Slashdot Mirror
Is Linksys Violating The GPL?
jap writes "According to this post on LKML, Linksys is shipping firmware for (at least their) 802.11g access-points based on Linux - without any sourcecode available or mentioning of it on their site. This could be interesting: it might provide the possibility of building an ueber-cool accesspoint firmware with IPsec and native ipv6 support etc etc, using this information!"
If you push too hard for publishing source code, this box will be running Cisco IOS soon, slowing down the box 4 fold.
I'm not sure whether this is just as damaging to Open Source as the SCO thing had the potential of being, or not. On one hand, it might deter use of linux at all, and on the other it'll just be a general 'bad business practice to use linux in our commericial products' type stigma.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
...think of the number of APs they'd sell based on this fact alone. They obviously should abide by the GPL, but they should also shout it from the hilltops that their AP is Linux based and therefore a hackers delight (and the FCC's nightmare).
ER
The GPL has no real valid legal meaning until it has been tested in a court of law. I think the fact that no GPL violation case has ever made it into a courtroom speaks volumes!
They have been using Linux for a long time on their routers/AP's.
Anyone who have one must have noticed it.
The one thing to say to their defence is that they are usually "driver friendly" with their PCMCIA WiFi cards.
I just hope that now they will wake up, straighten up the mess, and start helping the community with supporting 802.11g in Linux for their NIC's.
Sorry - not true.
http://www.tivo.com/linux/index.html
Prevent email address forgery. Publish SPF records for y
What's got the higer priority: getting companies to print the GPL in their manuals, or getting companies to release high qulaity *ware with linux (for free!)
It could be argued that GPL compliancy will make it better, but as far as I can see it's still much better than what it could potentially have been.
Hi,
Sorry for the very lengthly posting, but I want to be as precise as possible in describing this problem.
Awhile ago, I mentioned that the Linksys WRT54G wireless access point used several GPL projects in its firmware, but did not seem to have any of the
source available, or acknowledge the use of the GPLed software. Four weeks ago, I spoke with an employee at Linksys who confirmed that the system did use Linux, and also mentioned that he would work with his management to ensure that the source was released. Unfortunately, my e-mails to this
individual over the past three weeks have gone unanswered. Of course, I also tried contacting Linksys through their common public e-mail accounts (, ) to no avail.
However, it is hard for me to know if my contact in the company has just gone on a three week vacation (and not set an auto-responder), or has been asked to not answer anymore mail on this subject. Also, I should note that I don't own this product, so I can't determine if the source is shipped with it.
However, I have gone through all the available information on the Linksys website, and can find no reference to the GPL, Linux (as it relates to this product), or the firmware source code. Also, the firmware binary (see below) is freely available from their website. There is no link from the download page to the source, or any mention of Linux or the GPL. Finally, it would be
strange if the source was included in the physical package, as my contact at Linksys was initially unaware Linux was used in this product.
The following steps can be used to determine the exact nature of the possible GPL violation.
1. Go to the following URL:
http://www.linksys.com/download/firmware.asp?fwid= 178
2. Download the "firmware upgrade files":
ftp://ftp.linksys.com/pub/network/WRT54G_ 1.02.1_US _code.bin
(MD5SUM: b54475a81bc18462d3754f96c9c7cc0f)
3. While it is downloading, confirm that there is nothing on the webpage to indicate that this binary contains GPLed software.
4. Once the download is complete, copy the contents of the file from offset 0xC0020 onward into a new file.
dd if=WRT54G_1.02.1_US_code.bin of=test.dump skip=24577c bs=32c
5. Notice that this file is an image of a CramFS filesystem. Mount it.
6. Explore the filesystem. You will notice that the system appears to be based on Linux 2.4.5. Incidentally, there is at least one other GPLed project in the firmware: the BusyBox userland component: (http://www.busybox.net/)
7. The Linux kernel (I think) is mixed up with a bunch of other stuff in: bin/boot.bin
You might want to know why I am interested in getting the code for the kernel used in this device.
There's been some discussion here about Linux's lack of wireless support for a few of the newer 802.11b and (nearly?) all 802.11g chips. Incidentally, Linux has excellent support for at least one manufacturer's wireless family.
The following Broadcom chips all appear to be supported under Linux -- if you happen to be running Linux on a MIPS processor in a Linksys router:
Broadcom BCM4301 Wireless 802.11b Controller
Broadcom BCM4307 Wireless 802.11b Controller
Broadcom BCM4309 Wireless 802.11a Controller
Broadcom BCM4309 Wireless 802.11b Controller
Broadcom BCM4309 Wireless 802.11 Multiband Controller
Broadcom BCM4310 Wireless 802.11b Controller
Broadcom BCM4306 Wireless 802.11b/g Controller
Broadcom BCM4306 Wireless 802.11a Controller
Broadcom BCM4306 Wireless 802.11 Multiband Controller
This list was produced by running strings on:
lib/modules/2.4.5/kernel/drivers/net/wl/wl.o
I am trying to determine exactly how tightly coupled these drivers are to the kernel.
As an aside, I know that some wireless companies have been hesitant of releasing open source drivers because they are worried their radios might be pushed out of spec. However, if the drivers are alre
If they're not rewriting the source code, using it in a form that they themselves obtained it in (pre-compiling), they might not have to provide source if they disclose their source location. Also, if they were smart enough to create independent kernel modules for the rest of the device, they wouldn't have to release those anyway.
It would be nice if they included at least a copy of the GPL and a linux installation CD in the back of their manual though, since that would be a way of distributing the code, if not more than the code, and would probably make them in compliance.
Hell, TurboLinux install CDs came with hardware that Linux couldn't even use, for a while...
Do not look into laser with remaining eye.
A couple follow ups on the kernel mailing list:
A very interesting bit from the busybox maintainer, who has evidently already sent linksys two letters
A post outlinging the possibility that Belkin is also shipping GPL'd code
A few other people are throwing their two cents in, but those were the most interesting, code be an interesting test of corporate policey, and the ability of the GPL to withstand a court battle.
Here's their reply:
--K.
Sig: Bad people happen. Try to avoid being one of them.
Why does everyone always assume that any embedded device running Linux must have, in some way, violated the GPL?
I worked eight years as a firmware engineer. In the last three, I dealt almost exclusively with Linux.
And I can assure you that we didn't need to change any GPL'd code to get what we wanted. Even on fairly custom hardware, we could find preexisting GPL'd code to do 99% of what we needed (and wrote user-space drivers where possible, and modules where not). No need to release anything if you don't change anything, to comply with the GPL.
Whether ethical or not, plenty of legal ways of circumventing the intent of the GPL exist. And, like it or not, eliminating those loopholes (which would basically require forcing any program that runs under linux to use the GPL) would kill Linux in the business world.
The source might be available but only mentioned in the documentation. He states in his message that he doesn't own one of these units so he doesn't have access to all the information that an owner of the unit would. The GPL doesn't require that the source be distributed with the binaries only that it be available. That doesn't mean downloadable. It's possible that people who have purchased the unit have instructions contained within on how to download or order a CD with the source code.
Prevent email address forgery. Publish SPF records for y
Just curious. Did the source code to the Tivo firmware ever get released? I never remember any such controversy about Tivo, and I also don't recall any release of GPLd code for Tivo anyway - admittedly I wasn't paying attention.
Seems to me that the issue is the same: embedded use of GPLd code in a commercial product.
And I'm sure you know this, but they are not required to release all of their source code, only the code for gpl parts of tivo. Just because the OS is linux doesn't mean they have to release code for everything running on it.
Looked in Google groups: "Tivo GPL" was the search. Move along, nothing to see...
http://www.tivo.com/linux/index.html
If Linksys did things right, however, those drivers will be compiled as modules, which they don't have to release source for (well...unless they started from GPL'ed driver source, of course).
Aside from the drivers, everything else interesting should be implemented as applications, which can be closed source on Linux.
So, don't get too excited: becoming fully GPL-compliant might consist of them simply putting up source for a stock kernel, and putting something about the GPL in their documentation.
Is it not? My understanding is that under this license, one could link against kernel headers and be a binary only module. Obviously if I made modifications to the kernel base itself and/or distributed it I would be obliged to distribute the source for my kernel. But, I might have a device in my system that for legal reasons I could not distribute source for and therefore wish to supply binary only drivers for it.
The author of the post mentionned in this story makes the statement that binary-only modules are only allowed if they don't control critical elements of the kernel... this concept seems to lend itself to a lot of subjectiveness in my opinion.
Anyone wish to comment?
If they didn't make changes to GPL'd programs, and if they acknowledge that they use linux and specify what version etc, they don't have to release the code. Technically you could ask them to send you a copy of 2.4-20.tgz, and they could charge you reasonable costs for doing so.
This assumes they didn't alter GPL code.
Actually the accepted German method of writing an umlaut where its not easy to add the umlaut (ie on some computer systems) is to put an e after the umlaut-ed letter. So über becomes ueber. I don't know how you add them on a PC, but on a Mac it's Alt-u. JP.
Two points. I always have two points.
First, as someone else already said, just becuase it uses a linux kernel doesn't mean they modified anything, it could be a stock kernel. If they wrote userspace drivers and/or kernel modules using existing interfaces for their custom hardware, they are not obligated to release anything.
Secondly, if they weren't abiding by terms they had to according to the GPL, it would be COPYRIGHT violation, not license violation, as if you don't comply with the license, copyright law says they can't redistribute it. I know it seems like a silly point, but it's not.
People talk about the GPL being "tested in court" and whatnot.. but the fact is: If you don't accept the GPL as valid, then copyright law still stands, and says you can't redistribute, or make derivitive works. A judge can rule the GPL as invalid, but that would mean that nobody had any rights to redistribute anything.
It's not a license you had to accept and agree to in order to use the product.. so you can't "violate" it.
Linus, or any other kernel developer could go to linksys, and say "I have not granted you permission to use my copyrighted work, please demonstrate why you think you are allowed to do this". They can then either cite how the GPL allows them to do what they do, or concede that they have no right to distribute.
So as unclear as I can be.. it's not a GPL violation... and people are not forced to release code because of a nonexistant GPL violation... although that might be an acceptable remedy to all parties in most cases. They could also be forced to simply stop doing it.
Just be happy that people are using Linux. IMO this kind of public outcry over this -- especially with the comment that you could take advantage of the source to use for your own purposes, with no reimbursement for their development costs -- drives people to the open willing arms of the BSD folks (which includes myself). This kind of inflexibility in working with commercial entities while OSS is still in the infancy of corporate adoption just turns them away.
Hmm, denied access for me, but when I nmap it and try and fingerprint my DI-614+:
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on (192.168.0.1):
(The 1600 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
Remote operating system guess: LinkSys WAP11 wireless AP firmware ver. 2.2
Nmap run completed -- 1 IP address (1 host up) scanned in 8 seconds
hmm..
I was thinking the EXACT same thing.
;)
If they wanted to release the source, they'd have done so by now. Trying to force them will just lead to 'Bad Things'.
Like the fools that keep ranting about Nvidia openning the source of their drivers. I'd never do it in a million years if I were them, and that's partially because I'd be cheating at benchmarks
If you're hearing rhetoric about Linux, open source, or Mac and everyone's bashing Microsoft, you've found Slashdot.
but setting konqueror or mozilla to send MSIE identification HTTP directives did the trick.
Is it actually required, or do they just say it is? Have you tried a different browser?
You can't judge a book by the way it wears its hair.
However, the GPL still requires that they provide source, even if they have not modified it. If you redistribute, you must provide source, or at least a written offer for the source.
.. they are obligated to provide a copy of the source (sans their changes, if they are not within the scope of the gpl)
You can (section c) simply pass along the written offer YOU received, if you are simply redistributing, and not modifying, but only if it's NON-COMMERCIAL, and only if you yourself received the written offer. IF they are using stock linux kernels, there is no written offer, so
3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:
* a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
* b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,
* c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)
It goes even farther than that. The two dots over the letter actually started out (long ago) as a little "e". But people started just using dots because it was easier.
If they are distributing these tools, whether they're used in the end result or not, they should be distributing source.
But his assumption about how kernel modules work is completely wrong.. though the INTENT might be something like he describes, it's not what Linus said.
The Linux kernel license says you can code proprietary modules, as long as the interface is part of the stock kernel (in other words, GPL)
So you can make a proprietary network driver, as long you don't haev to modify the main kernel to get it to work; you are under no obligation to release that source at all. If you have some way of hacking an entire realtime OS to look like a network drive to the kernel, that would comply.
So, linksys should be redistributing the linux sources, however, if their custom work is confined to modules & userland code, they are under no obligation to release the source to those drives. And as linux already has a kernel interface for network & wireless network, there is no reason to expect them to release that code.
Yet, if Linksys had stolen Windows code and used it in their routers, Balmer would be calling the lawyers on them. You can use GPL'ed code all you want, but you can't abuse GPL'ed code, just like you can't abuse proprietory code. At least the FSF tends to be nicer about working with potential violaters than most commercial entities are.
A deep unwavering belief is a sure sign you're missing something...
Ok, I don't know if they have to release source for anything (they can point to other spots saying it's all unmodified).
If they have properitary drivers for their cards, good for them but they don't need to release the source.
On the other hand, it would be nice if they gave you the ability to insert your own ramdisk into the firmware upgrade (run your own code on the router).
Can you imagine the number of cool things you could do with such functionality.
int func(int a);
func((b += 3, b));
If you break the GPL, then you've violated the main tenent that keeps GNU/Linux alive.
Assuming they did break the liscence, they didn't have to use GNU/Linux, in fact if they had done this with FreeBSD, you'd never even see a story like this.
It's not a question of profit, or "corperate interest." It's a question of honoring the liscence under which the code was released.
writing ${vowel}e is an alternative way of expressing a character with an umlaut over it. Its perfectly valid German.
Why not fork?
I portscanned my Linksys WAP54G access point and I got the following:
... good.
Starting nmap V. 2.54BETA25 ( www.insecure.org/nmap/ )
Host (192.168.1.245) appears to be up
Initiating SYN Stealth Scan against (192.168.1.245)
Adding TCP port 80 (state open).
The SYN Stealth Scan took 1 second to scan 1544 ports.
For OSScan assuming that port 80 is open and port 1 is closed and neither are firewalled
Interesting ports on (192.168.1.245):
(The 1543 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
Remote operating system guess: Linux Kernel 2.4.0 - 2.4.5 (X86)
Uptime 8.568 days (since Fri May 30 22:34:18 2003)
TCP Sequence Prediction: Class=random positive increments
Difficulty=2465770 (Good luck!)
IPID Sequence Generation: All zeros
Nmap run completed -- 1 IP address (1 host up) scanned in 4 seconds
Just yesterday, I updated the firmware and reconfigured one of these with Konqueror running from a Knoppix CD. The only issue that I had was that Wine was not able to run their firmware update tool, which is just a GUI tftp.exe and the firware.bin. With Knoppix, I just did a tftp put firmware.bin and all was well.
Unless they modified GPL'd source code, I don't see why they would have to redistribute the source or restate the GPL.
If I put Linux on one computer and wrote software that ran on top of it, without modifying any of the GPL'd source, I would have no such obligation. And I could sell that computer to someone, with Linux installed, along with my own software, and still not be obligated to release any source. Why should it be different if, say, I put it on a million smaller computers and sold them?
What I mean is they are not obligated to release source THEY have written.. because you know everyoen is going to scream about how now they are "owed" wireless drivers.
Yeah, linksys has to follow either section 3(a) or 3(b). 3(c) is not available to them.
Hey! That's a good idea, add IPsec, QoS, etc.... but then the processor won't be able to handle everything, so you'll have to upgrade that. And you'll need some fans to cool the new processor. And maybe a HDD for logging.... wow, add a monitor and you'll be able to use it as a workstation! /me buys another cheap pc....
ObGPLQuote:
Carousel is a lie!
Not only are they in violation of the GPL, they are literally costing SCO BILLIONS OF DOLLARS by violating SCO's copyrights, patents, or some contract with IBM by releasing a Linux based product! Quick, someone alert McBride!
Do you have ESP?
If you can extract the cramfs from the firmware, couldn't you make a change and put it back in to add more functionality to your AP?
Just been hacking around a Belkin 54k WAP/Router box I bought a few weeks back. NMap identifies it as Linux 2.4.0-2.4.5.
...
The Belkin Networking downloads page gives an updated firmware for this. Sure enough, at offset 790393 there's a CRAM Filesystem. Mounting that shows a stock 2.4.5 kernel with three custom modules (one for the wireless card, one for the ethernet card, one for the front panel LEDs). These three modules aside it looks like non-modified GPL stuff.
However, reading any of the binary files shows the string : "GCC: (GNU) 3.0 20010422 (prerelease) with bcm4710a0 modifications" - Modifications you say? Oh dear, I don't remember seeing a Broadcom patch submitted to GCC
They *do* mention it if you buy their products, and they include a written offer for source code ... but they didn't always.
To be accurate, TiVo has not (and never will) released the source to the non-GPL'd stuff that makes the Tivo what it is... the kernel modules and "tivoapp". The source to all the GPL components and the entire linux kernel running on the tivo are available.
The difference as I understand it is that nvidia releases its drvers seperately from the kernel, and the two are only combined by the user. If I'm right about the way that bit of the GPL works, nnvidia can't release a prebuilt kernel, and the user can't distrubute a kernel built with the driver either, unless the code is also made available.
Linksys, on the other hand, may be distributing everything together as a precomiled package without the code. There is a big difference between people wanting a company to release an indepentent project (nvidia drivers), and people wanting a company to release modifications to a GPLed project (linksys). Maybe there are in fact reasons why linksys can legaly do what they did, but from the situation as stated in the origional post, they are using GPLed code and ignoring the conditions on its use.
Hotmail works just fine for me under Safari without changing the user agent (or anything else).
Perl - $Just @when->$you ${thought} s/yn/tax/ &couldn\'t %get $worse;
Just checked out my router's firmware. This particular model (their most popular) is not running Linux.
Although I looked online and it seems you can pick up a WRT54G for ~$115. That's less than I paid for the AP less than a year ago (of course, I bought that retail).
int func(int a);
func((b += 3, b));
The only way for the GPL to lose all effectiveness in the way that you imply would be if a court someplace were to rule that the GPL's terms were ridiculously onerous, and that by handing it out to everyone for public download without requiring a click-through license, the stuff had effectively been placed in the public domain.
That might be true if it is a EULA. But the GPL is an offer beyond copyright law. Code is copyrighted without any licence attached at all (Ãven the (c) is optional now under the standard rules), so it can certainly not be public domain.
The only thing that could kill the GPL would be that a judge ruled that the GPL has been upheld despite the source being utterly useless, for example through programming language (why, we program in assembler), obfuscation, wrappers or some other means which allows other people to interface with it without actually fulfilling the intent of the GPL.
Kjella
Live today, because you never know what tomorrow brings
What penalties are available for those who use GPLed code but don't conform to the "release and show" that one should do? I mean, it's not like Linus could call Linksys up and revoke their license... Could this be the big flaw in GPL?
If the code on the Lynksys needs to be released under the terms of the Linux license, then replacing that code with Cisco code in future releases would not change their obligation to release the code for a current product. Rather, it would be an admission that they did indeed have an obligation to release the current code, an would leave them with an inferior produvct while not removing that obligation to release the source for the good code.
I'm an American. I love this country and the freedoms that we used to have.
The response to the FTP "SYST" command is very unreliable.
I run two different third-party (read as non-Microsoft) Windows FTP servers, and they both respond the same to SYST:
215 UNIX Type: L8
void*x=(*((void*(*)())&(x=(void*)0xfdeb58)))();
People, wer are inconsistent.
:) the general consensus is quite the opposite !!!
A few months ago there was a post here by some guy asking if writing binary-only drivers (as dynamically loadable modules) is a violation of GPL.
Many different opinions were posted, but the general consensus was that it's a VERY BAD thing.
Now, when at least one company actually did what this guy was talking about (and I don't think he was from Linksys
Strange.
Unfortunatly there are many, many misconceptions when it comes to the GPL. One of the previous comments stated that Tivo used Linux but had not released their source code. The reason is that they don't have to! I would be surprised if Linksys would be required to release their source code under the GPL.
The misconception that I see the most is that because a product runs on top of Linux, or uses the Linux kernel then the product is also GPL'd, not so. If the product has changed the sourcecode for Linux, those changes are covered under the GPL. This is why companies like Tivo are not required to release their source. The Tivo software was written without using any existing GPL'd code as it's base, therefore it can be covered under any licensing agreement the author sees fit.
As for Linksys, I'm willing to wager that they implemented all of their code as kernel modules. So if ask for the source code under the name of the GPL, all they are obligated to give you is the source code for the Linux kernel, sin any kernel modules they've written themselves. Kernel modules can be licensed any way the author sees fit.
-Runz
Yes.
<BusyBox maintainer hat on>
S _code.bin
./cramfs.image /mnt /mnt/bin /mnt/bin/busybox /mnt/bin/busybox | grep BusyBoxd d /mnt/bin/busybox
This is what I did to verify that the Linksys firmware was violating the GPL....
#!/bin/sh
wget ftp://ftp.linksys.com/pub/network/WRT54G_1.02.1_U
# I noticed a GZIP signature for a file name "piggy" at offset
# 60 bytes from the start, suggesting we have a compressed Linux
# kernel
dd if=WRT54G_1.02.1_US_code.bin bs=60 skip=1 | zcat > kernel
# Noticed there was a cramfs magic signature at offset 786464
dd if=WRT54G_1.02.1_US_code.bin of=cramfs.image bs=786464 skip=1
file cramfs.image
sudo mount -o loop,ro -t cramfs
ls -la
file
strings
/usr/i386-linux-uclibc/bin/i386-uclibc-l
-Erik -- --This message was written using 73% post-consumer electrons--
Microsoft should just be happy that people are using Windows, even if it's pirated.
as pointed out it is accepted spelling, and ueber would be better translated as 'over'
This space is intentionally staring blankly at you
People, stop posting before reading previous posts!
Tivo DID release their source code.
Does just using GPL software really mean you have to distribute the source? Could Linksys claim that they are not, in fact, distributing GPL code in any form, but are actually just using GPL software in their hardware?
My dad once told me, "Always go to the top to get a problem solved, while that CEO/COO may not fix the problem directly, he/she will at least be annoyed with an underling that allowed the problem to rise enought to bother the CEO/COO." or words to that effect.
Nothing nasty was said, just my name, phone number, that I used their products, and that there are online discussions on weither or not there is undocumented GPL code on their equipment. I also asked him to have his legal department check out if they had recieved notice from Busybox software maintaner regarding Linksys' use of Busybox in Linksys products.
If he doesn't review his v-mail directly, then at least the polite informative tone of the message will prod the listener to forward the message accordingly.
my $0.02, (though sent to Irvine first)
Mark
From what I know about Linksys products, there's no reason they shouldn't work fine with any web browser that supports Java and the usual W3C security protocols. (And in fact, there seems to be a fairly active Linksys/Mac user community.) But if they say, "We only support Windows and IE" they drastically narrow the skill set they have to hire/train their support people for. Costs them a little in non-Windows sales and maybe Mozilla diehards, but not enough to justify doubling or tripling their training budget!
Correct me if I'm wrong, but if you sell a router box with firmware code in it, isn't that "distributing"? Isn't that what Belkin is doing?
If not, if this is being run on their own systems, then how did the top-level poster get this information?
I suppose there's another option -- where they only rent the router boxes, and don't give a license to open or disassemble the binaries/firmware. In that case, it could be argued that they are selling a service, and distributing nothing. Is that what's happening?
Very interesting situation, this.
But what's this bit about "If they didn't distribute the compiler..."? That, I don't understand as well. You modify the binaries, you distribute the modified binaries, you need to distribute the code itself. In fact, as I understand it, even if you *don't* modify the binaries, if you distribute the binaries commercially, you also have to distribute or offer to distribute the code. So what's this about compilers?
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
When I brought up that Google was doing something similar with its search appliance I was told I was making an issue out of nothing (and had my slashdot submission rejected).
http://yro.slashdot.org/~Evro/journal/7047
rooooar
One of my switches runs IOS on a PowerPC 403GA, running at either 25 or 33 MHz.
The linksys AP has a MIPS processor, which is probably running at 125 MHz.
It could run IOS without breaking a sweat.
/Styx
Comment removed based on user account deletion
Some business men are afraid of GPL... why, becouse they left them too little control of their work. It should be possible to use a combination of free and propietary software if it is not related. If not, companies will be afraid of investing in Linux. I think that M$ will exploit this situation If it is not clear a company will not use Linux. For example ÂCan I use some GPL libraries for commercial software? Âunder wich conditions? I think that is the best way to obtain a good driver support for most hardware devices and software programs
I only discovered this by running 'strings' on the firmware and found references to uClinux and a variety of other GPL stuff.
There is NO mention of the GPL in the product manual or on the packaging which contains the CD with a backup copy of the firmware.
I asked for copies of any GPL sources (and associated changes) which the MegaRAC G2 used - to their credit, I received a very nice diff which only covered changes to files which already exist in the uClinux distribution.
Unfortunately, those changes include the addition of header files which the modified kernel relies on - header files which I wasn't given and further requests for them have been ignored. So, even with the 'source' which I was given, I can't use it to produce an identical binary as to that contained in the firmware image which was supplied to me.
For those readers who are interested in purchasing one or more MegaRAC G2s, I suggest you ask your AMI dealer why it took them over eight weeks to patch a vulnerability which allowed *any* remote user to gain full access to the system console and also why the product is prone to frequent hangs which are not recoverable unless you unplug all power from the server and card until the onboard battery drains.
The vulnerability is so simple to exploit - start up the GTK+ remote console utility that came on the CD and point it to the IP address of any MegaRAC G2 card.... that's it. No prompt for a username or password. Nothing. Instant console access.
"Be vewy vewy quiet, I'm hunting wuntime ewwors!" - Elmer Fudd
We have had all sorts of problems using Linksys routers and Linux boxes. Every time we call Linksys support they claim not to support Linux. I find it quite unbelievable that their product would run a scaled down Linux kernel but not interoperate properly with Linux. The "Corrupted MAC" problem when ssh'ing to a Linux box behind a Linksys router remains unsolved to this day. In addtion to other annoying and mysterious problems.
The Linux versions of all Checkpoint products (FireWall-1 4.1, Checkpoint NG) achieve their functionality by means of a binary module which is loaded into the kernel at runtime. This is expressly permitted by Linus as an exception to the GPL license which ships with Linux.
Of course, Checkpoint also produce their own cut-down version of Red Hat Linux 7.0 (known as SecurePlatform) which is designed to turn any standard PC into a fully functioning Checkpoint NG install with the minimum of effort.
The copy of the GPL license contained in the root of the CD filesystem asks that you e-mail gpl-source@checkpoint.com for instructions on where to obtain the source.
I did so... and within 24 hours, I received a password-protected login to a Checkpoint FTP server which contained all the relevant source RPMS (and the Checkpoint-written patches) for SecurePlatform.
So, the answer is no - to the best of my knowledge Checkpoint have not violated the GPL.
"Be vewy vewy quiet, I'm hunting wuntime ewwors!" - Elmer Fudd
First, as someone else already said, just becuase it uses a linux kernel doesn't mean they modified anything, it could be a stock kernel. If they wrote userspace drivers and/or kernel modules using existing interfaces for their custom hardware, they are not obligated to release anything.
Regardless of whether it is a stock kernel or not, they are obligated to identify the fact that they are using GPL'ed code and make an offer to buyers to give them the source code. That is a key requirement of the GPL. I have bought several Linksys APs, and I assure you I have not received such information or an offer.
but the fact is: If you don't accept the GPL as valid, then copyright law still stands, and says you can't redistribute, or make derivitive works.
Yes, but the argument against the GPL is likely to involve an argument against the copyright (or both the copyright and the license). One day, a company like Linksys is going to try to make an argument that GPL'ed software is, effectively, public domain and does not enjoy copyright protection. Or, they are going to argue that there technically is a copyright violation but that the commercial value of the software is $0 and that therefore the penalty for their copyright violation should be $0 as well (even with "triple damages").
If this is a case of GPL violation by LinkSys, then all the DVD/Divx players based on SigmaDesign chips (EM 8500...) violates the GPL too (but I don't think so).
These players runs ucLinux and uses busybox but the drivers for the hardware are in separate binary modules (fipmodule.o and khwl.o). init and the applications called by init (fileplayer.bin and mpegplayer.bin) are all closed source. There is probably no modification of GPL code in these products.
The only problem is that Linux usage is written nowhere on the box or in the documentation.
If they aren't violating the terms of the GPL, then it should be possible to replace the GPL'ed versions of the software with recompiled versions and obtain a running system. That would be quite interesting because it would still allow us to add features and fix bugs in the GPL'ed portions of the code.
You are assuming that a challenge to GPL'ed code involves an attack on the GPL license. I don't think that's likely to be the case.
A company could (and probably) would challenge the copyright. They might argue that the GPL'ed code has effectively become public domain, and hence it doesn't matter what the license says. Or, they might argue that the code that there are no damages, and that therefore they aren't liable for more than zero dollars (i.e., nothing) even if they have technically violated copyright law.
We don't want Linksys's proprietary code, we simply want them to comply with the license, whatever that entails. That means, among other things, identifying to their customers exactly which GPL'ed code they are using in their product and providing that software. What that compliance is good for is a secondary question.
I think that just knowing that the thing is running Linux would be useful for me because I might install additional servers on it (better DNS, for example).
But it's also a PR thing for Linux: if it were widely known that every Linksys and every Belking router is running embedded Linux, more companies might end up using Linux themselves.
It may be a technical violation, but why should anyone care? Basically, you're saying they should have accompanied their product with a written offer to mail you a CD-R with a .tar.gz downloaded off kernel.org, for the cost of a CD-R plus postage. What good exactly would that have done, since you can download the damn thing yourself?
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
If they did things right, the only source they'd have to redistribute would be the stock kernel source. You can already get that from ftp.kernel.org, so what exactly would you be gainin?
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
But that's nitpicking. It may be legally required, but it's also completely fucking useless. You're essentially asking them to make an offer "for $5, we'll mail you a mirror of ftp.kernel.org on CD-R". What good would such an offer be?
10 PRINT CHR$(205.5+RND(1)); : GOTO 10
Damn right.. since MS's own New, Broader Shared Source licence would have been so much more appropriate..
"You may not distribute this software in source or object form for commercial purposes under any circumstances."
455fe10422ca29c4933f95052b792ab2
What router and firmware version? I dont have this problem.. been SSHing into my Linux box behind a 4pt Linksys router for years w/o trouble.
Linksys paid SCO for a license. As the Linux kernel is in violation of SCO's copyright, and is such not permissible as any form of viable evidence in a court of law, Linksys is safe.
Upon further questioning, a Linksys representative was quoted as saying 'Apples. How d'you like them?'
(Devil's Advocate)
Why are mfgrs going to use Linux in appliances, etc. if they're going to have to release source code? They might as well try to use linux embedded and not tell anyone there's linux in it. Because if it's not a user-serviceable part, most people wouldn't know the difference. Creating a software download repository might be too much of a headache for them and revisions might become an IT nightmare. Screw it.. use vxWorks.
The biggest trick the devil pulled was letting lawyers become politicians so they can write the laws.
Call SCO...They'll deal with it by suing Linksys, Cisco, and everyone who's ever even looked at a Linksys product, let alone bought one! You know that they say: Boies will be Boise!
Hi,
A few months ago I was poking around their "network file server in a box" - I forget the model number, but it is shoebox sized and purple.
I can say for a fact that they used Linux and a number of other GPL bits in this box. I almost sounded the alarm, but I was way too busy with other things.
What I found:
1) Open case
2) Remove small compact flash card that contains the software for this product
3) Install compact flash card into my notebook
4) Use cfdisk, notice that there are three ext2 filesystems
5) Mount ext2 filesystem
6) See that they are using a 2.4.x kernel
7) See that they are using GPL print spooling software (I forget which)
8) Try to find _any_ notice about the GPL in the docs or via the debug serial port _NO NOTICE_.
9) Visit linksys website to find GPL required sources, not there.
If anyone wants more details please message me off list.
I wanna run top on my linksys and maybe mount some NFS. You could do a lot of other cool stuff too
-ZiN-
If Linksys sells me a device that has a firmware image on it, they've distributed the image to *me.*
The firmware is downloadable from Linksys's website. That counts as them distributing it to anyone who downloads it.
However, if someone *using* that same device discovers a filesystem tucked away in there, containing Linux binaries, and makes a copy... well, Linksys hasn't distributed anything to *them.*
True. In that case, the onus is on the person doing the distribution to either provide the source, a written offer for the source or a copy of the offer that they received from Linksys. If they have none of these things, then they're not allowed to distribute it themselves.
This presents an interesting problem.
How do we convince Linksys to play by the rules without proving to them that using open source materials was a bad idea in the first place.
If we simply force them to release the source by court action, it could make other companies very paranoid about using open source software in general, but if we let them go without obeying the rules, what kind of message does that send...
-=geoskd
www.geoskd.com
I wish I had a good sig, but all the good ones are copyrighted
No this is pure bullshit, only the gpl code they modified has to be released. It's almost useless to anyone but linksys anyway, there are literally hundreds of companies releasing the source for their gpl'd code in embedded systems and for the most part... it never gets touched, nobody ever uses it for anything.
They got 99% of the code they used for their system free due the sweat of others... there is absolutely nothing wrong with requiring the give a lil sweat back in turn. The BSD license simply allows for wholesale theft. Believe it or not I don't spend my free time writing code so a corporate entity can steal it and make a bundle of cash. I'm not slave labor for their benefit. I damn well expect a return on what I do, I expect that return in the same form they got theirs, code.
If you don't like it, freeload off someone elses sweat. I write code so that I can contribute something to humanity. So that the end user will have something at a free or reduced price, that includes me. If the company gets the software free, it reduces development cost, these saving should be passed on to consumers (not that they are, when I buy a linksys device I guarantee they will charge me for the software I wrote running on the device). Failing that, at least I know that any advances they wouldn't have been able to make without my code are being passed back to the community and improving products across the board.
Believe it or not, a company SHOULD have to continue improving their product to stay ahead... not make an improvement and keep it forever (read 2yrs if it's a technology based product) hidden so they don't have to improve anything to stay ahead of their competitors.
Sounds sort of like people who file-share movies and music (a large cross section of which I would wager are pro-GPL and GPL software).
What the GPL seeks to do is make it so that as soon as there is any problem with a product, anyone with ability can fix the problem and then release an improved version. This works well in a buisness setting. Let's leave the whole computer arena for a second to hypothetical land.
Let's say J. Random Hacker decides to make a factory that makes a mechanical pencils. His plan is good, except for a few flaws, but he starts selling them anyway. Soon Joe Blow buys a pencil and realizes a quick effecient way to fix the problems. He can then fix the pencil and, if he wants, start production of the improved version. However, after Joe Blow's product has been out a while, Ford P, although he has never actualy bought a pencil has seen how they work and figures out a way to make the fully functional pencil work even better, it now doesn't require the user to click it, the lead extends automaticly, Ford P. can implement his improvement and everybody has functional pencils that they don't have to click themselves, and the person who makes each improvement gets credit for as long as his version is the best. That is how the GPL should work as well.
In a non-GPL world J. Random Hacker makes a pencil with some flaws, just the same as before. Joe Blow however doesn't have access to what he needs to figure out how to fix it because it is illegal to take it apart to see how it works. The world is stuck with faulty pencils.
Which one shows innovation?
Hint, it isn't the second.
Little Brother, watching the watchers
I wish I could tell you but I can't. I finally gave up and now use the Linux box as the router with NAT enabled for my home network. It works much better and has a lot more flexibility. Thanks for the offer to help, it's guys like you that make the Internet a great place. I was just miffed that Linksys tech support wouldn't assist with the problem, even though many had reported this problem at the time.
Looking through /www in that cramfs image, I find it interesting that all the files end in ".asp", but I don't see any code in there...
Perhaps trying to throw people off and make them think it's running WinCE?
If so, that's kinda scummy.
I think the kernel developers are getting tired of working for postcards and are tired of not getting a cut of the action. So everytime they do something for free and some "big mean old company" takes their free code, incorporates it into something they make and then charges money because it goes along with their product the kernel developers have a hissy fit and cry foul.
Why do they constantly wonder why linux will be nothing more than a niche product? Because the way they've structured it there is no money in it. Oh sure, companies can use it, small gov'ts will use it. The ubber-nerd will use it, but in the end they all go back to their windows boxes because that's where all the software is, that's where all the money is, and that's where all the jobs are.
Free stuff is nice, but if the world is made up of nothing but free stuff there would be a whole lot more unemployed people.
If you don't want companies taking your code, modifying it and selling it then turn around and make it harder for them to do so. But to do that you must destroy the free-ish way you do business.
Its really up to them to decide.
http://www.koumoula.com/modules.php?name=News&file =article&sid=13
Shhhh! The correct term is "application specific optimization"!
In the past other companies have caved to GPL requirements with a bit of arm twisting. No 'Bad Things' happened then and I can't see why LinkSys would be any different.
Oh, go pour hot grits down your linkport.
*shrug* not releasing linux drivers for next generation devices?
If I was linksys, and was forced to open source for something I didn't want to, I'd be jumping on the 'Microsoft only' bandwagon so fast that 'breakneck' would be an understatement.
They put hard work into what they develop, why should they give those developments away for free?
If you're hearing rhetoric about Linux, open source, or Mac and everyone's bashing Microsoft, you've found Slashdot.
and that was before apple forked Konqueror.
A friend asked me to close his account for him. I run a mailserver, so I'd never use that shit myself.
You can't judge a book by the way it wears its hair.
Whoa giddy.
Do you mean that if I wanted to port my windows program over to linux I would have to GPL it?
I always thought linux was freedom of choice?
liqbase
Ugh. This could be a good thing (widespread use of Linux and GPL apps), or a bad thing (widespread use of Linux and GPL apps while breaking GPL).
Instead of bashing every company left and right, why don't we make an honest effort to assist them with becoming compliant with the GPL (if they are in fact breaking it)?
No one is having a 'hissy fit'.
We are just interested in ending Broadcom's idiotic refusal to release drivers for Linux.
I can't speak for kernel developers, but I for one am only interested in seeing Linux treated as the viable operating system that it is by hardware manufacturers, resellers, and even users.
Until that happens, expect us to use all means necessary, including expecting people to abide by the GPL, to achieve that goal.
"I assumed blithely that there were no elves out there in the darkness"
... or on the box, I just checked.
/Styx
Looking further, it looks like Broadcom is shipping a modified GCC to vendors...
they mention "Convenient software integration tools to enable routers, gateways and other products for wireless LAN" and ease of integration with embedded linux drivers - I can't help but assume that that means Broadcom has done some work on GCC as well. Anyone have some thoughts on this?
if you run strings on just about anything, it says it was compiled by
"GCC: (GNU) 3.0 20010422 (prerelease) with bcm4710a0 modifications"
looking at the product brief for broadcom's BCM94306 reference board,
http://www.broadcom.com/pbs/BCM94306.pdf
I'm no GCC guru but it seems like the GCC people might be be entitled to some new code as well.
Read section 3 of the GPL again. They are distributing binaries of GPL'ed software comercially, and thus must offer you the source in the same way they are distributing the binaries (which is by anonymous ftp).
See the GPL FAQ.
/Styx
You're right. A "compliance settlement" should include at least some cash, perhaps even donated to charity.
:)
Hmm, if the money goes to charity be sure that the deal transfers the money to the copyright holder and that the copyright holder is transfering the money to charity. Wouldn't want to give them a tax write-off or let them advertize the're giving money to charity
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
A punishment is covered under DMCA. Any copyright holder can shutdown their web site till they get their act together. What will their stock price do when their site is down. The court order to shut the site down, could also redirect it to another site that says "This site has been taken down due to a court order under the DMCA". Such a thing would cause many investors to look at pulling out.
That might be true if it is a EULA. But the GPL is an offer beyond copyright law. Code is copyrighted without any licence attached at all (Ãven the (c) is optional now under the standard rules), so it can certainly not be public domain.
Does anyone know what would happen if I wrote some code and put it on the 'net with a disclaimer saying "Don't download this unless you pay me $100" but did no effort to prevent anyone from doing so? If 10 million people downloaded it and started using it all over the place, and I tried to sue the 10 million and first person, I would assume that the lack of enforcement would be enough to put the code into the public domain. Please correct me if I am wrong.
"If it sucks without butter, it still sucks with butter, only creamier." - AC
Furthermore, after reviewing this GPL our lawyers advised us that any products compiled with GPL'ed tools - such as gcc - would also have to its source code released. This was simply unacceptable. My lawyer tells me that you should stop taking the quaaludes.
Here's a gem: /mnt/usr/sbin/cron
...
...
strings
@(#) Copyright 1988,1989,1990,1993,1994 by Paul Vixie
@(#) All rights reserved
You may disagree, but to be blunt, you're wrong. -tgd
Actually I think that Linksys's BEFSR routers run Linux as well, because there are a few references to eth0 and eth1 in their firmware...
Even if Linksys complies after some cajoling, this demonstrates the practical "loophole" we have been witnessing for the past 2 years:
.tar.gz's because I do everything possible to be able to use the stock products. Why? These are long term products, life spans of about 10 years. Living with a set of patches for every damn tool we need... I have better things to do. If there's a way to avoid changing the origian sources, we'll go ahead with that one.
companies use GPL'ed stuff, and if they get caught, they (often) comply. For each violation that gets caught, there might be several that get away.
So what? I mean, I'm all pro GPL and also a GPL sw coder. I work for a company that manufactures slot machines that run linux and loads of other GPL'd software aswell as our own apps. Technically we don't distribute the slotmachines so we're not bound by GPL, and if we were, we'd just put a simple ftp server that would have the
And what's the real beauty is that when we discover bugs or make future enhancements or such changes, we try real hard to get them into the actual sw package, again just to avoid having to maintain a large set of patches.
And for example Linksys failing to offer a stock kernel tar ball in their site doesn't sound that serious to me. A proprietary sw mogul using gpl'd code in their product, now that would be a serious violation.
1 Earth is warming, 2 It's us, 3 it's royally bad, 4 we need to take action NOW
Yes, I know the guy is almost certainly a troll, but this won't take long.
"Part of this license states that any changes to the kernel are to be made freely available.
Unfortunately for us, this meant that the great deal of time and money we spent "touching up" Linux to work for this investment firm would now be available at no cost to our competitors."
Sorry, thanks for playing. It merely states that you have to make the source available to those you give binaries. You can make all the changes you want to the kernel for a client, as long as you give that client the source as well. No-one else need have it.
In the instance of kernel changes, it makes a hell of a lot of sense, too. Lets assume for a moment that you weren't a troll. This company would have a custom kernel, but without the new modified kernel source they couldn't install anything else that would also patch the kernel, or even rebuild when bugfixes are released.
"I Know You Are But What Am I?"
I bet that Linksys, since the witch hunt turned to them, are thinking "Why, oh why, didn't I take the BSD pill".
Open source is the art of letting other people write your bad code.
http://diary.codemonkey.org.uk/ (19th May) Anything to do with it?
Also note, their NAS disk storage devices (old EFG20, and newer EFG80) both use linux. No mention of this in the user guide, web site, or sales brochures. Use the link ftp://ftp.linksys.com/pub/network/efg80.zip to download the firmware.
You would be wrong. People who are truly pro-GPL and GPL software would not find it appropriate to violate the law by infringing on the copyrights of others. Otherwise, why would they bother being pro-GPL, when they could just get an infringing copy of Windows XP and be done with it?
Just because it runs Linux does not mean that have to suppy the source.
It they did not modify the kernnel, and did not staticly link any of there software to glibc then they could be as good as gold.
I wonder if the BSD people might be right. Just because a company uses Linux and does not provide the source people start asuming that they have violated the GPL or more likely the LGPL. Maybe Linksys should look into using BSD. I am all for free software as in free speach and in free beer. However if the they follow the rules set out in the GPL and LGPL then they have every right not to share the source. Besides with this stupid SCO thing we need all the friends we can get.
See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
I know it should be obvious, but your post reminded me to post the source for a product I work on that uses some GPL'ed code. Thanks.
Does anybody know what the proper thing to do with a config file is? (i.e. I modified a config file, but the modification has no value).
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Who blew the whistle? Let us thank him/her... Now hopefully we can push forward with this and get Linksys to actually comply with the GPL...
they dont have to tell everyone the source is there. we all know that by law they have to give any modified source. has anyone tried to request it?
Question
http://www.ironfroggy.com/
Check out strings usr/sbin/udhcpd, and then compare that with the source of udhcp. Good number of things missing from the source. I want my code back.
Ah, now, if true (I don't disbelieve you, but I have no way to verify it myself), you have made the best point of anyone responding to me thus far. Something beyond mere nitpicking - A real, verifiable violation beyond just an oversight on the last page of a product manual.
THAT I will gladly call "foul" for, and demand Linksys start playing well with others.
Incidentally, why post as AC? I almost didn't see your comment (sub threshold)... Mods - boost this guy a few points, please.
Yes, this was VERY annoying, and I ended up pulling out the damn "firewall" my kids school was using and replacing it with something a little more ssh friendly. I couldn't find anything about this problem anywhere except on some (non-linksys) mailing lists either.
-- I speak only for myself.
Have you read the GPL?
(emphasis added)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
you missed the point... their changes are not necessarily covered by the GPL.
The GPL says if you distribute at all, even teh stock kernel, you have to provide source (unless it's non commercial, and you received it with a written offer, you can pass that offer on, ie: I can give my friend a copy of debian, and not have any further obligation. A commercial distribution cannot.
It ensures the code is available.
Yes, with the Linux kernel that is so very popular and widespread, there seems to be no benefit to linksys offering it as well.. but what if it's some more obscure stuff?
This clause ensures that the source WILL be available.. it's not kernel.org's responsibility to satisfy linksys's GPL obilgations.
So yeah, we shouldn't freak out at them for it, but they have a duty to distribute that source.]
Yes I have, in what way does this conflict with anything I've said? It says, that seperate modules and programs are still yours. It also says that modifications to the code I and other open source programmers wrote, are in turn gpl'd.
"Extend to the entire whole" the part you've bolded applies in direct context to what has already been stated, the entire whole is the gpl'd software, if you want to modify it or make it part of another program then your modification becomes gpl'd as well.
This is the part that makes sure that you can't close my source, it also makes sure that your modifications have a chance to get back to me, THIS is your payment for my labor. I don't believe in slave labor and thus will never release under BSD. I do get compensation if you use my code (if not the finished binary of my code), I get your code back. Yes your competitor does too. Then again, if he uses it, he will undoubtedly make modifications... and guess who gets the benefit of your competitors labor then...
This is akin to Competitors getting together to develope standards they all agree to adhere to. It makes it less expensive to make your product compatible with everything else out there because the standard is open for everyone to follow, one or all have to contribute the labor and expense of developing the standard but in the end all benefit from it, including the consumer.
Clearly you don't realize that there is a distinction between work you do for a company and work you do for yourself. Most of us are not fortunate enough to make a living doing the kind of stuff we want to do in exactly the way we want, but there are a crapload of people who write GPL software as a hobby.
If you're saying this because you don't realize that, I'm sorry for you.
If you're saying this because you're defending companies that jack GPL'd code, put it in their products, and don't mention it anywhere and offer the source as they are obligated by the terms of the GPL, you're a bastard.
If you're saying this because you're defending companies that jack GPL'd code, hack it to do new things and then distribute it in a product without giving cred and offering the source, then you're not only a bastard, but an asshole as well, and I would love to rip you a new one because the world clearly needs more of you guys.
Open Source is enhanced by the people that want to play fair.
If some people have to infringe in the copyright of the Linux developpers they can;t expected to be welcomed to do so with impunity, neither can do so any other companies.
If they don't like it they are completely free to use any closed source software solution or any BSD based solution.
The GPL is clear and there is plenty of advice about what happens if you commericalize your products including GPLed software.
In synthesis read the GPL you lazy bummer.
IANAL but write like a drunk one.
If you ask a common trespasser to leave your property, and they refuse to comply, you are entitled to use reasonable force to remove them. {Note: common trespass = civil offence => no Old Bill. Not same as aggravated trespass = criminal offence => call the Old Bill.} When they sue you, your defence will rest on there not having been anything less harmful that you could have done to get rid of them.
Stretching the analogy {in fine
So my action plan would be:
- Buy one of these routers
- Reverse-engineer the firmware and check for GPL code (*)
- Publish anything you believe in good faith to be GPL'ed
- If anyone complains, point to the GPL and claim reasonable force as a defence {mentioning other less-benign tactics as a straw man}
- Remember, even in a Crown court, you only have to convince 2 people out of 12.
* After this step, the one after next may well be comparatively easy.Je fume. Tu fumes. Nous fûmes!
I hacked around with the early port of Linux to the IBM 403GCX a few years ago. Tivo, who also used the 403GCX, did NOT comply with the GPL. I, and other developers were amazed to learn the Tivo was using Linux, and it took many months before they finally released the source. Yeah, they are nice and friendly to Linux and the GPL now, yet they weren't always that way.
HIV Crosses Species Barrier... into Muppets
Free stuff is nice, but if the world is made up of nothing but free stuff there would be a whole lot more unemployed people.
If the world were made up of nothing but free stuff, you wouldn't need money for anything, so employment (or lack thereof) wouldn't be a very big deal anymore.
Imagine if all the companies that used embedded linux in their devices like the linksys and belkin routers were to install seti or any other distributed number crunshing item to tap the unused processor power of the devices....
--
Time is on my side
I guess none of you have considered that possibly the source for the Linux kernel, as well as whatever else they're using, HASN'T BEEN MODIFIED. No modification, no release neccesary. Whatever they add on top of it does NOT become GPL unless THEY LICENSE IT UNDER THE GPL. Just because something runs on Linux DOES NOT MAKE IT OPEN SOURCE. Just because something contains Linux code does not mean you get the source. Tough shit.
'Standards' in computing only impress those who are impressed by things like 'standards'.
the nVidia driver (and, I believe, other binary drivers) use a GPL stubload that just forwards calls to the binary. The binary itself isn't linked to the kernel (I'm not 100% up on all the arcane linking issues, but my understanding is that this is common, and while people prefer source drivers, they accept that binary ones are better than nothing). I believe some distros ship with the nVidia drivers. Suse? Lindows?
It's the same thing - the cost in GPL software is compliance. If the cost of compliance is greater than the benefit of the code, don't use it. Just like you wouldn't use a proprietary library if you had to pay more for it than it would cost you to develop it yourself.
Y'know, you DO have a point with 'Because they DIDN'T work hard for all the rest of the stuff they developed'. By that I assume you mean that which they're using that IS GPLed.
Don't get me wrong, I'm not saying let them use GPLed code without them having to release their source, I'd never support that stance. I'm saying don't try to force them into openning their source if they don't want to. If they don't want to open it, let them rip out all that viral GPL code and write something proprietary to replace it. Since all the source for the GPL stuff is available, figureing out how it works at a core level and writing something that does the same thing couldn't be THAT big of a chore.
Of course, that depends on how complicated the GPL stuff they're using is. But for a router, how complicated could it be?
If you're hearing rhetoric about Linux, open source, or Mac and everyone's bashing Microsoft, you've found Slashdot.
It's the entire Linux kernel. I'd say thats pretty complicated :P
you mean my Linksys router is actually booting a linux kernel when I turn it on? wow. I thought it was just using some other arbitrary GPL code, I didn't suspect it was the whole kernel!
now I have to wonder, why would they use software rather than hardware to route (which would be faster, right?)
If you're hearing rhetoric about Linux, open source, or Mac and everyone's bashing Microsoft, you've found Slashdot.
"real" routers do (see some of the higher up posts in this article re: cisco machines). There still needs to be an OS of some sort to handle things like configuration. The basic reason is that CPUs are cheap, while special purpose ASICs are not. It's not a full linux distro, mind, and it's a stripped down embedded kernel.
In a Linux-equipped PC, it's pretty easy to keep work one might want to distribute binary-only as separate modules and programs, but in embedded systems, it doesn't seem that easy to me to "merely aggregate" code into a ROM or even a non user-accessible hard disk (TiVo).
Even static linking could be called aggregation as the caller & callee don't change each other-- they aren't fused by just mixed up together. The better the interface, the less changed the parts need to be.
However, dynamically linked code is given exception to the "extend to the whole" reach of GPL'd code.
It's obvious to me that someone's trying to draw a line here to prevent what some have called "slavery."
That line is a defined a lot looser than people claim. "Merely" is pretty slippery.
You say TiVo can't be considered a "whole" work, so I suggest that I'll release an MORGAN# compiler, binary only, that uses a parser by me but the code generation & optimization from g++. If you don't like it statically linked, I'll create an interface to the g++ opimizer that let's me hand it three-address code & release the dynamically-linkable modified code's source.
I don't think my contribution of adding a hack layer into g++ is worth the benefit I get from all the work others put into g++, but it seems the rules allow this. I think it's simply a trick as is the binary kernel modules trick.
TiVo contributed access through the serial port for fun hacking, but that's not what the GPL requires them to contribute.
-M
FWIW, Dell has an access point / router that runs Linux called the Dell TrueMobile 1184. The difference is, when you contact Dell, they give you the source code.
I have set up a <a href="http://trilug.org/~chrish/">page</a> ; on <a href="http://trilug.org/~chrish/">my web site</a> that deals with this wireless router, how to take it apart, what features are there to exploit, etc.
I realize this is a late response but the search engines should hopefully pick up on this for those that are interested.