Slashdot Mirror

← Back to Stories (view on slashdot.org)

SCC Statement on SELinux Patent Issues

Posted by michael on from the patent-leather dept.

Hawke writes "Secure Computing has announced a Statement of Assurance that they will not use the patents in question to limit the availability of SELinux. They continue to say: 'However, Secure Computing does not extend the Assurance to software that merely interoperates with SELinux, or is merely included with a distribution of SELinux.'" The original story was here.

4 of 65 comments (clear)

  1. No License by thales · · Score: 5, Insightful
    The Statement of Assurance explictly states that they aren't licensing the Patents to SELinux users. This places the statement in the same catagory as propriatary EULAS that contain a clause allowing them to change the license terms at any time.

    It's just a PR move. There is nothing that would prevent SELinux from modifying or abbandoning this statement at any time. It provides no protections to users if SELinux is sold, or the Patent sold. They can even grant a third party a license that would enable the third party to collect the license fees that SELinux is pretending to abbandon.

    The level of dishonesty shown by this statement has lowerd my leval of trust in SELinux, and made me more unlikely to use the software on a personal basis and reinforced my view that it would be a mistake to use SELinux in a commerical setting.

    --
    Quemadmodum gladius neminem occidit, occidentis telum est
    1. Re:No License by thales · · Score: 5, Insightful
      "To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all"
      from the GPL Preamble

      The FSF has failed to take the chilling effect of an unlicensed unenforced patent into consideration. As long as Red Hat and SELinux don't enforce patents on GPLed software they are in compliance with the GPL, but the danger that the patent could be enforced at some future date makes it risky to make a derritive work based on patented GPL software, or even to redistrubite it. The practice clearly goes against the spirit of the GPL.

      The GPL needs to be modified so that there is a ban on including any patented code unless it also includes a royality free license with redistrubition rights. Simply refraining from enforcing patent rights (for now) does nothing to insure that users will retain the right to redistrubite and modify in the future.

      --
      Quemadmodum gladius neminem occidit, occidentis telum est
  2. Let's tear this thing apart... by AgTiger · · Score: 5, Insightful

    1. Three patent numbers are mentioned. Okay, fine... I'll look those up later, it's enough (for now) to know that Secure Computing claims they exist.

    2. Non-Assertion section. "Subject to the limitations described in this Statement of Assurance, Secure Computing will not assert the Subject Patent Rights with respect to any use, modification or distribution of SELinux software that is permitted by, and is in compliance with, the terms and conditions of Version 2 of the GNU Public License (the "GPL")."

    This is a catch-22. If they're already not in compliance with the GPL due to patent restrictions simply existing on their code, then according to this statement, they may very WELL assert the Subject Patent Rights. This whole clause is a sneakily worded contradiction of realities.

    3. SELinux Limitation section.
    "... However, Secure Computing does not extend the Assurance to software that merely interoperates with SELinux, or is merely included with a distribution of SELinux."

    Translation: Unless they specifically _say_ your code may use their patented methods, forget it. The very nature of distributions is that the kernel is married with a distro's specific patches, custom scripts, custom installer, and a whole bunch of applications are "merely included".

    4. Subject Patent Rights Limitation section.
    "... Secure Computing does not waive, modify or release any of the Subject Patent Rights, or any other right in the Subject Patents, except as expressly provided in this statement of Assurance. ..."

    (Which we're already seeing is "effectively nothing") This section goes on to say that Secure Computing reserves the right to assert their Subject Patent Rights with respect to anything remotely useful regarding security applications that you might want to use their patented software for!

    5. No Third Party Restrictions section.
    Just go read it. If we sell it, you're screwed.

    6. Other Patents section. Again, go read it. We may have other Patent landmines related to SELinux. Here's your blindfold, now go play hopscotch in that legal minefield over there.

    7. No Licence section.
    "No license is granted in this Statement of Assurance with respect to the Subject Patents, or any other patent or intellectual property right, or software or other product."

    Then what exactly am I assured of, other than "We have Patents, we have rights, and they remain ours" ?

    8. Limited Assurance section.
    More legal handwaving and Covering of asses.

    This whole document ranks right up there with "The check is in the mail", "I'm here from the government to help you", and other infamous promises made just before you get screwed over.

  3. Re:Nor.... by Alan+Cox · · Score: 5, Interesting

    Its actually useless. It allows them to sell it to a friend, sue everyone and buy their patent back one afternoon. The exemption excludes authorizing applicaitons or protocols (ie everything NSALinux does)

    Utterly cynical. However it demonstrates how bad the US patent problem is. Even the NSA, the US ultimate investigative and spook agency can't get patent stuff sane. So now the US government has written a security system that only foreign governments can profit from due to bad USSA law and poor planning.

    Its a pity Americans don't understand irony...