FSF Settles Suit Against Cisco

Saint Aardvark writes "The Free Software Foundation has announced that they've settled their lawsuit with Cisco (reported earlier here). In the announcement, they say that Cisco has agreed to appoint a Free Software Director for Linksys, who will report periodically to the FSF; to notify Linksys customers of their rights; and to make a monetary donation to the FSF. An accompanying blog entry explains further: 'Whenever we talk about the work we do to handle violations, we say over and over again that getting compliance with the licenses is always our top priority. The reason this is so important is not only because it provides a goal for us to reach, but also because it gives us a clear guide to choosing our tactics. This is the first time we've had to go to court over a license violation.'"

Re:This is the first time we've had to go to court

Or maybe the FSF (unlike some other IP-related litigants out there) only wants people to comply with the GPL, and will settle once the defendant agrees to do so (as opposed to extorting money out of the defendants)?

FSF should've claimed the attorney-fees-to-date it had to incur, but that's about it. If they were to push for any kind of "punitive" damages, or *AA-style ridiculous "compensation fees" that would portray them as just another trolling IP extortionist. Kudos to the FSF for going for what's right rather than what's rich.

Re:This is the first time we've had to go to court

[baomike]

Why should they? If you get what you want with out the risk of a trial
you are MUCH better off. Trials are risky,they do not always go as planned.
As for a cooperative solution , much better (and cheaper) than an advisarial one.
As for change , I hope not, they seem to be doing well.

mention this next time someone says OSS is bad

[fermion]

This is the way that software should be handled. If someone is not in compliance, work with them to get them in compliance.

Compare this to what the BSA is advocating. Essentially any disgruntled employee can put unlicensed commercial software on a computer and then report the violation to the BSA for a reward. Sure companies can put millions of dollars of safeguards to prevent harassment from inefficient employees, but why bother. Just make it a policy to only use free software, and when the BSA comes knocking, show them the policy and the minimal cost efforts that makes all other software the responsibility of the user.

This will also help long term interpretability, as OSS has minimal incentives to obstificate the data to force users to continue to pay the ransom to access said data.

I'm nervous about this

[ruin20]

Cisco releasing the source code for thousands of routers doesn't strike me as being a good thing. I mean it's one thing to develop in an open environment and being open from the start, and I agree security though obscurity is bound to fail but as someone running Linksys routers on my network, I would expect there to be some stepped process, as I don't trust Cisco was totally competent in their development. Imagine if windows source was suddenly made available to the masses, the time it would take to identify, patch, and distribute a fix vs the time it takes to just identify and exploit is a significant window of vulnerability. Security through obscurity doesn't work because it assumes no one will ever find out and people will. But dissemination of that information takes time. Discovery of defect takes time. Opening the source of a previously closed product greatly reduces that time and therefore intensifies the threat. Overall this will lead for a much stronger product but I fear what is going to happen in the first few weeks.

Re:Fear

You mean this MIT license? The one which says "do whatever you like, just don't sue and provide this notice"? The old Apache license is similar, and 2.0 even includes patent provisions.

Looks like the FUD already worked on you. Not all licenses are the same, nor are all OSS licenses viral.

Re:Shakedown

[lwsimon]

I'm not real big on the GPL, but this is hardly a shakedown. More like repeatedly begging them to abide by the terms they agreed to, taking them to court, then settling before going to trial where more $$ could have be obtained from them.

FSF wanted Cisco to follow the agreement, not to suck money from the company.

Re:Fear

[david_thornley]

First, find a new lawyer (assuming you're not just trolling).

Second, if your organization is allowing developers to throw in libraries from all over, without checking licenses, you've got some pretty big problems, and you're probably better off if they're using OSI-approved licenses (which at least allow commercial use). That still doesn't mean that the libraries are appropriate or of good quality, which is why I'd be a bit slower to worry about the legal issues.

Third, if you think commercial licenses are easier to work with, you need to read a few. It's very, very common to have little exclusions and conditions in them. There aren't all that many OSI-approved licenses, and you can come up with a list of approved ones for certain projects fairly easily. Besides, the commercial places employ nastier lawyers.

Fourth, there is no risk of having to publish source code, even if you've wrongly linked it with GPLed code and distributed it. That isn't a legal remedy, and no court will order you to do it.