Slashdot Mirror
Some Linux Users Violate Sarbanes-Oxley
Goyuix writes "According to the IT Observer, publicly owned companies who are using Linux, could be violating the federal securities laws as part of Sarbanes-Oxley. The article goes on to say that companies are required to "disclose ownership of intellectual property to their shareholders." How are these companies supposed to really list out all the IP owners if they were to install a full desktop or server environment - there could be literally thousands of parties listed! What are the current Fortune 500 companies doing, as many of those use Linux in one form or another?" update several people have pointed out that this is about companies who are violating the GPL, not everyone.
It appears that this would apply to any free software, not just Linux. It would apply to at least all GPL'd software, including gcc, etc.
Sigs cause cancer.
Responsibility for this should rest with the Linux vendors. Companies can disclose their Linux distributions as packaged by [insert vendor here], the vendor should be able to easily see who write what by an examination of source code and README files.
As long as something has been liscenced under GPL, the owner cannot assert additional restrictions, or revoke the liscense - therefore how is the owner relevant to the stockholders, if no such change can take place?
The shareholders already have the exact same rights to the software that the company that is using them. Does this topic really make any point that isn't just an academic exercise? I think that the entire company can disclose their open source intellectual property rights with a single all encompassing word, Everyone.
http://tf2.digitaljedi.com
You have to distribute Linux outside of your organization in violation of the terms of the GPLv2 in order to have any licensing problems with Linux.
Mere use of Linux by a company cannot ever be a violation of the GPLv2 that Linux is licensed under.
This is FUD issued by a company that wants you to buy their BSD based embedded OS product.
companies aren't doing what they're supposed to be doing???
Doesn't sound like news to me...
Might Linux Violate Sarbanes-Oxley. yoda talk day today on slashdot is it?
This space for rent.
how exactly using linux in violation of the gpl is a violation of sarbanes oxley? the article does an awful lot of handwaving but doesn't actually explain any of the hows or whys.
i'll have to read again, but it looks like this is f/oss trying its hand at the fud game.
Preventive War is like committing suicide for fear of death. - Otto Von Bismarck
Did the OP even read the article he submitted? It says that if a company violates the GPL, that this might also be a violation of Sarbanes-Oxley if they claim that they still have a right to use Linux despite the GPL violation. There is nothing about listing the IP holders. On an aside, I didn't think there was any violation to the GPL that could stop you from being able to use Linux. A GPL violation would make you lose your right to distribute it, right?
Shockwave Flash movies are the greatest thing to happen to non-sequitur humor since Japan.
We're using Linux and treating it just like we do Solaris, HP-UX, and Windows, where we also can't identify everybody who wrote the OS.
The auditors don't seem to be having a problem with it. Wonder how much Microsoft paid IT Observer for that FUD?
"The study indicates that dozens of companies are discovered each year to have violated the terms of GPL, and if they are public companies, they are violating Sarbanes-Oxley" So only if they are violating the GPL they could be in violating of Sarbanes-Oxley. Just using linux does not put you in violation.
spend an hour rounding up names and posting some code on a webserver *OR* completly re-write all the OSS code.
I have to wonder which companies will choose.
Just wait till some crappy band steals your nic.
"The study indicates that dozens of companies are discovered each year to have violated the terms of GPL, and if they are public companies, they are violating Sarbanes-Oxley."
This applies only to GPL VIOLATORS.
Move along, move along.
I suppose if they "rolled their own" they might have to spell out where all the components came from, but going with Red Hat, Novell, Mandriva, etc. lets them point a finger over-there for both support and compliance issues.
How much should they be required to do if the information in question is already publically available and relatively easy to access? If a company is using Red Hat and wants to know who owns Red Hat and a shareholder wants to know who owns Red Hat it is very easy for the shareholder to find this information on the internet. If they want to know the owner of an individual component piece of open source code, the code's stated owner should be in the comments (the source is available, right?), shouldn't it?
Oh, and can you provide a list of all patents that are used in MS Windows?
This is pure nonsense. Every software program has various parts owned by various companies and individuals unknown to the user. Windows itself has hundreds of parts licensed from various other companies over time that Microsoft paid for and which we have no idea. The difference with Linux is we can look at the source and we know everything, with closed software we cannot. If anything, using open source is the right thing to do here, and using closed software is not possible if you want to comply to this law, so all companies should dump closed software right away.
Damn, I wonder if Microsoft backed the SOX act in order to get this very outcome...I mean, if companies are unable to run linux because of IP disclosures, then Microsoft would rule the corporate world, because we all know that the other option, Solaris, is doomed since Sun will dissappear any time now, and Macs are only for fanboyz.
I knew I should have bought that Microsoft stock....
"Get a bicycle. You will not regret it, if you live." - Mark Twain, "Taming the Bicycle"
"published by Wasabi Systems."
WASABI!!!!!
Do companies know who all the IP owners for other operating systems are? And application software? And computer and communications hardware? All this stuff includes components licensed from third (or higher) parties.
Sheesh, evil *and* a jerk. -- Jade
Do you list all the IP holders for your corperate phone system, your company car (lots of SW and computer goodies there), the company who owns the font your yearly statements are printed on?
From TnotFA:
... wow ... stop the presses!!! The GPL is eeeeeeeevil!!! Morons.
"But if companies violate the license, the consequences can be more severe than they think. If companies are violating the GPL, they don't have the right to use that software. And if they don't have the right to use the software, they're violating federal law if they claim that they do."
Well no poop? So they're saying that violating the GPL is like violating an EULA
Good people do not need laws to tell them to act responsibly, while bad people will find a way around the laws-Plato
IMHO this is just whining.
If people eventually really do make a problem about it you could hack your package manager to print out the author, or if not available an url to the website containing author information.
Although I wonder whether it would be usefull to know all the authors of the linux kernel for instance.
"According to the study, the problem lies with the requirements of the Sarbanes-Oxley Act that companies disclose ownership of intellectual property to their shareholders. The study indicates that dozens of companies are discovered each year to have violated the terms of GPL, and if they are public companies, they are violating Sarbanes-Oxley."
If you are given something for free, then you own it - do you not? The solution is to have anyone using it say that they are the 'owners,' being respectful to the creators of the software, of course.
Either that or they need to change the regulations to allow the lawful use of free software.
On a side note, Sarbanes-Oxley is a huge headache....THANKS ENRON!
He who knows best knows how little he knows. - Thomas Jefferson
Instead of "Might Linux Violate Sarbanes-Oxley?" which it doesn't, it should be "Non-compliance to terms of GPL might violate Sarbanes-Oxley".
Which makes sense.
I.e., if you claim to have the right to use Linux for your product, but you aren't complying with the license, you might be violating Sarbanes-Oxley.
Even if they are required to do as you say and list the owners of all the software they use, this is easily handled.
Add a field for ownership on each software package in RPM or DEB format. A good distro that wants to support the corporate environment will go through each package and list the owners in that field, not to mention upstream providers who package their own content. Then run a script on any installed computer to list the owners.
This will result in thousands and thousands of names and such. But it will satisfy the requirement.
If the companies are violating the law, then they will be given a warning and given time to comply, just like if they file the wrong forms or if they report something that isn't quite correct.
The radical sect of Islam would either see you dead or "reverted" to Islam.
according to a research published by Wasabi Systems.
The same Wasabi Systems that sells products based on NetBSD?
Yeah, no bias there.
In the past, such violators were merely required to release their code to the public
The article is also wrong in that it spreads the "forced open source" myth. GPL violators aren't required to release their source code. They FSF generally asks them stop infringing on the copyright of the GPL software.
One way to do that is to comply with the GPL, another is to stop using GPL software. They don't have to release any code they don't want to.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
TFA was talking about Sarbanes-Oxley problems that could occur when a company distributes software in violation of the GPL. TFA wasn't talking about companies that use or distribute GPL'ed software in compliance with the license.
I think a lot of folks here have missed the point. The article's author is making an intellectual exercise in asking out loud and in public if companies that violate the GPL in their software are not also violating Sarbanes-Oxley.
This is because they are required to list what intellectual property the company owns to shareholders and if it is later found out that the company doesn't really own it, because it is based on a GPL'd software, then is that a Sarbanes-Oxley violation.
I'd have to say, it looks like one, but I'm no MBA, nor a JD.
Just be sure to wear the gold uniform when you beam down -- you know what happens when you wear the red one.
Rather new at it, it's true, but so far if we find a company has a problem of this sort, it's generally not a very big deal especially if they rectify it before their fiscal year ends. This is just one little piece of the huge SOX pie and often there are other controls in place that mitigate the effect of a finding anyway. Now if the company practiced systemic licensing violations then that's a different matter.
12:50 - press return.
You don't really own software now adays, you just buy a license that lets you use it. Since everyone has the ability to use free software, wouldn't by that same logic mean that they would all have to list it as their IP whether or not they use it? Wow, IP is such a stupid term...
Come on people, let's pay attention to the article. Contrary to the poster's headline, nothing in it even hints that using Linux would violate Sarb-Ox. Sarb-Ox is supposed to make investing a bit safer by forcing companies to audit their practices and disclose potential problems.
If someone is building products on GPL code (like, say broadband router/NAT boxes based on Linux) then they are supposed to disclose that tidbit to their investors. The important part is that they don't own all of the intellectual property for that product and investors should know since that could change the company's value. If they fail to disclose the data, then they have violated Sarb-Ox.
Does he really think that Microsoft owns all the "intellectual property" in Windows? They sub-license a ton of stuff. For example, IE was based on licensed code from Spyglass. The "About" panel for IE also lists NCSA, UIUC, RSA, Independent JPEG Group, Intel, and Mainsoft. And that's just a single program within the OS. And what about all the submarine patents on the stuff in Windows? How about all the copyrighted stuff in all the malware that's probably running on some of their Windows systems? How about the BSD copyright on the TCP/IP code used by Windows? How are companies expected to find all that information?
I think the problem may be that the author of TFA hasn't a clue what he's talking about. I suspect that the law says that companies have to disclose what "intellectual property" they own, not what they use. Or perhaps I'm mistaken, and it's Congress that hasn't a clue; that's a distinct possibility. But even then, I'm sure it would follow the spirit of the law to worry about what the company owns, instead of what they use.
Software sucks. Open Source sucks less.
Have any of you looked at the list of licenses that are included in major packages? In any commercial OS? Pick your favorite app, click Help-About, and many times you'll get a nauseating list of patents, copyrights, and other licenses for technologies that make the app work. If disclosing IP in the apps in an office is required, using OSS isn't going to be any harder to document than trying to find the IP in some commercial product.
The article states - although not in its misleading headline (repeated as a misleading headline for this topic) - that, in short, if a company is violating the GPL it is violating Sarbanes-Oxley and hence committing a federal offence (of course, I don't have any idea what Sarbanes-Oxley is :-). The only bad news I can see in the article is the headline - which is erroneous.
On a side note, I'm not sure how easy it is to unwittingly violate the GPL these days, so the article is cutting GPL violators quite a bit of slack!
Dull Disclosure of Dependancies:
We use the following systems under the legal licenses listed.
We are not aware of any violations of the agreements by the companies and constantly monitor employees to ensure no laws or licenses are violated.
Pencils - Federal Copyright laws
Xerox copy machine - Federal Copyright Laws
Windows XP - Vendore License. Updated monthly, hard copy stored in vault. 3 interns manage the database and 2 lawyers on retainer to review.
Linux - GPL. 2 pages attached.
Modification can also trigger copyright protections. The FSF has said they don't care about modifications that you don't distribute, but legally the GPL does apply to you if you merely modify without distributing, since it is the only license that grants you rights that you would not normally have under copyright law.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Basically, this is FUD from a BSD vendor who wants to hurt linux and promote BSD by Fudding the GPL.
Although started by some really bright netBSD folks, they've ejected all of their really bright founding engineers and are resorting to scare-tactics and other garbage like this to try to gain market share.
Stupid tricks like this hurt free software in general. I hope Wasabi garners enough ill-will from this stunt to hurt their business in a serious way.
I don't see any further exposure or problem. Companies using Linux have the right to use linux just like they have the right to use something they bought. Linux has contributors who have a copyright relationship with distributions of Linux and those who write software based on their work.
Guess what. Microsoft has contributors who have a copyright relationship with distributions of Windows and those who wrote software based on threir work.
Considering the terms for Linux are more generous not less and dont affect end users anyway how is this something for companies to worry about? This is a canard!
Likely as not Wasabi Systems (creator of the report) is doing it for their own benefit.War^w Competition is Hell.
Sheesh, evil *and* a jerk. -- Jade
The same can be done for all the system components, although I'd just guess many will simply name RedHat.
"Ownership" of IP means exactly that. If I am a company that produces software, I own the IP of that software, GPL or not. If another company uses that software, they don't "own" it, and therefore don't have anything that needs to be disclosed.
The point is to prevent companies from hiding a potentially valuable but unexploited assets from shareholders - not to give an inventory of every piece of software they bought.
It is a slanderous urban legend that the license terms for OSS are impossible to enumerate. They are hard to find sometimes, and if you really want to be thorough about it you need to just give up and buy a supported OS.
But all the licenses you are likely to encounter are listed here:
http://www.opensource.org/licenses/
And once you have those the risks with "unlicensed" or "non-GPL" compliant software isn't any greater than any other OS.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
More seriously - Just because you get Windows from Microsoft doesn't mean that all the IP in Windows is from Microsoft. At least with Linux it would be possible to track down the original sources of the IP.
If that is indeed required for Sarbanes Oxley, then it would be *Impossible* to comply using Windows because Microsoft'll never tell you where all the IP contained in it came from.
There is software to look through all the source code a company claims to own, http://blackducksoftware.com./ I'd rather have software do it than have to look by hand.
Working on new views of old physics at http://VisualPhysics.org
That is a great news...
Take the example of a random company, let's say... Linksys, a publicaly traded company, owned by Cisco.
They release an appliance with Linux in it... They don't release the source code. It is GPL. They are in violation of Sarbannes Oxley. It's a big deal if this is discovered, could put them into trouble. It is probably the best way to force a company to comply with the GPL.
Now it is too bad it only applies to publicaly traded companies...
Why don't the people who wrote the GPLed software sue the companies that are in violation if it for a lot of money? As it is right now, parties use GPL code as their own with about no repercussions, such as First4Internet did in its XCP rootkit. If OSS is even going to be taken as seriously by everybody, the OSS programmers need to sue infringement like Microsoft or SCO do.
Just "gittin-r-done," day after day.
right, but you only have to provide source code to others who you distribute to.
Thanks, Thanks, Thanks!!! :)
Eventually someone figured out, what the article is about. I wonder why there were so many (excuse me, but it is appropriate here) stupid comments were written before. I don't think it is really difficult to figure it out.
Mere use of Linux by a company cannot ever be a violation of the GPLv2 that Linux is licensed under.
It can if you violated the GPL, and thus made your license void. That's what TFA is talking about.
All the comments are wildly confusing, and go figure, the summary sucks, but TFA makes it clear that for a public company violation of the GPL invalidates their license, and makes the issue not just copyright infringement, but a securities violation.
This wouldn't be any different than saying "by installing one copy of Windows on two separate machines you break your license, and thus it becomes a securities violation."
I am unamerican, and proud of it!
Correct. While you may indeed trigger the GPL with mere modification, it doesn't have many practical implications.... yet at least.
If GPLv3 includes some stuff about using GPL code in a server-side capacity of a network application, you won't have to comply with any of that stuff unless you modify the app, then you would have to comply with the GPL in those regards even if you weren't distributing the app itself.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
This gives the FSF and other copyright holders who license their work under the GPL an easy way to make claims against offenders. Let the SEC bust a company under Sarbanes-Oxley, and then when they get a conviction or a settlement, swoop in and file a claim against the company citing the criminal case for most of your evidence.
The GPL doesn't grant you use rights. You got those if the person that distributed it to you complied with the GPL.
Even if you violated the GPL, mere use would still be legal. You don't need the GPL to have the right to use the software, only to have the right to modify, copy, or distribute the software.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
I think a lot of people are missing the bigger picture by not asking the question:
"WHAT is the main reason and who are the authors behind the SOX wording" about this disclosure requirement.
It COULD be a specious attempt by lobbyists on the part of their supporters to FORCE the companies using GPL/FLOSS/Linux to disclose themselves so that ms and their henchmen can start targetting the companies that (public or private) are using Linux/free/free software. It has the 'beneficial' effect of causing their competitiveness or chance of success to be diminished or at least perceived as rogue, reckless, uninformed...
Moreover, it indirectly helps ms by causing the commercial (non- or anti-Linux/GPL/FLOSS) companies/developers to target and entice those companies 'back into' the fold if they have escaped or managed to get one foot out of the field.
This isn't to say that employees don't talk. Of course employees talk, whether complaining or bragging about their companies. BUT, by forcing companies to list that they are anti-ms or unwilling to be 100% in ms' farm, then the shareholders who WANT to be in ms' fold (for stock/portfolio reasons) just MIGHT call for the necks of the IT managers.
Just one jaded/cynical/scary thought...
Anyone else can add to or refine my ideas here...
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
> Modification can also trigger copyright protections.
That's a nonsensical statement. Copyright protection does not need any triggering.
> The FSF has said they don't care about modifications that you don't
> distribute, but legally the GPL does apply to you if you merely
> modify without distributing, since it is the only license that
> grants you rights that you would not normally have under copyright
> law.
A distinction without a difference. Modifying without distribution does not require anything of you.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
The study indicates that dozens of companies are discovered each year to have violated the terms of GPL, and if they are public companies, they are violating Sarbanes-Oxley.
The article said that if you violate the GPL, you violate SOx. This would therefore be A Good Thing (TM) as it would give even more power to the FSF to clear up abuses.
Misinterpreting articles in this way sends the wrong message to managers, however, who might think they're better off with M$. And no, managers don't read the article.
IMHO, the same company would be violating SOx as much if they bundled any M$ or other proprietary DLL/EXE/bitmap image into their software without explicitly mentioning it.
Atheism is a non-prophet organisation
Well, of course Linux is part of every sunrise. You wouldn't what Windows running something important like that would you?
The 'Net is a waste of time, and that's exactly what's right about it. - William Gibson
just ignore the first sentence... it's daft.
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
I dont know too much about GNU... But who enforces GPL violations?
The title of the post is pure FUD, "Some Linux Users Violate Sarbanes-Oxley!!! TFA is only slightly better...
Why stop at Linux, or free software in general? If a company makes an embedded device that uses a pirated copy of a proprietary RTOS, that would violate the Sarbanes-Oxley law too.
This seems to me a fundamentally good law (at least this provision): companies must not claim to have rights to use or distribute software, unless they actually do have those rights!
So why is anyone linking this provision to Linux?????? The only reason is because it's easy to get Linux for free, so incompetent people think they can do whatever they want with it. No one would make the same mistake with Microsoft software, simply because it's wrapped in a menacing 10 page EULA.
My bicyles
*OWNERSHIP* is the term used, not Licensed, not used, IP *Ownership*.
Microsoft Owns Windows. Not it's licensees.
Well, we all pirate their proprietary software... I guess it's only fair to let them have something.
Copyright law says nothing about modification. It does not prevent it, and therefore the GPL does not, either. Go ahead and modify all you want.
Oh is the IT part of SOX a circle jerk!
The IT clause is very vague, saying a couple of sentences about "adequate security." No one knew how to interpret SOX anyway, so the Public Company Accounting Overight Board (PCAOB) was created.
The PCAOB put out some pretty equally vague statements, finally saying (in essence):
"The company you hire as the external auditor to give you a pass/fail on SOX has the final say on how the law is interpreted. Oh, and if you disagree with anything they want to put upon you, then they can A) fail you, or B) consider you 'difficult.' Or both. In the case of B, they can give you lower marks based on your being difficult - even if you fully comply with everything they've requested, and they may charge you a higher fee for their service."
SOX ends up being not a protection against the likes of Enron, but a bailout for the remaining auditing firms (since Arthur Andersen got caught and tanked).
Now, on topic:
When my former employer was going through SOX compliance, there was never any question or requirement that we disclose IP owners of software we had purchased licenses for. I wholly agree with the previous statements saying, "If you're not complying with the GPL, then you have to disclose, but if you are complying with the GPL, you are licensing." Beyond that, if you're not complying with the GPL, you should get in trouble for that.
Web 2.0 == Giant Blogspam Circle Jerk
This is business as usual and it should be obvious. McDonalds may be violating IP someplace, so could Mercedes or even Barney the TV show. Take the case of a car, how could one enumerate all the possible IP holders or possible violations? They probably mean the IP that the company knows about. This could be a real problem for companies that cross license portfolios like IBM and Lucent.
Yes, if you violated the GPL, your license if void. That is your license to distribute copies! You can still use the GPL software yourself.
Legally, violating copyright means you are liable for monetary damages, and you may be forced to cease and desist distribution of the violating item. However it says nothing about the original item. If you plaguarize the NY Times, they may sue you. However you are still allowed to read the NY Times.
What a bunch of crap. So, if you use linux, you can be SOX incompliant because of IP issues. But, if you use Windows, you won't be, even though Microsoft has been proven to have used other people's IP illegally? Because you paid Microsoft $$?! Much as I loathe redhat, I'm sure Redhat will be glad to take your money too.
REDHAT LINUX - because charging a metric assload for an operating system works so well for Microsoft
There is no such thing as Intellectual Property. It is a completely artifical concept used to mis-apply property laws to information.
There are no IP owners. There are only copyright holders, trademark holders, and patent holders.
It is important.
By the same token;
What IP is in Windows?
We already know Microsoft has been caught stealing code many times, what is still lurking?
Without a full source to any OS how can anyone know whose IP they are using?
I am the unwilling control for my Origin.
The GPL is a license to violate the copyright on the code, if you follow certain rules. Using the code does not violate copyright, so the GPL cannot prevent it.
If you plagarize the NY Times, you may get sued, you may not be able to sell your book. But you are still allowed to read the NY Times.
The synopsis above is misleading. Its is GPL violators, not simply GPL users who are at risk.
And to clarify further: The issue is about basing a product on GPLed code without disclosing that you are doing so.
If you do this, get it wrong, and get caught, you have a choice between stopping distribution of the product or releasing the source to its guts (or some fraction of it) to the public (including your competitors and potential customers) for free (as in speech AND beer) reuse.
This may be perceived as a risk to your business model - and thus is something that must be disclosed to your investors and potential investors if your company is publically traded.
Maybe it's not a risk. But corporations are required to give enough information to their current and potential investors for them to make their own determination.
= = = =
Meanwhile it's NOT an issue AT ALL for companies using Linux on the desktop. or even in internal processes (as long as they don't make changes to its guts that are key to their competitive advantage and then do something that counts as distribution - which is unnecessary if it's just being used as a platform for applications and services).
Yet the article - even with the clarification - makes it seem this is an issue for desktop and server USERS - and many comments are responding to that bogus threat. Oops!
The editors should clarify the article further.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
What do you mean, you didn't read your EULA? --- ah, pathetic humans.
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Even if that were the case, I am certain that the federal courts would see the flaw and change the law as it is obviously outdated.
In conclusion, FreeBSD isn't as innocuous as you claim. It's not just a real UNIX that failed to catch on like Linux due to some fact of history. No: FreeBSD will give you Hantavirus. In a big, bad way. I'd give you the names of everyone that can confirm my story, but they're all dead because they got Hantavirus. I didn't get Hantavirus because I was running Kubuntu Linux.
Finding God in a Dog
There exists nothing in current US copyright law to allow private use appart from any license.
GPL code is generally only distributed under the GPL.
Being that you violated the GPL, you now no longer have *any* license for that software, and thus have no usage rights.
If you disagree, I'd like to know what mythical license you're imagining that grants you right to use appart from the GPL.
I am unamerican, and proud of it!
FBI, CIA, and SEC should have fun looking him up.
- I voted for Nintendo and against Bush
This is incorrect - mere "use" is not a right reserved for copyright holders. You don't need a license (implicit or explicit) to read a book, and reading a book cannot (in and of itself) be a copyright violation under any circumstances. Years go people tried to argue that copying to a hard drive (installation) and into RAM (use) were "copies" under copyright law and you therefore can't use software without a license, but thats been untrue since 1977, when "copying essential to use" was explicitly placed under fair use.
However, if they use Linux in an embedded device, etc then the IP owners are disclosed anyway, because their names will be listed in the credits/comments of the source, which being GPL has of course been released to the public for anyone to see.
No issue.
smash.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
Most packaging systems list authors. At worst, you'd download the source packages and grep them for email addresses to produce a seriously long list of names (guessing of the order of 100,000 names for a typical distro) upon which the SOX advocates can happily choke.
Got time? Spend some of it coding or testing
Fine, I'll rephrase. Modification is not allowed of work that you do not own the copyright on, in the absence of a license of some sort.
Use of a lawfully recieved copy is not a protection granted to the copyright holder by copyright law, which is why mere use of GPL programs does not require you to agree or comply with the GPL.
Modifying without distribution does not require anything of you.
Under the current GPL, correct. My point is they can and probably will add requirements that are triggered by modification in the absence of distribution in GPLv3.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
It would be apparent that the author, a lawyer, explicitly says that this scenario does not apply to companies who simply use Linux.
/.r's. Knee-jerk reactions to a topic header indicates carelessness or cluelessness. There is no third option.
He is warning software vendors who make changes to open source software and might violate the GPL.
Wasabi targets OEM vendors for sales of platforms and such and from a legal standpoint this paper raises real issues. So everyone stop assuming that this applies to any shop which has a Linux server - it does not.
Perhaps expectations should be lowered for
Some people think that just because someone is being nice to you, you can walk all over them. People who think like that could find them selves in a deeper pile of doo-doo than they expected if they treat GPL software like it was Public doman and try to 'steal' the code by putting it into closed-source products. .. . . .
(of course, if you were trying to do this with Microsoft software, you would have had BSA people all over you 6 months before this point.)
Sometimes boldness is in fashion. Sometimes only the brave will be bold.
Since you are being pedantic I better clarify:
...
[Controlling the] use of a lawfully recieved copy
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Anything not granted to the owner under copyright law is assumed to be allowed.
Copyright law does not create a right to control most uses, it only grants a right to exclusive control over distribution, copying and modification, with a few exceptions such as public performance that don't apply here.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
"How are these companies supposed to really list out all the IP owners if they were to install a full desktop or server environment - there could be literally thousands of parties listed!" Easy.... hire lawyers. "What are the current Fortune 500 companies doing, as many of those use Linux in one form or another?" Hiring lawyers.
It's good that the FSF don't care about you making private modifications so long as you keep them private, because they couldn't stop you anyway, even if they did care. You have a statutory right to do that, so long as you keep your modified version to yourself. Basically, they insist for you to release to everybody under the same terms, or nobody under any terms. What could be fairer than that?
Je fume. Tu fumes. Nous fûmes!
After all its not like there are hundreds of kernel and userland developers developing free software for Wasabi's NetBSD OS.
... oh wait a minute? Hmm
And its a really good thing no gnu tools like GCC and autoconf are included with NetBSD by default that are actually Gnu.
So I.T. folks? Stay away from free software and use Wasabi
{yes this post was made in sarcasm to the people who funded the study}
I feel their own fud probably backfired? Just because NetBSD is free doesn't mean some IP from companies such as Wasabi or google have not made it into the kernel. So yes you could still be screwed for unreporting this to your SOX auditor.
http://saveie6.com/
The very first sentence of the article says "companies using Linux for EMBEDDED APPLICATIONS" (caps mine, for those who apparently can't read lower case).
Terrorists can attack freedom, but only Congress can destroy it.
it looks like this is f/oss trying its hand at the fud game.
1. Create GPL
2. Stir up FUD to get more support to it's cause
3. Profit????
Disclaimer: I'm just trying to make a parody out of something that popped in my head the second I read the quoted part.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
Then the entirety of every EULA is wrong, and Microsoft can't stop me from using Windows? Sweet to know, thanks.
I am unamerican, and proud of it!
The author, who has an obvious agenda, ignores the fact that violating *any* software license (including Wasabi's) can get you into trouble.
Although you would never know it from the title, the article refers exclusively to people who *violate* the GPL. It's like saying that people who drive cars may face jail terms for DUI.
Take a look at Wasabi Systems website: "Wasabi Certified BSD, a certified, tested, and optimized version of the BSD operating system, offers the rich functionality of BSD Unix without Linux's troublesome GPL License." In other words Wasabi is a direct competitor with GPL'd software. Right on the front page of Wasabi's web-site they are bashing the GPL. Nothing like an unbiased "study" I always say. I wonder who wrote the article, no mention of that. Hmmm.
"If companies are violating the GPL, they dont have the right to use that software."
Is that even acurate? My understand of the GPL is that it does not restrict, only distribution.
EULAs have a different legal basis, and it's not founded on needing a license to use software. It is, in fact, the ubiquity of EULAs that have contributed to the perception that you do need a license to use software (a perception which is not supported in any way in written law). In fact, I believe, as do many people, that EULAs are on extremely shaky legal ground, and the main thing supporting them and convincing judges to allow them to have legal force is the fact that they've existed so long without serious challenge - we allowed them to become the norm and now, despite the weakness of EULAs, people (including judges) grant them power because "everyone knows" about them. In a recent case where someone argued against an EULA because he wasn't shown it (ever), the judge rejected his argument because he should have assumed there was an EULA and sought it out before installing the software.
EULAs have a different legal basis, and it's not founded on needing a license to use software.
Please, explain if you would. I'm confused. If I don't need an EULA to be granted permission to use the software, then what do I need it for? and how does it have any legal standing at all?
I am unamerican, and proud of it!
Because the owner of the copyright won't give you a copy unless you agree to one.
and how does it have any legal standing at all?
Because judges have tended to agree that clicking that "I agree" box in the installer is legally equivilent to signing a contract. There are *tons* of very persuasive arguments against it (contracts of adhesion, lack of consideration, and a term I forget about post-conditions on sales), but for some reason those have never proved effective Personally, I think it's a miscarriage of justice.
Software distributed without an EULA loses none of it's copyright protections (it's just like a book or music CD) and it's perfectly feasible to commercially sell software with only those protections. EULAs are one the nastier little bits of social engineering foisted onto society.
So, any company that runs MS Windows is also in violation of Sarbanes-Oxley, unless they get full disclosure from Microsoft on all the technology Microsoft has licensed or otherwise taken into use.
Interesting how legitimate questions like the problem of software patents or Sarbanes-Oxley compliance get spun into anti-FOSS FUD.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
Thanks for th info. It's been by far one of the most learningful experiences I've had on slashdot.
Now that I understand EULAs, yeah, it's stupid. "Because the owner of the copyright won't give you a copy unless you agree to one." But, I already have the copy, and I already bought it. Yeah, that as a legal arguement doesn't make any sense to me. (I understand it, and how it works now, but it's still f*in stupid.)
I am unamerican, and proud of it!