FSF Settles Suit Against Cisco

Saint Aardvark writes "The Free Software Foundation has announced that they've settled their lawsuit with Cisco (reported earlier here). In the announcement, they say that Cisco has agreed to appoint a Free Software Director for Linksys, who will report periodically to the FSF; to notify Linksys customers of their rights; and to make a monetary donation to the FSF. An accompanying blog entry explains further: 'Whenever we talk about the work we do to handle violations, we say over and over again that getting compliance with the licenses is always our top priority. The reason this is so important is not only because it provides a goal for us to reach, but also because it gives us a clear guide to choosing our tactics. This is the first time we've had to go to court over a license violation.'"

This is the first time we've had to go to court

[overshoot]

And it looks like they couldn't even keep it up for the whole show.

Backsliding to the old cooperative solutions, eh FSF? I suppose they'll never change.

Re:This is the first time we've had to go to court

Or maybe the FSF (unlike some other IP-related litigants out there) only wants people to comply with the GPL, and will settle once the defendant agrees to do so (as opposed to extorting money out of the defendants)?

FSF should've claimed the attorney-fees-to-date it had to incur, but that's about it. If they were to push for any kind of "punitive" damages, or *AA-style ridiculous "compensation fees" that would portray them as just another trolling IP extortionist. Kudos to the FSF for going for what's right rather than what's rich.

Re:This is the first time we've had to go to court

[baomike]

Why should they? If you get what you want with out the risk of a trial
you are MUCH better off. Trials are risky,they do not always go as planned.
As for a cooperative solution , much better (and cheaper) than an advisarial one.
As for change , I hope not, they seem to be doing well.

Re:This is the first time we've had to go to court

[Presto+Vivace]

A lawyer friend of mine once said that once you go to court anything can happen.

Re:This is the first time we've had to go to court

Why would they? They've already extorted "monetary donation" out of cisco.

Re:This is the first time we've had to go to court

Oh I'm sure they made that money back with the software they stole from others and sold, ignoring the license and copyright of the authors.

Re:This is the first time we've had to go to court

[cenc]

My father, an attorney for many years had variation on that.

A good lawyer goes to court and gets their client off. A great lawyer makes sure the client never goes to court in the first place.

Re:This is the first time we've had to go to court

[afidel]

I'm sure that was the way that Cisco repaid the lawyer fees while getting a tax deduction out of it.

Re:This is the first time we've had to go to court

[jbdigriz]

This is a win for Cisco as well. They get plenty of good karma, and put non-compliant competition at a disavantage. All for little or no real cost.

The Linksys routers in question command a premium, even on the used market, precisely because of the GPL and hackability.

Win-win, all around. Any more, Cisco and the FSF would have to get a room. Kudos on a job well done.

Re:This is the first time we've had to go to court

[SL+Baur]

Or maybe the FSF (unlike some other IP-related litigants out there) only wants people to comply with the GPL, and will settle once the defendant agrees to do so (as opposed to extorting money out of the defendants)?

I am pleased that this got settled quickly and in a manner that supports the GPL.

Kudos to the FSF for going for what's right rather than what's rich.

Ditto. Credit where credit is due.

And kudos to Cisco for supporting the GPL in the end, even if a few hard-headed managers had to get larted.

Disclaimer: I am a supporter of the GPL, but I am not a friend of the FSF and although I am a Cisco employee, I do not write for Cisco.

Re:This is the first time we've had to go to court

[OrangeTide]

I think everyone settles because the license is pretty clear. You don't like the license, then you don't ship the software.
Most companies are willing to made a deal because it's still cheaper than paying commercial royalties the old fashion way. If you can suffer the GNU viral license, you can also have a very quick time to market compared to writing everything from scratch. It's pretty obvious that many companies are willing to make sacrifices to get the benefits. Having worked at Cisco, in groups that use Linux, we understood the sacrifices before we started, but it was never that easy to transmit that information up the chain of command in a way that would result in appropriate action being taken.

Many times it is just incompetence with key decision makers that results in GPL (and other) license violations. And every corporations I've worked for in the valley has a fair amount of incompetence and ignorance in the key decision making positions.

Re:This is the first time we've had to go to court

[Ungrounded+Lightning]

I'm sure that was the way that Cisco repaid the lawyer fees while getting a tax deduction out of it.

Unless I'm greatly mistaken they'd get to take a deduction on them anyhow, as a business expense.

If there are any tax advantages it's to FSF.

Re:This is the first time we've had to go to court

I guess that "contribution" the FSF is receiving doesn't count.

Re:This is the first time we've had to go to court

[drinkypoo]

Amen to that. I have two WRT54G routers, both with DD-WRT24sp1. I just upgraded the one I'm using from v24; the other is a version 5 unit which can only run micro, but that's what's on it. Comb your local flea markets :)

Re:This is the first time we've had to go to court

[ae1294]

A great lawyer makes sure the client never goes to court in the first place

Did he work for the mob or something?
"I'll wack off, those son's of b*ch's over at FSF if they try and drag us to court over this!"

Slightly more on topic. I was really shocked to learn that "they" have lawyers over at the FSF. I was under the impression they where all a bunch of hippies and cultist sitting in a dark basement somewhere... Who knew... Kudo's to FSF!

{O well, back to loading Debian and mumbling to myself in the IT closet}

Re:This is the first time we've had to go to court

[jonbryce]

Had you not heard of Eben Moglen?

Re:This is the first time we've had to go to court

[ae1294]

Sadly no! Just did a google and... well... I guess I've really only kept up with the darkside of computer lawsuits and lawyer types...

Guess I should be ashamed,
ae

the first

WOW! cisco has finally lost something, it's about god damn time.

Re:the first

[SL+Baur]

cisco has finally lost something

We didn't lose anything. We affirmed the GPL in US court. That means a lot.

Disclaimer: I do not speak for Cisco.

Re:the first

The suit was settled out of court, it never made it.

Re:the first

Disclaimer: I do not speak for Cisco.

Then don't say "We affirmed the GPL in US court," or you are speaking for Cisco.

Re:the first

[Hucko]

PP could be speaking for FSF

FSFAA!

[Dareth]

The article only says that, "Cisco will also make a monetary contribution to the FSF.", but does not list an actual dollar amount.

I am sure you hired an experienced intellectual property attorney to properly calculate the monetary damage by Cisco. Like a former **AA lawyer who has not been hired by the Obama administration yet.

I am sure they could get the calculate the "true cost" of the damages to the nearest million.

Re:FSFAA!

[Brandybuck]

It's "free" software. Given away to everyone at zero cost and no price tag. The license holders have not been affected, the original software is still in its original state. The monetary damage should thus be zero dollars and zero cents. A good lawyer of sufficient bulk could make a case that there was emotional damage to the original developers, and a ruffling of their sensitivities, but there are still no material damages necessitating monetary compensation.

Re:FSFAA!

[PalmKiller]

None of this is based on fact...Just a guess but its probably a payoff, so it will probably be big. It probably is however never going to be disclosed, that way leaders of the FSF could maybe line their pockets easier if they wanted to...not that they would or anything.

Re:FSFAA!

[hedwards]

Yes, an attorney could, but an attorney could also make the case that moonlight is the same thing as sunlight and that it's plenty good to pay up fines in whatever Zimbabwe's currency denomination of the moment is. That doesn't mean that it's going to be accepted or that it's a solid argument or that the argument is relevant, it just means that attorneys are good at arguing things.

Monetary damage isn't necessarily going to be limited to what a party charges, it's fairly common for attorneys to use the cost of comparable items instead of the actual cost when it makes sense to do so. Sometimes it'll be higher than what the cost was and sometimes it'll be lower, but it definitely doesn't have to be the same as the actual cost.

Re:FSFAA!

[Volante3192]

So, by that logic, music given away as a promotion can be freely copied because it was obtained at zero cost to the recipient?

Re:FSFAA!

[drinkypoo]

The "true cost" of actual damages is probably at or near zero. The legal costs incurred dealing with the problem will hopefully be more than covered by the donation agreed to in the settlement.

Re:FSFAA!

[JStegmaier]

If being made to comply is the only penalty for non-compliance, why would any ever comply until forced?

Re:FSFAA!

[inode_buddha]

You may wish to start studying copyright law. The GPL was the only license that Cisco had to the software, hence they have to abide by it. In other words, its the principle of the thing that matters, not the money. Meanwhile, you may wish to consider joining these guys.

Re:FSFAA!

OP was talking about the true cost of actual damages, not the cost of the software.

By his logic, the RIAA would be able to sue the copier for the actual damages the copier caused the RIAA, which has nothing to do with the price the copier paid for the promotional music.

Of course, copyright now is nowhere near this sane. TFA is about licence agreements, not copyright.

Re:FSFAA!

[Hucko]

Or played for a public audience. Why don't we have the radio giving announcements before every damn song that "... recording is stealing..."? Huh? it is the same thing.

Re:FSFAA!

You are an ass, I opened that link while I was at work. FUCK YOU.

Re:FSFAA!

Of course, you can make a zillion copies of it. Need to have a pretty big house to store them in, though :-)

Re:FSFAA!

[jonbryce]

There is still the value of the non-monetary compensation you have to agree to in order to be able to use the software.

In any case, when did actual loses come into it? The RIAA sues for hundreds of thousands of dollars for a track that is available on itunes for 99c.

Re:FSFAA!

[Brandybuck]

If the FSF says that software should not be owned then why do they sue over copyright? It's like an anarchist who doesn't believe in property suing someone for trespass. The only conclusion I can arrive at is that the FSF does not mean what they say.

Re:FSFAA!

[Brandybuck]

I don't agree with the RIAA either. But thanks for letting us know that you're willing to take Free Software down to their level.

Re:FSFAA!

[inode_buddha]

"If the FSF says that software should not be owned"

The FSF does not say that, nor does copyright law. Rather, the FSF says that software should be "share and share alike", as long as the license is respected. In this case the license is the GPL, and the authors of the software most certainly do retain the copyrights ("ownership"). Linksys and Cisco can license their own software however they want to; but the GPL bits have to follow the GPL.

Shakedown

[Brandybuck]

The sad thing is that so many people think GNu is about freedom...

Re:Shakedown

[fuzzyfuzzyfungus]

Are you just trolling, or do you not know the backstory on this one? The FSF has been trying to get Cisco to uphold its obligations under the GPL for ages. This "shakedown" was a last resort.

If you prefer the BSD style of freedom, which emphasizes the freedom of action of the developer, to the GPL style, which primarily aims at protecting end users, that is fine. Petty sniping of dubious historical accuracy, not so much.

Re:Shakedown

[lwsimon]

I'm not real big on the GPL, but this is hardly a shakedown. More like repeatedly begging them to abide by the terms they agreed to, taking them to court, then settling before going to trial where more $$ could have be obtained from them.

FSF wanted Cisco to follow the agreement, not to suck money from the company.

Re:Shakedown

No, the sad thing is so many people conflate "free" with "commercializable."

The primary ideal of free/libre software is opening up software (a race to the bottom, if you will). This is in direct conflict with traditional product-based economics, which is how the consumer software market has been traditionally based. Supply and demand is predicated upon scarcity and digital goods like software, music, movies, books, etc are fundamentally not scare. Copyright is used to artificially reintroduce said scarcity, and such artificial scarcity is by definition a restriction of freedom.

In other words, allowing someone to take a public good (free software) and restrict their ability to modify it and then require them to pay for it -- despite the lack of significant marginal cost -- is a restriction of freedom.

Re:Shakedown

[SL+Baur]

FSF wanted Cisco to follow the agreement, not to suck money from the company.

That seems clear. The big winner here is the GPL.

That is a good thing.

Re:Shakedown

I'm not real big on the GPL

Maybe, but you're a complete twat nevertheless.

Re:Shakedown

[lwsimon]

Because I don't prefer to license my code GPL?

Look, I don't have an issue with whatever license an author wants to apply to their code. Community-driven projects make sense as GPL. Personal projects, however, make more sense as MIT in my eyes, so they can be integrated into more larger projects, regardless of license. If you don't want that, more power to ya. I'm not attached to the license ideologically like some of the Linux/FSF community seems to be.

Re:Shakedown

BSD is better because it is essentially public domain.

I know guys who have sold products with tons of BSD code built in with the copyright notices removed and they never get sued by the BSD folks. This is the way open source should work! It's better for corporations and better for software.

Re:Shakedown

[someone1234]

>It's better for corporations and better for software.

From where you sucked that wisdom?
Sure, it is better for stealing corporations.
But why would it be better for the rest of the corporations and software?
GPL'd code remains visible.
BSD gets stolen away.

>I know guys who have sold products with tons of BSD code built in with the copyright notices removed and they never get sued by the BSD folks.
Fine, if the BSD folks are fine with that, it is their 'business', not mine.
I will be happily 'stealing' their freely given code, and do whatever i wish with it (including adding it to my GPL'd code.
I, as a developer, prefer GPL because it means anyone who changes my code will contribute those changes back to me.
And, i don't care a flying fuck if others like that or not :)

Re:Shakedown

[Phroggy]

I'm happy to license my personal stuff GPL, and if somebody wants to incorporate it into a larger project, they're welcome to contact me to make other arrangements. If I own the copyright, I can re-license it however I want.

Re:Shakedown

[lwsimon]

And if your code is so hot I feel I must use it, I'll license mine GPL as well - which I can do, provided I haven't used an incompatible license elsewhere.

I really don't get why people make a software license a religion. Its just business - is the advantage you get by using the product outweighed by its requirements? That's all there is to it, after all.

Re:Shakedown

[Brandybuck]

The GPL is the license, not the license holder, so it cannot "win". But +1 for your religious devotion.

Re:Shakedown

[SL+Baur]

The GPL is the license, not the license holder, so it cannot "win". But +1 for your religious devotion.

I work for Cisco; I enjoy working for Cisco and I obviously want us to come out of this as cleanly as we can.

I am an Open Source developer. I spent some years in charge of XEmacs development. I have great appreciation for the GPL.

A long-standing issue with the GPL was that it hadn't been tested in (US) court. I am sad that this had to go to court (I've advised any of the upper management that I have access to what the GPL means), but I am happy that it was resolved quickly and in favor of the GPL.

Disclaimer: Cisco could have fought this out and maybe won. Then I would have either quit in disgust or got fired for screaming at management.

It took a large lart stick, but Cisco did The Right Thing (in settling quickly) and so did the FSF. Please note that Linksys is an acquisition and whatever practices they had that ran afoul of the GPL DID NOT stem from Cisco.

Fear

[EmperorOfCanada]

This is one of the two big bogeymen that I, as a developer, fear. Licenses like this and patents. If you develop anything on Linux do you have to give out your source code? Link to this maybe, link to that maybe; after enough maybes you can be sure that you have gone one library too far. There is a place for opensource and there is a place for proprietary; and I love them both. Show these licenses (GPL, MIT, Apache, LGPL) to a lawyer and they will just say "stay the hell away from those". The result is that many companies are pushed back into the warm embrace of Microsoft because at least you know where you stand with code compiled with VCPP and any other libraries you bought. It might cost more in the short term but if it means you get to keep the key IP asset of your company safe then it becomes worth it. You might argue that one should just read the licenses but with dozens of developers potentially including libraries that may themselves include other libraries with their own licenses you can't easily be 100% sure.

Re:Fear

You mean this MIT license? The one which says "do whatever you like, just don't sue and provide this notice"? The old Apache license is similar, and 2.0 even includes patent provisions.

Looks like the FUD already worked on you. Not all licenses are the same, nor are all OSS licenses viral.

Re:Fear

[MrEricSir]

Buying a license doesn't buy you legal safety. Look at Apple's license agreements for developers and tell me how "safe" you feel legally developing code for their platforms.

Re:Fear

[lwsimon]

The GPL is the only major license where this is even an issue, and then only if you distribute the software. Unless you're a software company, your "key IP assets" are safe.

Re:Fear

[tomhath]

The only time a company I worked for ran into licensing issues was with a proprietary runtime executable. We had a "freely redistributable" license under 7.0 for the runtime. We upgraded to 8.0, which had a runtime with the same name, but we didn't read the fine print in the new license until later when we were told by the vendor that we owed them a five-figure royalty fee for redistributing the 8.0 version.

Re:Fear

[EmperorOfCanada]

That is what I mean. Some licenses are great and some suck. But some software seems to have a great license but links to software that has a crappy one. Thus you may have just blessed your own product with the crappiest of the bunch. If you link to 100 MIT licensed libraries and 1 of those also links to a GPL licensed product, then you are screwed. Now that QT has gone LGPL I am a happy camper but that happiness goes away if I statically link to QT.

Re:Fear

[david_thornley]

First, find a new lawyer (assuming you're not just trolling).

Second, if your organization is allowing developers to throw in libraries from all over, without checking licenses, you've got some pretty big problems, and you're probably better off if they're using OSI-approved licenses (which at least allow commercial use). That still doesn't mean that the libraries are appropriate or of good quality, which is why I'd be a bit slower to worry about the legal issues.

Third, if you think commercial licenses are easier to work with, you need to read a few. It's very, very common to have little exclusions and conditions in them. There aren't all that many OSI-approved licenses, and you can come up with a list of approved ones for certain projects fairly easily. Besides, the commercial places employ nastier lawyers.

Fourth, there is no risk of having to publish source code, even if you've wrongly linked it with GPLed code and distributed it. That isn't a legal remedy, and no court will order you to do it.

Re:Fear

[hedwards]

Patents is a fair point, but with the GPL it's not exactly ambiguous. If you use their code and distribute the result then you have to provide the source and license your code appropriately.

It's not that hard to figure out in most cases. It can be a bit ambiguous if you're linking in code without thinking about it, but it's not exactly that hard to find solutions.

Re:Fear

Wow. You're pretty stupid.

Re:Fear

[Benanov]

Linking to libraries means you have to follow the license--whatever that license is.

Plenty of proprietary binary-only software exists on Linux that makes "normal" syscalls (as per Linus' definition)

Using GNU utilities means you have to play by the GPL.

Using a proprietary toolkit means you have to play by that license, whether it's per-unit royalties or staying off of certain platforms.

You don't like the GPL? Don't use libraries licensed under it.

Free Software also means Freedom NOT to use/build again the software--but it's quite all or nothing in that respect.

Re:Fear

Don't be silly. Don't spread the F(UD).

Don't want to let the users see the code they will be running on their machines? Don't try to sell the work of others as your own. It's not that hard to know what you can and can't do with free software. I'm not going to get specific, though. Bruce can explain exactly where the line is drawn more eloquently than me.

Re:Fear

[...] if I statically link to QT.

Wtf? Why would you want to do that?

Re:Fear

[SL+Baur]

The result is that many companies are pushed back into the warm embrace of Microsoft because at least you know where you stand with code compiled with VCPP and any other libraries you bought. It might cost more in the short term but if it means you get to keep the key IP asset of your company safe then it becomes worth it.

Like Word Perfect, Lotus 1-2-3, etc. etc. etc. History has clearly shown that if you are making money off of Microsoft Windows based software and are successful enough, Microsoft will cut your throat.

Re:Fear

[bcmm]

Did you end up paying?

Re:Fear

[kisielk]

Show these licenses (GPL, MIT, Apache, LGPL) to a lawyer and they will just say "stay the hell away from those".

Maybe if you have a lawyer who doesn't understand licensing or IP. On the other hand many companies have a good legal grasp of open source licensing and know the limitations and what is safe to integrate and what is not. I work for one such company, and much of our technology is based on open source and scientific software. You just have to know who to ask.

Re:Fear

[Eil]

The result is that many companies are pushed back into the warm embrace of Microsoft because at least you know where you stand with code compiled with VCPP and any other libraries you bought. It might cost more in the short term but if it means you get to keep the key IP asset of your company safe then it becomes worth it.

Except for the clause in every proprietary software license agreement that says:

"We (the company) can change the terms of this agreement whenever we want, without your consent, or even without notifying you that the license has changed. Also, we can terminate your permitted use of the software whenever we see fit, not matter how much you paid for it."

This is a warm embrace to you? I'm not aware of any free software coming with a clause like this. Once the code is licensed, it's licensed, and anyone can use it however they like for as long as they like. They are simply bound to a couple of restrictions in the course of that use or distribution. Nobody (including the copyright holder) can retroactively change the terms of a free software license.

You might argue that one should just read the licenses but with dozens of developers potentially including libraries that may themselves include other libraries with their own licenses you can't easily be 100% sure.

Oh lord. I hope you don't really mean to imply that proprietary licenses are somehow simpler to comprehend, with fewer gotchas, limitations, restrictions, and loopholes than free software licenses. If so, then I seriously doubt you have ever read a single proprietary license in its entirety in your life.

Re:Fear

That's funny as no OSS license is anything near viral, as the term "viral" is a scare word invented by the anti-FLOSS croud that live to FUD anything related to OSS.

Re:Fear

You haven't done enough reading I think.

The people who make the mostly closed-source programming language REBOL(pronounced rebel) at one time and maybe still do had something in their license that if you made a program that you started selling, you'd have to work out a per unit licensing fee with the creators of Rebol.

I wish that were a joke but it is the main reason I'm using Ruby instead of Rebol right now. They also wanted $500 for an SDK(which apparently allows compilation, etc.) for Linux and another $500 for Win32 and another for Solaris and another for BSD....Rebol might be easier but Ruby won't charge me extra $$$(actually NONE) if I need to use it on another platform.

You have to do a lot of questioning to get them to admit the licensing thing over commercial use but you can find people complaining about it on their list.

So what was your problem with open source again? Hidden terms and conditions? Shit, I'll take that any day over what Rebol wanted.

Re:Fear

[drinkypoo]

If you link to 100 MIT licensed libraries and 1 of those also links to a GPL licensed product, then you are screwed.

Screwed? You mean, you have to find the functionality elsewhere, or create it. All you have to do is link to something else and it's no longer a problem. And all you have to do is stop distributing the violating code to be in compliance, unless perhaps it can be shown that you violated the licensing agreement willfully.

Re:Fear

[gnud]

Oh stop whining.
If you pay for QT, you get very good terms for redistribution and tailoring. If not, take what you get and be happy, or use WxWidgets instead. Really.

Re:Fear

[egcagrac0]

Hidden terms and conditions?

Sorry, how are the license terms hidden? A copy of the relevant license is supposed to be included with every distribution of the source, most of the source files probably have a copyright notice and license term link in the opening few lines...

Did I miss something?

Re:Fear

[mzs]

I bought a student version of Borland C/C++ back in the day. It cost $400. One stipulation in the license was that I could only use the tools for educational purposes. Various things were explicitly called-out as prohibited. One was selling software that I built with the tools. I also could only demo my software under certain conditions. The cheapest version of Borland without such restrictions was $1000 at the time. This was the one without much support, no DB stuff (pre dBase, was that Fox), no extender (was it pharlap that Borland bundled back then), no Pascal (pre Delphi), etc. Some things are nicer in this day than back then.

Re:Fear

If you develop anything on Linux do you have to give out your source code?

No, you do not.

If you develop anything on Linux you have to give out the source code of Linux (as you used it, and even then only if you re-distribute it).

You are perfectly at liberty to do whatever you want with your own code that you developed.

Show these licenses (GPL, MIT, Apache, LGPL) to a lawyer and they will just say "stay the hell away from those".

You show software licenses to lawyers who can't read them? Why would you do that?

Re:Fear

[SL+Baur]

So what was your problem with open source again? Hidden terms and conditions? Shit, I'll take that any day over what Rebol wanted.

There are no hidden terms and conditions with Open Source software. I had never heard of Rebol before, but I'll add another - PROMAL. Closed, licensed computer languages are doomed to failure.

Re:Fear

[FrankDrebin]

Let me get this straight. You are saying:

1. I do not know what goes into my own product
2. I fear that lack of understanding and control
3. Rather than gain control and understanding, I prefer to delegate to Bill Gates
4. I'm thirsty, pass the Koolaid

Re:Fear

[Nazlfrag]

Linking to libraries doesn't mean shit, it's only if you are modifying the libraries that anything kicks in. I can develop closed source all day with GNU utilities and merrily put my work under my sole dictatorial copyright without ever thinking of invoking the GPL. As long as I'm not modifying GPLed code, I can do what I want.

It's idiots like you that give GCC a bad name. Developing using GNU tools does not mean you need to be creating a GPL licensed end product in any way, shape or form.

Re:Fear

[Hucko]

Yeah! GPL is biological! ah...

*Check my history, I'm pro-GPL.*

Re:Fear

[Hucko]

Oh lord. I hope you don't really mean to imply that proprietary licenses are somehow simpler to comprehend, with fewer gotchas, limitations, restrictions, and loopholes than free software licenses. If so, then I seriously doubt you have ever read a single proprietary license in its entirety in your life.

I'd doubt they had read the summaries.

Re:Fear

I was actually being a bit facetious about the "hidden terms" thing. *I* am well aware of the terms and conditions of open source and I agree fully about closed, licensed programming languages.

Re:Fear

Sounds like you're just an idiot.

Re:Fear

>If you link to 100 MIT licensed libraries and 1 of those also links to a GPL licensed product, then you are screwed.

Or you write your own 1 library of the GPL lib which is compatible using your own time of your own life.

Re:Fear

[jonbryce]

It is only if you distribute the libraries, or derivative works made from the libraries that anything kicks in.

mention this next time someone says OSS is bad

[fermion]

This is the way that software should be handled. If someone is not in compliance, work with them to get them in compliance.

Compare this to what the BSA is advocating. Essentially any disgruntled employee can put unlicensed commercial software on a computer and then report the violation to the BSA for a reward. Sure companies can put millions of dollars of safeguards to prevent harassment from inefficient employees, but why bother. Just make it a policy to only use free software, and when the BSA comes knocking, show them the policy and the minimal cost efforts that makes all other software the responsibility of the user.

This will also help long term interpretability, as OSS has minimal incentives to obstificate the data to force users to continue to pay the ransom to access said data.

what about IOS violating BASH? N/T

what about IOS violating BASH? N/T

I'm nervous about this

[ruin20]

Cisco releasing the source code for thousands of routers doesn't strike me as being a good thing. I mean it's one thing to develop in an open environment and being open from the start, and I agree security though obscurity is bound to fail but as someone running Linksys routers on my network, I would expect there to be some stepped process, as I don't trust Cisco was totally competent in their development. Imagine if windows source was suddenly made available to the masses, the time it would take to identify, patch, and distribute a fix vs the time it takes to just identify and exploit is a significant window of vulnerability. Security through obscurity doesn't work because it assumes no one will ever find out and people will. But dissemination of that information takes time. Discovery of defect takes time. Opening the source of a previously closed product greatly reduces that time and therefore intensifies the threat. Overall this will lead for a much stronger product but I fear what is going to happen in the first few weeks.

Re:I'm nervous about this

[Ilgaz]

Cisco decided to release their sources right when they used GNU licensed code. If there is a security risk because of being open, it will be their fault and not RMS :)

I think it won't be a bad thing, you will see amazing amount of obvious flaws will be fixed in months as result of it. Especially home devices will benefit. Don't worry, MS thought home users (with unfortunate reasons) that they should update their software for security, performance. All Cisco/Linksys product I have is a dumb gigabit switch but I am sure the smart stuff already has easy update functionality.

Re:I'm nervous about this

[lwsimon]

I must be missing something - I only see where they are releasing the code to version of GPL software used on their routers. That's not the same thing as releasing their OS.

Re:I'm nervous about this

[vertinox]

Cisco releasing the source code for thousands of routers doesn't strike me as being a good thing.

Huh? What part of GPL did Cisco not understand? If they did not want to release their source code, then they should not have used used other's GPL code in their products.

They could have either:

A. Used something under BSD license and kept the code closed

or

B. Wrote their own.

The fact they used someone else's GPL code in their products means they used someone eles's work.

If you are so worried about it, then take your beef up with Cisco for lack of A and B. Not the GPL or FSF. They knew what they were doing.

Re:I'm nervous about this

[ruin20]

I'm not saying that the code shouldn't be released. I'm saying there should be some remediation prior to it being released. Cisco should have to release a new version of their firmware that is completely closed source, or they should offer new routers running open software. I'm saying that everyone is so concerned about getting the code out there NOW and I'm of the opinion that's not necessarily the responsible thing. If I was a major Cisco client, I'd be furious about this. But no one's talking about that.

I'm not defending Cisco, I'm not saying the FSF is wrong. I'm saying there's a big part of the story that seems to be missing and should be discussed.

Re:I'm nervous about this

[drinkypoo]

They also had the option to stop distributing the stuff right now, that is considered a 'remedy' under the GPL. Or at least it was under GPLv2. If you cannot contractually release the code, it is your sole remedy. Or again, was. I'm waayyyy too lazy today. Headache, hard to think.

Re:I'm nervous about this

[mzs]

Cisco got into trouble about this when they bought linksys which made some hardware that used GPL stuff. They used linux, uLibC, BusyBox, Zebra, and other projects. Then they were contacted and they released source that was not really the source used. They then basically corrected that. Then this situation kept repeating a few times.

If you were worried about security, there was a bug in an web page used for ping that let you run arbitrary commands as root on a whole bunch of hardware. This was figured-out before any source was ever released. The thiobor line of firmware for a long time was just a improved version of what linksys provided. When cisco bought linksys they quickly made a vxworks based router/ap to not have to deal with the OSS stuff. There are no secrets in this stuff that has been released like you worry about. It is not IOS.

Re:I'm nervous about this

Yawn - its the lowend router Linksys, not those other CISCO routers with IOS.

The original lawsuit was about the Linksys NAS - which is terribly slow

Re:I'm nervous about this

[dopodot]

They're only releasing source code related to the Linksys products, which were in violation. Cisco acquired Linksys a few years ago -- Linksys still operates mostly as their own company. Cisco proper already has people responsible for ensuring source license compliance and they seem to have done a good job. I don't think there's any GPL code in IOS, which is what it sounds like you're worried about. There's lots of BSD-style code though.

Re:I'm nervous about this

[Fred+Ferrigno]

Linksys always intended to release the code. By and large, they already have. If you follow all the way to the original complaint, it's all about modified GNU tools, not any core router components that Linksys might want to keep secret. Also, they usually would release the source, only they made a lot of mistakes in the process. They'd release the source late, release the wrong version of the source, or forget to include all the necessary tools to build the source, etc.

Even though in most cases Linksys did eventually come into compliance with the GPL, the FSF got tired of having to hold Linksys' feet to the fire. Now the idea is that Linksys will have an internal watchdog instead who will ensure that releases are compliant with the GPL the first time around.

Re:I'm nervous about this

[Virak]

No, there should be no period before it is released, there is no part of the story missing, and it should not be discussed except to say that you are plainly *wrong*. Nobody held a gun to their head and forced them to use GPL code in their routers. As the GP said, they understood, or at least should've, their obligations with regard to using GPL'd code. Either way, they have no excuse for not following them.

If *I* were a major Cisco client, and this caused any security problems, I'd be furious about them using modified versions of other people's code in their product and refusing to follow the terms allowing them to use that code to try to cover up security holes *they* introduced (though regardless, I doubt that was their intent).

Re:I'm nervous about this

[Paul+Jakma]

So are you saying Linksys have started supplying the source for the drivers for the Broadcom wireless in many of their routers?

Re:I'm nervous about this

[Paul+Jakma]

Oh, obviously FSF could only sue regarding software they are the copyright holders to. So not the drivers (that'd require Linux copyright holders to sue), not Busybox, etc.

I wonder if the FSF's settlement was restricted in the same way. I suspect it was, in which case this settlement does not mean LinkSys have or will cease breaching the GPL with their products shipments..

Re:I'm nervous about this

[petrus4]

As I've said before, people use the GPL in order to try and maintain favour/good PR with Stallmanite fanatics, when in practical terms, another license would be a better choice.

The BSD license makes no stipulations as to whether parts of a given program license it or not. Cisco could have licensed 3-5 files of their entire project BSD if they wanted, while still closing the rest completely, and if they then wanted to, they could relicense and close the rest later on, in order to create a product.

The BSD (or similar, such as the MIT) license gives people options, which is part of the non-Stallmanite/loaded language (read: legitimate) definition of the word freedom.

Re:I'm nervous about this

[Fred+Ferrigno]

The complaint doesn't say anything about any drivers. Like I said, it only covers the GNU tools distributed by Linksys that the FSF owns the copyright to.

There was an issue about a version of GCC with modifications for Broadcom's bcm4710 chipset. I don't know if that was covered in this settlement (the complaint does mention GCC), but those changes wouldn't be a part of the driver itself.

Re:I'm nervous about this

As I've said before, people use the GPL in order to try and maintain favour/good PR with Stallmanite fanatics, when in practical terms, another license would be a better choice.

Don't suppose you have the slightest evidence for this ludicrous assertion?

Re:I'm nervous about this

[Paul+Jakma]

So LinkSys are therefore still not in compliance with the GPL?

Re:I'm nervous about this

[thomasdn]

I mean it's one thing to develop in an open environment and being open from the start, and I agree security though obscurity is bound to fail but as someone running Linksys routers on my network, I would expect there to be some stepped process, as I don't trust Cisco was totally competent in their development.

If you don't trust Cisco to be competent in their development of their products, then why do you buy them?

Re:I'm nervous about this

[jonbryce]

Probably not. If it is a separate program that happens to run in Linux, it can have its own licence separate from the rest of the distribution.

Re:I'm nervous about this

[Fred+Ferrigno]

I'm not sure what you're referring to. Distributing a binary-only driver is not necessarily a violation of the GPL.

Re:I'm nervous about this

[Paul+Jakma]

I'm referring to the binary-only driver for the Broadcom wireless, as shipped with several Broadcom 47xx based LinkSys routers.

Why do you think it's not derived from Linux?

Re:I'm nervous about this

[Fred+Ferrigno]

OK, so why do you think it is derived from Linux? I haven't heard anything suggesting it was. Typically, closed-source drivers avoid issues with the GPL by not linking to the kernel and running in userspace like any other application. It's no different than a desktop distro shipping nVidia's binary-only video drivers.

monetary donation?

I like this part:

"and to make a monetary donation to the FSF"

Geesh. Sounds like Al Sharpton going after people, and settling for money.

Re:monetary donation?

[Ungrounded+Lightning]

Sounds like Al Sharpton going after people, and settling for money.

If they'd come into compliance when they first got a nice letter from EFF they'd have been fine.

Instead they stonewalled. So EFF had to spend a lot of money and time to drag them to court.

They cost EFF a bunch of resources, so it's only appropriate that they make a donation to replenish them, keeping the EFF healthy and ready for the next fight.

If EFF runs SOLELY on free-will donations and doesn't go after additional funding in the settlements from people that forced them into expenditures to enforce the licenses, bad guys could grind them into bankruptcy, leave the FOSS with no effective defender (and perhaps cause the copyrights to a lot of FOSS software to be sold at the bankruptcy auction!).

So once the infringers have fought long enough that the EFF has to go to court I have no problem with EFF holding them up for a donation as part of the settlement.

I have no worries that the EFF will turn into a shakedown racket drumming up bogus claims, or that an infringer will be able to buy them off with JUST a donation and continue to infringe.

Re:monetary donation?

[Chabo]

s/EFF/FSF/g;

Re:monetary donation?

[Ungrounded+Lightning]

s/EFF/FSF/g;

Oops! Thanks!

Yeah, thank god Windows is closed source. I

[SmallFurryCreature]

If closed source is secure, then please hook up windows XP to the internet without a opensource router in between.

Thanks for playing clueless scaremongerer. You fail, please insert another coin to try again.

Re:Yeah, thank god Windows is closed source. I

[ruin20]

You misunderstand. Just because you release the code, it doesn't magically become as secure because it's "open source". Open Source is secure because it goes through a process. A process this code didn't see. That process allows for corrections when errors are made. This process takes time. And what I said in my original post is that there is going to be a window between when we, the community, improve the quality of product up to other open source standards, and when the source code is released, during which time there is an elevated threat.

Nearly all software products have vulnerabilities. With open source products, those vulnerabilities get fixed faster, making them more secure. They get developed in ways that are security conscience because the community is watching. With closed source vulnerabilities get discovered slower, but get fixed slower so there's no gain. Additionally, they don't go through the same focus and scrutiny during development, so they tend to have more vulnerabilities at release. Taking something that was developed in secret, widely implemented and then divulging the source doesn't get you any of the benefits of either. Vulnerabilities and exploits are near instantly apparent and discovered, and you don't have the benefit of open development.

If just having the source open to everyone is more secure, then don't ever bother to update firefox or whatever browser your running ever again. Keep doing your banking online with it. Knowing something has security holes is one thing. Telling the world what those security holes are is another thing, especially since there's not development process ready to respond to the vulnerabilities yet. This is like taking a browser that hasn't been patched for two years and pushing it to every third computer in the US. There's going to be a race to patch the system to make it secure and exploit the vulnerabilities and I'm not sure that's something I like.

Re:Yeah, thank god Windows is closed source. I

[Sponge+Bath]

...hook up windows XP to the internet without a opensource router in between.

Be, all that you can be, in a botnet!
Uncle Spam wants you!

Consider this

[Ilgaz]

What about this happening in court? Cisco, a Networking equipment giant going to court against FSF/GNU could make some people like decision making admins mad. If they switch to BOFH mode, Cisco can go chap 11 in a year. There is a guy or bunch of guys deciding to buy million dollar equipment from them and not other brand you know. They are humans and they have their own philosophies. Entire GNU thing started because a large corporation refused to give specs of a printer. Yes, a printer in a lab started all.

Never, ever switch their mode to BOFH :)

Re:Consider this

[Presto+Vivace]

GNU thing started because a large corporation refused to give specs of a printer. I know.

Re:Consider this

Yep, a supposed 'computer wizard' who couldn't even disassemble a printer driver is personally responsible for dividing the FOSS world in two by acting like a complete fucknuckle towards those who share 99% of his philosophy.

Re:Consider this

[Just+Some+Guy]

Yep, a supposed 'computer wizard' who couldn't even disassemble a printer driver

Um, says who? I can read assembler in several dialects, but darned if I wanna reverse engineer a Python program by looking at its bytecode. Even if it was written directly in assembler and not a relatively HLL, in the time when self-modifying code and Mel were common, even a genius would be loathe to binary patch something like that. Just think: the next time they release a new version, you get to start over from scratch!

It's your right to dislike Stallman or disagree with his positions, but you can't objectively call him a bad programmer.

!donation

[nsayer]

Cisco has agreed to [...] make a monetary donation to the FSF.

Um, that's not a donation.

Donations are gifts. Gifts are given freely, not as a penalty for wrongdoing or in return for dropping a cause of action.

Re:!donation

[Anti_Climax]

It's just an issue in the summary write-up, they used the word contribution in the actual acticle.

Re:!donation

If FSF and Cisco both agree that it is a donation, does it matter what anyone else thinks?

Re:!donation

[Toonol]

Yes, if FSF and Cisco are lying or wrong, of course.

Re:!donation

[Ungrounded+Lightning]

If FSF and Cisco both agree that it is a donation, does it matter what anyone else thinks?

Make that "... and the IRS" and I'm with you.

If other people think it was a disguised damages award, so much the better - both for the EFF's bargaining position next time out and to promote a reduction of the number of infringers in the future. B-)

Freedom

[spun]

GNU is about freedom. Let's say I wanted to punch you in the face. I have the freedom to do so, unless you have the power to stop me. But trying to stop me is taking away my freedom to swing my fist, under your definition of freedom. Under my definition of freedom, your right not to get hit in the face outweighs my freedom to swing my fist wherever I like.

The GPL and the FSF help protect developers and end users from getting punched in the face by companies like Cisco. The GPL and the FSF help protect freedom, unless you define freedom as 'I get to do whatever the hell I want and screw the rest of you.'

Re:Freedom

[InMSWeAntitrust]

It seems BadAnalogyGuy has a second account.

I kid, I kid.

Re:Freedom

[spun]

I know, eh? AC below me explained it MUCH better...

Re:Freedom

[SL+Baur]

The GPL and the FSF help protect developers and end users from getting punched in the face by companies like Cisco.

It was Linksys (a Cisco acquisition) not base Cisco.

I am sure that I will not be the only Cisco employee forwarding this result up the reporting chain applauding the result.

We did the Right Thing here, though it should never have gotten to court. It was also one of our guys who had the legal blog that was against the RIAA. We are not the bad guys.

Disclaimer: I work for Cisco, I do not speak for Cisco.

Re:Freedom

[syousef]

GNU is about freedom. Let's say I wanted to punch you in the face. I have the freedom to do so, unless you have the power to stop me. But trying to stop me is taking away my freedom to swing my fist, under your definition of freedom. Under my definition of freedom, your right not to get hit in the face outweighs my freedom to swing my fist wherever I like.

Wait till he's not looking THEN hit him in the face. Problem solved.

Re:Freedom

[Brandybuck]

Your confusion over freedom is resolved if you consider the property rights. You own your fist, I own my face. (Even the most anti-property anarcho-socialist agrees that people should at least have ownership of themselves). You can do what ever you want with your property so long as you do not violate the property of others. You can swing you fist, but not so far that it connects with my face. If you hit my face you violate my rights.

In regards to the GPL software, what are the property rights? To some people, there are none because copyright is not a legitimate property. These people think it's okay to copy and distribute other people's music, for example, because it not legitimately owned. The FSF seems to be in that camp, because the FSF explicitly states that software should not be owned. But if no one owns the software, whose rights are violated? Cisco is not punching anyone in the metaphorical face.

Thanks for the FUD, shill

[spun]

You can link to as many LGPL libraries as you like, so stop with the FUD, okay? A competent lawyer would never tell you to stay away from any of the licenses you mentioned, only a fool would make a blanket statement like that without understanding the specifics of the situation.

You can easily be 100% sure of the libraries you link to. If they are LGPL, MIT, or Apache, you have no problem. Whatever they link to has to be under the same license, or they could not release.

You are purposely spreading FUD, you do not respect open source, and I suspect you are a paid shill because it looks as though you copied and pasted that post directly from a Microsoft playbook.

They did get fees

[Benanov]

There was a donation made to the FSF from Cisco as part of the settlement.

Betcha "attorney's fees" were what that was for...

RTFA

[spun]

Who said anything about Cisco releasing the source to their routers? Please read the article before working yourself into a tizzy over nothing.

Re:RTFA

[Dragonslicer]

This is a tax deductible donation to a 501(c)3 charitable foundation, agreed to as part of a out of court settlement. It was freely given, Cisco could have gone to trial instead.

If the alternative is being taken to court, you can hardly call it a "freely given" donation.

Re:RTFA

[spun]

Okay, but it is a donation. The important part is that it's tax deductible. I don't think we really have a word for 'tax deductible contribution given under duress,' so 'donation' will have to do.

Re:RTFA

[nsayer]

This is a tax deductible donation

The correct word is "contribution," not "donation." Modern dictionaries don't draw much distinction between the two words, but if you look at the origin of each word, contribute comes from the latin for "bringing together," and donate comes from the latin for "giving." It is more precisely correct to describe an involuntary transfer of funds that is still tax deductible as a "contribution" rather than a "donation."

To say that Cisco acted voluntarily since their alternative was going to trial is like saying that a mugging victim acted voluntarily giving the thief his wallet, since he had an alternative of being stabbed.

It turns out, as others have said, that they used the correct word in TFA and that the problem is with the /. summary.

Re:RTFA

[Nethead]

I think state sales tax falls under that.

Re:RTFA

[nsayer]

I don't think we really have a word for 'tax deductible contribution given under duress,'

Yes, we do.

Re:RTFA

The Latin idiom poenas dare, to pay (literally give) the penalty, from do (where as you pointed out the word donation comes from) doesn't seem to jibe with the implication of voluntary action you're associating with the English word donation.

Re:RTFA

[bug1]

Perhaps the FSF didnt want to put a price on it, so they required cisco to pay what they think is fair.

In that situation, cisco has choice in the amount they pay rather than if they pay or not, they amount the choose is far more powerful than the demand of having to pay something, so its reasonable i think to consider it a donation.

But then again i didnt RTFA, so i could have it all wrong.

Re:RTFA

[petrus4]

I can only assume that this was modded Insightful by your fellow cultists.

I suppose in a way, it's something to be admired. Loyalty in really any form is rare, these days.

Re:RTFA

[DNS-and-BIND]

Uh, no. This was quite clearly a bribe. It was not freely given. Trust me, after living overseas for 6 years, and bribing my share of officials, this couldn't be more obvious. It's just because Americans aren't accustomed to engage in bribery every day that everyone's supporting the ridiculous "donation" cover story.

Re:RTFA

[spun]

Your bitterness is delicious.

Re:RTFA

[jonbryce]

Is state sales tax tax deductible?

Re:RTFA

[nsayer]

Idioms never do. By definition, an idiom is "a group of words established by usage as having a meaning not deducible from those of the individual words."

Re:RTFA

Okay, fair enough--but check Lewis and Short for do and I think you'll find plenty of meanings there that don't imply voluntarism, including my admittedly idiomatic example.

Re:RTFA

[mgabrys_sf]

So, is this still "troll tuesday" (whatever the fuck that means to your little virgin brain) or are you still trying to get the last word in like a person who hasn't seen a woman naked?

I'm guessing the latter of the two - but please - prove me right.

Re:RTFA

[mgabrys_sf]

So, is this still "troll tuesday" (whatever the fuck that means to your little nerd brain) or are you still trying to get the last word in like a person who hasn't seen a woman naked?

I'm guessing the latter of the two - but please - prove me right.

It's a license, not a contract

[bzzfzz]

The GPL is a license, not a contract. Failure to comply with the GPL cannot result in having to give out source code that you wrote. On the other hand, it may result in a suit for infringement. In contrast, most commercial products are covered by contractual agreements that don't have that safety valve.

Licenses for closed-source commercial products are no better, just different. There are all kinds of restrictions on what and how you can distribute from the Microsoft Visual Studio tools. There are termination clauses in the contract. And despite all the M$ bashing, that contract is relatively liberal and lightly enforced compared to most commercial software tools, particularly those for phones and embedded devices.

I used to work for a Fortune 100 company that allowed us to use GPL code with less red tape than certain commercial products. The difference? The commercial products had an enforceable indemnification provision that could have cost millions of dollars had things gone badly.

RTFA

[spun]

This is a tax deductible donation to a 501(c)3 charitable foundation, agreed to as part of a out of court settlement. It was freely given, Cisco could have gone to trial instead.

Somewhere...

[dwiget001]

... anti-GPL trolls are sobbing silently in the dark. Boo fricken hoo!

Re:Somewhere...

[petrus4]

No, we aren't. It's on record that cults generally don't outlive their founder, and he's getting on in years.

The only thing that those of us who dislike the FSF really need to do is wait, at this point. The group is primarily Stallman's cult of personality, and as I've already said, now that they're not producing code any more, they don't have any hugely compelling reason to exist.

Once Stallman dies, the group will collapse. It might take a couple of years, perhaps; but a look at the historical pattern with cults strongly suggests that it will happen.

Re:Somewhere...

[icebraining]

You know, Stallman is 56, so by that rationality the FSF would survive another 30 years, more or less. Well, most groups I know lasted way less than that.

Besides, the purpose of the FSF is to promote and defend their view of the users rights, not develop code. That would be GNU's purpose, AFAIK.

Re:Somewhere...

[dwiget001]

Ah, how bitter.

The GPL, as a license, will survive, Stallman or no Stallman.

Re:Somewhere...

[jonbryce]

Yes, but there is likely to be a power struggle to determine who replaces him at the helm; and that's what could destroy the FSF as an organisation.

Possibly Creative Commons or the Open Source Initiative could end up taking over as the main standard bearer for Free Software.

If you act now

[huckamania]

You get a Free Software Director.

Disclaimer: Free Software Director is not 'free', nor 'software'.

Re:If you act now

[Amazing+Quantum+Man]

With purchase of a second Software Director. *

* Free Software Director must be of equal or lesser value than the purchased Software Director. Limited to supplies on hand. Offer void where prohibited.

Surprised this wasn't mentioned

[biggerboy]

John Chambers is now required to grow a neckbeard.

You'll have to make a decision at some point.

You could always write your own code. With great effort come great returns. Taking the easiest, fastest way gets you easier, faster and potentially lesser returns... which also means you haven't wasted as much time if your product fails, so it's always a tough call.

But THAT is what freedom is.

[tjstork]

The GPL and the FSF help protect freedom, unless you define freedom as 'I get to do whatever the hell I want and screw the rest of you.'

That is, in fact, what freedom is. If you want genuinely free software, go public domain. Free software isn't free. It should be called restricted public software, not "free".

Re:But THAT is what freedom is.

[drinkypoo]

Free Software is about the software remaining free. It is actually a more descriptive term than saying "free software" when you mean you don't have to pay. The end result is more freedom for the user, if not the programmer. The user is more important.

Re:But THAT is what freedom is.

[CarpetShark]

And I suppose you also think public domain is more "free" due to the fact that a company could take a public domain cola recipe, place it in a fancy red/white can, tell everyone they must have "Coke", but refuse to give it for free, even though they only modified it slightly, rather than inventing it?

Yeah, good call. I'll take your brand of freedom please; it sounds like we'd be onto a winner with that.

Re:But THAT is what freedom is.

[Magic5Ball]

In the last 10,000 years, science and engineering have done pretty well for enhancing themselves and have let anyone else do the same by not encumbering their algorithms in legal protections. Even with modern patents, the maximum duration of exclusivity over an algorithm is less than 20 years, after which anyone can muck around as they please for fun and profit.

Algorithms such as cola recipes do not need to be protected in the first place (our society demonstrates this by the fact that anyone can implement and sell a liquid with the same formula as the one that Coke sells, they just can't call it Coke for very good consumer protection and trademark reasons). However, it's a very good thing to be able to protect exclusivity over specific implementations since there are valuable social and monetary assets tied to particular meatspace implementations of algorithms, just as there should be the ability to protect exclusivity over particular non-meatspace implementations of algorithms. When I purchase a DVD labeled Apple OS X 10.5, I do not want something containing a QNX installer.

But that's not the kind of protection GPL adds for the producer or consumer. GPL for software tries to prevent particular implementations of algorithms (products) from being used in unauthorized ways, and does not claim to protect any particular algorithms (otherwise it would have the same conceptual failings as business process patents). So clearly, GPL is not intended to protect algorithms, but possibly to protect particular implementations or rights of their implementers.

GPL's restrictions on how an implementation may be redistributed (must include a link/copy of the GPL and distribute code if redistributing) would be analogous to Coke prohibiting the redistribution of remixed products such as cola-battered chocolate crumbles unless each cola-battered chocolate crumbles comes with a copy of the recipe, no matter how the redistributor of the instance of Coke used came to acquire that instance of the Coke, even if the chocolate crumbles are not advertised as being a Coke-containing product. If the waste products from the production of cola-battered chocolate crumbles ends up being sold in commercial compost, a copy of the recipe for the compost would then have to accompany each bag of compost, even if the compost is not advertised as being a Coke-containing product. Ad nauseum. In this simple instance, GPL would add nothing to actively protect a particular implementation or its implementer, so the kinds of things it protects are not analogous to tangible goods, nor are the freedoms it enhances related to those tangible goods.

So what does it protect and what freedoms does it enhance? Copyrights perhaps? If we consider software to be like books or artwork, where each licensed copy is protected, a number of issues arise:
1) If copyright terms remain related to the life of the creator, at what point should a particular version of GPL-licensed software fall into the public domain? If GPL requires tracking the providence of each contributor to a work to determine length of copyright before I can use a work which falls into the public domain, GPL-licensed code has the effect of being more difficult to re-use than code protected under copyright alone, or code in the public domain.
2) If GPL claims to be an enhanced copyright protection, the doctrine of first sale says I can buy a copy of a book, make a derivative work by pasting/cutting from it, and then resell that copy without restriction as long as I'm not representing the altered work as an original. Does GPL permit me to obtain one copy of GPL-licensed source code, modify it, and then install that instance to a router to be distributed without a copy of the modified source code? If not, GPL has the effect of being less free than code protected by copyright alone, or code in the public domain.
3) If GPL claims to be an enhanced product labeling or consumer protection, it does no better than existing consumer protection legislation in terms of disclo

Re:But THAT is what freedom is.

[icebraining]

"If GPL requires tracking the providence of each contributor to a work to determine length of copyright before I can use a work which falls into the public domain, GPL-licensed code has the effect of being more difficult to re-use than code protected under copyright alone, or code in the public domain."

No, just treat it as GPL always. You're waiting for the developer to die so you can use the code without GPL restrictions? Really?

"Does GPL permit me to obtain one copy of GPL-licensed source code, modify it, and then install that instance to a router to be distributed without a copy of the modified source code? If not, GPL has the effect of being less free than code protected by copyright alone, or code in the public domain."

On the other hand, your users (the guys who buy the router), will be more free, as they will be able to adapt their router's code to their needs. BSD (and Public Domain) ensures developers freedom, but doesn't ensure the end-users freedom. GPL restricts some freedom to the developers to ensure the end-users freedom.

"Does the GPL intend to prevent exploitation of end users of its code--for example, those who pay for re-skinned VLC or BitTorrent clients thinking that they are the official clients with those brands? If not, the use, availability and popularity of GPL-licensed code has the effect of potentially making it easier for malevolents to exploit naive consumers through adulterated software than in the absence of GPL-licensed code."

No, but I don't think the BSD or MIT license prevents that either, does it? By that line of thought every software should be closed source to protect the people who can't do a web search for "free video player" or "free torrent software".

Re:But THAT is what freedom is.

[Magic5Ball]

No, just treat it as GPL always. You're waiting for the developer to die so you can use the code without GPL restrictions? Really?

The ability to determine whether a work is or is not in the public domain mas more significant consequences beyond simple code reuse. It can be difficult now to track down the rights holders for even single author works older than a couple decades, which stifles legal reuse in whole or in part. GPLed works have the potential to include contributions from thousands of authors whose individual contributions to the whole are both distinct but very difficult to attribute in most cases.

This will become a sustainability issue in the circumstance that millions of instances of some (hardware or software) device, whose manufacturer no longer exists/supports it, have been deployed containing GPL-licensed code needing a critical fix, but which was authored by some combination of living and dead authors who are unable to be contacted, nor are able implement the fix. There would obviously be room for some smart third-party consultants to spend some resources to learn how to fix the code, and then to offer to fix each instance of it, but there would be little to no commercial incentive to do so since the ability to exclusively charge for the fix (beyond the first instance) cannot be assured. Potential instances of this problem include OpenSSH embedded in routers, web browsers embedded in appliances, kernels in controllers, drivers for wireless chipsets etc. In future we might want also to emulate the hardware/software in use today but which is no longer easily accessible. In these cases, the GPLed source code would be available but would also be encumbered for legitimate proprietary reuse due to ambiguity over copyright holders. (If submarine patents are a problem for innovation now where the timeframe is limited to around two decades, the number of potential claimants is small, and potential issues are available in a public database, consider the potential of a 99 year timeframe with thousands of potential claimants who can't be settled as a class, where there is no database of potential issues.) Imagine writing the holo-book "100 Years of the Linux Kernel" and needing to interactively demonstrate system calls to see how it would be legally easier to decompile/copy a 10 GHz AMD processor that would be out of copyright than to figure out if you could include a particular version of GPL-licensed VirtualBox.

Thus, if we speak of broad freedom to advance the useful arts and sciences, the kind of de facto perpetual copyright by obscurity obtained through the use of GPL is no better than the almost perpetual copyright extensions we loathe Disney and Co. for seeking. If we speak of narrow freedom to lord over particular files containing particular implementations, GPL probably enhances the freedom of those who wish to perpetuate the GPL.

No, but I don't think the BSD or MIT license prevents that either, does it?

After attempting to exhaust other candidates for the kinds of freedoms GPL tries to enhance, my point was that GPL does not appear to do anything useful for consumer protection, not to bash BSD or MIT licenses. In the absence of GPL, responsible copyright holders will ensure that they do not license their work to malevolent distributors and have some reasonable tools to attempt to prevent the malevolents from distributing unauthorised modified binaries without detection. Such avenues are explicitly made unavailable in the GPL. I would argue that the developer whose work has been hijacked for malevolent purposes has more freedom to fix the problem under any number of generic proprietary software licenses than under GPL. (An alternative interpretation is that GPLed works have some extra kind of as yet unexplained privilege above other copyrighted works, such as software and books, that excludes or immunizes GPLed works from first sale doctrine. In that case, GPL would be no better or worse for this kind of consumer protection, and a number of current business models would be non-viable.)

Re:But THAT is what freedom is.

[Brandybuck]

They couldn't call it "Coke" because that would be fraud and misrepresentation. But they certainly could put it in a red can and call it "cola". I see absolutely nothing wrong with that.

Re:But THAT is what freedom is.

[Brandybuck]

The developers and end-users you mention are the SAME people! They are both the licensees. If the users are free to adapt their code, then they must be developers. And if the developers can use a library in their application, then they are end-users. They are the same people. It's a very flimsy definition of freedom if it depends on what hat you happen to be wearing at the time.

No good reason to be nervous.

[jbn-o]

There's no good reason to be nervous. Adovcating for obscurity through secrecy is never wise, not in the short term nor in the long term. In your scenario the vague threat you point to always existed, it was a matter of time before it was fixed and (so long as the software was non-free) never under anyone's control to fix except the proprietor (who may have become uncooperative). Software freedom doesn't become a bad idea because it becomes real late in the process. Software freedom is always better than non-freedom.

Freedom to pirate?

[spun]

Is that freedom? Because that is essentially what companies want to do to developers who release under public licenses: pirate their code. How is the freedom to pirate any kind of freedom?

If I want to kick you in the nuts, is it taking away my freedom if you stop me? This is no different. Nobody gets to do whatever they want unless they live as a hermit. You choose to live in society, you follow the rules. Enforcing the rules that everyone agrees to live by is not reducing freedom, it is increasing it.

Missing tags

[overshoot]

Why should they?

They shouldn't. /. still doesn't have <sarcasm> tags. I thought I had been clear enough that my comment was tongue-in-cheek, but it sure looks like three moderators didn't pick up on it either.

Re:Missing tags

[Hucko]

There is always the ~ tag that some poster was trying to get off the ground. 'course, to be compliant you have to

<~> </~>

.

Cisco was not trying to be obstinate

[goffster]

From what I remember, Cisco was not trying to get away with anything. They were so big that different parts of the same company were violating the terms of the GPL, and could not be reigned in easily.
I think what FSF was able to do was to force Cisco to "reign them in".

Re:Cisco was not trying to be obstinate

[Chirs]

The word you're looking for is "rein". As in, the straps used to control a horse or other animal.

There is no monarchy at Cisco, so "reign" is not appropriate.

FSF shows us how to handle infringement

[jbn-o]

Whenever we talk about the work we do to handle violations, we say over and over again that getting compliance with the licenses is always our top priority.

This cannot be said enough, particularly amongst a crowd that discusses the latest goings-on with the corporate media lobbyists they (justifiably) hate: Unlike the major corporate media copyright holders, the FSF sues and gets license compliance which is what they're really after. You'll notice that the FSF isn't seeking to bankrupt Cisco (even while recognizing that corporations aren't people). This is a far cry from what the MPAA, RIAA, and other corporate copyright holders pursue with the public—economic domination.

And, as I've said before, violating the GPL is not like violating other licenses and here's another way in which that is the case: GPLv3 has language which makes the situation better for violators who correct their behavior. As the plain language guide to the GPL explains, under GPLv2 a violator had to beg the copyright holder to have their rights under the GPL restored because those rights vanished instantly and permanently upon license violation. Under GPLv3 section 8 violators catch a break: "if you violate the license, you'll get your rights back once you stop the violation, unless a copyright holder contacts you within 60 days. After you receive such a notice, you can have your rights fully restored if you're a first-time violator and correct the violation within 30 days.". Other free software licenses have no similarly forgiving language; it appears that under the new BSD license if one violates any of the 3 conditions listed in the license one loses permission to "[redistribute] and use [the covered program] in source and binary forms" because the violator reverts to the default state of copyright: no permission to copy, share, or modify.

Re:FSF shows us how to handle infringement

[petrus4]

Other free software licenses have no similarly forgiving language

That's because other (read: legitimate) free software licenses generally don't need them.

I'm tired of hearing people claim that the FSF is anything other than a disease, to be honest. Maybe back when they were still actually developing or maintaining software, you might have been able to claim that they were doing something useful; but these days they don't really do anything other than rabble rouse and occasionally legally harass people.

I know, I know...you're going to say that the only reason why the FSF goes after people in court is because they violate the GPL. If the GPL wasn't blatantly anticommercial, however, it wouldn't be an issue; if Cisco had simply used something BSD licensed, they could have done what they liked and the court case never would have happened.

Of course, we know the reason why people who have no intention of complying with the GPL use it; it's because they want to curry favour with the freaks who've drunk sufficient amounts of Stallman's Kool Aid that they actually think it's a genuinely worthwhile license.

The GPL 2 I can tolerate, but the GPL 3, no. The license aside, however, one thing that has always been true is that the FSF are a textbook destructive cult, and Stallman himself is the proverbial aspirant cult leader; he's the computing world's answer to Lefayette Ronald Hubbard.

Development of the GNU project has been primarily handed over to Red Hat at this point, and as I've already said, I consider the GPL 3 a bad and overly restrictive license, even if v2 wasn't. Given those two points, the FSF have been reduced to not much more than a group of low budget terrorists, and the organisation should thus be abolished at this point. If it has ceased maintaining software or generating real code, it has outlived its' usefulness.

Re:FSF shows us how to handle infringement

[Nazlfrag]

I think the forgiving language there is the three conditions the BSD license imposes. With such trivial requests anyone violating should lose any and all protection afforded by the license.

Re:FSF shows us how to handle infringement

[laughingcoyote]

Other free software licenses have no similarly forgiving language

That's because other (read: legitimate) free software licenses generally don't need them.

I'm tired of hearing people claim that the FSF is anything other than a disease, to be honest. Maybe back when they were still actually developing or maintaining software, you might have been able to claim that they were doing something useful; but these days they don't really do anything other than rabble rouse and occasionally legally harass people.

I know, I know...you're going to say that the only reason why the FSF goes after people in court is because they violate the GPL. If the GPL wasn't blatantly anticommercial, however, it wouldn't be an issue; if Cisco had simply used something BSD licensed, they could have done what they liked and the court case never would have happened.

Of course, we know the reason why people who have no intention of complying with the GPL use it; it's because they want to curry favour with the freaks who've drunk sufficient amounts of Stallman's Kool Aid that they actually think it's a genuinely worthwhile license.

The GPL 2 I can tolerate, but the GPL 3, no. The license aside, however, one thing that has always been true is that the FSF are a textbook destructive cult, and Stallman himself is the proverbial aspirant cult leader; he's the computing world's answer to Lefayette Ronald Hubbard.

Development of the GNU project has been primarily handed over to Red Hat at this point, and as I've already said, I consider the GPL 3 a bad and overly restrictive license, even if v2 wasn't. Given those two points, the FSF have been reduced to not much more than a group of low budget terrorists, and the organisation should thus be abolished at this point. If it has ceased maintaining software or generating real code, it has outlived its' usefulness.

Little bitter?

The canard that the GPL is "anticommercial" is silly, but it's repeated often enough it's worth dismantling.

The GPL is not in any way anticommercial. It explicitly permits commercial use. When I license my code under the GPL, I'm accepting that someone can take that code and make billions from it, and they will not owe me a nickel. I'm not presenting that as a negative, mind you. When one licenses under any free license, that is one of the freedoms one is granting to everyone in the world.

Many proprietary licenses, on the other hand, are "blatantly anticommercial", in that they contain restrictions or additional payment/royalty requirements for commercial use, or ban various types of commercial use entirely. Try making an improved version of the Windows kernel and offering it for sale. You will very quickly see "blatantly anticommercial", and I would venture a guess that this would come in the form of "legally harass[ing]" that would be quite swift and more than occasional. It will happen every time.

What the GPL does require is quite simple. If you're going to take my code, improve it, and profit from it, you're required to share those improvements, just as I did for you in the first place. And even that's only true if you redistribute. If you improve my code and use it for your own in-house purposes, but do not distribute it, you don't even have to follow that requirement. It's only when you start distributing that code that the requirement to share the source kicks in.

There are anticommercial licenses out there, including effectively all proprietary licenses and many others. One Creative Commons license (CC-NC) is quite explicitly anticommercial. That's its very name, "noncommercial"! That does not of course mean commercial use is impossible, as anyone who wants to use material licensed under such a license is free to contact the copyright holder and work out terms for it to be licensed to them for commercial distribution. This license serves those who are willing to say "I will let you redistribute and modify this if not for a profit, but if you intend to ma

Re:FSF shows us how to handle infringement

[backwardMechanic]

You're not very good at this are you? I know you're trying to spread FUD, but you made me laugh. Go and read the ODF thread and see how the big boys play.

Re:FSF shows us how to handle infringement

the FSF have been reduced to not much more than a group of low budget terrorists, and the organisation should thus be abolished at this point.

the FSF are a textbook destructive cult, and Stallman himself is the proverbial aspirant cult leader; he's the computing world's answer to Lefayette Ronald Hubbard.

Troll or just Flamebait? You decide.

Re:FSF shows us how to handle infringement

[Eunuchswear]

Of course, we know the reason why people who have no intention of complying with the GPL use it; it's because they want to curry favour with the freaks who've drunk sufficient amounts of Stallman's Kool Aid that they actually think it's a genuinely worthwhile license.

EDOESNOTCOMPUTE

Stealing GPL code as a way to curry favour with FSF fans?

You seem to be losing it.

Re:FSF shows us how to handle infringement

[jbn-o]

It's important not to conflate easy compliance with infringement forgiveness. When we're talking about infringement we're talking about the set of people/organizations who have already decided to not go the easy route and meet the license's (possibly very easy) terms and what those people/organizations must do to regain their rights under the license. Easy compliance doesn't do anything to help infringers regain what they have forfeited—their rights under that license.

So it sounds like you agree with me then that the new BSD license has no infringement forgiveness language in it; but you believe the new BSD license has no need for such language whereas I haven't given my opinion on the need for that language.

SCORE!!!

From teh OP:

and to make a monetary donation to the FSF

And thus is revealed what the lawsuit was really about. And who says FOSS isn't profitable?

Re:SCORE!!!

[jbn-o]

If compensation was "what the lawsuit was really about" why bother with license compliance at all? Please justify the logic behind your post.

Why would that matter?

[jbn-o]

I'm not sure how that is relevant. Cisco multiply infringed on FSF's copyrights for software intended to grant everyone software freedom. This turned a would-be partner into an adversary in court. No matter how big the Cisco corporation is or what they were trying to do, they should not be allowed to deny their users software freedom. So I don't understand how we can know what Cisco was trying to do nor do I see how it matters.

Re:Why would that matter?

[goffster]

I am not saying they should be allowed anything. I am glad that the FSF lawyers were there to help them set their priorities :) . I just wanted to point out this was not willful infringement. (If I have my fact straight)

Re:Why would that matter?

[jbn-o]

Given what Brett Smith said about Cisco's trail of infringements spanning 5 years, I'd say you don't have your facts straight and Cisco probably was willfully infringing. I find it hard to reconcile the following description with some kind of series of accidents:

As we always do in violation cases, we began a process of working with Cisco to help them understand their obligations under our licenses, and how they could come into compliance. Early on it seemed likely that we could resolve the issues without any fuss.

While we were working on that case, though, new reports came in. Other Cisco products were not in full compliance either. We started talking to the company about those as well--and that's how a five-years-running game of Whack-a-Mole began. New issues were regularly discovered before we could finish addressing the old ones.

During this entire time, Cisco has never been in full compliance with our licenses. At first glance, the situation might look good. It's not difficult to find "source code" on the Linksys site. But you only have to dig a little deeper to find the problems. Those source code downloads are often incomplete or out-of-date. Cisco also provides written offers for source, but we regularly hear about requests going unfulfilled.

Despite our best efforts, Cisco seems unwilling to take the steps that are necessary to come into compliance and stay in compliance. We asked them to notify customers about previous violations and inform them about how they can now obtain complete source code; they have refused to do this, along with the other reasonable demands we have made to consider this case settled. The FSF has put in too many hours helping the company fix the numerous mistakes it's made over the years. Cisco needs to take responsibility for its own license compliance.

Settling is common after examination.

[jbn-o]

So perhaps Cisco settled because their lawyers were made aware of the FSF's warnings of litigation, chose to stonewall the FSF, received a copy of the FSF's complaint, saw that the FSF was serious and examined the GPL licenses, examined what their programmers had been doing, figured that they could not win in court, and concluded it wasn't worth fighting? Eben Moglen, longtime GPL defender, says this is how it often goes down (""Why would you want to pay serious money," we have asked, "for software that infringes our license and will bog you down in complex legal problems, when you can have the real thing for free?" Customers have never failed to see the pertinence of the question." he said in 'Enforcing the GNU GPL' and similar discussion at his talks). Getting compliance out of multiple large organizations who could easily pay for lengthy million dollar lawsuits sounds to me like an affirmation of the validity of the GPL.

Cisco has some long-term work to do.

[jbn-o]

And kudos to Cisco for supporting the GPL in the end, even if a few hard-headed managers had to get larted.

I wouldn't be so quick to hand out these kudos; the non-compliance can return. This, I suspect, is why Cisco needs a Free Software Director who regularly reports back to the FSF. As the FSF's Compliance Engineer Brett Smith pointed out in 2008, "Despite our best efforts, Cisco seems unwilling to take the steps that are necessary to come into compliance and stay in compliance." (emphasis mine). Smith wrote that 5 years after the FSF learned that Cisco was not complying with the GPL and the FSF had been getting nowhere with its attempt to silently get Cisco to comply—what Smith called "a five-years-running game of Whack-a-Mole". Cisco and the FSF recently arrived at their agreement. It will take years to convince the public that Cisco is compliant and will remain compliant with those that treat Cisco so nicely as to share their work in whole with Cisco. "The end" you refer to is nowhere near here. Good will to correct wrongdoing on this scale takes time to sow.

Joined the FSF today

[iamvego]

This news inspired me to join the Free Software Foundation today.

Know what you do

[microbox]

I guess you just gotta /know/ what libraries your linking to. It's really nowhere near as complex as actually understanding how to program the libraries.

Life's full of hassles - the law ain't going to change that.

Re:Know what you do

[Frank+T.+Lofaro+Jr.]

Life's full of hassles - the law ain't going to change that.

The law adds plenty of hassles of its own.

Yup, only buying GPL-compatible routers

[Concern]

Just helped a friend shop for routers at his small business. Criteria: only routers where open source linux firmware can be flashed.

Without this, there is literally no working QoS in the consumer price range. And many other problems are common to the crap stock firmwares, from both Linksys and their competition (D-Link, Netgear, etc). This is even the case for routers with "QoS" advertised prominently on their packaging.

With DD-WRT, the difference was immediate and obvious. QoS works, and a bunch of VOIP phones suddenly become rock solid, where before they were unusable. And then there are the extras, from vastly advanced UIs to realtime bandwidth graphs to SIP trunking to you name it.

I have no idea why these router companies don't all work with the community, but I am not so surprised more of them are starting to get it. Sad that the FSF had to resort to a lawsuit to get Cisco's attention, to get their compliance act together. But everyone wins in the end.

Re:Yup, only buying GPL-compatible routers

[Frank+T.+Lofaro+Jr.]

Sad that the FSF had to resort to a lawsuit to get Cisco's attention, to get their compliance act together. But everyone wins in the end.

Not too surprising, since Cisco is HUGE. I was in San Jose in 2001 and while on the trolley went past their campus, it was a whole neighborhood of buildings. Absolutely enormous.

It takes big companies a while to react.

I'm glad Cisco did the right thing (finally). Now if they could push for more IPv6 adoption...

GPL is openness, not freedom.

[tjstork]

It's not more free. The user is not allowed to sell the software or take ownership of it. That's not free at all. It's, a public ownership, but its not more freedom. Freedom implies ownership, and if there is no ownership, there is no freedom.

I'm not saying the GPL is somehow wrong. It isn't. It's good at what it does. But it's about community and openness, not freedom. Freedom is the right to own, the right to have secrets. The right to do whatever you want.

And the irony is that, the GPL really only solves a problem that really can't exist anymore. The whole motivation behind the GPL was that RMS was ticked off because someone grabbed and sold emacs and there wasn't a damned thing he could do about it because it was in the public domain. The threat, held up, is that, if you don't enforce openness, in the GPL, and prohibit commercialization, then, that would undermine the ability of users to get the free software. But, even in the case of emacs, it didn't. In fact, the free emacs is the one that has survived, and all the companies that tried to commercialize it and close it off don't exist any more. Same thing with C++, Unix in particular. Where's SCO at? Gone. Where's Sun Solaris at? Dying. Where's AIX at?

You could make the argument that the GPL isn't even necessary.

I think the reason for this is actually engineering. Let's say I wanted to take Linux and sell it and close it off, and could do it. Well, first off, I'd have to add a lot of extra value to Linux to be able do that. Otherwise, nobody would pay for something that they could get for free. Chances are, if you have to add that much value, now you are probably going to have rework original code to do it. So at best then, the free thing becomes a scaffold and you have to eat the costs of developing all of it. SO there's a whole catch 22. If you commercialize free software, you don't get the sales because you didn't do anything with it. If you rewrite everything to add a bunch of new features to get the sales, you aren't really getting the benefit of the free software.

Re:GPL is openness, not freedom.

[drinkypoo]

The user is not allowed to sell the software or take ownership of it.

The user IS allowed to sell the software, but not to take ownership of it.

Unless the user is also a developer they will never do this anyway. Which comes full circle back to my point that users have more freedom with GPL than with Public Domain.

Making software Public Domain actually reduces the original author's freedom in some ways; namely, you lose the freedom to reincorporate changes from publicly distributed forks.

The threat, held up, is that, if you don't enforce openness, in the GPL, and prohibit commercialization

Wrong! Pure FUD. Nothing about the GPL prevents commercialization.

You could make the argument that the GPL isn't even necessary.

You could, but you'd be wrong. It fills a need. You claim that the GPL wasn't necessary to defeat the unlicensed versions of EMACS, but we will never know if you are correct simply because the GPL was created and thus did figure into the issue of EMACS derivatives, however slightly. We will never know what would have happened there without the GPL.