Headline FeedsLinuxInsider Talkback
|
|
See Full Story
People often ask me how likely it is that an open-source license like the GNU General Public License will ever be enforced. When they ask that, they usually mean: "If I violate it will I get caught?" It's a legitimate question, if one lays aside moral rhetoric, such as the idea that proprietary software companies are merely evil capitalist agents seeking to abuse the rights of free software developers.
Anyone reading this: see Welte's response at:
Posted by: perkins_minor 2005-11-23 16:33:08 In reply to: Heather J. Meeker
http://ganesha.gnumonks.org/~laforge/weblog/2005/07/02/#20050702-meeker-article
.
The article is radically misinformed about Harald Welte and his activities. It is a shame, almost amounting to slander, that since Welte has provided verifiable corrections to the text of the article, it remains unamended.
.
Excerpt:
.
The truth is: AOpen Germany offered the _object_ code of the GPL licensed software on their German ftp-server, without complying to the GPL license terms. My blog clearly states "Firmware" (which is by definition object code, not source code). This means that in fact they are even legally responsible, since they distributed GPL licensed software without adhering to the license conditions.
.
(End excerpt)
.
That is, in contrast to the suggestion of the article that AOpen had provided source code, they in fact distributed binaries and by doing so engendered on themselves the obligation to distribute the source code. Obviously the author has hold of an inappropriate end of the stick, here!
.
Excerpt:
.
Two other quotes from your article: "The problem is that Welte apparently does not hold the copyright to the code that is the subject of these letters."
"Some of Welte's targets have complied voluntarily, but one suspects that is because they were simply unaware of the problem. Welte apparently has no authority to enforce these copyrights."
This is again wrong. I have never enforced any copyright that I don't own. What has happened is that some other Linux kernel developers have transferred their copyright to me, so I can take action in cases where my own copyright is not involved. (which by the way is also a good indication that gpl-violations.org is not some lone lunatic but backed by the development community).
.
(End excerpt)
.
Welte goes on to say that he has submitted comments to this page, and the editor of the site has not yet approved them for publication. I regard this as singularly unfortunate, and I believe it reflects very badly on the integrity of this site.
.
The article is radically misinformed about Harald Welte and his activities. It is a shame, almost amounting to slander, that since Welte has provided verifiable corrections to the text of the article, it remains unamended.
.
Excerpt:
.
The truth is: AOpen Germany offered the _object_ code of the GPL licensed software on their German ftp-server, without complying to the GPL license terms. My blog clearly states "Firmware" (which is by definition object code, not source code). This means that in fact they are even legally responsible, since they distributed GPL licensed software without adhering to the license conditions.
.
(End excerpt)
.
That is, in contrast to the suggestion of the article that AOpen had provided source code, they in fact distributed binaries and by doing so engendered on themselves the obligation to distribute the source code. Obviously the author has hold of an inappropriate end of the stick, here!
.
Excerpt:
.
Two other quotes from your article: "The problem is that Welte apparently does not hold the copyright to the code that is the subject of these letters."
"Some of Welte's targets have complied voluntarily, but one suspects that is because they were simply unaware of the problem. Welte apparently has no authority to enforce these copyrights."
This is again wrong. I have never enforced any copyright that I don't own. What has happened is that some other Linux kernel developers have transferred their copyright to me, so I can take action in cases where my own copyright is not involved. (which by the way is also a good indication that gpl-violations.org is not some lone lunatic but backed by the development community).
.
(End excerpt)
.
Welte goes on to say that he has submitted comments to this page, and the editor of the site has not yet approved them for publication. I regard this as singularly unfortunate, and I believe it reflects very badly on the integrity of this site.
Re: Open Source and the Legend of Linksys
Posted by: jklowden 2005-07-02 13:20:34 In reply to: Heather J. Meeker
"Linksys probably knew nothing of the problem either, because Linksys has been buying the culprit chipsets from Broadcom [which] in turn outsourced the development of the firmware for the chipset to an overseas developer."<P>
Who did the work is completely irrelevant. We're talking about the Linux kernel. The question is: was the kernel modified, and/or were modules added? In order to ship its product, Linksys had to build its code from source. Even if the infringing code were in fact written elsewhere, it would still be in-house, else the product could not be compiled. Only inexcusably sloppy source code management would fail to keep proprietary code separate from GPL code; if that's what happened, I'd say Linksys got off lightly. Just imagine the consequences if it had been, say, Microsoft's code that had been used in exception to the license.
GPL or not, every company keeps very careful track of source code for shipped binaries. There is no chance Linksys didn't know what it was shipping.
"To discover the problem, Cisco would have had to do diligence through three levels of product integration, which anyone in the mergers and acquisitions trade can tell you is just about impossible. This was not sloppiness or carelessness -- it was opaqueness."
I don't know where you get that impression. If an ordinary user -- technically competent but without access to any proprietary information -- can discover Linksys's infringement, how can it be "just about impossible" to ensure compliance?
A better explanation would be that Linksys tried to see what they could get away with, and used their de facto "proprietary period" to competetive advantage. Six months on the market while your competitors don't have your source code is surely an advantage, wouldn't you say?
Who did the work is completely irrelevant. We're talking about the Linux kernel. The question is: was the kernel modified, and/or were modules added? In order to ship its product, Linksys had to build its code from source. Even if the infringing code were in fact written elsewhere, it would still be in-house, else the product could not be compiled. Only inexcusably sloppy source code management would fail to keep proprietary code separate from GPL code; if that's what happened, I'd say Linksys got off lightly. Just imagine the consequences if it had been, say, Microsoft's code that had been used in exception to the license.
GPL or not, every company keeps very careful track of source code for shipped binaries. There is no chance Linksys didn't know what it was shipping.
"To discover the problem, Cisco would have had to do diligence through three levels of product integration, which anyone in the mergers and acquisitions trade can tell you is just about impossible. This was not sloppiness or carelessness -- it was opaqueness."
I don't know where you get that impression. If an ordinary user -- technically competent but without access to any proprietary information -- can discover Linksys's infringement, how can it be "just about impossible" to ensure compliance?
A better explanation would be that Linksys tried to see what they could get away with, and used their de facto "proprietary period" to competetive advantage. Six months on the market while your competitors don't have your source code is surely an advantage, wouldn't you say?
As someone who is thoroughly involved with the matter of GPL violations, some additional comments:
|
1. It's not your competitors or disgruntled former employees. From my experience, in almost all cases it's your customers. Users who look at your product and find out that they actually had the right to read, modify, recompile the source code but who have been deprived of this right. In the remaining few cases it's actual current employees of the particular company. Employees who have previously informed their superiors (with no result) about the copyright infringement they perform by not adhering to the GPL.
|
2. Regarding the "money was paid in addition to the source code made available" issue: Publishing the source code can only prevent further GPL violations from distributing the product now and in the future. I suspect the money was paid as compensation for the number of copies that had alrady been made in the past and distributed without license compliance. Sometimes there is also a "grace period" in which already-produced license-incompliant copies of the software can still be sold license incompliant for a certain period of time.
|
1. It's not your competitors or disgruntled former employees. From my experience, in almost all cases it's your customers. Users who look at your product and find out that they actually had the right to read, modify, recompile the source code but who have been deprived of this right. In the remaining few cases it's actual current employees of the particular company. Employees who have previously informed their superiors (with no result) about the copyright infringement they perform by not adhering to the GPL.
|
2. Regarding the "money was paid in addition to the source code made available" issue: Publishing the source code can only prevent further GPL violations from distributing the product now and in the future. I suspect the money was paid as compensation for the number of copies that had alrady been made in the past and distributed without license compliance. Sometimes there is also a "grace period" in which already-produced license-incompliant copies of the software can still be sold license incompliant for a certain period of time.
Some statements in the article are just not true
Posted by: laforge 2005-07-02 04:27:02 In reply to: Heather J. Meeker
There is nothing wrong with press articles and commentaries about the GPL, the gpl-violations.org project or myself, no matter how critical they are - as long as they are based on facts. Spreading lies is however not acceptable to me.
The most obviously wrong statement is "But, it so happened, that AOpen was actually compliant, having offered the source code on a German Web site, as Welte later noted in his blog. Nevermind.".
The truth is: AOpen Germany offered the _object_ code of the GPL licensed software on their German ftp-server, without complying to the GPL license terms. My blog clearly states "Firmware" (which is by definition object code, not source code). This means that in fact they are even legally responsible, since they distributed GPL licensed software without adhering to the license conditions.
Two other quotes from your article:
"The problem is that Welte apparently does not hold the copyright to the code that is the subject of these letters."
"Some of Welte's targets have complied voluntarily, but one suspects that is because they were simply unaware of the problem. Welte apparently has no authority to enforce these copyrights."
This is again wrong. I have never enforced any copyright that I don't own. What has happened is that some other Linux kernel developers have transferred their copyright to me, so I can take action in cases where my own copyright is not involved. [which by the way is also a good indication that gpl-violations.org is not some lone lunatic but backed by the development community].
Obviously I reserve the right to inform any organization about illegal copyright infringement they might be committing, even if I'm not the copyright holder. This must not be confused with legal GPL enforcement by an actual
copyright holder through in or out-of-court legal action.
Specifically, regarding to the "CeBIT letter action", I could have started legal procedings in all those cases. In fact, my legal team an I were planning to personally hand over a preliminary injunction at one of the CeBIT booths. Rather than doing so, I thought I could save the respective infringing companies the trouble of legal charges and legal expenses by first writing them an informal letter.
-- Harald Welte <laforge@gpl-violations.org>
The most obviously wrong statement is "But, it so happened, that AOpen was actually compliant, having offered the source code on a German Web site, as Welte later noted in his blog. Nevermind.".
The truth is: AOpen Germany offered the _object_ code of the GPL licensed software on their German ftp-server, without complying to the GPL license terms. My blog clearly states "Firmware" (which is by definition object code, not source code). This means that in fact they are even legally responsible, since they distributed GPL licensed software without adhering to the license conditions.
Two other quotes from your article:
"The problem is that Welte apparently does not hold the copyright to the code that is the subject of these letters."
"Some of Welte's targets have complied voluntarily, but one suspects that is because they were simply unaware of the problem. Welte apparently has no authority to enforce these copyrights."
This is again wrong. I have never enforced any copyright that I don't own. What has happened is that some other Linux kernel developers have transferred their copyright to me, so I can take action in cases where my own copyright is not involved. [which by the way is also a good indication that gpl-violations.org is not some lone lunatic but backed by the development community].
Obviously I reserve the right to inform any organization about illegal copyright infringement they might be committing, even if I'm not the copyright holder. This must not be confused with legal GPL enforcement by an actual
copyright holder through in or out-of-court legal action.
Specifically, regarding to the "CeBIT letter action", I could have started legal procedings in all those cases. In fact, my legal team an I were planning to personally hand over a preliminary injunction at one of the CeBIT booths. Rather than doing so, I thought I could save the respective infringing companies the trouble of legal charges and legal expenses by first writing them an informal letter.
-- Harald Welte <laforge@gpl-violations.org>
Things to consider when you are stealing code
Posted by: jim_s 2005-06-29 07:46:45 In reply to: Heather J. Meeker
I have a couple annoyances with this article. For one, it works from the presumption of violation, as if the author were telling us, "Things to consider when you are stealing code..."
|
For another, it portrays source code released under the GPL as somehow different and more dangerous (??) than other copyrighted works. This is just disingenuous. Any software shy of public domain is going to carry licensing terms. Why does Ms. Meeker presume GPL code is something that will or should be pilfered within a corporation?
|
It also, mind bogglingly, fails to present the optimum, most used route available to companies interested in using GPL code -- Hey, don't cheat! Play nice and reap the same rewards as companies like Red Hat, IBM, and gangs of others enjoying Linux's multi-billion dollar markerplace.
|
And for Pete's sake, why must GPL authors always be portrayed as loony and starry eyed zealots. Doesn’t Ms. Meeker realize these are intelligent, professional software developers? This zealot-card is getting old.
|
"The fact that it does not charge license fees for its software probably means it cannot seek damages based on the amount of a reasonable royalty -- though it could still rely on statutory damages."
|
I disagree. The GPL implies an equity of exchange -- you can have mine as long as you share yours. Failure to share yours breaks this exchange and, as mentioned, means you are using my copyrighted work without permission. A software author could reasonably demand remuneration if you are profiting from his labor.
|
"This is the nightmare scenario for an acquiror worried about open source. In the trade this is known as 'buying a lawsuit.'"'
|
Shouldn't an acquirer be concerned about ANY copyright infringement? Shouldn’t they be concerned about THOUSANDS of issues? Why is open source the boogeyman in the scenario?
|
Quoting a Daniel Lyon’s article from Forbes is also serious blow to this credibility of this piece. Mr. Lyons is a well known for his shallow, ad hominen attacks, hated of all things Linux, and all around shabby reporting.
|
Lastly, Ms. Meeker greatly understates the FSF approach to violations as compared to a commercial outfit. Would you rather have a discreet phone call from Mr. Kuhn hoping to resolve (at no expense) the violation – OR – have a company like SCO sue you for billions because they *think but can’t show* that maybe you took something?
|
For another, it portrays source code released under the GPL as somehow different and more dangerous (??) than other copyrighted works. This is just disingenuous. Any software shy of public domain is going to carry licensing terms. Why does Ms. Meeker presume GPL code is something that will or should be pilfered within a corporation?
|
It also, mind bogglingly, fails to present the optimum, most used route available to companies interested in using GPL code -- Hey, don't cheat! Play nice and reap the same rewards as companies like Red Hat, IBM, and gangs of others enjoying Linux's multi-billion dollar markerplace.
|
And for Pete's sake, why must GPL authors always be portrayed as loony and starry eyed zealots. Doesn’t Ms. Meeker realize these are intelligent, professional software developers? This zealot-card is getting old.
|
"The fact that it does not charge license fees for its software probably means it cannot seek damages based on the amount of a reasonable royalty -- though it could still rely on statutory damages."
|
I disagree. The GPL implies an equity of exchange -- you can have mine as long as you share yours. Failure to share yours breaks this exchange and, as mentioned, means you are using my copyrighted work without permission. A software author could reasonably demand remuneration if you are profiting from his labor.
|
"This is the nightmare scenario for an acquiror worried about open source. In the trade this is known as 'buying a lawsuit.'"'
|
Shouldn't an acquirer be concerned about ANY copyright infringement? Shouldn’t they be concerned about THOUSANDS of issues? Why is open source the boogeyman in the scenario?
|
Quoting a Daniel Lyon’s article from Forbes is also serious blow to this credibility of this piece. Mr. Lyons is a well known for his shallow, ad hominen attacks, hated of all things Linux, and all around shabby reporting.
|
Lastly, Ms. Meeker greatly understates the FSF approach to violations as compared to a commercial outfit. Would you rather have a discreet phone call from Mr. Kuhn hoping to resolve (at no expense) the violation – OR – have a company like SCO sue you for billions because they *think but can’t show* that maybe you took something?
Re: Open Source and the Legend of Linksys
Posted by: rht 2005-06-28 16:40:45 In reply to: Heather J. Meeker
An interesting sidelight to the Linksys story is that nowadays the WRT54G series of WiFi routers is the weapon of choice for Linux gurus because the source code is freely available under the GPL. WRT54G routers can be made to do just about anything in the WiFi world, and certainly far more than the original or current owners dreamed of.
I hazard the guess that far more WRT54Gs are sold than would have been the case were the source code not available.
I hazard the guess that far more WRT54Gs are sold than would have been the case were the source code not available.
