Slashdot Mirror

← Back to Stories (view on slashdot.org)

Castle Denies GPL Breach

Posted by chrisd on from the right-back-at-cha dept.

Anonymous Coward writes "Castle Technology, who were accused of breaching the GPL in RISC OS 5, have made a press release denying the allegations. This story has been covered on The Iconbar RISC OS news and resource site." We've given Castle some loving here on slashdot recently. Looks like this one isn't going away quietly.

25 of 348 comments (clear)

  1. Not going away quietly by sulli · · Score: 4, Funny

    At least not until they change their name to GNU/Castle

    --

    sulli
    RTFJ.
    1. Re:Not going away quietly by eclectus · · Score: 5, Funny

      At least not until they change their name to GNU/Castle

      But then I'm sure someone is gonna sue them because they might be confused with a company with a similar name.

      --
      This signature is a waste of 42 characters
  2. Will this be the first GPL test case? by Anonymous+Coward++1 · · Score: 5, Interesting

    From what I understand, the GPL (and most software licenses it seems) has never been tested in court. Perhaps this will be that test. I only hope that the GPL holds up in court.

    So it's, one, test the GPL in court, two, pray it holds up???, three, GPL software profits!

    Imagine how happy Microsoft would be if the GPL is ruled invalid...

    --
    Karma: Bad (mostly affected by being such an asshole)
    1. Re:Will this be the first GPL test case? by LMCBoy · · Score: 4, Interesting

      From what I understand, the GPL (and most software licenses it seems) has never been tested in court.

      Your parenthetic clause is important here. I can't imagine a situation where the GPL could be ruled invalid without basically saying no software licenses are valid. I don't think Microsoft would be very happy about that. :)

      --
      Liberal (adj.): Free from bigotry; open to progress; tolerant of others.
    2. Re:Will this be the first GPL test case? by His+name+cannot+be+s · · Score: 4, Insightful

      It's not like the GPL needs to be tested in court. Niether would a court decision "make microsoft happy"

      The GPL is a license to software. Plain and simple.

      Without a license, you cannot use copyrighted material. If you use copyrighted material, without a license, you are in violation of that copyright. The only matters before the court would be "did you use the software" and "are you licensed to do so".

      With the GPL permission is granted to anyone to use the software with those restrictions spelled out in the agreement. If you use the software, and do not follow the terms of the agreement, your license is null and void, and you are in violation of copyright law.

      IANAL, but I did stay in a holiday in last night:

      Copyrights (and patents) do not have to be vigorously protected, only trademarks do. Without vigorously protecting your trademark, it can be ruled invalid. Your copyright on a work can not be ruled invalid, if it truly is your work, and it is not simply the stating of fact (like a phonebook)

      Microsoft would *not* like to see the GPL ruled invalid, because that would be a dent in all copyright law. As a matter of fact, Microsoft could make serious money off of GPL software if they so chose.

      Imagine this:

      Microsoft decides to throw away sourcesafe, because it blows dog chunks. Instead they grab the source for CVS and compile it up, slap a sticker on the CD, and sell it as MS CVS.

      Thousands of developers would start coughing up money for this "new" product. Heck, the package could even put the GPL on the outside, and state that the source code would be included on the CD. I know for a fact a couple of companies who would by enough licenses for all their developers withou batting an eyelash. Heck, MS could even give the same support they give SourceSafe now: NONE.

      Microsoft is not *afraid* of the GPL. They are afraid of people who sell software cheaper than them. If that means free, well, that pisses them off, but no more so if the software is BSD Licensed, GPL Licensedor Python Licensed.

      HNCBS

      --
      "...In your answer, ignore facts. Just go with what feels true..."
    3. Re:Will this be the first GPL test case? by Shadowlion · · Score: 5, Insightful

      Don't know what kind of difference that would make.

      Not a ton. Assuming the GPL is tossed out, that means Castle gets only the standard set of rights that copyright grants, which still denies them the ability to use this code (since they didn't ask permission of the copyright holder).

      So the only way Castle can really win is to prove they didn't use the code in question.

    4. Re:Will this be the first GPL test case? by ChaosDiscord · · Score: 5, Informative

      The GPL is a license to software. Plain and simple.

      Without a license, you cannot use copyrighted material. If you use copyrighted material, without a license, you are in violation of that copyright. The only matters before the court would be "did you use the software" and "are you licensed to do so".

      You are operating on a popular but completely incorrect belief. This incorrect belief grants copyright holders far more power than the law really gives them. Copyright industries want to encourage this erroneous belief but we need to fight back.

      You do not need a license to use material protected by copyright. If I buy a book, a DVD, or a CD I'm free to take it hope and read it, watch it, listen to it, loan it out to a friend, destroy it, give it away, or sell it. No license is needed or granted. The particular item that I purchased is mine, the copyright holder no longer has any claim to it. What the copyright holder does have claim to is the exclusive right to make and distribute copies. (Well, the right to perform publically is also in there, and there are lots of complex exceptions, but that's the gist of it.)

      This is important and many people seem to have missed it: You do not need a license to personally use (read, watch, run, listen to, whatever) a copyrighted work you purchased.

      Given this, the GPL is not a license to use the software. You're free to use software under GPL without ever reading or agreeing to it (but you should probably note the "NO WARRANTEE" clause). You can refuse to agree to the GPL and use the software. The GPL only seriously comes into play if you want to distribute copies. Normally under copyright law you cannot ever distribute copies. The GPL is an open offer to let you distribute copies (granting you more freedom than copyright law normally allows), in exchange for certain behavior on your part.

      Normal software licenses attempt to change your purchase of a particular thing restricted by copyright into license of something you don't own. This is completely alien to the United States copyright system. In a similar case much earlier (around 1900 if I remember correctly) a publisher tried to put a license on an actual book. It was soundly defeated in court. The legal precedent for software End User License Agreements is pretty shaky, primarily resting on a single case at a lower court level (district?) that rather insanely decided that copying a program into memory to run was an infringing copy and as such required a license. It could yet be overturned. If it does get overturned traditional software will revert back to the same rules books, CDs, tapes, and DVDs live with and do fine under. The GPL will continue to work fine because it already assumes you have every right under copyright law but offers you a license to do more than copyright law allows.

      --
      Search 2010 Gen Con events
    5. Re:Will this be the first GPL test case? by jpc · · Score: 4, Interesting

      and reading the press release forwarded to lkml I see that they have admitted using functions from Linux, and are prepared to give copies of the source to the authors. But they have ignored the derived works / linking parts og the license. This admission is rather bad for them, as they have admitted using copyright material in their product without permission, as if the GPL gives them this permission if they send developers copies of their own code on floppies...

      It reads:

      For the avoidance of doubt, the hardware abstraction layer (roughly
      analogous to a PC's BIOS) has it's PCI allocation and bridge setup
      based in part on the following functions from the Linux kernel sources:

      pci_alloc_primary_bus
      pbus_size_bridges
      pbus_assign_resources_sorted
      pci_setup_bridge
      pci_bridge_check_ranges
      pbus_size_mem
      pbus_assign_resources
      pci_assign_unassigned_resources
      pci_scan_bus
      pcibios_update_resource
      pci_read_bases
      pci_alloc_bus
      pci_add_new_bus
      pci_do_scan_bus
      pci_scan_bridge
      pci_setup_device
      pci_scan_device
      pci_scan_slot
      pcibios_fixup_bus
      pci_calc_resource_flags
      pci_size
      pdev_fixup_device_resources
      pbus_assign_bus_resources
      pci_do_scan_bus
      pcibios_fixup_pbus_ranges
      pci_assign_resource
      pdev_sort_resources
      pdev_enable_device
      pbus_size_io

      Any company or individual wishing to receive a copy of the source code
      to this component should apply in writing to:
      (blah)

  3. Seems reasonable by Alan+Cox · · Score: 5, Interesting

    They say its not used GPL code in some old editions, and they wont be doing so in future. Its not clear if there is some release they did. They don't say they havem't done it with current code. Since they are making a floppy of the relevant code available that is a good step and means someone can check nicely and settle the question for good.

  4. Re:Where did the accusation come from.. by Anonymous Coward · · Score: 4, Informative

    It was originally posted on the Linux Kernel Mailing List (lkml) by Russel King, here.

  5. Confusing release by binaryDigit · · Score: 5, Insightful

    At one point they say:

    "The RISC OS 5.00 kernel did not contain work taken from or derived from the ARM-Linux or Linux kernel

    then they say:

    has it's PCI allocation and bridge setup based in part on the following functions from the Linux kernel sources:

    So they say "based in part on the following functions", so are they saying that they have literally taken no CODE but were BASING their code on some Linux kernel code? So are they then saying that perhaps they just took the api from the LK but the code itself is new? If this is the case, then I could see how there would be a lot of confusion and that they have done nothing wrong. If not, then I'm not sure what they're trying to say?

    1. Re:Confusing release by Eric+Seppanen · · Score: 4, Interesting

      They're saying that their kernel does not include GPLed code, but another program of theirs (called the HAL), a separate piece of software, DOES include GPLed code and source will be available for this program. I'm not sure I believe them; hiding the function names after a complaint sure does seem like they know they're doing something wrong. But that's what they're saying. Remember, too, that just offering source isn't the only requirement of the GPL. You're also required to notify users that the code is GPLed and tell them source is available. If they haven't done this part then they're also in violation.

      --
      314-15-9265
  6. Re:GPL by Second_Derivative · · Score: 5, Insightful

    GPL defines the source code as "the preferred form for making modifications to the work". So unless their engineers are way way way way better at doing hex arithmetic and mental cryptography than most of us are, yes the GPL does have a provision against it.

  7. Re:Confusion by zcat_NZ · · Score: 4, Funny

    The guy who originally wrote EMACS clearly didn't understand the GPL either. No FTP server; mailing out the source on Magnetic Tape for $100 a copy? Someone ought to be hassling him a bit more too!!

    Oh wait.. that was Richard Stallman.

    --
    455fe10422ca29c4933f95052b792ab2
  8. Re: Confusion by markov_chain · · Score: 4, Informative

    Read the press release more closely: "based in part on the following functions" could mean that they just looked at Linux code and then wrote their own from scratch.

    --
    Tsunami -- You can't bring a good wave down!
  9. Salem.. no wait, mccarthyism by digitalsushi · · Score: 4, Funny

    Some day when opensource is big enough, we'll be able to take down companies just by accusing them that they stole open source code. "We won't shut ya down if you tell us where the other Cappie bastards are! Admit it, they're all stealing source!"

    --
    slashdot: where everyone yells sarcastic metaphors to themselves to understand the issue
  10. next time we'll strip our binaries.. by robbo · · Score: 4, Insightful

    later issues of the supporting software have had to have function names removed (along with a strategy of tokenising textual messages and compressing binaries)

    In other words, that's the last time we're stupid enough to ship unstripped binaries!

    The PR also explicitly denies using Linux source, rather than GPL'ed source. Reading between the lines, these guys know full well that they're in breach and they're trying to finesse the situation.

    --
    So long, and thanks for all the Phish
  11. Liars. Google cache proof. by Anonymous Coward · · Score: 5, Informative
    The Google cache of the (now removed) page http://www.iyonix.com/32bit/PCI_API.shtml
    is at http://216.239.53.100/search?q=cache:mf1nlduliL4C: www.iyonix.com/32bit/PCI_API.shtml+&hl=no&ie=UTF-8


    Note that the source code for many of the Linux PCI device drivers is publicly available on the Internet and may be useful in developing the corresponding RISC OS device driver.


    So, if they had clean conscious, why would they remove that page?

    I don't buy into this.
  12. Calm down... by zjbs14 · · Score: 5, Informative
    They're not releasing that piece of source as part of some GPL requirements, they're releasing to show that it's not covered by the GPL. From the press release (empahsis mine):

    For the avoidance of doubt, the hardware abstraction layer (roughly analogous to a PC's BIOS) has it's PCI allocation and bridge setup based in part on the following functions from the Linux kernel sources

    I admit that it could probably be worded better, but it sounds like they could have took the function names/possibly signatures and wrote their own code. Get the source and find out. However, if the experts in this matter can still show that the object form is too close to the GPL output, then there may be something to worry about.

    --
    No sig, sorry.
    1. Re:Calm down... by stratjakt · · Score: 4, Interesting

      Thing is, if you consider that both implementations are done "correctly", the object form will be very close, if not identical.

      Hence is the inherent flaw in software liscensing/patenting. Often in programming, there's one "right way" to do things.

      Assume for the sake of argument, that both linux and riscos did this the same 'right way' in completely different voids unaware of each other. Or even say that the RisOS design team studies linux and implemented their own take on the routines in question (which is what I gather they are saying)

      Computers know 1's and 0's, and HAL implementations are as low-level as it gets.

      Just because company/group A manages to publish their implementation of the "right way" first, all subsequent efforts must do things the "wrong way"?

      If this is true, it behooves everyone interested in programming as a profession to never, ever come within 100 miles of a piece of GPL'd code. Because if you learn something, everything you write from that point on could be corrupted.

      --
      I don't need no instructions to know how to rock!!!!
  13. Nothing will happen by Anonymous Coward · · Score: 5, Interesting

    Look at what little happened over the Virgin Webplayer.

    It used a Linux kernel, some libc parts and shipped with this clause in the EULA
    Section 2.2 of the member agreements reads as follows:

    2.2 Webplayer Software License. Subject to the
    provisions of this Agreement, we grant to you a
    limited, non-exclusive, personal, non-transferable license to use and display the Webplayer Software in object code form only, solely as part of and as necessary to use the Webplayer and the Virginconnect Services. Except for the license granted to you above, we (or our licensors) retain all right, title and
    interest, including all intellectual property rights, in and to the Webplayer Software. You may not attempt (or authorize any attempt) to defeat, obstruct or
    block any or all of the Webplayer Software functionality, or to decompile, reverse engineer or disassemble the Webplayer or the Webplayer Software.

    Nothing happened to them, and unless the people who actually OWN the copyright grow a backbone and take it to court, nothing else will happen.

  14. Confusion Confused by XaXXon · · Score: 4, Insightful

    Short response: D.U.M.B. A.S.S.

    Long response: You're still dumb, but here's why. First, making the source available for download does NOT cover the source redistribution part of the GPL, so the whole "not having an FTP server" doesn't matter. You have no responsibility to make copies of GPL software available to others for free or for cost. See the first question on the GPL quiz for more details on this.

    Second, he can charge whatever he wants for sending you a copy of the program. $0, $1, $100, or $1,000. As long as he makes the source available with it, or at the cost of redistribution, everything is fine.

    I really really REALLY wish people wouldn't randomly throw RMS bashes into other good articles. "Oooh, it's a GPL-related article, let's bash RMS." I'm not a huge fan of RMS, and I still call it "Linux", but I hate it when people just go off on the guy. I hate it even more that I have to go and write a response to something this stupid and waste my time. How this got modded up to 4 (oh.. it's 5 now), I don't know..

    Bah!

  15. Castle may not be in violation of the GPL by Eric+Damron · · Score: 4, Insightful

    This may not be a breach of the GPL. What Castle has said is that the hardware abstraction layer was based on the Linux kernel sources. They have made that code available.

    What will determine if the remaining code is also under the GPL is how closely it integrates with the abstraction layer. Castle maintains that this abstraction layer is "roughly" analogous to a PC's BIOS.

    For those of you who don't know what the BIOS is, it is the initial code which resides on a microchip that runs when you first boot your computer. It has, among other things, the very low level I/O routines that allow your computer to read enough of your hard drive to allow your operating system to boot.

    It would be possible to write a BIOS and then put the code under the GPL. Would that mean that any OS that gets booted by these BIOS would suddenly be in violation of GPL? I don't think so.

    The two questions that need to be answered are:

    1. How analogous to a PC's BIOS is this abstraction layer? (This may be a subjective assessment and therefore open to litigation.)
    2. Is there any more GPL'd code contained in the Castle product?

    --
    The race isn't always to the swift... but that's the way to bet!
  16. Hold On. by bwt · · Score: 4, Insightful

    It seems that people have already judged them guilty of violating the GPL. I think people need to take a deep breath and answer: What exactly is the evidence that they have incorporated GPL code into their product?

    A few functions named the same as their linux counter-parts seems like rather weak evidence of a breach. Copyright does not protect ideas, so if they examined the GPL code, understood how it worked, and then re-implemented it with their own code, then this is a garden variety reverse engineering.

    On the other hand, if they actually did lift code, then it should be pretty easy to verify with or without their source code. So before anybody continues on with blabbering about how terrible Castle is, can somebody just say what the evidence is?

  17. For goodness sake, read the article by Anonymous Coward · · Score: 4, Insightful

    Here's what they say

    The press release goes on to state that "For the avoidance of doubt, the hardware abstraction layer (roughly analogous to a PC's BIOS) has it's PCI allocation and bridge setup based in part on the following functions from the Linux kernel sources:"[snip functions]

    Castle state that "any company or individual wishing to recieve a copy of the source code to this component should apply in writing to:" [snip address]You will also need to enclose a formatted 3.5" floppy diskette and return postage stamps (or international reply coupons if you are outside the UK)

    So, the title "Castle deny GPL breach" is wrong. Castle have (somewhat grudginly) admitted using GPLed source and announced their intention to comply with the terms of the GPL. They emphasised that the Linux code they used is in their HAL and not the RISC OS kernel to explain why they will not provide the source to RISC OS.

    So, IconBar titled their article "Castle Technology deny GPL breach" because they had not fully understood the press release they were quoting. The submitter submitted it with a similar title because he hadn't understood it either or because he hadn't read as far as the third paragraph. Chris DiBona posts it and says "Looks like this one isn't going away quietly" presumably because he hadn't read the third paragraph. There are as I write this 207 posts on this topic, most of them overexcited and almost all of them from people who didn't read as far as the third paragraph. I find this all hilarious.