Slashdot Mirror
SCC Statement on SELinux Patent Issues
Hawke writes "Secure Computing has
announced a
Statement of Assurance that they will not use the patents in question to limit the availability of SELinux. They continue to say: 'However, Secure Computing does not extend the Assurance to software that merely interoperates with SELinux, or is merely included with a distribution of SELinux.'" The original story was here.
can they guaranty that they won't be bought out by someone who wants to exploit the patent (eg Forgent).
Software Patents: Don't do them kids.
None are more hopelessly enslaved than those who falsely believe they are free. Johann Wolfgang von Goethe.
The GPL states that as long as I put my own code under GPL I can use any other GPL code without restriction - thus enforcing the freedom of free software.
Patents directly nullify this - with SELinux I can't modify it and make my own distro, or take the good bits of the code and use it in my own GPL project... making SELinux essentially proprietary.
If they won't gonna use the patents, why have they filed for them in first place ?
Competitors aren't an argument because the publishing of the sources of SELinux according to the GPL would count as prior art.
Did they want to troll RMS and Anal Cox or what else ?
Or is this statement just a scam ?
Owner of a Mensa membership card.
What they've done is agree to comply with the GPL.
The following paragraph totally voids the whole thing. It also would create a terribly dangerous submarine patent.
===
No Third Party Restrictions.
This Statement of Assurance is made by Secure
Computing alone, and does not bind or obligate any other person or party. Secure
Computing may license or otherwise transfer any or all of its rights in the Subject Patents,
including the Subject Patent Rights, without any restriction or condition. The recipients
of such rights are not bound by this Statement of Assurance, and may assert any rights
acquired from Secure Computing without any limitation or restriction.
===
If the patents are transfered, they can then be enforced. Any existing distributions and installations of SELinux will become subject to unilateraly imposed lisence and royalty fees imposed by a new owner.
No way is this:
"Our assurance is subject to certain limitations that we believe are consistent with the spirit of open source. "
It's just a PR move. There is nothing that would prevent SELinux from modifying or abbandoning this statement at any time. It provides no protections to users if SELinux is sold, or the Patent sold. They can even grant a third party a license that would enable the third party to collect the license fees that SELinux is pretending to abbandon.
The level of dishonesty shown by this statement has lowerd my leval of trust in SELinux, and made me more unlikely to use the software on a personal basis and reinforced my view that it would be a mistake to use SELinux in a commerical setting.
Quemadmodum gladius neminem occidit, occidentis telum est
http://www.securecomputing.com/index.cfm?sKey=738
As it turns out, this is the problem child. SCC has a patent on this technology, and seems to have used it in SE Linux
"It is a greater offense to steal men's labor, than their clothes"
number: 4,6211,231
.... maybe I made a mistake.
It doesn't exist in any of the searches I made
Do not spread "09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0" over the internet, thank you.
Where do I sign up?
pr0n - keeping monitor glass spotless since 1981.
Seems to me they are confused. FreeSoftware supporters will limit their
use of SELinux and that inturn will Limit
can expect limited use of it, regardless of what dillusions they speak.
In a sane world doing stuff like this would not be possible. Patents on Software, Algorithms etc. should not be allowed...
If a company releases the source to something that was patented under the GNU can the enforce it later?
They licensed it to us to use as we see fit, just as long as we release the source, right?
Mike
I didn't use the preview button, so get over it!!!!
Mike
1. Three patent numbers are mentioned. Okay, fine... I'll look those up later, it's enough (for now) to know that Secure Computing claims they exist.
..."
2. Non-Assertion section. "Subject to the limitations described in this Statement of Assurance, Secure Computing will not assert the Subject Patent Rights with respect to any use, modification or distribution of SELinux software that is permitted by, and is in compliance with, the terms and conditions of Version 2 of the GNU Public License (the "GPL")."
This is a catch-22. If they're already not in compliance with the GPL due to patent restrictions simply existing on their code, then according to this statement, they may very WELL assert the Subject Patent Rights. This whole clause is a sneakily worded contradiction of realities.
3. SELinux Limitation section.
"... However, Secure Computing does not extend the Assurance to software that merely interoperates with SELinux, or is merely included with a distribution of SELinux."
Translation: Unless they specifically _say_ your code may use their patented methods, forget it. The very nature of distributions is that the kernel is married with a distro's specific patches, custom scripts, custom installer, and a whole bunch of applications are "merely included".
4. Subject Patent Rights Limitation section.
"... Secure Computing does not waive, modify or release any of the Subject Patent Rights, or any other right in the Subject Patents, except as expressly provided in this statement of Assurance.
(Which we're already seeing is "effectively nothing") This section goes on to say that Secure Computing reserves the right to assert their Subject Patent Rights with respect to anything remotely useful regarding security applications that you might want to use their patented software for!
5. No Third Party Restrictions section.
Just go read it. If we sell it, you're screwed.
6. Other Patents section. Again, go read it. We may have other Patent landmines related to SELinux. Here's your blindfold, now go play hopscotch in that legal minefield over there.
7. No Licence section.
"No license is granted in this Statement of Assurance with respect to the Subject Patents, or any other patent or intellectual property right, or software or other product."
Then what exactly am I assured of, other than "We have Patents, we have rights, and they remain ours" ?
8. Limited Assurance section.
More legal handwaving and Covering of asses.
This whole document ranks right up there with "The check is in the mail", "I'm here from the government to help you", and other infamous promises made just before you get screwed over.
If a GPLed project includes any patented code, then, under the GPL, I can take just the code from the project pertaining to the patent, create a derived work, sell it, and become rich. It is inconceivable that the company owning the patent would not sue me. Therefore, if they release patented code in a GPL project, they better give a royalty-free license to everyone.
8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License.
Life's a bitch but somebody's gotta do it.
Are the patents valid anywhere except the US ?
10 to 1 says they don't want to be fux0red with by the NSA.
Did they write their whole distribution?
If not, then aren't they distributing GPL code written by others as a part of an assemblage that does not grant to others the right to freely modify and redistribute it?
Are they claiming that none of the patented code is linked?
Or is this just total FUD?
Whatever the answer to any of these, this is one company that deserves to die a quick death.
I think we've pushed this "anyone can grow up to be president" thing too far.
It seems to me that the main problem with this statement of assurance is not its interplay with the GPL, but the fact that there is nothing keeping the company from issuing a new, perhapst totally modified statement sometime later.
So, could anyone with a legal background please comment - is this letter in any way binding to Secure Computing?
Why do I have a feeling, it was the other division of the NSA that made this possible. e.g. Perhaps the, umm, *hardware* division of the NSA *talked* with a certain someone, who then, spontaneously decided to do exactly what the NSA guys suggested.
See also:
Some guys from the mafia visited with me today. On a completely unrelated note, I've decided to switch ro another trucking firm that charges 3 times as much.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
Their statement of assurance subjects their permission to some limitations.
The GPL says that if there are any limitations on the rights it permits, then you have none. In other words if they say, "You have the GPL right except those which we say you don't" then the GPL says, "If you contradict the conditions of the GPL, then you don't have the right to distribute the program at all."
Which means that before I would touch either SCC or the GPL, I would talk carefully with a lawyer.
There is what RMS intended, what people think he intended, and what he actually wrote. The three do not always meet. (The second one most often disagrees with the other two.)
RMS wrote the license. Having written it, he is free to state how he interprets what he wrote. Barring courts ruling on it, his interpretations have considerable weight. But only if they are reasonable as interpretations of what he wrote. For him to say that his license says what it does not (that a patent licensed for GPLed use has to be licensed for anyone's use) would be a lie and useless.
That said, the question becomes whether he disagrees with his license, and whether either of them disagree with your understanding of what he meant. I submit that he agrees with his license. The freedom to write GPLed versions of software - which can then become available for anyone's free use - is exactly what he wants to encourage. Your inability to write software that denies others their freedom to use it doesn't matter to him.
Remember. The GPL is designed to encourage widespread use of the GPL, which in turn is meant to push RMS' social philosophy. It is coincidentally useful for a lot of people who disagree with RMS' beliefs. But the fact that it does not satisfy those people in all the ways that they would like to be satisfied is not a failing of the GPL, and is not a problem for RMS.
They are not even bound by the statement of assurance. Its not a legal document which forbids them from doing things they deem necessary for the survival of their company.
People are typically ok dudes when all is well, but when times get hard they even break the real laws, so this assurance is meaningless to me.
Its like buying a gun and assuring everyone you will never use it.
The assurance simply says you cannot use it. Using it for authorization
for applications, or services is excluded. That makes it useless
He seems to like it less than I do.
Oh well, it'll be good if this goes to court, having
the NSA (represented by the Justice Department)
defending the GPL would set a good precedent.
See http://etbe.coker.com.au/ for my blog.
I'm concerned with the paradigm of viability that is offered on a de facto basis by this gentleman's agreement. In order to fully network the brick-and-mortar with the online e-communities, we will need to protect the intellectual property of this distribution while simultaneously realizing the true prospect of a mixed-platform think tank environment, using products from this company, Microsoft, and other entities as enablers to reach our goal.
We must think outside the box. Come check out my site for more information and nifty text ads!
To ensure that Secure Computing Corp continues to receive funding and win contracts with the U.S. military and intelligence agencies we have decided to bow down to the Puzzle Palace's (NSA) goal of providing a freely available SELinux distribution.
We promise will not attempt to sue to world's largest black budget organization, and is the government agency with the fewest publicly available details (part of mandate in E.O. 12333 is classified).
We fear their black helicopters.
One of two things can happen here: either the gov't (in the form of the NSA) can buy the patents in some way or another, or we can just wait around until Secure Computing realizes that few will adopt SELinux, and Secure Computing may get sued for GPL violation if they attempt to sell restrictive licenses.
I think most Americans agree the patent system is no longer working as intended. The problem is there is no agreement on what to do to fix this problem. The NSA like all federal agencies cannot be sued without the specific consent of congress.
I'm not an attorney but when someone attempts to enforce a patent they must show contribution to the work. In the case of this patent the NSA did all the genuine work and further released the details of this work publicly which means that SELinux would lose any lawsuit. The patent is entirely worthless and doesn't change anything. I can threaten to sue somebody just as easily with a valid or an invalid patent but if I can't win the case the threat is nothing but hot air.
Pretty much nobody in the USA is at all likely to develop anything based on SELinux.
Ed Craig "Who cares what you think?" George W. Bush, 4th of July 2001