Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linksys and the GPL, Again

Posted by michael on from the unclear-on-the-concept dept.

Rob Flickenger writes "While poking around on the Linksys WRT54G (one of the new Linux 2.4.5 based APs) at a SeattleWireless Hack Night session, we noticed a number of binaries in their firmware (including Zebra, PPP 2.4.1, and iptables to name three) that are released under the GPL, some of which are obviously modified. The question is, where is the source code to Linksys' modifications? Their "GPL Code Center" has the packages, but they are the pristine distributions, without any changes whatsoever. I've asked Linksys for clarification, but given Linksys' customer service reputation, I highly encourage other interested parties to ask them as well. More details are up on my weblog on oreillynet.com."

24 of 443 comments (clear)

  1. How does Cisco relate to this by neye_eve · · Score: 5, Interesting

    They just bought linksys, right? So wouldn't this take an increasingly interesting turn if it's Cisco violating the GPL instead of "just" Linksys. heh, go after the deep pockets :-)

    1. Re:How does Cisco relate to this by TedCheshireAcad · · Score: 5, Interesting

      Havent thought about this before, but if the Linksys router uses Linux 2.4.x, and Cisco owns Linksys, then Cisco can join the fight against SCO. If SCO is claiming that kernel 2.4.x infringes on its IP, then Linksys/Cisco should be fighting not to pay ~$700 per router they've sold.

  2. Wow by saskwach · · Score: 0, Interesting

    A production product based on the development kernel? Isn't 2.4.21 stable? What does 2.4.5 do that makes it worth using on a linksys router?

  3. Could it be..... by Anonymous Coward · · Score: 1, Interesting

    Could it be that they are using stock versions of these apps..

    Many times what seems like magic, is nothing more than spending some time with the config files, and understading the options that are available.

  4. A new bad guy? by mao+che+minh · · Score: 4, Interesting
    Linksys makes some really swell wireless devices based on modified code that was released under the GPL. Linksys does not release the source code, and obfuscates the process of retrieving the code when you ask for it.

    To date, many people have asked, no one has recieved.

    It looks like Linksys wants to use superior GPL code, but doesn't want to play by the rules and let competitors in on the action. If they were going to act this way, than they should have stuck to proprietary works.

    1. Re:A new bad guy? by sfire · · Score: 4, Interesting

      And it can all be downloaded from the web here

  5. GPL avaiable from LINKSYS by GdoL · · Score: 2, Interesting

    The GPL clearly states that the modified source code must be avaiable on-line? Or the modified code may be only avaiable off-line?

    --

    ------I can please only one person per day. Today is not your day. Tomorrow isn't looking good either.------
  6. How do we tell? by BenjyD · · Score: 4, Interesting

    With no real threat of serious (ie costly) legal action for violating the GPL, what's to stop this happening again and again? How many other companies have stolen GPL code and are distributing it without our knowing about it?

    Then again, if someone did sue for copyright infringement, what kind of damages could you claim?

  7. GPL compliance re: GCC by hankaholic · · Score: 4, Interesting

    Unless they provided you with a license to run the compiler which they have, they aren't required to furnish source code.

    If they were provided with a modified version of GCC, they themselves do have a right to the modified source. The GPL provides you with the freedom to make and distribute modifications to a program which is licensed to you.

    However, it doesn't say that you have to provide the program itself to anyone.

    I use GPM for mouse handling. The software was made available by the author(s). I can make modifications to it all I want, but unless I provide someone else with a binary based upon my modified source, I don't have to provide source code to anything.

    Know your rights well. Know where they stop even better -- you don't want to come off as a maniac claiming rights to that which isn't yours, but be sure that you know what rights are provided to you.

    I'd like to know RMS' take on GPL'd apps being distributed as part of an "embedded" device. Google, here I come...

    --
    Somebody get that guy an ambulance!
  8. Re:Troubling. by Anonymous Coward · · Score: 1, Interesting

    Well, if you don't enforce the GPL, then it will become useless. Companies will choose to ignore it and appropriate others' code without giving anything back. This all may seem trivial until some large company decides to take GPL'ed code and make it their own without releasing any source. And suppose they then say that the modified code belongs solely to them.

    If you don't fight the small battles, the big ones are that much harder to win.

  9. Re:Reasons why this might not be true by anthony_dipierro · · Score: 2, Interesting

    the fact is, they don't even need to provide binaries for the modified gcc. it is being used "in house" and there is therefore no need to redistribute the changes.

    Well, they don't need to provide the binaries for the modified gcc under the license of gcc. But my interpretation (which could be wrong) is that gcc is a script used to perform compilation, and as such must be distributed with the source. This is open to a different interpretation, though. Certainly the Makefiles, configure files, and installation scripts have to be distributed, as they clearly are "scripts used to control compilation and installation of the executable."

  10. Re:Troubling. by enjo13 · · Score: 2, Interesting

    Not exactly true...

    A lot of companies support linux (and Mac OS for that matter) for many reasons.. a common one among them being Goodwill. They recgonize that a lot of IT decision makers are also Unix* users.. by supporting your product on Linux those decision makers become familiar with it and have a positive view of the product which translates to sales on other (more prominent) platforms.

    As they say in business school, 'never understimate the power of goodwill.'

    --
    Turn s60 photos into awesome videos with mScrapbook for all S60 3rd edition phones!
  11. Modified GCC issues by signe · · Score: 4, Interesting

    OK, so Linksys used a modified gcc to compile some of the GPL'd software on their AP. As noted, unless they put the modified gcc binaries on their AP as well, they don't have to distribute the source. But this raises an interesting point.

    Say I create a modified compiler that recognizes some piece of code, or tag and replaces it with an "improved" piece of code. For example, it recognizes the code for a particular driver, like the tg3 driver in the Linux kernel, for one example, and inserts optimized compiled code in place of the actual code in the output binary, where this optimized code is actually a completely new driver, derived from the original GPL driver.

    Now technically, I haven't broken the GPL if I distribute the output binary in a product but don't distribute the source for the optimized driver. The optimizations are present in gcc, not the source code, and I'm not distributing gcc. The changes in the output binary are just the way that the compiler I used "interprets" the code that was compiled. It does, of course, break the spirit of the GPL. Is there a way to address this, or is it a giant glaring loophole in the GNU Public License?

    -Todd

    --
    "The details of my life are quite inconsequential..."
  12. Re:Duplicity by Anonymous Coward · · Score: 1, Interesting

    The difference is people who download MP3s don't sell them to other people. If a GPL-like license were written for music, it would allow the currently illegal practice of downloading for personal use.

  13. GPL loophole? by Migrant+Programmer · · Score: 4, Interesting

    What if you modify GCC for use with a particular project (based on GPL program Foo) in the following way:

    When your new GCC reads in the code for Foo, it compiles it incorrectly so that it convenently produces a program with your desired changes. This could be done by constructing a lookup table with original Foo code lines corresponding to modified code lines.

    The result: from the original GPL Foo source, you have your own custom binary. Upon distribution of this binary, you are bound by the GPL to give access to the source, i.e. the original GPL Foo source. Since you're not distributing your custom GCC binary, you don't need to give access to its source either.

    I'm sorry if I just broke Linux. Tell me if I'm wrong!

    --
    Bitchslapped. Neat.
    1. Re:GPL loophole? by Anonymous Coward · · Score: 1, Interesting

      No lawyer, but a lookup table sounds suspiciously like you've turned the compiler into a kind of library.
      In which case that compiler code would have to be made accessible too.

  14. Why go after just Linksys by Anonymous Coward · · Score: 1, Interesting

    I'm confused why everyone is attacking Linksys. There code is based off if not entirely from Broadcom. If you look at anyone who is using the 54G chipset they are all supplied the firmware from Broadcom. This is where all the Linux modification is likely to come from. The manufacturers (Linksys, Buffalo Tech, Belkin, etc.) probably do very little if anything in the Linux enviroment most of there work is probably setting up the firmware through there web pages not modifying Zebra and other GPL software.

    This brings up an interesting question. If Linksys is supplied firmware from another company and this company provides a tool to create their own firmware without Linksys's knowledge that it is GPL'd code what is their responsibility in supplying said modified code.

  15. Re:OH NO! Stealing is wrong! by Jearil · · Score: 2, Interesting

    Umm no...

    Several things wrong with your argument. First off, as we've all heard, copyright violation is not stealing, it's copyright violation. What Linksys is being accused of is not following the licensing agreement set forth in the GPL, thereby ignoring the individual developer's copyrights that they have on those GPL'ed works.

    Now as for your comment on MP3's and the negative view towards the RIAA that most /.ers have, I think you've missed the point completely on that issue. You may not have noticed, but most people here don't believe in violating the copyrights of musicians by illigally downloading MP3's. What we have a problem with however, is the RIAA's attempts to destroy legit P2P services that can be used to share legal MP3's (among other things). Also, the fact that they're attempting to take the law into their own hands (such as that attempt to being able to crack people's boxes if they suspected them of copying illegal music without a judge to intervene) seems to most to be a violation of our rights. The fact that the RIAA is sueing individuals also means that little guys that could actually be sharing only legal music could get caught up in the struggle and not be able to pay to get out of it through a lawsuit, and are forced to settle. We disagree with how the RIAA is acting, but most would just urge artists to use a different avenue instead of the RIAA rather than break the law.

    The GPL was meant to allow the original authors some sort of payment without the use of actual money (eg, code that anyone else modified and released to the public). It's also meant to make it easier for people to see what's going on inside of these things and be able to make needed changes to suit the users need, and that right is protected by the copyright holder through his use of the GPL. How you can assume that it's the same as illegal filesharing, I have no idea.

  16. Not GPL Violation-RTFC by dnoyeb · · Score: 5, Interesting

    It appears that the posters assumed violation of the GPL was because the router used files from non-standard locations. Further, it appears that said file locations can be specified in a 'conf' file. Finally, it appears as a result of this that the claim of GPL violation by Linksys is in error.

    Also, the claim that Broadcom may need to release their source also seems to be in error due to the fact that their modified GCC has not been publicly released, and the only one that can claim the right to examine said source code of the GCC modifications is Linksys.

    RTFA-and the comments that follow...

  17. Re:somewhat off topic, but... by Anonymous Coward · · Score: 1, Interesting

    Where do you think most of the latest XFree development is coming from? They've cleaned up XFree and made it some what decent.

  18. Re:Non-Issue? by Anonymous Coward · · Score: 1, Interesting
    Maybe you just need to read the summary (or the article!) first. Linksys put UNMODIFIED sources on their site. This guy is claiming MODIFICATIONS that are not reflected in the offered source.

    Congrats, you are guilty of your own accusation.

  19. Yes it does by hummassa · · Score: 3, Interesting

    the --sysconfdir=X string ends up in one of the .h files (config.h?) and it propagates thru in your binaries.

    --
    It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
  20. Re:Reasons why this might not be true by arkanes · · Score: 2, Interesting

    An interesting question. Legally, Broadcom can't stop Linksys or any Linksys employee from restributing it. But I bet that anyone who did so would get in trouble with upper management...

  21. Re:Troubling. by e2d2 · · Score: 2, Interesting

    This brings up a good point, if a hardware company uses GPL code, modifies it, then release their hardware with that modified code is the selling of the hardware considered distribution (they just distribute the hardware)? You don't really distribute the binaries in the traditional sense of allowing users to download the code or send them a CD.

    I say it is distribution, but I was wondering if it has been discussed/ironed out by the FSF..