An anonymous reader writes "I want to start (very small) software/hardware business. The code in question will be closed source. I won't modify or use any GPL code or any 3rd-party sources. It will be my own handwritten C/C++ code from start to finish. I am planning to sell embedded-like boxes with an OS (Linux or BSD) and this code. I am more familiar with Linux but I am scared a little bit of Linux licensing, and also of Linux fanboy-ism: I personally got a 'go to hell with your @#$ closed code' slur on Slashdot. I am not a GPL guru and not a software freedom fighter. I just want to do my job and make a living." Read on for this reader's five particular questions.
My questions:
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
3. Can I obfuscate my code (e.g. encode it)?
4. Could I be forced to publish this code by some 3-d party?
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?
Yes
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
Only if it's LGPL
3. Can I obfuscate my code (e.g. encode it)?
It doesn't really help, but go ahead
4. Could I be forced to publish this code by some 3-d party?
Not if you do it right
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
You can do whatever you want with BSD code
Interestingly, Apple is working on a C/C++/ObjC front-end for LLVM so that they can do away with GCC as well. It should be possible to use and develop on an open-source BSD without any GPL code whatsoever in the not-too-distant future.
4. Could I be forced to publish this code by some 3-d party? Not if you do it right
More clear answer: No.
Even if you publish proprietary code linked to GPL code and swear you are aware of the violation, nobody can force you to disclose your code. It's a copyright violation, and forcing to publish code is not a remedy for copyright violation. In that hypothetical case the most a court would probably do is force you to stop distributing, and perhaps if it's that obvious you knew you were in violation it could order some punitive damages.
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?
A1. Yes -- unless you are making some kernel module that is a derivative work of the kernel, where your kernel module will have to be licensed under the GPLv2.
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
A2a. Linux (the kernel) does not come with any libraries for you to link. A2b. GNU/Linux (the whole system) comes with many libraries, some of them BSD-licensed, some GPL-licensed, some GPL-with-linking-exception-licensed, some LGPL-licensed, etc... it's a common interpretation of the GPL that if you link to a GPL-(no-linking-exception) library (like GNU readline or Qt) you are making a derivative work and thus, you have to license your work under the GPL.
3. Can I obfuscate my code (e.g. encode it)?
A3. You can do this in any case -- except (maybe, IIRC) if you are distributing your code under the GPL/LGPL.
4. Could I be forced to publish this code by some 3-d party?
A4. Not really (parent poster is right on the mark)
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
A5. Yes you are. BUT...
and I mean this respectfully: as you will be selling your box as an embedded utility, what do you have to lose by GPL'ing (or otherwise opening) your code? If you do things right, you will have: I. a community of people that are willing to buy your box to start; II. a community will want to tinker and make your product better, fast, and you get to incorporate the changes for the next versions of your product; III. the respect of a lot of people.
Example: lots of people I know have Linksys (WRT54G[L]) wireless routers _because_ they know they can tinker with it, that there are lots of new, interesting uses to it with the alternate verstions of the software, etc. I, myself, when installing SoHo wi-fi networks _only_ recommend WRTs to my clients, as opposed to non-tinkerable D-LINKs that here in Brasil cost 30-40% less.
by Anonymous Coward
on Wednesday June 13 2007, @06:36AM (#19488983)
Yeah but Cisco makes money off of the hardware. This guy doesn't sound like he's going to be doing that. I think his concern is if his code is open, what stops someone else from adopting the same business model?
But as a small developer, he's pretty screwed anyway... If his product becomes popular, it's likely to get cloned either by a larger company selling a commercial version, or by a group of enthusiasts making a free version. Either way, he has no control over the situation and the clones will ultimately take over because they have more developers and in the case of the commercial company, greater marketting clout.
If it fails to become popular, he will eventually tire of maintaining it for little/no profit, and it will die off... The few customers he does have, will be screwed.
If he opens it, and it fails to become popular he's no worse off than if he left it closed. However, the few customers he does get are better off, because when he gets tired of pushing an unsuccessful product and gives up, they still have the code and can maintain it in their little niche.
If he opens it and it becomes popular, he will attract more developers who will help improve the code. He is still in a good position to provide support, and bundled ready to go versions. Especially if the software is tied to a piece of hardware he produces, as people will buy the hardware to hack on it. Even if his software is available for free, many companies and end users will buy a commercially supported version instead of the free version anyway. Conversely, an increasing number of businesses will not buy a product that is tied to a single supplier, because of the risks of losing support if that supplier disappears.
> But as a small developer, he's pretty screwed anyway...
> If his product becomes popular, it's likely to get cloned either by a larger company selling a commercial version, or by a group of > enthusiasts making a free version. Either way, he has no control over the situation and the clones will ultimately take over > because they have more developers and in the case of the commercial company, greater marketting clout.
Come on - it's quite possible to make a popular product and derive a quite nice income from it, without attracting the attention of cloners and large companies.
Big Co are only interested if they're going to make mega millions out of it - if you're making a few hundred thousand a year, you won't even show up on their radar. There's an awful lot of software out there that falls into that category.
If you're selling to a tight niche of customers, then only people in and around that niche are likely to even be aware that your product exists, never mind want to clone it themselves. If you're building software for e.g. dentists, while a few dentists may want to add new shiny features to your product, it's highly likely that they'd want YOU to do it for them, rather than track down some software developer, pay him to clone your software and add their desired features to it. Conversely, while a random software developer might come across your software and think he can clone & extend it, he then also has to create a means of distributing his software (no, dentists won't downloaded their critical software from SourceForge), building relationships with an existing base of dentists, then providing support to those dentists (with all the associated issues of dealing with non-IT literate users).
I've got a mate who runs a garbage collection business. Many years ago, he paid a student to create software to allow him to manage his business - sort of a highly-customised piece of accounting software. He still uses that software, still engages that ex-student (now working in IT) to support & extend it, and is extremely happy with it. Shock, horror - it runs on MS Access. He's very happy with the software, and the guy who wrote it has both made a nice side income from it and sold it to a bunch of other garbos - I wouldn't be surprised if he's collectively made a tidy sum from it over a period of several years. Nobody's gonna clone this software, and no big company's gonna be interested in it either.
I don't see how he is a troll. The fact people ask questions that could be answered by doing the proper research (how would you qualify what is proper in many cases, specifically the legalities of licensing?) does not mean they are trolling, they are simply asking in a forum they are comfortable with. What's your problem with that?
Thing is linksys is using custom hardware. This guy is probably using commodity hardware, so what he is selling is his software, bundled with hardware. If people could buy the WRT54G routers as commodity hardware they would.
>Example: lots of people I know have Linksys (WRT54G[L]) wireless routers _because_ they know they can >tinker with it, that there are lots of new, interesting uses to it with the alternate verstions of the software, etc.
I'm not in the software industry, and I don't know much about GPL.
But I do know that if my sole/product/ was software, I, too, would be leary about giving away the code for free.
In your Linksys example, there is a hardware component that is not easy to replicate - there is a barrier to duplication. So in that case it is a great benefit to create and sell the hardware, but leave the software open so that the world can improve the functionality and attractiveness of the hardware you are selling.
But I don't understand how this works with a pure software product. If you give it away to the world, then someone else is just going to take the code and make a derivative product from it that does the same thing but is free. The way I see it, the only thing authors of free software can sell is support./I/ wouldn't invest in a new product where I couldn't make any money selling the actual product but only support for it. What if everyone wants your product but no one needs or wants support? You've just invented the perfect software - but it's worthless to you.
I guess I just still don't understand the free software movement as a business.
>
I'm not in the software industry, and I don't know much about GPL.
But I do know that if my sole/product/ was software, I, too, would be leary about giving away the code for free.
Very true I hate to admit. If there is not hardware or a service to sell then selling the program and giving away the source just will not work together. I can not tell you how I hate to admit that.
If this person is making a pure software product, firstly it's pretty clear that he's a one man band, and secondly, since he complains about dynamic linking (which is utterly trivial to do in Linux, Windows or BSD) being too hard, it's not that hard to come to the conclusion that at most he's "ordinarily skilled in the art" - more likely, he's a candidate for an appearance on The Daily WTF.
A one man closed source project that involves no particular genius is also susceptible to being duplicated since it won't be all that much effort for someone else to write the same thing from scratch.
So he either is filling a niche where no one else is likely to go (in which case, it doesn't really matter if he uses a closed or open source approach), or it's actually not pure software - perhaps a pre-packaged OS plus hardware plus support for an appliance type system. In which case, given the resources he has to hand, it still wouldn't really make any difference whether he goes closed or open source.
Yes, you may. But millions of people license software in this manner and have no problems with the arrangement. If there is a level of trust with the vendor, people don't mind having things closed source. I know a lot of folks on/. would probably use software that is GPL'ed and has major functional limitations compared to a similar commercial closed-source product. However, in the business world, the reality is, you have to use what is most efficient and works best for you, even if your up front cost is
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.) Only if it's LGPL
LGPL does not allow you to statically link the code. One of the terms of the LGPL requires that it be possible to make modifications to the LGPL'd code and incorporate these into the distributed program. This cannot be done with a statically linked executable (unless you're also distributing linkable object files).
The LGPL explicitly does permit static linking. In the case of static linking, however, it requires that you also distribute your object code so that your customers can re-link it against their own version of the library.
" '2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)' Only if it's LGPL."
With an added caveat; you can statically link the code with an LGPL library, but _you have to provide the option for the recepient to dynamically link should they so desire_. Include an unsupported dynamically linked binary, or perhaps better, object files so the recepient can relink statically against another version (again, you dont have to support that, just provide the option).
This is so that if the libraries are changed and upgraded, security bugs fixed, etc, the user isnt stuck having to use that particular statically linked version.
"'Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?' You can do whatever you want with BSD code"
As long as it's only BSD code, of course. Depending on the definition of 'BSD-based boxes', they can perfectly well include GPL, LGPL, or code under any other license. Anything you link against or in any other way include you have to check for licenses, wether it's Free, free or proprietary software.
And of course, no matter how careful you are with licenses, you can get legally nuked when the USPTO with its usual competence level grants a patent on "putting obfuscated code linked with free software on an embedded device" (or whatever your device is supposed to do).
You may just want to do your job and make a living, but those the 'freedom fighters' are trying to protect you from have no interest in your wishes. They want your money if you're lucky. Or they want you off the market if you're not.
Oracle is running it's products under Linux and it is all closed source.
In fact, development of new versions are done on Linux and then ported to other platforms.
Here is a good starting page if you are interested in seeing how and what s done by Oracle on Linux, both closed and open source: http://www.oracle.com/technology/tech/linux/index. html [oracle.com]
"Hi, this is Bob from Smith, Smith and Wendell returning your call. I'm afraid we're not interested in advising you on matters of software licensing and distribution, but have you considered asking a few hundred thousand opinionated geeks in a public forum? Because that's what we advise most of our potential clients to try first. Here, let me get the URL for you..."
Slashdot is a forum for legal research, not legal advice. So is Groklaw. The point is to get the legal research out of the way so that you don't have to pay an attorney to pay his paralegals to do it. Then you show the research to the attorney, and checking the references that Slashdotters provided goes faster than doing the research from square one, saving the project money.
Seriously, every time we've asked a lawyer about anything IT related the answer has been a definitive "maybe".
Well that's the nature of the law, every time someone asks me a legal question it starts up a little dialogue in my head; "Well I think the law says this. But what if the other side argues that other thing. And could there be a statutory claim there? Wait, that one issue is federal, could they remove the case to federal court? Damn, this guy is expecting an answer. Well I guess I can say may
I am not a GPL guru and not a software freedom fighter.
OK but if you want to sell software you need to understand licensing.
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
Yes, glibc is licensed under the LGPL which is compatible with non-free software.
3. Can I obfuscate my code (e.g. encode it)?
I suppose so, but unless you are some kind of algorithm genius (and I don't think you are) it is not really going to be worth anybody's while to do reverse engineer it.
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.) Yes, glibc is licensed under the LGPL which is compatible with non-free software.
You cannot freely statically link non-free code to LGPL code. See section 6:
As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, prov
Obfuscation of binaries is, regrettably, an increasingly refined art. I would take a look at this [secdev.org], a presentation about how Skype does a lot of it's obfuscation, to see the state of the art today. Admittedly, this is Skype, with resources, know-how and a lot of people, but it's quite possible to make reverse engineering difficult. It's just usually not worth it.
If you want to develop a closed source product, and the product is good, it will sell. There are many successful closed source projects out there in Linux/BSD land. You have to be extra careful about bugs though. The OSS community makes more noise when your code is buggy, and they aren't allowed to come in and fix it for you.;)
1. Yes. GPL3 is not retroactive to existing source. Even if you used GPL3 stuff, I don't think it has any impact on your own code if it is distinct. 2. Yes if they are LGPL. Which includes the standard C++ libraries. Some components such as the kernel also have certain binary waivers. 3. Yes but why bother if you're not releasing the source. And if you are releasing the source, then there are benefits to not obfuscating it (e.g. helpful customers fixing your bugs). 4. Not unless a court says. Obviously if you violate the GPL you are taking a major risk of somebody finding out and forcing your code out into the open. 5. Yes, but neither will you have a problem with Linux. However you would have to supply the sources to the GPL / LGPL components of your system upon demand. Most people stick the source up on a web site or link to where they found it, but the latter may not absolve you of not providing it if somebody comes asking for it. Also BSD systems can contain GPL software too (e.g. if you use gcc as your compiler for the C++)
I think if you're in doubt you should probably go look at some existing Linux dist designed for embedded systems. They're bound to have a FAQ that covers most of this.
2. Yes if they are LGPL. Which includes the standard C++ libraries. Some components such as the kernel also have certain binary waivers.
No if they are LGPL. LGPL requires you to be able to update the LGPL'd license, which effectively means it must either be dynamically linked, or you must distribute your.o files and a script to link them. glibc is not LGPL, though -- it is "GPL with the libc exception" which does allow you to link an application statically against it. Check other libraries for their own terms.
4. Could I be forced to publish this code by some 3-d party? Not unless a court says. Obviously if you violate the GPL you are taking a major risk of somebody finding out and forcing your code out into the open.
This isn't an expected outcome. Nobody can force you to release your source, even if you violate the GPL. Of course you can be forced to pay compensation to the GPL developers whose IP rights you have violated, and they may be prepared to negotiate if you choose to release your source.
by Anonymous Coward
on Wednesday June 13 2007, @04:49AM (#19488435)
1. If you want to start a bussiness and have legal questions, go ask a lawyer, don't ask on slashdot.
2. Even if you decide to post on slashdot, at least try to read the licenses in question before plus the many articles on the subject that are readily available online.
3. If you want to have good and honest answers, avoid the word fanboy in your original post. Starting off by insulting the very people whose help you ask for isn't a very good idea.
1. If you want to start a business and have legal questions, go ask a lawyer, don't ask on slashdot.
He probably will ask a lawyer, but that doesn't minimize the value of asking on Slashdot. One of the concerns the guy had was about the Linux fanboy community, and the rich community of/. has one or two of those.
If you've ever prepared to start a major project, you know that sometimes getting advice from a wide range of sources is valuable. Personally, I've gotten some extraordinarily valuable information here on Slashdot that's directly helped me with my own projects. There was a recent article about video codecs that was a huge help to me.
2. Even if you decide to post on slashdot, at least try to read the licenses in question before plus the many articles on the subject that are readily available online.
I've seen a few of these scoldings around here lately, this notion that you should do research online before you do research online. One of the reasons you ask a question on Slashdot is because you're not an expert in that particular subject and you're looking for opinion.
Plus, reading TFA is against the Slashdot EULA.
3. If you want to have good and honest answers, avoid the word fanboy in your original post. Starting off by insulting the very people whose help you ask for isn't a very good idea.
"Fanboy" is an insult? I actually think it's a highly descriptive and precise term. Anyway, he wasn't referring to Slashdot readers as fanboys, he was describing a subset that would rip somebody for trying to make a living by making a product and not giving it away. If the shoe fits...
I hate the very idea of IP, but not everyone can live out here where the air is thin.
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)? The license for the Linux kernel is not going to change (It requires the consent of many hundreds of contributors, many of which will decline. Some are dead, others are unreachable.)
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.) You can statically link, but why avoid dynamic linking? glibc and libstd++ are LGPL, which permits binary only distribution.
3. Can I obfuscate my code (e.g. encode it)? Isn't compiling it enough? You can strip the compiled code or debugging symbols if you really want, but you only hurt your own ability to debug your users problems.
4. Could I be forced to publish this code by some 3-d party? Not if you avoid linking with code which has a license that require it.
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems? Linux and the various BSD flavours both allow this sort of use. See the various wifi-routers and tivo style devices. Hell even my digital picture frames run linux.
glibc and libstd++ are LGPL, which permits binary only distribution.
Not of statically linked code. See section 6, which requires that enough materials be given (or offered) to the user to make a version of the program that uses a modified copy of the library.
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?
Yes.
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
AFAIK, no. Static linking is incorporating code directly. If you link dynamically then any library that is LGPL (not GPL) is fine, but for static linking I believe you need to have an open license on your own code as well.
3. Can I obfuscate my code (e.g. encode it)?
It's your code - do anything you want. If you're not open-sourcing it, just don't ship the source.
4. Could I be forced to publish this code by some 3-d party?
No. Again, when people have been found to have violated the terms of the license, they've had to stop selling and distributing the stuff. I can imagine cases where someone may have to retroactively pay for the illegal use of code. But I can't see a situation where'd you actually had to open your code.
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
Well, 1, 3 and 4 isn't a problem under Linux either. 2 - for BSD-licensed libraries you could link statically. But a lot of libs (user-interface stuff and higher-level libs) in BSD systems are LGPL as well - everything in a BSD-based system isn't BSD-licensed.
aside from the fact that all your questions can be answered by doing a little research that you *should* be doing yourself, I see one problem.
Your code will be closed source? Fine, I don't have much of a care about such, dig out, I plan to do a game, and that will be closed source at first. But your planned software will run on linux, and that gives rise to the problem.
Just say your project proves popular. Well in that case the chances are very high that you will find yourself in competition with an open source equivalent, either existing or created specifically because your software revealed a new need.
You need to look closely at the closed source rationale. It can work, but not everywhere. You could be beaten to a pulp by a small group of co-operating people out to do better then you. There have been some successes with closed software on embedded systems, but those have been heavily invested in, with lots of developers.
by Anonymous Coward
on Wednesday June 13 2007, @04:54AM (#19488479)
To be perfectly honest, I have to question whether it's wise to enter a market where a) you don't have familiarity with the platform (there are long established answers to most of these questions) and b) don't know anybody you could ask. Having said that...
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?
Today, yes, provided you comply with the terms of the license. Tomorrow, it depends on exactly what you are doing.
2. Can I statically link the code with Linux libraries?
That contradicts your earlier claim that you "won't modify or use any GPL code or any 3rd-party sources". The term "Linux libraries" is meaningless. What libraries are we talking about? By statically linking a library, you make your application a derivative work and you are also distributing the library itself, which means you need to make sure that the library's license allows this and that you comply with its terms.
(My own experience shows that dynamic linking is too much to bear.)
Your own experience is probably wrong.
3. Can I obfuscate my code (e.g. encode it)?
So long as it's entirely your code, although I don't see the point. Of course, if the reason you are obfuscating the code is because it's a derivative work and you are required to provide the source, then no, you probably can't.
4. Could I be forced to publish this code by some 3-d party?
At worst, if you infringe on somebody's copyrights, then you could be offered this as an alternative to being sued.
See, this is the kind of question that makes me think you don't even have the remotest familiarity with Linux. You seriously think somebody can just shake you down for source? Huh? Or are you just spreading FUD?
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
Ah, that answers my question. Fuck off. You aren't genuinely asking these questions, you're just a BSD troll spreading FUD.
BSD is licensed to allow for people to do what you want. GPLd software is not.
I'm not opposed to proprietary software. Quite the contrary. But I do find the notion of taking an open source project, slapping on a bit of code, and trying to keep your part to yourself, to be extremely offensive. The people who contributed to GNU software did so with the expectation that their code is share and share alike. What you've described appears to run directly counter to that, completely disrespecting the wishes of the programmers involved. Unless I'm reading you wrong, you deserve a hearty "go to hell!".
BSD, on the other hand, is meant to allow for use exactly like you are proposing. Have at it. No hard feelings there as that's exactly in line with their programmers' wishes.
I do find the notion of taking an open source project, slapping on a bit of code, and trying to keep your part to yourself, to be extremely offensive. The people who contributed to GNU software did so with the expectation that their code is share and share alike.
In some way, yes, they did expect 'share and share alike'. But not entirely. Linux kernel developers explicitly allow you to do whatever you want in userspace; they don't expect anything from you if you use their kernel and 'slap' a proprietary
Um, no. The guy who asked these questions, while clearly being extremely clueless, is not actually ripping anyone off. There's nothing that says you can't run closed-source software on a Linux system - quite the opposite -, and it's absolutely not contrary to either the letter or the spirit of the license or the wishes of the programmers in question. I suppose you could still be opposed to closed-source software in principle, but you're not - what you seem to be doing (intentionally or not, I can't tell) is
So you are interested in using other people's work, you are interested in getting other people's opinions, all for free, yet you contribute nothing to the community that gave you so much...
Some people would call that selfish.
Here is my advice: talk to a lawyer who is knowledgeable on licensing and IP matters.
You _really_ don't want to statically link libraries. If you do, any security problems with the libraries become security problems with your code that can only be fixed by patching all your binaries and not just the library with the problem.
I'm sorry, but if you review the huge arguments going on about how you can release closed source on Linux, well it's no wonder a lot of vendors chose to go Windows only. I'm not saying closed source is right or wrong, I'm just saying that if the option to go close source is so tricky on Linux, well, that's a huge fucking problem.
If you're really writing it all yourself, none of these issues matter. If you're really writing standard C/C++ with only POSIX library functions, you're not linking against the kernel (so the kernel license doesn't matter), and you're not linking against any userspace libraries except for libgcc/libg++ (permissive license) and glibc (generally permitted). Dynamic linking is only actually a pain when either you're writing the library, or the library provider's versioning is lacking, or you've got a million libraries, or you're shipping the software not aggregated with the library you want to use.
Of course, you'll want to use other people's code for some things. You'll almost certainly want to start your program using some shell scripts, but those don't have a non-source form and are generally not worth obfuscating. If you want to use more libraries, you'll have to look at their licenses (many important Linux libraries are BSD-licensed anyway, though). If you're writing kernel code, you probably want to open-source this part and do as little of the interesting stuff there as possible (for technical reasons: kernel bugs cause a lot more damage than userspace bugs; for maintence reasons: kernel developers will maintain cleanly-written open-source code for you across trivial API changes; and for legal reasons: it's a pain to avoid making your module a derivative work of the kernel).
The ideal thing is to build a little computer running Linux with nothing in it that you wrote, and then use it to run a program that's entirely yours, and sell the whole thing to people.
IANAL, of course, but I have some experience in these areas.
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?
Yes, of course. However if GPL licensed binaries are distributed with it, you must provide source for those binaries for a period of no less than 3 years longer than you distribute the device or application. This, of course, applies to GPL licensed binaries even if they are running on a BSD kernel. This provision applies whether you have modified the code or not. You can rely on a third party to distribute the source code. However, if that third party ceases distribution of the source before the 3 years are up, you are still obligated to distribute the source.
So, yes, if you distribute a linux kernel that you downloaded from "xyzzyplugh.com" you can direct people to "xyzzyplugh.com" for sources. But if "xyzzyplugh.com" goes out of business, you still need to be able to provide the sources.
The same is true if you use a BSD kernel, but include the GPL application "spork" embedded in the device. You need to be able to provide the sources to "spork" regardless of where you obtained the "spork" binary and regardless of whether the "spork" sources are available elsewhere.
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
No. If you statically link the Linux libraries, or any GPL licensed library, then you are obligated to license your application under the GPL. If you statically link a LGPL licensed binary, your application can remain closed source. However you must make source for the LGPL licensed library available, again for at least 3 years longer than you distribute the application.
3. Can I obfuscate my code (e.g. encode it)?
Source or object code? In either case the answer is "of course" for all licenses. But if you are under GPL or LGPL, you need to make the means to decrypt it available to anyone who wants it.
4. Could I be forced to publish this code by some 3-d party?
No, but you could be required to cease distribution and potentially be penalized in either civil or criminal court for any copyright violations you commit. This could apply regardless of the licence of the OS kernel you use. Be sure to understand the license of any software or libraries that you distribute.
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
No, you are not. Not all code in a BSD distribution is necessarily licensed under the BSD. Nor are you protected from anyone who claims that their code was improperly included in a BSD licensed application. Worse yet, there are potential patent violations in just about any device you might want to sell.
I only have one follow-on question. Why are you so afraid of releasing your sources? What's the worst that could happen?
He could easily sell his boxes while providing code: the markets for the boxes and the code just need to be separated enough. An example: digital picture frames could be running GPL code: the buyers of those don't quite intersect with the people who want the code, and even in that case, they normally wouldn't be interested in the hassle of reproducing the product. This assumes two things: 1) The complete package is worth more than the code. 2) You don't sell it exclusively to potential competitors.
Answers (Score:5, Informative)
Re:Answers (Score:5, Funny)
Hmmmm, maybe you could compile it.
Parent
Re: (Score:3, Informative)
Re:Answers (Score:4, Interesting)
Parent
Re:Answers (Score:5, Informative)
More clear answer: No.
Even if you publish proprietary code linked to GPL code and swear you are aware of the violation, nobody can force you to disclose your code. It's a copyright violation, and forcing to publish code is not a remedy for copyright violation. In that hypothetical case the most a court would probably do is force you to stop distributing, and perhaps if it's that obvious you knew you were in violation it could order some punitive damages.
Parent
Even so, (Score:5, Insightful)
A2b. GNU/Linux (the whole system) comes with many libraries, some of them BSD-licensed, some GPL-licensed, some GPL-with-linking-exception-licensed, some LGPL-licensed, etc... it's a common interpretation of the GPL that if you link to a GPL-(no-linking-exception) library (like GNU readline or Qt) you are making a derivative work and thus, you have to license your work under the GPL.
and I mean this respectfully: as you will be selling your box as an embedded utility, what do you have to lose by GPL'ing (or otherwise opening) your code? If you do things right, you will have:
I. a community of people that are willing to buy your box to start;
II. a community will want to tinker and make your product better, fast, and you get to incorporate the changes for the next versions of your product;
III. the respect of a lot of people.
Example: lots of people I know have Linksys (WRT54G[L]) wireless routers _because_ they know they can tinker with it, that there are lots of new, interesting uses to it with the alternate verstions of the software, etc. I, myself, when installing SoHo wi-fi networks _only_ recommend WRTs to my clients, as opposed to non-tinkerable D-LINKs that here in Brasil cost 30-40% less.
Parent
Re:Even so, (Score:5, Insightful)
Parent
Re:Even so, (Score:4, Insightful)
If his product becomes popular, it's likely to get cloned either by a larger company selling a commercial version, or by a group of enthusiasts making a free version. Either way, he has no control over the situation and the clones will ultimately take over because they have more developers and in the case of the commercial company, greater marketting clout.
If it fails to become popular, he will eventually tire of maintaining it for little/no profit, and it will die off... The few customers he does have, will be screwed.
If he opens it, and it fails to become popular he's no worse off than if he left it closed. However, the few customers he does get are better off, because when he gets tired of pushing an unsuccessful product and gives up, they still have the code and can maintain it in their little niche.
If he opens it and it becomes popular, he will attract more developers who will help improve the code. He is still in a good position to provide support, and bundled ready to go versions. Especially if the software is tied to a piece of hardware he produces, as people will buy the hardware to hack on it.
Even if his software is available for free, many companies and end users will buy a commercially supported version instead of the free version anyway. Conversely, an increasing number of businesses will not buy a product that is tied to a single supplier, because of the risks of losing support if that supplier disappears.
Parent
Re:Even so, (Score:5, Informative)
> If his product becomes popular, it's likely to get cloned either by a larger company selling a commercial version, or by a group of
> enthusiasts making a free version. Either way, he has no control over the situation and the clones will ultimately take over
> because they have more developers and in the case of the commercial company, greater marketting clout.
Come on - it's quite possible to make a popular product and derive a quite nice income from it, without attracting the attention of cloners and large companies.
Big Co are only interested if they're going to make mega millions out of it - if you're making a few hundred thousand a year, you won't even show up on their radar. There's an awful lot of software out there that falls into that category.
If you're selling to a tight niche of customers, then only people in and around that niche are likely to even be aware that your product exists, never mind want to clone it themselves. If you're building software for e.g. dentists, while a few dentists may want to add new shiny features to your product, it's highly likely that they'd want YOU to do it for them, rather than track down some software developer, pay him to clone your software and add their desired features to it. Conversely, while a random software developer might come across your software and think he can clone & extend it, he then also has to create a means of distributing his software (no, dentists won't downloaded their critical software from SourceForge), building relationships with an existing base of dentists, then providing support to those dentists (with all the associated issues of dealing with non-IT literate users).
I've got a mate who runs a garbage collection business. Many years ago, he paid a student to create software to allow him to manage his business - sort of a highly-customised piece of accounting software. He still uses that software, still engages that ex-student (now working in IT) to support & extend it, and is extremely happy with it. Shock, horror - it runs on MS Access. He's very happy with the software, and the guy who wrote it has both made a nice side income from it and sold it to a bunch of other garbos - I wouldn't be surprised if he's collectively made a tidy sum from it over a period of several years. Nobody's gonna clone this software, and no big company's gonna be interested in it either.
Parent
Re:Uh, guess what (Score:5, Informative)
Parent
Re: (Score:3, Informative)
Hardware gives you a leg up, though in that case.. (Score:5, Insightful)
>tinker with it, that there are lots of new, interesting uses to it with the alternate verstions of the software, etc.
I'm not in the software industry, and I don't know much about GPL.
But I do know that if my sole
In your Linksys example, there is a hardware component that is not easy to replicate - there is a barrier to duplication. So in that case it is a great benefit to create and sell the hardware, but leave the software open so that the world can improve the functionality and attractiveness of the hardware you are selling.
But I don't understand how this works with a pure software product. If you give it away to the world, then someone else is just going to take the code and make a derivative product from it that does the same thing but is free. The way I see it, the only thing authors of free software can sell is support.
I guess I just still don't understand the free software movement as a business.
Parent
Re:Hardware gives you a leg up, though in that cas (Score:3, Insightful)
But I do know that if my sole
Re:Hardware gives you a leg up, though in that cas (Score:5, Insightful)
A one man closed source project that involves no particular genius is also susceptible to being duplicated since it won't be all that much effort for someone else to write the same thing from scratch.
So he either is filling a niche where no one else is likely to go (in which case, it doesn't really matter if he uses a closed or open source approach), or it's actually not pure software - perhaps a pre-packaged OS plus hardware plus support for an appliance type system. In which case, given the resources he has to hand, it still wouldn't really make any difference whether he goes closed or open source.
Parent
Re:Hardware gives you a leg up, though in that cas (Score:5, Informative)
In an embedded system dynamic linking can eat up scarce resources. Static linking is faster to load, faster to run, and takes up less ram.
Parent
Re: (Score:3, Insightful)
Re:Answers (Score:5, Informative)
LGPL does not allow you to statically link the code. One of the terms of the LGPL requires that it be possible to make modifications to the LGPL'd code and incorporate these into the distributed program. This cannot be done with a statically linked executable (unless you're also distributing linkable object files).
Parent
Re:Answers (Score:5, Informative)
Parent
Re:Answers (Score:5, Insightful)
With an added caveat; you can statically link the code with an LGPL library, but _you have to provide the option for the recepient to dynamically link should they so desire_. Include an unsupported dynamically linked binary, or perhaps better, object files so the recepient can relink statically against another version (again, you dont have to support that, just provide the option).
This is so that if the libraries are changed and upgraded, security bugs fixed, etc, the user isnt stuck having to use that particular statically linked version.
"'Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?' You can do whatever you want with BSD code"
As long as it's only BSD code, of course. Depending on the definition of 'BSD-based boxes', they can perfectly well include GPL, LGPL, or code under any other license. Anything you link against or in any other way include you have to check for licenses, wether it's Free, free or proprietary software.
And of course, no matter how careful you are with licenses, you can get legally nuked when the USPTO with its usual competence level grants a patent on "putting obfuscated code linked with free software on an embedded device" (or whatever your device is supposed to do).
You may just want to do your job and make a living, but those the 'freedom fighters' are trying to protect you from have no interest in your wishes. They want your money if you're lucky. Or they want you off the market if you're not.
Parent
Obfuscated != source (Score:4, Informative)
"The source code for a work means the preferred form of the work for making modifications to it."
It doesn't seem that this guy needs to release his code in any event, however.
Parent
Re:Answers (Score:4, Informative)
Parent
Re:Answers (Score:5, Funny)
See?
Linebreak!
It's magic.
Parent
LGPLv3 (Score:5, Informative)
Parent
Re:Ok thanks... (Score:5, Informative)
In fact, development of new versions are done on Linux and then ported to other platforms. Here is a good starting page if you are interested in seeing how and what s done by Oracle on Linux, both closed and open source: http://www.oracle.com/technology/tech/linux/index
Parent
Legal advice (Score:5, Funny)
(Pre-Slashdot conversation ...)
"Hi, this is Bob from Smith, Smith and Wendell returning your call. I'm afraid we're not interested in advising you on matters of software licensing and distribution, but have you considered asking a few hundred thousand opinionated geeks in a public forum? Because that's what we advise most of our potential clients to try first. Here, let me get the URL for you ..."
Research here, advice there (Score:3, Interesting)
Slashdot is a forum for legal research, not legal advice. So is Groklaw. The point is to get the legal research out of the way so that you don't have to pay an attorney to pay his paralegals to do it. Then you show the research to the attorney, and checking the references that Slashdotters provided goes faster than doing the research from square one, saving the project money.
Re: (Score:3, Funny)
Well that's the nature of the law, every time someone asks me a legal question it starts up a little dialogue in my head; "Well I think the law says this. But what if the other side argues that other thing. And could there be a statutory claim there? Wait, that one issue is federal, could they remove the case to federal court? Damn, this guy is expecting an answer. Well I guess I can say may
Sounds OK to me (Score:4, Informative)
OK but if you want to sell software you need to understand licensing.
Yes, glibc is licensed under the LGPL which is compatible with non-free software.
I suppose so, but unless you are some kind of algorithm genius (and I don't think you are) it is not really going to be worth anybody's while to do reverse engineer it.
Re: (Score:3, Informative)
Yes, glibc is licensed under the LGPL which is compatible with non-free software.
You cannot freely statically link non-free code to LGPL code. See section 6:
Re: (Score:3, Interesting)
Go for it (Score:4, Insightful)
Answers (Score:5, Informative)
2. Yes if they are LGPL. Which includes the standard C++ libraries. Some components such as the kernel also have certain binary waivers.
3. Yes but why bother if you're not releasing the source. And if you are releasing the source, then there are benefits to not obfuscating it (e.g. helpful customers fixing your bugs).
4. Not unless a court says. Obviously if you violate the GPL you are taking a major risk of somebody finding out and forcing your code out into the open.
5. Yes, but neither will you have a problem with Linux. However you would have to supply the sources to the GPL / LGPL components of your system upon demand. Most people stick the source up on a web site or link to where they found it, but the latter may not absolve you of not providing it if somebody comes asking for it. Also BSD systems can contain GPL software too (e.g. if you use gcc as your compiler for the C++)
I think if you're in doubt you should probably go look at some existing Linux dist designed for embedded systems. They're bound to have a FAQ that covers most of this.
Re:Answers (Score:5, Informative)
No if they are LGPL. LGPL requires you to be able to update the LGPL'd license, which effectively means it must either be dynamically linked, or you must distribute your
4. Could I be forced to publish this code by some 3-d party?
Not unless a court says. Obviously if you violate the GPL you are taking a major risk of somebody finding out and forcing your code out into the open.
This isn't an expected outcome. Nobody can force you to release your source, even if you violate the GPL. Of course you can be forced to pay compensation to the GPL developers whose IP rights you have violated, and they may be prepared to negotiate if you choose to release your source.
Parent
Some answers (Score:5, Insightful)
2. Even if you decide to post on slashdot, at least try to read the licenses in question before plus the many articles on the subject that are readily available online.
3. If you want to have good and honest answers, avoid the word fanboy in your original post. Starting off by insulting the very people whose help you ask for isn't a very good idea.
Re:Some answers (Score:4, Insightful)
He probably will ask a lawyer, but that doesn't minimize the value of asking on Slashdot. One of the concerns the guy had was about the Linux fanboy community, and the rich community of
If you've ever prepared to start a major project, you know that sometimes getting advice from a wide range of sources is valuable. Personally, I've gotten some extraordinarily valuable information here on Slashdot that's directly helped me with my own projects. There was a recent article about video codecs that was a huge help to me.
I've seen a few of these scoldings around here lately, this notion that you should do research online before you do research online. One of the reasons you ask a question on Slashdot is because you're not an expert in that particular subject and you're looking for opinion.
Plus, reading TFA is against the Slashdot EULA.
"Fanboy" is an insult? I actually think it's a highly descriptive and precise term. Anyway, he wasn't referring to Slashdot readers as fanboys, he was describing a subset that would rip somebody for trying to make a living by making a product and not giving it away. If the shoe fits...
I hate the very idea of IP, but not everyone can live out here where the air is thin.
Parent
Closed code (Score:5, Insightful)
The license for the Linux kernel is not going to change (It requires the consent of many hundreds of contributors, many of which will decline. Some are dead, others are unreachable.)
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
You can statically link, but why avoid dynamic linking? glibc and libstd++ are LGPL, which permits binary only distribution.
3. Can I obfuscate my code (e.g. encode it)?
Isn't compiling it enough? You can strip the compiled code or debugging symbols if you really want, but you only hurt your own ability to debug your users problems.
4. Could I be forced to publish this code by some 3-d party?
Not if you avoid linking with code which has a license that require it.
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
Linux and the various BSD flavours both allow this sort of use. See the various wifi-routers and tivo style devices. Hell even my digital picture frames run linux.
Re: (Score:3, Informative)
Not of statically linked code. See section 6, which requires that enough materials be given (or offered) to the user to make a version of the program that uses a modified copy of the library.
Tentative answer (Score:4, Informative)
Yes.
2. Can I statically link the code with Linux libraries? (My own experience shows that dynamic linking is too much to bear.)
AFAIK, no. Static linking is incorporating code directly. If you link dynamically then any library that is LGPL (not GPL) is fine, but for static linking I believe you need to have an open license on your own code as well.
3. Can I obfuscate my code (e.g. encode it)?
It's your code - do anything you want. If you're not open-sourcing it, just don't ship the source.
4. Could I be forced to publish this code by some 3-d party?
No. Again, when people have been found to have violated the terms of the license, they've had to stop selling and distributing the stuff. I can imagine cases where someone may have to retroactively pay for the illegal use of code. But I can't see a situation where'd you actually had to open your code.
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
Well, 1, 3 and 4 isn't a problem under Linux either. 2 - for BSD-licensed libraries you could link statically. But a lot of libs (user-interface stuff and higher-level libs) in BSD systems are LGPL as well - everything in a BSD-based system isn't BSD-licensed.
not to disparage, but (Score:5, Interesting)
Your code will be closed source? Fine, I don't have much of a care about such, dig out, I plan to do a game, and that will be closed source at first. But your planned software will run on linux, and that gives rise to the problem.
Just say your project proves popular. Well in that case the chances are very high that you will find yourself in competition with an open source equivalent, either existing or created specifically because your software revealed a new need.
You need to look closely at the closed source rationale. It can work, but not everywhere. You could be beaten to a pulp by a small group of co-operating people out to do better then you. There have been some successes with closed software on embedded systems, but those have been heavily invested in, with lots of developers.
Hmm (Score:3, Informative)
To be perfectly honest, I have to question whether it's wise to enter a market where a) you don't have familiarity with the platform (there are long established answers to most of these questions) and b) don't know anybody you could ask. Having said that...
1. Can I do it with Linux today (GPL2) and tomorrow (GPL3)?
Today, yes, provided you comply with the terms of the license. Tomorrow, it depends on exactly what you are doing.
2. Can I statically link the code with Linux libraries?
That contradicts your earlier claim that you "won't modify or use any GPL code or any 3rd-party sources". The term "Linux libraries" is meaningless. What libraries are we talking about? By statically linking a library, you make your application a derivative work and you are also distributing the library itself, which means you need to make sure that the library's license allows this and that you comply with its terms.
(My own experience shows that dynamic linking is too much to bear.)
Your own experience is probably wrong.
3. Can I obfuscate my code (e.g. encode it)?
So long as it's entirely your code, although I don't see the point. Of course, if the reason you are obfuscating the code is because it's a derivative work and you are required to provide the source, then no, you probably can't.
4. Could I be forced to publish this code by some 3-d party?
At worst, if you infringe on somebody's copyrights, then you could be offered this as an alternative to being sued.
See, this is the kind of question that makes me think you don't even have the remotest familiarity with Linux. You seriously think somebody can just shake you down for source? Huh? Or are you just spreading FUD?
5. Am I correct that programming in and selling BSD-based boxes won't raise any of the above problems?
Ah, that answers my question. Fuck off. You aren't genuinely asking these questions, you're just a BSD troll spreading FUD.
Just use BSD (Score:4, Insightful)
I'm not opposed to proprietary software. Quite the contrary. But I do find the notion of taking an open source project, slapping on a bit of code, and trying to keep your part to yourself, to be extremely offensive. The people who contributed to GNU software did so with the expectation that their code is share and share alike. What you've described appears to run directly counter to that, completely disrespecting the wishes of the programmers involved. Unless I'm reading you wrong, you deserve a hearty "go to hell!".
BSD, on the other hand, is meant to allow for use exactly like you are proposing. Have at it. No hard feelings there as that's exactly in line with their programmers' wishes.
Re: (Score:3, Informative)
In some way, yes, they did expect 'share and share alike'. But not entirely. Linux kernel developers explicitly allow you to do whatever you want in userspace; they don't expect anything from you if you use their kernel and 'slap' a proprietary
Re: (Score:3, Informative)
I suppose you could still be opposed to closed-source software in principle, but you're not - what you seem to be doing (intentionally or not, I can't tell) is
Take, take, take? (Score:5, Insightful)
Some people would call that selfish.
Here is my advice: talk to a lawyer who is knowledgeable on licensing and IP matters.
Don't statically link libraries (Score:4, Informative)
So hard to make an application on Linux (Score:5, Insightful)
Not using other people's code? (Score:4, Insightful)
Of course, you'll want to use other people's code for some things. You'll almost certainly want to start your program using some shell scripts, but those don't have a non-source form and are generally not worth obfuscating. If you want to use more libraries, you'll have to look at their licenses (many important Linux libraries are BSD-licensed anyway, though). If you're writing kernel code, you probably want to open-source this part and do as little of the interesting stuff there as possible (for technical reasons: kernel bugs cause a lot more damage than userspace bugs; for maintence reasons: kernel developers will maintain cleanly-written open-source code for you across trivial API changes; and for legal reasons: it's a pain to avoid making your module a derivative work of the kernel).
The ideal thing is to build a little computer running Linux with nothing in it that you wrote, and then use it to run a program that's entirely yours, and sell the whole thing to people.
The real answers... (Score:4, Insightful)
So, yes, if you distribute a linux kernel that you downloaded from "xyzzyplugh.com" you can direct people to "xyzzyplugh.com" for sources. But if "xyzzyplugh.com" goes out of business, you still need to be able to provide the sources.
The same is true if you use a BSD kernel, but include the GPL application "spork" embedded in the device. You need to be able to provide the sources to "spork" regardless of where you obtained the "spork" binary and regardless of whether the "spork" sources are available elsewhere.
No. If you statically link the Linux libraries, or any GPL licensed library, then you are obligated to license your application under the GPL. If you statically link a LGPL licensed binary, your application can remain closed source. However you must make source for the LGPL licensed library available, again for at least 3 years longer than you distribute the application. Source or object code? In either case the answer is "of course" for all licenses. But if you are under GPL or LGPL, you need to make the means to decrypt it available to anyone who wants it. No, but you could be required to cease distribution and potentially be penalized in either civil or criminal court for any copyright violations you commit. This could apply regardless of the licence of the OS kernel you use. Be sure to understand the license of any software or libraries that you distribute.Re: (Score:3, Interesting)
This assumes two things:
1) The complete package is worth more than the code.
2) You don't sell it exclusively to potential competitors.
In these cas
Re:Why closed? (Score:5, Insightful)
If you don't care about the GPL, don't use GPL'd software. Simple.
The only reason we are having this discussion is because GNU/Linux has become so succesfull BECAUSE no-one has been able to hijack it and close it.
Understand now?
It's not about zealotry, it's about denying greedy, selfish people the ability to build on the shoulders of others without giving anything back.
Parent