GPL Violation - NVIDIA 336
Ralph Metzler is just another one of those 'thousands of developers' you hear about developing software for Linux. Ralph was checking out the sources for the Linux 2.3 kernel, and he noticed that a chunk of memory conversion routines were copied line for line out of his bttv.c video driver source into NVIDIA's code.
Tony Bennett at NVIDIA grabbed a small amount of bttv.c and integrated it into the Xfree86 driver, without realizing that the code was GPL'ed. Nvidia was contacted about this oversight, and politely responded in a positive way to Ralph. I got to talk to Ralph to see how it all worked out.
I learned from Rich Black, PR manager for NVIDIA, that they are currently changing the code for the next revision of the Xfree86 driver, and the GPL'ed code will be removed from the driver within the next one to two weeks. I got to talk to him, too.Ralph Metzler: I received E-mail by Tony Bennett, and he also said he would fix it and they apologized for any possible infringement or any violations, and it was an oversight and they would remove it as soon as possible.Slashdot: Are you happy with that?
Ralph Metzler: Yes, of course. Of course, it would have been better if it had never happened. I wasn't especially happy about seeing that they released binary-only drivers now, and I just wanted to try them out, and then I see that they re-used GPL'ed code.
Slashdot: ... and then they threw in a credit for someone else who wasn't even you.
Ralph Metzler: All right, I think that was David M[iller] or something. He made some patches to this code, and while he was mentioned in the bttv code before those routines, they probably thought it was all his code, but it was originally mine. He made some patches so it works with newer kernels. They probably thought it was all his original code. It was also probably just a mistake.
Slashdot: The way it stands right now on the Web site, people are able to download [the driver], and it's not GPL'ed.Rich Black: I think it's one of those things where our corporate rule is that we do not open up our code, and we do not have open code, and we will not do that.
Slashdot: That's fine, and that's understandable, but you're in the position that you're either going to have to open it up completely, or not use it at all. Waiting until next revision and then saying, 'Oh, well, it's fixed now' is a bit of a problem, because right now you're in violation.
Rich Black: Right, which we understand, and it will be taken care of within the next one to two weeks. I understand we're in violation of that now, and it was something that was done strictly as a mistake on our part, and somebody was going through writing some code, and it was completely done on accident. It was not a known violation at the time, it was something that he is aware of now, and is seeking to alleviate the situation and take care of it. I guess I can't change anything about how we are in violation of the GPL right now, but it's something we are going to take care of as soon as possible. With the next version of the software, we'll take care of that, and we'll no longer be in violation.
Slashdot: Would you be willing to open source the one kernel module that uses that code?
Rich Black: From what I understand, that is something that might be opened, but I cannot state as 100% fact that I know for sure that that it is the direction, because it is our general rule that none of it is going to be open sourced, but from what I understand is that one [module] might be made available.
So, that's the story. Big company makes a mistake, developer notices mistake and politely informs big company, big company recognizes mistake, apologizes and makes efforts to correct the problem. Wouldn't it be great if it were always this easy? The open nature of the GPL makes 'borrowing' source code extremely easy, and sometimes mistakes do happen. With any luck, polite messages and open communication will save the day.
From the article... (Score:2)
Of course I won't flame you for not noticing, because even though I saw this, I still have to wonder how exactly what that means in plain, non-developer english (like for example how you spot line for line code grabs from a binary, did he have the source to the driver on some kind of NDA, what?)
<Rant>
Anyway. I don't see NVIDIA doing too much here except emphatically stating it'll be fixed, like "Oh Jesus, let's get this 'GPV' outta our code or someone will want to see it all. And again we will not release our code because (insert corporate droning here)".
I still think NVIDIA's a neglectful company, no matter how much some PR guy promises that they'll fix their GPL violations, especially that last statement. "Maybe we'll open source it, but we probably won't because we don't but we might so you just never know <shrug>". I wish
Either give the Linux users who own your cards decent drivers and support, or open them up so that we can do so for ourselves, or there will be no more Linux users for your products, and we'll drag as many Windows users as we can with us to the nearest friendly competitor. Got it?
Re:Yuk, Yuk... (Score:2)
I am all for what you stand for 90% of the time -- but sometimes I feel you are a little TOO open.
Look at Bugtrag -- There are no official rules for posting, but common curtesy maintains that the poster should notify the company of the product first and give about two weeks notice. After that, it is fair game.
Also, you know if I didn't write it, someone else would have
-Davidu
Re:How to *find* GPL violations? (Score:2)
Re:GNU and IP (GNU *is* IP) (Score:2)
Ah, the "life sucks and then you die" philosophy. Too bad I don't buy into that. I'll not mock the example, since it's certainly possible for some, but I will say that I seem to be supporting myself just fine without selling out. It's all about priorities. I have mine, you have yours. That they differ does not give you the right to insist that mine are somehow juvenile or inferior.
At issue here is the essence of liberty. The individual you mention has lost his liberty, not to nVidia, or to Microsoft, but to himself. He has thrown it away for something he presumably values more. I value nothing more, and will not have my liberty stripped from me nor will I throw it away for anything. He acts on his values, I on mine.
As an aside, I highly doubt the local drug dealer cares whether or not his applications are open source. His encryption keys, however...
Re:You can't take them to court (Score:2)
This is not what they're claiming. In fact, there is no way they could have in good faith failed to realize the copyright on the code. You don't see a lot of companies making mistakes wherein they accidentally release proprietary code under license to them. So why are there so many "mistakes" wherein GPL'd code finds its way into proprietary code? I would argue that anyone operating in good faith would never allow GPL'd code to be so much as seen by their developers. I mean, really, is the giant 30-line copyright notice at the top of every file that easy to miss?
you can be ordered to stop ... exactly what nVidia is already doing
On their timetable it would seem.
Re:When will you learn? (Score:2)
Re:do as is done to you? (Score:2)
Re:When will you learn? (Score:2)
It's been 16 years. How long shall we wait?
We share. In good spirit.
We do. And they don't. And don't. And don't. And don't. And don't. And don't. At what point do attempts at peaceful coexistence become self-immolation? Enough is enough. They benefit from our efforts, even if it means violating the law, and yet we sit idly by while they give back nothing. They seem to like their set of rules. So let's play by them. The devil can cite scripture, to his end.
Re:Damn, I wanted a Bruce-Flame-Fest (Score:2)
I don't think a video card company is going to find some great, hidden knowledge in "bttv.c". I'm sure their programmers could produce something very similar in no time at all.
Given the choice between copying a little code illegally but alienating the community, or writing that same bit of code themselves, like usual, I think I know what they would have picked.
So why did NVIDIA do it? Because it was a mistake. Read the article again, read how the parties involved are taking it, (rather well, it seems) and cool off, guys.
Every time a new company comes along trying to use Linux in their business model, (Caldera, Corel, SGI, NVIDIA, etc...) I get anxious about it. I think to myself, "This time, we're going to have a GPL court case, there's no way this big nasty company will ever understand or respect what the community does"...
And so far I've been wrong. In this case, I like having these big companies prove me wrong and show that they really do get it, they're part of this movement too. And what do we get out of it? Better network integration tools, friendlier distributions, perhaps another journaling filesystem, fault tolerance, better multiprocessor support... and now 3D graphics drivers. Sounds good to me.
Give them time. Either they'll come around, or I'll be buying a Voodoo card soon.
---
pb Reply or e-mail; don't vaguely moderate [ncsu.edu].
Re:You can't take them to court (Score:2)
But they're not. They have to do a review of their code, see if there's anything else they've missed, take out the GPL'ed part(s) and replace them with stuff of their own. Then they have to run it through a quality assurance process to be sure the damn thing actually compiles and runs. These things aren't done overnight. They have no reason to pull a few all-nighters just to appease the more zealous GPL folks. They're making a "reasonable effort" (which is a legal term) and are acting in good faith to rectify an accidental copyright/distribution infringement.
There is no way you are going to win a court case on these grounds (thank God).
Re:How to *find* GPL violations? (Score:2)
Re:Damn, this pisses me off! (Score:2)
While the article was ok, the huge discussion is what got really ridiculous. The kernel module in question comes with source, nvidia's error was not to honor Ralph's code in their accompaigning license. Expect them to either honor Ralph's copyright, or to provide their own memory code.
Here is the original answer from nvidia's Tony Bennett:
This was an oversight. We have no intention of
changing the rights to
your code. This should be obvious based on the
attribution.
Its a bug and we'll fix it.
--tony
And the code in question is (compared to the matter) rather easy - it is absurd to believe it was stolen.
Re:Good job, Emmett (Score:2)
Unless I miss my guess, that was a decent attempt at sardonic humor. Add a :-) to the end of what was said and reread.
Re:nVidia has incentive to remain closed-source... (Score:2)
Public Domain grants users some rights that BSDL doesn't. For example BSDL specifically disclaims any warranty, and makes a big deal out of it. "Public Domain" does not. So if you PD some software, and it doesn't work you stand a large chance of being sued, and a larger chance of being found liable. In my opinion a very small chance either way, but why take the risk?
Now in my opinion the original author who put his code under the BSDL because he figured he couldn't prevent violations is giving up. Personally I would have MPL'ed it and put an attachment on saying "there is a flat $100 fee to gain commercial license to any or all of this code". Most companies would rather pay $100 for something then steal.
That's not to say that people that put things under the BSDL under the belief that that license does the most good are wrong. If you BSDL something because you think it is good solid code, and you would rather see it used as the basis of a commercial work then a buggy chunk of crap, and have no desire to be payed (directly at least) for the code, then the BSDL is fine.
If you think the path to better software (or whatever it is you want) is better served by the GPL, or the MPL, well go for it. I'm kind of fond of the MPL myself, especially the bit about patents (it would be nice if a future GPL would adopt that section).
No, that is what the "Lesser GPL" (formerly Library GPL) does. The (greater?) GPL both keeps improvements free, and prevents most use in non-open software (in fact, not just non-open, but non-GPL).
You can not use GPL'ed code in a open source project that uses a non-GPL license. It's the same for MPL'ed code too. Or to be a bit more accurate, you can't use GPL/MPL'ed code as anything other then a distinct program. I could have a non-GPL'ed juke box that uses a GPL'ed mp3 player if I pipe my songs to it. If I want to link it in (so I can fast forward and rewind) I'm out of luck with a GPL'ed MP3 player.
If that is the intent of the author of the GPL code, then all is well with the world. After all it is their work, and they have some rights over how it should be used. If it was the intent of the author that GPLing the code allows almost unrestricted sharing, then they have made a grave mistake. They should have used a different license, like the LGPL. Or put in an escape clause for integration by other Open Source software.
Re:Here's an idea... (Score:2)
What makes you think money is the only kind of damage? If I claim an Arthor Clark short story is mine when I read it to friends, it damages him. He does not get the gain in reputation his work has earned him. If I were to call someone else a wife beater, there would be no money involved, but there would be damages (their reputation, and possably my face just after they punch me).
If you break into my home and steal my VCR, and yet leave me $200 (the purchase price) there is no monatary damage, yet it leaves me with a feeling of insecurity. You could break in and maybe not leave money. Or take a life rather then properity next time.
Damages are not just money.
A lawyer would be able to convince a jury. Easy.
Now whether a lawyer would be able to convince a jury that this wasn't an honest mistake, or that 200 lines of stolen code in a 10,000 project is a super-huge deal, well, I don't know about that.
I would rather have the GPL tested against a violation that is clearly not a mistake, and is clearly a large chunk of code. And best of all, on a clearly wealthy and unrepentent violator, since US juries seem to wack them the hardest.
Re:Code reuse (Score:2)
Well, if the offender was going to BSDL, or MPL their code, they would probbably realise that it would be examined by people who knew the borrowed code was GPLed, and not have made the "mistake".
In fact they would almost certonally understand the "rules" and send mail to the orignal author saying "I'm doing a BSDL'ed project, can I re-release some of your code from foo.c under the BSDL?".
Of corse the original author is free to say "no, I don't want anyone to take it from your code and slap it into Windows NT". So, they could be mostly outta-luck.
They could BSDL their code except for the foo.c code which remains under GPL. Or they could re-write it. Lots of OSS is written for the fun of writing, so maybe they woulnd't even want to borrow from foo.c, they might want to write a better foo.c, and mail the GPL'ed code author "Too bad you wouldn't let us re-licence that code, but here is another better version we wrot from scratch, feel free to ship it with your code".
If they went and violated the GPL anyway, I expect they would have gotten the same polite treatment nVidia got. Probbably.
Good job, Emmett (Score:2)
Re:does the fsf need money? (Score:2)
They Got Caught (Score:2)
They must really think we are naive.
Bruce Perens
Re:They Got Caught (Score:2)
nVidia put that code in their driver while they planned to make Open Source. Remember they announced that, and we all bought their cards, and then they changed their minds and left us with expensive paperweights? Having changed their minds about Open Sourcing their driver, they should have gone over the code base for Open Source code that they could have used legitimately until they changed their minds.
So, now I feel ripped off twice. Once for the money I paid for the card, and a second time because of this. OK, unlike Be it's not my code and I have no right to be upset about it unless someone asks me to help. But what really upsets me is the scope on which this must really be happening. Are we catching 5% of the accidents? If we get too nice about it, we will end up with the court being our only remaining enforcement tool, and we don't want that.
Thanks
Bruce
Re:You Got Caught not enforcing (Score:2)
Bruce
Re:They Got Caught (Score:2)
I think in this case attribution did get "confused".
OK, it's probably a comedy of errors and I'm barking a bit too loud. But I'm so terrified by the extent that this seems to be going on - we're only catching a few percent of the offenders, and I am afraid that this will eventually discourage people from writing GPL code.
Thanks
Bruce
A variation on that (Score:2)
The author claimed to be able to spot code generated by his compiler because the compiler left fingerprints of this nature in the code it generated. I thought that was pretty ingenious at the time.
--
Can we get a search warrent out of this? (Score:2)
If you've been robbed, and you have proof positive that the man down the street took one of your possessions, can you get a warrant for the police to search their house for the rest of your stuff?
Frankly, I'd like to see a few developers allowed by court order to go through the closed source Nvidia drivers at this point; after the obfuscated source drivers a while back I don't trust them as a company at all. A couple hundred lines of perl to pull out whitespace and find the longest matching substrings between two sets of text files, and maybe hours runtime to compare NVidia's drivers to the Linux kernel, Mesa, and Utah GLX (are these GPLed?) drivers...
I'd wager money that there are more violations where we can't see them, and where they'll never be fixed, because Nvidia won't give a damn until they're caught.
Re:NVIDIA & GPL (Score:2)
--
Re:Excellent point. (Score:2)
Personally, I'd chuck my IP rights out the window long before I let a keystroke-by-keystroke log of everyone thing I do be made.
--
Re:This isn't a "Win"... (Score:2)
No, it will scare off every company that ever considered using GPLed code in a closed-source product. Which is what we want.
I fail to see how it would have any other adverse effects.
--
Re:When will you learn? (Score:2)
Now WTF are you going to do? I'm all for playing tough, I just don't see a way how. Boycotting Nvidia is a pretty symbolic gesture, but financially pointless.
Technically, the programmers could sue for copyright violation and win. Money. Maybe a lot. But they're not going to. They probably can't afford it.
I share your feelings, but what pisses me off most is what hypocrites they are about it. You are 100% correct about what would happen it we ripped off their code. And if there's one thing I hate, it's hypocrites who get away with it.
But what can we do?
--
Re:This isn't a "Win"... (Score:2)
An inherent problem with the distributed nature of open source software development is aggressively defending IP rights. I have yet to see a viable solution to this problem yet. Although the author of the story lauded Nvidia's action, IMO it's total bullshit. As another poster astutely remarked, if "we" had ripped off their source code, they'd bury us in cease-and-decists, petition our ISPs to yank the offending code and delete our accounts, and maybe, if we're lucky, let us off at that, assuming there was no profit made from their work.
Yet all they get is a minor slap on the wrist. Clearly, a lawsuit would be a very smart option, not only to leverage them into open their drivers, but to set some sort of legal precedent for the GPL.
Oh that's right, you did realize that the GPL is
I'd really like to see this thing tested on, esp. on such a clear cut case as this. Trouble is, I can't afford it. Neither can anyone. So it never happens.
--
Re:When will you learn? (Score:2)
As much as I hate to say it, Nvidia has by far the hottest 3D hardware on the market. Their new chip can do full screen antialiasing, which no one can do. Also, it destroys 3dfx's competitor hands down. There are too many people here (and yes, I am one of them) who care more about their FPS in Quake 3 than a protest against Nvidia. I don't think a boycott would do anything.
--
Re:This isn't a "Win"... (Score:2)
I'm not implying that it's worthless w/o someone suing, but I think I and many others think setting some sort of precedent here is crucial. If anything, it would sure would make it easier to prevent violations - if Nvidia had known that, in 1998, a judge totally reamed Joe Schmoe for violating GPL, perhaps they'd think twice about stealing someone else's code and then using it to fill their own coffers.
I personally wish someone would sue their balls off. Sure, they're cool for distributing Linux drivers and all, but you know - know - that if you stole their code, there would be legal hell to pay by them. That they are getting off so easy really bothers me.
--
Damn, this pisses me off! (Score:2)
1) They have code out there violating a license agreement. Take it down. Now. Or open up the rest of the code to bring it in compliance with the license. Saying "oops sorry we'll fix that next version" is absurd.
2) The notion that it was an "accident" is bullshit, pure and simple. How do you "accidentally" copy someone else's code? It takes a determined act to go find a software package, untar it, look through it, understand it, then COPY IT, paste it into your code, and compile it. Accident, my ass.
3) The fact that they flatly refuse to open up their source, but are more than happy to steal OTHER people's code, is indefensible.
I will not support this type of behavior. My crusty old TNT is the last Nvidia card I buy, until they get a collective clue.
---
Re:Excellent point. (Score:2)
--
I assume a header file (Score:2)
I think it is pretty certain that Ralph Metzer was looking at the header file and got a strong sense of deva vu...
Cheers,
Ben
Yes, there are disadvantages (Score:2)
Does it really work like that? Possibly. Probably not. But that is the main reason given for not open sourcing drivers.
Of course the risk that they have to run is that someone will go out and reverse engineer their hardware. In not a few cases companies have had that happen with the result that dirty laundry they wanted to keep secret has been publically aired anyways. (eg The "secure" protocol just got reversed and turned out to be junk.) Which as often as not is another reason that they don't let people know how their stuff works. They don't want people to know how bad it is.
Cheers,
Ben
Re:This isn't a "Win"... (Score:2)
>>is
>>didn't you?
Lots of specific contracts haven't been sued over,
but that does not make them "/completely/" untested. The lease on my townhouse was written
by my landlord, and hasn't been tested in court.
Does that get me out of paying my rent?
The agreement by the local welder that he will fix
my muffler for $55.00 hasn't been tested in court either.
There are LOTS of contracts out there that are legally binding, regardless of the fact that they
haven't been sued over. If the system is such that in order for a license to be valid, someone must first be raked over the coals by it, that's
news to me.
Good News, Bad news (Score:2)
On the down side, Nvidia has a binary that should have its source released. All of it, if I recall the GPL correctly. And there isn't any indication that this will happen. I don't even see any mention that Nvidia will be withdrawing the binary from distribution. "as soon as possible doesn't imply "let me just call the webmaster and have that file deleted".
I assume that they want to keep their drivers closed source out of some concern for trade secrets, or other similar corporate logic. As I interpret the GPL, they can't consider that code a trade secret any longer; some of it is GPL, and that's a virus of some potency.
One Possibility (Score:2)
Don't forget that these drivers were released merely a week ago, catching everyone by surprise. I would expect that a couple of people at NVIDIA spent a couple of very hectic days preparing for this.
It wouldn't surprise me if this code was only there for the internal beta, to be distributed only to people who have NDAs with NVIDIA. The developer might have grabbed the code just to get the beta working, planning to rewrite it before the drivers went out to the general public.
Mistake? Yeah. Worth hate-mail? No. Give the company the chance to do the right thing. They've turned things around in just two weeks (from where I sit, and I have a bit of a perspective on this), so I'm willing to be patient. (Yes, I'll update the page in my .sig in the next day or two, too.)
--
How did he find out and how can you believe them? (Score:2)
Secondly:
It is my steadfast opinion that, if nVidia stole code from a GPLed module, they be required to immediately remove either the module, or the offending code, or the release the full and complete source of the module. Anything less is simply unacceptable, according to the terms of the license.
That being said, of course, they could always write a function which calls a separate trivial library which contains the code in question, and release the trivial library and it's source code. I reckon that's one way to satisfy (around?) the letter of the GPL.
Well, that's my soapbox for the day
Re:This isn't a "Win"... (Score:2)
What sort of answer is "we copied some code out of a GPL'd program by accident". Give me a break! You have to be genuinely stupid to not know that linux is released under the GPL. And you also have to be genuinely stupid not to know that copyright exists. (both of these statements are made within the context of being a software developer in the US, etc.)
So my question is, what are the best tools to use to decompile code? I think that I'd like to decompile their "public domain" drivers and then post the decompiled source. recomendations?
Oh, and if it turns out that I wasn't right that they're public domain, I'll take them down in a few weeks.
Re:This isn't a "Win"... (Score:2)
Them simply removing the code is not very productive. It at least will mean that they don't violate the GPL (That we know of) any more in the future past not releasing source for their GPL-derrived work. What about the fact that they didn't release source? Does it really work that I can copy office2000 and the only thing that happens if I get caught is that I have to delete it?
Very, Very true (Score:2)
Besides, how exactly does one accidentally borrow code? Did they confuse the linux bttv driver with their in-house bttv driver?
I'm with you. Fuck them to hell and back.
Sometime soon, the kernel people really should say, "As of version x.y.z, no more binary-only kernel modules will be permitted." It's not like linux needs binary-only kernel modules any more.
A valid (and often missed) point (Score:2)
The responsibility of GPL enforcement (Score:2)
Guess what, kids -- It is the responsibility of the original author to enforce the conditions laid out in the GPL. Not Slashdot, not the FSF, and not the GNU Project. Lets suppose Evil Company X steals your code...do you have the resources in place to defend the GPL yourself? There will probably be a day in the not-too-distant future when a company simply decides to muscle its way past the GPL and reap the harvest of yours, and everyone else's work for their own benefit.
Quoting from the GNU Project's own document [gnu.org] on how to deal with possible GPL violations:
"The copyright holder is the one who is legally authorized to take action to enforce the License."
Read: No income, no money. No money, no lawyer. No layer, no lawsuit. No lawsuit, no safety. No safety, no Linux. Be careful what you release, folks..You may not be able to prevent someone from making money off your work.
Bowie J. Poag
Re:No source, no customer (Score:2)
I had the exact same experience with ATI--Sure, their hardware is nice, but as a company they suck donkey balls. I wrote them at least twice over the course of a year, politely asking them to release drivers for their Rage/Rage II chipsets. All I got was A) Spam, and B) Bullshit from their spokesman.
I'd Switch to 3DFx..They do a great job of not sucking. They keep linux.3dfx.com [3dfx.com] updated religiously.
Bowie J. Poag
accident my ass (Score:2)
I'm not trying to troll here, but this really pisses me off. And I don't understand how people can be so blase about it. The fact is, they used GPL'd code in a closed source module. But instead of doing something about it, we're kissing their ass in the hopes that they'll one day update their Linux drivers so they aren't 5 years behind the Windows ones.
Face it, Nvidia is using the Linux community, and doesn't give two shits about us. And I would not be surprised if they aren't the only company that does things like this to cut down development costs.
Anyways, I'm ranting like hell, but I am pissed. They are breaking the law, but instead of doing something, we're just giving them a slap on the wrist. So at this point, Nvidia and every other company out there has been given the (correct?) indication that if they illegally use GPL'd code, they can just say "oh we're sorry, we'll fix it in a few weeks", and nothing will happen.
If we're going to be like this, might as well relicense all GPL'd code under the BSD license. Thats basically what we're allowing corporations to treat it as.
Thats enough of my ranting.
Re:This isn't a "Win"... (Score:2)
Code is copyrighted in the sense that no one can copy your code letter for letter. Anyone can look at your code and get ideas from your code, just as science fiction writers can "steal" ideas from books they read. "Copyright" in the sense that you mean - where no one else can use your ideas - is actually a patent.
Re:How to *find* GPL violations? (Score:2)
As the most basic precaution, you should include a copyright string somewhere in your program text, and "use" it in some way that will prevent a compiler from optimizing it away.
Unfortunately, this will be pretty easy for "them" to catch, though it does require them to actually read the code (as they apparently neglected to do in the Perens case a few weeks back).
Beyond that, I'm reluctant to suggest obfuscation for an OSS project, but I don't see any other way to make it difficult for someone to find and delete your copyright string.
Perhaps you could add a "spare" error message that looks plausible to anyone reading the code, but is never actually emitted by any error. If you used sufficiently idiosyncratic terms or phrasing for such a message, you might be able to build a case on that basis.
The other problem is, once you've revealed the evidence that proves that someone has hijacked your code, what's to prevent them form deleting just that part and then saying they re-wrote the code from scratch? Perhaps you should include two identification strings in your code: one for making a polite reminder that your code is GPL'd, the other for a court case if they take the easy way out.
Of course, if someone does find and delete an actual copyright string, they will be in a heap of trouble if they ever get caught out at it.
--
Hmm. (Score:2)
They admit they are in violation, yet are still distributing the code in violation from their site? This should stop immediately until the problem is fixed, no? I mean, they are *NOT* allowed to distribute it, and neither is anybody else.
Of course.... and this might be a bit silly.. but... if it's just some memory management routines... is the nvidia driver a 'derivitave' work, or does it just use a tiny bit of code from some GPL code? Think about it.. if it's not really a derivitave work... the GPL may not apply.
Caught with their finger in the jar... (Score:2)
Well, it's good to see they will be fixing the problem (and so they should), but they're only fixing it because they've been caught, it seems.
They claim to have copied the code "without knowing it was GPL". What situations are there where you can just cut and paste some code, and use it without thinking about the permission to use it? Not many. They surely can't have been mistaken into believing it was in-house code, and since they're going to the trouble of developing for Linux, they must have at least heard of licenses and the issues surrounding them.
This is pretty poor in my book.
Re:Excellent point. (Score:2)
Why No One Can Stop This (Score:2)
Section 2, Part B of the GPL reads:
b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
If they incorporated GPL code into their driver, then distributed, then the rest of the driver is automatically under the GPL, correct? That is, since GPL is infectious, the entire driver is then supposed to be released under the GPL. That is the agreement that one signs when you use GPL'ed code in your software.
So, since the driver is infected, doesn't this mean that we can demand the source code to the nVidia driver? It seems to me that redistributing modified GPL code means that you agree to the original GPL.
It just seems to me that pulling the driver and redistributing is not enough. Once it is out there, they are bound by the terms of the GPL, and should have to give us the source code to the Beta that they released. This is similar to the issue with Be and Bruce several weeks ago - just fixing the problem doesn't exempt them from the past violation and the old terms still apply.
Does anyone else see this the way that I do?
Re:This isn't a "Win"... (Score:2)
--
Re:This isn't a "Win"... (Score:2)
I agree, take the fsckers to court. Let's see if the GPL has teeth.
I think it would be a good way to branch the software. They can release a new version without the code, but the one that's out there *should* be open. Maybe we could have a contest in a year or so and see who has the better code (one company vs. the rest of the world, hehe)?
Note to nvidia: I am your core market, the way you handle this situation will determine what I think of your company for years to come. Act accordingly. Also note, I had a v3 blow up a week ago, and am currently in the market looking for a replacement.
--
Re:This isn't a "Win"... (Score:2)
Anybody reverse engineer M$'s networking code recently? (just asking...)
Just wondering because I remember a Bob Young interview a while back during the RH roadshow. He asked a group of execs how many of their IT depts were mandated to use Linux. No hands. He asks how many thought that Linux was running somewhere on their networks. All hands. Now ask them how many of their core products contain GPL'ed code. How fast can you count blank stares?
--
Re:How to *find* GPL violations? (Score:2)
This is a really interesting idea, but I believe the GPL (or any license, for that matter) voids this sort of use. Most copyrighted material (i.e., !code) isn't licensed, so there's no problem. It had never really occurred to me though, so I'm not sure. I do know that there are restrictions on what you can do with material under fair use, and in all likelihood they would prevent people from using it a means to 'steal' code.
Two and three are pretty much the same question, and in both cases I'd say no. I could take a book from the library, scan it, change the main characters name to 'Bob', and claim it's an original work, but I doubt many people would show up in court for the book signing.
Absolutely. Algorithms can be described by code but are not code any more than the number 4 is the numeral '4'. The solution to this 'problem' is to patent algorithms, which is, IMO, insane, but I'm not so sure the Patent Office would agree.
-jcl
Re:GNU and IP: Legal != Moral (Score:2)
But there'd be very little incentive for a company to lock up its code, if the binary can be freely distributed. A monopoly on source code is not actually all that useful if you can't control the binary. (I'm presuming that more insidious methods of copy protection, such as compiling against a particular processor serial number, would be illegal under fair trade laws or whatever). And if your product is so vital that binary copies aren't good enough to prevent you having a good monopoly (say windows), large companies would reverse engineer and clone your program bit by bit, safe in the knowledge that it would be legal. (I'm also assuming that a deliberately obfuscating APIs would be explicitly illegal for companies with high market share, under antitrust law, which is a bit of a change from today).
In a world where this sort of copying and reverse-engineering/cloning was legal and normal, people would be much more wary of uncloned closed-source software because buying into a monopoly market is usually a bad idea unless you have no choice.
It might take a few years before everyone recalculated their enlightened self-interest, but eventually open-source would become the norm and (in most cases) binary-only distribution would be regarded as a possible sign that the vendor was out to con you.
Re: No problem... (Score:2)
There's no such thing as "efficient". There's only "efficient in a certain environment". Common law may be great for things like murder, where the issue hasn't altered for centuries. However it has not had chance to adapt to this fairly new environment where the cost of distributing information is nearly zero.
IANAS. The problem with ideas is that they're often dependent on lots of other ideas to be useful. This particularly applies to software. If I have an idea which relies on 6 other patented ideas, then there is no way I can use my idea without collaborating with all six patent holders. If someone wants to market a replacement for my idea, they also have to replace the functionality of the six other ideas I drew on.
This creates enormous barriers to entry into the market for ideas, and so makes monopoly control very likely. If you wanted to market a replacement for Recycle Bin for Windows, you'd have to recreate the whole of the rest of the OS. A reasonably low barrier to entry is a fundamental axiom needed for free market economics to work. If you don't ensure that the barrier is low, you can kiss goodbye to all the efficiency optimisation which the free market performs.
Re: Cost of violation (Score:2)
However, given that the GPL is simply one of a number of different licences the author(s) could issue, I can see a case for a varient of the GPL that gives the developers a choice:
- obey the restrictions and conditions of the GPL, and not just after you get caught but at the point you release the software, or
- Pay a "standard usage fee" to the FSF, in trust to be split between the authors / donated to charity as seems reasonable, in the following amounts; $5000us, an immediate payment, and 10% of the sales price of the software, or if the software is supplied bundled with other products (hardware or software) 5% of the sale price of the bundle, whichever is higher.
Being caught in violation of the GPL after the software has been available should automatically disqualify the company from reverting to the GPL for units already shipped and paid for, unless the FSF or the authors are happy it was a genuine mistake and the remedial action the company has taken is adequate.Given this, I doubt any company would be complacent about allowing OSS routines to be shipped in their products without checking with a lawyer first.....
--
Re:Developers' OK not enough (Score:2)
We may view the software as being communally owned, but the law dosen't.
Lawsuit! (Score:2)
It seems to me that if the owner of the infringed works so desired, he could easily strongarm nVidia into opening their drivers; A lawsuit could end up being extremely costly for nVidia, since presumably several thousand people have downloaded the drivers.
I also notice that under the criminal section of the copyright law, if nVidia loses a lawsuit, they are subject to forfeiture of anything used in the copyright violation. This would probably include all servers and workstations, networking equipment, etc. -- even more reason for them to settle.
It is the purpose of the GPL to increase the amount of Free Software. The only reason I can think of NOT to make nVidia open the driver is that it would make other companies look real hard before looking at adopting Free Software. However, this will only affect people planning to redistribute free software, so I wouldn't think it would be so big an issue.
Re:They Got Caught (Score:2)
//rdj
My take on the GPL (Score:2)
Re:nVidia has incentive to remain closed-source... (Score:2)
Dammit, that's not the point of the GPL. The point of the GPL is to enforce the openness of code. RedHat is, indeed, making money off GPL code, and it's not against the letter or the spirit of the GPL. More power to them!
You don't use the GPL in order to restrict people from making money off your work. You do it in order to see that any improvements other people make to your code are also open.
Then why not just make it public domain?
Heh, me too - except my final is in electrical engineering.
Re:A half-assed victory for GPL, a demise for OSS (Score:2)
So, it sux. Thanks for nothing, Nvidia.
A half-assed victory for GPL, a demise for OSS (Score:2)
But that's not my point. The point is that they will release a closed-source driver. That means, if you use Linux or Windoze, you'll be OK, but you're fucked if you use anything else. That means, Nvidia goes bust, noone can develope new drivers for your card. That means, no development contribution possible, by the X community.
The spirit of OSS is violated, even if the GPL is not.
When NT/Win2k/9x becomes stable. (Score:2)
When NT/Win2k/9x becomes stable
Sorry, a very cheap shot there. I actually have no problems with MS myself. I just couldn't resist that little quip. In no way did I mean this as a credible argument against MS's software.
Re:Damn, I wanted a Bruce-Flame-Fest (Score:2)
Wait . . . isn't the signup for the 2nd Diablo II beta on Monday? TUESDAY then!
a small amount of bttv.c? (Score:2)
--
Re:You Got Caught not enforcing (Score:2)
. . .and this is yet another reason (no legal action against nVidia) to bolster that opinion.
Listen to me Bruce. Get a VC friend of yours to set up a (very very small) startup company to compete with VALinux. Ask them to hire an engineer that intentionaly and knowingly violates the GPL repeatedly and take them to court. Think of it as an Alpha test for the GPL. Test it. Please. We beg you.
___
We need some time... (Score:2)
Matrox seems to have been consistently clueful about the Open Source community. 3dfx seems to have come around in recent years. I'll continue to buy my hardware from the company that seems to be the most clued in at the time I'm buying. Last time around it was Matrox. Next time around... who knows?
Last time Nvidia open sourced a driver, they did so in a manner that made it all but unmaintainable (See the various comments from the Utah GLX developers for more on this.) I was considering several cards earlier this year, when I bought my Matrox G400 Max. I passed on Nvidia based on comments from the GLX developers. I passed on 3dfx because they'd been routinely schizophrenic on open source in recent times. I bought the Matrox because they've been consistently releasing needed information to open source developers for quite some time.
I vote with my wallet and I can smell corporate bullshit a mile away. Actions speak much louder than any lies out of marketing, and don't think for a second that the community won't notice what you're doing. If we don't like your deeds, we won't buy your stuff. So maybe it's time for your marketroids to re-evaluate the environment and actually start talking TO us, not AT us.
Re:When will you learn? (Score:3)
When someone trips and finds themselves with their head stuck in an unfortunate bodily orifice we help them get it out and get back on their feet. That is how we got where we are today, and that is how we will get even further in the future.
You are wrong. I am sick of people who treat these companies as poor blind little puppies and try to show them the light!
Have you ever argued with a typical corporatist about issues like this? I have, alot. They profess ideals such as "their right to earn profit for their efforts and expenses" and other self-serving mankind-screwing rhetoric. Look at how nVidia has behaved.. they have been feeding us lies, with their promises of embracing Open Source etc. That is not the behaviour an entity that doesn't know better, that's the behaviour of an entity that is one of two things.
Intelligent. They know who we are, they know what we stand for, and they don't like the way it threatens their hip pocket so they seek to squash us. There is no showing them the light, because they know our light as well as we do already.
Mind-bogglingly stupid. They do what they do because they have seen it's what the majority of people do. No amount of rationalizing or leading by example will work with them either. Rationalizing won't work because these people simply do not think. Leading by example will not work because the corporatists are the vast majority, a much more visible example, and they see us as rebels.
Either way, they are our enemies, and they will stay that way, and we have no choice but to fight them. I agree that it would be better to turn them to our side, but simply no amount of our good-will will do that.
Here's an idea... (Score:3)
It's obvious that they were in violation, but there are many cases which are far more ambiguous. (Specifically, bundling GPL components with a commercial system.)
From my perspective the GPL is about as annoying as software patents. No, this is not a troll. This is the truth; what good is a license which has no legal backing? What good is a license which is ambiguous and frequently abused?
The strongest threats anyone in the GPL community can make are:
1) I'll have a thousand Slashdotters complain until the article rolls off the front page
2) I'll have Stallman send you a stern email telling you that his interpretation doesn't match with your interpretation. Please stop.
3) I'll take you to court (without being able to plead damages, because no money was lost.)
From a company's perspective, how can badly can I abuse a license where no monetary damages occur? Why would I want to become involved in GPL issues without understanding the REAL legal ramifications?
Although there are many people here who have strong *opinions*
So I'll say again it. Will someone please TAKE THE NEXT ABUSER TO COURT and get this whole stupid thing settled.
Don't respond to this, there's no point. Everything about the GPL has been beat to death on this forum and on usenet. Put up or shut up. Go to court.
950
Excellent point. (Score:3)
The dangers to Open Source and Free Software to this are all too obvious and have been amply elaborated upon in other posts, so I will not go into that here. But: imagine your company creates a closed-source tool that, say, processes images. In this, let's say that you have a filter that "textures" an image, using an arbitrary grayscale image to indicate contours. Now, imagine, three months later, you see somebody else come out with a similar product with exactly the same feature. How are you supposed to know whether they disassembled your code or not? How are you supposed to know whether they somehow got hold of a piece of your COPYRIGHTED source, and just stole that?
The only solution I can see is to insist on complete, keystroke-by-keystroke monitoring and logging of the creation of each and every source file, to be made available should a copyright lawsuit arise. These logs would naturally have to be kept whenever implementing a feature identical or similar to one in an already-extant product. And, to prevent companies with legal might to throw around such as Microsoft and Sun saying, "oops, no logs, but our high-priced lawyers will help you figure things out," absence of these logs would automatically put you in violation of copyright. This has to be done - there's no other way to protect our code.
Re:This isn't a "Win"... (Score:3)
Jaded, Hell. We're not children (most of us anyway). We can see for ourselves how their world works. Until we can make our own we're forced to play in theirs. That given, this is simply reality. Corporations are easily dealt with when you remember that they're just after money. That's actually a good thing; it clarifies situations like this one. nVidia thinks they can steal from us. And why not, from their viewpoint? There's so much effort being made not to look like zealots that they know they'll get away with it, even if they're caught. So why not; hey, it's good for profits. And the only way to stop it is to make it BAD for profits. Simple enough. A no-limit game, if you've the stomach for it. We're showing that we don't; it's all too clear that they do.
Code reuse (Score:3)
What if the offender had been another open source project? If they had used a BSD license instead of the GPL, for instance. Would they have been forced to change to the GPL? Would anyone have cared?
What if NVidia had just used a clever algorithm they found in an open source project?
I'm also confused on the point of how much and of what kind of code can be reused from other projects. Is any amount of cut and paste OK?
After all, the whole benefit of open source is to build on other people's code and learn from it, but licenses like the GPL say "touch it and you've bought it" as far as I can see. Although I'm sure that common sense dictates that things aren't in practice that strict.
Yuk, Yuk... (Score:3)
Thanks
Bruce
Negligible consequences for stealing code? (Score:3)
Which is it going to be?
FTR, My personal opinion is that we demand they open the module immediately or face a lawsuit, because legal intimidation seems to be the only language large companies understand.
Re:Developers' OK not enough (Score:3)
Chas - The one, the only.
THANK GOD!!!
Re:This isn't a "Win"... (Score:3)
--The knowledge that you are an idiot, is what distinguishes you from one.
NVIDIA & GPL (Score:3)
As for NVIDIA choosing closed-source development for their drivers, I have a feeling that they will come around eventually. Creative was not going to release SBLive! drivers as open source, but that changed rather rapidly when they realized that they could harness Open Source development to reduce development costs and keep up with the enternally evolving Linux kernel.
If NVIDIA wants to really compete in the Linux marketplace, then the GPL is a powerful enticement. Granted, they may not want to release their latest and greatest drivers quite yet, but it may be in their best interest to do so eventually. Look at how 3dfx makes generally lower-quality hardware (although I use a 3dfx card in my own box) but they've done a great job of capturing the Linux market with quality open-source drivers. Even though I think 3dfx doesn't have the advanced technology of NVIDIA's chips, I am more inclined to buy their products for my Linux box because of their support of the GPL. While people like myself are the minority, we're very vocal about these things.
At least NVIDIA is stepping in the right direction. I can understand their hesitancy to go the Open Source route, but I think that once they see that it will be a positive thing to their bottom line they'll come about in good time. As the article says, be polite about these things and let the power of Open Source speak for itself.
Why BSD licences are better than GPL. (Score:3)
This, yet again, proves why the BSD licence is best for corporations. Companies can develop on BSD, take what code they want and incorporate it into their products. With BSD, they get a linux-binary compatible enviroment to QC the products they ship. (Some people are confused on this point. Because BSD doesn't use the linux kernel, they don't believe it can run Linux binaries. Using BSD/SCO/Solaris as a QC platform for "Linux binaries" goes farther than any other method of proving 'linux compatibility' with the absence of a functional LSB)
And, at some future date...when they decide that OpenSource isn't a bad thing then they can participate with a BSD-esque, GPL or some other model.
All the tactic of 'The appropriate fix (under the GPL) is to release the source code.' will do is push companies AWAY from OpenSource.
"sampling" GPL code (Score:3)
You can't take them to court (Score:3)
The case law is quite clear on this: If you violate someone's copyright unintentionally (eg, you think the material is in the public domain), you can be ordered to stop, but no punitive damages will be awarded. Which is, of course, exactly what nVidia is already doing.
We should all be glad for this anyway -- if punitive damages could be awarded for good faith copyright violations,
Re:nVidia has incentive to remain closed-source... (Score:3)
The above points amd the fact that the world is full of unscrupolous, lazy, developers is why I started considering using the BSDL instead of the GPL. With the BSDL folding of source code into proprietary code is acceptable while with the GPL this is not the case. Considering the fact that it is nigh impossible to know if your code has been stolen and used in some binary only application with no external dependecies (unlike the nVidia driver) without going through a lot of trouble to discover this (code dissasembly) and then a lot of trouble to prove it, I have started looking for an alternative to the GPL. I settled on the BSDL for a few reasons which I will list below
- I'm not getting paid either way so why
- try to restrict people from making money of my software. After all, Redhat has proved that it is possible to get rich off other people's code even if it is GPLed.
The purpose of my post isn't to start a flame war so if that is your response when you read this, don't bother I'll simply laugh at it. On the other hand I am interested in well written, intelligent opposing viewpoints and/or exposures of flaws in my reasoning.PS: It's 4 AM and instead of studying for my Calc III final I am posting to Slashdot. AAAAAAAAARGHHH!!!!
Re:This isn't a "Win"... (Score:4)
nVidia would be no problem if they were an isolated incident. It's the fact that this is going on in such a widespread way, across so many companies, that is threatening. It's threatening because if people don't see that their GPL work is being protected, they won't write as much.
I think perhaps if you want to kill free software, this is the way to do it. Just show the authors that there is a pervasive violation of both the letter and the intent of their licenses for somebody else's pecuniary gain, and that we can't afford to go to court and we can't use publicity to go after the offenders because it's not popular to do so. They'll stop writing.
That's why these incidents bother me so much.
Bruce
Re:This isn't a "Win"... (Score:4)
Has anyone ever heard of one documented case where a developer willingly violated the GPL and actually recieved anything besides a collective browbeating from OSS advocates?
AFAIK there's one. Look at the case of QuakeLives - the guy basically violated section 6 of the GPL from day one by taking a bunch of OSS Quake code and closing it, and then telling people they had to forfeit their rights under the GPL in order to download it. The only reason he ever backed down was because John Carmack stepped in and threatened legal action (which he, certainly, can afford).
That's the only time I'm aware of. It's obvious that this problem will only grow as time progresses, the GPL becomes more pervasive, and the computer industry grows exponentially. But there's really no obvious solution. So to your final proposition, I say, "don't tempt fate" - eventually something like this will happen. It will be interesting to see what, if any, repercussions there are.
--
Re:When will you learn? (Score:4)
Yeah, thats right. Do unto others as the bastards would have done to you, eh?
How about showing them our way of life and SW development, and see if they don't come around eventually? Do you really think we would have seen, let's say, open sourced SB Live drivers if the community had acted like rabid dogs fighting over snippets of code? Of course not. We share. In good spirit.
When someone trips and finds themselves with their head stuck in an unfortunate bodily orifice we help them get it out and get back on their feet. That is how we got where we are today, and that is how we will get even further in the future.
Regards
Demanding Open Source isn't just ideological (Score:4)
If the general linux public takes a different view then maybe they are mistaken. If NVIDIA go bust, or choose to stop supporting Linux, who will keep support for their card up to date? Now ask the same about 3dfx. Open source means more future-proof. Of course, it depends how long you want the hardware to last.
Re:GNU and IP: Legal != Moral (Score:4)
Ok, there's two separate concepts. Morally meaningless, and Legally meaningless. Some people believe that the concept of IP, as the law sees it today, is Morally meaningless, because nobody has a right to restrict copying and distribution. But it is definitely not Legally meaningless, cos if you copy enough stuff you'll be in trouble. To ensure that free software stays free, you use your Legal rights over the software. You say people can only use it if they don't restrict others' Moral rights by putting burdensome Legal obligations on them not to copy it.
If, as some people advocate, copyright law were to be dismantled, the Legal protection given to your Moral rights by the GPL would vanish. However, also the ability to put burdensome Legal obligations on people would vanish, so there would be no need for a GPL. Until/unless that happens, the GPL is a good Legal tool for protecting Moral rights.
I think there's no conflict, as long as you get the distinction between Legal and Moral clear.
Re:When will you learn? (Score:4)
>release the module under the GPL, immediately, or go to court.
I agree, because the intention of using the GPL has always been to make more code open - the "virus-like" nature that some people condemn is, nonetheless, the point. Companies and authors rigorously defend other copyrighted material every day for their own motives of financial gain or creative control, and legally the GPL is nothing more or less than a copyright. Having them remove the offending code is not the motive for initially using the GPL - opening up the derivative code is.
Removing the code and replacing it with a functional equivalent doesn't even really address what they've already gained from it, either, because it was there during the development effort and its presence will have been partly responsible for the final state of the other, closed code in the project. In other words, not all the damage can be undone (but note that this point isn't likely to be addressed by copyright law - in fact the idea is more akin to patents).
However, since not everyone does have your resources, there need to be legal funds in place to deal with these cases.
How to *find* GPL violations? (Score:4)
Damn, I wanted a Bruce-Flame-Fest (Score:5)
While the
The appropriate way to handle it would have been to tell Bruce Perens and let him start a
How can we stand for this?
-Davidu
When will you learn? (Score:5)
THIS MUST STOP. I guarantee you nVidia will NOT just ask you kindly to stop if you (for example) violate their license by reverse-engineering their software. Hell, no. Instead, you'll have a hundred letters from big-time lawyers in your mailbox, your ISP will be court-ordered to shut off your site(s), and if you're lucky you'll only be paying them off for the next 40 years after you lose in court.
We should be making it at least as painful for them. Threaten, sue, and threaten some more. They won't learn any other way. Our licenses are not negotiable. You want the DMCA? Well, then, IT GOES FOR US TOO. Follow the license or go to jail. Where were the copyright police today? They didn't have any trouble rousting out a 13-year-old kid IN A FOREIGN COUNTRY no less or fucking over mp3.com, so where were they for this equal offense?
The GPL is every bit as binding, every bit as legal, and every bit as serious a license as any other. It's time we got tough about this. They're playing hardball, we're striking out one after another, and then when they're up to bat we give them intentional walks, one after another.
I hope to God I come up with something nVidia sees fit to use in their software. Because I have balls, resources, and a good mind to fuck them to Hell and back. It's long past time for this one-way street to come to an end.
Mistakes will happen BUT... (Score:5)
If it comes down to, "Apologize then clean up the header and say you fixed it" - that isn't costly. Do you have any reason to believe that code and algorithms which may have been borrowed in the binary was cleaned up as well? Of course not - doing that would make the fix potentially take longer. Companies generally don't play nicely and tend to have some trouble accepting that others actually might be so naive as to expect that they would.
At the least - very least - there should be an insistence on having the developer whose code was nicked get access (under an NDA if need be) to the source to verify whether more was borrowed. That should be an absolute minimum requirement before anyone believes them.
Preferably the driver should be forced to be GPL as per the licence which the code was distributed under. (That is, after all, the purpose of the GPL.) If they do not do that then they should seek an alternate licence from the author. Note that nothing in the GPL prevents the author from re-releasing a non-GPLed version. And yes, the author would be perfectly justified asking for gobs of money.
But no, none of this is going to happen. Which is why when people who don't think like lawyers start thinking that people who pay lawyers will play nice, they get the short end of the stick. Repeatedly.
*sigh*
Ben
This isn't a "Win"... (Score:5)
They used GPL'ed code to cut their development cost and they would have continued to use the code unless they were caught. Now they'll go back and remove it but there's still an incentive to use GPL'ed code in a closed way:
1) They probably won't get caught.
2) If they do, there's no penalty... just say "whoops... that was an accident"
The point is: If instead of GPL'ed code it was another company's copyrighted code, there is no way they'd get off we a "mea culpa... we'll be good boys now". There would have been extra cash involved or the company who got ripped off would have gotten some rights to the violating product... note that nVidia still doesn't think that they should have to open up the offending module.
Hell... why doesn't some company take Linux and relabel it as their own OS and sell it as a binary only. Then over the next four years they can go in and rewrite subroutine after subroutine in successive releases as people complain... the company will then have four years of revenue off of the work of other people.
GNU and IP (GNU *is* IP) (Score:5)
While I applaud the handling of this on both sides, this sort of thing shows a blindspot among a lot of people here.
A lot of people here seem comfortable, simultaneously, with two very contradictory ideas. On the one hand, there's the idea that someone who claims "copyright" on something, say music, has no real right to demand that people not copy or distribute their works in a manner against the wishes of that person. On the other hand, there's the idea that someone who releases something under the GPL has every right to demand that no one violate that license and copy or distribute that work in a manner (sans source) against his/her wishes.
There's a deep conflict between those ideas, and Slashdotters who adore copyleft and ignore copyright need to recognize that and somehow resolve it.
In other words, how can GNU be so holy if the little copyright "c" is meaningless? I'm curious as to thoughts.
What, if any, ppenalties should be assessed? (Score:5)
"We'll fix it on the next release" is a nice sentiment, but they have been infringing on Ralph Metzler's rights, and are currently violating the GPL, and will continue to do so until the next release, whenever nVidia decides that will be.
If nVidia really wants to make this right, they should either
- a. take down the offending drivers from their site today, and go back to the last revision or drivers without the offending code, or
If a large company is caught infringing on the patents of another large company, they are usually asked to pay a licensing fee. This situation should be no different.b. they should be asked to make the appropriate royalty payments to either Ralph Metzler and/or the Open Source community.
If we, as the Open Source community, decide not to pursue nVidia's immediate resolution of this, and persist instead in being "polite" instead of protecting our rights, we will find it infinitely harder to enforce our licenses in the future.
Re: What, if any, penalties should be assessed? (Score:5)
So, if Ralph isn't responsible for enforcing compliance by third parties (e.g. nVidia) to the GPL, who is?!?
I am not saying that Ralph should demand "all sorts of concessions" from nVidia; however, they are under a legal obligation to follow the License, whether Ralph chooses to enforce it or not. The fact is, Ralph isn't the only person involved in this situation, and the License serves not only to protect the interests of the programmers, but to protect the interests of the users of the software.
You are right, the whole community has not been harmed by this; just those with nVidia cards. Anyone who downloaded those drivers have now been harmed by nVidia's carelessness. First, many of them bought cards based on the assumption that nVidia would continue to support Open Source. In retrospect, this was obviously a mistake.
Then, they were misled into thinking that these new binaries were closed-source, 100% nVidia-written drivers, which would have been just fine, except...this turns out to be patently false as well.
Finally, when the users went to the site for updated drivers, they were not informed, as the GPL requires, that they are at that point entitled to the source code to the software they are using on their own hardware! Therefore, the number of people harmed by this is far greater than a single programmer.
Now, whether or not Ralph chooses to pursue the misappropriation of his work, you are correct; it is his own choice. But it was also his choice to give up some of the control he has over his source code, when he released it under the GPL.
The License serves to protect software end users, not just Ralph. If the community doesn't care enough to enforce it, the GPL will just be the punchline to a stupid hippie joke. I don't want that to happen! Do you?
nVidia has incentive to remain closed-source... (Score:5)
What that means is, by opening the source to its drivers, nVidia is inviting the competition to inspect the secret sauce and help them in developing their own recipes. It's terrible drivers which have prevented ATI from becoming a big player in performance 3D, and mediocre drivers which held Matrox back. nVidia would lose an edge if it were to open up its driver source.
However, what the Open Source community needs to do with companies like nVida is remind them that their real advantage isn't in proprietary drivers, but in the superiority of their hardware. (For example, 3Dfx's drivers are typically great, but right now their soon-to-be-released Voodoo 4/5 boards are getting stomped by the GeForce 2 from nVidia thanks to its superior silicon). If they can be convinced that opening their driver source will yield better drivers and allow them to spend more R&D time on keeping their hardware more advanced than the competition's, then they'll do that, because nVidia's best advantage is its hardware--its driver advantages are more fleeting. What's needed is an effective evangelist to show them the way, like when a certain Apple CEO said to a certain soft-drink executive "Do you want to sell sugared water all your life, or do you want to change the world?" Or, when a certain essay caused Netscape to open the Mozilla code.
The key here is that open source's big players need to start pushing for these code openings. There's no earthly reason why nVidia couldn't be made to realize how well it could capitalize on its hardware advantages if it didn't have to put so many resources into driver dev.
As a final note, I doubt they could have been ignorant of their use of GPL'd code. Their driver dev people don't just go around using source code they find on the Net, without reading what the licensing terms are. That doesn't happen in a company like nVidia which is known for its good driver development team, a big company which surely has an interest in keeping its programmers from making costly mistakes by plagiarizing the IP of other companies. I'd be willing to bet that their use of GPL'd code was on purpose, not an accident, and that there's other GPL'd code hidden in those binary-only drivers. The corporate attitude is probably that stealing open-source code is okay. And that's yet another reason that we should try extra hard, but with honey rather than vinegar, to get them to realize the merits of open-source driver development.