Slashdot Mirror
MPAA Forced To Take Down University Toolkit
bobbocanfly writes "Ubuntu developer Matthew Garrett has succeeded in getting the MPAA to remove their 'University Toolkit' after claims it violated the GNU GPL. After several unsuccessful attempts to contact the MPAA directly, Garrett eventually emailed the group's ISP and the violating software was taken down."
Linking to a LiveJournal post that reads:
MPAA don't fuck with my shit.
(And yes, I did attempt to contact them by email and phone before resorting to the more obnoxious behaviour of contacting the ISP. No reply to my email, and the series of friendly receptionists I got bounced between had no idea who would be responsible but promised me someone would call back. No joy there, either.)
Awesome.
I wanted FSF to sue MPAA for their toolkit. Waah!
proud caffeine whore
This is news?! What is up with that! Every body knows that the RIAA is a completely honest and upright organization. They practice what they preach. They obey everyone else's takedown notice, be it gpl or dmca, whatever, just like they expect you to obey their takedown notices. I can't wait to see the day that all these trolls on slashdot finally go the way of the dinosaur and the true intellectuals out there call the RIAA what it is! It is an honest, upright, artist first organization! IF YOU CAN'T HANDLE THAT GET OFF SLASHDOT!!
;)
I got a catholic block.
Next they'll contract a russian ISP and put the torrent up on one of their trackers...
Explanation.
As TFS & TFA have little info, here's some background:
The MPA(A) released a Xubuntu derived livecd with a bunch of F/OSS tools to assist universities in monitoring their networks. *rolls*eyes*. More info about the software in this Washington Post article.
Unfortuntately the CD as shipped contained no source & no written offer for the source, so was in violation of the GPL (and hence, the MPAA are in violation of various software author's copyright).
After several attempts to reach contact the MPAA, the ubuntu developer sent a takedown notice to the hosting ISP.
I hope he now presses for copyright violation - as he so elequoently says: MPAA don't fuck with my shit.
There are shills on slashdot. Apparently, I'm one of them.
Uuuuubuuuuuuuuuuunnnnnnnnntuuuuuuuuuuuuuu !!
Slashdot reports, you decide!
Classic. Absolutely classic.
The higher the technology, the sharper that two-edged sword.
but at the same time rather worrysome what a simple email to the ISP can do, even if it's for a good cause. Why not sue them and make things bullet-proof and at the same time strengthen the GPL in court, rather than sorting things out vigilantism-style? A pile of court-issued takedowns might be a more impressive repellant against future violations of the GPL (or any other such license) than a pile of social-engineering-issued takedowns. Don't associate "social engineering" with the negative connotation of spam/phising/etc. as I used it; instead, read it in its original meaning: someone requested a blocking of content from an ISP, essentially (TFA is void of details) only with convincing arguments but no hard proof that the GPL was indeed violated.
The grass is always greener on the other side of the light cone.
for copyright infringement as well.
Now that would be poetic justice.
The society for a thought-free internet welcomes you.
The ISP will probably receive a nastygram from an MPAA lawyer soon and put the material back up. Then the fireworks will really begin.
How we know is more important than what we know.
Bah, filthy copyright infringers like these make me sick! Ripping off an honest Joe by not respecting his Imaginary Property. The nerve!
Hope those blaggards get what's coming to them! Surprised he had so much trouble finding the right person, though. They should have a contact registered with the Copyright Office who handles all DMCA Takedown Notices. I'm sure that a few minutes alone with them could solve a lot of problems.
DMCA takedown notice is exactly the legal action you are supposed to take in these situations. It is not "social engineering". He has every legal right to do it.
The cake is a pie
Actually Matthew Garrett wanted to see if he can add some improvements to the "University Toolkit".
If he can't find the MPAA's CVS repository, he might have to fork the code...
Even if you don't change a line of code, you still have to distribute (or offer to distribute) source if you're distributing the binaries.
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
Now THAT is the (accurate) headline I want to read!
They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
"The MPAA/RIAA has distributed 1500 copies of my work. I offer that software at $50,000 per copy. They owe me 75 million dollars in damages!"
That's basically what they big media is trying to do to the consumers, isn't it?
"No, no, no. Don't tug on that. You never know what it might be attached to."
Instead of saying they "violated the GPL", let's keep this simple. They violated copyright law. By their own definition, they're "pirates". They stole. Etc.
Do you have ESP?
You do not have to distribute "changes in the form of a diff", or "distribute your code changes" in particular.
You must distribute (or offer to) the complete source code corresponding to the binaries you distribute. The whole purpose of the GPL is that someone getting a binary can get the full source for the binary.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
If you are distributing binaries non-commercially and you got those binaries as is from elsewhere (ie didn't compile it yourself from source) then you can simply pass on the offer that you were given, as per 3c of the GPL.
Otherwise if I were giving a Ubuntu CD to a friend I'd have to be prepared to distribute the source to him too! As it is I can just refer him to the offer Ubuntu gave me.
That may even apply to most of the packages aggregated on the Xubuntu CD the MPAA were distributing (I haven't seen a package by package comparison, ie whether they built their own packages ot just used xubuntu's wholesale).
For the changed packages it would be interesting to know what the changes were, to the extent that can be determined without the source.
Boffoonery - downloadable Comedy Benefit for Bletchley Park
If you are, in fact, a lawyer, I'll happily defer, but in my layman's opinion I don't think that's the correct conclusion.
If you violate one of the GPL terms, your license to use the software is terminated. Fine. However, as long as the software is still being offered to anyone under the GPL, you can just go, conform to every part of the GPL, and use it again. You can think of it as one license being terminated, but then going and getting a new one; the GPL is an "infinite stack" of licenses: all you need to do to get a new one is to play by the rules.
There's nothing in the GPL that says 'if you violate this once, you're out for good,' although I'm not sure that would be an entirely terrible idea. But that license-termination clause doesn't necessarily imply that.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
The MPAA doesn't need to ship source code with GPLed software if they didn't make any modifications. It doesn't sound like they changed anything. As for damages, since no one lost any money, good luck suing them for any money. /.ers are such hypocritical retards.
this chaps comment.
It would be nice to know precisely what went on. Obviously we don't have to be told, but if "MPAA don't fuck with my shit" is going to be splashed around the kernel/Debian/Ubuntu planets I think it's reasonable for people to be interested in the details.
Perhaps this story can get even wierder and the MPAA will post the DMCA notice on Chilling Effects
Boffoonery - downloadable Comedy Benefit for Bletchley Park
Lower the damages to $699, the cost of a license from SCO to use the code in the first place...
quote ">Seriously?
No, this is all just a joke. Really.
>I don't nor does the Slashdotters posting here except the rabid, fanatical F/OSS fanboys.
How can you assert that? Did you do a survey?
>This is not a victory.
Then tell us what it is.
>Silly kids, go trim your neck beards and worship Stallman some more.
How do you know "kids" are responsible for this? What backs up your suggestion that if they are kids that they are silly? How old do you think Matthew Garrett is? Go google it.
Maybe you should take a chill pill and leave this topic alone if you aren't interested in it. You are making baseless assertions just to try and stir shit.
You come across as a dumb ass.
Well, I'll go with you in saying that, if the allegations are true, they appear to have violated copyright law by breeching their license to distribute (i.e. the GPL), but I don't like distorting my speech to say that they "stole" anything, even if they do have that coming. Though you did say by "their own definition," it's still not a definition I can accept.
:]
That said, I think that'd make the blaggards filthy copyright infringers who deserve to walk the plank. I also think they are hypocrites who obviously don't respect the Imaginary Property rights of others the way they want their own to be respected.
But that's about the best I can do without stooping to their level.
I just can't go that low, sorry
I know this because I subscribe to the Cygwin mailing list, which has discussed this extensively. The Cygwin DLL is a POSIX emulation layer for Windows, and it's quite common for companies to port their *NIX apps to Windows with Cygwin, and then to bundle their app with the DLL but not its source. In particular the Cygwin developers - Red Hat - have made it very clear that just pointing out somebody else's copy of the source doesn't count.
Also, one must provide the exact same source code as was used to build the binary, and to maintain that version of the code for the duration of the license terms (two years after the last ship date I think). So if you upgrade your code, you can't take down the old version of the sources until your obligation under the GPL for that version expires.
The way I'm handling this in my own Free Software project is to roll a release tarball of the source as the first step of making a release, then to unpack it and use that to build the binary. That's the only way I can feel sure I've got a snapshot of the exact source for each binary.
Request your free CD of my piano music.
Not to respond to myself, but I did forget one thing. Wasn't the Linux kernel recently appraised as being worth $1 billion? How would that look in a headline if we did things their way? "MPAA Infringes Upon $1 Billion in Imaginary Property"?
No, that makes it sound like they photocopied Monopoly money. Hard to make it sound menacing unless you distort language the way they do. "MPAA Steals Property Worth $1 Billion" has more punch to it, but it's just not right. It's filled with the same sort of ridiculous hyperbole I dislike them for propagating.
to a certain 'bay of pirates.' *inoccent whistling*
I read this post and immediately pictured Ewoks dancing in the forest as the Death Star burned above them. Sure, you know it's not over, but what a nice blow against the Dark Side.
I doubt whether the RIAA will be stupid enough to get caught like this twice. I'm desperately hoping that the "infringee" has the inclination and the resources to drag their asses into court and beat the legal crap out of them.
Do NOT let them settle. This needs to be on the public record.
Even if they won, what delicious irony if they had to spend a whack of money on a successful defense, only to have it turned against them in subsequent cases!
I've calculated my velocity with such exquisite precision that I have no idea where I am.
Read the article.. it's XuuuuuBuuuuuTTTuuuuuuuuu !!
"The University Toolkit is essentially an operating system (xubuntu) that you can boot up from a CD-ROM. The package bundles some powerful, open-source network monitoring tools, including "Snort," which captures detailed information about all traffic flowing across a network; as well as "ntop," a tool used to take data feeds from tools like Snort and display the data in more user-friendly graphics and charts. "
http://blog.washingtonpost.com/securityfix/2007/11/mpaa_university_toolkit_opens_1.html
The truth shall set you free!
MPAA was caught committing a copyright infringement. :)
And why would the FSF be able to chase them down? I was under the impression that Ubuntu (or their developers) held the copyright. Sure the FSF owns the GPL, but they do not own software licenced with it. The FSF can do nothing if the copyright owners do not invite them to be involved.
I won't join Slashcott. OTOH, If Beta goes live, I just won't be back until it's fixed. Sorry Dice.
tM
Support TBI Research: http://www.raisinhope.org
It wouldn't be so hard to take these organizations seriously if they didn't use every dirty trick in the book, including breaking the laws they claim to enforce.
I can almost imagine them having fallen into the trap of "open source = public domain, therefore we can do whatever we want"; except that MPAA deals with copyright infringement all the time, so they _should_ know better.
On a side note, this is a good illustration of the difference between open source and Free software: Free software is what requires the MPAA to make the source code available, whereas open source doesn't necessarily impose that requirement.
Please correct me if I got my facts wrong.
I'll assume you've read the other comments and now understand that it was a DMCA takedown notice, not "social engineering"...
The real joke for you to get here is that the MPAA has, themselves, issued similar takedown notices in the past. In fact, the RIAA/MPAA are pretty much the whole reason the DMCA exists -- and the takedown notices with it.
I'd gladly give up the takedown notices in order to repeal the rest of the DMCA -- in particular, the anti-circumvention bits, so that libdvdcss becomes legal.
Don't thank God, thank a doctor!
Can't it be both?
Don't thank God, thank a doctor!
I'll gladly done to a legal offense fund, if someone wants to throw together a class action. (I have no code in Xubuntu, but now I wish I did.)
Now, who wants to throw together the creative estimate of number of actual downloads?
Don't thank God, thank a doctor!
COMMONLY all that the FSF required was distributing the source code or not distributing. But copyright law allows punitive damges. The FSF never yet asked for damages. But that doesn't mean that the RIAA asking for $220,000 isn't because of copyright law: it is. Similarly, the FSF CAN ask for damages or even forbid any further licensing (the RIAA don't let you share again if you pay the damges, nor does it mean that you now have a licensed copy of the work infringed).
Universities get targetted by the MPAA with claims that university students are responsible for 44% of their local domestic losses and even releasing a top 25 list of universities that are the worst but it ends up backfiring on them when they receive their own DMCA takedown notice for a tool they then want universities to deploy. They did not think this thing through very well. The toolkit was shabily put together and the website was hastily thrown together. I think it is pretty safe to say they really screwed up their relationships with universities and have now pissed off the open source community. PR stands for "Public Relations" not "Public Ridicule". They need to work on that.
And from http://mytakeonsecurity.blogspot.com/
If you google for site:mediadefender-defenders.com "edu ips" intitle:edu you will find 4 links. In those links they state between 0.65% to 2.5% were EDU addresses. They speculate that the number is low due to the fact a lot of the IP addresses are probably from NAT (private networks). If a University is using NAT then all traffic coming from the University will appear as a single IP address. The number of students that were in the file sharing network could be a bit higher than the numbers they state but this is just the number of IP addresses from EDU address space and not necessarily IP addresses of "illegal" file sharers.
It makes you wonder if attacking universities was really worth it.
> IANAL, but why don't OSS developers offer a GPL-free version of their software for some really high price.
Actually, it is a common business model for developing free software. Cygnus did it with Cygwin, at least until they were bought by Red Hat. Alladin did it with GhostScript. TrollTech does it with Qt. I believe MySQL is developed under a similar model.
It mostly works for libraries, because the GPL is not limited by library boundaries. This is also why Alladin later switched to a more restrictive license, as GhostScript was usually called as a stand alone binary, rather than as a library.
I know it's irrelevant to the GPL violation problem, but what did this "toolkit" supposedly do, anyway?
Slashdot quality declines as the number of hot grits posts decreases. - Provolt's Law, Apr-09-2005
Comment removed based on user account deletion
If the GPL'd code was not modified, the software would not have sent information about the universities network back to the MPAA.
Dan Glickman is that you trolling as an AC?
I am the unwilling control for my Origin.
I suppose laws are for other people...
The sweet sweet irony here is that the MPAA doing, essentially, what they're trying to prevent with this software.
They have, without prior permission, taken a product, released under a specific license and immediatly violated the terms. By violating the license agreement, they have not accepted the authors terms of use, and therefore have violated the his copyright.
It sickens me that a company can quite openly break the very laws that it uses to bash (relativly) innocent people, and still the bigwigs do nothing.
RIAA, MPAA, you've known it for a while, and the latest figures show its not far away, you NEED to change your business modal. Adapt or die.
You feel sleepy. Close your eyes. The opinions stated above are yours. You cannot imagine why you ever felt otherwise.
Sorry, you're wrong and the grandparent post you were responding to is right.
You can only get one license from the copyright holder automatically. When someone distributes the software to you for the first time, you automatically receive the license (a.k.a. grant of permissions) from the copyright holder (note: NOT from the person who actually distributed it to you).
You then retain those permissions unless and until you give them up voluntarily or lose them by breaching the license. Once they are lost, you can't get them back again simply by downloading another copy. The ONLY way you can get them back is to negotiate with the copyright holder and explicitly get their permission. If they are feeling nice, they will waive the violation and let you use the code under the original license terms again. If they aren't feeling nice, they may choose to never let you use it again.
IANAL and this is not legal advice.
Commenting on the same poster as the parent: You, sir, appear to be a card carrying member. You are using an open source forum to contribute your comments to the community. Does that not fully embrace the F/OSS model?
Glad to see that you've entered the fold, and look forward to seeing you "grow" some more!
MP3 is not the only way to go. AAC is not DRM. (Fairplay however, is) Apple is pushing to release all iTunes content via AAC WITHOUT Fairplay. (Which is no more encumbered than MP3)
I would expect someone with 'madskills' to not be a total idiot.
Class Action Suit!
Now, who will take on to fill one?
Thank you, do you know how many cute posts I had to read down just to find out what the item is.
Do a Google search for MPA University Toolkit. You will see lots of copies and caches of the original page, complete with the original link for doing the download:
... which still works.
http://universitytoolkit.org/tkagree.php
To a Lisp hacker, XML is S-expressions in drag.
Thank you, do you know how many cute posts I had to read down just to find out what the item is.
You are welcome. For me instead of reading the cute posts first, I read the article if it isn't Slashdotted.
OMG.. He read the article!
The truth shall set you free!
Copyright law limits your right to copy things. GPL gives you back some of those rights if you satisfy certain conditions. The GPL is not relevant for activities that don't involve copying.
If you make a copy of a binary, then give it away without source, then you have violated the GPL. If you receive a CD with binaries from someone who has complied with the GPL, then give it away without source code or offer of source code, I don't see how anyone has broken any law. Seems like a bit of a loophole.
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
http://geekz.co.uk/lovesraymond/archive/gpl-killed-the-mpaa-star