This was my first thought upon reading this article. With a proper backup procedure, doing nightly incremental backups or such, an 'undelete' would simply require someone to go fetch the material from backups.
Unfortunately, this is really only practical for Linux server installations, which is the only place backups occur in the real world. For Joe User sitting at home playing on his shiny new Linux box, backups are not going to happen.
Perhaps we just need a better way of making backups a second-nature thing for a filesystem. Perhaps as "free" or reserved disk space permits, journal all changes and/and deletions to the filesystem as far back as we can go. Allow the user to save this journal (or pieces of it) to permanent storage trivially, giving him a backup. *shrug*..
According to me. I have tracked two spammers back to networks where the operator has indicated that the only likely way he got in was through his wireless LAN (both in large downtown settings).
I have also assisted in tracking a DoS attack that originated at an airport's wireless LAN.
I have not read any articles suggesting this is happening, so I'm not sure what quote you're referring to.
These things are happening today, even though it hasn't apparently been in the news.
802.11 just put authentication mechanisms on their SMTP server
You're overlooking a major component of this article, though. Only a tiny percentage of the Wi-Fi user-providers is going to have the means or expertise to do this! Most of what we're talking about here is every Joe User that feels he has some bandwidth to spare/share sets up his access point to allow others in. These are not going to be spam-proofed or DoS-proofed networks.
Hell, how many of the real ISP's/NSP's have their mail servers secured or basic firewalling set up to prevent spoofed DoS attacks?
DoS attacks rely on r00ting lots of machines on well connected networks
Not all of them. If you have a high-bandwidth wireless LAN at your disposal, you can fairly easily overwhelm even some broadband connections without needing to spoof anything or rely on a zillion DoSbots.
THIS IS HAPPENING TODAY.. The DoS attack I was referring to earlier actually happened last year. While it's possible many of these larger-scale Wi-Fi configurations have been or will be secured by the operators, we're talking here about "everybody" opening up their own individual Wi-Fi networks. There will be no corporate funding to get all of these operators trained to handle this.
This is impractical for anything but a small local network. For some, this may be perfectly sufficient and could be a great "community" project.
802.11 cannot handle routing over any significant distance, though. You generally need a wired backbone to shuttle traffic between wireless "pads" to have any sort of decent response time. ISP's aren't going away just yet.
I use VoIP over my Wi-Fi network. RSVP, QoS and traffic shaping can guarantee bandwidth for VoIP needs. The only unresolved issue is that of roaming between networks. SIP, however, can easily be used to re-negotiate an established VoIP call, including moving the voice channel to another IP address. This isn't a solution out of the box, since the network change is happening at a layer higher than IP, but the point is that all of the issues we have today with getting something like this working are not unsolvable.
Broadband companies are not going to allow people to share their badnwidth over a large urban area like this.
Sure they will. They'll just make people start paying for the amount of bandwidth they (and the general public piggy-backing) use. Once the "unlimited use" of bandwidth gimmick ceases to be profitable, it will go away.
At least for those that are exceeding some "normal user" value.
Umm... Aren't you still responsible for the data going out over your Access Point? If some script kiddie living next door sets up camp from his bedroom and starts sending out spam while using your Internet connection, you are going to be the one that gets shut down.
This is a point that I haven't seen a good response to yet. I would never offer up my Wi-Fi network to the general public without a mechanism to identify and combat abuse. Are you going to leave it up to the individual operators to police their wireless "pad"? That is never going to work!
Spammers specifically are already starting to abuse open Wi-Fi networks. It's now become impossible to identify, track, and shut them down. Is this environment really what "free Wi-Fi" is all about?
If you thought spam and DoS attacks were a nuisance in the past, you're about to see how bad it can really get.
Though, at a radio station I used to work at (AM), they had some very old equipment there. They would announce over the air that they broadcasted at 10kW. And, indeed, on one of the old refrigerator-sized transmitters, there was a big black dial pointing to "10 kW". So not everyone markets with ERP. (Or maybe they just can't..)
Correct, he was saying 50k-100k "per hour", which isn't really sensical.. It's like saying, "I can run 5 miles per hour, per hour."
Electric companies typically bill you in kilowatt-hours. My last bill was ~ 8.5 cents per kW-hr. A 100kW broadcast will consume 72,000 kW-hr each month, which would cost some $6,000 at my residential rates.
say v. tr. 5. To report or maintain; allege. 6. a. To indicate; show: The clock says half past two. b. To give nonverbal expression to; signify or embody: It was an act that said "devotion."
I'm not sure I understand how your comment relates to mine. I was specifically referring to potential code modifications a company may wish to make with GPL'd software.
For example, I have seen Apache authentication modules in a corporate environment that "hook in" to a proprietary authentication system within the company. This code is based on GPL'd code, but the additions are proprietary.
If the GPL is to be interpreted the way some of you are saying, then this company would be prohibited from even passing this code around the company for use, since it would permit any Joe Employee to release it to the general public, which could potentially be very bad.
This is probably a poor example, but it should illustrate the issue. If companies were obligated to release all of their copyrighted code along with any modifications they make to GPL'd software just by trying to use that software internally, nobody would use GPL'd software in this capacity, and that is not what the authors of the GPL ever intended. They want companies to be able to make proprietary modifications to GPL'd code. Only when that company decides to try and sell (or give away) that software (i.e. to others outside the company, obviously) should they be required to send the code along with it.
The relationship of a beta tester to the company is at most a contract. The beta tester is a completely separate entity.
They are signing "an NDA", which could easily include clauses or other contracts outright that could quite easily classify the tester as an agent of the company. That's the big question here.
You can call it whatever you want out loud, but it's the contents of those NDA's and other contracts the participants have to sign that will be the deciding factor here..
This is a very good point, but compare your analysis with the real world and the intent of the GPL here.
The GPL was designed so that companies could make use of GPL'd software and modify it to suit their purposes without having to worry that they'd be required to divulge trade secrets or proprietary code, unless they wanted to sell/give away that software.
By your logic here, these ramifications extend far beyond a simple closed beta. You're essentially saying companies cannot make any meaningful use of customized GPL'd software in their company without being forced to release those changes.
This is not in the spirit of the GPL and is not what happens today. A lot of companies would be in violation of the GPL if this were intended to be its interpretation, and a lot of companies would shy away from customizing GPL'd software for their own needs out of fear that they'd have to release details about some proprietary/secret aspect of their business, even though they have no intention of selling the software or giving it away.
Consider storing data using servers local to your Internet provider (or company). This data could either be placed in LDAP-style servers, or in XML over HTTP. A mechanism could be designed whereby you establish your identity using your e-mail address (e.g. joe@example.com), name servers query ns.example.com for information about this service (using SRV records perhaps).
So when you get a new cell phone, you'd tell it your e-mail address, and maybe given it a password, and it'd go fetch the information about you and store it into the phone, perhaps refresing it at intervals (or for every session).
When 3rd parties query this server for information about you, they do so over a two-way authenticated SSL session. You either arrange in advance, or in response to the request, to allow these bits of data to be accessible to the requestor. Maybe exchange P3P-style policies first.
You could implement this in HTTP by storing different "units" of information in XML under different URI's, and apply different ACL protection over each URI. You could either explicitly whitelist certificates beforehand, or use a combination of certifiate + a password that the 3rd party provider passes through to pull the requested data.
Updates could be handled in a similar fashion. If you trust a 3rd party to update certain information on your behalf, perhaps using your own SSL certificate, you could let that happen too.
A closed beta recipient is (generally) not being paid by the company
Compensation need not be in the form of money. The compensation here could easily be the "sneak preview" that the testers receive. If the participants got nothing back, few would want to be testers.
Of course, if they have a heavily modified KDE, then they would NOT be able to keep their beta testers from redistributing that, including their modifications.
There's no "of course" about it. The answer to this question depends on the first: whether or not the contractual agreement (NDA, etc.) the testers make qualify them as agents of the company. If they don't, then I agree, but if they do, then redistribution depends on the terms of that contract. The terms of the license (whatever style license it is) apply to the company here, remember.
However, you can't give your specially tweaked version of the kernel to someone under the condition that they have to keep it hush-hush.
Absolutely correct. But if a company is developing a tweaked version of the kernel for use internally with their servers, those "tweaks" are copyrighted by the company. Just by passing this new kernel around, getting it deployed, or getting other developers in the group to participate, there is no redistribution going on in the context of the GPL.
Now, if you were an employee and received one of these tweaked kernels, you would not be permitted to simply redistribute it, since you do not own the copyright on the code that the company wrote. If the company decided they wanted to redistribute it (i.e. to entities not working for the company), they'd have to do so under the terms of the GPL and would then be obligated to distribute the source as well.
I think many of us are working under the assumption that some aspects of this UL work do have portions copyrighted by UL. Until UL decides to release this to people not acting as agents or employees of UL, their copyrighted portions cannot legally be redistributed.
However, any GPL code that they modified does not belong to them exclusively - they cannot release it under an NDA unless every previous author grants them a liscense to do so.
Correct, but again, I think you're overlooking a vital fact here: employees or agents for a company are not individuals. If someone downloaded GPL'd software on behalf of the company, the company received that software (and is the "recipient" in the context of the license), not the individual. When the company adds code or otherwise creates a derivative work, they can do whatever they want with that so long as it doesn't leave the company.
The real question is whether or not a closed beta does indeed qualify the participant as an agent of the company. If it does, the software never changed hands: it remained within the company, no redistribution occurred, and no GPL requirements were violated.
only someone with something to hide, or pure scumbags do the closed/NDA thing....
I don't really understand this attitude. Lots of corporations make use of GPL'd software internally for their own purposes. This is the beauty of the GPL: people can modify it to suit their own needs.
If companies were required to redistribute modifications whenever this application was deployed internally, GPL'd software would never be used in this capacity. No company wants to be forced to give out source code to the general public just for wanting to use that software internally. That's neither the intent of the GPL nor is it in the spirit of it.
Contract law recognizes corporations as individuals. When you're acting as an agent or employee of a company, YOU downloaded nothing. The COMPANY did. The company is the recipient in the context of the license, and until the company releases a piece of software, they have no obligations under the GPL to release code with it.
If you are acting as an agent or employee of a company, and you receive software from a fellow employee, the company received software from itself. In other words, no redistribution has occurred. I can transfer a copy of software from my right hand to my left hand without ever being accused of giving it to someon else.
The concept of a closed beta generally means you have volunteered your time for the company. You are now an agent of the company authorized to perform work (testing) in exchange for the preview. As an agent of the company, software you receive from the company has never changed hands.
This isn't a matter of someone's "opinion" on what redistribution means. These are very standard concepts in the world of contract law. Please consult a lawyer if you are uncertain.
If anything, the true question here is whether their NDA/other contracts do indeed qualify the participant as an agent of the company. I can see a fairly solid case indicating that they are, but not a water-tight one.
But does it REALLY matter? When they end up releasing their finished product complete with code, is everyone still going to be so pissed with these guys for not releasing the code earlier? Come on..
If this were true, GPL'd code would almost NEVER find use in a corporate environment. The biggest seller for GPL'd code is that people can modify it to suit their own needs. If a company wishes to use GPL'd code with their proprietary environment, it's quite likely some modification of that GPL'd code would be desirable to make it more compatible with that environment. If you were to force that company to release its changes, they'd have to release proprietary (and potentially trade secret) data.
No company is going to want to open themselves up to that kind of thing.
The fact is (as others have indicated), employees or agents of a company can *not* act as individuals when they're on the clock (and occasionally off-the-clock). If you're downloading GPL'd software on behalf of the company, YOU did not receive the software. The COMPANY did. The "recipient" of that software is the company, not you. Any changes you or other employees or agents make on behalf of the company are copyrighted by the company, and you have no rights to redistribute that until the company says you can. If the company decides to release a finished product to entities outside of that company, they're obligated under the GPL to release their modifications with it, but so long as you're acting as an agent or employee of that company, you cannot interpret the license as applying to you individually.
I would completely agree with you, if users were just being told to sign NDA's. But the concept of a "closed beta" is such that you are volunteering your time to test software for a company, in return for getting a nifty preview. In other words, you've become an agent acting on behalf of the company. You are no longer an independent user receiving software released from a company, you are acting in a limited capacity *as* the company. As a result, there is no redistribution going on.
A "recipient" is not explicitly defined to be a human being. Corporations enjoy status as individuals just as people do. You can license software to corporations, and the corporation is what ends up taking possession of the software. People acting as agents or employees of a company do not receive individual rights to software licensed to the company (which is what's happened here).
You are *perfectly* free, however, to go download the same GPL'd software on your own time and do whatever the hell you want with it. But don't expect to be able to include your company's copyrighted code in your derivative until your company has released that code.
So long as a piece of code remains within a company or organization, it's not redistribution. It is a company that takes posession of GPL'd code, not individuals that happen to have a business relationship with one another. As far as contracts or licenses are concerned, a corporation is a single distinct entity, and employees of that corporation operating as employees or agents of that corporation are not "individuals" that can extend license agreements to apply to themselves individually.
I cannot buy software on behalf of the company and interpret the terms of the agreement to mean that I can take it home and start using it for my personal purposes.
By participating in a closed beta, you are acting as an agent of the company. The software is not being redistributed here.
This issue has come up time and time again on Slashdot, and every time, we hash out these same arguments.
Slashdot Mirror
This was my first thought upon reading this article. With a proper backup procedure, doing nightly incremental backups or such, an 'undelete' would simply require someone to go fetch the material from backups.
Unfortunately, this is really only practical for Linux server installations, which is the only place backups occur in the real world. For Joe User sitting at home playing on his shiny new Linux box, backups are not going to happen.
Perhaps we just need a better way of making backups a second-nature thing for a filesystem. Perhaps as "free" or reserved disk space permits, journal all changes and/and deletions to the filesystem as far back as we can go. Allow the user to save this journal (or pieces of it) to permanent storage trivially, giving him a backup. *shrug*..
Really? According to who?
According to me. I have tracked two spammers back to networks where the operator has indicated that the only likely way he got in was through his wireless LAN (both in large downtown settings).
I have also assisted in tracking a DoS attack that originated at an airport's wireless LAN.
I have not read any articles suggesting this is happening, so I'm not sure what quote you're referring to.
These things are happening today, even though it hasn't apparently been in the news.
802.11 just put authentication mechanisms on their SMTP server
You're overlooking a major component of this article, though. Only a tiny percentage of the Wi-Fi user-providers is going to have the means or expertise to do this! Most of what we're talking about here is every Joe User that feels he has some bandwidth to spare/share sets up his access point to allow others in. These are not going to be spam-proofed or DoS-proofed networks.
Hell, how many of the real ISP's/NSP's have their mail servers secured or basic firewalling set up to prevent spoofed DoS attacks?
DoS attacks rely on r00ting lots of machines on well connected networks
Not all of them. If you have a high-bandwidth wireless LAN at your disposal, you can fairly easily overwhelm even some broadband connections without needing to spoof anything or rely on a zillion DoSbots.
THIS IS HAPPENING TODAY.. The DoS attack I was referring to earlier actually happened last year. While it's possible many of these larger-scale Wi-Fi configurations have been or will be secured by the operators, we're talking here about "everybody" opening up their own individual Wi-Fi networks. There will be no corporate funding to get all of these operators trained to handle this.
This is impractical for anything but a small local network. For some, this may be perfectly sufficient and could be a great "community" project.
802.11 cannot handle routing over any significant distance, though. You generally need a wired backbone to shuttle traffic between wireless "pads" to have any sort of decent response time. ISP's aren't going away just yet.
Expect heavy handed TOS to put and end to that quick.
Or 15x prices for the same "unlimited" service.
4. VoIP. Hahahahaha. Enough said
I use VoIP over my Wi-Fi network. RSVP, QoS and traffic shaping can guarantee bandwidth for VoIP needs. The only unresolved issue is that of roaming between networks. SIP, however, can easily be used to re-negotiate an established VoIP call, including moving the voice channel to another IP address. This isn't a solution out of the box, since the network change is happening at a layer higher than IP, but the point is that all of the issues we have today with getting something like this working are not unsolvable.
Broadband companies are not going to allow people to share their badnwidth over a large urban area like this.
Sure they will. They'll just make people start paying for the amount of bandwidth they (and the general public piggy-backing) use. Once the "unlimited use" of bandwidth gimmick ceases to be profitable, it will go away.
At least for those that are exceeding some "normal user" value.
Umm... Aren't you still responsible for the data going out over your Access Point? If some script kiddie living next door sets up camp from his bedroom and starts sending out spam while using your Internet connection, you are going to be the one that gets shut down.
This is a point that I haven't seen a good response to yet. I would never offer up my Wi-Fi network to the general public without a mechanism to identify and combat abuse. Are you going to leave it up to the individual operators to police their wireless "pad"? That is never going to work!
Spammers specifically are already starting to abuse open Wi-Fi networks. It's now become impossible to identify, track, and shut them down. Is this environment really what "free Wi-Fi" is all about?
If you thought spam and DoS attacks were a nuisance in the past, you're about to see how bad it can really get.
Thanks for the correction.
Though, at a radio station I used to work at (AM), they had some very old equipment there. They would announce over the air that they broadcasted at 10kW. And, indeed, on one of the old refrigerator-sized transmitters, there was a big black dial pointing to "10 kW". So not everyone markets with ERP. (Or maybe they just can't..)
The rule is once an hour within 5 minutes of the top of the hour (:00). Some stations also announce at the bottom of the hour (:30) as well.
Correct, he was saying 50k-100k "per hour", which isn't really sensical.. It's like saying, "I can run 5 miles per hour, per hour."
Electric companies typically bill you in kilowatt-hours. My last bill was ~ 8.5 cents per kW-hr. A 100kW broadcast will consume 72,000 kW-hr each month, which would cost some $6,000 at my residential rates.
http://www.dictionary.com/search?q=said
say
v. tr.
5. To report or maintain; allege.
6.
a. To indicate; show: The clock says half past two.
b. To give nonverbal expression to; signify or embody: It was an act that said "devotion."
Go away.
I'm not sure I understand how your comment relates to mine. I was specifically referring to potential code modifications a company may wish to make with GPL'd software.
For example, I have seen Apache authentication modules in a corporate environment that "hook in" to a proprietary authentication system within the company. This code is based on GPL'd code, but the additions are proprietary.
If the GPL is to be interpreted the way some of you are saying, then this company would be prohibited from even passing this code around the company for use, since it would permit any Joe Employee to release it to the general public, which could potentially be very bad.
This is probably a poor example, but it should illustrate the issue. If companies were obligated to release all of their copyrighted code along with any modifications they make to GPL'd software just by trying to use that software internally, nobody would use GPL'd software in this capacity, and that is not what the authors of the GPL ever intended. They want companies to be able to make proprietary modifications to GPL'd code. Only when that company decides to try and sell (or give away) that software (i.e. to others outside the company, obviously) should they be required to send the code along with it.
The relationship of a beta tester to the company is at most a contract. The beta tester is a completely separate entity.
They are signing "an NDA", which could easily include clauses or other contracts outright that could quite easily classify the tester as an agent of the company. That's the big question here.
You can call it whatever you want out loud, but it's the contents of those NDA's and other contracts the participants have to sign that will be the deciding factor here..
This is a very good point, but compare your analysis with the real world and the intent of the GPL here.
The GPL was designed so that companies could make use of GPL'd software and modify it to suit their purposes without having to worry that they'd be required to divulge trade secrets or proprietary code, unless they wanted to sell/give away that software.
By your logic here, these ramifications extend far beyond a simple closed beta. You're essentially saying companies cannot make any meaningful use of customized GPL'd software in their company without being forced to release those changes.
This is not in the spirit of the GPL and is not what happens today. A lot of companies would be in violation of the GPL if this were intended to be its interpretation, and a lot of companies would shy away from customizing GPL'd software for their own needs out of fear that they'd have to release details about some proprietary/secret aspect of their business, even though they have no intention of selling the software or giving it away.
a beta tester is NOT part of the company
All things being equal, I agree.
But I don't know what those NDA's and other contracts the participants had to sign said.
Consider storing data using servers local to your Internet provider (or company). This data could either be placed in LDAP-style servers, or in XML over HTTP. A mechanism could be designed whereby you establish your identity using your e-mail address (e.g. joe@example.com), name servers query ns.example.com for information about this service (using SRV records perhaps).
So when you get a new cell phone, you'd tell it your e-mail address, and maybe given it a password, and it'd go fetch the information about you and store it into the phone, perhaps refresing it at intervals (or for every session).
When 3rd parties query this server for information about you, they do so over a two-way authenticated SSL session. You either arrange in advance, or in response to the request, to allow these bits of data to be accessible to the requestor. Maybe exchange P3P-style policies first.
You could implement this in HTTP by storing different "units" of information in XML under different URI's, and apply different ACL protection over each URI. You could either explicitly whitelist certificates beforehand, or use a combination of certifiate + a password that the 3rd party provider passes through to pull the requested data.
Updates could be handled in a similar fashion. If you trust a 3rd party to update certain information on your behalf, perhaps using your own SSL certificate, you could let that happen too.
Just some thoughts..
A closed beta recipient is (generally) not being paid by the company
Compensation need not be in the form of money. The compensation here could easily be the "sneak preview" that the testers receive. If the participants got nothing back, few would want to be testers.
Of course, if they have a heavily modified KDE, then they would NOT be able to keep their beta testers from redistributing that, including their modifications.
There's no "of course" about it. The answer to this question depends on the first: whether or not the contractual agreement (NDA, etc.) the testers make qualify them as agents of the company. If they don't, then I agree, but if they do, then redistribution depends on the terms of that contract. The terms of the license (whatever style license it is) apply to the company here, remember.
However, you can't give your specially tweaked version of the kernel to someone under the condition that they have to keep it hush-hush.
Absolutely correct. But if a company is developing a tweaked version of the kernel for use internally with their servers, those "tweaks" are copyrighted by the company. Just by passing this new kernel around, getting it deployed, or getting other developers in the group to participate, there is no redistribution going on in the context of the GPL.
Now, if you were an employee and received one of these tweaked kernels, you would not be permitted to simply redistribute it, since you do not own the copyright on the code that the company wrote. If the company decided they wanted to redistribute it (i.e. to entities not working for the company), they'd have to do so under the terms of the GPL and would then be obligated to distribute the source as well.
I think many of us are working under the assumption that some aspects of this UL work do have portions copyrighted by UL. Until UL decides to release this to people not acting as agents or employees of UL, their copyrighted portions cannot legally be redistributed.
However, any GPL code that they modified does not belong to them exclusively - they cannot release it under an NDA unless every previous author grants them a liscense to do so.
Correct, but again, I think you're overlooking a vital fact here: employees or agents for a company are not individuals. If someone downloaded GPL'd software on behalf of the company, the company received that software (and is the "recipient" in the context of the license), not the individual. When the company adds code or otherwise creates a derivative work, they can do whatever they want with that so long as it doesn't leave the company.
The real question is whether or not a closed beta does indeed qualify the participant as an agent of the company. If it does, the software never changed hands: it remained within the company, no redistribution occurred, and no GPL requirements were violated.
only someone with something to hide, or pure scumbags do the closed/NDA thing....
I don't really understand this attitude. Lots of corporations make use of GPL'd software internally for their own purposes. This is the beauty of the GPL: people can modify it to suit their own needs.
If companies were required to redistribute modifications whenever this application was deployed internally, GPL'd software would never be used in this capacity. No company wants to be forced to give out source code to the general public just for wanting to use that software internally. That's neither the intent of the GPL nor is it in the spirit of it.
Contract law recognizes corporations as individuals. When you're acting as an agent or employee of a company, YOU downloaded nothing. The COMPANY did. The company is the recipient in the context of the license, and until the company releases a piece of software, they have no obligations under the GPL to release code with it.
If you are acting as an agent or employee of a company, and you receive software from a fellow employee, the company received software from itself. In other words, no redistribution has occurred. I can transfer a copy of software from my right hand to my left hand without ever being accused of giving it to someon else.
The concept of a closed beta generally means you have volunteered your time for the company. You are now an agent of the company authorized to perform work (testing) in exchange for the preview. As an agent of the company, software you receive from the company has never changed hands.
This isn't a matter of someone's "opinion" on what redistribution means. These are very standard concepts in the world of contract law. Please consult a lawyer if you are uncertain.
If anything, the true question here is whether their NDA/other contracts do indeed qualify the participant as an agent of the company. I can see a fairly solid case indicating that they are, but not a water-tight one.
But does it REALLY matter? When they end up releasing their finished product complete with code, is everyone still going to be so pissed with these guys for not releasing the code earlier? Come on..
If this were true, GPL'd code would almost NEVER find use in a corporate environment. The biggest seller for GPL'd code is that people can modify it to suit their own needs. If a company wishes to use GPL'd code with their proprietary environment, it's quite likely some modification of that GPL'd code would be desirable to make it more compatible with that environment. If you were to force that company to release its changes, they'd have to release proprietary (and potentially trade secret) data.
No company is going to want to open themselves up to that kind of thing.
The fact is (as others have indicated), employees or agents of a company can *not* act as individuals when they're on the clock (and occasionally off-the-clock). If you're downloading GPL'd software on behalf of the company, YOU did not receive the software. The COMPANY did. The "recipient" of that software is the company, not you. Any changes you or other employees or agents make on behalf of the company are copyrighted by the company, and you have no rights to redistribute that until the company says you can. If the company decides to release a finished product to entities outside of that company, they're obligated under the GPL to release their modifications with it, but so long as you're acting as an agent or employee of that company, you cannot interpret the license as applying to you individually.
I would completely agree with you, if users were just being told to sign NDA's. But the concept of a "closed beta" is such that you are volunteering your time to test software for a company, in return for getting a nifty preview. In other words, you've become an agent acting on behalf of the company. You are no longer an independent user receiving software released from a company, you are acting in a limited capacity *as* the company. As a result, there is no redistribution going on.
A "recipient" is not explicitly defined to be a human being. Corporations enjoy status as individuals just as people do. You can license software to corporations, and the corporation is what ends up taking possession of the software. People acting as agents or employees of a company do not receive individual rights to software licensed to the company (which is what's happened here).
You are *perfectly* free, however, to go download the same GPL'd software on your own time and do whatever the hell you want with it. But don't expect to be able to include your company's copyrighted code in your derivative until your company has released that code.
So long as a piece of code remains within a company or organization, it's not redistribution. It is a company that takes posession of GPL'd code, not individuals that happen to have a business relationship with one another. As far as contracts or licenses are concerned, a corporation is a single distinct entity, and employees of that corporation operating as employees or agents of that corporation are not "individuals" that can extend license agreements to apply to themselves individually.
I cannot buy software on behalf of the company and interpret the terms of the agreement to mean that I can take it home and start using it for my personal purposes.
By participating in a closed beta, you are acting as an agent of the company. The software is not being redistributed here.
This issue has come up time and time again on Slashdot, and every time, we hash out these same arguments.