Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux Developer McHardy Drops GPLv2 'Shake Down' Case (zdnet.com)

Posted by EditorDavid on from the not-making-your-case dept.

Former Linux developer Patrick McHardy dropped his Gnu General Public License version 2 (GPLv2) violation case against Geniatech in a German court this week. ZDNet explains why some consider this a big "win": People who find violations typically turn to organizations such as the Free Software Foundation, Software Freedom Conservancy (SFC), and the Software Freedom Law Center to approach violators. These organizations then try to convince violating companies to mend their ways and honor their GPLv2 legal requirements. Only as a last resort do they take companies to court to force them into compliance with the GPLv2. Patrick McHardy, however, after talking with SFC, dropped out from this diplomatic approach and has gone on his own way. Specifically, McHardy has been accused of seeking his own financial gain by approaching numerous companies in German courts. Geniatech claimed McHardy has sued companies for Linux GPLv2 violations in over 38 cases. In one, he'd requested a contractual penalty of €1.8 million. The company also claimed McHardy had already received over €2 million from his actions...

In July 2016, the Netfilter developers suspended him from the core team. They received numerous allegations that he had been shaking down companies. McHardy refused to discuss these issues with them, and he refused to sign off on the Principles of Community-Oriented GPL Enforcement. In October 2017, Greg Kroah-Hartman, Linux kernel maintainer for the stable branch, summed up the Linux kernel developers' position. Kroah-Hartman wrote: "McHardy has sought to enforce his copyright claims in secret and for large sums of money by threatening or engaging in litigation...."

Had McHardy continued on his way, companies would have been more reluctant to use Linux code in their products for fear that a single, unprincipled developer could sue them and demand payment for his copyrighted contributions... McHardy now has to bear all legal costs for both sides of the case. In other words, when McHardy was faced with serious and costly opposition for the first time, he waved a white flag rather than face near certain defeat in the courts.

12 of 53 comments (clear)

  1. FOSS troll? by Sebby · · Score: 4, Interesting

    So if some companies are patent trolls, does this make him a FOSS troll?

    Glad he's "out" because his actions definitively didn't reflect the goals of open source software.

    --

    AC comments get piped to /dev/null
    1. Re:FOSS troll? by Kjella · · Score: 3, Insightful

      So if some companies are patent trolls, does this make him a FOSS troll? Glad he's "out" because his actions definitively didn't reflect the goals of open source software.

      Well as Linus himself has pointed out with regards to the GPL, you don't have to agree to the principles behind it just the actual text of the license. Yes, he's being non-cooperative and he's prosecuting every violation to the full extent of the law, but from my reading his copyright was actually violated. He just took the injunction one step too far to include all copies of Linux and not just the violating copies of Linux containing his code, like he's not a "co-author" that all versions of Linux derives from. He made a contribution and that branch forward is "poisoned" with his code, not the whole tree.

      --
      Live today, because you never know what tomorrow brings
    2. Re:FOSS troll? by msauve · · Score: 4, Insightful

      "his actions definitively didn't reflect the goals of open source software."

      And not providing source simultaneously with a distribution is?

      To support the "goals of open source software", which by its very definition is that the source be open, some organizations should be forced to pay up the wazoo.

      I'm thinking specifically of one major manufacturer of Android phones which has a penchant for not releasing the required Linux kernel source for months after they start selling a product. But, the penalty doesn't need to be financial. If you read the GPL, a violation can prevent them from using Linux ever again. That threat should wake them into compliance. Paying a few million to a single developer to keep a multi-billion dollar revenue stream from stopping dead seems like chump change.

      --
      "National Security is the chief cause of national insecurity." - Celine's First Law
    3. Re:FOSS troll? by tomxor · · Score: 3, Insightful

      Paying a few million to a single developer to keep a multi-billion dollar revenue stream from stopping dead seems like chump change.

      People don't have issue with the companies being forced to pay up, the issue is with the individual collecting for substantial personal gain - it's akin to a corrupt tax man, the tax is for the people, but he's just taking it all for himself rather than slicing his pay out of it. This is why non profit organisations like the FSF or FSC should always be in charge of this method, any entity that is legally bound to appropriate the funds for the benefit of the project.

      You are absolutely correct about the penalty not having to be financial, the whole purpose of GPL is to help the code grow and make sure everyone can always use it... but in the case where it must be settled financially it can also be used for the same goals by funding developer(s) to support the code - however funding a single developer millions of euros does not do that.

  2. Richard Stallman by countach · · Score: 5, Informative

    This is why Richard Stallman insists on signing over copyright to the FSF before taking your code. It always seemed legally very messy that Linux was in the legal hands of thousands of separate developers. This is why that is a bad idea.

    1. Re:Richard Stallman by Nicopa · · Score: 2

      That is not a problem at all. If the FSF did something the community didn't approve, the community would then be able to go elsewhere and stop assigning copyright to the FSF for new additions. The FSF would "own" an ancient version of the software.

    2. Re:Richard Stallman by Anonymous Coward · · Score: 5, Insightful

      Except that the FSF could then do anything with the code, including change the license to a proprietary license if they wished. Yes, all already released versions would stay GPL, but future versions could be any license they wished.

      One example is moving the code to GPLv3 while lots of developers still prefer GPLv2.

      Except that Stallman foresaw that and the assignment agreement that the FSF provides ensures that they have to continue to release the software under similar terms to the ones it's currently released under. It's always amazing how much thought the Free Software Foundation have put into things and how often they turn out to be right with exactly the things they are criticised for. I'd guess many of us will end up wishing we had adopted the AGPLv3 in a few years time.

  3. German court by Mostly+a+lurker · · Score: 2

    The action was found to be unprofitable in German courts, largely because it is less time consuming and costly to oppose these kinds of legal shakedown attempts there. Also, if you win in the German courts, you will typically have your legal costs paid. There is still a very real danger that someone could successfully do something like this in the US. There, someone resisting the legal blackmail, is never going to get reimbursement of their costs in winning the case (which in the US, unlike in Germany, can be a fortune) after years of litigation.

  4. Making companiies think twice... by WorBlux · · Score: 4, Insightful

    before violating the GPL? Good, it's not like the GPL is some archiac EULA wrapped up in impenetrable legalese. I'm Fucking sick and tired of companies ignoring the GPL and launching crap products that are, or will soon be out of date, full of security holes, and a threat to the rest of us online. Linux is now the go-to OS in every 32 or 64 bit architecture outside of the desktop space, I'm much more worried about un-servicable crap being released than I'm worried about market-share.

  5. Re:GRSecurity proves the GPL is toothless. by gweihir · · Score: 2

    Since GRSecurity is a snake-oil vendor these days, probably nobody cares enough.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  6. Re: What about standing? by bill_mcgonigle · · Score: 2

    He could have beaten that finding on appeal - Linus clearly doesn't require or accept copyright assignment.
    I doubt this guy is done. I like the goal of the GPL but the means are nasty statist shakedowns. The only reason GPL works (differentially to MIT/BSD) is because of threats of assholes like McHardy, so if you like the GPL you pretty much need to accept his actions. If you don't think such actions are acceptable then that leaves you with weaker licenses to choose from. I've been putting my code under WTFPL 2.0 for a few years because I don't think the ends justify the means.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  7. hey, companies: have you tried not violating GPL? by Anonymous Coward · · Score: 2

    You don't have to worry about getting sued by a "rogue developer" for violating the GPL if you don't violate the GPL. He removed all those companies in the targeting phase. I doubt it's a frivolous lawsuit. FSF, SPLC, etc., enforcement is basically corrupt, because it's driven by an inner cadre of developers that wants to maximize their personal profit by working as mercenaries for corporations that prefer to retain some wiggle-room to scoff at the GPL and not get "snitched" on.

    Maybe the tradeoff is good. We want developers to get paid, especially really smart ones.

    But it is corrupt, not principled.

    Look at the incredible costs of Linus's "interpretation" of the GPL, that binary modules do not need to follow it. This interpretation is not reasonable because it's only LGPL that draws a line at linking. Across execution, between Linux kernel and a userland process, there is an extremely stable ABI. Across loading a module, there's no ABI, not even to the extent there is between a program and libc.so, but even if there were, it would only count for an exemption under LGPL.

    The consequence of the unreasonable interpretation is de-facto TiVo-ization of everything. Every embedded vendor always makes some binary module and does not release source for it. For some CPUs, the entire CPU is TiVo-ized: Qualcomm releases forked kernels with mandatory blobs for their phone CPUs and doesn't update them. No one else can update them, either. Attempting to leads to revision control hell, or is simply impossible. It's responsible for the miserable state of Android security. It's a huge loss in software freedom that companies like Jolla are running up against: they can install on Sony Xperia X, but they can never change the Android kernel that shipped with it.

    We need to start cracking down on these guys. Get rid of Linus's "interpretation" and the module exemption. Just announce, "as of kernel 4.x.y, GPL applies to modules, and we will enforce." And set "community standards" that focus more on high compliance than adoption because Linux no longer has an adoption problem but has a huge compliance problem.

    I agree with the general framing that it's a positive thing Linux is bargaining collectively and that Linus can have "interpretations" that have some weight. It provides agility and reasonableness. And it is SPLC's recommendation that large projects form a nonprofit and get copyright assignment from contributors, a recommendation Linux itself didn't follow because it's too old to have thought things through, which permits these "rogue" litigants. However in this case I think the "rogue" litigant has the correct view and that the collective bargaining has been massively misused by a corrupt, ossified inner circle, for whose technical contributions I am grateful but whose legal/political skill I consider overconfident and naive.