Slashdot Mirror

← Back to Stories (view on slashdot.org)

GPL Violators On The Prowl

Posted by CmdrTaco on from the neither-rain-nor-snow-nor-hail-nor-packetstorm dept.

ravenII writes "GPL Violations.org are looking after the GPL. Warning letters were personally handed over to companies at their CeBIT booths by Mr. Harald Welte, free software developer and founder of the gpl-violations.org project. It seems big boys like Motorola, Acer, AOpen, Micronet, Buffalo and Trendware seem to violate GPL. Please visit the site for more information on GPL enforcements and violators."

30 of 636 comments (clear)

  1. Four Questions by Anonymous Coward · · Score: 1, Interesting

    How do you get to prove it?

    Who proves it?

    Who sues at the end of the day?

    Is there a legal fund set up to help out?

    1. Re:Four Questions by Pofy · · Score: 2, Interesting

      >1.) You look at the code, and gee, it looks the
      >same.

      Which of course is easy if you have access to the source code of course. What about otherwise? Even if one would in some way be able to compare compiled code, how to handle those that thik EULAs are enforcable which normally prevent any way to actually look at the code.

      Even with no EULAs, many copyright laws only permit for example reverse engineering for specific purposes, not to see if the code is the same as another one.

      Finally, countries with DMCA like laws that include access (and not just for copyright infringement cases) have further problems to get to the actual code.

      So how do one get arround all that? Indeed, disregarding GPL, how will anyone (including big software companies) really be able to check to see if someone is using their code at all?

    2. Re:Four Questions by SirTalon42 · · Score: 2, Interesting

      Look at the IMB vs SCO case, IBM brought in an expert on finding out that sort of stuff.

      One way to check for violations is to compare the strings, sometimes it will be blatantly obvious, like some group ripped off ReactOS but were so lazy they didn't change all the string in the program so they didn't say ReactOS and when you have strings all around that say REACTOS, you have error messages that are the same, and files have the same signature, and other things like that its easy to find out.

      In most cases of GPL violations the code wasn't attempted to be scrambled it obscured at all to hide its origin. Often this is just done by a lazy developer and the management doesn't know about it till they get the warning letter (and look at the GPL violations site, 25 out of 28 cases have been solved with only the warning letter).

  2. "Seem to" by grasshoppa · · Score: 3, Interesting

    We don't know?

    If someone is acting on "our" behalf, I think "we" should know fully what is going on before hand.

    For all we know, this could be a scare tactic by MS to worry people back to their side of the fence.

    --
    Mod me down with all of your hatred and your journey towards the dark side will be complete!
    1. Re:"Seem to" by 0x461FAB0BD7D2 · · Score: 2, Interesting

      GPL-Violations should GPL their processes.

      In any case, I doubt this is an MS tactic. They've actually settled the majority of the cases amicably. Microsoft does nothing legal amicably.

      Also, where's Groklaw when you need it?

    2. Re:"Seem to" by cybrhippy · · Score: 2, Interesting

      I doubt it, M$ and other closed software already use this tatic over here http://www.bsa.org/

      --
      Cybrhippy - "It all makes sense... Well, To me anyway." The Maxx
  3. Re:Ooohhh.. Leters! by Speare · · Score: 4, Interesting

    In many cases, the letter will likely be forwarded to the internal legal department for review, which may spark questions and conversations internally. In many other cases, the letter will likely be found in some rarely-used briefcase several years after the earnest, booth-attending middle-manager has left the company.

    --
    [ .sig file not found ]
  4. Re:Later that same day by Rude+Turnip · · Score: 5, Interesting

    That gives me an idea...what if a bunch of GPL authors got together and formed a non-profit whose sole purpose was to become a member of the BSA? If armed federal marshalls busting down your door won't make you comply with the GPL, then nothing will!

    --
    Bill Clinton: Pimp we can believe in. - The Shirt!!!
  5. How can they tell? by fitten · · Score: 2, Interesting

    How can they tell that a binary has GPL code in it? I mean, do they use strings or something? If that's it, then it's pretty easy to defeat their GPL detection. Looking at the assembly isn't telling because some simple algorithms will be written the same and produce similar assembly, and optimizations will mangle all that anyway.

    1. Re:How can they tell? by Anonymous Coward · · Score: 1, Interesting

      Parameter names don't show up in binaries. The binary doesn't care about those kind of symbols, it just needs to know where on the stack to look for them.

      However, function names and any global variables might be preserved, unless the binary is stipped of such symbols.

  6. What about Iomega by nberardi · · Score: 5, Interesting

    I have seen violations at places like Iomega for there NAS drives. It was one of the issues that I brought up durring beta testing. And they said it wasn't an issue that they were using Linux with out releasing the source because their firmware developer for the embeded Linux told them it wasn't a problem and they weren't going to release the source. This little product only costed about 200.00 for network storage, and it has the potential to hit the market like the Linksys WRT54G did with custom firmware.

    If anybody is interested in pursing Iomega about this let me know because I will sign a petition.

  7. How can you enforce a non-contract? by daikokatana · · Score: 2, Interesting
    I have actually never understood how this whole GPL stuff works. The bit I find difficult to understand is the whole legal part - how can you enforce your rights? There is no signed contract, hence no agreement.

    My company and I have looked at open source opportunities before, but it's precisely for this reason that we kept away from OS - even though we felt we could use it and contribute to it... Can somebody please explain this to me, or provide me with a clear link?

    --
    http://jcsnippets.atspace.com/ - a collection of Java & C# snippets
  8. GPL for Patents? by pherthyl · · Score: 5, Interesting

    I wonder if some company may eventually say:

    "We won't sue you for infringing on our patents if you don't sue us for infringing on the GPL"

    Also, would that even be legal to accept an agreement like that? Nevermind that it would probably be a bad thing for OSS.

    1. Re:GPL for Patents? by swillden · · Score: 2, Interesting

      I wonder if some company may eventually say: "We won't sue you for infringing on our patents if you don't sue us for infringing on the GPL"

      That license would only be possible if all of the contributors to the project, aka all of the copyright owners, agreed. That much is obvious.

      The interesting question is whether or not the company would have the leverage needed to get them all to agree. If I write an application that infringes on a patent, and Bob and Alice contribute small UI enhancements to it, and Jim adds support for a different database backend, and Mark improves my core algorithms to make the app faster, and Steve runs the site that distributes the result, who, in fact infringes on the patents? I don't know. I think Steve would be the first line of attack, but if someone in, say, Romania took over distribution, what then?

      Supposing that since only Mark and I actually touched the code that infringes the patent, only the two of us are liable, does that mean that Alice's refusal to grant a license to her copyrights could expose Mark and I to lawsuits? If we go to the court and say that we negotiated in good faith and granted the company a license to all of our work as per their request for relief of our patent infringement, will the judge accept that we fulfilled our agreement, even though the company can't actually distribute the software under a non-GPL license? I'd guess that depends on the wording of the cross-licensing agreement.

      Anyway, although this idea seems workable in theory, I suspect that it would be hard to implement in practice. And that it would tend to kill the F/OSS project in question, since other contributors would either have to wonder if they might be sued, or be willing to grant licenses to the patent-owning company. If the patents weren't central, the best option would be to change the code and stop infringing them.

      That raises another question, though: Supposing the active project developers did change the code to remove the infringement, but that users preferred the older, infringing code. Could the developers be considered liable even though they were no longer distributing or supporting the patent-encumbered version? I would think that a judge would be reasonable about this, but who knows?

      Patents in F/OSS are definitely a minefield

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  9. Re:Let me get this straight by tglx · · Score: 2, Interesting

    Harald Welte is one of the netfilter guys. Look into MAINTAINERS and CREDITS.
    He owns the stuff and he knows what he is talking about. The netfilter team also accomplished the first acknowledgement of the GPL in a court in Europe.

    tglx

  10. Re:Perhaps by networkBoy · · Score: 5, Interesting

    Actually, many of these companies (as a Corp) may not know about the violations. As soon as the letter gets to legal the practice will stop.
    I work in a very large Semiconductor manufacturer and we have the policy that all uses of OSS _MUST_ be reviewed by legal before proceeding. It's a simple matter really. If you don't ask legal and you screw up then you are disciplined up to and including termination, depending on the infraction and whether or not you should have known better. I look to OSS often to see how something is done. If I like how it's been done I ask legal, usually they say no and I go code it myself and then find that I did it some obscure way that doesn't weork as good.
    -nB

    --
    whois gawk date unzip strip find touch finger mount join nice man top fsck grep eject more yes exit umount sleep dump
  11. Re:Held accountable? When? by Ioldanach · · Score: 4, Interesting
    what do they intend on doing when some Taiwanese hardware manufacturer embeds their code?

    Get an injunction from having the manufacturer's products distributed in the US, and have the products seized by customs when they enter the country. I.e., direct financial loss.

    Only trick is in detecting what manufacturer is embedding it.

  12. Re:Court? by MrLint · · Score: 2, Interesting

    Which GPL license violations are Apple and Microsoft alleged to be guilty of?

    (I think this needs clarification instead of my mod point on it.)

  13. weaseltronics by Doc+Ruby · · Score: 4, Interesting

    This is one of the instances in which geeks are naive to the weaselly, successful ways of lawyers and politicians. The geek instinct is to first survey the complete territory: "how many violations can we grep across the Net?" The lawyer or politician would first identify a few highly vulnerable violators, and take them out, before hinting that perhaps "everyone does it". They'd build momentum, gaining mindshare for the idea that "you better not do it". By the time they did their "complete survey", they'd have already shrunk that population through intimidation. Before creating more, by promoting the idea that it's widespread.

    Geeks have to start thinking more about "social impedence" feedback problems. Maybe all the recent work by programmers in modelling social networks, filled with live normals, will create some conventional Usenet-style wisdom. We've got to learn through data what the accomplished weasels seem to know by instinct: defining the scale of the problem prematurely can increase its scale. Computers are sitting ducks - solving people problems requires a much more dynamic approach.

    --

    --
    make install -not war

  14. How about smaller violators? by russotto · · Score: 4, Interesting

    sveasoft (gpl-violations is slashdotted, so maybe they are listed)

    1. Re:How about smaller violators? by McFly777 · · Score: 4, Interesting
      Parent implied Sveasoft is violating.

      IIRC, Sveasoft cleared their current distribution policy with the FSF. In other words, just because you may not like it doesn't mean that it is violating.

      For those who don't know, Sveasoft charges for support and access to their latest product. Under the GPL you are legally allowed to redistribute said GPL'd Sveasoft product, however doing so cancels your support contract with Sveasoft (and access to the latest from Sveasoft).

      I believe that this hinges on the point that while you are required to provide source to anyone who you distribute a binary to, you are not necessarily required to provide binary to anybody in general.

      --

      McFly777
      - - -
      "What do people mean when they say the computer went down on them?" -Marilyn Pittman
    2. Re:How about smaller violators? by Anonymous Coward · · Score: 5, Interesting

      Sveasoft has a history of misrepresenting the facts and deliberately misinterpreting the GPL. He invented the "in development source need not be released even if the binaries are out there" bullcrap. The FSF did not have access to the whole story and clearly did not see that James Ewing is not willing to have "his" software redistributed. The FSF's approval appears to be solely about Sveasoft's direct duty: Whether or not they have to provide source to anyone. It is clear that, under the assumption of source and binaries being delivered together, they are not obliged to provide source to anyone but their subscribers. That is not what the debate is about. The GPL is about freedom of reuse and redistribution of modifications which are not entirely in-house. James Ewing does whatever he can to restrict that freedom. He does not provide source in time (before the pay scheme he did not release the source to certain versions at all), he only provides source that compiles to binaries which are deliberately different from the ones he distributes, he threatens users who use their GPL given distribution rights. If that is not breaking the GPL, it's an utterly useless license.

  15. Why? by Anonymous Coward · · Score: 0, Interesting

    If you're only using open source code for in-house applications you don't have to abide by the terms of the GPL or any other open source license. This primarily stems from the legal definition of a corporation as a single "person". As long as any violating code remains within the company you aren't engaging in distribution.

    Do you have to run through legal whenever you want to install Tcl or Perl? What if you wan't to add proprietary extensions?

  16. Re:Good thing! by prisoner-of-enigma · · Score: 4, Interesting

    In one case, copyright is being used as a tool to protect the ability to freely disseminate and modify works. In the other case, it is being used as a tool to restrict freedom of distribution and prevent modification.

    I love your twisted logic here, justifying copyright infringement on the one hand because it promotes "freedom" but condemning it on the other because it promotes the "freedom" to disseminate. Orwell would love you.

    Here's the situation, and it's not a shade of grey as you imply: copyright infringement is either good for all or bad for all, you can't pick specific instances where it's good for some and bad for some. That's called subjectivism, and it has no business intruding into a legal matter such as copyright infringement. Open that door and all law suddenly becomes entirely relative, and you do not want to go down that path. Is murdering a white supremacist wrong? Sure, the world's better off without him, but does that make murder "right"? You cannot use the "it's for the greater good" argument because there is no "fair" way to define the greater good. What's good for you is most likely bad for someone else. That's why these matters must be objective, not subjective.

    So, which is it? Would you stand on a hill and defend my right to violate the GPL however I see fit? I doubt it.

    Don't look now, but your double standard is showing. Perhaps you'd be more comfortable with this definition instead.

    --
    In the end they will lay their freedom at our feet and say to us, Make us your slaves, but feed us. - Fyodor Dostoyevsky
  17. Re:GPL too restrictive by Anonymous Coward · · Score: 1, Interesting

    Nowadays, PearPC doesn't get many updates, because everytime they do, CherryOS does too. It's dampened the whole thing for the developers.

    Is that really true, or just something you believe? Looking at the PearPC stats on SourceForge, I can see the downloads are declining, but only from a peak in September, corresponding to the latest release.

    Besides which, I don't really sympathize. The developers are the copyright holders. They have the power to stop CherryOS if they want to. If they don't want to do it themselves, they have the option to go to the Software Freedom Law Center and try to get them to persue it, or sign their code over to the FSF and have them handle it.

    If CherryOS was forced to obey theGPL (which they will eventually, some organization like the EFF or something will take them to court) then this wouldn't happen.

    The evidence of infringement is overwhelming. CherryOS could have been taken down almost immedately through a preliminary injunction.

    Obviously, I don't approve of what CherryOS has done, but I don't approve of people not standing up for themselves either.

  18. What about Open Source violators? by Amadawn · · Score: 4, Interesting

    It is good to see someone doing something about GPL violators, but what happens when the violators are other GPL developers?

    I contribute (a little) to a project called AutoIt3 (http://www.autoitscript.com/). They make a really useful scripting language for Windows.

    Until recently they were using the GPL license. However some people took big chunks of the code, ripped it and repackaged with a different name. They only mention "based on AutoIT" or something similar on the Readme.txt but not in the code and of course they do not mention the original authors of the original work nor on their web page.

    Some of the AutoIt developpers were so pissed that now they have changed the license (for their newest releases only, of course) and do not distribute their code until some months later.

    Perhaps what these guys did is legal, I don't know, but if GPL developpers dishonor the heart of the GPL, then why use it and how can we expect for commercial companies to abide to it?

  19. Got a GPL license with a TV! by netringer · · Score: 4, Interesting

    The GF bought a Sony HDTV which of course, the resident geek BF set up. I was amused to see a full printed GPL license in the included paperwork. I gather it uses a GPL-derived photo viewer program to display the content from media inserted into the Sony-proprietary (irony!) Memory Stick slot on the front.

    I wonder if should I ask Sony for the source code for the TV.

    I searched for some kind of adapter that would plug in the Memory Stick slot and take a Compact Flash card with no joy. There is an adapter that goes the other way, fitting the Memory Stick into CF slot, but the BF hesitates to recommend buying a memory stick just to make the TV happy. *sigh*

    --
    Ever dream you could fly? Get up from the Flight Sim. I Fly
    1. Re:Got a GPL license with a TV! by muonzoo · · Score: 2, Interesting

      It's not likely just the photo viewer software. Some SONY TVs boot linux for the control / UI portion of the interface. [Or so I've been told].

  20. Don't worry by ad0gg · · Score: 2, Interesting

    As long as you don't redistribute you have no problems. At my old job we used to use openh323 stack because it saved us 1/2 million in licensing fees for a commercial voip stack. Problem was it was pure shit, we had to put 3 developers on it for a year to get a workable version. I don't think we ever released what they did, for fear our competitors would pick up our changes and actually get a workable voip stack for free.

    --

    Have you ever been to a turkish prison?

  21. corrections by sum.zero · · Score: 2, Interesting

    sorry, having looked a little harder i now see he is the chairman of the netfilter team and that the actions seem to revolve around his own project's code. i would think this should be made clearer in the text of the site as it is, at least partially, a vehicle for his personal interests. having to go to another site for the info is not enough, imho.

    it is likely more of a case of incompetent web design than malfeasance though...

    sum.zero