GPL Violations By D-Link and Boxee

An anonymous reader submitted a link to a bit of a rant on GPL issues connected to D-Link and Boxee. They spend quite a bit of time explaining "Tivoization is a dangerous attempt to curtail users' freedom: the right to modify your software will become meaningless if none of your computers let you do it. GPLv3 stops tivoization by requiring the distributor to provide you with whatever information or data is necessary to install modified software on the device."

Cue the flamewars

[betterunixthanunix]

Is it that time of the day already? Time for a free software vs. open source vs. "I just want something I can use damn it!" flamewar...

Re:Cue the flamewars

Really? I don't see any flamebait material here, just an article about a (purported) violation of the GPL - a company has taken opensource software and are supplying modified versions of it without fulfilling their side of the GPL: They are either not supplying the sourcecode in a state where the user can verify it, alter it and use it or are specifically stopping the user from altering the code they are given.

What isn't clear (to me) is whether the clauses relating to an author or company supplying code which cannot be modified and used on the device (due to checksumming or some other nefarious means) is in violation of GPLv2, and which version of the GPL the software Boxee uses is.

Re:Cue the flamewars

[Gordonjcp]

Basically GPL is a violation of my rights to publ,ish source code and make money off of it. No one has the right to force me to release my developed code for free.

You're under no obligation to release your code under the GPL. You can release it under any licence you want. If you choose not to abide by the GPL, you cannot base your software on GPLed code. Go and write your own software from scratch, and don't steal mine.

Re:Cue the flamewars

[jimwelch]

Do you mean this? Or are you just being "cute" or a devils advocate? Did you forget your sarcasm tag?

Re:Cue the flamewars

[robmv]

Easy, do not link to GPL code. You ask for your rights but do not want to respect the rights of the GPL code authors?, When you link to GPL code, nobody is forcing you to release your code, your decision to link and use GPL and distribute it is what force you to do that, do not want to do it? do not take the decision to use GPL code in your software

Re:Cue the flamewars

[gstoddart]

Basically GPL is a violation of my rights to publ,ish source code and make money off of it.

Not true ... it prevents you from taking code you got under the GPL, modifying it, and releasing it as closed source. You are free to write your own code from scratch. You just can't write derivative works and not play by their terms.

Things like LGPL allow you to use the library to connect to, and the stuff you write is completely your own and you can do anything you like with it.

GPL is really another word for socialist run software development.

Yes, that's true. If you want to have your code not be "tainted" by the implied socialism of a license which forces you to share, then don't start with GPL'd code as a base.

You're arguing that you should be able to take the GPL code, modify it, and then change the terms of the license so you don't have to play by the rules. If you want to do that, something like a BSD or an Apache license might be more suited for you. But, just because you want to take GPL stuff and make it not GPL, doesn't mean you have any right to use the code in a way that violates their license.

You are completely free to write something from scratch and not look at anything GPL'd at all. If you don't have the time and energy (or the skillset) to write your own version ... well, nobody is required to provide it to you. You're whining about the GPL being socialist while at the same time acting like it's someone else's responsibility to write the software you base your own off ... which is socialism, but geared to your benefit.

Re:Cue the flamewars

[ThunderBird89]

No one has the right to force me to release my developed code for free.

You're right. Nobody has the right to do that, IF you developed the code from scratch yourself. If you took someone else's work, which was published under the GPL, and ran with it, however, the original developer has every right to bring you to court and have them force you to release, if not the whole thing, at the very least the relevant sections.
If you don't want to release your stuff, fine, don't. But don't use GPL-protected material during development either!

GPL is really another word for quid pro quo, or bittorrent: you get, but you have to give back too.

Re:Cue the flamewars

[0123456]

GPL is really another word for socialist run software development.

Actually, 'socialist software development' would be where you let someone else develop the software, then steal it and put your name on it.

Re:Cue the flamewars

[poetmatt]

While I get the humor of your trolling, how does any of that say that GPL is or isn't free, or how is that even part of the discussion?

Re:Cue the flamewars

[pnewhook]

Everything you say is true. My issue with GPL is that they call it 'free as in freedom' This is clearly not true. That should be the motto for BSD. GPL is more like free as in no cost to purchase, bit it is not free in the non monetary sense given the restrictions that come with it.

Re:Cue the flamewars

[pnewhook]

Agreed. Then is isn't free as in freedom then is it?

Re:Cue the flamewars

[pnewhook]

Because it is touted as 'free as in freedom' but comes with restrictions. BSD fits that motto better as I can do anything I want with BSD code. GPL is only free as in no cost to purchase.

Re:Cue the flamewars

[jedidiah]

I'm sorry we are violating your liberty by preventing you from committing rape and murder.

Fortunately, we do not use the Marquis de Sade's notion of what liberty means.

Re:Cue the flamewars

[ThunderBird89]

Theoretically, I should be free as in 'no money asked', but I'm not sure about that, it might allow for charging for the code. If it doesn't, you 'pay' back the copying by returning your efforts/improvements/contributions to the commons.

Re:Cue the flamewars

[pnewhook]

Huge binaries and ridiculously long compile times?? No thanks.

Re:Cue the flamewars

[Gordonjcp]

Maybe you should look at licenses that don't place any restriction on what people do with your code.

Then, once you've got a really great project, I'll take it, place it under my own licence that forbids you from even mentioning it again, and call it my own. Since I can afford scarier lawyers than you, there's nothing you can do about it.

How does that sound?

Re:Cue the flamewars

[thaylin]

Tell me, in a free society are you able to do anything you want, or are you able to do what you want as long as it does not infringe on the rights of others? The GPL is free as in Freedom..You can take someone's code, and modify it however you like, you can use it however you see fit, but you still must not infringe on the rights of the author. It is the right of the author to put restrictions, just like it is the right of a free society to make laws that make sure you live within the rules of that free society.

Re:Cue the flamewars

[ThunderBird89]

That's free, like speech. This is free, like beer. Big difference.

If you've got something against it, use the BSD license, or write your own for all we care.

Re:Cue the flamewars

[b0bby]

It's free as in freedom *for the end users*, not for the person using the code in a commercial product. An end user can freely take the code and do what they want with it, and never release any of their changes. If, however, someone wants to redistribute it (as in, say, a Boxee box) then they need to follow the rules of the GPL & allow the end user the same freedom that they had. It's pretty simple really.

Re:Cue the flamewars

[gstoddart]

My issue with GPL is that they call it 'free as in freedom' This is clearly not true. That should be the motto for BSD. GPL is more like free as in no cost to purchase, bit it is not free in the non monetary sense given the restrictions that come with it.

Well, yes ... that's hard to dispute, and it more or less comes down to some philosophical stuff which not everyone always agrees with.

I guess it depends on "which" version of "free" you mean ... free as in beer, free as in free, free as in Libre, and who knows what else.

BSD is free and unencumbered, and it has its place.

GPL is free almost in the sense that the software itself is "liberated" and has its own rights, intended to ensure that the software remains equally free for anybody who might ever want it, and that you can't take away the rights of the software to remain free -- I like to think of the GPL'd software as almost emancipated and with a stake in things.

Some software is free as in free, but you have no rights to do anything with it or make derivative works.

The GPL is more like a "bill of rights", both for the software and anybody who might like to use it, and is intended to benefit pretty much everybody, in perpetuity, and part of the way it achieves that is to limit the extent to which you can take it and stop adhering to that ideology. Since it uses copyright as its foundation, it necessarily has to retain restrictions to you ... you only have rights to make copies of this work if you adhere to the terms. BSD is more along the lines of "have this for free and do anything you like", no restrictions or limitations, no obligations ... just code to do with as you please.

Unfortunately, the two camps often have very opposite points of view in terms of which is "better" or "more free" -- I've used both fairly extensively, and they each have their place. It's really hard to come down on one side or another without it more or less devolving into screeching monkeys, which is what usually happens when this comes up on Slashdot. :-P

Re:Cue the flamewars

[h4rr4r]

That is what he means. He wants to take GPL software, and use it in his work and not share-alike.

Re:Cue the flamewars

[ShadowFlyP]

It is free as in freedom. The question is who is the freedom for. You're looking at it from the wrong point of view.

The GPL attempts to ensure the freedom of the end-user while BSD gives freedom to the developer. The origin of the GPL stems from frustration over having to deal with (as a user) bugs and lack of features in closed-source code:

"I had already experienced being on the receiving end of a nondisclosure agreement, when someone refused to give me and the MIT AI Lab the source code for the control program for our printer. (The lack of certain features in this program made use of the printer extremely frustrating.) http://www.gnu.org/gnu/thegnuproject.html"

By ensuring that users have the right to the source code (GPLv2) and the right to run their own modified source code (GPLv3), the GPL gives freedom to them.

Re:Cue the flamewars

[pnewhook]

Simple yes, but restrictive and not free as in freedom.

Re:Cue the flamewars

[Millennium]

Basically GPL is a violation of my rights to publ,ish source code and make money off of it.

If you want to make money off of what you publish, you are free to do so. One specific business model is verboten -namely, closing the code- but that is only one business model among many. A number of companies are doing quite fine making money off of open-source code, and they do so in a number of different ways. The only thing stopping you from doing this same thing is that you don't want to. That's your prerogative, of course, but you have no grounds to complain that you are being prevented from making money.

No one has the right to force me to release my developed code for free.

By default, no. The GPL is an agreement, not a law. You yourself give the authors of GPL software the right to force you to open your code when you agreed to use their software: those are the terms of the agreement. If you don't want to agree, that's fine: just don't use GPL'd code, and you're golden.

It is a companies right to protect their IP...

Completely correct. This is why you should not violate the IP rights of the author of GPL'd source code by closing it. If you don't like those terms, fine; don't use GPL'd source code.

...and GPL prevents that.

Completely false. In fact, in order to make it work for you, you're going to have to protect your IP. You will, however, not be allowed to tread on the IP rights of the authors of the code you are selling: not your own, and not anyone else's. If you are uncomfortable with this, all you have to do is not use GPL'd code.

All free softare if truly free should be GPL.

Um... did you miss some words in your sentence here? It doesn't make sense in the context of the rest of your post.

Re:Cue the flamewars

[mrchaotica]

The GPL is not free in the same way that I'm not "free" to murder you.

Re:Cue the flamewars

[pnewhook]

Did you miss the part where I would have to release any changes to it even if those changes were meaningless to everyone else? I'm not talking free as in cost, I'm talking free as in n o restrictions which is what 'free as in freedom' implies. Exactly my point is the GPL should change their motto to 'free as in no purchase price' as it is NOT free as in freedom.

Re:Cue the flamewars

[pnewhook]

You cannot say that I can use it however I see fit, but then say it also has restrictions. The two are incompatible. BSD is truly use as I see fit and fits the free as in freedom motto much better than GPL.

Re:Cue the flamewars

[shentino]

It's not in the spirit of free software to mop up "free" code and turn around and slap it into a proprietary product.

It's like eating fruit without planting a seed.

Re:Cue the flamewars

[jimicus]

The GPL explicitly doesn't ban selling the product - the FSF has always been very clear on that.

Of course, a side-effect of the GPL is I can buy one copy of a product and release the source code totally free of charge out of the goodness of my heart and there's nothing the person who sold it to me can do. Which means it's vanishingly unlikely anyone will ever have much luck trying to sell GPL'd software.

Re:Cue the flamewars

[Eunuchswear]

All that proves is one of the utilities in the distro uses GPLv3. This strikes me as irrelevant, as I could install this under Cygwin on a windows machine and it would not automatically apply GPLv3 to Windows itsel

That's not the point. If you had gpgv2 on windows you could update it, Windows won't prevent you from doing that.

If you have gpgv2 on this boxee thingy you can't update it - the tivoisation prevents that.

That is a gplv3 violation, so they have no right to distribute gpgv2.

This may or may not apply to other software on the boxee.

Re:Cue the flamewars

[Tanktalus]

Here's the basic issue. gpgv2 is GPL3. It's in the box. The user cannot modify it, as per the GPL3 license. Thus, Boxee is failing to meet the GPL3 license obligations.

It doesn't matter if the main code is proprietary. It doesn't matter if the kernel is GPL2. What matters in the court of law is that this particular piece does not live up to the license obligations that the author placed on the code as a condition of copying. If the authors of gpgv2 sued, Boxee would lose, assuming the GPL stands up in court (which I expect it would).

Re:Cue the flamewars

[Issarlk]

Freedom of the _software_ not the people.

Re:Cue the flamewars

[Eunuchswear]

Nobody said you can use it as you see fit.

GPL says you can use it as you see fit providing you give the same freedom to anyone you distribute the software (the original, or your modification of the original) to.

If you find this a great burden then don't use the GPL software and stop whining.

Re:Cue the flamewars

[monkeythug]

Hyperbole aside, they are in fact the same principle.

You live in a free country, however you do not have the freedom to abridge anyone else's freedom.(killing them would be a pretty convincing way of doing that).

Re:Cue the flamewars

[Bing+Tsher+E]

See you in five years once you have a working implementation!--all harshness aside, you're free to have no connection to foss.

Consigning somebody to a sort of 'siberia' because they don't follow the party line seems a bit... well, stalinist.

I was going to misspell it 'stallmanist' but decided not to.

Re:Cue the flamewars

[Bing+Tsher+E]

I would be careful about equating it with bittorrent.

Bittorrent is just a pipeline, and it's used widely to circumvent the copyright on other people's works. And copyright law is the only 'teeth' the GPL has for enforcement.

That's the inherent contradiction of the GPL and a large part of the slashdot community.

Re:Cue the flamewars

[gstoddart]

Actually, 'socialist software development' would be where you let someone else develop the software, then steal it and put your name on it.

Actually, that's more like outright theft or Stalinism -- we're taking it from whether you like it or not.

The GPL is socialist more like the way a co-op works ... participation is voluntary, and is intended to benefit everybody. If you don't want to participate in the co-op, you are free to go elsewhere.

Since you still retain the freedom to not use the GPL'd software in any way, shape, or form ... you're free to opt out of the "socialism" part. That doesn't mean you should be able to derive the benefit without playing by the same rules. As a matter of fact, you're explicitly prohibited from that.

Essentially, the GPL is a "social contact" where everybody agrees to play by the same set of rules, meant to provide a level of benefit to everybody. You're all in, or you're all out. But, if you're not helping everyone else out according to the rules, you have no right to expect a share in their labors.

Re:Cue the flamewars

[ThunderBird89]

I was just referring to the operating principle of torrents: get more by giving back what you have.

Re:Cue the flamewars

[coats]

NO!! We are violating your liberty to steal my work and violate my rights as the author.
-- Carlie Coats
author/distributor of >380,000 lines of GPL/LGPL environmental modeling code

Re:Cue the flamewars

[Raenex]

Hyperbole aside, they are in fact the same principle.

No, actually they're completely different. One is committing violence, while the other involves a voluntary acceptance of goods.

Re:Cue the flamewars

[Korin43]

Maybe you should look at licenses that don't place any restriction on what people do with your code.

Then, once you've got a really great project, I'll take it, place it under my own licence that forbids you from even mentioning it again, and call it my own.

With many licenses, you could redistribute the software with a new license, but you're making it sound like you could change the license of the original (which you can't). You can place your copy under whatever restrictive license you want, but it doesn't change the fact that the original is still free (and the original author probably owns the copyright).

Since I can afford scarier lawyers than you, there's nothing you can do about it.

Having scarier lawyers has nothing to do with it. BSD-style intentionally let other people re-license the code, because some people want their code to be usable by anyone, even if it means less ideological purity.

Re:Cue the flamewars

[coats]

I've got one word to describe you: Thief! -- Carlie Coats
Author of >380,000 lines of GPL/LGPL environmental modeling code.

Re:Cue the flamewars

[noobermin]

So because one little kid doesn't want to follow the rules we change the game? S/he really is free to have no connection if s/he wishes to have none, no one is forcing him/er to use other said resources.

Oh, but may be those resources are the best of the price for his/er? Well, may be it is because the open source model is actually worth a shit and produces good stuff (note I said open source, I'm not siding with stallman). S/he's free to go "roque" and pay someone to make the base or make it him/erself. Not sure s/he'll be alive long enough for that.

And that's a million "s/he"'s, we need a gender neutral third person pronoun :(

Re:Cue the flamewars

[Raenex]

It's free as in freedom *for the end users*

But that's just a bunch of propaganda, 1984 Newspeak style. Adopt the word "freedom" where it actually means "restrictions". What compels a free man to not copy? What compels a free man to give away source code? Surely it isn't freedom.

Re:Cue the flamewars

[noobermin]

Your arguments are becoming simple semantics and buzz-words, not to mention repetitive drivel.You're trolling is getting weaker mannn ;D

Re:Cue the flamewars

[DaHat]

That's not what TFA says... nowhere in it did I see "download gpgv2 sources, compile, attempt to run on Boxee device, see cryptographic error due to GPLv3 violating limitations."

Simply shipping GPLv3 software on a box does not mean that everything is covered by it.

Re:Cue the flamewars

[b0bby]

I agree that the BSD license is more free in one sense, but I also think that the one restriction in the GPL leads to more freedom overall. But really it's just semantics, and you can argue it either way. And I'm sure there will be plenty of that here!

Re:Cue the flamewars

[KingMotley]

Sounds good to me. My lawyers will just ask for 10 times possible damages, and I'll be able to retire.

Re:Cue the flamewars

[KingMotley]

The same way DRM allows you to play stuff, but it comes with restrictions? You mean that kind of freedom?

Re:Cue the flamewars

[Qzukk]

This is clearly not true.

Only if you define freedom in the strictest, purest, most idealistic sense, used by nearly nobody in the real world.

As an American, I don't have the freedom to become someone else's slave, yet I would consider myself to be "free". In the real world, freedom is not an absolute, and there is no government agency declaring what it means to be free or have freedom.

Re:Cue the flamewars

[b0bby]

What compels a free man to give away source code? Surely it isn't freedom.

The free man chooses to use the code, and accepts the terms it's offered on. He was free to use it, and needs to allow others the same freedom. If he's not willing to do that, then he can use something else. I agree that it's not absolute freedom, but it's ensuring that the freedom you have enjoyed doesn't end with you.

Re:Cue the flamewars

[nabsltd]

If it was free, that payback should be optional as in BSD, not forced as in GPL.

You misunderstand two things:

• what is "free" in the term "free software"
• that "free" does not refer to money, but rather to liberty

Basically, under the GPL the software itself is "liberated" (which is commonly called "free") and cannot be "locked up" without a violation of the license.

Re:Cue the flamewars

[drsmithy]

BSD is free and unencumbered, and it has its place.

GPL is free almost in the sense that the software itself is "liberated" and has its own rights, intended to ensure that the software remains equally free for anybody who might ever want it, and that you can't take away the rights of the software to remain free -- I like to think of the GPL'd software as almost emancipated and with a stake in things.

The key difference is that the BSDL affects code you write, and the GPL affects code other people write.

If you want your code to remain "free", then use the BDSL.

If you want other people's code to become "free", then use the GPL.

The LGPL is the fairest balance, IMHO. It's a shame it sees relatively little support, but that's usually what happens to compromises.

Re:Cue the flamewars

[The+End+Of+Days]

Well, you can try... but I can take it from you and give it away and you can't do anything about it.

It's effectively impossible to sell GPLed software. Everyone makes money on a support model, or via some violations (like say this story)

Re:Cue the flamewars

[batkiwi]

It's like freedom of speech. Just because you don't like what someone does with that freedom doesn't mean that it's "less free" than free speech with caveats and limitations to prevent you from saying words someone else has said. It makes it MORE free.

Re:Cue the flamewars

[nosferatu1001]

No, you can use GPL software however you like - if you want to copy and distribute it, THAT is when it comes into play

DRM can prevent you from even using it. Very different

Re:Cue the flamewars

[monkeythug]

Way to miss the point!

If I tried a car analogy, would you say "that's completely different, one is about cars the other is a voluntary acceptance of goods"?

Re:Cue the flamewars

[jimwelch]

Bittorrent is just a pipeline, and it's used widely to circumvent the copyright on other people's works.

What proof do you have of the % of users or files that are "stolen"? Many legitimate users and providers are using it in a legal way. Or are you using "common sense", i.e., no proof, just accusations?

Re:Cue the flamewars

[Hal_Porter]

Yeah, it's like the great days of 1989 when the software in Eastern Europe revolted and demanded to be under an Open Source License. Or right now in the Middle East where bits are rebelling and demanding an end to them being proprietary and the right to be checked into a public CVS server.

Re:Cue the flamewars

[Raenex]

Miss the point? You are trying to equate involuntary violence upon another person with voluntary acceptance of goods. We outlaw the first for good reason. In other words, you provided a bad analogy.

Re:Cue the flamewars

[monkeythug]

Firstly it's GP's analogy, not mine. Secondly it's just an example - the actual point I was making was to refute GGP's assertion that the GPL prohibition on distributing binaries without source makes it non-free by making the counter-point that living in a free society does not mean you are free to commit actions that abridge other peoples' freedom.

In any case you're completely mixed up wrt your use of involuntary/voluntary - the murder is voluntary on the part of the murderer but involuntary on the part of the victim. Distributing binaries without source is voluntary on the part of distributor but non-receipt of source is involuntary on the part of the recipient.

   

Re:Cue the flamewars

[exomondo]

Because it is touted as 'free as in freedom' but comes with restrictions. BSD fits that motto better as I can do anything I want with BSD code.

It fits it better, but you can't do 'anything you want' you still have to retain the license and copyright. I much prefer BSD-style license as while the GPL is a Free Software license it is a restrictive license rather than a permissive one.

Re:Cue the flamewars

[Raenex]

Firstly it's GP's analogy, not mine.

My mistake. However, here you are defending it.

Secondly it's just an example

A terribly bad one for you to argue. Killing somebody is direct harm, and that is why we don't allow it.

Distributing binaries without source is voluntary on the part of distributor but non-receipt of source is involuntary on the part of the recipient.

What bizarre world do you live in?

"Here's a binary, but I won't provide the source."

"OK, I'll take it anyways."

Re:Cue the flamewars

[Risen888]

It's not the General Free License. It's the General Public License.

Re:Cue the flamewars

[Risen888]

Free societies have rules.

Re:Cue the flamewars

[Risen888]

If you buy a car, modify it and sell it, the car company can't do anything about it. Yet cars are still sold. Why is this?

Re:Cue the flamewars

[butlerm]

You yourself give the authors of GPL software the right to force you to open your code when you agreed to use their software

That's not true. If the authors of the software in question sue you and win, the remedy will be a combination of two things - monetary damages and future compliance with the terms of the license, if the code in question is going to continue to be used. The authors can't force you to open your code. What they can do, with the help of the courts, is require you to comply or quit.

Re:Cue the flamewars

[exomondo]

Here's the basic issue. gpgv2 is GPL3. It's in the box. The user cannot modify it, as per the GPL3 license. Thus, Boxee is failing to meet the GPL3 license obligations.

And - as you'll note in TFA - that software was removed in a firmware update and is no longer being distributed, which is - as per the GPLv3 - an acceptable resolution to a violation. So there is really no news here.

Re:Cue the flamewars

[diamondmagic]

The point is (or at least the point I would make) is because of that, the GPL is just an egregious abuse of power as any other copyright license. The notion that some third party could come in and tell ME how and when and under what terms to redistribute MY property is absolutely nonsensical, and the very opposite of "freedom", that is what I would call "arbitrary power".

Re:Cue the flamewars

[exomondo]

If you buy a car, modify it and sell it, the car company can't do anything about it. Yet cars are still sold. Why is this?

Really? You really need it explained to you that you can copy software for virtually no cost but you can't do the same with a car?

Re:Cue the flamewars

[Eunuchswear]

If you modify my program the modified program is not your property.

Re:Cue the flamewars

[Risen888]

Cost is not the issue here. You can buy a CD, copy it for no cost, and sell it, and yet CDs still get sold.

Re:Cue the flamewars

[diamondmagic]

Authoring the program is simply a fact that you wrote some specific configuration of characters. That in no way implies you own all the instances of that program, one instance of that configuration of data being on MY hard drive on MY computer. I own all the data, I get to modify it in any way I like. Property rights can only exist to define power over something where power is mutually exclusive, because goods are scarce. Data isn't scarce, power over data isn't mutually exclusive. What are you doing to do, send in the thought police?

Re:Cue the flamewars

[exomondo]

Cost is not the issue here.

The issue is why would you pay for something when you can legally get the exact same thing for free? Your car analogy fails on the grounds that the product isn't free and the CD analogy fails on the grounds that it isn't legal.

You can buy a CD, copy it for no cost, and sell it, and yet CDs still get sold.

Are you stupid, ignorant or just being obtuse? You cannot do that legally, unlike the situation we are discussing.

Re:Cue the flamewars

[WNight]

Some people want their code to be usable by anyone, even if it means less ideological purity.

Exactly. And the GPL is the best license for achieving this. The miniscule extra freedom the BSDL could have to offer is at the cost of its effectiveness. The small compromise the GPL makes vastly increases its real-world usefulness.

To make your code usable, and helpful, to everyone it's got to be available to them. Even if they never look they'll benefit from being able to hire consultants to change it. The BSDL doesn't attempt this, the GPL does.

If you use the BSDL other programmers aren't disadvantaged because they know where to go to get your original code even if it's been eclipsed by a closed-source version. But users are simply stuck with a closed-source package and it's far less useful in the long run.

If you used the GPL the only person inconvenienced is someone who wants to 1) use someone's code without paying, 2) without passing the benefits to the users. Everyone else would have as much, or far more, access.

BSD trolls (because non-trolls don't care) go on and on about how the GPL isn't free because it wouldn't have been as convenient for a Bill Gates as the BSDL is, but they miss that 1) this person is far rarer than most users, 2) this person is an absolute jerk - trying to deny their users the benefits they've had. So, to the degree the GPL does hurt this person, good. It's protecting everyone else from them.

Re:Cue the flamewars

[WNight]

You can pretend to miss the point but that doesn't mean it's wrong.

Re:Cue the flamewars

[WNight]

Is strawman the only fallacy you know? Like thick-headed is your only rhetorical style?

Re:Cue the flamewars

[Raenex]

You can just ignore my argument, but it doesn't mean it's wrong. It's a bad analogy.

Re:Cue the flamewars

[Eunuchswear]

I wrote a program.

I said to you: you can have it provided you agree to my terms.

You agreed to my terms.

If you then break that agreement you are scum.

Re:Cue the flamewars

[Millennium]

I mentioned that already, though: the way out of being forced to open your code is to stop using the GPL'd software.

Or, to put it another way, GPL'd software is not gratis: it does, in fact, have a cost. It's just that instead of paying with money, you pay with code. The annoying situation of the English word "free" having multiple meanings rears its head yet again.

Re:Cue the flamewars

[Korin43]

Some people want their code to be usable by anyone, even if it means less ideological purity.

Exactly. And the GPL is the best license for achieving this. The miniscule extra freedom the BSDL could have to offer is at the cost of its effectiveness. The small compromise the GPL makes vastly increases its real-world usefulness.

By usable by anyone, I mean even people who don't want to give back to the community (the less ideological purity point). Contrary to popular belief, open sourcing all of your code isn't always possible. If you're using code under a license that's not compatible with the GPL, you can't use GPL code without getting rid of your other code. Also, sometimes your code contains secrets that aren't yours to share (this is the excuse nVidia gives for not open sourcing their drivers). If nvidia can improve their code by using a library I wrote, I'd be happy to have them use it. I understand that not everyone agrees, and it's your code so do what you want. My point was that BSD-style licenses aren't as scary as the GP was making them out to be.

To make your code usable, and helpful, to everyone it's got to be available to them. Even if they never look they'll benefit from being able to hire consultants to change it. The BSDL doesn't attempt this, the GPL does.

If you use the BSDL other programmers aren't disadvantaged because they know where to go to get your original code even if it's been eclipsed by a closed-source version. But users are simply stuck with a closed-source package and it's far less useful in the long run.

Agreed, there are reasons to prefer to GPL. I never disputed that.

If you used the GPL the only person inconvenienced is someone who wants to 1) use someone's code without paying, 2) without passing the benefits to the users. Everyone else would have as much, or far more, access.

The GPL and BSD-style licenses are pretty much identical when it comes to using code without paying so I don't see your point for #1. #2 isn't as black-and-white as you're making it out to be for the reasons I mentioned above (not everyone can open-source their code, and some of us don't care if they do).

BSD trolls (because non-trolls don't care) go on and on about how the GPL isn't free because it wouldn't have been as convenient for a Bill Gates as the BSDL is, but they miss that 1) this person is far rarer than most users, 2) this person is an absolute jerk - trying to deny their users the benefits they've had. So, to the degree the GPL does hurt this person, good. It's protecting everyone else from them.

Those jerks like Apple using LLVM and not contributing their changes back to the community? Or when they took KHTML, made massive improvements so they could use it in their browser, and then didn't give their changes back to the community*? Or that time Google decided to use Webkit but needed their own JavaScript engine, so they wrote it and kept it closed source?

Oh wait, I must be living in an alternate universe than you, because I'm not seeing the horror stories you're complaining about.

* Note: Webkit is partially LGPL and partial BSDL but the argument for the LGPL is similar to BSD-style licenses.

Re:Cue the flamewars

[WNight]

Some people want their code to be usable by anyone

Exactly. And the GPL is the best license for achieving this.

By usable by anyone, I mean even people who don't want to give back to the community

For every one of those there's tens of thousands of users they'd deny the benefits to. In serving that one person you're hurting many others.

even if it means less ideological purity.

Nope, simple practicality. The crazy pure ideology is BSDL insisting that if Bill Gates can't appropriate your code it's not truly free.

Contrary to popular belief, open sourcing all of your code isn't always possible.

No, open-sourcing your code isn't always possible if you want to use proprietary code. That's a choice you make.

If nvidia can improve their code by using a library I wrote, I'd be happy to have them use it.

But why? All you giving them something for free does is further remove any incentive to share. If not for people like you their unsharable code might become a liability and encourage them to change their ways.

I understand that not everyone agrees, and it's your code so do what you want. My point was that BSD-style licenses aren't as scary as the GP was making them out to be.

They aren't scary, they're just almost always the wrong choice. Perhaps you could help nVidia, but if you didn't that code might end up helping a company with open-source drivers, and help thousands of people, instead of just enabling nVidia to not pay their programmers.

If you used the GPL the only person inconvenienced is someone who wants to 1) use someone's code without paying, 2) without passing the benefits to the users. Everyone else would have as much, or far more, access.

The GPL and BSD-style licenses are pretty much identical when it comes to using code without paying so I don't see your point for #1. #2 isn't as black-and-white as you're making it out to be for the reasons I mentioned above (not everyone can open-source their code, and some of us don't care if they do).

1 and 2 go together to describe a single person who wants to use other people's work without paying or giving back. This is the person the GPL hinders. Not from spite (though it is fun watching them gnash their teeth), but because nothing else creates open software for users.

And nobody doesn't care about open source - it lowers TCO and allows independent audits. Businesses may not often get a chance to choose based on those criteria but they'd certainly care.

Oh wait, I must be living in an alternate universe than you, because I'm not seeing the horror stories you're complaining about.

Isn't KHTML licensed under the LGPL? Wouldn't Apple have had to give that code back?

But regardless, the point is that the horror story is largely theoretical. The BSDL trolls keep saying the GPL is meaningfully less free even though the GPLs "lack of freedom" only interferes with those who'd take everything and give nothing back. Further, the BSDLers always miss the point that most GPLers find the users of the software, and their access to code (even if they don't currently understand the benefits), to be more important than the right of the developer to get code for free.

All they do is harp on about ideological purity, and how (from their POV) the GPL lacks it.

Re:Cue the flamewars

[Korin43]

If nvidia can improve their code by using a library I wrote, I'd be happy to have them use it.

But why? All you giving them something for free does is further remove any incentive to share. If not for people like you their unsharable code might become a liability and encourage them to change their ways.

Because I don't care if they don't open source their drivers. I don't want to create a liability, I just want people to use my code. Besides, there always is an incentive to keep contributing back -- not having to maintain a fork. I assume this is the reason Apple keeps LLVM, Webkit and CUPS open source. They understand that it's easier for them to let the community deal with it. Companies that don't get this tend to not use open source software at all.

The BSDL trolls keep saying the GPL is meaningfully less free even though the GPLs "lack of freedom" only interferes with those who'd take everything and give nothing back. Further, the BSDLers always miss the point that most GPLers find the users of the software, and their access to code (even if they don't currently understand the benefits), to be more important than the right of the developer to get code for free.

All they do is harp on about ideological purity, and how (from their POV) the GPL lacks it.

Read my original post. I didn't say anything about the GPL, I just said that the BSD license isn't as bad as the OP said. Whether to use one or the other really does come down to what you want out of it -- I want my code to be usable by anyone in any software they care to put it in, you want your code to only be usable by people who share their code too. It's your code, do what you want with it. The whole point of my post was just to counter this:

Then, once you've got a really great project, I'll take it, place it under my own licence that forbids you from even mentioning it again, and call it my own. Since I can afford scarier lawyers than you, there's nothing you can do about it.

Obvious lie right? What are we argument about?

Re:Cue the flamewars

[WNight]

I don't care if they don't open source their drivers.

B.S. If you've ever had driver issues with any hardware you know the benefits you'd get from open source drivers. If you don't want them you're trying to not understand the benefits.

I don't want to create a liability

The liability is their own unsharable code that they created by entering into unfavorable licensing deals. All I'd ask is that you not go out of your way to mitigate problems that 1) they got into themselves or 2) are the consequence of not sharing.

I just want people to use my code

All giving it to a big company under the BSDL does is get one small group to use your code. The GPL gets your code out to more people, and people who would benefit more from it. Instead they lose all the benefits of open source because it gets closed before they hear about it, let alone use it.

You're just saving the company from paying someone to write it for them.

What are we [arguing] about?

"less ideological purity."

This. And trying to figure out why you think corporate welfare is good...

The BSDL is the ideological license that says any restriction, however small and essential, is too much. And that ideology hurts users everywhere. The reasons to pick the GPL are practical. Without demanding a price for software the companies that use it won't reciprocate and users won't benefit.

Re:Cue the flamewars

[Korin43]

My point is that it's a difference in opinion. You don't to share with people who won't share with you. I do. That's it. The BSD license doesn't make any ideological argument, it just says that you can use the code however you want. That's what I like, and I don't care about all of these things that you're so worked up about it. If you want to use my code you're welcome to use it and keep your code under the GPL.

The reasons to pick the GPL are practical. Without demanding a price for software the companies that use it won't reciprocate and users won't benefit.

I already responded to this in my last comment -- Theoretically companies could use BSD-licensed software without releasing their changes back to the community, but in practice, companies that use open source software tend to realize that there are huge benefits to working with the community (no one wants to maintain a fork if they don't have to).

What are we [arguing] about?

"less ideological purity."

I consider the BSD-licenses to be less idiological because I see them as a way to say "Here's my code, I have no opinion about how you use it. Have fun.", while the GPL is more "Here's my code, you can use it if you agree with me on this issue." I realize some people may see the BSD-licenses as "more free", but I see them as more practical (for reasons you obvious disagree with it, but that's not the point).

This. And trying to figure out why you think corporate welfare is good...

How is sharing code "corporate welfare"? Is every use of open source software a form of welfare now? The reason I want software usable by companies is that I work for one, and I like being able to use open source software where I work. I'm not the boss; I don't decide what gets open sourced and what does, but I can say "I could write my own database, or I could use SQLite (public domain)". BSD-style licenses make my job easier, and I'd like to make other people's jobs easier too, and I don't particularly care if they reciprocate (again, a personal choice, not something to argue about). If that happens to make companies I don't work for more productive, then who cares?

Re:Cue the flamewars

[WNight]

My point is that it's a difference in opinion. You don't to share with people who won't share with you. I do. That's it.

Why though? If they won't share they're the kind of people you shouldn't be helping.

The reasons to pick the GPL are practical. Without demanding a price for software the companies that use it won't reciprocate and users won't benefit.

I already responded to this in my last comment -- Theoretically companies could use BSD-licensed software without releasing their changes back to the community, but in practice, companies that use open source software tend to realize that there are huge benefits to working with the community (no one wants to maintain a fork if they don't have to).

Right up until it suits them (and not the users) to stop.

What are we [arguing] about?

Our views on software licensing, and helping the greedy. Why do you ask?

And trying to figure out why you think corporate welfare is good...

How is sharing code "corporate welfare"?

Providing it under a license that lets them use it without any cost is.

Is every use of open source software a form of welfare now?

Only that with no strings attached, specifically made for people who wouldn't reciprocate.

The reason I want software usable by companies is that I work for one, and I like being able to use open source software where I work. I'm not the boss; I don't decide what gets open sourced and what does,

Exactly. Your company makes unprofitable decisions and you go save them from the consequences. They learn nothing and help nobody.

I don't particularly care if they reciprocate

In doing so though, you help the greedy and encourage less code getting to users.

You want people to be able to use your code but your actions hurt more programmers than they help by providing sharing-free alternatives that don't even require them to hire programmers to create.

(again, a personal choice, not something to argue about).

What do you argue about then? Facts? Tautological mathematical statements?

If that happens to make companies I don't work for more productive, then who cares?

If you're going to help the greedy at least make them pay like they'd make you pay. Otherwise you breed sociopaths and equivalently hurt the honest who don't realize the same gains, the users, and the other programmers.

Re:Yeah?

[BRSloth]

GPL is based on copyright, dictating the rules by which the work can be transferred (or sold, or given). It's the same as breaking the Microsoft EULA when you pirate your Windows copy.

Surely, there may be not enough GPL authors going after people breaking their licenses, but it falls on the same category [I *think* the FSF sometimes offers legal help for those trying to sue companies to enforce their GPL-licensed products.]

don't ever trust promises of new features

[alen]

some of the complaints are that promised features were never implemented. learned this a long time ago. buy on the feature set at the time of sale, don't ever trust a company to implement new promised features. after the sale they are thinking about selling the next version, not paying developers to code software you already paid for

Re:don't ever trust promises of new features

[Pvt_Ryan]

I AGREE!!!! I did that with a Playstation 3... oh wait a sec...

Re:don't ever trust promises of new features

[trebach]

Don't ever trust a company to retain features offered at the of sale either.

Re:don't ever trust promises of new features

[LWATCDR]

Add in all the problems that the networks are throwing at Boxee and the other network devices and they have a big fight in their hands. I do find this flame post most amusing because he is screaming about a lack of openness as well as the lack of DRM filled streaming services. Odds are very high that the media companies are requiring the locks for security as well as the causing the delay of services!

In other words just get a Roku box. Mine works great.

Re:don't ever trust promises of new features

[pak9rabid]

Yup. This is also why I never pre-order games. Just ask the people that pre-ordered Duke Nukem Forever 10 years ago. Companies will get my money once I agree to purchase what they're actually selling.

Re:don't ever trust promises of new features

[phorm]

New features. How about current capabilities?
Motorola milestone and flash support come to mind (requires Android 2.2, which for many countries didn't get implemented for YEARS, and others didn't get provided at all).

One of the many reasons my next phone will *NOT* be a Motorola. I'm thinking HTC for the next round.

Re:don't ever trust promises of new features

[dkleinsc]

don't ever trust a company

I think you could have shortened it to that. A company has one goal: make money. As a general rule, everything not stipulated in the contract is something they can and will stiff you on if the PR won't be too bad, and everything stipulated in the contract is something they can and will stiff you on if the ensuing lawsuit won't be too bad.

Re:don't ever trust promises of new features

[delinear]

Don't ever trust a company.

Re:don't ever trust promises of new features

[Dr_Barnowl]

Or an elf.

Re:don't ever trust promises of new features

[publiclurker]

I agree, but why is it currently at Funny. If anything, it should be insightful.

Re:don't ever trust promises of new features

[MaerD]

And never deal with Sony^H^H^H^H Microsoft^H^H^H^H^H Apple^H^H^H^H^H a Dragon.

Re:Yeah?

[trebach]

No, they get sued if they don't bring the offending products into compliance with the GPL.

Re:No GPL-3 software means no violation

[Aqualung812]

RTFA:

The Truth
Your Boxee Box was shipped containing GPLv3 software. You should be able to install modified versions of software to your Boxee Box.

no GPL issue with tivoization

[DMiax]

First: there is no issue with GPL and tivoization. GPLv2 allows it and GPLv3 forbids it, full stop. It is as clear as day and every developer can make an informed choice as to what he/she wants to allow with the code.

Now it seems that these things include GPG that is under GPLv3. So it looks an awful lot as a violation, if confirmed. At the same time it seems that the program was removed by online firmware updates, so everything would be kosher for the GPLv3 (that gives the option to stop distributing the offending code and be legally safe)

Re:no GPL issue with tivoization

[faedle]

Except they are still distributing GPLv3 code.

The fact you can "factory reset" the box and the GPLv3 binary is still present implies that they are still distributing GPLv3 code (it would be interesting to get a recently made Boxee box and see if they are still distributing this obsolete firmware version). Even if it was "removed" by a firmware update, that does not change their responsibilities for "correcting" the license violations of the past: further, the fact that the binaries are still present and able to be restored by a simple factory reset means there is an actionable license controversy that they may not be able to cure without releasing the keys required to make the gpgv2 binary "work".

Re:no GPL issue with tivoization

[DMiax]

I am not an expert on the GPLv3, but I know that there was an effort to give recipients the option to correct the violation without penalties. Of course this requires not selling new boxes in violation, but they would not be liable for the already distributed ones (a factory reset is not a new distribution if the copy is local as usually is). Whatever the purpose of the GPL is, it surely does not include setting up traps for companies: it would be damaging for the whole Open Source/Free Software community.

Re:no GPL issue with tivoization

[arose]

The GPLv3 isn't entirely clear on this, but I suspect "ceasing all violation" might mean that you have to honor the terms of license for existing distribution. Otherwise you could violate for a while, make your profit and be clear 60 days after.

Re:no GPL issue with tivoization

[Darinbob]

And Tivoization was a good thing in my view. It got a great product out cheaply, it used open source to good effect, it gave credit where credit was due, and it was vastly more user-customizable than any of the competition. But it gets dinged for object files being loaded into the kernel. Sheesh. All FSF is doing here is promoting the use of closed platforms.

Re:no GPL issue with tivoization

[ray-auch]

The GPLv3 isn't entirely clear on this, but I suspect "ceasing all violation" might mean that you have to honor the terms of license for existing distribution. Otherwise you could violate for a while, make your profit and be clear 60 days after.

Not the way copyright (or patent) law usually works AFAIK. You can get damages for prior violations, and prevent distribution or force compliance with terms for the future.

Forcibly recalling and changing stuff that is already sold would be very unusual and probably a legal minefield, since there is a lot of potential collateral damage to good faith purchasers. Even if it's "just" a matter of releasing code+keys that may not be possible - if the code has been (wrongly) mixed with other licenced code, the violator may not have the rights to release the whole. Same goes for keys which may be subject of other licensing agreements (e.g. with content providers).

Just because the GPL says "you must do X to have licence to distribute" doesn't grant you legal carte blanche to do "X" without considering other copyrights patents contracts etc. It means that if you are unable to do "X" then you are unable to distribute the GPLed code, and that is what a court would enforce.

Re:no GPL issue with tivoization

[arose]

You can get damages for prior violations, and prevent distribution or force compliance with terms for the future.

I understand this. What I meant is that I don't think ceasing future distribution is enough to satisfy the forgiveness part of the GPLv3 which would restore distribution rights. Yes, it's copyright you'd have to deal with, that is just how GPL works, but if you actually repair the violation you can avoid that end of the stick too.

Dirty Tricks Indeed

Did someone at Boxee actually edit a forum post to change the author's intent?

Forum Post Screenshots

Is Boxee's operation really this shady?

Re:Yeah?

[gstoddart]

No, they get sued if they don't bring the offending products into compliance with the GPL.

By whom? Maybe the EFF.

I think part of the problem is that, to the best of my knowledge, the GPL hasn't been fully tested in court, and there is no single body (and certainly not with a lot of resources) who can police this. I'm not even sure the EFF has standing to sue everybody who might do this ... unless the GPL says they're the effective copyright holders for everything GPL'd, short of an amicus curiae the EFF doesn't own the code which is alleged to have been violated.

A lot of companies seem to more or less say "too bad" when it comes to the provisions and providing this stuff ... they're just not willing to provide you with the details you'd need, admit that they're using the GPL'd software, or provide you with the sources even if they are. So, effectively they rip it off with impunity and laugh at you.

If there's no actual consequence for these companies, what is going to change? This is far from the first time we've heard about companies flipping the bird at the terms of the GPL.

And, really, based on my experience with my latest D-Link router ... it might be time to consider a change anyway. My latest router has a tendency to lose connection on one of its ports, and has some issues which may or may not be the fault of Vista.

Re:No GPL-3 software means no violation

[Lunix+Nutcase]

Yet he doesn't even name a single piece of this GPLv3 software that Boxee uses. The entirety of his proof is:

Once you have a command prompt on your Boxee Box, type “gpgv2 --help” et voila, you are greeted with the GPLv3 header.

Wow, soooo convincing.

c'mon Taco

[drougie]

You don't capitalize by or other short prepositions in titles. How long have you been doing this? Maybe set this as your homepage for a few days.

VLC rules by the way.

Re:Yeah?

It's the same as breaking the Microsoft EULA when you pirate your Windows copy.

No. An EULA takes away rights on something you bought, the GPL gives you rights on something you've copied for free (or bought for money, but GPL gives you the right to copy it for free after that).

Re:No GPL-3 software means no violation

Yea, notice step 1: Reset your box to factory default. The only GPLv3 piece of software on the box is GPG, and it was removed in a firmware update, so the case here is extremely weak.

GPL issue with tivoization

[Maximum+Prophet]

GPLv2 didn't "Allow" what Tivo did, it overlooked it. Once Tivo Inc. showed GNU just how evil a corporation can be, they had to spend time and money creating GPLv3, time and money that could have been spent actually doing something, instead had to be spent on lawyering.

As a side note, Tivo Inc. is losing customers, and every useless Tivo sitting unsold at a yard sale is a message to consumers that a Tivo box is worthless. If Tivo Inc. were to provide some small amount of functionality for these machine, they would at least be able to upsell some customers.

Re:GPL issue with tivoization

[jedidiah]

Tivo has been relatively stagnant in a market driven by ambitious early adopters on one side and completely apathetic consumers on the other.

Instead of moving their own technology forward, they chose to try to enforce a bogus monopoly based on patents they never should have been granted.

Meanwhile, most consumers really couldn't care less about paying extra money to buy a Tivo and are more than willing to use the device provided by the cable company or even sit through commercials and "channel surf". Plus you've got stuff like iTunes and Netflix that completely bypasses all of the effort required to "capture broadcasts" for future use in something approximating Video on Demand.

People either "can't be bothered" or "simply want more". ...although old Tivos at a garage sale could simply be analog units made obsolete by that whole digital TV switch thing.

Re:GPL issue with tivoization

[mcmonkey]

I don't think obsolete means what you think it means.

I have 2 analog Series 2 TiVos running right now, and they do everything they were advertised to do.

Re:GPL issue with tivoization

[tgibbs]

Meanwhile, most consumers really couldn't care less about paying extra money to buy a Tivo and are more than willing to use the device provided by the cable company or even sit through commercials and "channel surf". Plus you've got stuff like iTunes and Netflix that completely bypasses all of the effort required to "capture broadcasts" for future use in something approximating Video on Demand.

I've tried some of the cable-company TiVo knock-offs, and they are substantially inferior. It is amazing to me that after all of these years, no other company has managed to match TiVo's reliability and user-interface design. If TiVo's patents help to keep them in business, that strikes me as an argument in favor of the patent system.

Re:GPL issue with tivoization

[Dr_Barnowl]

Rephrase ; the authors of GPL v2 overlooked the practice of tivoization because at the time of writing, it was unknown.

The stated purpose of the GPL was to retain the right for users to modify software that was distributed to them to serve their own needs, under that license. Tivo managed to find a way around that - modifying the software they shipped was possible, but pointless, because the Tivo hardware would refuse to load binaries unless they were signed with a cryptographic key only known to Tivo Inc.

As you note, this was not illegal, since Tivo Inc. complied with the license in so far as they distributed the sources they changed for use in their product. On the other hand, the practice was clearly not in line with the spirit of the GPL license and thus the spirit in which that software was offered. Morals are not as black and white as the law, I'll grant you, but I don't think you'll find many who think that shipping a device dependent on a stack of software licensed in a way designed to promote the freedom to tinker, but with a lock on it that prevents any such tinkering, is an unassailable moral position.

Re:GPL issue with tivoization

[Registered+Coward+v2]

GPLv2 didn't "Allow" what Tivo did, it overlooked it. Once Tivo Inc. showed GNU just how evil a corporation can be, they had to spend time and money creating GPLv3, time and money that could have been spent actually doing something, instead had to be spent on lawyering.

It's a license - if they didn't include specific restrictions or terms than it is allowable.

Re:GPL issue with tivoization

[Registered+Coward+v2]

As you note, this was not illegal, since Tivo Inc. complied with the license in so far as they distributed the sources they changed for use in their product. On the other hand, the practice was clearly not in line with the spirit of the GPL license and thus the spirit in which that software was offered. Morals are not as black and white as the law, I'll grant you, but I don't think you'll find many who think that shipping a device dependent on a stack of software licensed in a way designed to promote the freedom to tinker, but with a lock on it that prevents any such tinkering, is an unassailable moral position.

No, it's not an "unassailable moral position." TIVO complied with the terms and made the software available - you are free to do whatever you want with it; including creating hardware to run it. I find unreasonable the idea that using software under the gpl requires you to make your hardware open to modified versions as well. Clearly, some people don't agree and thus we have v3.

Ultimately, I think v3 is counterproductive if the goal is to increase the acceptance of OSS. Separate from the licensing issue there may be liability issues as well. If a device running modified code ran into problems, the manufacturer could very well face expensive law suits; whether or not we think that is reasonable. So, it'd be smarter to either fork v2 software or go with non-OSS code; rather than be forced to open up your hardware to modified code. Another solution is to minimize teh use of gpl'd code by using proprietary code to perform functions separate from gpl'd code and merely use gpl'd code to perform basic OS functions.

Re:GPL issue with tivoization

[Kielistic]

I kind of think that it is you that is confused about what obsolete means.

Obsolete does not mean broken. It does not reflect whether the device functions or not. An analog Tivo is very much obsolete by today's technology (the virtue of what made it obsolete does not affect it being obsolete). My 286 still does everything it was advertised to do but it is still obsolete.

Re:GPL issue with tivoization

[shutdown+-p+now]

GPLv2 didn't "Allow" what Tivo did, it overlooked it. Once Tivo Inc. showed GNU just how evil a corporation can be, they had to spend time and money creating GPLv3, time and money that could have been spent actually doing something, instead had to be spent on lawyering.

By "GNU", do you mean FSF (since those are the guys who wrote GPLv3)?

If so, then what, apart from lawyering and propaganda, do they actually do that would qualify as "doing something"?

Re:GPL issue with tivoization

[dannys42]

ReplayTV came out a bit before Tivo (though not by much). I rather liked the ReplayTV interface, and they never tried doing anything stupid like putting ads in while I'm trying to skip them. But they were far worse at marketing than Tivo. I've never used a Tivo, so I can't comment on their UI. But from what I've heard from others, the ReplayTV did have a few features up on Tivo (eg. the various commercial skip modes actually worked well).

These day's I'm using AT&T U-Verse's DVR, even though my ReplayTV still works fine... largely because of the integration with U-Verse. And while I really miss some of the features of my ReplayTV, it's hard to beat Microsoft's business model... cheap and good-enough.

Despite how well a $100-200 DVR can be, the fact that cable companies are giving them away means it's now a commodity... Most people just won't be willing to pay that much for something they can get for free.

Re:GPL issue with tivoization

[grapeape]

It might be inferior..but that doesn't change the fact that most people are happier paying $0-$5 a month for a dvr that can handle the digital tiers they subscribe to but also does the basics they expect it to do. Tivo may be superior...even vastly superior but 99% of the market just doesn't care.

Re:GPL issue with tivoization

[NitroWolf]

My covered wagon still does everything it was designed to do (I'm going on the Oregon Trail)... but it's still sadly obsolete. /sigh No more cholera for me.

Re:GPL issue with tivoization

[Quarters]

Rephrase ; the authors of GPL v2 overlooked the practice of tivoization because at the time of writing, it was unknown.

Right, so you can't very well put the cost of making GPL v3 on the shoulders of Tivo as you tried to do with the statement, "Once Tivo Inc. showed GNU just how evil a corporation can be, they had to spend time and money creating GPLv3, time and money that could have been spent actually doing something, instead had to be spent on lawyering." Tivo did what was allowed. The FSF got upset. The FSF then spent money and time drafting a license that covers the problem they didn't foresee. Like the original respondent to your post said, If the FSF wants to limit the way software using their license is used it is their responsibility to review and update their license to disallow the things they want to restrict. "Spirit of the law" is a nice sounding term but it has no bearing on a license. If the license does not stipulate what cannot be done with whatever it covers then it is perfectly legal to do that thing. Tivo had better lawyers than the FSF, end of story.

Re:GPL issue with tivoization

[Jeff+DeMaagd]

GPLv3 might be a step to solve it, but if you're worried about tivoization of the Linux kernel, Linus Torvalds seems to be fine with Tivo, and he's against upgrading to GPLv3.

Are any of the yard sale Tivos high def models?

Re:GPL issue with tivoization

[AmiMoJo]

It isn't that other companies are incapable of making products as good as a Tivo, it is that the cable/sat companies are unwilling to pay for them.

Panasonic and Sony do some good DVRs with comparable features and no subscription required.

Re:GPL issue with tivoization

[Maximum+Prophet]

Alas, no High Def yet, however last time I priced a new Tivo it was around $500 for a new box with product lifetime service with the current owner discount. However, a refurbished machine with product lifetime service was ~$500. No current owner discount. (:-(

I did buy a Series II for $5 so that I have a spare power supply, but it's useless beyond that. (I've heard that if I get an older image of the software, I could at least use it as a security camera DVR, but that's still a license violation and more trouble than it's worth.)

Re:GPL issue with tivoization

[Maximum+Prophet]

I was referring to the greater GNU supporting community, but you're right, the FSF are specifically responsible for GPLv3.

Propaganda is distinct and about as important as lawyering. I'm not happy about paying for either, but I can see the value in both.

Every worthwhile project has to have a advocate, or else it dies out. (Look at how many Shakers are left. http://en.wikipedia.org/wiki/Shakers ) The nature of project advocacy tends toward propaganda. In the real world, if you want N, you have to ask for N+x, or else you are only going to get N-y.

Re:GPL issue with tivoization

[mcmonkey]

That makes sense.

So I'll say, my needs haven't changed. I still want a DVR to do what I originally purchased a TiVo to do, and my TiVo still does that. The digital TV switch thing had minimal effect.

If what you need a computer to do is within what your 286 does, that I'd say it isn't obsolete.

As far as the state of obsolescence being a standard of current technology and not strictly the functionality of the device, the comment I replied to referred to analog TiVos made obsolete by "that whole digital TV switch thing."

By that standard, my analog TiVos are not obsolete (or at least not any more obsolete than they were before the time of digital TV signals).

Re:Yeah?

[lavalyn]

This is why the FSF asks for copyright assignment in GNU projects. They become party to the license, and can act on its infringement.

Wording

[Geoffrey.landis]

"tivoization"-- Nice word.

Re:Wording

[kvvbassboy]

Yep. Especially considering that Tivo didn't even violate the license.

Re:Wording

[wall0645]

I fail to see how that has any relevance. Tivo did something free software people didn't like, and they named that thing "Tivoization" because Tivo was the first/highest profile (not sure which) culprit.

Re:Wording

[kvvbassboy]

It does. When you create an official word that can be used in a legal context, such that it has a negative connotation towards an individual or an organisation, it becomes a subtle form of negative marketing.

Tivo used a loophole in GPLv2 to further their interests, and now they have an ethically questionable legal term in their name. Try convincing me that won't hurt them.

Seeing as how you called Tivo a culprit, I am sure you will disagree with me, or you will say that they deserve it.

it HAS been tested as far as I remember

[Isaac+Remuant]

Quick Google Search:

http://en.wikipedia.org/wiki/GNU_General_Public_License#The_GPL_in_court

http://techrights.org/2007/11/23/gpl-court-test/

Re:it HAS been tested as far as I remember

[gstoddart]

And, from your own link:

A settlement with a comment from the judge saying "she sees the GNU GPL to be an enforceable and binding license".

Some guy was denied standing to sue since he didn't establish a valid anti-trust claim.

In one case a judge ruled "the GPL was not material to a case dealing with trade secrets derived from GPL-licensed work".

A legal precedent in Germany.

Apparently BusyBox has mostly settled, and agreed to release code.

Again, Linsys and Cisco settled.

As much as we all would like to GPL upheld in court, and some of us would like to say that this has been definitively settled by a court, it seems like in a lot of ways it's a lot murkier than that. Some jurisdictions have upheld it, some judges have commented that it should be legally binding, and many cases have been settled ... which means they don't really provide actual precedents in terms of case law.

I'm just not convinced that there is enough actual legal precedent to say in most jurisdictions that violating the terms of the GPL has been consistently upheld. So far, it seems to be a fairly hodge-podge collection of cases which established various things to various degrees.

I'm certainly not convinced that one of the references you cite actually authoritatively establish this in enough jurisdictions to say the matter has been resolved. I'm not arguing against the GPL ... I'm saying I don't believe that the issue has become cut and dried enough that with enough lawyers you couldn't convince a judge otherwise.

Re:it HAS been tested as far as I remember

[Isaac+Remuant]

I understand what you're saying. I just wanted to offer some of the things I've read about in the past when I researched the GPL license and it's history in court. I'm pretty sure I read a much more thorough article involving GPL related disputes but, as you say, it might not be sufficient depending on the case, the jurisdiction and the lawyers.

Re:it HAS been tested as far as I remember

[gstoddart]

I'm pretty sure I read a much more thorough article involving GPL related disputes but, as you say, it might not be sufficient depending on the case, the jurisdiction and the lawyers.

Unfortunately, that seems to be the crux of the problem. Lots of people write what essentially amount to opinion pieces ... but depending on the case, the lawyers, and the judge I fear there might be far too many grey areas in which the GPL might be only partly (or not at all) enforced.

It would be nice to think that you could pretty much say "we've proven they're not adhering to the GPL, the GPL is backed with copyright law, therefore they need to be censured" -- I'm just not sure you might not find yourself fighting Microsoft or some other large company for years, only for them to say "OK, we'll release 4 year old code, and we'll give you $200 for your legal defense fund, but we admit no wrong doing".

At which point, you're no further ahead than you are now. :(

Re:it HAS been tested as far as I remember

[SETIGuy]

I'm certainly not convinced that one of the references you cite actually authoritatively establish this in enough jurisdictions to say the matter has been resolved.

I'm not sure what choice the judge would have in the matter. Either find the GPL to be valid and enforceable, of find it to be invalid and the work covered by standard copyright law. Which would be worse for the defendant? I think they would be nearly equivalent outcomes. Are you saying a judge could somehow find works released under the GPL are in the public domain, despite that being a violation of copyright law and international treaty?

Re:it HAS been tested as far as I remember

[SETIGuy]

It would be nice to think that you could pretty much say "we've proven they're not adhering to the GPL, the GPL is backed with copyright law, therefore they need to be censured" -- I'm just not sure you might not find yourself fighting Microsoft or some other large company for years, only for them to say "OK, we'll release 4 year old code, and we'll give you $200 for your legal defense fund, but we admit no wrong doing".

Except by violating GPL they never had the right to distribute, and are legally responsible for distributing. Agreeing to distribute code is not a remedy, nor can the plaintiff demand that they distribute code. Ceasing distribution and paying damages for each copy improperly distributed is a remedy. In practice, most plaintiffs will accept an undisclosed cash settlement and an agreement for them to follow the license in the future which is why we've never seen a full test in the courts.

I once had a meeting with a media conglomerate lawyer about a joint project released under the GPL that some of their developers thought would be useful for them to work on. I've never seen such terror in a man's eyes. Of course he's a lawyer who didn't have a thousand page book on the GPL, so he couldn't comprehend it didn't encompass all their software, and he killed any cooperative effort. But he wouldn't have been so afraid if he had thought there was a chance it was invalid.

Re:No GPL-3 software means no violation

[Carewolf]

This guy doesn't make the smallest bit of sense. Nobody uses GPL-3 software. Almost no software is under GPL-3.

Almost no software, and certainly no major projects. Except, of the top of my head: GCC, GPG and Samba

I'd get one

[moco]

...If it was "hackable". But it seems that hardware makers today want more than selling you their product. They want to make sure you don't use it unless it's in a way they approve of.

For now, I have alternatives (buy something else), but I am afraid my daughter will not have that option.

Re:I'd get one

[mounthood]

But it seems that hardware makers today want more than selling you their product. They want to make sure you don't use it unless it's in a way they approve of.

This isn't new; companies have always tried to make more by controlling their product after the sale. What's new is including a "service" attached to every product, so they have a new legal basis for demanding control. Adding a service isn't exclusive to computers and software either, it's the same strategy that "voiding the warranty" was in the past.

Re:I'd get one

[moco]

I am sure she will. But I'm definitely teaching her that there are different ways of doing things, and sometimes they are more efficient, challenging or outright fun.

She most likely won't pursue a career in CS, but the value of hacking goes beyond that.

On a side note, I can't help noticing that my complaint is extremely similar to the ones I remember from the electronics enthusiasts in the 90s. Funny, it seems our time has come.

Re:I'd get one

[grapeape]

Your right, there likely wont be that option, most of the responses I have seen to big stinks being raised over small violations don't result in the device becoming more open...usually it just ensures that the next generation product isn't open at all. While I agree that if a product is going to use GPL it should comply with GPL, the hoops that have to be run through to make both the content providers and the open source community are usually contrary to each other and when it comes down to functionality vs hackability most companies are going to choose to just close up shop on the open source side of things.

Re:No GPL-3 software means no violation

[rsimpson]

Well, yes, that was my thinking as well. But then I thought, "Hey, what if I wanted to reset to the factory default (which is arguably better) and just use that and never connect to the internet and receive the latest firmware update. Then, what if I wanted to make a change to gpgv2 and run the changed binary on my Boxee. In terms of the GPLv3, I *should* be able to, but I can't because I don't have the encryption keys required for the modified image to work".

It is all well and good if they have removed the offending software in recent updates (no way to check though, since you can't get any sort of shell access on the box anymore), but at one point they did violate the GPLv3. And for it, they should make ammends by providing the required keys ... even if it is only for that 1 single version that they released a long time ago that I still have the ability to run. However, the key for that build, and for any other build would be the same ... which I suppose is a win for people wanting to hack their Boxee Box.

Re:No GPL-3 software means no violation

[Duradin]

I wonder if any virus scanners can be set to detect GPL code to keep your product/project from being infected.

Re:No GPL-3 software means no violation

[gstoddart]

Yet he doesn't even name a single piece of this GPLv3 software that Boxee uses. The entirety of his proof is:

Once you have a command prompt on your Boxee Box, type âoegpgv2 --helpâ et voila, you are greeted with the GPLv3 header.

Well, if there was no GPLv3 code on the device, then in precisely what way would it have the header for GPLv3 in the device?

That would imply two broad conclusions:

1) Boxee is including license headers for software they don't ship, just in case you would like to be able to read it, but that in no way implies they have any GPLv3 code.
2) They have GPLv3 code as evidenced by the fact that that it was there in the first place.

I don't know about you, but I have never included license information for software I'm not including in any product I've ever been party to creating or maintaining.

You're right that it's not possible to know what all is included, but I'm hard pressed to believe that if you have the headers you don't also have at least something using that license.

Re:No GPL-3 software means no violation

[faedle]

Not as weak as it may seem.

Being as they distributed gpgv2, which is licensed under the GPLv3, means that somebody can make a claim for the cryptographic keys required to make gpgv2 run on the target hardware. The fact they removed it in a software upgrade doesn't change the fact that a GPLv3-licensed binary was distributed: the fact that the binary is still on the machine (and able to be restored by a factory reset) actually proves that GPLv3 code is likely STILL being distributed.

It's a lot more than a technicality. A common-sense interpretation of both the GPLv3 and case law says that there is an actionable claim here for a license violation.

Cut the guy a check

[badboy_tw2002]

Since this is one violation on one utility, can't they just cut the author a check for a different license and be done with it? Seems like $10k would be way cheaper than any lawyer involvement. Unless the author wants to use his util as a foot in the door to force Boxee open then I don't see why this won't be resolved in a matter of days. Obviously if this is a much bigger project with lots of authors that complicates matters a little bit, but it seems like just paying the guy off after the fact is the easiest way to clear yourself of GPLv3 violations. Or is that somehow not allowed?

Re:Cut the guy a check

[Bing+Tsher+E]

The kind of developer/organization that releases software under the GPLv3 license is by definition a 'force the foot in the door to force open' type entity. So they'll do whatever they can by whatever means necessary to take advantage of the situation.

It's an a ideology-driven issue. Compromise just won't work.

Re:No GPL-3 software means no violation

[BitZtream]

That was my tought too ... GCC and Samba.

Interestingly enough, notice the major players in this industry which are pretty good at supporting OSS are also moving away from ... GCC and Samba ... to things that don't have such restrictions.

The major products are free to use GPLv3, but the writing is on the wall, they're going to lose support from the big guns and be replaced by alternatives without those restrictions. Basically cutting of their nose to spite their on face.

Companies have become serious about GPL compliance

[Bruce+Perens]

My consulting firm helps law firms and their customers come into compliance with the GPL and other Free Software licenses - both before and after they distribute the product. I can tell you they do take it seriously when they run into trouble, because there is not just the threat of a lawsuit, but the threat of having infringing products prohibited from being imported into the nations where they wish to sell them.

What a lot of companies are having problems with is establishing a compliance program before they get that letter from the Software Freedom Conservancy (which has sued about 40 companies, no kidding). Too many of them fix the problem after it's happened.

Tivo-ization is not one of the things the companies are in trouble for, because the software in question is under GPL2, not GPL3. The problems are from simple non-compliance with the license terms.

Re:No GPL-3 software means no violation

[arose]

Well if it's only in the default firmware, it's like they didn't distribute at all! Right? Right?

Re:Yeah?

[Bing+Tsher+E]

Also because it gives them more power. It's been years now since Stallman worked on any real code, so for his arguments to have any traction he needs to scuttle about like a hermit crab in someone elses shell.

Re:No GPL-3 software means no violation

[ray-auch]

By 'major players' you mean Apple. One company does not a trend start.

Yeah, can't see Apple capable of starting a trend really.

That touchscreen pinch-zoom phone thingy never took off, and those big tablet things are just dead in the water - no one's copying them.

Pretty harsh characterization

[way2trivial]

an EULA spells out the terms under which your bought something.

It does not 'take away rights' it identifies purchase terms you agree to (even if you don't agree with them)

Re:Pretty harsh characterization

[the_bard17]

Then why aren't the terms provided at the time of purchase?

Last time I bought software at a retail store, nobody asked me if I agreed to any terms before I paid for it.

Let me guess... some judge somewhere says that the purchase is not complete until I proceed to install the software, and it asks me to agree to the EULA. If I don't agree, I'm free to return the software or not use it. Even if the retailer won't allow the return (the box is open) and the manufacturer directs me to the retailer.

If you can't tell, I have little respect for EULAs.

Re:Pretty harsh characterization

[WNight]

I think you mean "A EULA purports to spell out [...]"

It's not binding because you didn't see it. The only reason people started to think EULAs were valid is that they claimed things that were true, like that copying was restricted, etc. Then some idiot got the idea that he was bound by whatever it said. Ridiculous. Imagine if fortune cookies were binding.

I just sold mine because I couldn't install XBMC

[Flammon]

I just sold mine because I couldn't install XBMC on it. They (Boxee) made it seem like the new D-Link Box was going to be hacker friendly and it's far from it.

http://www.youtube.com/watch?v=lwhypK3egeQ

Re:No GPL-3 software means no violation

[ray-auch]

> there is an actionable claim here for a license violation.

Sounds like the license violation has already been cured - if they have stopped distributing the software and removed from existing installations best they can with updates.

If they haven't acutally stopped distributing, then the copyright holder could sue them to get them to either a) come into compliance or b) stop distributing. Looks like we know what they will do, since they've already gone down that route.

Question is, is it worth suing them to get them to really remove the software (if is still really there) that they already removed from users (unless you jump through some hoops) ?

DLink has a ... history

[Lead+Butthead]

DLink has a history of GPL violation in the past. I am frankly not one bit surprised...

Re:Yeah?

[drsmithy]

No. An EULA takes away rights on something you bought, the GPL gives you rights on something you've copied for free (or bought for money, but GPL gives you the right to copy it for free after that).

An EULA defines the terms under which the copyright holder allows you to use their work, for which you may or may not have paid money for.

Just like the GPL.

Re:Uh, if I sell my PC with pirated windows

[DaHat]

Again... it is not clear that the copy of gpgv2 is in violation of the GPLv3.

Unless the code used to build it is different than that on some major repository or distro... they can simply point to that for the code in question.

If they modified it and are not making available their changes... then yes, they are in violation of any version of the GPL.

If you cannot use your own custom version of gpgv2 in place of what they are without their magic keys... then they would be in violation of the GPLv3.

Nothing said in the post indicates any of the three... and until it does, this is an accusation which needs to be proven by the accuser, not the accused.

Re:Yeah?

[SiChemist]

That is incorrect. The GPL puts no restrictions on use, ONLY on copying. Thus, it relies on copyright and not the (legally dubious IMO) EULA.

Re:Yeah?

[nosferatu1001]

SOmething they have no right to do, unless it is proffered up before a plain old sale is made.

Additionally: you appear to be clueless about what hte GPL actually does. THe GPL gives you rights to copy something you have acquired. EULAs attempt to restrict your rights to use the product you legally bought over the counter by pretending it is a "licence", and attempting to hold you to the terms of a contract you never saw.

More like Stallman's commandments

[judeancodersfront]

than bill of rights.
The FSF isn't at all democratic, what goes into the GPL is entirely up to Stallman.

TiVo has a valid point in securing their platform!

[Kaldaien]

TiVo would be obsolete if it publicly allowed modification of its software, because Cable Labs would withdraw TiVo's permission to transfer recordings in any capacity. And this capability is one of the reasons I will never use a cable company or IPTV's inferior DVR solution. The TiVo software is outdated (granted, I do not own a TiVo premiere, because without the OLED front display, I view it as a downgrade), but it still does what it does better than anything else on the market. I do not get why people rag on TiVo for this - all of my TVs all the way back to my 30" SONY Trinitron FD (circa 2004) run a Linux kernel, and none of them are modifiable either, yet nobody ever complains about that. I am sure SONY has sold more TVs running Linux than TiVo has subscribers, and SONY is not the only manufacturer to run Linux, so.... what gives?

Re:Reasonable expectations

[arose]

so why do people think they have a "right" to run modified code on a proprietary computer system?

Because the proprietor doesn't have the "right" to distribute GPLv3 code without following the terms of the license.

Re:Companies have become serious about GPL complia

[Aldenissin]

Bruce, I don't know much about this, and others have stated above that it is GPLv2 software. Do you think it is possible that it is GPLv3 software if there is a GPLv3 header? Does it even matter? I don't know what significance the header makes...

Either they are in violation, and need to come into compliance, or this smells of trolling to cause turmoil in FOSS-land. No better way to troll than to turn people against each other, for no good reason.

Re:Companies have become serious about GPL complia

[Bruce+Perens]

Rather than trolling, consider that it's from someone who doesn't like tivo-ization, and doesn't understand that much as some of us might like if it did, GPL2 doesn't give anyone the legal ammunition to go after tivo-ization. Next question: are sources provided correctly? That is something that can be enforced under GPL2.

Unless it contains a recent version of Samba, it is unlikely that there is GPL3 stuff in there. I didn't check, I'm working on other stuff today.

If the company or its attorneys need help with a compliance issue, I'm happy to look deeper. But I charge as much as their attorneys do for my expertise. If they don't need my help, I generally leave this stuff to Bradley Kuhn to handle.

Re:No GPL-3 software means no violation

[Fritzed]

Yes, because they totally came up with the idea of a touch screen interface and nobody had ever used a pinch to zoom gesture before. Troll some more?

Your post is nonsensical. There is no significant connection between interface design and choice of backend software licenses. In your world, I guess that everybody quit using Linux after Apple used BSD as the basis for OS X.

Re:Yeah?

[WNight]

Jealous much?

Re:Uh, if I sell my PC with pirated windows

[tibit]

It's pretty easy to figure out that the third is the problem: yes, you can't install any custom software on your boxee. End of story, gplv3 violation.

Re:Uh, if I sell my PC with pirated windows

[Obfuscant]

If you cannot use your own custom version of gpgv2 in place of what they are without their magic keys... then they would be in violation of the GPLv3.

I just read the GPLV3 and don't find a clear statement that you must be able to run the modified source code on the same system upon which the modified object code has been received. You must get source, yes. Must execute, I don't see.

I see a specific exclusion for user devices where "you" (the provider") also cannot modify and run the recompiled code. The specific example deals with code installed in ROM. Is this not a similar case, where even the modified code provider cannot modify the program and run it on that hardware (without having to make chages elsewhere, in non-GPL code?). They can modify the source, compile it, install it, but even for them it will not run unless other changes to the system are made.

Second, doesn't the GPL specifically deny any warrantee of any kind, even for "usability and fitness of purpose" or whatever, to anyone who modifies the code? If you modify the code and try to install it and it does not run, doesn't the GPL specifically release the provider from ANY requirement to support the modified code? Doesn't that mean "if you change it and it doesn't run, tough luck?"

I would be very scared of any code that says anything other than that last bit. I write code and send it off to other people, and routinely they are unable to get the unmodified code to work properly. The interface to something has changed, the database they are using is just a tiny bit different. So if GPLV3 says I must distribute anything I modify and MUST SUPPORT other people getting it to run, whether or not they changed anything, that's just too much of an exposure to accept. Yes, I know, if it is true, don't use GPLV3 code. But is it true?

Now, I understand that not providing the modified source is a violation, but does GPLV3 really make not being able to run code on a specific device a violation, too?

Re:Companies have become serious about GPL complia

[Bruce+Perens]

I'm told it's a GPL3 version of GPG. In that case, they'd have to remove the GPL3 version, and document their compliance with the remaining GPL2 software to the copyright holder (who would probably be represented by one Bradley Kuhn of the Software Freedom Conservancy and SFLC). Not the end of the world.

Re:Companies have become serious about GPL complia

[bug1]

"What a lot of companies are having problems with is establishing a compliance program ..."

Bruce, do you think companies made a genuine effort to establish a compliance program early, or is it more a case of them wanting to save money and try and get away with it, or at least delay the costs until a later stage ?

Im following up on a violation right now for a company right now, 6 months ago i queried them about "scripts used to control compilation and installation" i only recently got a response where they state it was an oversight. (pressuring the distributor seems to be the best way to get manufacturers to respond)

My experience is companies will ignore open source licenses (treat it as public domain) until its a threat. I struggle to think of any hardware companies (box makers) that have always dont the right thing.

What hardware companies would you consider open source friendly ?

Re:Yeah?

[huzur79]

You dense idiot, a EULA does not mean it has to put restrictions on use, it can also grant rights of use. The GPL is a EULA. It restricts those that do not want to follow the GPL and it grants rights and USE to those that respect the agreement. Do the world a favor and don't breed.

Re:Yeah?

[huzur79]

I would say hes the Antichrist of the Open Source world.

Just don't care

[huzur79]

As I don't support anything related to GPLv3 I just don't care. Its a flawed political license that has no place with open source or free software. I hope that it is tested in court a few more times and found to be invalid so it can just go away.

Re:Companies have become serious about GPL complia

[Bruce+Perens]

Regarding the violation, please notify Bradley Kuhn and do not publicly harangue them. It's my understanding that Bradley prefers to be the one to make the contact, rather than having the company dragged through publicity first.

I regularly speak to perfectly intelligent lawyers who work for companies with billions of dollars, and have trouble getting their companies to adopt a company-wide compliance program. When I had a management position with HP, I found that from my section-manager equivalent position it was very difficult to get the whole company marching in the same direction, even with support from higher-level executives. It was easier for me than it is for folks in some companies overseas, who will destroy their careers if they make the wrong step, regardless of whether they are right or not. Often they hire me to say things to their management that an insider could not say safely.

I am also available to talk to the company, but I'd try to sell them my own services to implement a compliance program. So, you can give me their name or not, as you please. Company email is bruce at perens dot com, and company phone is 510-4PERENS.

Thanks

Bruce

Re:Yeah?

[DarwinSurvivor]

Not sure where you live, but EULA's have been legally classified as UNENFORCEABLE in Canada since they are not presented at the time of purchase. Oh yeah, and if you pirate Windows, you are NOT violating the EULA since you were never presented with it. The person who uploaded it is violating their EULA (though that legally means nothing) and you are both violating *copyright*.

Re:Uh, if I sell my PC with pirated windows

[psmears]

I just read the GPLV3 and don't find a clear statement that you must be able to run the modified source code on the same system upon which the modified object code has been received. You must get source, yes. Must execute, I don't see.

It's there, in section 6:

“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.

Second, doesn't the GPL specifically deny any warrantee of any kind, even for "usability and fitness of purpose" or whatever, to anyone who modifies the code? If you modify the code and try to install it and it does not run, doesn't the GPL specifically release the provider from ANY requirement to support the modified code? Doesn't that mean "if you change it and it doesn't run, tough luck?"

Not quite. That disclaimer is saying "if the code doesn't perform in the way you want, you can't hold us responsible", and it applies whether you modify the code or not. There's a big difference between being able to run the code and it not working, and it not running at all. In the first case, if it doesn't work as I like, I can fix it. In the second case, I can't, and this is exactly what the GPL is designed to prevent.

I would be very scared of any code that says anything other than that last bit. I write code and send it off to other people, and routinely they are unable to get the unmodified code to work properly. The interface to something has changed, the database they are using is just a tiny bit different. So if GPLV3 says I must distribute anything I modify and MUST SUPPORT other people getting it to run, whether or not they changed anything, that's just too much of an exposure to accept. Yes, I know, if it is true, don't use GPLV3 code. But is it true?

No, it's not true. You don't have to guarantee that the code will work, in the sense of being free from bugs, but if you're distributing someone else's GPLv3 code, then you do have to guarantee that they can at least compile and run it... once it's running, it's up to them whether it works or not.

Now, I understand that not providing the modified source is a violation, but does GPLV3 really make not being able to run code on a specific device a violation, too?

If you sold the device with the GPLv3 code running on it, and won't let other people do the same with their modified versions, then yes.

Re:Uh, if I sell my PC with pirated windows

[exomondo]

If you cannot use your own custom version of gpgv2 in place of what they are without their magic keys... then they would be in violation of the GPLv3.

And that's exactly what the article says:
Contact D-Link AND Boxee and request the ability to modify the GPLv3 Software included in your Boxee Box. Specifically you require the OpenSSL keys to generate the signature files found in the boxee.iso firmware file, and the scripts and instructions for their use.

Yet you're saying "it is not clear that the copy of gpgv2 is in violation of the GPLv3", i think the article has made it quite clear.

Re:Uh, if I sell my PC with pirated windows

[exomondo]

I just read the GPLV3 and don't find a clear statement that you must be able to run the modified source code on the same system upon which the modified object code has been received. You must get source, yes. Must execute, I don't see.

It's quite clear:
"Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information.
Section 6. of GPLv3

Second, doesn't the GPL specifically deny any warrantee of any kind, even for "usability and fitness of purpose" or whatever, to anyone who modifies the code? If you modify the code and try to install it and it does not run, doesn't the GPL specifically release the provider from ANY requirement to support the modified code? Doesn't that mean "if you change it and it doesn't run, tough luck?"

Yes, that's correct.

Re:Uh, if I sell my PC with pirated windows

[Obfuscant]

It's there, in section 6:

Yes. The next paragraph, however, deals with the provider not being able to modify the object being distributed. The example is "in ROM", but that is not normative. If the provider cannot install the modified software either, then they meet the requirements of GPLV3, and in this case, he can't unless he also modifies non-GPL code.

It appears there is a requirement that the very next paragraph cancels. Yes, it also appears to be a violation of the spirit of the GPL, but the exception is arguable. How can the GPL force someone to modify code that is not released under that license?

No, it's not true. You don't have to guarantee that the code will work, in the sense of being free from bugs, but if you're distributing someone else's GPLv3 code, then you do have to guarantee that they can at least compile and run it... once it's running, it's up to them whether it works or not.

Which is it? Is it not true that I must support other people getting that code to run ("So if GPLV3 says I must distribute anything I modify and MUST SUPPORT other people getting it to run,...") or do I have to guarantee that they can compile and run it? I asked if it was true, you said 'no', and then told me I have to do exactly that which I asked about.

If I have to make sure that anyone who gets the code from me can compile it no matter what, then that's a really large support service I'm required to provide. The change I make may compile just fine under GCC 3.1 that I'm using, e.g., but fail under GCC 3.3, which is what the next guy in the chain uses. I've got to spend my time fixing every version issue just to make sure he can compile it? Wow. If none of the code compiles under 3.3 (or whatever the most recent version is), I'm stuck updating ALL the code so someone else can compile it? Why would any sane person accept such an open-ended support role?

If you sold the device with the GPLv3 code running on it, and won't let other people do the same with their modified versions, then yes.

Except for the exceptions.

Re:No GPL-3 software means no violation

[exomondo]

The fact they removed it in a software upgrade doesn't change the fact that a GPLv3-licensed binary was distributed: the fact that the binary is still on the machine (and able to be restored by a factory reset) actually proves that GPLv3 code is likely STILL being distributed.

How does that prove it's being distributed? They've actioned it by forcing a removal in a firmware update.

It's a lot more than a technicality. A common-sense interpretation of both the GPLv3 and case law says that there is an actionable claim here for a license violation.

Really? The resolution is either to release the "Installation Information" and source code, or to stop distributing the software, they've done the latter.

Re:-1 RTFM moderation?

[WNight]

Is anyone looking at some kind of moderation to flush that kind of post, such that we don't have to waste time with it?

Why, you some sort of censor? Ignore it, or better yet, get good at putting it in its place amusingly.

I'd rather deal with it here than be blindsided by it when trying to actually get something done. Here we get to hone our attacks and learn which way to best mock these people when we encounter them.

Re:Boxee Official Response

[openboxee]

Boxee has confirmed the presence of GPLv3 software distributed in the Boxee Box. In the response, it is noted that gpgv2 was included in a pre-release. This release is, however, the software that comes loaded on the device from retail. Is that a pre-release? In any case, gpgv2 itself was also released in subsequent firmwares. It has been removed from the current firmware, but other GPLv3 binaries are still being distributed in the current firmware. Every Boxee Box on the globe currently has GPLv3 software in it, in the factory-reset memory AND the currently running binaries. There are further now questions. Is yes-I-stole-the-candy-bar-but-I-did-not-eat-it-so-I-will-put-it-back-now-that-I-am-busted a valid argument? Can Boxee un-distribute the binaries already distributed? The GPLv3 binaries were not only in the pre-release version. They were in the release version. And the versions after that. And the CURRENT version. Can Pandora's Box be closed again? See below for details on the current version. Even if they delete the binaries in future releases, anyone can simply put them back into violation with a factory restore. Does Boxee have the right to change that factory restore firmware? Can Boxee reach into the homes of users and change devices the users paid for? Is "Yes we stole software but we want to make money" an adequate excuse? How does the US Government and Customs and Border Protection view Boxee making them implicitly profit (via import tariffs) from the import of software piracy? The full details are at http://infinityoverzero.com/bbox/ Openboxee

Re:Yeah?

[SiChemist]

According to the GPL:

"Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of running
the Program is not restricted, and the output from the Program is covered
only if its contents constitute a work based on the Program (independent
of having been made by running the Program). Whether that is true depends
on what the Program does."

So, not an EULA, a copyright license. Note the bold section (my emphasis) specifically says there are no use restrictions. Only copying.