Slashdot Mirror
Exploitation of Open Source VoIP
n8twj writes " With John 'Maddog' Hall pointing out that Open Source VoIP will be bigger than Linux ever has been. How can we be sure that un-ethical companies will not try to steal code that is covered under the GPL and try to pass it off as their own? Recently, I have become aware that SysMaster has been redistrbuting a version of the Asterisk PBX written by Mark Spencer from Digium and many others. SysMaster claims that they wrote everything in-house, while they have surely done their own development, they are using Asterisk to power their product line without following the rules. In terms of full disclosure, my company also provides Asterisk-based solutions, however we have fully embraced Asterisk and gladly contribute back to the GPL."
Is this a serious question or an attempt to discredit a competitor?
Powered by onion juice.
When the company starts to gain financially at the expense of a competitor it will be sued by the competitor for breaching the GPL. The competitor will get backing in this from open source organizations.
It is a little absurd for us to all think that open sources licenses won't get abused to some extent. But, for every quality open source based product that tries to "rip off" the developers (if that can be considered possible in open source) there will be several following the rules who will be glad to keep them in check and sue them into oblivion.
Please follow this advice: gather what details you can & notify whoever holds the copyright on the GPLed software you believe is being abused.
Is it possible they are using Asterisk? yeah I dont see why not Asterisk is a Great Product, but like mySQL, Asterisk does offer a commercial NON-GPL license.
It could be possible that they paid for a NON-GPL'd Version that they used as a base.
It looks like the Asterisk mailing list is already aware of this.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
I don't see GPL violations becoming a big problem. First of all, the loss to the open source community from abuses of the GPL is mainly the lack of contributions. That is partially balanced out by the fact that the company in question is at least not using some proprietary solution. Second, the problem is self-limiting: if a company gets to be large enough, someone is going to notice the GPL violation and the company will likely settle the resulting legal action quickly.
For BSD-licensed software (are there any BSD VoIP solutions?), companies are even welcome to use the software and make it proprietary. Proponents of BSD probably believe that it's better to have companies use open-source derived software even if they don't give back than to lose more companies to proprietary vendors. (Personally, I think it needs to be looked at on a case-by-case basis.)
If the copyright holder doesn't know what to do, direct them to this story for now.
Someone should really setup a site which helps handle GPL violations by directing copyright holders to the right legal people & offers advice for how to handle violations. A database or wiki could also be setup to record alleged GPL violations & how they were resolved. IIRC, the mplayer project keeps some information on GPL violations on their website. Many were resolved & their site records this.
I'd be happy to help with such a project with my time and content.
So it looks to me like "the /. crowd" has a general lack of moral outrage over people sharing copyrighted material for free without the person being shared with buying a license, but does have moral outrage over people taking copyrighted material, repackaging it, presenting it as their own work, and selling it to others for a profit in violation of license.
So... congratulations! You have demonstrated that the slashdot community has two different consensus viewpoints on two different issues.
Something analogous to gpl violations in the music world would be not file-sharing, but bootlegging-- people who bulk-fabricate copies of commercial CDs and then sell them-- a practice which I've yet to see anyone on slashdot defend.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
Yeah, I propose calling it "copyright" and setting up a US Copyright Office to enforce it.
What I'm listening to now on Pandora...
Maybe I am just ignorant in the issue, but I am curious.. What advantage is gained by companies using OS software and not contributing back?
I am not saying that everyone that uses OS software should be working on contributions. It certainly doesn't hurt the OS community.. But you seem to have a tone that there is some benefit from companies using OS software without giving back.
Unless I am missing something, that leaves the software right where it started.. And while it doesn't hurt it, it doesn't seem to help it either.
--- "End Of Line" - MCP
In terms of full disclosure, my company also provides Asterisk-based solutions, however we have fully embraced Asterisk and gladly contribute back to the GPL.
but I think the GPL is pretty full and doesn't need any more contributions at this time.
creation science book
The GPL promotes fair pricing and technological progress.
P2P piracy promotes fair pricing and technological progress.
Slashdot has a lot of cheap nerds.
"I assumed blithely that there were no elves out there in the darkness"
i work for a networking bluechip, and here they have been working in a project to clean their code (or code coming from OEM's) from any GPL-kind of code; and if that's not possible they will be marking the code clearly for public as an open source code. the legal department have been pushing this so hard!
"Evil thrives when good men do nothing"
...to uncover those in breach of the GPL.
GrokCheat, anyone?
Sean Ellis
Follow OfQuack's antics on Twitter.
The evidence is gleaned from viewing the "strings" output of a SysMaster executable. You find such gems as
Of course, this evidence was compiled by NuFone (a contributer to Asterisk), so you can choose to disbelieve it if you want. But if you want to verify its veracity on your own and post your results, I'm sure that would be OK.
"With sufficient thrust, pigs fly just fine. However, this is not necessarily a good idea...."
RFC 1925
Since Digium also sells non-GPL'd copies of the work in question, they have a strong economic incentive to force these guys to either pay up for their non-GPL license or go GPL.
Put out your torches, save them for another day.
1) Digium *does* license Asterisk (as we distribute it, no additional features) outside of GPL and we *do* have commercial licensees already.
2) Digium appreciates the community keeping a watchful eye on other products in the marketplace which may be in violation of Asterisk's licensing terms. Please feel free to contact us directly if you have any concerns or questions.
3) I do not wish to comment specifically about Sysmaster's relationship with Digium at this time other than to say we are in contact with them.
Thank you again for all of your support in the community.
Mark
This post written under Gentoo-linux with an SCO IP license.
Your point (1) is faulty. Linux may be Asterisk's primary platform but since it's open source you are just as free to go ahead and run it on, say, BSD or Solaris or Mac OS X. Meanwhile ports to more esoteric platforms are certainly an option, and it's already possible to run it on Windows if you have compatibility layer software. Linux will probably be the most likely platform to benefit from Asterisk being popular, but Asterisk definitely has potential outside of Linux.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
How can we be sure that un-ethical companies will not try to steal code that is covered under the GPL
Easy - just keep backups. That way, if somebody steals your code, you still have it.
Oh... wait. Did you mean copyright infringement and not theft? When the RIAA and MPAA start talking about those nasty thieves, people are quick to point out that copyright infringement is not theft.
Double-standards stink. When somebody infringes upon the GPL, it's not theft, so don't exaggerate your grievance or accuse the other party of crimes they didn't commit. It just makes you look like a whiny liar and doesn't help your case.
It is astounding given how much attention copyright gets here on slashdot that people still Don't Get It.
Yeah, I propose calling it "copyright" and setting up a US Copyright Office to enforce it.
The USCO does not enforce copyright. It registers copyrights.
There are no US Copyright Office boogeymen in black who run around arresting people either. If I steal your work, it is entirely your responsibility, in civil court (not criminal) to sue me and recover damages.
Further, copyrighting your code with the GPL license DOES NOT entitle you to expect the Free Software Foundation to go around suing people for you. They'll politely give you some suggestions on who to talk to and maybe a little basic advice, but that's it.
So many people don't get it- they whine about their code being stolen, but then don't do anything about it. As a result, corporations are fearless in violating the GPL license as has been proven again and again. The GPL license, as a result, is quickly becoming irrelevant.
When SCO claims Linus and others stole code, Linus and others need to sue them for liable(or slander, I forget). When Linksys fails to follow the GPL and steals code, the people who wrote the code need to immediately send them a cease and desist, and if they fail to comply, sue them to FORCE them to cease.
In this case, the Asterix developers need to pay a lawyer to file suit against the offending company, seek evidence by court order (if they are using GPL code, it'll be very easy to prove once you're in the door with a court search order), and if they find evidence, hammer them into the ground.
This is in bold because people need to wake up and get a clue. YOU NEED TO START BACKING UP THE GPL WITH LAWSUITS OR IT WILL BECOME COMPLETELY IRRELEVANT AND UNENFORCEABLE.
Please help metamoderate.