Slashdot Mirror
Linux Developer McHardy Drops GPLv2 'Shake Down' Case (zdnet.com)
Former Linux developer Patrick McHardy dropped his Gnu General Public License version 2 (GPLv2) violation case against Geniatech in a German court this week. ZDNet explains why some consider this a big "win":
People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2. Patrick McHardy, however, after talking with SFC, dropped out from this diplomatic approach and has gone on his own way. Specifically, McHardy has been accused of seeking his own financial gain by approaching numerous companies in German courts. Geniatech claimed McHardy has sued companies for Linux GPLv2 violations in over 38 cases. In one, he'd requested a contractual penalty of €1.8 million. The company also claimed McHardy had already received over €2 million from his actions...
In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles of Community-Oriented GPL Enforcement. In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers' position. Kroah-Hartman wrote: "McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation...."
Had McHardy continued on his way, companies would have been more reluctant to use Linux code in their products for fear that a single, unprincipled developer could sue them and demand payment for his copyrighted contributions... McHardy now has to bear all legal costs for both sides of the case. In other words, when McHardy was faced with serious and costly opposition for the first time, he waved a white flag rather than face near certain defeat in the courts.
In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles of Community-Oriented GPL Enforcement. In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers' position. Kroah-Hartman wrote: "McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation...."
Had McHardy continued on his way, companies would have been more reluctant to use Linux code in their products for fear that a single, unprincipled developer could sue them and demand payment for his copyrighted contributions... McHardy now has to bear all legal costs for both sides of the case. In other words, when McHardy was faced with serious and costly opposition for the first time, he waved a white flag rather than face near certain defeat in the courts.
So if some companies are patent trolls, does this make him a FOSS troll?
Glad he's "out" because his actions definitively didn't reflect the goals of open source software.
AC comments get piped to
./ refresh is slow
AC comments get piped to
"We can go to court for $2M in damages or you can hire me for a fixed sum of $500k to get your code in compliance." That would likely have gotten a lot more bites.
licenses? If he was doing that and somebody flaunted his model I'd be on his side. Still, if he dropped the suit that's probably not the case. I would have expected him to stand his ground in that case.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
There is nothing wrong with suing to enforce license terms to get back some of the money that his software is earning corporations for nothing, had he been the sole proprietor of the source code and intellectual property involved. "companies would have been more reluctant to use Linux code in their products for fear that a ... developer could sue them..." Oh boo-hoo, if you don't like it go write your own operating system or, better yet, read the damn license.
This is why Richard Stallman insists on signing over copyright to the FSF before taking your code. It always seemed legally very messy that Linux was in the legal hands of thousands of separate developers. This is why that is a bad idea.
The action was found to be unprofitable in German courts, largely because it is less time consuming and costly to oppose these kinds of legal shakedown attempts there. Also, if you win in the German courts, you will typically have your legal costs paid. There is still a very real danger that someone could successfully do something like this in the US. There, someone resisting the legal blackmail, is never going to get reimbursement of their costs in winning the case (which in the US, unlike in Germany, can be a fortune) after years of litigation.
before violating the GPL? Good, it's not like the GPL is some archiac EULA wrapped up in impenetrable legalese. I'm Fucking sick and tired of companies ignoring the GPL and launching crap products that are, or will soon be out of date, full of security holes, and a threat to the rest of us online. Linux is now the go-to OS in every 32 or 64 bit architecture outside of the desktop space, I'm much more worried about un-servicable crap being released than I'm worried about market-share.
Is this the source code you're complaining about them not releasing?
https://www.dji.com/mobile/ope...
https://github.com/MAVProxyUse...
This case seems to be quite clear a shakedown case.
I do feel though that Linux developers are quite on the other extreme with almost no litigation.
For years, even untill now, the grey area of NVidia drivers could exist. If the GPL is enforcable, those drivers should be disallowed, or be made GPL.
The case is even worse in the ARM ecosystem, where GPL drivers get copied into closed source drivers. That is really bad for users. That situation just continues on for years, with no end in sight.
I am siding more and more with the somewhat more idealistic stance of the FSF, instead of the lax 'pragmatism' of Linux, which is just a free for all.
Well, don't worry about that. We can get you back before you leave. (Dr. Who)
The judge indicated he thinks the Linux Kernel copyright for the whole Kernel is with Linus only. This guy then withdraw his suit. Yes, you need standing, but whether you have it or not is determined during the legal proceedings by the court. Of course, if they find you did not have standing, you pay the legal costs of the other side. There is an exception: if you obviously have no standing, then the court does refuse to hear your case.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Since GRSecurity is a snake-oil vendor these days, probably nobody cares enough.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
He could have beaten that finding on appeal - Linus clearly doesn't require or accept copyright assignment.
I doubt this guy is done. I like the goal of the GPL but the means are nasty statist shakedowns. The only reason GPL works (differentially to MIT/BSD) is because of threats of assholes like McHardy, so if you like the GPL you pretty much need to accept his actions. If you don't think such actions are acceptable then that leaves you with weaker licenses to choose from. I've been putting my code under WTFPL 2.0 for a few years because I don't think the ends justify the means.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
You don't have to worry about getting sued by a "rogue developer" for violating the GPL if you don't violate the GPL. He removed all those companies in the targeting phase. I doubt it's a frivolous lawsuit. FSF, SPLC, etc., enforcement is basically corrupt, because it's driven by an inner cadre of developers that wants to maximize their personal profit by working as mercenaries for corporations that prefer to retain some wiggle-room to scoff at the GPL and not get "snitched" on.
Maybe the tradeoff is good. We want developers to get paid, especially really smart ones.
But it is corrupt, not principled.
Look at the incredible costs of Linus's "interpretation" of the GPL, that binary modules do not need to follow it. This interpretation is not reasonable because it's only LGPL that draws a line at linking. Across execution, between Linux kernel and a userland process, there is an extremely stable ABI. Across loading a module, there's no ABI, not even to the extent there is between a program and libc.so, but even if there were, it would only count for an exemption under LGPL.
The consequence of the unreasonable interpretation is de-facto TiVo-ization of everything. Every embedded vendor always makes some binary module and does not release source for it. For some CPUs, the entire CPU is TiVo-ized: Qualcomm releases forked kernels with mandatory blobs for their phone CPUs and doesn't update them. No one else can update them, either. Attempting to leads to revision control hell, or is simply impossible. It's responsible for the miserable state of Android security. It's a huge loss in software freedom that companies like Jolla are running up against: they can install on Sony Xperia X, but they can never change the Android kernel that shipped with it.
We need to start cracking down on these guys. Get rid of Linus's "interpretation" and the module exemption. Just announce, "as of kernel 4.x.y, GPL applies to modules, and we will enforce." And set "community standards" that focus more on high compliance than adoption because Linux no longer has an adoption problem but has a huge compliance problem.
I agree with the general framing that it's a positive thing Linux is bargaining collectively and that Linus can have "interpretations" that have some weight. It provides agility and reasonableness. And it is SPLC's recommendation that large projects form a nonprofit and get copyright assignment from contributors, a recommendation Linux itself didn't follow because it's too old to have thought things through, which permits these "rogue" litigants. However in this case I think the "rogue" litigant has the correct view and that the collective bargaining has been massively misused by a corrupt, ossified inner circle, for whose technical contributions I am grateful but whose legal/political skill I consider overconfident and naive.
In the German legal system you do not get an automatic appeal. I am not sure what the conditions are on a case like this for the judge to allow an appeal.
So far the only larger thing I needed a license for was an FAQ, and I put that under a CC variant that allows derived works but requires attribution. For code I usually use what the surrounding system does, or the modified BSD license (i.e. requires attribution, but do with it what you like otherwise). I am not too sure the GPL actually achieves its purpose either. Time will tell. In some sense, requiring attribution solves a part of the problem, namely the availability of the original sources. Modifications are a problem in any commercial setting though, especially as people use copyright to nail down (sometimes extremely obvious) engineering ideas as "theirs". That is extremely bad as it hampers progress.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.