Linksys Still In Violation of the GPL?

A reader writes:"From a recent post to LKML: "...Clearly, the kernel source that Linksys provided cannot be used to recreate the kernel that they are shipping with their product. Therefore, they have been, and still remain in violation of the GPL." Several heavy hitters have signed this one, including Jeremy Allison and Alan Cox." There's also commentary from David Turner and Bradley Kuhn of the FSF.

GPL be damned!

[Quasar1999]

I'd be much happier if companies were forced to release good, unhindered specs/APIs... I don't care if you didn't give out your specific implementation, fine... whatever... but give me the means to create my own implementation that can function the same as theirs. Is that soo much to ask?

Re:GPL be damned!

[dnoyeb]

That's not too much to ask. We can call it the "QPL." And when they are licensed under the QPL, they can follow the QPL's requirements. Until then, let them abide by their licensing (GPL) obligations.

Re:GPL be damned!

[Peter Eckersley]

That's not too much to ask. We can call it the "QPL." And when they are licensed under the QPL, they can follow the QPL's requirements.

This might be possible. But it may be very difficult to define "good specs and APIs", in the same elegant way that the GPL twists copyright inside out.

Oh, and "QPL [trolltech.com]" is already taken.

Re:GPL be damned!

[djh101010]

Is that soo much to ask?

Not at all. If they want to not release their source code, they're perfectly free to do that...but of course, they're then perfectly welcome to not use GPL software to build from in the first place, what with that being the deal and all.

Re:GPL be damned!

[Horny Smurf]

Programming is like sex... make one mistake, and support it the rest of your life.

Also, /. readers like to talk about it, but if you're posting to slashdot, you're obviously not doing it!

Re:GPL be damned!

[B'Trey]

Speak for yourself. I can type and stroke at the same tima;lksjdf Oh! Oh God. Yeah, that's it! Oh!!!!!!!!!!!!! uh, sorry, what was I saying?

Re:GPL be damned!

[rmohr02]

I think it just makes good business sense to release specs and/or APIs for hardware products--the manufacturer is making money off of the hardware, and if somebody makes a Free (or even just free) software program that works better than what the manufacturer included (or didn't include for certain operating systems), the manufacturer benefits the most. And if somebody charges for a software package they created using the API, customers still have to buy the hardware to use the software.

Anything short of GPL compliance is infringement.

[jbn-o]

I'd be much happier if companies were forced to release good, unhindered specs/APIs... I don't care if you didn't give out your specific implementation, fine... whatever... but give me the means to create my own implementation that can function the same as theirs. Is that soo much to ask?

This work is being distributed under the GNU General Public License so anything short of that (such as distributing specifications) it is not sufficient. Also, the GNU GPL covers patented implementations, making it pos

Copyright and contrasts

[Anonymous Brave Guy]

But, given the high moderation on the parent comment, I'm guessing that many /. readers want to grant corporate copyright infringers anything they say they need to make money.

Isn't it odd how, according to Joe Slashdot, copyright is so important when it relates to the GPL, but so irrelevant when it relates to music or movies?

Cases like this are exactly the reason why copyright law should have teeth and be respected: copyright is, in general, a good thing and an important defence of the rights of people who create work and allow others to use it.

However, when it's wholesale abused by large subsets of the population -- many, many of whom arrogantly proclaim their support for that abuse right here on this forum -- it's no surprise that other big companies turn around and slam it back in society's collective face. Did no-one see this coming?

I won't be at all surprised if Linksys wriggles free of all charges on a legal technicality, just as numerous blatant copyright infringers have done when prosecuted by the big media groups. It's just a shame that we have evolved a culture where copyright lacks respect to such a degree, and now the hard workers who create good things like the Linux kernel suffer because of the prevailing greed of song-swappers and the pirate movie business.

Re:Um... no

[EzInKy]

I work for a company where we are developing a product running an embedded version of Linux with plenty of our own, proprietary code running on top of it (we have been very careful to ensure that the two code bases never mix). You seem to be of the opinion that anyone who purchases this product down the line should be entitled not only to the source of the Linux code we used, but also the specs of the interface we built for interaction with the hardware as well as the code that uses this interface, neither

Re:Um... no

[supergiovane]

This is part of the reason some consider Linux to be viral, some actually believe that code running with or under Linux is required to have it's source available to all those who want it, that would be a big no.
Unless you're statically linking your code to GPLed code, as in Linksys' case.

Re:GPL be damned!

[Anonym0us Cow Herd]

In some cases, they can't release complete specs for the hardware, because some of their proprietary stuff (or, worse, other people's) is in software.

If you have secrets to keep, then do not statically link your precious secrets into the kernel. The kernel specifically allows binary-only loadable kernel modules. If Linksys had gone this route, then the community could compile new kernels and still use the secret loadable kernel modules -- without source.

Even better idea: if you have secrets to keep, not only don't statically link to the kernel, but don't even use open source. Please. That way I'll have more motivation to buy your competitors product.

Violation

[mschoolbus]

Several heavy hitters have signed this one, including Jeremy Allison and Alan Cox.

Yea.... Where do I sign?!

12 year old weblogs

[TWX]

"post a rant on slashdot. It's well known that the RIAA, MPAA, Microsoft, SCO, etc. read weblogs to find out what uninformed 12 year olds think of them, and change business practices accordingly."

So some twelve year old girl's rant about not having any boobs yet is what prompted the music industry to get Britney Spears a breast enlargement back in 1997 or so? Sheesh...

Re:Violation

[Daniel Phillips]

post a rant on slashdot. It's well known that the RIAA, MPAA, Microsoft, SCO, etc. read weblogs to find out what uninformed 12 year olds think of them, and change business practices accordingly.

You may think that's funny but the fact is, a lot of mainstream net media do troll through these articles, at least looking for a consensus on the general mood, and sometimes finding an interesting lead or two no doubt.

Try this: google "slashdot site:www.usatoday.com"

Admittedly, the qualify of the posts often lea

Attorney's Fees? EFF?

[redfenix]

Okay, and who is going to pay the attorney's fees to file such actions and pose enough threat to make them "settle for millions?"

If people care enough about this, they should send money to the EFF, perhaps earmarked for the "Linksys GPL suit". They're probably the best legally equipped organization to do this.

What's the big deal, anyway?

[Pig Hogger]

What's the big deal anyway? The thing uses proprietary hardware, so in order to reproduce it, you'd also have to have the masks to make the chips anyways. So they stand to lose nothing by not publishing the source.

Could no one port it?

[siskbc]

What's the big deal anyway? The thing uses proprietary hardware, so in order to reproduce it, you'd also have to have the masks to make the chips anyways. So they stand to lose nothing by not publishing the source.

I expect someone clever enough could rip out the interesting bits, or port the whole damned thing to another card if interested enough. The philosophy, I believe, is that the community should be able to decide whether it's worth it.

Or, look at it this way - if no one could conceivably do anything with their source, then they have nothing to RISK by releasing it, huh?

Re:What's the big deal, anyway?

[frenetic3]

well, the whole rationale and underlying spirit of the gpl is that the whole community should benefit from their modifications/improvements since they benefited from the preexisting gpl'ed code, and then we should be able to turn around and integrate our own improvements and do whatever we want with the new source. (hence 'open' source)

and secondly, the thing is probably flashable by software, so you could theoretically add new features to the firmware by taking their source, modifying it, compiling it, and flashing it to the device.

-fren

Re:What's the big deal, anyway?

[dnoyeb]

RTFLKML

It explains the "big deal" as one would expect. And naturally it has nothing to do with making money by ripping off Linksys but other side projects from Seattlewireless and others. Lots of people buy these products and would like the ability to further develop them. By way of GPL, they also have the right to do so.

On the flip side CISCO/Linksys does good things

[BroncoInCalifornia]

CISCO owns Linksys. Inside CISCO people have the option of using a Linux desktop! We should give CISCO some good karma just for that.

Re:On the flip side CISCO/Linksys does good things

[Dun Malg]

CISCO owns Linksys. Inside CISCO people have the option of using a Linux desktop! We should give CISCO some good karma just for that.

True, Cisco deserves a few props for that, but NOBODY should get any slack when they violate the GPL for commercial gain. That's just not cool.

Re:What's the big deal, anyway?

[cduffy]

What's the big deal anyway? The thing uses proprietary hardware, so in order to reproduce it, you'd also have to have the masks to make the chips anyways

Err, well, no.

It actually uses, for instance, a set of chips manufactured by Broadcom. Anyone else building an embedded system and looking to use those chips -- or writing drivers for PC hardware based on those chips -- would have a great deal of use for these drivers.

Re:What's the big deal, anyway?

[pavon]

The big deal is that kernal developers wrote this code and they have the (copy)right to determine how it is being used. Linksys has broken the terms of the copyright licence. Just because the kernal developers have a more permissive license than proprietary software does not give people the right to do whatever they want with the sofware. Just because the copyright is not held by a large corporation, does not mean that they can get away with breaking the licence. Just because the license demands source code instead of money in exchange for the right to modify the software, does not make it any less valid. A licence is a licence and what Linksys is doing is illegal - no different than if someone were to ship with copies of Windows in their hardware without paying for licences.

The main point is that we need to inforce the GPL and out of principle and fairness. It wouldn't be good to crack down on licence violations in cases where we have something to gain and then willingly turn a blind eye to others. We don't want to be seen playing a bait and charge game like what happened with GIF and MP3. We need to be diligent and fair in this manner, find out what source is not being released, and who is holding it back (be it Linksys themselves, or one of their partners), and see to it that they obey the terms of our licence. If we don't, then people will get the impression that we don't care if they violate our license.

Now, if availability of this code helps someone, then great - that's why the GPL is written the way it is. And at the very least there are people that would enjoy having the code. But even if no one ever used the source, we would be setting a very bad precident not to press this issue.

Sick of this type of thing

[Anonymous Coward]

So they are in violation. Who the fawk is actually going to DO anything other then sign statements and generally complain. WE NEED SOMEONE TO TAKE THEM TO COURT!

I am sick of all the complaining and no action. Put up or SHUT UP!.

Re:Sick of this type of thing

[FattMattP]

So they are in violation. Who the fawk is actually going to DO anything other then sign statements and generally complain. WE NEED SOMEONE TO TAKE THEM TO COURT!

It's not wise to rush to court. The courts don't look favourably on people who do that. Instead, the LK & Samba teams are doing the right thing by trying to resolve this matter directly with Linksys. At some point if this does go to court, the fact that several attempts at resolution were made before filing suit will work in our favour.

Re:Sick of this type of thing

[Jameth]

I commonly note this kind of attitude these days. Is there any need to be so harsh? Certainly, if they are non-compliant, a solid stand should be taken. However, it appears at the moment that this can be resolved without the court system being involved.

Of course, if they drag their feet again, that's another matter. As someone pointed out on the list, this was likely outsourced, and this may have been an honest mistake.

Be nice, give them a week. Rushing to court and suing people left and right is what mak

Let's be thankful

[overbyj]

that they aren't charging us $699 to use their stuff!

Samba abused too?

[Davak]

The article references that Samba has also been abused in this matter. Has this been resolved? [ksmith.com]

Davak

Something I've always wondered

[nusuth]

If someone released source code under GPL, do they also need to make sure that others can compile it? These guys use "we can't compile it" argument just to prove that the source code is incomplete but suppose that linksys ported linux to INTERCAL++ and released full source code but did not provide the compiler they made in-house. Would that still violate GPL?

Re:Something I've always wondered

[Anonymous Coward]

Well, maybe it's me but I would think that if Alan Cox can't compile it, then it can't be compiled.

Re:Something I've always wondered

[Yartrebo]

Well, the GPL does say the following:

a) Accompany it with the

complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

If a compiler isn't available to the recipient, than it isn't machine readable, and should be a GPL violation.

Re:Something I've always wondered

[Anonymous Coward]

No, they use the "attempt to compile it and referrences to files not provided appear" argument. If you port to INTERCAL++ and ALL the files are provided then you have provided the full source. But if in the process of porting you add five new files to the derived work and only provide two of the five in source then you have failed to provide the full source.

Regardless of how you want to twist their argument, Linksys is not providing the full source code.

No, you don't have to be able to compile it, but..

[ebcdic]

They only have to release their code if it is part of a derivative work based on the GPLed code. A port of the Linux kernel to INTERCAL++ would probably be a derivative work, but the compiler might well be a separate work, so they would not need to release its source. But if the reason that it won't compile is that part of the source of the program is missing, then that's a sign that they have not published part of the derivative work.

Re:Something I've always wondered

[michael_cain]

I know of no way other than being able to compile and run the resulting binary to verify that the source code provided is indeed the correct, working source code. Your point about the custom compiler may be valid -- that is, I'll give you my source code changes, but they are specific to a particular compiler you do not have. Given full source code, you can presumably port it to whatever compiler you do have. However, there would certainly be lines across which said custom compiler could not step (IMO) and have the whole thing remain GPL-compliant.

For example, one of the Bell Labs' UNIX gods (I forget which) demonstrated how a C compiler could (a) insert backdoor binary code into applications it was compiling and (b) recognize when it was compiling itself and insert the backdoor-inserting code. Thus none of the source files, for either the compiler or the application, showed that there was a backdoor. They were making the point that the system is not secure if you're initially dependent on some chunk of binary code (or at least you have to analyze that binary, which is much more difficult).

In this GPL example, if the custom compiler inserted binary code needed to build a working program, and no other compiler working strictly from the source could produce a working program, there's pretty clearly a violation.

Re:Something I've always wondered

[rmohr02]

Quoth the GPL:

The source code for a work means the preferred form of the work for

making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (c

Re:Something I've always wondered

[Novus]

However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.

If it's a custom compiler, it can't be normally distributed with the operating system on which the executable runs, so they have to provide it according to the above part of the GPL.

Re:Something I've always wondered

[catenos]

These guys use "we can't compile it" argument just to prove that the source code is incomplete

That summary is incomplete:

1. They also show with great detail that the downloadable binary contains symbol names not contained in the published source.

2. They don't say "we can't compile it", but "compiling the network gives errors about missing files."

3. Since the distributed binary comes with network support, yes, "2." alone would already be enough to show that the GPLv2 has been violated (see section 3, t

"Linksco"?

[Lodragandraoidh]

The merging of Linksys and Cisco was seen by some to be a good thing.

However it appears that culture of 'security through obscurity', as seen in Cisco router firmware apps has found its way into the Linksys product line, to the detriment of the GPL contract.

What Cisco is doing is wrong - plain and simple. If Cisco chooses to use copyrighted material under the GPL, they need to live up to their responsibilities under that license. I urge Cisco/Linksys to fix the problem before things get out of hand. You can't participate in the free/opensource software community half way.

The price of freedom...

[EvilTwinSkippy]

The price of freedom is eternal vigilance.

It may look to the outside like knitpicking. But rights have to defended or they lack all meaning. And we seldom get to pick and choose our adversaries, or the time of battle.

Couldn't have happened at a worse time

[Snowspinner]

Really, this couldn't be a worse time to go after Linksys. With the SCO case looming over everything, GPL software already looks like a risky investment to people. Now the GPL folks are going to go after Linksys?

Great. So now the perspective of someone who doesn't know the details of either case (Which probably makes up a large share of bosses who would have to sign off on any adoptions of GPL software) will look at GPL software, and see that using it gets you sued from the outside and the inside.

This is going to be bad.

Re:Couldn't have happened at a worse time

[BenjyD]

Thinking about it, the average intelligence of managers does seem to at the lower end of the simian spectrum. Maybe a "GPL for dummies" book is needed.

This is the scarry part.

[jellomizer]

In the most part I like the GPL. But problems like this make it hard for companies to adopt GPL products. When they are required to release their own IP code. This makes it very hard to convince your Boss who has been for years working to keep the IP code their IP, To prevent cheap ripoffs of their products. Now that there are people strongly enforcing the GPL a lot of companies will be afraid to use it. Good job guys at magnifying Microsoft Concerns on the GPL.

Re:This is the scarry part.

[nullard]

Then why use the GPL code? It's not public domain. It's someone's copyrighted code that they gave to Linksys in exchange for publicly available copies of all modifications and additions that they may make to it. If Linksys didn't like the terms, they should have written their own software instead of stealing somone else's.

I say that they are stealing because to legally copy it they had to agree to the GPL. The GPL requires them to do certain things which they have not done. They have not fulfilled their ob

That's the point.

[3Suns]

You've just noticed the point of the GPL in the first place. Congratulations.

People license their code under the GPL because it protects their code from being commercialized. Nobody sells GPL code, and therefore anybody who uses it, must use it per the license. The GPL provides a way to ensure that if you give your copyrighted code away, then nobody will take advantage of that trust. In short, nobody can improve on your property and use those improvements to their exclusive benefit. Any improvements must necessarily benefit everybody. period.

And if companies don't like that idea, then they shouldn't use GPL code. tough.

Re:This is the scarry part.

[Soko]

The obvious solution for Linksys is to pull an NVidia - link the binary driver to the kernel with a GPLed stub of some sort. Cheap and sleazy to be sure, but still a valid way out if they'd have Broadcom taking them to court.

That would satisfy most everyone's concerns, except the die-hard GPL zealots. Linus is tolerant of such things, IIRC, so the rest will likely be as well. Besides, there's no one on that post screaming for legal blood - they want it solved amicably.

Companies like Linksys do need to get

Re:This is the scarry part.

[dissy]

> Now that there are people strongly enforcing the GPL a lot of companies will be
> afraid to use it. Good job guys at magnifying Microsoft Concerns on the GPL.

Good.

Let Cisco/Linksys take WinCE and use it and not pay MS a dime and ignore that licence. Then you can go pitch your same exact complaint to MS when they sue for piracy and demand money for it.

GPL software does have a cost. Its not money, its to have the changes given back.

If you dont pay the cost of the licence of the software, you are pirating software and voilating copyright. (Or as the less bright of slashdot call it in RIAA/MPAA articles, you are stealing.)

Re:This is the scarry part.

[jellomizer]

Wow if I was a moderator right now I would wish I would have 1/2 insightful and 1/2 troll. I personally like the BSD license I find it to be the most productive and beneficial to human kind. But going the GNU is Communist that is pushing it, If GNU was Communist then It would be more like free software that you cannot sell for any reason because it already belongs to the comunity.

Stop complaining and start suing

[javatips]

It kinda amaze me that these guy are only complaining.

I'm pretty sure that if they really wanted to do something about it, they would create a fund (given they big shot status, it should not be that difficult) to sue Linksys/Cisco for the violation. Why does the FSF do nothing about that matter?

They should also publish their correspondance with Linksys (if they had any) about the issue. What we are earing is just one side of the story!

So, What's Going On?

[13Echo]

Did Linksys add their own code and exclude it, or did they modify existing code and exclude it?

If they merely excluded stuff that they wrote, without wanting it to be GPLed, then is there a problem? Are we to really know that they didn't just yank these peices of code in favor of their own non-GPL stuff?

Can someone familiar with these peices of missing code do a better job of explaining their purpose?

There is no "drivers/net/hnd/Config.in" in my 2.4.18 kernel source.

So Sue Them - And a question

[Kombat]

Wow, the letter linked certainly is informative and damning, and you are correct, there are some big signatures at the bottom, but in the corporate world, it all means nothing. If you're so sure about it, and want to stick up for the GPL, then sue them. Us ranting about it here won't do anything at all. Even a letter to some mailing list, signed by some big names in Linux, means absolutely nothing to them, because there are no consequences to LinkSys for ignoring them. And that's the bottom line.

Responding to the accusations would cost money. Ignoring them, at this point, won't cost them a cent, because it's just a bunch of guys bitching and moaning on a mailing list, and here on Slashdot. Until someone with the stones (and the coin to back it up) steps up to the plate with some legal papers, absolutely nothing is going to happen.

That said, I have a question ... what if a company contacts out some aspects of their firmware design to a third party, but the parent company themselves uses GPL'd software. Say I hire AcmeSoft to write a driver for me for a router I'm making. AcmeSoft delivers some statically-linked binaries to me (but no source code), which I statically link into the GPL'd source code and in-house source code that my guys have written. Now, I make all that GPL software and my in-house software freely available, but I can't make the source for that driver from AcmeSoft available, because I don't have it. While technically, I'm in violation of the GPL, but if I've done all I can (short of pressuring AcmeSoft for source (which they won't give me) or ditching Linux altogether), am I really such a bad guy?

Kernel modules need not be GPL'd

[RunzWithScissors]

If Linksys is implementing a bunch of extra functionality through kernel modules, they would not have to release that source because of the GPL. A module developer can cover the module under any license that they see fit.

However, if Linksys is using an existing GPL'd module that they have tweaked, then they would be in violation of the GPL. My thinking is that they are employing the former rather than the latter.

-Runz

Re:Kernel modules need not be GPL'd

[_Upsilon_]

That's exactly the issue. The have modules, but for their modules to work they added to the core kernel. The pieces that have been added to the kernel need to be GPL'd.

Re:Kernel modules need not be GPL'd

[sudog]

You're not reading the article. There are static modifications to the Linux kernel that aren't being released. It's not a question of "if modules" or "then they're ok". It's clear in the linked article! Sheesh!

Cripes, people. RTFA!

Yea, and?

[xanadu-xtroot.com]

OK, fine. They're not really doing what they should be doing (from a legal sense I mean). They are, however, using our favorite "OS" to get out to the masses (OK, I really hate the default to 192.168.1.x for the DHCP daemon, but that's a personal thing, I guess...).

OK, so there's a kinda big name company handing out "Linux"... and people are complaining about that...

/me shakes his head.

It depends...

[ebcdic]

... why you want Linux to "get out to the masses". If it's just because you hate Microsoft (and who doesn't), or if it's just like your favourite football team, then maybe you won't care. But if the reason you want Linux to succeed is that you want to promote free software, then a non-free derivative is worse than useless. After all, if you didn't want to ban non-free derivatives, why didn't you use a different licence such as the BSD licence?

GPL maybe too rough?

[192939495969798999]

I have always thought that the GPL was at least a little unfair -- having to release ALL the code for any piece that includes a previously GPL'ed portion. However, what better way could be devised? If it said, "only the module using GPL needs to be released", then companies would just put the GPL'ed part in it's own module. I like that the GPL makes all source more open, but I dislike the fact that people are scared to use it, for fear of revealing competitive advantages or other "really cool" source cod

Re:GPL maybe too rough?

[arkanes]

There's a GPL variant called the LGPL exactly for people who feel this way. If you feel the GPL is too harsh, then don't use it - find an LGPL, or BSD, or whatever licensed project to build off of instead. Or build it from scratch. This ain't a hard concept, and I wonder why people get so worked up about it.

GPL scares me.

[Eisenfaust]

As a software developer the GPL scares me. Personally I try to stay far away from using any GPL code because I am affraid I will not properly credit it or in some other way infringe on the licence agreement. For instance, I don't have a clue whether or not its ok to use a dynamically linked GPL library with a closed source app. Honestly I don't even really know how I would find answers to this short of posting here or hiring a lawyer.

As a result I probably end up writing a lot more code from scratch than I

Re:GPL scares me.

[Fnkmaster]

If you are writing software for a closed source product, you shouldn't incorporate any GPLed source code into your product, period. Pretty much any other Open Source license usually has some mechanism to make it permissible to use with a closed source product. Even the LGPL generally lets you use it (by building the LGPLed code into dynamically linked libraries, and calling them from your closed source binary code using a well-defined interface).

Then again, if you are just building websites or business

Re:GPL scares me.

[swordgeek]

I'm with you.

I noticed that there are three 'definitive' replies to your hypothetical query, and they all disagree with each other to some extent. If a careful reading of the license doesn't clear matters up (and doesn't even give a consistent answer from three self proclaimed knowledgable sorts), then avoid it.

Furthermore, there's no telling if the GPL has any validity whatsoever in court. A few partisan lawyers have decided that it does, but that's far from a legal ruling.

Not designed by Linksys

[Tiersten]

The actual hardware and core software wasn't designed by Linksys. Linksys however make the web frontend and do make some changes to the core platform.

I've got a Buffalo access point and it's got nearly identical firmware and hardware. Even the firmware file format is the same. The only differences are that the front end was written by Melco (parent company of Buffalo) and the Linksys one was by Linksys.

Featurewise it's roughly similar as well. I'd guess that most of these "cheap" all-in-one Broadcom

Are we sure Linksys is in violation?

[tuxlove]

I'm not sure I understand why everyone's so sure they're violating the GPL. If the missing kernel modules are entirely original, why are they required to release them under the GPL? AFAIK, you are only required to release source that contains GPL-ed code, or that is based on GPL-ed code. If you write a kernel module from scratch, it is not bound by the GPL - Linux API compatibility notwithstanding.

Agreed we don't know if their code is original without seeing it. But if it's original they're not obliged to show it. That's the catch-22 of the GPL I've always found interesting.

Re:Are we sure Linksys is in violation?

[pigscanfly.ca]

RTFM
Its not about a couple of kernel modules , they modified the kernel!

FSF Response: Cool Down

[Royster]

Found on the LKML list [alaska.edu].

Subject: Linksys/Cisco GPL Violations
From: David Turner (novalis@fsf.org)
Date: Mon Sep 29 2003 - 10:22:47 AKDT

To Linux Developers Concerned about the Linksys/Cisco GPL Violations:

We are in ongoing negotiating with Linksys/Cisco about this issue. Information from Andrew Miklas and others has been very helpful to us in our negotiations, and we encourage others to share with us any technical information about this or any other GPL violation.

This isn't the first GPL violation we have dealt with; we've been actively enforcing the GPL for over ten years. Our usual practice is not to publicly announce details of ongoing violation negotiations, because we find that private negotiation yields quicker and better cooperation. By building a relationship with violators where we are helping them to come into compliance, we avoid having to fight in court, and are able to spend less resources per violation. Our number one goal in any GPL violation case is to get proper and full compliance with the license; everything
else is secondary.

GPL violations sometimes take time to resolve. We wish that we could force resolution quicker, but we haven't found a way to do that. We have, however, discovered a variant of Brooks's Law: adding more lawyers to a GPL violation usually makes it take longer. Lawyers are reluctant to admit to mistakes, because they fear it could be used against them. Engineers and product managers are typically interested in fixing mistakes, so we try our best to work with them first before escalating to legal teams on both sides. Such escalation has happened on this violation, so it will take additional time to resolve the matter.

In addition, we are leading a coalition of many copyright holders in the WRT54G, as Linux is only one part of a large body of GPL'ed software in the product. We formed this coalition because, having done enforcement cases for a product with a broad range of copyright holders before, we have found that separate enforcement actions and/or law suits from individual copyright holders make attainment of compliance more difficult.

We will continue to do everything necessary to obtain full compliance on this and any other products where violations can be confirmed. On this particular violation, we will keep the community informed when issues come up that impact the rights of everyone whose work is being distributed by Cisco or any of its subsidiaries.

If you are a copyright holder on software in the WRT54G, or any other Cisco product, you are welcome join this coalition. Please email for details.

Sincerely,

David Turner, GPL Compliance Engineer, FSF
Bradley M. Kuhn, Executive Director, FSF

Linksys Could Learn Something From Actiontec

[Damin]

Several weeks ago, I submitted an article to my Local LUG on the Actiontec Dual PC modem and the fact that it ran uClinux. It worked it's way up the chain until it got Slashdotted [myturl.com]. Since that time, Actiontec has embraced the community and opted to take part in the process. They are not only releasing all source code, but the tool chain, recovery utilities and daughterboards to allow additional development on their platform. They have also hired a consultant to help ensure the Open Source community gets solid documentation and has someone to represent them that understands our needs. The Actionhack mailing list archives can be viewed here [express.org]. What they will be releasing can be viewed here [express.org]. Linksys could do well to realize that their actions are pointing the way for other more nimble competition to take advantage of their ill advised behavior.

Re:oops.

[wasabii]

They are shipping software: loaded on the hardware.

Re:oops.

[edwdig]

That discussion was about the modified version of GCC Linksys used that was created by Broadcom.

The issue here is Linksys added additional files to the kernel (not modules) but didn't include them in their source distribution.

You can't even successfully run make config on the code they're giving out, let alone actually build a kernel.

Re:oops.

[Jonah Hex]

I believe your thinking of this Slashback story [slashdot.org] with a response from the Linksys PR rep.

Calm down that jerking knee, then apply ice. In response a post which raised the question of

whether Linksys was in violation of the GPL [slashdot.org] by not distributing, nor offering links to, the source code for the software controlling their 802.11g base stations. A representative from Linksys-PR sent in this note about the "missing" source code:

Linksys is a strong proponent of both Linux and the Open Source movement. The code within our routers is using User Space code without linking dynamically or statically to any GPL (GNU GENERAL PUBLIC LICENSE) code. Any code which does not have a static or dynamic link to anything covered by the General Public License is not GPL'ed, and can be considered closed source.

We regret it took some time to respond to this posting. To assure timely responses to inquiries like this in the future, please use the following procedure which complies with the requirements of the General Public License:

1. Please put your request in writing or in an email addressed to info@Linksys.com
2. You have to request the code for the specific modules you want. It is not valid to issue a request for any "code you may be using."
3. Technically, you are also supposed to provide us with a self-addressed stamped envelope, along with funds to cover the cost of providing the code to you. But Linksys will handle requests on a case-by-case basis. Thank you."

However there's been a couple of additional stories since then about new Linksys GPL releases.

Linksys Releases GPLed Code for WRT54G [slashdot.org] They released their code mods on their website.
Linksys and the GPL, Again [slashdot.org] Missing code mods from the Linksys webpage.

Obviously this is something that's going to take awhile to work out, not only with Linksys but other companies that are enjoying the riches of open source code.

Jonah Hex

Re:oops.

[ninewands]

As Linksys PR said:

Linksys is a strong proponent of both Linux and the Open Source movement. The code within our routers is using User Space code without linking dynamically or statically to any GPL (GNU GENERAL PUBLIC LICENSE) code. Any code which does not have a static or dynamic link to anything covered by the General Public License is not GPL'ed, and can be considered closed source.

I beg to differ with their position wrt the correctness of their analysis on how to go about withholding some of their code as 'closed source.'

As an example of the RIGHT way to do this (whether you agree with the politics of it or not), I would submit that Nvidia withholds the source to their binary-only video drivers, but makes the glue code that adapts it to a specific kernel freely available. In addition, NOT having the source to the Nvidia drivers in no way impedes my ability to compile a kernel.

The fact that it is not possible to configure, much less compile, the kernel tree available from Linksys's GPL software page indicates that they have withheld code which SHOULD be released under the GPL because of how tightly it is interwoven into the kernel code.

Just my US$0.02

Re:oops.

[mahdi13]

Yes, it's called embedded software
It's a snazy new way of making softwar, maybe you've heard of it? It's only been around for 50 years or so...

Re:Why should they?

[BorgDrone]

If you use GPL, you are supposed to reveal ALL the code you have even if it parts of it was designed completely independently?

You have to release all sourcecode that is part of a derived work of the GPL software.

Since a modified kernel is a derived work of the original GPL-ed kernel they have to release the source to their modified kernel.

Re:GPL Questions?

[Curien]

Yes, but the kernel has an exception to the license, allowing people to link dynamically to the kernel without being bound by the GPL.

This is why nVidia's drivers are OK: they are linked dynamically. The problem is that Linksys' stuff is linked statically.

Re:Why should they?

[nate1138]

If you don't like the license terms, then use BSD or QNX or something else. Linksys knew the terms, now they have to abide by them.

Re:Why should they?

[VertigoAce]

If you read the post, they present evidence that the kernel itself was modified (as opposed to kernel modules). Because the modifications to the kernel weren't released, you can't build a kernel that is able to load their modules. In fact, as they distribute it, the kernel itself won't compile if you enable network device support since they have removed a required config file from the distribution.

Re:Why should they?

[fireman sam]

It is all to do with the linking. Linksys has code that is statically linked to the Kernel. As it stands, statically linking code to the Kernel requires the code to be GPL'd. If they don't like it they can use a different OS.

Consider it payment to the open source community for use of the Kernel.

Re:Why should they?

[lordcorusa]

I don't mean to be redundant, but I see this mistake all the time and I don't want people to go away with incorrect ideas. You need to read your licenses carefully, especially if you write or modify code under them.

The Linux kernel is GPLed, not LGPLed. You can link LGPLed code with new code dynamically without releasing source to the new code. However, with the GPL, you *must* release source regardless of whether the code is statically or dynamically linked. So even if Linksys dynamically linked their pro

Re:Why should they?

[BJH]

*Sigh*... no, they don't. First, go and read the damn license, OK?

The problem this time round is that Linksys have released some kernel source code, but the code they have released is not sufficient to build a working kernel (minus the binary drivers for their wireless stuff, which don't have to be released under the GPL because of Linus's binary module exception).

Effectively, they've just given back the community exactly what the community gave them, without contributing the changes they made that the GP

Re:Why should they?

[gothicpoet]

I think maybe you didn't give the article a full read. What LinkSys has done, if I read the article correctly, is release what they say is the source they are using however it's clear that it isn't the source they are using.

What they've released will not run on their own product. It cannot be compiled.

The article also shows that they made additions to the kernel itself but did not release them.

This isn't about them revealing the internal workings of their silicon, etc. This is about them taking the

Re:Why should they?

[EzInKy]

Let me get this straight... If you use GPL, you are supposed to reveal ALL the code you have even if it parts of it was designed completely independently? You want companies to reveal all their silicon secrets just because they are using Linux to access the silicon? They should give credit where credit is due but there is no reason for them to reveal the internal workings of their silicon, etc. Get real.

The GPL is real, and it is about sharing. If all they want to do is give credit then there is always BSD code available. I wonder if they would be asking as nicely as they kernel group is if they thought Linux was violating their license?

Re:Do you really want them to stop?

[aonaran]

...or, more likely, now that they are a Cisco subsidiary, IOS.

Re:Do you really want them to stop?

[Xner]

If they had used "an academically based OS" such as *-BSD, they would be on very solid ground legally. The BSD license explicitly allows this use of the licensed software, although it disclaims liability (using that big block of caps we all love so much).

The GPL license however has been concocted to prove a point, politically. It does not say "here, do with it as you please". It says "I'll show you mine if you show me yours". Quid pro quo. Linksys has taken the quid, now they need to give us the quo.

Re:Do you really want them to stop?

[ari_j]

You mean they took the quo, and now need to give us the quid, right? (Both literally from the expression and in terms of quid in the English sense would be nice.)

Re:

[account_deleted]

Comment removed based on user account deletion

Re:Do you really want them to stop?

[Afty0r]

cases like this that demonstrate the flaws inherent in the GPL license, in that it is not 'free' at all. A truly free license is one that allows you to do whatever you want to do with the code, such as the BSD licenses

The BSD licenses demand you attribute copyright. Therefore, they are not completely "free" as you describe it.

The only possible truly "free" software license is the public domain, and any author can contribute his original work to it should he wish.

Re:Do you really want them to stop?

[bogie]

"Isn't it enough of a victory for the profession that they have used an academically based operating system rather than a commercial one?"

Umm, No. It isn't a victory at all. Anytime a corporation attempts to co-opt the hard work of others and not abide by the GPL which has gotten GNU/Linux where it is today, its a loss for us all.

"They could conceivably switch to Windows"

Fine with me. They can feel free to pay Microsoft royalties on every unit shipped as well.

I don't mean to sound mean, but you must be new to the opensource movement.

Re:Do you really want them to stop?

[Zebbers]

Ya, a wireless gateway running windows...Id almost use that.

Re:Do you really want them to stop?

[morcheeba]

You wouldn't even have to own it to use it - just 0wn it.

Re:Do you really want them to stop? [GPL]

[pigscanfly.ca]

No it is not . If they want to avoid the huge licensing costs of windows they must abide by the licensing terms of the OS they select (in this case linux) .
If they want something witch they can turn into a propitary system then they should go with one of the BSDs , if they chose linux then they dam well better abide by the rules .

Re:Do you really want them to stop? [GPL]

[cduffy]

Just as a comment, the licensing costs for WinCE aren't that huge at all -- maybe $5 per unit if my memory serves?

OTOH, last I was aware of it, its networking stack's performance was downright *abysmal*.

Re:Do you really want them to stop? [GPL]

[arkanes]

You know thats like 15% of the profit margin on these home user routers, right?

Re:Do you really want them to stop?

[Cid Highwind]

Isn't it enough of a victory for the profession that they have used an academically based operating system rather than a commercial one?

It may be nice to see a major player using Linux, but if nobody makes noise about them violating the GPL, it could have bad repercussions down the road. Not enforcing (or at least trying to enforce) the GPL now gives ammunition to anyone litigating against it in the future. Someone like SCO could argue that not going after Linksys means that the FSF know the GPL is unenforcable, and therefore invalid. Or thgey could argue that not enforcing license terms on the kernel means that the kernel copyright has no value and can therefor be violated without consequences. It's better to send nastygrams now and risk alienating Linksys than not to send them, and risk seeing SCO or MS own Linux.

They could conceivably switch to Windows

Good! Linksys DSL/cable modem routers are pretty insecure by default. Let them generate bad PR for Windows insteads of Linux.

Yes...

[mykepredko]

Ummm... Doesn't GPL become invalid or at least greatly diminished (in the eyes of the court) if derived code is not released as part of the package?

myke

Re:Do you really want them to stop?

[FattMattP]

Isn't it enough of a victory for the profession that they have used an academically based operating system rather than a commercial one?

No. They are in violation of the license. Companies are going to have to realize that they cannot violate the intellectual property of others. By using the Linux kernel they agreed to the license and must now abide by it or be in violation of the law.

Re:Do you really want them to stop?

[Sturm]

You hear this argument alot when commercial entities who utilize Linux are asked to abide by the criteria set forth in the GPL. While it may be "enough of a victory" in the sense that a commercial vendor is using Linux, it still defeats the purpose of the GPL. I think people need to be reminded sometimes that Open Source/Free Software/GNU/GPL's (or whatever you want to call it) reason for existence is *not* commercial adoption. Way "back in the day", we were interested in commercial adoption of Free Softwar

Re:What about Watchguard?

[Lussarn]

You do understand that just about all software in that watchguard box is built buy people wasting there time as you call it. Do you really think Linux is 100% great. Nothing can be done better?

Tough.

[squarooticus]

The terms of the GPL are that, upon distribution of a binary constructed partially from GPL'ed code, you need to offer the source code of everything that links with GPL'ed code. If you can't do that and simultaneously satisfy your other contracts/commitments, then you can't release the product. Period.

The only two resolutions as far as I can tell that will be acceptable to the kernel development team are to release the missing code and violate your contract with the third-party, or to remove the product

TROLLING

[110010001000]

Everyone:

My above post was an intentional troll. It is to prove a few points about the ridiculous nature of the moderation system on slashdot.

1) If you post quickly, you will have a chance to be read and moderated. This system rewards those who post without spending time to think about or read the article(s) involved. I think at least an hour should pass before any posts are made public, and those posts should be posted in random order. The main problem is that the posts at the "top" get modded, while the

Re:Explanation

[matthew.thompson]

My understanding of the GPL is that in creating a single work (Linux Kernel that doesn't require external binary objects) Linksys have taken code that may not have been GPLed (Broadcom drivers?) and spun it into a work that most definately is (The Linux kernel)

Had the broadcom drivers been seperate objects that were not spun into the Kernel but compiled seperately and loaded into memory by the kernel at run time this would not be a problem.

As someone claiming to have an understanding of the problem could

Re:Explanation

[Fnkmaster]

I am not sure if you are just trolling or if you really work for Linksys. In any case, as others will doubtless point out, that is not operating under the terms of the GPL. Whether or not I like them or you like them, the GPL requires that you release all the source code to enable you to compile the binary in question, in this case, the kernel. You are not allowed to link GPLed source code statically with non-GPL-compatible code for this reason, and if you (or anybody) links GPLed code with proprietary/t