Slashdot Mirror


VIA Pulls PadLockSL

yipyow writes "A few weeks ago VIA Technologies posted software based on Nullsoft's WASTE, as reported here a few days ago. VIA PadLockSL included both a Windows and Linux client and some special extensions to work with security hardware built into certain VIA products. It was released under the GPL so I managed to snag a copy of the source code right before VIA suddenly removed their page (Google cache). I have posted Linux compilation instructions and mirrored the source here. If VIA has decided not to pursue the project further, I think the F/OSS community should turn this project into something, it has potential to be a great tool."

12 of 233 comments (clear)

  1. Thank goodness for GPL conservators by Saven+Marek · · Score: 4, Insightful

    I wonder sometimes how many projects start up, fail for some reason, and then the code is lost. Not lost because it's proprietary but lost because it just goes the way of crumbs under the table? How much good work is going down the drain.

    I'm glad you managed to save the code, GPLd as it is it has the right to live or die according to popularity. Hope it works.

    shak's nude anime gallery

    1. Re:Thank goodness for GPL conservators by Overand · · Score: 5, Insightful

      This makes the assumption that the GPL license originally given for the original code is actually valid. The common point that people make is that Justin Frankel wrote the code while working for AOL, and depending on his contract with AOL, code he writes while working for them (or while in the office?) may be owned by AOL, meaning the license he put on the code may not be valid. Like someone pointed out earlier, if I stuck a GPL COPYING file in with the Windows 2000 source code, it wouldn't suddenly become legit. So if AOL didn't "authorize" the release of the program, the source code for waste is just as 'leaked' as the win2k source code.

  2. Re:De-ja Vu? by Anonymous Coward · · Score: 4, Insightful

    The GPL is irrevocable, so they can't revoke it. The only "official" things they can do to stop people developing it further are:

    • Claim that the employee didn't have permission to release it under the GPL, or
    • Claim that they didn't have permission from the original copyright holder (as AOL claim WASTE wasn't really released under the GPL), or
    • Stay quiet and hope AOL go after the others and not them.

    Given that the second option would be an admission of copyright infringement, and the first option is on shaky ground, I can see them choosing the last option.

  3. Re:Be careful by SacredNaCl · · Score: 4, Insightful

    Perhaps they decided that it would be counter to their interest in selling hardware encryption appliances which do the same thing. Why release software that can do the job of something you can *sell* hardware for?

    --
    Freedom is merely privilege extended unless enjoyed by one and all.
  4. Possible unlawful use of code by Richard_at_work · · Score: 5, Insightful

    People might want to consider that the release of WASTE was indeed unlawful under current law, AOL/Nullsoft was within their rights to withdraw the code and the GPL was applied to the code under wrong circumstances. A lot of people have mentioned in previous WASTE related stories something to the tune of "It was GPLed, I dont care who GPLed it, Im not discontinuing my use or distribution of it" while not actually considering that just because it had the GPL applied to it, the GPL was lawfully applied.

    Since this product was based on WASTE, this is possibly why it was taken down, and if so, then the fact that a major company thinks the GPL wasnt applied lawfully to it, then Im inclined to think that all the other archives of it around are infringing as well.

    Just my 2 cents on the matter. In the origional WASTE story, i offered to mirror the source code. I did this until i actually sat back and thought about it, then I removed the code because I didnt think its release was lawful.

  5. Re:I can see it already. by Snowmit · · Score: 5, Insightful

    Oh yeah, and for our protection, I think laws should passed worldwide that anything posted on the Internet and subsequently removed cannot be recalled once downloaded by at least one person, so that if a company releases something as GPL and then pulls it, even if that is due to copyright violations on their part in including the thing in a GPL download, that company is subject to damages but not the downloaders, since they downloaded something as licensed under the GPL.

    In other words, you want the international community to pass a law that makes it so that if someone steals my code and posts it online and then has a friend download it, I lose all rights to that code.

    That's a very bad idea.

    --
    I have a lot of opinions about Cyborgs and Architects
  6. Re:Not a troll by DrSkwid · · Score: 4, Insightful


    What *are* you talking about.

    The idea isn't being hurt, just 1 particular project.

    You cannot release someone else's code under a different license without their permission. This is exactly what keeps GPL software *free* so how could it possibly be ironic?

    Licenses are *necessary*. They are, in essence, a contract between supplier and recipient. They detail that which each party can expect from the arrangement.

    Without the licenses that say 'do what you will with this' there would be no OSS to keep airborne.

    In case you hadn't noticed, OSS took off a long time ago.

    --
    There are places where the networks are not touching,and there are places where they are-Boeing's Lori Gunter
  7. TEN FOOT POLE by ca1v1n · · Score: 4, Insightful

    If the Nullsoft release was unauthorized (what constitutes unauthorized is not as clear-cut as AOL would have us believe) then the fact that the code was GPL'd is irrelevant. Go roll your own people. Don't even look at the WASTE source. You'll be tainted.

  8. don't do that by hak1du · · Score: 5, Insightful

    Merely the fact that the software had a GPL copyright on it and happened to be available somehow doesn't mean that you can redistribute it. Until a piece of software has been intentionally released by its owner under the GPL, it is not covered by the GPL.

    Furthermore, one of the most likely reason VIA pulled this is that they don't have the right to distribute it (patents, other people's copyrights, etc.). Then, even if you acquired a copy under the GPL, you couldn't use it because the GPL would be invalid.

    Also, the person posting it may not have been authorized to do so by the copyright holder (the company itself). That would also mean that you don't, in fact, have the right to use it under the GPL because the GPL is an agreement between you and the copyright holder (VIA), and VIA has not entered into that agreement with you.

    Even if you could get away with it legally for some reason, I really think it's a bad idea to behave that way. Good relations between VIA and OSS developers are essential in order to have Linux run well on their hardware. There is no hard-and-fast line, but in a situation like this (it seems it has had no widespread announcement, no user community, no external contributions), the creators of such a software package should be allowed to change their mind at the last minute.

  9. Re:Be careful by sangreal66 · · Score: 4, Insightful

    Again, you can only set copyright licensing terms if you own the copyright to begin with! The original WASTE was released under the GPL without permission by someone without the authority to license it (although he was the author, copyright is granted to the employer). Therefor the original GPL license is no more valid then if you were to release the leaked windows source under the GPL. That being said, unless VIA got permission from AOL to release it, they too licensed it illegaly making their GPL release invalid as well.

  10. Re:Be careful by Jeff+DeMaagd · · Score: 4, Insightful

    The first rule of the internet is like the first rule of the Westerns: download first and ask questions later.

  11. Re:Via's RNG publicity and a conspiracy theory... by Just+Some+Guy · · Score: 4, Insightful
    VIA's random number generator greatly increases the speed to generate the keys (ie faster than p4 2.6 ghz on VIA's 1Ghz proc).

    There are other hardware crypto accelerators. OpenBSD uses them to offload all possible crypto and random functions from the CPU whenever one is present. VIA's is nice, in that it comes with the computer, but $100 will get you the same functionality in a PCI card.

    Anybody here thinks that securei easy IM might not facilitate terrorist message interception?

    You mean, like Jabber with SSL? That cat's already out of the bag.

    --
    Dewey, what part of this looks like authorities should be involved?