Slashdot Mirror

Tell me, who enforces open source license?

• A general consequence when putting code under the BSD license or releasing new code based on existing BSD-licensed code is that the code can be kept closed. E.g. when shipping hardware, there is no need to add the source.
• In contrast, when you put new code under the GPL, or write code based on a program released under the GPL, it is mandatory that you release the full source of all your changes. Many big companies have been bitten by this with Linux, see www.gpl-violations.org to find that prominent companies like Siemens, ASUS, Sitecom, Gigabyte and many others are affected and were sued over this (apparently?) difficult to follow requirement of the GPL.
• When using BSD-licensed code as a base, it's your own choice if you want to keep your changes private, of if you want to contribute them back to the community. Contributing the source has both benefits and drawbacks, which have to be considered.
• Drawbacks of opening the source are that competitors will have access to your intellectual property. When using BSD-licensed code as a base for your work, you can choose to keep your changes private. With GPL, you have to open them up, if you want to or not.
• Benefits of releasing source to the bright public may have various benefits usually found when arguing for Open Source: people can use the code and base their works on it, the code can be audited by 3rd parties for e.g. security reasons, etc.
• A particular benefit of releasing a work based on BSD-licensed code again not (only) to the bright public but especially to the original project is that the contributions can be incorporated into the project, and get maintained by the project people.
• One of the goals of the NetBSD project is to offer a complete operating system kernel available under the BSD license only. To integrate code into NetBSD, and the kernel in particular, it has to be BSD licensed. Integration into NetBSD (which of course requires releasing the source) will lead to benefits from the efforts of the NetBSD project, its community as well as the vendors supporting it.

If you want to point at various other vendors who have choosen BSD, and NetBSD in particular, to place their products on, see:

• Hardware designed for and with NetBSD
• Products based on NetBSD
• NetBSD-ready PowerPC toys: KuroBox and LinkStation
• SGI produces NetBSD-based WebCam
• Embedded NetBSD on Technologic Systems' ARM boards
• IBM built some NetBSD 1.3x based Network Computers (NSM V2R1): OS in some Java error code, pages 372, 594, 629,

The BSD license is the only one to ever stand up in court.

Reference?

The GPL is in court right now, but lawsuit is still ongoing.

No, it's not. The GPL has been tested in court:
Frtinet Injunction

Moreoever, a lot of companies have http://www.gpl-violations.org/">settled out of court, a good indication that their lawyers told them they had a considerable chance of losing.

Has been tested more than once and the teeth are sharp. Best of all, it has been tested in Germany and resulted in injunctions, while it wasn't even clear if a license written for US american law would apply in Germany at all. Now the silly discussion can end: the GPL is legal binding document.

See http://www.gpl-violations.org/ for more.

The biggest problem for resorting to civil disobedience against the current "intellectual property" regime is that the general public may not even understand the importance of the protest (you have to gain some amount of public support or sympathy to achieve any meaningful goals).

I think it's mostly because it's not that important. In the 60's, it was about people dying over in vietnam, copyright infringement laws only effect the people that are infringing on someone else's copyright.

Sharing copyrighted material on the Internet doesn't show anyone that the copyright laws are too harsh. It would be similar to boycotting the sale of nikes (because of sweatshops), but having all of the people involved wear them to the demonstration, it's hypocritical, and in many ways..doesn't make sense (from a boycotting point of view).

It really seems to me like an excuse for getting music, movies, and software...for free. If you don't want to abide by a license that a movie or song is released under, don't download it.

It's the same with the GPL. If a company doesn't wish to abide by this license, they shouldn't use it in their commerical application.

when are people going to realize that This is just as wrong as this

The answer to whether or not we still need the gpl:

http://gpl-violations.org/http://gpl-violations.or g/

Nothing more should need saying, but I've got a couple more minutes. ;)

I'm sure at some point the use of open source software will be so ubiquitous as to make the result of hording, thieving, and conspiring by individuals and corporations ineffectual.

However, I still believe that we have not reached that cross roads yet. There are still a number of people and corporations who have the desire and the ability to plunder the hard work of those who produce the code and then conspire to both denegrate the open source offerings while profiting from that same well.

I like to call these entities the Robber Barons of the Information Age. They are filled with childish and immature emotions and characteristics. They see themselves as icons of a vast empire they built and they are justfied in their actions. Of course the truth is that no one man or even the entire clique of Robber Barons created the information age. In fact it has been the nameless and faceless masses of electronic/software engineers in the background producing all the fantastic hardware and software which makes the information age possible. These men who are supposed to be leaders instead have become filled with themselves. And it all comes down to human nature and the corruption of power.

The way I see it the GPL and the idea behind it is a tool that can be used to take back what has been stolen by the Robber Barons. Many of these same nameless masses who made the Barons are also producing open source code under the GPL and the GPL is poison to the thieving Barons, that is why they despise it to no end.

The GPL is a tool to help keep the Robber Barons human nature in check. I think the end result is that instead of having icons in the open source development circles there are leaders.

Anyhow, thats enough ranting for now.

burnin

p.s. Just a note on the mention of engineering. Not having a degree in engineering does not mean you are not an engineer and conversely having a degree in engineering does not make you an engineer. If you really want to know what an engineer is and determin if you are an engineer just look up the definition of engineer and engineering.

"How does one go about making sure that your source code hasn't been "misappropriated" (read stolen) and placed into a closed source app?"

The short answer is: you can't be sure. In practice, however, people who write programs keep abreast of other software in their field (e.g. people who write an IM client quickly hear about other IM clients). Hwoever, it usually takes an alert user to notice suspicious similarities to existing software. It seems the first tell-tale sign is the directory structure. In almost every case posted to slashdot, it was noted that the directory structures were the same.

If you become suspicious, the next thing is to extract the strings utility. The first thing to look for is the error message strings, but if the executable is not stripped then you can see your function names and source file names.

Finally, there's the question of proving that they "stole" your source code, wher your legal claim will usually be that they violated your copyright. Most of the time, they know they are in the wrong and just contacting them is enough. However, not all offenders cooperate. Harald Welte has successfuly won a preliminary injunction in a German court against a company which violated the GPL when using code form the ipfilter/iptables firewall project.

"How does one go about making sure that your source code hasn't been "misappropriated" (read stolen) and placed into a closed source app?"

The short answer is: you can't be sure. In practice, however, people who write programs keep abreast of other software in their field (e.g. people who write an IM client quickly hear about other IM clients). Hwoever, it usually takes an alert user to notice suspicious similarities to existing software. It seems the first tell-tale sign is the directory structure. In almost every case posted to slashdot, it was noted that the directory structures were the same.

If you become suspicious, the next thing is to extract the strings utility. The first thing to look for is the error message strings, but if the executable is not stripped then you can see your function names and source file names.

Finally, there's the question of proving that they "stole" your source code, wher your legal claim will usually be that they violated your copyright. Most of the time, they know they are in the wrong and just contacting them is enough. However, not all offenders cooperate. Harald Welte has successfuly won a preliminary injunction in a German court against a company which violated the GPL when using code form the ipfilter/iptables firewall project.

Organizations on "our side" can be just as misguided in their support of copyright law as anyone else. That said, however, they're using the current laws of society to pursue a goal (free software) as best they can. Changing copyright law might help us all reach that goal more quickly, but they have to work within today's legal framework if they want to get results today

large changes to a system that has been in place for at least 100 years take time. It seems the FSF, although humourous at times is starting to get just as bad as the MPAA.

If you think that's incorrect, go ahead and explain why. How exactly does having a copy of a song on your hard drive harm anyone any more than not having that copy on your hard drive, given that you aren't paying any money whether it's there or not

well, if it's a copyrighted song, program, or movie, it hurts the original creator. Sharing commerical works devalues that work over time. (think of what happens to the value of the dollar if it is well known that 99% of all money used is counterfeit). Just because something can be copied easily doesn't mean its value is 0.

It's just human nature. If someone has a choice between something that's free and something that costs money, they will choose free.

I could say the same thing about software under the GNU. Who does it hurt when I use it in a commerical application (without releasing the source?). The original sourcecode is still there to use for free. The free software police thinks differently, however.

Especially of interest here is the use of Netfilter by Cymphonix, given Harald Welte involvement in both Netfilter and in the in dealing with GPL violations.

To add to the fun, it even appears that Cymphonix is either using or preparing to use 2.6.x versions of Linux.

He has been enforcing GPL for over a year now with impressive results.

This guy does not know what he is talking about.

He has been enforcing GPL for over a year now with impressive results.

This guy does not know what he is talking about.

He has been enforcing GPL for over a year now with impressive results.

This guy does not know what he is talking about.

He has been enforcing GPL for over a year now with impressive results.

This guy does not know what he is talking about.

http://www.gpl-violations.org/

http://www.gpl-violations.org/

Specially with a dedicated website for posting these frauds.

The author ignores a number of inconvenient facts.

First, and foremost, SCO's bluster about Linux and copyright infringement predates their lawsuit against IBM. Whether or not IBM violated its contract with SCO is not the community's beef with SCO; the community is up in arms because SCO had the gall to suggest that Linux was a big ripoff of SCO's proprietary unix code and began to do things like sell linux licenses, as if it had some right to collect that money. So this is not merely a "simple contract dispute".

Moreover, he is skewing the origin of Linux. Regardless of the author's qualifications, the two people most able to state whether or not Linux was or was not dervied from Minix or contained Minix code would certainly be Linus Torvalds and Andrew Tannenbaum. Tannenbaum said, "I told [Ken Brown, President of the Alexis de Tocqueville Institution] that MINIX had clearly had a huge influence on Linux in many ways, from the layout of the file system to the names in the source tree, but I didn't think Linus had used any of my code." Eric Raymond may have been citing this to make a point, but when Linus and Andrew both are clear on the point that Linux did not use Minix code, then I believe take their assertions on that point.

The assertions about due diligence are equally off-base, as the Open Source Risk Management company is offering insurance against claims of copyright infringement. It is basically absurd to suggest they could get millions and millions of dollars of insurance underwritten without due diligence against the product they were insuring - which, in this case, is the code that comprises Linux.

Finally, the author completely ignores how unclean SCO is with its own source management. They distributed a version of Linux for quite some time, and continued to distribute it even after they had made public claims. If they had discovered claims but continued to distribute the code, one could quite easily argue (and surely IBM will) that they have themselves have placed whatever code is in question under the GPL.

This only touches on the number of issues he manages to gloss over in a few brief pages. By no means do I think that David Boies would have been involved on contingency unless he felt he had some chance of winning, but the fact is, SCO is bleeding money like tomorrow's bacon, and it is hard to imagine how anyone would care to purchase a real product from SCO in the future, given their propensity to do things like, say, sue their customers.

Certainly, at this point, Canopy can only be hoping that the payoff from the lawsuit against IBM and other actions will be sufficient to justify flushing the company. But even *if* SCO managed to prove IBM contributed tainted code, there's a mountain of counterclaims to deal with and SCO has to try to establish damages, and it's hard to see how SCO can justify damages that are a significant multiple of its own market capitalization at the time the offense occurred. It would be like Harold Welte suing Asus for $2B or such. It may sound like a nice round number, and SCO can say that it wants "infinity times infinity" for damages, but that doesn't give it a snowball's chance in hell of actually seeing such damages.

I think http://www.gpl-violations.org/ would really like to hear about this. Apple have been a bit too litigation-happy lately, it'll be nice to see them have to eat some of their own crows.

Announcing that Safari passes the Acid2 test has raised some voices in the KDE world. Apple, they say, isn't playing friendly. They don't provide a CVS history, just the modified files where nobody can understand how and when things have changed. It's quite likely that KHTML developers will have to write their own code to pass the acid2 test.

I think http://www.gpl-violations.org/ would really like to hear about this. Apple have been a bit too litigation-happy lately, it'll be nice to see them have to eat some of their own crows.

I suppose that I never really looked at it that way but you are right. Because enough people have reverse compiled the cherry os code and compaired it the the pear pc code it has generated quite an angry buzz in the opensource community. It's funny how allmost anything can be controlled by a large enough online community. just in case anyone is interested I stumbled across this http://www.gpl-violations.org/the other day. Good site to keep an eye on and support, if I do say so myself.

Make that http://www.gpl-violations.org/. My sig manifests itself -- not posting sober. Happy Saint Jack's Day. :-) The URL redirects to the one in parent, though.

anonymously tip off http://www.gpl-violations.org/?

They might have been in compliance at some particular point in time, but now it seems again, that they are not. http://lists.gpl-violations.org/pipermail/legal/20 05-March/000008.html

Remember kids, read before you post!

Remember kids, read before you post!