Slashdot Mirror

← Back to Stories (view on slashdot.org)

SCC Statement on SELinux Patent Issues

Posted by michael on from the patent-leather dept.

Hawke writes "Secure Computing has announced a Statement of Assurance that they will not use the patents in question to limit the availability of SELinux. They continue to say: 'However, Secure Computing does not extend the Assurance to software that merely interoperates with SELinux, or is merely included with a distribution of SELinux.'" The original story was here.

11 of 65 comments (clear)

  1. No License by thales · · Score: 5, Insightful
    The Statement of Assurance explictly states that they aren't licensing the Patents to SELinux users. This places the statement in the same catagory as propriatary EULAS that contain a clause allowing them to change the license terms at any time.

    It's just a PR move. There is nothing that would prevent SELinux from modifying or abbandoning this statement at any time. It provides no protections to users if SELinux is sold, or the Patent sold. They can even grant a third party a license that would enable the third party to collect the license fees that SELinux is pretending to abbandon.

    The level of dishonesty shown by this statement has lowerd my leval of trust in SELinux, and made me more unlikely to use the software on a personal basis and reinforced my view that it would be a mistake to use SELinux in a commerical setting.

    --
    Quemadmodum gladius neminem occidit, occidentis telum est
    1. Re:No License by thales · · Score: 5, Insightful
      "To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all"
      from the GPL Preamble

      The FSF has failed to take the chilling effect of an unlicensed unenforced patent into consideration. As long as Red Hat and SELinux don't enforce patents on GPLed software they are in compliance with the GPL, but the danger that the patent could be enforced at some future date makes it risky to make a derritive work based on patented GPL software, or even to redistrubite it. The practice clearly goes against the spirit of the GPL.

      The GPL needs to be modified so that there is a ban on including any patented code unless it also includes a royality free license with redistrubition rights. Simply refraining from enforcing patent rights (for now) does nothing to insure that users will retain the right to redistrubite and modify in the future.

      --
      Quemadmodum gladius neminem occidit, occidentis telum est
  2. type enforcement by Alien54 · · Score: 4, Informative
    You can find information on type enforcement here:

    http://www.securecomputing.com/index.cfm?sKey=738

    As it turns out, this is the problem child. SCC has a patent on this technology, and seems to have used it in SE Linux

    --
    "It is a greater offense to steal men's labor, than their clothes"
  3. Re:Nor.... by rusty0101 · · Score: 4, Interesting

    In their Statment of Assurance, they specifically allow that they may license, sell or re-assign any or all rights to a third party, who is not and would not be bound by the Statement of Assurance.

    Basically this means that the parts of SELinux that they have a patent on, are free of licensing restrictions, so long as the distribution continues to be SELinux (you are free to modify it and re-distribute under the same name) and so long as they have not reassigned those rights on the patent to a third party.

    Forgive me if I seem a bit less than touched by the assurance, but this assurance seems to me to be exceedingly self serving, and no assurance of anything.

    -Rusty

    --
    You never know...
  4. To sum up by flacco · · Score: 4, Funny
    So, let's see - an operating system produced by the NSA, with the threat of future patent claims on its core technology.

    Where do I sign up?

    --
    pr0n - keeping monitor glass spotless since 1981.
    1. Re:To sum up by Anonymous Coward · · Score: 4, Interesting

      So, let's see - an operating system produced by the NSA, with the threat of future patent claims on its core technology.

      Please don't start this again. Paranoia over the nation's most powerful spy agency aside, Security Enhanced Linux has introduced a myriad of useful security ideas into the Linux world. SELinux uses type enforcement and role-based access control to secure the operating system from the ground up; instead of relying on applications to perform their own security, SELinux ensures that programs only have access to the system resources that they SHOULD have, and nothing more.

      Furthermore, a presentation of SELinux by NSA officials at the 2.5 Linux Kernel Summit in March 2001 spurred Linus to propose an idea that has come to be the Linux Security Module, which will hopefully make it's way into the 2.5 kernel eventually. Under this system, and security module, not just SELinux, can be quickly loaded into the Linux kernel to provide whatever kind of security the user desires.

      The fact that SCC has issued this statement, however cryptic, is a huge step in the right direction for the Linux world, and perhaps the entire UNIX world. It ensures the current development of SELinux by the NSA and its contributers, and allows Linux users to employ one of the more secure operating system implementations out there.

      The National Security Agency has been making good strides towards making better public relations, and SELinux would appear to be a good weapon in giving them a better public image. If still paranoid, just download the source and view it yourself; it's not huge, and it's very clean-cut and understandable.

  5. Re:Nor.... by anonymous+cowfart · · Score: 4, Interesting

    Last year in a show of how easy it was to disrupt and abuse the patent process by registering a common, every-day idea a Melbourne lawyer patented a "circular transportation facilitation device" with more info on the story here, here(pdf file), and here

    Obviously it's too easy to get things patented these days, especially in areas of high technology as few if any patent officer workers are well versed in the areas of technology. Most of the patent office stampers would have little inclination as to how an intigrated circuit works or if an item of software recently designed is any different or unique from any other piece of similar software.

    Sure, it's nice to be able to patent and protect your inventions and innovations, but when most of today's patent holders are larger corporations, it's hardly meant to protect the garage inventor anymore.

    --

    So I'm a pervert. Welcome to the Internet.
  6. Let's tear this thing apart... by AgTiger · · Score: 5, Insightful

    1. Three patent numbers are mentioned. Okay, fine... I'll look those up later, it's enough (for now) to know that Secure Computing claims they exist.

    2. Non-Assertion section. "Subject to the limitations described in this Statement of Assurance, Secure Computing will not assert the Subject Patent Rights with respect to any use, modification or distribution of SELinux software that is permitted by, and is in compliance with, the terms and conditions of Version 2 of the GNU Public License (the "GPL")."

    This is a catch-22. If they're already not in compliance with the GPL due to patent restrictions simply existing on their code, then according to this statement, they may very WELL assert the Subject Patent Rights. This whole clause is a sneakily worded contradiction of realities.

    3. SELinux Limitation section.
    "... However, Secure Computing does not extend the Assurance to software that merely interoperates with SELinux, or is merely included with a distribution of SELinux."

    Translation: Unless they specifically _say_ your code may use their patented methods, forget it. The very nature of distributions is that the kernel is married with a distro's specific patches, custom scripts, custom installer, and a whole bunch of applications are "merely included".

    4. Subject Patent Rights Limitation section.
    "... Secure Computing does not waive, modify or release any of the Subject Patent Rights, or any other right in the Subject Patents, except as expressly provided in this statement of Assurance. ..."

    (Which we're already seeing is "effectively nothing") This section goes on to say that Secure Computing reserves the right to assert their Subject Patent Rights with respect to anything remotely useful regarding security applications that you might want to use their patented software for!

    5. No Third Party Restrictions section.
    Just go read it. If we sell it, you're screwed.

    6. Other Patents section. Again, go read it. We may have other Patent landmines related to SELinux. Here's your blindfold, now go play hopscotch in that legal minefield over there.

    7. No Licence section.
    "No license is granted in this Statement of Assurance with respect to the Subject Patents, or any other patent or intellectual property right, or software or other product."

    Then what exactly am I assured of, other than "We have Patents, we have rights, and they remain ours" ?

    8. Limited Assurance section.
    More legal handwaving and Covering of asses.

    This whole document ranks right up there with "The check is in the mail", "I'm here from the government to help you", and other infamous promises made just before you get screwed over.

  7. Re:Any Linux copyright holder can stop this by SurfsUp · · Score: 4, Informative

    (Further to my previous post) Quoting from the preamble of the GPL:

    Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all.

    Now you think that would be pretty clearcut, wouldn't you? Nonetheless, in the case of RTLinux, RMS did publicly state the patent holder could enforce his patent against users of non-GPL applications running under a modified Linux system containing code subject to the patent, without violating the GPL. Go figure. That doesn't sound like 'everyone's free use'.

    In the case of the RTLinux patent, luckily a workaround was found, which is even superior to the patented method, so the question of whether the patent holder really was violating the GPL became moot. But, not too surprisingly, here is almost the same thing come up again. RMS needs to take a position.

    --
    Life's a bitch but somebody's gotta do it.
  8. Re:Nor.... by Alan+Cox · · Score: 5, Interesting

    Its actually useless. It allows them to sell it to a friend, sue everyone and buy their patent back one afternoon. The exemption excludes authorizing applicaitons or protocols (ie everything NSALinux does)

    Utterly cynical. However it demonstrates how bad the US patent problem is. Even the NSA, the US ultimate investigative and spook agency can't get patent stuff sane. So now the US government has written a security system that only foreign governments can profit from due to bad USSA law and poor planning.

    Its a pity Americans don't understand irony...

  9. Re:Patents arent valid in all countries. by Tomah4wk · · Score: 4, Interesting

    Simple answer - No.

    The USA is the only country with such ill educated government officials