding' but have now agreed to cease and desist, and refrain from distributing the infringing product, a network attached storage device. Expenses, including legal expenses, were received by the plaintiffs; they did not request any damages, consistent with their policy . They have previously won a number of out of court settlements against other companies. Slashdot has previously mentioned the GPL Violations Project ."

Even worse. According to their blog, it contains a headphone socket too.

All those naysayers really p*** me off. After years of longing finally an nearly 100% opensource phone, with a proven build-system (openembedded) and backed by a development team which has some of the brightest hackers in the mobile linux world including Mr. GPL (Harald Welte, from gpl violations). And what do we get? A bunch of postings from naysayers, who didn't read the article, didn't do two seconds of their own research (like checking who is in this team) and distribute plain wrong facts.

As soon as this thing is available, my Motorola A780 (which is Linux, but badly badly crippled) will be for sale on ebay.

Bye egghat.

The only reason a GPL challenge hasn't reached a US court yet is because in every case so far, the violator has ended up settling. And, no - despite what you've heard, the SCO vs IBM case is not about the GPL. Darl McBride's letter to the US Congress about how the GPL was unconstitutional was greeted with a big fat "so what?"

actually, writing in nice red bold letters "You don't have to agree to these terms to use this software" under the license block would create an interesting "WTF" situation

If your reasoning is that your definition of use does not include re-distribution, this should also be mentioned explicitely to avoid accidentally misguiding users who are unaware of the details of the GPL.

Otherwise, ever heard of gpl-violations.org?

"Regardless of the repeatedly-quoted judgement of the district court of Munich
  I, we do not consider the GPL as legally binding."

So who is going to buy this phone?

DLink has a history of ignoring the GPL...
http://www.gpl-violations.org/news/20060922-dlink- judgement_frankfurt.html

The founder, Harald Welte ... [discovered] companies violating the GPL in software he wrote for the netfilter/iptables project.

...

Over time, some other Linux kernel developers have transferred their rights in a fiduciary license agreement to enable [enforcement of] the GPL in cases where [no code was written by Welte].

I've been watching the kororaa project for a while, ever since we did one tandem session with XGL and OS X on two machines, watching XGL rule - especially in the video across cube faces demo. But a few weeks later, the developer announced that he's stopping Kororaa because of GPL issues with properietary drivers. And here's a reply by the FSF.

Now, the point to note here is that GPL is redistribution license. The way the nVidia folks handle it is to give the user some code, a binary blob and effectively tell them to build it themselves. The code they distribute does not link to the Linux kernel *yet*, while the binary blob is the closed source bit. Now, what the user does is to link them all up and there you go - which is not the distributor's fault. And this works because they are not redistributing any code that is copyrighted by a Linux kernel author (for example laf0rge).

The whole model makes the user violate GPL in principle, while the distributor (i.e nVidia) is in the gray area of legality. This is of course, my understanding from following up all this (and then had an argument with a paralegal @ work about GPL).

But I could be wrong you know ...

I get your point, but I do think that it's a trade. In the case of I2P, precisely because the software itself enhances freedom in its very functionality, greater and faster penetration is worthwhile at the expense of guarding against reduced freedom to make alterations further down the line.

The GPL forces a bifocation into free and non-free, which actually enhances market efficiency, since free software development doesn't subsidise proprietry software development, making for cleaner competition.

The GPL can attract, as well as repelling derived works (which you acknowledge), so which licence to use does depend upon context, since you'll want to be working with the grain of those who might wish to contribute. If I wished you to help me on some future project, for example, we'd have to discuss licences, and would maybe reach compromise (eg. the LGPL), or maybe, depending on the project, I'd judge that your help was more valuable than maximal user freedom for that project, which might lead me to capitulate.

Lawsuits are an important reason, but most larger companies will avoid knowingly breaking the law even without them. GPL Violations is a project that attempts to gain compliance through raising public awareness, and you may well find that the FSF will help you out, even if you don't donate your code to them (which I wouldn't do, since I'd like to have the right to close-source my own efforts). If your code is of any importance, you might find that IBM (say) intervenes upon your behalf, as part of the value proposition to them is that they can compete upon services, and closed (illegal) competition is a game that they've decided not to play.

BSA is for proprietary violations.

"OK, let's pretend that this is indeed so, for the sake of amusement."

Why "pretend" when we can *stablish*?
There: http://www.gpl-violations.org/

"That would mean that any contributor, to any GPL code is entitled to go after any corporation which somehow internally distributes some GPL code"

(http://gnu.teleglobe.net/licenses/why-assign.html )
"only the copyright holder or someone having assignment of the copyright can enforce the license. If there are multiple authors of a copyrighted work, successful enforcement depends on having the cooperation of all authors.
by Professor Eben Moglen, Columbia University Law School"

"...as it is unknown what GPL code is being used, until fully disclosed"

(http://lwn.net/Articles/73848/)
[the FSF way of enforcing GPL]
"First, they (the bad guys) release an infringing product. Second, SOMEBODY HAS TO FIND OUT THAT THY USE GPL LICENSED CODE. Then, one of the original authors has to push for license compliance.
[Editor's note: the following article was sent to us by Harald Welte, the leader of the Netfilter project.]"

(http://www.gnu.org/philosophy/enforcing-gpl.html)
"So what happens when the GPL is violated? With software FOR WHICH THE FREE SOFTWARE FOUNDATION HOLDS THE COPYRIGHT (either because we wrote the programs in the first place, or because free software authors have assigned us the copyright, in order to take advantage of our expertise in protecting their software's freedom), the first step is a report, usually received by email to . We ask the reporters of violations to help us establish necessary facts, and then we conduct whatever further investigation is required.
by Eben Moglen"

(http://www.gnu.org/licenses/gpl-violation.html)
"...But, WE CANNOT ACT ON OUR OWN IF WE DO NO HOLD COPYRIGHT. Thus, be sure to find out who the copyright holders of the software are before reporting a violation"

Oh, I am sooo terribly sorry for not reading the whole damn thread with its hundreds of posts in a timely manner, to your satisfaction, every time some anonymous goofball replies to one of my posts. It might come as a great shock to you, but for me, unlike for some here, Slashdot is an amusing past-time, to be enjoyed whenever I have time and driven mainly by automated email notifications of replies to me. If this does not suit you, Mr. Coward, Anonymous, you can kiss my hairy ass, and then get lost along with the presumptuous attitude your rode on in.

I ask you for opinions sustaining your interpretation

Oh, wait, is this "turbidostato"? I see that ever increasing confidence in your arguments led you finally to the bold move of posting as an AC. In keeping with this progression of assuredness, threats if violence can't be far behind now.

for some lines in a license, and you answer that you already quoted the lines of the license I meant to. Great.

Err, "interpretation"? What is there to "interpret" about the term "third parties"? That they are "third"? As in not the distributor nor the recipient? Is there any other way to look at it? Or "parties"? Are you implying that this term needs interpretation? To, say, avoid confusion with a birthday gathering?

I tell you that currently you won't gain access to Trustix source code from Trustix (operated by Comodo IP Limited), unless you become a Trustix client and you point me to a sources repository operated by DFK Systems Limited, a different company, and your point is? At least you could hide your intent a little bit more by pointing to the community effort (www.trustix.org) instead!

I hope this will not cause you some unhealthy mental fireworks, but the repository I pointed to is what Trustix.com download section links to. There are many mirrors which store the code of the "official" Trustix archives. Although I am sure I am going to hear now endless hair-splitting moaning as to how "mirrors" do not truly qualify, even though their official status and direct feed by Trustix directly contradicts your claims.

I tell you that you won't gain access to the sources for the boxed Zimbra product (which is most of it, if not all, GPL-based) while you can get the Community version, and you have the guts to point to... the community version itself! as a prove... of nothing.

You could be somewhat more sneakily disingenuous, your maneuvering as it stands is too obvious. There is no other way for Zimbra to provide access to sources, otherwise the closed source portions would have to be also included. Zimbra's staff operates the so-called "community" sourceforge site (just click on sourceforge project "home" page). Again you demand that Zimbra store the files on their servers, and provide the source code in a way that you approve of. No such clause exists in the GPL. GPL does not even mention you once, no doubt to your great annoyance.

Ask Microsoft for a Windows 95 copy. To the best of my knowledge you won't be able to get it from them. Ask Microsoft for a legal license to use Windows 95: you can get it (while at current XP prices), at least if you are a big account.

In which case you can also get the product. Microsoft sells "media packs" for Open License customers (I assume this is what you are referring to). You can obtain media packs for any of the products you have a valid license for (some licenses expire). The cost of the pack is the media+shipping. For example Enterprise Sever 2003 Media Pack was around $25 last I looked.

Of course you can provide any example, can't you? Or better yet, you surely can point out a case where the FSF asked for the sources for software they didn't access to the binaries, don't you?

A random case. One of many. In most cases on gpl-violations.org, FSF did not have access to binaries as they were not the customers of these products.

Witness the cases where GPL gets enforced legally, when embedded devices violate the copyright of the netfilter project.

I don't remember seeing any example of anyone being punished for it. Are there any such examples?

Also, if you want to see it in action, check out http://gpl-violations.org/.

Sometimes no dollar is needed. Many companies will admit and fix. Read GPL Violations.

What happened to gpl-violations.org? It seems to have disappeared and been replaced with something unrelated... Strange.

...but indeed it is quite uneasy to caught the thief red handed.
Although projects like XVid and NetFilter managed to do it several times.

http://gpl-violations.org/about.html#why

Where have you been? Were you living in a cave or something?

There have been many cases of stolen GPL code where the offending party was contacted and they agreed to release the source code instead of taking it to court.

This happened when netfilter code (iptables) was stolen, and in many other cases. There is also an effort for making offending companies release source code. See http://gpl-violations.org/ for more info.

http://gpl-violations.org/

They do...