GPL Violation, Microtest's DiskZerver 393
Slashdot reader brtb reports:
About a year ago my employer, a local high school, purchased a couple MicroTest "DiskZervers," network-attached-storage boxes designed to cache CD images for LAN usage. We were mainly Netware-and-Win95 at that time, and the Zervers performed flawlessly in that configuration. But problems began when the district IT department made the decision to switch us over to an NT-domain setup. The Zervers, even with their advertised "Domain Integration" support, didn't seem to like this too well, so I dug a little deeper... imagine my surprise when I found out the boxes are actually embedded 486's with Linux and a whole slew of other GPL'ed software, mentioned nowhere in the manuals or on the accompanying software CD.
Apparently, Microtest (NAS division since sold to XStore) put together a mess of GPL software - a modified Linux kernel 2.0.27, Samba 1.9.x-ALPHA (!!!), the MARS_NWE netware emulator, and GNU C libraries (libc5), among others, stuffed them on a flash chip in a drive-bay-size embedded 486-based computer, and sold it as their "DiscZerver" product line. They also used some non-GPL packages, including Apache and Netatalk (macintosh server). Nothing wrong with their methods, but there's plenty wrong in their implementation.
The web interface and proprietary Windows front-end, the only given methods of configuring the device, refer to the various services generically, like "Web server," "SMB server," "NCP server," etc. - there's no mention anywhere, even in the manual, of the actual programs being used. Of course along with this is no accompanying source code or even the offer to provide any, as the GPL requires.
I can't even get any useful tech support from this company, much less someone to ask about getting the source code for the software and whatever modifications they made, which includes a flash file-system driver ("yaffs" - I think MicroTest wrote it, as I can't find any info on it) for the kernel. I did manage to hack out the hidden-from-customers root password; with that I found a shell prompt (Stand-alone Shell v1.0 - GPL? dunno) which only increased my determination as I could see exactly what programs they managed to steal, strip out identifying info, and use without credit.
I did contact the FSF with the limited information I had before I got shell access, and they did confirm the existence of a GPL violation, but were unable to do anything specific as they do not hold copyright on any of the programs I knew of at the time (and actually suggested I post to Slashdot to get some answers). xStore itself has not returned my emails or phone call. I have another e-mail in to the FSF, now that I know the machine includes glibc1.
So, right now I have a nice little piece of hardware, some mis-compiled (I think) software, and no idea what to do next. At the very least, I learned that my usual policy of disassembling and analyzing any new hardware we get is the right one; of course that doesn't help all the LAN users that need access to these CDs. I'd be happy if I could just get the code so I can fix SMBd/NMBd to work properly. I've thought about trying to make my own really-small distro to load on, but it's not really worth my time - I could just load the cached CD images (thankfully just standard .ISO's) off the Zerver's CD-storage hard drive into my other Linux server, compile and install Samba correctly (works great if you do it right) , and get on with life... but I really shouldn't have to do either. Any ideas?
who goes after them? (Score:2)
or b)sue the manufacturer?
The EFF? The FSF?
Re:who goes after them? (Score:1)
Typically you need to be the copyright holder to make a complaint, although in some occasions (RTLinux), the FSF handled it with holding the copyright.
Now that it has been discovered that they use glibc, the FSF can begin action.
garc
we do (Re:who goes after them?) (Score:2)
While I'm still waiting for the GPL to go to court one day, I think that community pressure is a much better strategy. Why sue someone when you can avoid feeding lawyers and bring the opposing into your own camp, at the same time?
Re:This is Who goes after them... (Score:2)
The copyright holders, like Linus and company can sue both companies for copyright infringement. Xstore can also sue DiskZerver for fraud.
All without the DMCA or any other new BS laws being necessary.
Re:This is Who goes after them... (Score:3, Interesting)
DiskZerver is the product. You don't sue products.
MicroTest claimed to have originated the DiskZerver product, and sold it to Xstore.
Xstore now can sue MicroTest for selling what they didn't own.
Re:who goes after them? (Score:2)
We could settle things on the playground after recess, but most of those settlements only last until the bigger guy is out of sight.
Put up and FTP site (Score:5, Interesting)
Re:Put up and FTP site (Score:3)
Actually, they have to do more than that. For one thing, the GPL absolutely requires that they let their customers know that the software is GPLed and that the code is available. They have clearly failed to do so. They also must provide the code on a physical medium on request for no more than the cost of media and shipping; simply putting it up on ftp is not sufficient. In practice making it available by ftp may be acceptible if it means that nobody particularly wants to get the software on a physical medium, but the offer to provide the physical medium must be made.
And that's just for the GPLed programs. Some of the other licenses used have their own requirements. Apache, for instance, includes the "Obnoxious Advertizing Clause" in its license, so removing their trademark from the package is a big no-no. The stripping of the Apache advertizing information is actually very good evidence that this is not just a casual, accidental license violation. Removing that stuff is clearly deliberate, since simple laziness would result in it being left in.
Re:Put up and FTP site (Score:2, Informative)
Re:Put up and FTP site (Score:2)
If they meant "optical or magnetic storage media," they
should have said that.
I must admit I don't remember exact wording of the whole GPL by heart, but I would be surprised if it did not explicitly and exactly specify what constitutes acceptable provision of source code. And that definition is probably slightly more verbose than simple "physical media".
And as to cost of electrons; they may be free, but how about shipping them? (which original poster mentioned in addition to the cost of the media itself)?
Re:Put up and FTP site (Score:3)
Re:Put up and FTP site (Score:2)
I suspect MicroTest would have also distributed source if someone had caught them when they still owned the division; I think they were less concerned about people getting the source to the software (since people already can get the source, as it doesn't seem to be significantly modified) than about people finding out that the product uses Free Software. Remember that until very recently the software used in these products was considered by the business world to be unreliable and so forth, and people were prohibited from using it; people would run Linux servers and pretend they were actually Windows. This is probably not a concern these days, since IBM has made Linux acceptable to the business world.
Re:Put up and FTP site (Score:2)
Isn't the real concern that a competitor with more money will just take all their work and repackage it themselves?
I may be examining this situation incorrectly, but a large company like IBM or Microsoft or whoever can easily take some small company's work and resell it cheaper, use a bigger advertising budget, etc.
This is an obvious impetus for a company to violate the GPL - not because they want to stop individuals with the know-how from recreating their product, but to stop the larger corporation from doing so.
Re:Put up and FTP site (Score:2)
They must either accept the risk, or find another business. Furthermore, they could probably be easily cloned even if they don't release the source.
Re:Put up and FTP site (Score:4, Insightful)
Any potential customer who, as you said, "had oogles of free time -and- the requisite skills" probably wouldn't even look at a product like this in the first place. They would already know what could be accomplished with a stock Linux install. These are the guys (like most of us) who would read the advertisement for the product and say, "Gee, I can do all that with Linux for free."
Now on the other hand, if their time where valuable, they might look at this product a little differently. Sure it could be done in house, and we could develop or modify some control software to make it easy to administer for non-tech, but why? In this case, I'm paying for the work they did in setting this up as a package, not for the underlying GPLed code.
Things are very different in the business world than when you are in college or just starting out. My company would gladly pay an extra few hundred bucks or so for a turnkey solution rather than to pay my salary for a couple of days for me to get all this set up by myself.
Re:Put up and FTP site (Score:2)
If something ever does go wrong (unlikely) you have someone you can call, and make it their responsibility rather than yours.
priceless.
Downloading Dell (Score:2)
Shh. Don't tell Dell; their business model is a sham. There's no way they could possibly be successful.
I can download Windows for free, though I have to admit - legality becomes an issue. If you want, we'll stick with downloading a copy of Linux. Though... piracy is a common "option" to many.
That leaves me with... software. No box. So I'll have to build my own whitebox. There's nothing Dell offers that I can't get, or at least find a suitable equivilent to, on my own.
So now I have my own Dell competitor. A product that might even be better than anything they offered. Perhapse cheaper depending on what options I went with.
Assuming I have the time and knowledge to put this all togeather.
The same goes for an embeded linux server product.
these products in question... (Score:2)
based on this discussion i'm going to check out the $2000 network diagnostic tool that I have of theirs and see if it's also linux based; I've always thought it was, but never really looked closely. we'll see.
but back to the original point, there's little reason to build a huge linux box with breakable physical components when you can just use a very simple unit with no moving parts that fits into a 5.25" bay.
plus, it was pretty cheap. worked pretty well for our needs when we used them. YMMV though.
No. GPL says "any third party" (Score:2)
AFAIK, they are only obligated to provide machine-readable source code to the person to whom they gave the binary executables.
The GNU General Public License [gnu.org], section 3(b), requires licensees who redistribute the software to make the source code available at cost "to any third party," i.e. to parties who have not necessarily purchased the device containing the software.
I just found a loophole in the GNU GPL! The "source code" could be in a proprietary language (as long as it remains the preferred form for modification), as the GPL does not require the compiler to be distributed. (Otherwise, you wouldn't be able to use MSVC or VB to compile GPL software.)
All the GPL violations (Score:1)
Hmm... (Score:1)
Shame on DiskZerver (or however it's spelled) for tarnishing the GPL name w/ an obviously misguided and unplanned product... Simply gives us more motivation to create products that are good, durable and legal while still holding a GPL license.
Re:Hmm... (Score:2)
Well, the real problem with GPL is enforcing it. If the FSF can't take a stand on issues like this where multiple copyrights are violated, and the individual copyright holders never learn of it or can't afford to pursue it, then what prevents companies like this from violating it? If it isn't defended, it becomes useless, and probably invalid in the eyes of the law too. (IANAL).
I am completely with the concept of the GPL/other free licenses, but there needs to be enforcement of them to make them effective.
MadCow.
Re:Hmm... (Score:2)
FSF & Copyright (Score:4, Interesting)
And now some of you who say the FSF (and by extension, RMS) are "control freaks" since they ask that the copyright of GNU stuff be assigned to them see the reason why.
It isn't about control: it's about protection.
Re:FSF & Copyright (Score:3, Insightful)
I think that should read "It istn' only about control: it's also about protection". As most anyone who's dealt with RMS will assure you, it's most definitely also about control on some level.
Re:FSF & Copyright (Score:2)
complain to as many people as you can (Score:1)
Re:complain to as many people as you can (Score:2)
That's complaining to an awful lot of people right there!
Just... (Score:1)
Licensing (Score:1)
you may have broken the license agreement.... (Score:5, Insightful)
Basically, it's an issue of risk. If it turns out that they have no GPL violations, then you could get nailed for breaking the license they provided. On the other hand, you could show that they broke the GPL prior to specifying the license terms you use the product with, either voiding their license or something of that nature.
Re:you may have broken the license agreement.... (Score:2, Interesting)
But it's a different sort of liability.. Lets assume for a moment that both parties violated their respective licenses. Violating the DiskZerver license restricts your ability to use their software. Violating the GPL restricts DiskZerver's ability to distribute the software. There are no penalties for *using* software you purchased after violating the license agreement (except possibly in UCITA states) -- you just lose "perks" like support or something equally inane. On the other hand, there a *significant* penalties for distributing software that you no longer have the license to. As a matter of fact, thanks to lobying there are not only penalties, it's also a felony.
They may charge you with DMCA violations if the root password was encrypted, though.
Re:you may have broken the license agreement.... (Score:5, Interesting)
BTW, just so nobody goes off on a security tangent about a hidden root password, I tested the one I found on the second Zerver and it doesn't work, so apparently they made it different for each machine (GOOD IDEA).
What agreement? (Score:2)
It is very easy to obtain and use products without ever agreeing to a license.
For all the bitching out Microsoft licenses, I bet only .001% of the users have actually bound themselves to the silly terms. Think about what conditions would have to take place for someone to want to agree to it: you'll turn up a blank.
Re:What agreement? (Score:2)
Also, corporate america follows the EULA licenses. First day on the job you'll get warned by them on using software outside the licenses. If a company were to be caught, then that's bad press for that company.
Also, we
GPL violations vs EULA violations (Score:2)
Well, that's really two very different situations. When someone sells GPLed software w/out source, they either
- agreed to the license (which gave them rights to distribute derivative works) and are violating it
- or they didn't agree to the license (which would have given them distribution rights), and they are violating copyright.
When someone uses (in a manner not prohibited by copyright law) a commercial program in a way that conflicts with the EULA, there isn't that either/or situation. They either- agreed to the license and are violating it
- or they didn't agree to the license and they are
... doing nothing bad.
They key difference is that all the GPL violations that are getting covered onRe:you may have broken the license agreement.... (Score:2)
GPL allows him to do what he did (Score:2)
He can hack up GPL code however he likes. You want to take a kernel binary and disassemble it? See if anybody complains. Since the code on that flash ROM is generally GPLed (and due to integration more than likely all the code is now) the company can't touch him.
Next thing you know, someone will sit outside my door and tell me I have to pay them $5 to get in my house or I'm breaking the law.
Then, after that, someone will argue I'm in trouble for not paying that guy his $5.
Of course, the guy _could_ have been in trouble if it turned out not to have included GPL software. In that case he probably wouldn't have posted to slashdot about his l33t hack, tho.
Re:GPL allows him to do what he did (Score:2)
Re:GPL allows him to do what he did (Score:2)
I know this because I've had a quick look at another product thats in the same boat just with less GNUisms but its all one big binary so there is the issue of GNU contamination. I got explicit permission to reversen engineer the program from the only person mentiond in the binary so I think I've covered myself in the USA. I did the work in Australia where this week its still legal to check a device for compatibitlity and security holes.
Once the company involved digs its self in a bit deeper, then I'm sure everyone who reads
The scary thing is I've sent in patches to code they have solen.
Re:you may have broken the license agreement.... (Score:2)
Liability and due diligence (Score:3, Interesting)
Uh, they should like... (Score:1)
I thought that was understood...
Alternatively, if they can contact the author, they could arrange for a specific license that is different from GPL, and that would allow them to "buy" that code. They'd still face competition from the existing GPL code though.
Did they modify/redistribute, or just distribute? (Score:3, Insightful)
Since (I'm guessing) the admin tool probably just modifies the config files, I fail to see how that could possibly be a GPL violation.
There is mention of a modified kernel, but without further info, I will take that to mean almost anything from radically modified code to a loadable module, which could be on both spectrums - details? Without, it is just the normal
So, they slapped together a box and shipped it out without mentioning Linux or GNU. Does the GPL say anything about this? If they have not made any mods are they still required by the GPL to have the same offer?
What if they had embedded a minimal Linux setup in an EPROM? Seems it'll be a pain to use Linux in an embedded device if you have to keep provided source media even if you didn't change any GPL'ed code and just added your own programs.
Re:Did they modify/redistribute, or just distribut (Score:4, Interesting)
Yes. Section 1 of the GPL applies here.
If they have not made any mods are they still required by the GPL to have the same offer?
Yes. Again, section 1.
What if they had embedded a minimal Linux setup in an EPROM? Seems it'll be a pain to use Linux in an embedded device if you have to keep provided source media even if you didn't change any GPL'ed code and just added your own programs
I don't see what the pain is in putting the GPL in your manual along with a written offer to provide source (see section 3 b) of the GPL).
Re:Did they modify/redistribute, or just distribut (Score:2)
Yes. Section 1 of the GPL applies here.
Not necessarily. Section 1 is of the form "you may do X if you do Y". Just because they did X doesn't mean they have to do Y. Interestingly, if they did make changes, then they don't have to release the source. Look at section 2, of the form "you may do B if you do C". It allows you to modify the Program and distribute copies as long as you provide prominent notices and relicense the derivitive work under the GPL. There is absolutely no requirement to release the source code.
In order to get the rights of section 3, you must follow both sections 1 and 2, but in order to get the rights of section 2 there is no requirement to follow section 1.
Re:Did they modify/redistribute, or just distribut (Score:3)
Actually, it's "You may do X *provided* you do Y". You can only do X on condition of doing Y also. Same with Section 2: "You may do B *provided* you do C".
Big difference between "if" and "provided".
Re:Did they modify/redistribute, or just distribut (Score:2)
Big difference between "if" and "provided".
Explain to me how "You may go to a concert if you do your homework on Thursday. You may go to the Monday concert if you do your homework on Friday."
is different from "You may go to a concert provided you do your homework on Thursday. You may go to the Monday concert provided you do your homework on Friday."
In both instances you do not have to do your Thurday homework to be permitted to go to the Monday concert, even though going to the Monday concert implies going to a concert. There is no difference between "You may do X if you do Y" and "You may do X provided you do Y".
Re:Did they modify/redistribute, or just distribut (Score:2)
Well, I fail to see how the concert example is analogous to our previous discussion.
There is no difference between "You may do X if you do Y" and "You may do X provided you do Y".
"provided" has stronger conotations than "if".
"provided" has conotations of "if you do X then you must do Y", whereas "if" is a little weaker in conotation: "if you do Y then you may do X".
Shades of meaning, and "provided" has a stronger meaning than "if".
Re:Did they modify/redistribute, or just distribut (Score:2)
Well, I fail to see how the concert example is analogous to our previous discussion.
Because it showed that "provided" and "if" mean the same thing. It also showed that "you may do X provided you do Y" does not imply "you may not do X if you do not do Y".
"provided" has conotations of "if you do X then you must do Y"
Can you provide any backup to that assertion? I disagree, and so does dictionary.com (not that either is authoritative). Further, wouldn't your interpretation negate all dual licenses?
Re:Did they modify/redistribute, or just distribut (Score:3, Insightful)
Sure... but they carry different conotations.
It also showed that "you may do X provided you do Y" does not imply "you may not do X if you do not do Y".
Huh? It certainly does imply that. "may" implies permission: the condition for that permission is that you do Y. If you do not do Y, then you do not have permission to do X. Said another way, in order to obtain permission to do X, you must fullfill the conditions spelled out in Y. If you do not fullfull those conditions, you don't have permission. I fail to see why this is so difficult for you to understand.
Can you provide any backup to that assertion?
See above.
Re:Basic logic (Score:2)
Not at all... that's exactly what I've been saying all along. In plain old regular English "provided" has stronger conotations than "if". In fact, "provided" is always used this way in regular conversational English.
In English there are often two or more words that express the exact same idea, but often vary in their conotations, linguistic baggage, etc.: "unmarried woman" and "spinster" functionally mean exactly the same thing, but have quite different conotations (best example I could think of off the top of my head :) )
Sonny Bono strikes again (Score:2)
What if they are the copyright owner of the source?
Then they have every right to re-license, as FSF does for the GNUPro toolkit. However, in this case, they're definitely not.
What if they got permission from the copyright owner of the source?
GNU GPL section 10 (alternate licensing from the copyright owner) covers the issue.
(snip)What if the copyright is expired?
Expired? Huh? Thanks in part to the actions of the late Sonny Bono, copyrights don't expire anymore [everything2.com].
Re:Did they modify/redistribute, or just distribut (Score:2)
Re:Did they modify/redistribute, or just distribut (Score:2)
The word is "asinine", and I feel it describes your comments on the GPL perfectly. Troll.
Damn, I had that first too, but then I changed it. Troll.
Re:Did they modify/redistribute, or just distribut (Score:2)
Both Apple and Microsoft have been in violation of the GPL, and both speedily rectified this problem when it was pointed out to them.
They might be able to use the GPLed software on their systems, but if they distribute it then the GPL catches them. The only way that they could know that they have a legal right to distribute GPLed code is to read the GPL.
As for the bit about what is the proper criterion for judging a derivative work, you are correct, there is no legal precedent. However, you are overlooking two important facts when you assume that the FSF will not be correct in the judgement that linking programs creates a derivative work. The first of these facts is that pretty much the entire commercial software industry would be in favor of the FSF interpretation. In fact, they would probably want an even stronger opinion that software written to their copyrighted APIs was a derivative work. The second, and most important factor, has to do with the nature of copyright itself. Unlike trademark violations where the onus is on the trademark holder to curtail the public use of their trademark, copyright holders can pick the time and the place to enforce their copyright. Use of someone else's copyrighted material does not cause this material to become public domain. This means that the FSF can pick and choose who they want to prosecute. When the GPL is finally tried in court you can bet that the defendant will be some small underfunded corporation without the benefit of millions of dollars for legal defense. It is even likely that the suit will be brought forward by Sun, IBM, or some other large corporation that has published software under the GPL.
The FSF will get their precedent eventually, and would probably already have it if they were the type to play hard ball.
As for your assumption that a layer of anonymity would make it possible to defeat the GPL, well that's just absurd. If someone hands me a manuscript that they claim to have written and I publish it under a pseudonym and it turns out to be a Steven King novel I will get sued. If I turn over the name of the person who gave me the manuscript I might be able to claim that I was defrauded, but I certainly wouldn't get to keep the profits from the episode. I might stay out of jail, but that would be it.
If you distribute a piece of software that contains GPLed code that you received from a third party, then you are liable if you do not make the source code available. Of course, you could countersue the third party, and if you honestly tried to make it right the FSF is not likely to crucify you, but you had better make sure your efforts are sincere.
Re:Did they modify/redistribute, or just distribut (Score:2)
They might be able to use the GPLed software on their systems, but if they distribute it then the GPL catches them.
They can distribute GPLed software as long as they do not simultaneously distribute their operating system. They can offer GPLed software for instance on their web sites. Not that any of that matters, anyway, because they need only write and release the GPLed software which makes system calls to their binary kernel.
The first of these facts is that pretty much the entire commercial software industry would be in favor of the FSF interpretation.
I'm certainly not overlooking that fact. I believe that is the number one reason why no major software company has taken the GPL to court. It simply wouldn't be in their interests to do so for the miniscule gain they'd get out of it.
This means that the FSF can pick and choose who they want to prosecute.
I have serious doubts that the FSF would let any major software company get away with a GPL violation without prosecuting them (if they didn't back down). Do you really think they would? Besides, as I said before, I don't think it's in the best interests of a major software company to fight the GPL in the first place.
As for your assumption that a layer of anonymity would make it possible to defeat the GPL, well that's just absurd. If someone hands me a manuscript that they claim to have written and I publish it under a pseudonym and it turns out to be a Steven King novel I will get sued.
That is a completely different issue, because Steven King has not given up any of his redistribution rights. GPLed software, on the other hand, may be obtained for free, and once you have obtained a physical copy of software you have the legal right under the first sale doctrine to redistribute that copy to anyone. If you "buy" 1 million copies of Red Hat, you have a legal right under the first sale doctrine to sell those 1 million copies without regard to the source code (because you never had to agree to the GPL in the first place).
Re:Did they modify/redistribute, or just distribut (Score:2)
Ok, now I see how you got confused. You are applying first sale doctrine to the copyrighted material. The first sale doctrine permits me to sell my copy of "Carrie" by Steven King. It does not, however, permit me to type the text from "Carrie" into my computer and make a hundred copies for all of my friends.
Likewise, if you went to Staples and bought 500 RedHat CDs, you could sell those 500 RedHat CDs to whomever you wanted (first sale doctrine). You are not really distributing the software, RedHat is. However, if you opened one of those boxes up and started burning copies. Well then, that's clearly contrary to what the default copyright allows and the only way that you could have possibly come to believe that you had any right to do so was to read (and agree to) the GPL.
If you do not agree to the GPL, then you do not have any right to make and distribute copies. Do you see how that works? If you buy RedHat CDs it is RedHat who is making the copies of the software, they are the distributor in the sense that the GPL uses. If you start burning your own CDs and handing them out to friends. Or if you make the binaries available via FTP, then you too become a distributor and must be able to cough up source code on demand.
Once again, just like the example with the novel. It is perfectly legal to sell my copy of a book. It is also perfectly legal to make a personal copy of a book for archival purposes. However, if I make a copy of a book and sell it, I am violating Mr. King's copyright. For this to be legal I would need Mr. King's approval. If he gave me the approval all would be well.
The GPL is nothing more than a standard approval with stipulations. We are welcome to distribute copies of GPLed works as long as they come with source code. It can be assumed that we have read and accepted the GPL if we make copies and distribute them, because under the default copyright this would be a copyright violation.
Eben Moglen says it much better than I do. Check out those links I provided.
Re:Did they modify/redistribute, or just distribut (Score:2)
Likewise, if you went to Staples and bought 500 RedHat CDs, you could sell those 500 RedHat CDs to whomever you wanted (first sale doctrine).
What if Red Hat goes out of business? Do I have to distribute source, or can I just pass on the written offer from Red Hat? What if Red Hat goes out of business without ever distributing the source code? Are the binaries still legal to (re)distribute under first sale? How are you going to sue a nonexistant company?
Re:Did they modify/redistribute, or just distribut (Score:2)
If I rip the copyright notice out of a book I buy and then resell it, that doesn't mean that the person I sold it to can then make as many copies as he likes.
First of all, I never said that the copyright notice was removed. The software is modified, copied, and distributed by person A under the permission of the copyright holder. Secondly, I never said that Person B was the one making the copies, Person A makes the copies, Person B only redistributes those copies.
Person B above *only* has first sale rights, and so does person C. They still don't have the right to distribute a single copy that has added to the original.
What is "the original" in this case? Person B can redistribute the single copy (or multiple copies, if s/he bought multiple copies) of whatever s/he received.
IOW, they can't pull out single pages and write a story around that page because it would be a derivitive work.
But if Person A pulls out those single pages and writes a story around that page under the permission of the copyright holder, then Person A sells a 100 copies of that story to Person B under the permission of the copyright holder, Person B has the first sale right to resell those copies under any conditions s/he chooses.
Each person down the chain of first sales would have less than or equal to the information that the previous person had.
On this point I agree. Personally I think that Person A would also have the right to distribute modified copies without distributing the original, but that point is much harder to argue because it comes down to the question of whether or not the GPL is a binding contract. So I have been forced to enter into the scenario multiple entities in order to get around that fact. It would be similar to a situation where a license prohibits reverse engineering, but because the reverse engineering is done by one entity and then his/her work is given to another entity in a clean room, that second entity cannot be held liable for breach of contract (since the second entity has never agreed to the contract).
Re:Did they modify/redistribute, or just distribut (Score:2)
I think I'm missing it. How is the GPL being subverted?
It is being subverted in the sense that it is essentially equivalent to the BSD license.
a GPL version of the library could be created if someone had an objection to paying for it.
Likewise a GPL version of Mac OS X could be created if someone had an objection to paying for it. The point is that enhancements can be made to a product without releasing those enhancements under the GPL. The only realistic legal difference I can see with the GPL and the BSD license would be for minor bug fixes which can't be realistically made into a library. And that's only one of the many legal holes in the GPL.
Re:Did they modify/redistribute, or just distribut (Score:2)
Uhhh tough shit even if it is a pain. That's the price they pay for not having to do their own coding. We have to pay in currency for their products, thay have to pay according to the licensing rules. I think we're providing a much better deal: just follow these rules and you can use our work.
On the Right Track (Score:1)
Now with your Zservers, you can either send them back to the manufacturer citing the fact that they are illegally manufactured, request source code to fix it yourself (Good luck), or just keep hacking at it yourself (My approach).
The real problem with the FSF is that more holders of copylefts need to transfer some power of attorney to the FSF so that the GPL can be enforced in these cases. As it is, the FSF can only be a watchdog (which it does well) and not the pit bull of open source we want it to be. If the holders of copylefts don't care that their work is being commercialized and closed without their permission, the Open Source movement becomes a grab bag of free technology to be made unfree by the corporations.
This is a violation? Bull! (Score:1, Informative)
You're not supposed to access the software on
these directly! Even Stallman admits as much
(check out the FSF philosophy pages)
If someone puts Linux on a toaster, he doesn't
have to supply you with source!
Re:This is a violation? Bull! (Score:2)
Is perhaps the problem not that they don't release the source to their modifications but rather that they didn't say "Linux Inside!" or something similar? The really sad thing is that this box would probably sell better if they did show you the code, so that you could maintain it yourself, as brtb so obviously needs to do. They may not need to show you the source if they use GPL code in a toaster, but wouldn't you choose the toaster with published source over the proprietary toaster? Even if you will never need the source? (Frankly, in my experience you're more likely to someday need the source if they don't automatically give it to you at time of purchase)
Re:This is a violation? Bull! (Score:2)
If someone puts Linux on a toaster, he doesn't
have to supply you with source!
Note that GPL doesn't force you to supply source with binaries, but it does force you to give that option, ie. if asked, to provide the source. There's a big difference here.
But aside from that point, why is toaster / embedded device so different from software-only product? Are they not shipping GPLed program code in binary form; be it embedded or stand-alone? Isn't this exactly what GPL covers? The only difference is the visibility; it's easier to obfuscate / hide origins of software when software is embedded, ie. not directly accessible. Aside from that, how is this so different?
Re:This is a violation? Bull! (Score:2)
I can't speak as an expert, but it seems to me that the toaster does not come with binaries in the sense that you download an application that you run on your computer. Rather, you are getting a total package of hardware and firmware, and you cannot get the firmware without the hardware (e.g., you cannot get the firmware that runs your car's engine without buying the whole car). In some cases, to modify the firmware you may need to break a seal, open the box, remove a ROM chip, copy its contents, edit those binary contents, copy the new code to a PROM and then plug it into the toaster. At this point your toaster may well be, well, toast.
Now, if your new toaster comes with a disk drive or a network connection, and a user interface that allows you to load new firmware, then I would agree that the source must be made available. But this discussion came up before re: TiVo, and IIRC the general agreement was that TiVo did not need to release their modifications to the GPL code they used, because those modifications were not distributed as software but rather as firmware that only came with and only worked with their hardware. Someone please correct me if I'm wrong, but that's how I remember the discussion.
handling-and-rectifying ??? (Score:1)
Does "rectifying" something mean "putting it where the sun don't shine"?
If so, I don't even want to know what the "handling" is all about.
Credit??? (Score:1)
And here is where you insert all the usual "let's get all the facts before going on a tirade" sort of speech. I'm frankly too tired of the whole thing to spell it out.
Re:Credit??? (Score:2, Interesting)
I thought..... (Score:1)
just as good though.
So who is going to go after these dudes?
Well, duh! (Score:1)
Re:Well, duh! (Score:2)
Not that I think this would happen, you don't need much in the way of lawyers to show that they violated the license and in doing so they broke the law. When they have to pay damages less and less companies will steal OSS software.
Yes it's a GPL violation, but... (Score:2)
Two things (Score:3, Informative)
MicroTest could have done things simple just by printing a Readme-first documet stating that their system is built upon GPL'd software and printing the links to ftp-sites where it could be downloaded. Should sombody ask for the sourcecode it wouldn't be very hard having an ISO-image laying around with all the source on it. (One could say MicroTest acted a bit stupid.)
Second:
I would like to see the next version of the GPL including a clause granting FSF the right to sue on behalf of the copyrightholder(s.)
This is an embedded system (Score:4, Insightful)
since the software wasn't distributed separate from the hardware, it is hard to know if this fits
the definition of a distribution within its meaning in the GPL.
This is the reason that our systems are based on FreeBSD. We have a niche market (high precision timing systems) where we still have a lot of proprietary IP. FreeBSD lets us deploy that
without fear of GPL forcing issues.
And before anybody says anything, the company has
paid me for many hours of FreeBSD bug fixes over the years and contributes back to FreeBSD all that
we can because we know that it is in our best financial interst. FreeBSD isn't our compeditive
advantage, our ability to do high precision timing
systems is.
Re:This is an embedded system (Score:2)
If you ship an embedded system that uses the Linux kernel and some non-kernel application software, it is my understanding that you don't have to ship the sources for the non-kernel application software.
Now, I think less restrictive licenses than the GPL are a good idea in many cases. For example, I think a GPL'ed GUI toolkit is a bad idea because you do want commercial vendors to standardize on the free toolkit and you can't use a GUI toolkit without linking with it. But for the Linux kernel, the GPL rarely if ever restricts commercial use. People even ship proprietary, binary-only drivers for it.
Re:Wrong, and one reason why I dislike the GPL. (Score:2)
Is it adequate to simply mention what GPL products you use, that they're GPL'ed, and where the source code is on your company's web site, but not have to clutter up an appliance with such stuff?
your company is beyond hope (Score:2)
Imagine any appliance you buy coming with pages and pages of warnings about not sticking Rover into the microwave and not sticking your fingers into the blender to see whether the blade is turning. Oh, wait, they do.
In short, your objection is ludicrous. You can embed Linux and put your proprietary software on top of it. You do need to include the GPL somewhere--it fits onto a page (small print)--and a pointer to where they can get the sources. If you can't do that, your company is beyond hope anyway.
Eh, no difference (Score:2)
Re:Wrong, and one reason why I dislike the GPL. (Score:2)
I've talked at length to lawyers who have studied this issue. Their conclusion has universally been that it is unclear. One could make a case either way for embedded systems since the act of distribution is poorly defined and implies only software distribution and not hardware/software bundle to which the user has no access to the internal parts.
The main issue that I have with this is that it is so unclear as to create enough uncertainty for people that have intellectual property that they do not wish to distribute.
There's a more fundamental problem here. Some folks in the Linux community say that embedded systems are fine, and not to worry about it. Other folks, like stallman, say that even in the embedded systems you must comply. Who is right?
Download their manual and read their license (Score:2, Informative)
So I guess they are saying that they wrote their own OS with utilities supporting all of the same file sharing mechanisms that Linux is known to support and that they own the whole ball of wax. That's a good one.
Sorry, I'd have cut and pasted the license in here but it was in PDF format.
-josh
Nothing! (Score:3, Interesting)
For what it's worth, if you don't want the hassle of going to court and being the martyr that pays through the nose to defeat this nonsense, just use BSD. Besides being more stable and closer to true unix, BSD licenses basically let you do whatever you like. This is why BSD has been a mainstay of appliances for years (and will remain so); that's what runs on this Snap! fileserver I've been playing with all day.
Re:Nothing! (Score:3, Informative)
Re:Nothing! (Score:3, Informative)
Is the GPL parasitic and restrictive? Yes! So what?!?!?! If you don't like GPL software, don't use it!
Have you written any free software? If not, then you really don't have any right to criticise the GPL. The GPL is designed to protect both the creators and the users of free software evenly.
Re:Nothing! (Score:2)
Becareful there. The GPL explicitly disclaims any USE of the software from being covered under its terms. USING the GPL'ed code to make other products is fine. But you should not DISTRIBUTE GPLed software as yours. You should not defraud others by claiming that only you have written the software and hence, is entitled to profit entirely and solely from it.
Re:Nothing! (Score:3, Informative)
With the GPL, you could invent a new way of fishing without telling anybody (remember, only redistribution is restricted). Your example should read:
"I write a book on fishing and give it to you for free, and after reading it you invent a new maneuver that allows the catching of a larger type of bass. You are *not* allowed to create a new book by copy-pasting my text, add your technique and sell it without giving me the same rights I gave you."
I think that's reasonable. You are also (under the GPL) allowed to write a new book which is equivalent to mine (but without copying mine verbatim).
Re:Nothing! (Score:2)
The BSD license (IIRC) specifically notes that you must give credit for the code. Therefore, passing off *BSD code as your own is just as wrong as passing off GPL code as your own.
In short (and yes, this is a flame), get a clue before you post, and maybe you won't look like an idiot.
who's behind it? the plot revealed! (Score:2)
samba
very sloppy, no wonder he got caught
Well their server runs Winbloze (Score:2)
GPL violations piss me off!
Fraud? (Score:2)
Anyone want to try (Score:2)
Only answer (Score:2)
A. Meet the terms of the license governing the non-original products.All the terms.
stand-alone shell (Score:2)
I suspect it's SASH [auug.org.au]. It doesn't seem to state what it's license is, but it isn't clearly GPL. The extent of the "license" seems to be:
* Copyright (c) 1999 by David I. Bell
* Permission is granted to use, distribute, or modify this source,
* provided that this copyright notice remains intact.
*
Does GPL need an additional clause? (Score:2)
Or said another way, the GPL needs to require people distributing GPL'ed code not to restrict people's rights to disassemble GPL'ed code.
This says nothing about non-GPL'ed code. If I mix GPL'ed programs with proprietary programs, one cannot forbid disassembly of GPL'ed software, but one can still forbid it of proprietary software distributed in conjunction.
Re:Interesting issues, but... (Score:2)
But why do you think that if the GPL is 'overturned' in court, that it would be safe for anyone to use GPL'd software? It's copyrighted software, and without a license, anyone who is copying or distributing it is in deep legal peril. Anyone who 'overturned' the GPL would be in worse shape than when he started, since he would have no defense against an infringement suit.
Re:What's illegal?? (Score:2)
If it did, by your reasoning, anyone using Linux and Apache to run a web site would need to notify its visitors of the use of the software and provide a download link to them both.
Re:What's illegal?? (Score:2)
> They are simply using it in some black box machine.
Distributing the code in binary format counts under the GPL.
> The code isn't downloadable or accessible, it's merely used as
> an OS/service layer. If nothing has been changed in the code, the GPL
> doesn't hold any sway.
Not true. The GPL follows GPL'ed programs even if they're not used to develop derivative works. The code is accessible, because their management software accesses it. Redistributing GPL'ed programs must be done in accordance with the GPL whether they're modified or not.
> by your reasoning, anyone using Linux and Apache to run a web site
> would need to notify its visitors of the use of the software and provide
> a download link to them both.
Wrong analogy. The correct analogy is that if someone set up a web server with Linux and Apache and then sold the server, they'd need to provide source code or access on request.
Virg
Re:I Disagree (Score:2)
It doesn't matter if they changed the code, it is being distributed and falls under the GPL. Not to mention that earlier it was pointed out that their license says that they own all the software and that you cannot reverse engineer it. Wich renders the license null and void, because I DO have the right to reverse engineer ANY GPL code. Actually I'll go a step further, I have the right to reverse engineer ANY code.
Re:Make sure it is an intentional violation before (Score:3, Interesting)
License and Warranty Provisions
This manual and the product described in it have been protected internationally by
copyright and other applicable laws with all rights reserved. You may not remove or
conceal any trademark, patent or copyright notice appearing on the product or this
manual. Microtest remains the sole owner of the software programs that are part of this
product. Microtest grants you a nonexclusive license to use these software programs.
This license is for a single fileserver only. You may not make any copies of the software
other than as a backup copy for your own use. You may not sell, rent, lease, lend,
distribute or otherwise transfer copies of the software or this manual to others, except
that you may permanently transfer all copies of the software in your possession
(including any backups) and all related materials as a set to another person who
accepts the terms of this license agreement. You may not modify, transcribe, translate,
decompile, reverse engineer or reverse assemble the software, or create any derivative
works from it. Microtest may terminate this license at any time without notice if you
breach any of these terms. If any provision of this license is held to be unenforceable or
contrary to any applicable law, the validity of the remaining provisions shall not be
affected.
Here's the particlar part of that turns me:
Microtest remains the sole owner of the software programs that are part of this
product.
This sucks, and that is just plain stupid. I figure that a standard boilerplate license got slapped on it, and there may be some miscommunication/disconnection between the developers and the legal department. (Who knows, maybe thats why they discontinued and sold the entire division?)
Throw the book at 'em.