Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Open Source Security' Loses in Court, Must Pay $259,900 To Bruce Perens (theregister.co.uk)

Posted by EditorDavid on from the orders-in-the-court dept.

Bruce Perens co-founded the Open Source Initiative with Eric Raymond -- and he's also Slashdot reader #3872. Now he's just won a legal victory in court. "Open Source Security, maker of the grsecurity Linux kernel patches, has been directed to pay Bruce Perens and his legal team almost $260,000 following a failed defamation claim," reports The Register. Slashdot reader Right to Opine writes: The order requires Spengler and his company to pay $259,900.50, with the bill due immediately rather than allowing a wait for the appeal of the case. The Electronic Frontier Foundation's attorneys will represent Perens during OSS/Spengler's appeal of the case.

Perens was sued for comments on his blog and here on Slashdot that suggested that OSS's Grsecurity product could be in violation of the GPL license on the Linux kernel. The court had previously ruled that Perens' statements were not defamatory, because they were statements by a non-attorney regarding an undecided issue in law. It is possible that Spengler is personally liable for any damages his small company can't pay, since he joined the case as an individual in order to preserve a claim of false light (which could not be brought by his company), removing his own corporate protection.

11 of 141 comments (clear)

  1. A Message From Bruce Perens by Bruce+Perens · · Score: 5, Informative

    I am very lucky to have my attorneys from the Electronic Frontier Foundation, and my attorneys from O'Melveny and Meyers who won the lower court case and will continue to help EFF during the appeal.

    My attorneys have requested that I not comment about the case at this time. Obviously, I'd love to discuss it with you sometime, when it's all over.

    Valerie, Stanley and I are doing well and send you our best wishes.

    Thanks

    Bruce

    --
    Bruce Perens.
    1. Re: A Message From Bruce Perens by Bruce+Perens · · Score: 5, Informative
      Nothing here says that Perens made a cent for being sued. It says in the court papers

      that his lawyers worked for about 900 hours and were paid for about 450 of them, at fair rates for lawyers.

      --
      Bruce Perens.
    2. Re:A Message From Bruce Perens by WindBourne · · Score: 4, Insightful

      Some of you trolls are real assholes. Bruce has worked tirelessly on the OSS world. His name is obviously well known amongst the top 10 in it.
      For some of you to rip into him, is just sad.

      /.,
      Seriously, it is long past time to make the code so as to lower the trolls. Make it so that unless we are moderating, that we can skip ACs below a certain point. Hey, if a moderator brings them up to say 2 or 3, I will want to see them. OTHERWISE, why bother. I get sick of reading so many lies and crap from the trolls.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    3. Re: A Message From Bruce Perens by thegarbz · · Score: 4, Funny

      The family members don't generally think of each other as security threats. :-)

      One thing I've learnt from having a sister and a mother, family are the WORST security threats :-)

      All the best with the rest of the proceedings.

  2. Half of Legal Fees by mentil · · Score: 3, Interesting

    According to TFA, the $260k was awarded due to California's anti-SLAPP law. However, this is half of what Perens asked for to cover legal fees. I'm really wondering why he chose to spend over $500k on lawyers, for a defamation and business interference case. Surely the default judgement wouldn't even be that much money? Posting a comment to slashdot leads to half a million dollars in legal fees for the poster? Doesn't anyone else see this as insane? Imagine how many slashdotters would be bankrupted daily by various posts about Theranos, Microsoft, Systemd, Yahoo, Google, or various government officials, if robo-lawyers automatically filed charges for every arguably-defamatory post about them, leading to $500k legal fees each.

    --
    Corruption is convincing someone that the selfless ideal is the same as their selfish ideal.
  3. Re:GR Security now judged illegal? by Entrope · · Score: 4, Insightful

    "Bruce Perens defamed the plaintiffs" and "the plaintiffs violated copyright law" is not a true dichotomy. Zero, one, or both statements could be true in the abstract. This court case only resolved the first question.

  4. I think that's the point by rsilvergun · · Score: 5, Insightful

    He's standing up not just for himself but everybody.

    --
    Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
  5. Re:grsecurity by phantomfive · · Score: 4, Informative

    Grsecurity likes to claim they are secure, but at DEFCON last year, someone looked into it, and hacked it pretty easily, even installed DOOM on the device running it.

    --
    "First they came for the slanderers and i said nothing."
  6. Re:GR Security now judged illegal? by Xtifr · · Score: 3, Informative

    If the patches are not in compliance with the GPL, then they're being distributed in violation of copyright law. Which is illegal, last I checked.

    The GPL doesn't have to be "codified into law", because nothing else gives you permission to distribute the code in question. The only purpose of the GPL, really, is to provide people with a defense against infringement charges by the copyright holders. And technically, it contains no restrictions at all--it simply has limits on the otherwise-illegal things allows you to do. Anything copyright law allows, the GPL allows. So the only way to "violate the GPL" is to do something against the law.

    That said, we still have no idea whether GR Security is violating the GPL (and thus copyright law). All we really know is that Bruce is entitled to his opinion.

  7. Re:uhh by Xtifr · · Score: 3, Funny

    Now children. Behave yourselves. :p ;)

  8. Not defamation, but still a bad policy by Wrath0fb0b · · Score: 4, Interesting

    Just to get this out of the way, while I disagree strongly with Bruce about the merits of his claim, I do not in any way support the defamation claim against him for saying it. A differing view is not the same as a defamatory statement.

    That said, the idea that a set of modifications to a copyright product, distributed separately, constitutes a derivative work is terrible policy and is philosophically counter to the 'freedom to tinker' that the tech community holds dear. I don't know if it is is the law right now (and absent. a very expensive test case, we aren't likely to find out), but just as a matter of policy I think it would be a Very Bad Ideaâ.

    Consider, for instance, a student or researcher that patches the software in a commercial digital microscope to improve image quality or performance in a fashion. Let's further suppose they release the patch under some F/OSS license both to benefit other users of the product but also as part of disclosing their methods for the purpose of scientific integrity and reproducibility. It's undisputed that the company selling the microscope retains copyright. in the original software, but under Perens' claim they also have rights to the patch as a derivative work.

    To me, this cannot be right. A modification to a work, distributed separately, is not derivative. It is not a copy with some changes, it is just the changes. To say that one violates copyright without distributing a single bit of the underlying work inflates the power of rights holders at the expense of everyone else, in a regime that's already quite solicitous of the rights holders.

    [ Of course, GRSecurity are not the greatest poster boys for this claim. But bad examples should not make bad policy. The claim here is a one that has broad implications beyond the individual lawsuit-happy jerks involved this time. ]