GPL Case Against Danish Satellite Provider

Rohde writes "The number of satellite and cable boxes on the Danish market using Linux has significantly increased during the last couple of years. The providers Viasat, Yousee and Stofa all provide HD receivers based on Linux, and all of them fail to provide the source code or make customers aware of the fact that the units are based on GPL licensed software. I decided it was time to fix this situation and luckily the Danish legal company BvHD has decided to take the case. We are starting with Viasat, which distributes a Samsung box including middleware and security from NDS, and you can follow the case here."

linux is not freeware

[Scotch42]

at some stage, manufacturers will realize the hidden cost of using GNU/Linux in their embedded platforms... For commodity gadgets and tools, it will not be an issue to share the internals are the hardware will be the added value. But for unique items that should not be the case and therefore some other toolkit with no ogligation to share modifications should be preferred.

And I'm making my living with GNU/Linux tools only ;-)

More often, I see my customers using GNU/Linux because it's without licenses to pay for the final product. But they do not realize theyr obligation to share... And it'is very difficult to educate them.

Does fellows /.ers have similar issue with customer?

Re:linux is not freeware

[EponymousCustard]

Nobody ever mentions Sky+ box (owned by rupert murdoch - probably at least a million of them in the UK) but I'm pretty sure that (1) it is built on linux (2) the community would benefit from some mods they do

Re:linux is not freeware

[jimicus]

I don't think people are going to go back to rolling their own in the embedded market - anyone with any experience in embedded software development will tell you that Linux makes life a hell of a lot easier because all of a sudden a lot of things you would otherwise have to write from scratch are basically included. And it can be a lot of work to port a userland package developed for Linux to something like VxWorks.

Coming at it from another angle, every couple of years there's an article about how even in the Western world, some absurdly large proportion of companies use pirated software. What makes you think that the GPL will make them suddenly compliant?

What I think is more likely is that companies will start to take licensing seriously. For instance, my current employer is careful to architect our design so that anything we don't want to reveal to the world is a pure user-land tool without GPL dependencies. But in auditing our code, we've come across quite a few open-source projects which have borrowed from each other without first checking that their licenses are cross-compatible.

Re:linux is not freeware

[LordKronos]

Everything which you distribute which is GPL licensed puts an obligation on you to distribute the source code.

If I sell a computer with ubuntu installed I have offer ubuntu sources to the customer.

I'm just asking here, but
1) Does that apply if the customer only leases the cable box? The actual purchaser of the box would be the cable company.
2) Does it apply if the customer doesn't even lease it, but merely uses a loaner cable box (for free)? If so, does that mean that if I let other people use my linux based computer, I'm obligated to let them know it uses linux and that they can get the source code from me?

Re:linux is not freeware

Because, as much as software companies like to squeal about it, most people don't see pirated software as a big deal.

They do, however, don't like to see a gift freely given in the spirit of cooperation being abused... "you were given that for free with the sole condition that you share it with others too." It's a very simple message - the sort of lesson that good parents teach children early on.

Re:linux is not freeware

[Registered+Coward+v2]

I don't think people are going to go back to rolling their own in the embedded market - anyone with any experience in embedded software development will tell you that Linux makes life a hell of a lot easier because all of a sudden a lot of things you would otherwise have to write from scratch are basically included. And it can be a lot of work to port a userland package developed for Linux to something like VxWorks.

The key part of the embedded market is that it is teh device and support, not the software per se, that is valuable. TIVO offers a user experience that's worth $14 a month to many people; even if I rolled my own TIVO the cost to replicate that experience is so high that it makes no sense to try to compete with them. Similarly a controller is often a critical part of a process system, and companies want assurances it will work properly; and aren't interested in the cheap knockoff with the same software. So Linux gives companies an inexpensive way to create a product where the value is in what they add, not the software. As a result, the GPL requirements are a small price to pay in exchange for its advantages in software development. In addition, there's nothing from preventing a company from mixing GPL and proprietary software in a product; they just need to keep each properly separate to avoid license violations.

Coming at it from another angle, every couple of years there's an article about how even in the Western world, some absurdly large proportion of companies use pirated software. What makes you think that the GPL will make them suddenly compliant?

Lawsuits; although I prefer education - many companies may not understand the GPL and need to learn what it requires. I'm amazed at the ignorance out there around such issues - for seem reason people equate found on the internet with free to use however I want.

Re:linux is not freeware

[Curien]

Does that apply if the customer only leases the cable box?

That's an interesting question. I suppose it hinges on the legal definition of the word "possesses".

does that mean that if I let other people use my linux based computer, I'm obligated to let them know it uses linux and that they can get the source code from me?

You have not distributed anything, so the terms of the GPL do not apply.

Re:linux is not freeware

[TheRaven64]

But in auditing our code, we've come across quite a few open-source projects which have borrowed from each other without first checking that their licenses are cross-compatible

That's not always obvious. For example, I've contributed the same code under an MIT license to one project and GPLv3+runtime exemption to another project. If you compared the project licenses, you might think that the MIT-licensed project copied the GPL'd code and relicensed it, but if you check the author of the code in both cases you will see that this was done legally (because I retain copyright and can relicense the code however I please).

Re:linux is not freeware

[Your.Master]

That's interesting, but isn't that a hole in the license? Couldn't a company set something up similar to Hollywood Accounting, except instead of laundering the profits away from the obligations it launders FOSS binaries away from the source obligations?

13 whole days to lawsuit

[Seraphim_72]

You sure are generous. This smells more like troll than do gooder. I thought the States held the award for being sue happy. kudos to you for bringing it to the old country. IMHO you are poorly representing the GPL. We want friends and converts, not enemies. Email, call, send certified mail, not lawsuits. Sueing them makes you and us look like fuckwits.

Sera

Re:13 whole days to lawsuit

[RAMMS+EIN]

``We want friends and converts, not enemies. Email, call, send certified mail, not lawsuits. Sueing them makes you and us look like fuckwits.''

Yes. On the other hand, how many notices do companies still need to get? They get the license itself (which they should have read - without the license, they would be infringing on your copyright by distributing your software), the short summary of the license (not legally binding, but makes the conditions pretty clear to anyone who bothers to read it), and, by now, plenty of cases have been filed and reported about (often against companies who do similar things, so if you keep up to date with what happens in your field, you probably know about it).

Yet, companies continue to barge ahead and use software without abiding by the license, simply because they can. If we continue to go after companies on a case by case basis, and start by being nice and notifying them before taking legal action, we will be letting many projects off the hook. That's fine as far as being friends with the people in these projects go (unless they are annoyed by the simple fact that they're doing something wrong and need to take corrective action - which is not unlikely), but what about the rest of the world? What about those who contributed to the software? What about the users of the modified software, who aren't given all the rights they ought to be given?

Think about it in terms of value. What's happening is that the contributors to the software are pouring some value into it. The conditions in the license state that the value has to be passed on to those who receive the software. Instead, what's happening is that some company is pocketing it all. Now, do we really want to be nice to them? I think the answer is "yes", but, at the same time, we must not fail to realize exactly how much these companies are ripping us off, whether they do it on purpose or through negligence.

Re:13 whole days to lawsuit

[Splab]

Good for you, but here in Denmark things works differently. 2 weeks notice is plenty of time, often people just go straight to Fogedretten and gets injunctions against the offending parties.

Does Russian Ministry of Defence violate the GPL?

[RCL]

They use customized Linux ([archived page with details]) and don't even bother to provide the source with each copy.

What's worse, they change copyright notices of existing programs to their employees and do not include GPL license text in their "distribution".

Is it a GPL violation? They don't distribute MSVS outside of MoD and its numerous branches (state companies) - you can't neither buy nor download the system. Is it Ok to do the aforementioned things then?

Re:Huh

But, for commercial Linux based hardware or software products, that still doesn't get one away from having to make available source for any GPLed products you distributed. The one exception to that, that I know of, is if you burn it into ROM, such that neither you nor the customer can upgrade it without physically replacing that chip, THEN you can ship GPL based hardware /without/ having to ship sources.

This is incorrect; all versions of the GPL require you to provide source code.

Where you appear to be getting confused is that version 3 of the GPL additionally requires that software embedded in a "user product" is provided with any "installation information" which is necessary to replace the software (e.g. if the device requires upgrades to be digitally signed, you must provide signing keys). However, this specific part doesn't apply if the software cannot be replaced by anyone, including the manufacturer (e.g. if it's in ROM).

Why don't they use *BSD?

[harlows_monkeys]

I don't understand why the embedded systems world hasn't embraced one of the *BSDs, to avoid this kind of thing?

Re:Probably impossible for them to comply

[Dog-Cow]

Those would be reasons they don't want to comply. Not reasons they are unable to.

It seems to me that a simple solution is to make it legal to pirate (to use the vernacular) any content received with these boxes. Actually encode into law that any media transmitted to these boxes automatically enters the public domain for as long as the software's license is violated. They'd clean up really fast or lose their market.

kernel modules

[crow]

The whole argument that kernel modules must be GPL is seriously flawed. A kernel module is just another application that the OS can run, albeit by a different API at a different security level.

There is some issue of compiling against the kernel header files (which I believe are GPL, not LGPL), but arguably, they're defining the API, not generating code, so the resulting code should still not infringe on the Linux copyright or be considered a derivative work.

Re:Positive move?

[Antique+Geekmeister]

And this is the whole point of "Trusted Computing", Microsoft's much applauded "security" suite that fortunately seems to be have shown as seriously flawed that I'm just not seeing anyone developing for it. The signature/authentication/encryption chip was built into the motherboard or the CPU: there was a very tight toolchain to have signed tools open other signed tools to access data, designed to prevent non-authorized tools from reading media but also able to protect data files.

The problem was it was also clearly designed to control bootability and hardware access, although that got little attention: if you don't have a Microsft signed key boot loader, kernel, and application set, you can't boot the box or open a hard drive. Period. And even other company's keys would reside in Microsoft's hands, since they would hold the backup copies of everyone's _private_ keys.

It was nasty, nasty, nasty stuff. and I'm glad it seems to be stillborn.