

Exploitation of Open Source VoIP 156
n8twj writes " With John 'Maddog' Hall pointing out that Open Source VoIP will be bigger than Linux ever has been. How can we be sure that un-ethical companies will not try to steal code that is covered under the GPL and try to pass it off as their own? Recently, I have become aware that SysMaster has been redistrbuting a version of the Asterisk PBX written by Mark Spencer from Digium and many others. SysMaster claims that they wrote everything in-house, while they have surely done their own development, they are using Asterisk to power their product line without following the rules. In terms of full disclosure, my company also provides Asterisk-based solutions, however we have fully embraced Asterisk and gladly contribute back to the GPL."
Motive (Score:5, Insightful)
Well, it looks (Score:5, Informative)
Re:Well, it looks (Score:5, Informative)
And for the lazy among you: (Score:5, Informative)
1) Digium *does* license Asterisk (as we distribute it, no additional features) outside of GPL and we *do* have commercial licensees already.
2) Digium appreciates the community keeping a watchful eye on other products in the marketplace which may be in violation of Asterisk's licensing terms. Please feel free to contact us directly if you have any concerns or questions.
3) I do not wish to comment specifically about Sysmaster's relationship with Digium at this time other than to say we are in contact with them.
Thank you again for all of your support in the community.
Mark
Translation for the stupid: (Score:1)
Re:Motive (Score:2, Insightful)
Umm.. Proof? (Score:2, Funny)
Where's the evidence? Or did slashdot just post this without checking?
Oh, wait... this is slashdot...
Re:Umm.. Proof? (Score:1)
Re:Umm.. Proof? (Score:2)
They're still competing businesses. It is in their interests to slashdot their competitor and give them a bad name.
Re:Umm.. Proof? (Score:1)
Re:Umm.. Proof? (Score:5, Informative)
The evidence is gleaned from viewing the "strings" output of a SysMaster executable. You find such gems as
Of course, this evidence was compiled by NuFone (a contributer to Asterisk), so you can choose to disbelieve it if you want. But if you want to verify its veracity on your own and post your results, I'm sure that would be OK.
MOD PARENT DOWN - SHOULD HAVE RTFL (Score:2)
Re:MOD PARENT DOWN - SHOULD HAVE RTFA (Score:2)
Re:MOD PARENT DOWN - SHOULD HAVE RTFA (Score:2)
If anyone's to blame, it might be Digium for not building and enforcing a branding on their non-GPL'd customers. If a company is using Digium software, it's in Digium's best interests to require some form of advertisement on the product reguarding that, similar to Intel Inside. It protects their clients, builds brand, and if the brand
its simple (Score:3, Insightful)
It is a little absurd for us to all think that open sources licenses won't get abused to some extent. But, for every quality open source based product that tries to "rip off" the developers (if that can be considered possible in open source) there will be several following the rules who will be glad to keep them in check and sue them into oblivion.
Re:its simple (Score:4, Insightful)
No the competitor has no standing to sue. Only the copyright holder can sue the infringing party.
Except... (Score:2)
Re:its simple (Score:1)
Huh? Its not the license that's abused. Source code with any license can be abused like this. Its the source code thats abused. If its just a grammatical error, make sure you get stuff like this right the next time.
Let the Copyright Holder Handle It (Score:5, Informative)
Re:Let the Copyright Holder Handle It (Score:1, Insightful)
I agree but... (Score:3, Insightful)
Re:Let the Copyright Holder Handle It (Score:1)
What you COULD do is go to the copyright holder and finance his lawsuit against the copyright violator.
Also, anyone who violates copyrights by downloading files on p2p networks (myself included) is very hypocritical if h
Re:Let the Copyright Holder Handle It (Score:2)
You might argue some sort of other damages, but not copyright violation.
Whether you get damages for copyright violation, or for unfair competition, doesn't really matter - as long as the court finds that your competitor is doing something wrong, orders them to stop, and maybe gives you some cash from them, do you really care what the grounds were?
Of course, it might work better if the first case to court was a copyright case, so you could later quote that precedent, and then you'd
And... (Score:5, Interesting)
Someone should really setup a site which helps handle GPL violations by directing copyright holders to the right legal people & offers advice for how to handle violations. A database or wiki could also be setup to record alleged GPL violations & how they were resolved. IIRC, the mplayer project keeps some information on GPL violations on their website. Many were resolved & their site records this.
I'd be happy to help with such a project with my time and content.
Re:And... (Score:2)
My offer to help is genuine. I'm not sure if I want to shoulder the lead on this by myself, but I may have to if no one else sees the need or volunteers.
In teresting case. While they had every right to include the BSD-licensed code in a GPL-licensed suite, they failed to meet obligations of the BSD license. They should correct this, but this kind of "in-fighting" isn't really what I'm most concerned with. It may be important, but I am much
ah the /. crowd (Score:1, Insightful)
Re:ah the /. crowd (Score:5, Insightful)
So... congratulations! You have demonstrated that the slashdot community has two different consensus viewpoints on two different issues.
Something analogous to gpl violations in the music world would be not file-sharing, but bootlegging-- people who bulk-fabricate copies of commercial CDs and then sell them-- a practice which I've yet to see anyone on slashdot defend.
Re:ah the /. crowd (Score:1, Troll)
I see. So you five-finger-discount a shirt at a local store and when caught you claim:
A) I made it myself with a sewing machine.
B) I bought it at another store.
If you're the shopkeeper, is there any difference between the two? Probably not. Whether they're seperate issues depends entirely on which side of the issue you're on.
Plagiarism adds insult to injury, but make no mistake about it: the plagiarism is just an
Re:ah the /. crowd (Score:3, Insightful)
Of course, I'm sure you'll po
Re:ah the /. crowd (Score:2)
See, this topic really erks me.
I agree with you fully. Copyright voilation IS theft!
Unfortunatly, I live in the USA, and their laws disagree with us both by saying they are two different things
Don't worry brother. One of these days we will get them to rewrite the laws in some country (Hopefully the USA) as to say copyright violations are theft.
Then we will have the last laugh!
--
BTW, incase you couldnt tell, I wa
Re:ah the /. crowd (Score:3, Interesting)
So... congratulations! You have demonstrated that the slashdot community has two different consensus viewpoints on two different issues.
Or more clear
Re:ah the /. crowd (Score:2)
No, that would not be an accurate way of stating things, nor was it what I said.
Re:ah the /. crowd (Score:2)
YES!!!!
I see you are finally beginning to understand.
Oh, no, it seems you thought you were being sarcastic, right? Unfortunatly you actually pointed out the HUGE difference between downloading a copy of music and somebody attempting to claim they wrote that music themselves.
Nice trolling, but you lose.
There is ton
Re:ah the /. crowd (Score:2)
(SNIP)
There is tons and tons of GPL software available without source code on the net. Nobody does anything about it
I see. So a small disclaimer "some software not written by us" then it's ok to ignore the GPL. I doubt if that is a general concensus on
That's because the people here are not hyprocrites,
Re:ah the /. crowd (Score:2)
But I am still quite annoyed at your attempts to equate two vastly different levels of copyright violation.
None of those illegal music downloaders claim they wrote Metallica's songs or sold copies of them claiming it was their own music.
Re:ah the /. crowd (Score:2)
(snip)
But I am still quite annoyed at your attempts to equate two vastly different levels of copyright violation.
None of those illegal music downloaders claim they wrote Metallica's songs or sold copies of them claiming it was their own music.
I'm not saying they are equal (nor that they are vastly different) - just that both are wrong and to argue it's ok to steal music online (as many on
Re:ah the /. crowd (Score:2)
At most it can be a differing standard of ethics or morals. Some people think the pot smoking is ok because eveyone is doing it and they don't see the harm it causes. While still being an ilegal drug they don't catagorize it in the same way as crack cocain. For some reason cocain has a higher moral priority then pot and is seen as the worse of t
Re:ah the /. crowd (Score:2)
Ah, rationa;ization. At the root, both are stealing - different ways, but the same thing in the end.
At most it can be a differing standard of ethics or morals.
Sure - people want it both ways - "when I do it it;s because data wants to be free, when someonelese does it it's stealing." - which is why I call it hypocritical to take that stanc
Re:ah the /. crowd (Score:2)
thats the general practice. BTW opensource doesn't mean free of charge either. they can and do charge for open source products. If you make changes to the source then you must release them changes depending on the license. It you make a program that runs on open source then that program is your.
But you stil
Re:ah the /. crowd (Score:2)
They are both car accidents - different types, but at the root, the same thing. And it isn't sharing music - it's stealing.
Re:ah the /. crowd (Score:2)
Nor would that be necessary. The GPL requires that the source code be provided upon request by the distributor of the binaries - it even allows you to charge shipping & handling. It does not require that the source code accompany every binary copy.
Re:ah the /. crowd (Score:1)
Re:ah the /. crowd (Score:1)
As for your analogy on bootlegging, I'd like to differ as bootlegging is also known, in the amateur music circles, as the amateur practice of recording live concerts of some artist.
That practice is, usually, exercised in precarious conditions , often leading to poor quality recordings, no matter how sophistic
Re:ah the /. crowd (Score:2)
Slashdot users do tend to play fast and lose with copyright, but there is a certain respect (not without merit) for the selfless who contribute to free software that makes it beyond the pale to rip that off whilst others who are less altrustic get no such status. What's so surprising about that?
Re:ah the /. crowd (Score:1, Insightful)
This must be why the Slashdot crowd was overwhelmingly for John Kerry.
I think you misread. The slashdot crowd was mostly against Bush, which is not the same as being for Kerry.
It's not clear how this relates to the discussion of slashdotters' attitudes about copyright violations, however.
Re:ah the /. crowd (Score:1, Interesting)
Re:ah the /. crowd (Score:3, Insightful)
P2P piracy promotes fair pricing and technological progress.
Slashdot has a lot of cheap nerds.
Re:ah the /. crowd (Score:2)
This story is about one company presumably profiting off of someone else's work. That's not even a close parallel to debating about the laws that the RIAA and MPAA are buying these days with campaign contributions.
You've got 4, Insightful for your "will be modded down"
Re:ah the /. crowd (Score:2, Insightful)
Here is absolute proof that copyright violation isn't stealing in a legal sense, it's copyright violation. If it were stealing then the value of the items ($17 for a CD for example) would be the damages instead of $150,000 per violation.
If you give away someone else's copyrighted work for free when you don't have permission, you are hurting them just as
Re:ah the /. crowd (Score:1, Insightful)
ah the /. trolls (Score:2)
Re:ah the /. crowd (Score:2)
Re:ah the /. crowd (Score:2)
GPL vs. BSD license? (Score:2)
If so, isn't it completely legal to use BSD code in a GPL product and the resulting work is GPL'd?
The applicable license would be the result of where you obtained the code...so if you got it from BSD, you follow that license, if you got it from the GPL'd product, you follow that license....right?
Someone correct me if I misunderstand this.
Is it possible... (Score:5, Interesting)
It could be possible that they paid for a NON-GPL'd Version that they used as a base.
RTFM (Score:2)
Except that the article (very short article, you can do it), explicitly states that the company claims to have developed the whole thing in house, and not to be using Asterisk under any license at all.
If they did have a legitimate commercial license, don't you suppose they would want to quickly clear the whole thing up by saying so as soon as allegations came out?
lobby your government officials (Score:2, Interesting)
Why? Because open source licenses protect the public good.
In fact, I suggest that FSF and others lobby the government to have open source licenses registeres with an agency. Any software released under a registered license will have that license protected by the government. The simple establishment of the rules should scare most out of eploitation.
IALs can work out the details.
Re:lobby your government officials (Score:5, Insightful)
Yeah, I propose calling it "copyright" and setting up a US Copyright Office to enforce it.
USCO --does not enforce--. (Score:4, Insightful)
It is astounding given how much attention copyright gets here on slashdot that people still Don't Get It.
Yeah, I propose calling it "copyright" and setting up a US Copyright Office to enforce it.
The USCO does not enforce copyright. It registers copyrights.
There are no US Copyright Office boogeymen in black who run around arresting people either. If I steal your work, it is entirely your responsibility, in civil court (not criminal) to sue me and recover damages.
Further, copyrighting your code with the GPL license DOES NOT entitle you to expect the Free Software Foundation to go around suing people for you. They'll politely give you some suggestions on who to talk to and maybe a little basic advice, but that's it.
So many people don't get it- they whine about their code being stolen, but then don't do anything about it. As a result, corporations are fearless in violating the GPL license as has been proven again and again. The GPL license, as a result, is quickly becoming irrelevant.
When SCO claims Linus and others stole code, Linus and others need to sue them for liable(or slander, I forget). When Linksys fails to follow the GPL and steals code, the people who wrote the code need to immediately send them a cease and desist, and if they fail to comply, sue them to FORCE them to cease.
In this case, the Asterix developers need to pay a lawyer to file suit against the offending company, seek evidence by court order (if they are using GPL code, it'll be very easy to prove once you're in the door with a court search order), and if they find evidence, hammer them into the ground.
This is in bold because people need to wake up and get a clue. YOU NEED TO START BACKING UP THE GPL WITH LAWSUITS OR IT WILL BECOME COMPLETELY IRRELEVANT AND UNENFORCEABLE.
Re:USCO --does not enforce--. (Score:2)
I do not agree that the GPL is weakened if it is not enforced by everyone. The laws of copyright do not appear to have been weakened by widespread flouting of the law. Unlike trademarks which may lapse if not protected, authors still have the right to enforce their copyright (and hence the GPL) selectively, even if they choose not to.
When SC
Re:USCO --does not enforce--. (Score:3, Interesting)
2) In the US, at least, Linus could not possibly make a workable libel case against SCO. In a country like Britain with a lower threshold for libel, there might be some value.
3) Lack of enforcement does not weaken copyright, and certainly does not weaken GPL licensing as a whole.
Re:USCO --does not enforce--. (Score:2)
Re:lobby your government officials (Score:2)
One of the NICE things about civil litigation is that you don't have to depend on the government to do anything except sit there and make decisions about issues that are put directly in front of it. You get your own lawyer to do the hard work, and (s)he's more than willing to go the extra mile because you're paying the bills.
Con
Re:lobby your government officials (Score:2)
don't worry (Score:4, Interesting)
For BSD-licensed software (are there any BSD VoIP solutions?), companies are even welcome to use the software and make it proprietary. Proponents of BSD probably believe that it's better to have companies use open-source derived software even if they don't give back than to lose more companies to proprietary vendors. (Personally, I think it needs to be looked at on a case-by-case basis.)
just curious (Score:3, Interesting)
I am not saying that everyone that uses OS software should be working on contributions. It certainly doesn't hurt the OS community.. But you seem to have a tone that there is some benefit from companies using OS software without giving back.
Unless I am missing something, that leaves the software right where it started.. And while it doesn't hurt it, it doesn't seem
undermines competitors (Score:2)
Whether or not company A gets money for their open source product, company B selling a closed source product doesn't get any money to further market to other companies when companies X Y and Z use company A's product.
It's a very long-term view, but one could make that argument.
Re:just curious (Score:4, Insightful)
In general, option 3 is best if you are using an open source project that is not your core business - Apple lose no commercial advantage by allowing other people access to their compiler, and maintaining a complete fork of GCC would be far more expensive.
Option 2 may be better if it is your core business, since you can maintain a commercial advantage by not releasing code (or by releasing it late, when you have a new feature that distinguishes your code from the others).
Re:just curious (Score:2)
Use it, modify it, sell it, just ignore the license.
Re:just curious (Score:2)
Re:just curious (Score:2)
My point is that companies do it anyway and just ignore the license.
Re:just curious (Score:2)
DO worry (Score:2)
That's trademark, not copyright. (Score:2)
Re:don't worry (Score:2)
Thanks for your contribution... (Score:5, Funny)
but I think the GPL is pretty full and doesn't need any more contributions at this time.
one the many illegal reuses of open source... (Score:1)
And this will increase with time, with companies not caring for licenses just to make more profit...
The internet community should care and take such cases to the courts. netfilter has been successfull with this in Germany.
not all of them ... (Score:4, Informative)
follow the BSA model (Score:1, Interesting)
With enough money, they can also take out radio ads similar to the ominous BSA warnings that get played here in Chicago once a year.
Community based web collaboration (Score:4, Interesting)
GrokCheat, anyone?
UmmmM (Score:2)
Re:UmmmM (Score:1)
What a load of old cobblers! (Score:1)
HYPE etc - someone needs funding for something. sounds very MLM
Re:What a load of old cobblers! (Score:4, Informative)
Re:What a load of old cobblers! (Score:2)
BSD has lackluster hardware support. It simply doesn't have the interest nor the amount of coders on it. Not trying to put it down here but if you have to fight with BSD and hardware when it 'just works' on Linux, guess which one will be the favorite.
Solaris is never going to happen. Overpriced hardware, with no tangible benefits apart from being locked into it.
OSX, also, not going to happen. Th
Mob action not needed, return to normal trolling (Score:3, Insightful)
Put out your torches, save them for another day.
Easy solution (Score:5, Insightful)
How can we be sure that un-ethical companies will not try to steal code that is covered under the GPL
Easy - just keep backups. That way, if somebody steals your code, you still have it.
Oh... wait. Did you mean copyright infringement and not theft? When the RIAA and MPAA start talking about those nasty thieves, people are quick to point out that copyright infringement is not theft.
Double-standards stink. When somebody infringes upon the GPL, it's not theft, so don't exaggerate your grievance or accuse the other party of crimes they didn't commit. It just makes you look like a whiny liar and doesn't help your case.
Re:Easy solution (Score:2)
Militia enforcement (Score:2)
Start a covert GPL enforcement militia group that goes around and, uh, takes care of GPL violators. The world will know that you do NOT steal GPL code, and then everything will be ok.
original e-mail (Score:2)
The question should be rewritten... (Score:2)
He may be right in accusing them, but he may be wrong. Many concluded without proofs he is wrong, that's not better than him concluding this company is violating GPL rules without disclosed proofs.
Run-time downloadable GPL software (Score:2)
And let's suppose they distribute their products/boxes with just an OS that downloads the (GPL-based) code from the telco's data center when the owner boots the box.
In this situation they do not (re)distribute the GPL-based code so they're not obliged to give you the source code. (Of course Asterisk may have a non-GPL license for commercial use but most other GPL apps don't.)
To get around GPL restrictions h/w manufacturers should make the c
Re:Run-time downloadable GPL software (Score:2)
Interesting idea, but futile, fortunately. The "downloads the (GPL-based) code from the telco's data center" would be the distribution upon which the GPL relies. If a vendor provides you with a box and causes some software to be loaded on to the box (other than by telling you
Just using? (Score:2)
Re:Just using? (Score:2)
Apparently they've been asked for the source and point blank denied that they use asterisk.
Re:Just using? (Score:1)
YES IT IS!!
for commercial redistribution the binary has to be accompanied either by the source code or by a written offer to give you the source code for a nominal fee. (see GPL 3 a,b,c)
although the internet has fascilitated distribution of source code, you'd still have to make sure that the source co
Open Source in Telephony (Score:1)
Originally we did use early open source VOIP projects such as OpenH323 [openh323.org]. OpenH323 was great, but it needed to be replaced as we moved to SIP and required reliability beyond what OpenH323 offered.
Asterisk [asterisk.org] is in a similar place - it is a great project that has seen some great early success in voip. I have heard th
Its the price you pay (Score:2)
If you are concerned about it being 'stolen', then dont release it..
It may not be 'right' to take code when its under the GVL, but dont be suprised when it happens..
The simplest solution (Score:3, Interesting)
The simplest way is to use a BSD license and not worry about it. There are plenty of ways to make money off of GPL'ed code without violating GPL that if money is your concern, GPL isn't going to stop people anyway, so might as well just let anyone use it for whatever they want and be done with it.
Basic solution, implementation details lacking (Score:2)
How exactly one does this would the a fruitful research s