SFC Expands GPL Compliance Efforts To Samba, Linux, and Other Projects 104
An anonymous reader tipped us to news that the Software Freedom Conservancy is expanding its GPL compliance efforts. Quoting Bradley Kuhn: "This new program is an outgrowth of the debate that happened over the last few months regarding Conservancy's GPL compliance efforts. Specifically, I noticed that, buried in the FUD over the last four months regarding GPL compliance, there was one key criticism that was valid and couldn't be ignored: Linux copyright holders should be involved in compliance actions on embedded systems. Linux is a central component of such work, and the BusyBox developers agreed wholeheartedly that having some Linux developers involved with compliance would be very helpful. Conservancy has addressed this issue by building a broad coalition of copyright holders in many different projects who seek to work on compliance with Conservancy, including not just Linux and BusyBox, but other projects as well."
The anonymous reader adds: "This news was also discussed in the latest episode of the Free as in Freedom Oggcast." Update: 05/30 14:20 GMT by U L: It may not be entirely clear, but several Linux developers have assigned copyright so that the Conservancy can pursue violations for them.
Must be involved.... (Score:5, Informative)
I believe they MUST be involved. As a 3rd party SFLC really has no say ( IIRC the legal term is "standing".). IANAL but If someone strips the GPL from some code and puts that code in their product, the copyright holders are the only one who can legitimately make a complaint. The users may notice, but their rights to source code are defined in the GPL - which is absent in such a case.
Re: (Score:1)
I realize this is way off-topic, but for the longest time I had no idea what "IANAL" meant. I couldn't help but interpret it as a pornographic version of the seminal work by Isaac Asimov.
For those who may not know, "IANAL" means "I am not a lawyer". Don't make the "I, Anal" mistake I did.
TMYK
Re: (Score:2)
You could have just googled; that's what I do when I run across an unfamiliar acronym. And did you notice the ironic play on words, I Anal? Needing to point out that one is not a lawyer seems pretty anal to me.
Re: (Score:2)
Re:Must be involved.... (Score:4, Insightful)
"It is thanks to the SFLC that companies are afraid to use GPL code in their products... they think, quite reasonably, that it just isn't worth the hassle. Which is better, buy a licence for non-free software (fixed, one off cost) or use free software and pay for lawyers to be sure you are in compliance?"
Its better to use free software and pay for lawyers, because;
- You get the source code.
- You _should_ have a lawyer review non-free software licences also, so its not an extra cost.
If corporations are afraid to use GPL software because they are terrified they might have to _share_ something then there are little or no benefits to the Free software community from them being involved.
i.e. The invisible hand will slap down such corporations.
Re:Must be involved.... (Score:4, Interesting)
Paying for a proprietary software license is no guarantee that you are in compliance. Even buying the software puts you at risk of a BSA raid. All it takes is for one employee to install the software on a machine not covered by the license, and you're at risk of serious fines.
Re:Must be involved.... (Score:4, Interesting)
Paying for a proprietary software license is no guarantee that you are in compliance. Even buying the software puts you at risk of a BSA raid. All it takes is for one employee to install the software on a machine not covered by the license, and you're at risk of serious fines.
Actually, all it takes is to not have the receipts or have purchased the software from ebay or Amazon. From what I understand , BSA does not consider software purchased from places like Amazon or Ebay as legit.
Re:Must be involved.... (Score:5, Informative)
The creator of Busybox just got sick of helping the SFLC line its pockets by discouraging the use of free software. I think in the end he disowned Busybox and started a new project to do the same thing, under the BSD licence.
Just in case anyone is paying attention to the AC here... The creator of Busybox was Bruce Perens who went on to be the 2nd head of Debian where he authored the Free Software Guidelines. He worked with HP on their move into the Linux community and founded several more Linux projects. He currently works with the government of Norway in a Linux related role.
Re: (Score:2)
Line it's pockets? Were they actually getting monetary judgements or just source code and GPL compliance?
No, that was Tim Bird of Sony, who wanted to create "toybox" as a means of replacing Busybox so that GPL violations of the kernel harder to detect.
Re: (Score:2)
No, it wasnt to make violations of the kernels license harder to detect, it was to stop the BusyBox copyright holders from having sway over third party applications through their "compliance" requirements (basically they only allowed you to be relicensed for BusyBox if you also came into compliance with everything else, not just BusyBox). Tim Bird had a legitimate complaint - most kernel developers, Linus included, is fairly ambivalent to most kernel license violations.
Re:Must be involved.... (Score:4, Insightful)
But nonetheless it is hypocritical for someone at Sony, a company whose executives start frothing at the mouth when they get wind of someone violating their copyrights, to lead an effort to make it easier for others to violate GPL licenses and get away with it. It's good for them but not for you.
Re: (Score:2)
No, its not hypocritical at all - its software freedom, they wanted an alternative and so someone started to develop one.
Only here on Slashdot could that possibly be twisted to be a bad thing.
Re: (Score:3)
Please. Sony is part and parcel of all the RIAA/MPAA lawsuits against people violating their copyright. Yet one of their public representatives is concerned about someone enforcing the terms of the GPL and seeks a way to "protect" people from them.
They wanted an alternative not because it was superior but because it would allow for a legal dodge to avoid licensing compliance.
Re: (Score:2)
An employee is not necessarily a public representative. An alternative to Busybox with less restrictive license would be a good thing I feel, but that does not make me a representative espousing my company's viewpoints. Rewriting Busybox is a very simple process, it takes a little time is all.
As far as the original issue, if the Linux devs aren't getting upset about license issues then it seems inappropriate for a third party group to try and step in on their behalf.
Re: (Score:2)
Please. Sony is part and parcel of all the RIAA/MPAA lawsuits against people violating their copyright. Yet one of their public representatives is concerned about someone enforcing the terms of the GPL and seeks a way to "protect" people from them.
While I think Tim will probably continue to give his personal support the ToyBox project (note: Sony has *not* given its support to ToyBox -- that was reported incorrectly), it was clear that much of Tim's worries about Conservancy's enforcement efforts were based on rumors spread by a few people and those rumors weren't accurate.
http://lwn.net/Articles/483016/ [lwn.net]
They wanted an alternative not because it was superior but because it would allow for a legal dodge to avoid licensing compliance.
Do you object to bionic as well? In any case here's the reasoning [elinux.org] behind the project, no real problem with that.
Re: (Score:2)
It's not hypocrisy. It's clear and consistent.
"We want what's good for us. Period. That means we keep our copyright and yours too."
Very straightforward. You have to commend them for being so forthright and unsubtle about their evil. No "Don't be evil" propaganda. No glossy friendly shiny fruit-themed attractive traps. With them, it's pretty clear that they're the bully, and they want your lunch money.
Re: (Score:2)
Re: (Score:2)
> > I think in the end he disowned Busybox and started a new project to do the same thing, under the BSD licence.
>
> No, that was Tim Bird of Sony, who wanted to create "toybox" as a means of replacing Busybox so that GPL
> violations of the kernel harder to detect.
No, toybox is by me, Rob Landley, ex-maintainer of busybox, and the guy who hooked busybox up with the SFLC to start legal enforcement of the GPL in the first place. Tim has nothing to do with it (other than writing the first pass of
Re: (Score:2)
I think he's talking about Rob Landley who had worked on Busybox before creating Toybox, which was apparently a replacement for Android's Apache-licensed busybox clone, rather than for busybox itself until recently.
I recall reading that he was upset because all of the lawsuits over busybox didn't add anything to busybox itself... few people using busybox had needed to modify it, so getting the source code released didn't really benefit anyone beyond enforcing GPL compliance.
Re: (Score:2)
As if enforcing GPL compliance (you know, respect for the license terms applied to a software product) was a bad thing. Oh right, it's the GPL. That makes violating it a worthy cause to be supported and championed.
Re: (Score:2)
And even Mr Perens wasn't happy with the SFLC.
But then, why would he be? This is a company of lawyers that doesn't do anything but copyright shakedowns.
Because Bruce Perens makes his living by talking about and participating in copyright shakedowns?
Re: (Score:2)
Re: (Score:1)
and Bruce is a regular poster here. He's probably reading this now.
Is SFLC good about... (Score:2)
GPL2 vs GPL3 (Score:3)
More FUD! I really do not see what Linus's problem is with the GPL3. What it does is add formal protection for 2 sneaky ways to violate the spirit of the GPL that GPL2 lacks. It is also *more* permissive, allowing more ways to comply with the requirements.
The first is "Tivoization". Vendors should not hardwire checks to prevent "unapproved" software from being run. Makes no difference whether these checks are done in the software or hardware. Such a check really is software no matter that it's been
Re:GPL2 vs GPL3 (Score:4, Informative)
More FUD! I really do not see what Linus's problem is with the GPL3. What it does is ...
... require eighty bazillion historical authors (Linus didn't write every line of code) unfortunately including, I believe, the estate of some dead people and the current IP owners of some dead companies, to relicense their past work as GPL3 or have someone do a psuedo-cleanroom reimplementation of the GPL2 code.
Yes, the GPL3 is better than the GPL2, a little. But linux wasn't written by one dude last week.
Linus could, if he so desired, declare he will no longer accept GPL2 patches or code, and in probably just 10 or 20 years there would be no remaining GPL2 code in the kernel, probably. Aside from whatever personal views Linus has about the GPL3, re licensing linux just isn't going to happen, at least not any time soon.
Re: (Score:2)
You do know it's against the GPL to combine GPLv2-only with GPLv3-only code, right? Even the FSF says so [gnu.org]. You can combine GPLv2+ with GPLv3 no issues, but using v3 code will violate the licens
Re: (Score:2)
Heck, even an edict came down along the lines of "No GPLv3 software will be approved - don't even try".
That's great for me to hear. You don't sound like the kind of company that has much of value to contribute. We just got permission to contribute back code to the external GPLv3 project we use. This is going to be another story like 10 years ago. Back then lots of companies were banning GPL, or even all open source software. The ones that could use (for example Apple, Google, IBM and Facebook) it had an edge which was crucial in many of them pulling ahead.
If what you say is true, GPLv3 becomes the dif
Re: (Score:2)
So are you going to rewrite the countless amount of code from the authors who can't be contacted or who don't want their code relicensed?
Re: (Score:1)
He probably wants Tivo and other vendors to use the Linux kernel over a BSD kernel. If you GPLv3 downgrade the Linux kernel, it will make it unsuitable for use in commercial products like the Tivo. Do you really think that companies will magically overnight want to comply with the GPLv3 terms?
If the Linux kernel gets downgraded, we will see one of several things:
1. Adoption of another OS kernel under a more permissive license.
2. A fork of the Linux kernel
3. Vendors using old versions of the kernel as long
Re: (Score:1)
If you GPLv3 downgrade the Linux kernel, it will make it unsuitable for use in commercial products like the Tivo.
Why? No one has ever explained to me just why a company wants to Tivoize Linux?
How does keeping me from changing the code on a device I've purchased help the manufacturer's bottom line?
Re: (Score:2)
Re: (Score:2)
For something like a set top box, the manufacturer is fully justified in locking it so that customers cannot .....
How the hell have we got to this distopian nightmare. These are the people who bought something from you. They own the set top box. They are in the privacy of their own homes. What they do with their own stuff in their own homes is none of your bloody business and you are certainly not "fully justified" in setting up systems to interfere with it. People are fully justified in taking serious action against people who do that kind of stuff.
Re: (Score:3)
Re: (Score:2)
Re: (Score:2)
People are fully justified in taking serious action against people who do that kind of stuff.
Like not buying their products, problem solved.
Re: (Score:2)
Why? No one has ever explained to me just why a company wants to Tivoize Linux?
How does keeping me from changing the code on a device I've purchased help the manufacturer's bottom line?
You need to look at entire ecosystem, not just the box maker. People don't buy hardware because they admire the hardware, they buy hardware to accomplish a task. For Tivo and others, that task is delivering content. The content providers require control over delivery; they want you to be able to watch a recording but not transfer the recording. That requires locked-down systems. Which sells more? Open systems that cannot record HBO, or locked systems that can?
I think DRM is a mistake, but I don't rule Holly
Re: (Score:3)
Spoken like a true apologist. The correct answer is fuck Hollywood and their customer-hating ways.
Re: (Score:2)
So, don't buy their products then. That's the best way to make companies go out of business.
I assume you have the same kind of thoughts about cars, airplanes and microwave ovens.
Re: (Score:2)
I try to avoid it as much as possible. It's quite easy if you try.
Care to go into detail, or are you trying to draw stupid parallels and hoping no one notices?
Re: (Score:2)
Care to go into detail, or are you trying to draw stupid parallels and hoping no one notices?
No, it was a serious question. Sorry if it didn't come out that way.
What I meant was. We have all kinds of devices around us that uses micro computers. Sometimes there are reasons why the companies making those kind of things don't want people to mess them up by changing the code running on them. In the case of Hollywood the reason (at least for now) is DRM, like it or not. Other kinds of businesses may have other reasons. If the Tivo's of this world should make it possible to alter the programs running on
Re: (Score:2)
I agree that the correct answer is "Fuck Hollywood". I don't have a Tivo, I built a MythTV box that records free over-the-air broadcasts. I haven't been to a movie or had cable for years. Hollywood doesn't get my money.
So my question for you is, why do you shoot the messenger? You asked a question, I answered it, and you call me an apologist. Fuck you. I told you that I think DRM is a mistake. Don't you understand the difference between an explanation and a justification? I find that I can make better argum
Re: (Score:3)
The explanation B2B free software vendors gave to the FSF was apparently good enough that the FSF restricted the anti-tivoization provisions of the GPLv3, in its final form, to what amounts to consumer products.
B2C vendors weren't as concerned, as long as the license explicitly allowed two things (that it does): termination of any support responsibility and disconnection of modified-software devices from networks when the network owne
Re: (Score:2)
I really do not see what Linus's problem is with the GPL3.
Linus is primarily a developer, he wants to see the improvements Tivo has done, study them and if they're good enough roll them back into his own project. The GPLv2 fulfills his requirements and then he primarily wants it used - if it's used in locked down tivos, cell phones, tablets, set top boxes, embedded boxes or other appliances that's not a big concern for him, but if all those backed out plus a wave of fud it'd hurt his project. The FSFs agenda of user-modifiable software is not his agenda, he just w
Tivoization (Score:2)
I don't know about Linus, but my problems include (but are not limited to) the fact that it restricts available software functionality and imposes restrictions on the use (without distribution) of software, contrary to the whole point of free software, and that it creates difference classes of users, with different rules that apply when targetting them.
Business vs consumer users (Score:2)
Read the GPLv3 (Score:3)
See the GPLv3, Sec. 6. Note, there, that the "anti-tivoization" provisions only apply to what the GPLv3 calls "User Products", which are, essentially, what would in normal parlance be consumer products as opposed to business products.
That's what the advertisements say, but that's not what the license says. Which is the problem with the license.
Re: (Score:2)
Tivo goes and uses Linux, and sticks the GPL in the back of their end user manual. Linux and GPL are now noticed by basic everyday consumers. Many developers and technical oriented people see this and think "wow, it's great that free software is getting wide exposure, hurrah for Tivo. But many political activist oriented people are thinking "oh no, commercial use is bad, it's not homebrew hardware, must create a new license to prevent this or else we'll be seen as sell outs." The conflict between GPL as
Re: (Score:2)
Reading section 6 of GPL3, there is this section in it [gnu.org]
If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
In other words, GPL3 ain't as pure as it proclaims either. If it can waive the condition where it is useless - such as use in a ROM - why can't they include a locked down flash device in it? After all, functionally, a ROM, a PROM, an EPROM, an MTP and a lockable flash (like ones coming out of Spansion and Micron) are the same. A PROM allows programming in assembly, an EPROM allows it to be erased, an MTP does the same as an EPROM except that it is el
Re: (Score:3)
I believe hardware falls outside the purview of the GPL. All I'm concerned with is that the source code remains availa
Re: (Score:2)
The first is "Tivoization". Vendors should not hardwire checks to prevent "unapproved" software from being run. Makes no difference whether these checks are done in the software or hardware. Such a check really is software no matter that it's been hardwired in. With a scheme like that in place, you can't fix so much as a typo let alone a simple bug. Linus is apparently okay with Tivoization.
Of course, Linus cares about the Linux kernel code, not imposing any kinds of restrictions on the other software that you run or imposing any kind of restrictions on the hardware that you run the software on, just the Linux kernel code. He outlines it pretty clearly here [informationweek.com], a choice quote: "-- I'm against "you cannot do xyz with the code.""
Vendors should not hardwire checks to prevent "unapproved" software from being run.
Actually you should not buy vendor-locked hardware. Obviously alternatives exist and in the case of TiVo you even have the FOSS software modifications they made so you can
Oggcast (Score:3)
Re: (Score:2)
That's what I thought when 'podcast' happened.
Nobody killed it :(
Re: (Score:1)
Re: (Score:2)
But do they want to enforce this? (Score:1)
The purchasers of the hardware might be interested in the source code if they want to hack it, but aside from that, it probably doesn't make a lot of difference to developers, who just want to hack code.
Re: (Score:2)
Linux is big and strong enough, that a modified version in a specific product is unlikely to have anything important Linux really needs.
Of course it could. Lots if not most things inside the Linux kernel itself come from a small group or even an individual. With other software products that are part of the Linux eco system this is even more common. For example twenty years ago I was using Scientific Word for Windows which allowed me to do calculations (like Maple) and TeX. That's far more advanced
Re: (Score:1)
This is a good thing (Score:5, Insightful)
IMO this is a good thing, especially if it means greater pressure on the likes of HTC and other Android vendors to be more proactive and release the kernel source for their devices when the devices and binaries are released instead of taking months and repeated prodding by the copyright holder to get code out there.
Re: (Score:3)
How many people who support the GPL enforcement support pirating commercial music? Most GPL advocates would like to see weaker copyright laws knowing this would equally to GPL software and music.
Re: (Score:3)
I get it.
Copyright is good if it means I get source code or something else I want for free.
Copyright is bad if it means I can't get music that I want for free but instead have to pay for it.
The simple-minded "Average Joe" speaks up. *sigh*
Slashdotters have a problem with the ENFORCEMENT of copyright by Big Content; We don't have a problem with copyright in general. They use the legal system as a weapon against the citizens it is supposed to protect. They routinely assert rights over their content that they don't have (or are covered by fair use), and they make broad, unsubstantiated claims that are designed to cloud the judgement of the public and foolish lawmakers. One of those claims is u
Re: (Score:2)
We don't have a problem with copyright in general.
Don't pretend to speak for me.
Re: (Score:2)
Please, that has nothing to do with what the OP posted.
Re: (Score:1)
Re: (Score:1)
Re: (Score:2)
Does anyone know if there's a licence out there which forbids using any part of the code in proprietary software, but which does not force derivative code to release its source?
The question doesn't make sense. Proprietary software is the opposite of Free Software (or Open Source, depending on your leanings). It is software where the person who receives the binary also receives the code, along with modification and redistribution rights. You can not require derived works not to be proprietary without also requiring their code to be released - it's like requiring them to include air, but not requiring them to include oxygen.
The GPL doesn't require you to release the code to anyo
Re: (Score:2)
I think by proprietary he meant commercial. I suggested http://pigale.sourceforge.net/license_Qt.html [sourceforge.net]
Re: (Score:2)
Re: (Score:2)
That's not true.
1) A person could distribute a GPLed application themselves, redistribution would then be questionable but not neccesarily illegal. (This was precisely the situation with KDE when QT was under that license)
2) A person could distribute a BSD/MIT licensed code which depended on that library. They would just want to make sure the recipient understood that he's getting a conjoined work under 2 different licenses.
3) A person could distribute a closed source application using the QT style li
Re: (Score:1)
Re: (Score:2)
Tell me what you think the word "proprietary" means. I don't think you are using the word correctly which is why you are having trouble.
Re: (Score:2)
Well yes there are licenses like that, they are called non commercial licenses. For example: http://pigale.sourceforge.net/license_Qt.html [sourceforge.net]
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Good news! (Score:1)
Inconsistent is the developer who first licenses his software under a copyleft license and then does not demand compliance to the terms involved.
Too many people think copyleft is public domain. Or at least pretend to do so. Human greed knows no boundaries...
Re: (Score:1)