×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Bell, SuperMicro Sued Over GPL

timothy posted more than 5 years ago | from the if-it-wasn't-for-your-meddling-hippies dept.

GNU is Not Unix 273

Markus Toth writes "The Software Freedom Law Center (SFLC) has filed two more copyright infringement lawsuits on behalf of the developers of the Linux-based BusyBox utility suite. The suits allege that Bell Microproducts and SuperMicro Computer each violated redistribution stipulations of the GNU General Public License (GPL).The Bell Microproducts suit pertains to the Hammer MyShare NAS (network-attached storage) appliance, which is sold by Bell's Hammer Storage division. I was the one who alerted the busybox developers about the GPL violation after providing a script for disassembling the firmware and instructions about mounting the contained initrd. As you see in my first post at the gpl-violations.org mailing lists where I posted all mails that I sent to and received from Hammer Storage, they refused to provide me the GPL sources several times. Looks like they will have to provide them soon; I will post any updates in the nas-central blog."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

273 comments

When will companies learn (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#23843113)

Your products will be hacked.

If GPL is found, and it probably will be if you do it that blatently, you had better have source handy.

Funny thing about GPL (-1, Troll)

Anonymous Coward | more than 5 years ago | (#23843177)

The people who wrote it are always complaining about there being too many lawsuits, yet they engage in the same activity that they critisize.

Re:Funny thing about GPL (5, Informative)

zapakh (1256518) | more than 5 years ago | (#23843351)

The people who wrote it are always complaining about there being too many lawsuits, yet they engage in the same activity that they critisize.
This just in: The GNU GPL is not Mr. Nice Guy [gnu.org] .

Besides which, the complaints about lawsuits typically have less to do with quantity and more to do with quality. Otherwise the discussion threads would be much shorter.

I did this and I did that (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#23843125)

I can ride my bike with no handle bars [youtube.com] !

How stupid can you get? (5, Insightful)

Marcion (876801) | more than 5 years ago | (#23843131)

I assume someone had to go and evaluate the software for inclusion in the product. Is is that hard to whack a tarball onto a server and give out the link.

We hear so many of these large companies have problems with this. Why?

I'll guess "money". (3, Informative)

khasim (1285) | more than 5 years ago | (#23843219)

It's cheaper to use the "available" code when the executives in charge of the project cannot be bothered to familiarize themselves with the project AND stand to make a bonus the sooner it ships.

Re:I'll guess "money". (1, Insightful)

CastrTroy (595695) | more than 5 years ago | (#23843387)

Yeah, but if you're going to use the cheap route and just use GPL'd code, why not just put a tarball up on your website?

Fear. (5, Insightful)

khasim (1285) | more than 5 years ago | (#23843439)

Fear that your competition will download it and leap-frog all "your" development "efforts" by using "your" code in their device.

I'm serious. If they UNDERSTOOD the process, they would ANNOUNCE that it was GPL'd and that anyone who wanted to could modify it or add features, etc.

Just like LinkSys found with their wireless routers.

Re:Fear. (4, Insightful)

LehiNephi (695428) | more than 5 years ago | (#23843893)

If another company uses your code to make their product better, they're still bound by the GPL. Thus, once you have their source code in hand, you're in a nice position to leapfrog their development.

Re:Fear. (1)

MasterClown (323471) | more than 5 years ago | (#23843941)

"Just like LinkSys found with their wireless routers."

Did Linksys have their hand forced with releasing their GPL routers, or did they pretty cool about Linux, GPL and their routers from the beginning?

I have to believe that their routers are some of the most popular ones out there, primarily because a buyer, if they so choose, and easily upgrade to a different OS (which is what I did with my WRT54GL, which now has dd-wrt - I love it!)

Re:I'll guess "money". (1)

ShieldW0lf (601553) | more than 5 years ago | (#23843485)

Yeah, but if you're going to use the cheap route and just use GPL'd code, why not just put a tarball up on your website?

Maybe because it creates an image where there is little to differentiate of your product from that of the next guy? Makes it kind of hard to justify ridiculous profit margins...

Re:I'll guess "money". (2, Insightful)

robertjw (728654) | more than 5 years ago | (#23844129)

Maybe because it creates an image where there is little to differentiate of your product from that of the next guy? Makes it kind of hard to justify ridiculous profit margins...
Or maybe you will have to compete with your hardware. If these companies are cutting corners on their software development, they are probably cutting corners on their hardware development as well. If company Z has better hardware and can use your GPL software, you are pretty much SCREWED.

Re:How stupid can you get? (3, Insightful)

nebenfun (530284) | more than 5 years ago | (#23843281)

Laziness, ignorance of the law, confusion regarding the GPL, budget issues, etc...

The usual suspects...

Re:How stupid can you get? (0)

Anonymous Coward | more than 5 years ago | (#23843587)

Laziness, ignorance of the law, confusion regarding the GPL, budget issues, etc...

The usual suspects...
You forgot arrogance....

Re:How stupid can you get? (3, Interesting)

ehrichweiss (706417) | more than 5 years ago | (#23843773)

Oh don't even get me started on people's confusion regarding GPL. I just read some blog where a guy completely trashed MySQL because he was under the false impression that you couldn't use it as part of the backend to a website without providing the source code. Later when shown he was wrong he backtracked and said the blog was about how people would have to pay for support or licenses or whatever other straws he could grasp that would enable him to not look as stupid as he already did; too late.

Re:How stupid can you get? (3, Informative)

Anonymous Coward | more than 5 years ago | (#23844311)

In the past, MySQL intentionally tried to confuse the issue about the license implications of their driver software. So I wouldn't blame the entirely on "that guy", they were essentially FUDing their own product for a while.

Re:How stupid can you get? (4, Insightful)

Anonymous Coward | more than 5 years ago | (#23844385)

You are both somewhat right. MySQL has an exception in their licensing policy that allows closed-source PHP applications to use MySQL.

However, their general policy is as follows: the MySQL client library (which you need to link to, to talk to the server) is GPL'ed, so it can only be used in a GPL'ed application. If you want to use it in a non-GPL application, you need to obtain a license from MySQL AB. MySQL supports many more languages/interfaces than just PHP, so this is a real concern.

So although you are right in saying that you can create a closed-source application using MySQL if you are using PHP, the other guy is right in saying that in general you cannot use MySQL in a closed-source application without obtaining a license from MySQL AB.

Re:How stupid can you get? (1)

sm62704 (957197) | more than 5 years ago | (#23844401)

ignorance of the law, confusion regarding the GPL

Are you really trying to tell us that a company that size has no lawyers?

Re:How stupid can you get? (0)

jellomizer (103300) | more than 5 years ago | (#23843583)

The GPL isn't an easy to read document, and many developers think Open Source means do what you want with it. Just posting a TAR ball with the modified source can be against the company who wished to keep their modifications private, thus causing the problem, as the GPL beleaves all source should be free and if you modify an GPL product you changes need to be GPL as well. Thus the conflect, is is really nessary for a company to have a lawer to legally determine if they can use one application or not. Lawers are expensive and if you have on on standby everytime you want to touch a GPL product or of a different license can be way to cost prohibitive for a company to operate, thus making their own 100% "closed source" code.

That is part of the reason why a lot of companies work with BDS Licenesed code, there are less legal reprocussions from using it.

Re:How stupid can you get? (5, Insightful)

Waffle Iron (339739) | more than 5 years ago | (#23843895)

The GPL isn't an easy to read document

From this I presume that you have never tried to read a typical redistribution license for a commercial software library.

Re:How stupid can you get? (1)

jellomizer (103300) | more than 5 years ago | (#23844261)

Well I typically assume I have no rights what-so ever, just use the app for myself for the purpose it was designed. When you assume that you have no rights vs. some rights as a user it is easier for you to cross the line.

Re:How stupid can you get? (1)

Rycross (836649) | more than 5 years ago | (#23844297)

Commercial software licenses being hard to read doesn't make the GPL easy to read necessarily. But I think that its more that software developers tend to not read any license, and get their information third-hand. Most developers I know that use the GPL have never actually read it. Just anecdote though.

Re:How stupid can you get? (0)

Anonymous Coward | more than 5 years ago | (#23844361)

I have, and they generally do not try to make a copyright claim on any software you have written.

The GPL is explicitly designed to rely on fuzzy legal issues for which nobody has a solid answer for, so let's not pretend it's crystal clear.

Re:How stupid can you get? (4, Insightful)

Todd Knarr (15451) | more than 5 years ago | (#23844225)

What's so hard to read about the GPL? It's a whole lot easier to read and comprehend than your average commercial software license. If a company's lawyers are expected to routinely understand complex contracts running close to a hundred pages of dense legalese, why should they have any trouble whatsoever with the GPL?

Re:How stupid can you get? (4, Insightful)

drinkypoo (153816) | more than 5 years ago | (#23844337)

The GPL isn't an easy to read document

Reading is hard, yo! they have like, long words 'n shit!

Seriously, the GPL is about as simple as it gets. It has to be written in legalese so it's going to be a bit obfuscated no matter what, but come on. It's actually in some of the plainest English I've seen in a legal document.

Of course, you do have to understand some technical terms to read it, and people have deliberately fucked around with the meaning of those terms, and tried to get around the GPL in other ways, so now we have a new version. (Or do we? Is that thing out or what? Was the plan for the GPLv3 to dither until no one cared if it was changed all along?)

That is part of the reason why a lot of companies work with BDS Licenesed code, there are less legal reprocussions from using it.

Or, you know, BSD licensed code. Go fingers, cutwhatchyalike. Seriously though, there's no nasty legal repercussions to GPL code if you just make the whole thing GPL. It's when you start closing parts of it that you have problems. Of course a lot of companies don't want to operate that way. But the cost of saving all that time is helping others save time. You can still differentiate on the copyrighted parts of the product (case design, web interface, et cetera.)

Re:How stupid can you get? (2, Interesting)

abigor (540274) | more than 5 years ago | (#23844111)

Because 99% of them get away with it. I've seen gpl'd code used all over the place, mostly not entire apps but big sections of cut and pasted code that is then compiled and linked in to some larger, proprietary app. Happens far, far more often than you'd think.

Re:How stupid can you get? (2, Interesting)

Rene S. Hollan (1943) | more than 5 years ago | (#23844425)

Is is that hard to whack a tarball onto a server and give out the link.

Actually, yes.

The software may not be in a form for easy building and consumption. Think about dependency hell and configuration issues. A lot of shops have a golden "build machine" that does the right thing. This poor practice is less common today, but was du rigeur in a lot of shops where I worked in the 90s -- scrambling to get product out. Often, there is a desire to not publicize the "lack of polish".

Furthermore, there might not be a budget to support an internet-facing server if you don't already have one. Often, the "web presense" is managed by a different department than the engineering group. Again, less of an issue than it used to be, but still a problem. One place I worked (which was not exactly known for it's support of free software, and a large presence in Redmond, WA) would have to "internally lease" a server from the department that did this, and get billed $10k/month for the privilege.

Then, there is the issue of "mail requests". If you don't distribute source with binaries, and are not an academic institution, you must be willing to provide an offer, good for three years, to provide source to anyone who asks! -- not just those you distributed binaries to. A lot of businesses are not set up to do this. [This is for GPLv2. I have not checked if GPLv3 is as onerous.]

It actually is a lot easier to ship source with product if you don't already have the infrastructure to distribute to any and all comers. If you're not an agile shop with a dynamic internet presence, you don't have the infrastructure. Even if you do, the department that makes stuff and the department that related "publicly" often do not communicate efficiently enough.

But, then the bean counters that try to shave every penny on the cost of an item will balk at including a CD that does nothing for functionality -- arguing that a web server is cheaper in the long run. But, you lose the market window in the time it takes you to set one up in a manner consistent with corporate policies, and might not have the budget in the short term.

Finally, you might have customers who do not want to receive source, and balk at the CDs you send them (because getting rid of them is now an expense for them). Can you treat them in the "offer good for three years" manner? No, because you are not set up for the transferrable clause in that offer.

This is a case of "what is easy for the individual is hard for the corporation" because of political and scalability issues.

For those that use this... (5, Insightful)

Creepy Crawler (680178) | more than 5 years ago | (#23843165)

For those that use this as a reason to NOT use the GPL...

What would have happened if they instead used a copy of WinNT4.0 without paying Microsoft? Microsoft would want blood, and would extract it via the BSA.

The creators of Busybox just want you to host the changes you've done to it. They wanted no money.

In other words: What would $proprietary_software_manufacturer do?

Re:For those that use this... (4, Interesting)

fotbr (855184) | more than 5 years ago | (#23843271)

I still see this as a reason not to use GPL, preferring instead to use BSD-style licensed software or public domain software whenever possible.

Because proprietary software producers would be just as bad, or likely worse, does not mean that the GPL is always the best solution, since it is still a restrictive license.

Re:For those that use this... (4, Insightful)

Creepy Crawler (680178) | more than 5 years ago | (#23843385)

It's only restrictive depending if you are a coder vs end user.

If Im an end user, I can install it anywhere, copy it anywhere, give it to my friends without worry, hack it.... The list goes on.

Most of the restrictions only exist to ensure community efforts. After all, you got it for free, so submit your changes you sell for free.

Re:For those that use this... (5, Insightful)

gstoddart (321705) | more than 5 years ago | (#23843453)

Because proprietary software producers would be just as bad, or likely worse, does not mean that the GPL is always the best solution, since it is still a restrictive license.

Well, then if you don't like the license, don't use the software. Using GPL software against the terms of the license because you couldn't find any other free code to use is hardly an excuse.

If you can find BSD or public domain code that allows you to re-use it and not have to write it, go ahead. If you can't, then either write it yourself, or quit whining that it's unfair you can't use the GPL stuff without adhering to the terms because it cramps your business model.

A lot of companies just figure they can have the best of both worlds -- get the OSS stuff because it already does most of what they want, and then treat it as proprietary software they won't tell you anything about.

As the GP said -- this isn't about software released under the GPL or if people should use it. This is about companies trying to get something for free.

Cheers

Re:For those that use this... (0)

Anonymous Coward | more than 5 years ago | (#23844347)

If you just turn FOSS against itself, it's quite easy to obscure your proprietary code even if you distribute the source.

The basic idea is here: http://cm.bell-labs.com/who/ken/trust.html [bell-labs.com]

If one of your in-house customized versions of gcc knows that "\m" is a stand-in for your amazing proprietary extension to something under the GPL, you don't have to give anything away. The proprietary code is embedded into gcc, and you're not distributing gcc. It's safely tucked away in a different project, where you aren't obligated to do anything. The source for your upgraded GPL thingy only contains an extra "\m" or three, which isn't entirely useful for someone without your in-house version of gcc.

I smell a GPLv4 coming to prevent this...

Re:For those that use this... (4, Insightful)

gstoddart (321705) | more than 5 years ago | (#23843743)

I still see this as a reason not to use GPL, preferring instead to use BSD-style licensed software or public domain software whenever possible.

Again, I'd say this isn't a problem with the GPL.

It's a problem with commercial entities trying to use the GPLd software without abiding by the rules.

If you can find some BSD/public domain code which does what you need, fine. If you can't, that doesn't mean you should be able to just take the GPL software -- it means you should write your own.

I don't really see a problem with companies avoiding GPL software because of the license. That doesn't reflect badly on the GPL, it reflects badly on companies who are trying to do an end-run around the license.

Cheers

Re:For those that use this... (1)

Sancho (17056) | more than 5 years ago | (#23844283)

Again, I'd say this isn't a problem with the GPL.
It's a problem which, amongst downloadable software, is somewhat unique to the GPL. Most software which is downloaded or purchased off the shelf has a EULA which, while typically overly-verbose, makes sense. Don't copy the software to more than one computer. Don't give people a copy of the software. Don't disassemble the software. Don't expect us to cover your losses if the software fails.

[And, in Microsoft's case, do not disparage the software.]

Most software licenses don't cover redistribution at all, except inasmuch as they say that it is forbidden. If redistribution is allowed somehow, it's almost always a part of a negotiated license rather than a boilerplate EULA. The GPL, a boilerplate license, does. It's unusual. Its provisions are unusual.

It shouldn't be that difficult to understand, though that doesn't stop all of the misconceptions from spreading. But it's so unusual, and people are so used to not bothering to read the license which accompanies software, that I can see where it would be very easy to overlook the requirements.

Does that make it a problem with the GPL? Well, that depends upon your perspective. A company may want to avoid GPL software because of its unusual nature. Then again, they'll certainly have their legal department go over any licenses they agree to with other software.

It's all pretty messy.

Re:For those that use this... (3, Insightful)

cparker15 (779546) | more than 5 years ago | (#23843883)

In other words, you have double standards. You want to have your cake and eat it, too. You want to leech off of the community (by using its code, making money from it, and not contributing back). The only thing the GPL restricts you from doing is keeping your changes to yourself if people ask you for them.

Don't be greedy.

Ok, go ahead, mod me as a troll. It's the truth.

Re:For those that use this... (0)

Anonymous Coward | more than 5 years ago | (#23844021)

Is there a point to having cake if you can't eat it?

Re:For those that use this... (1)

Myrddin Wyllt (1188671) | more than 5 years ago | (#23844437)

Is there a point to having cake if you can't eat it?

It doesn't matter either way; the cake is a lie.

Re:For those that use this... (0, Flamebait)

kz45 (175825) | more than 5 years ago | (#23843777)

"For those that use this as a reason to NOT use the GPL...

What would have happened if they instead used a copy of WinNT4.0 without paying Microsoft? Microsoft would want blood, and would extract it via the BSA."

You are correct, but the community has been trying to convince businesses to use "free" software for the past couple of years.

"The creators of Busybox just want you to host the changes you've done to it. They wanted no money."

Right, so instead of a company paying some money to license the software, their entire business potentially gets destroyed.

Maybe they shouldn't have used it in the first place, but the OSS community should stop using the world free to represent something that obviously isn't.

Re:For those that use this... (2, Informative)

digitrev (989335) | more than 5 years ago | (#23843925)

English is very complicated, take a look at the many meanings of free [merriam-webster.com] .

Re:For those that use this... (-1, Flamebait)

kz45 (175825) | more than 5 years ago | (#23844089)

thanks for the link.

1) having no trade restrictions
2) not subject to government regulation
3) enjoying political independence or freedom from outside domination
4)enjoying personal freedom : not subject to the control or domination of another

The GPL sure as hell doesn't meet this definition. Need I go on?

Re:For those that use this... (2, Informative)

drinkypoo (153816) | more than 5 years ago | (#23844389)

The GPL sure as hell doesn't meet this definition. Need I go on?

The problem is yours, and it is one of reading comprehension. The GPL promises "Free Software". It does not promise free use, reuse, redistribution or anything else. The GPL is about freedom for software, not for you. This leads to freedom for users, although perhaps not for developers. However, since the software is about the users, this is perhaps the more defensible position anyway.

If you feel otherwise, feel free to try to boycott the GPL, and goodluckwiththat.

Source not posted? (5, Informative)

Anonymous Coward | more than 5 years ago | (#23843223)

Are the files at the bottom of
http://www.hammer-storage.com/support/software_updates.asp
not the right stuff?

Better late than never (5, Insightful)

RingDev (879105) | more than 5 years ago | (#23843345)

From the download page on their site:

myshare Source Files

The myshare source files are made available under various open source code licenses, including the GNU General Public License (GPL). Please review the license terms included with each download for the rights, obligations and restrictions associated with the open source file.
Installation instructions
title / description download posted release notes

Myshare Home v.1 GPL Source Code
        47.6 MB 06/11/08

Myshare Home v.2 GPL Source Code
        158.1 06/11/08

Myshare Office v.2 GPL Source Code
        220.8 MB 06/11/08
Looks like they just got them up last week (apparently 5 months after the GPL-Violations post).

-Rick

Re:Better late than never (5, Informative)

Wizzar (305179) | more than 5 years ago | (#23843423)

I'd just like to add that the 11th was two days after the lawsuit was filed.

From the article:

The lawsuits announced today were both filed June 9 in the United States District Court for the Southern District of New York.

Re:Better late than never (4, Insightful)

RingDev (879105) | more than 5 years ago | (#23843615)

Which goes to show: a lawsuit is far more powerful than the saber rattling of an anonymous e-mailer with bad grammar.

Just think, with proper grammar and some respect, Markus might have been able to motivate Mr. Vang to be a bit more interested in meeting the requirements of using GPL code. This whole thing might have been resolved with out lining the pockets of more lawyers.

-Rick

Re:Better late than never (0)

Anonymous Coward | more than 5 years ago | (#23843905)

a lawsuit is far more powerful than the saber rattling of an anonymous e-mailer with bad grammar.
Looking at the email linked in the summary, it seems the guy is from Austria. How's your german grammmar?

You know the internet is not limited to the US or English as the mother tongue countries...

Re:Better late than never (1)

RingDev (879105) | more than 5 years ago | (#23844353)

Looking at the email linked in the summary, it seems the guy is from Austria. How's your german grammmar?

You know the internet is not limited to the US or English as the mother tongue countries...
A bit rusty, I haven't been to Germany or Austria in far too long. Man do I miss the beer, and the ale, and the beer gardens, and the weekend drinking festivals, and the drinking games... Hrm, maybe I shouldn't go back, my liver isn't quite what it used to be.

My initial thought was that Markus was writing ESL, which could very well be. But his grammar is inconsistent. Some times he uses the correct capitalization and grammar, sometimes not. The inconsistencies lead me to believe that he wrote the emails in haste, until the public posts which appear to be more well edited. Had his initial request been written at the same level as his later posts, I would have been more inclined to listen to what he was saying.

-Rick

Re:Better late than never (0)

Anonymous Coward | more than 5 years ago | (#23843451)

Not only that, but two days after the lawsuits were filed and one day after the press release.

Re:Better late than never (0)

Anonymous Coward | more than 5 years ago | (#23843553)

More to the point, two days after the lawsuit was filed. Coincidence?

Re:Better late than never (4, Interesting)

rahvin112 (446269) | more than 5 years ago | (#23844201)

It's too bad they already lost their rights under the GPL. Once the suit is filed the SFLC won't accept just publishing the source. To get distribution rights back is going to cost them some cash to cover SFLC's costs in addition to some punitive costs to make sure they remember never to do it again.

Re:Source not posted? (1)

Todd Knarr (15451) | more than 5 years ago | (#23843755)

From the looks of it, that source code was put up the day after the lawsuit was filed.

Once again, evidence that the only language some companies understand is "lawsuit". That language does seem to be highly effective at getting their attention, though.

Understandable response... (0, Flamebait)

RingDev (879105) | more than 5 years ago | (#23843275)

If someone sent me a demand for code in poor grammar with some cheesy pseudonym, I would probably blow them off as well.

Now maybe if Markus has written a halfway compelling email, he would have received a more informative response. But when you send a jumble of words that fails to reach the 6th grade reading level to someone who has other priorities, it shouldn't come as a surprise that you get blown off.

Of course, if I were distributing a project based in part on GPL code, I would make darn sure to have the GPL'd code available for people to download with out hassling me or the engineers.

-Rick

Re:Understandable response... (4, Insightful)

m.ducharme (1082683) | more than 5 years ago | (#23843347)

I didn't realize that the GPL allowed you to deny source code to someone on the basis of poor grammar or the use of a pseudonym. Oh wait...

Re:Understandable response... (1)

RingDev (879105) | more than 5 years ago | (#23843559)

GPL doesn't force me to do anything. What it does do is give the creator of the code that I am using specific powers. Powers that I have agreed to by using their code knowing the license requirements. I can choose not to honor those agreements, and if I do so, the owner can sue.

Some kid threatening to report me because I won't do what he wants isn't a concern. A copyright holder with a lawyer on retainer however IS a concern. Think of how many pissed off customers threaten to sue over any number of issues. Some of those issues are likely even legally sound basis for lawsuits. But compare that complaint volume to the actual number of lawsuits. If organizations responded to every single disorganized threat of action, they would spend more time on legal protection than on development. It's a matter of risk assessment, and reading the initial emails from 'mindbender' I see nothing that would compel me to even respond.

Like I said, me personally, I would have put the GPL code up from the start (I even just had this conversation with my VP of R&D on a number of OS libraries we will likely be using in an upcoming project). I am not saying that it is right to withhold GPL'd code, but it is realistic that Markus was blown off and that the company did nothing until there was actually a threat (the GPL code was posted 2 days after the lawsuits were filed).

-Rick

Re:Understandable response... (1)

andymadigan (792996) | more than 5 years ago | (#23843623)

Actually, it gives any user of the software the right to demand the source code, unless the creator of the code gives them a separate license, which he/she/they didn't.

Re:Understandable response... (1)

silas_moeckel (234313) | more than 5 years ago | (#23844075)

Yup and if they feel like filing a law suit they could show standing. The point is you send an email to a support dept that looks like lunatic raving it gets silently deleted no reason to encourage the wacko no reason t bother the tier 3 guys with it. A reasonably written letter via the mail could have elicited the desired response those normally get read by somebody that does not have a performance review tied to how many ticketed processed per day vs how many rework requests.

Re:Understandable response... (1)

SydShamino (547793) | more than 5 years ago | (#23843675)

Some kid threatening to report me because I won't do what he wants isn't a concern.
In this case, though, you would have ended up with a lawsuit and a potentially costly settlement because that "kid" was able to drum up a lawsuit against you.

Douche + Idiot = Lawyers. (1)

RingDev (879105) | more than 5 years ago | (#23843943)

Very true. But out of the hundreds of anonymous threats of action that an organization may field in a month, how are we to identify those that are real threats from those that are just simple saber rattling?

The fastest way to determine threats is to look at the amount of energy someone put into developing their threat. If someone writes a very clear email, with a strong, yet respectful tone, and cites specific license violations, and put some obvious effort into doing so, they are with all likelihood better educated, more motivated, and present a much higher threat to the organization. If someone throws a random pile of characters, words and a link to a license into an email that would make almost any spell checker pop up a message box that says, "Warning, if you send this you will look like an idiot!" it means to me that they aren't willing to spend enough time on the issue to run a spell checker, so they likely aren't willing to spend enough time on the issue to do much else.

If we took threats like Markus' seriously, lawyers would start sending out letters in crayon that read "u bad give $$$" so that they could get back to the golf courses sooner.

To skip to my real problem here... I loathe lawyers. Had Markus not been an idiot and Mr. Vang not been a douche, the lawyers could have been left out of it.

-Rick

Re:Understandable response... (1)

m.ducharme (1082683) | more than 5 years ago | (#23843727)

So basically what you're saying is that it's reasonable (though not necessarily right) for a corporation or its representative to break a license, as long as they don't get called out on it.

Sorry, that's just not okay, and may not even make much financial sense, because when the company is eventually sued by the owner of the license, each kid the company snubbed represents one count of license violation.

You can bet if I represented the owner of the license, I'd be finding as many people as I could, to push that damage award up.

Re:Understandable response... (3, Informative)

RingDev (879105) | more than 5 years ago | (#23844167)

I don't know if I would say it's reasonable, only that it is realistic. And I wouldn't say it's okay so long as they don't get called out on it. I would say that it is okay to prioritize risk management though.

A single kid making noise? The settlement cost would be less that the bandwidth bill for 6 months, and that is based on a really low likelihood of the kid getting out of his basement and pressing the issue.

A copyright holder with out an attorney? Not the biggest threat on the plate, but definitely something that is on the radar. Might be worth it to have a contingency plan in place so that if this treat grows the organization can deal with it quickly and effectively. No sense in blowing resources unnecessarily though.

A certified letter from an attorney demanding we correct our licensing deficiencies? Time to spin up that contingency plan!

A summons? Those files better be on the website before I have to explain to the CEO why we are being sued!

Again, just to make sure no one is going to confuse me for a GPL abusing bastard, in that case I would have ensured the GPL code was available on the website and have avoided the situation all together. I'm not saying this stuff is right, only that it is realistic, and that you will get a LOT further in the business world by writing respectfully than writing in SMS shorthand.

-Rick

Re:Understandable response... (3, Insightful)

Kjella (173770) | more than 5 years ago | (#23843663)

I didn't realize that the GPL allowed you to deny source code to someone on the basis of poor grammar or the use of a pseudonym. Oh wait...
Well, there are two possibilities:
1. They know they're violating the GPL and just want him to get lost
2. They don't know what the GPL is, that they're using GPL'd products, that they don't read the GPL right, they don't understand who he is, why it's any of his business, why he thinks he's got any right to their products source code and so on.

In the latter case, good communication skills that presents your case in a serious, professional and understandable manner that makes them realize their error or at least begins a closer investigation of the issue may be an advantage. Besides, it looks to me like his legal skills are severely lacking:

As you see in my first post at the gpl-violations.org mailing lists where I posted all mails that I sent to and received from Hammer Storage, they refused to provide me the GPL sources several times. Looks like they will have to provide them soon
No, they do not. They can withdraw the product, pay any fines but they will never have to provide any source unless they want to. Personally I wish they'd take a more RIAA-ish approach, have each author sue for 150,000$ each. That should stop GPL violations really really quick.

Re:Understandable response... (1)

m.ducharme (1082683) | more than 5 years ago | (#23843921)

Well, there are two possibilities:
1. They know they're violating the GPL and just want him to get lost
In a civil law suit this would probably open them up to aggravated or punitive damages.

2. They don't know what the GPL is, that they're using GPL'd products, that they don't read the GPL right, they don't understand who he is, why it's any of his business, why he thinks he's got any right to their products source code and so on.
Ignorance is no excuse; the GPL isn't so hard to read that a reasonable person couldn't either 1) figure it out or 2) know that they'd better get some legal advice. The hacker in the basement who borrows some code for his pet project might maybe get away with this, but any outfit bigger than a mom-n-pop outfit should know better.

No, they do not. They can withdraw the product, pay any fines but they will never have to provide any source unless they want to. Personally I wish they'd take a more RIAA-ish approach, have each author sue for 150,000$ each. That should stop GPL violations really really quick.
Agreed on all points.

Re:Understandable response... (1)

drinkypoo (153816) | more than 5 years ago | (#23844435)

No, they do not. They can withdraw the product, pay any fines but they will never have to provide any source unless they want to.

Actually, neither of you is necessarily correct - but a court could compel them to deliver the source code to all those who received the binaries, probably only by a certain date (you can't be expected to retrieve everything from the sales channel, and the GPL says that your sole remedy is to halt distribution... which implies that it is a remedy) and only when verified, but still under the usual terms of the GPL (they can distribute only physically and charge a fee, but they are restricted to duplication and shipping costs and the data must be made available in some reasonable form.)

Re:Understandable response... (1)

kaiser423 (828989) | more than 5 years ago | (#23843729)

No, but it does make it much harder to get the issue through all the filters and up to management to get the issue resolved......

Re:Understandable response... (1)

m.ducharme (1082683) | more than 5 years ago | (#23843785)

The issue should have been resolved before it became an issue: the company should have had a policy in place to distribute the appropriate source code on demand.

Re:Understandable response... (1)

phliar (87116) | more than 5 years ago | (#23844011)

First, tell me what you think is such "poor grammar" in the message the chap sent that you would instantly toss it out:

Hello!

I know from the following two articles that the Hammer Myshare is
running linux on a arm926ej-s CPU.
http://www.linuxdevices.com/articles/AT7270490723.html
http://www.smallnetbuilder.com/content/view/30056/75/

I searched on your page but i was not able to find the GPL-sources
that you need to provide for the box.

Please make them available somehow....or tell me how to get it.

Greetings!

mindbender

Seems completely on par with the other business email I've received. Keep in mind that most people in the world are not native english speakers.

Second, what does his name have to do with anything?

As a person you are free to dismiss whoever you want for any reason you wish, but if you're a company you can't afford to.

confused (3, Interesting)

QX-Mat (460729) | more than 5 years ago | (#23843303)

Is this really such a big thing? Surely they only have to mirror the sources from their original location unless they've made modifications?

Shouldn't time an effort be spent on finding the guys who modify the sources, and make a profit, rather than those who merely fail to mirror and honour the distribution agreement because they're lazy?

This reminds me of the Debian upstream/downstream problem that rears it's head up now and again: if the sources are freely available, does every man and his dog have to distribute the unmodified version if they merely make use of it downstream?!

Matt

Re:confused (1)

Todd Knarr (15451) | more than 5 years ago | (#23843637)

Nope, you can't just point to someone else's sources. When you distribute GPL'd software, you are responsible for being able to provide the sources upon request. And not just the sources, but the sources for the version you distributed. If you just point to someone else's copies, they could stop hosting them or host newer versions. You are now in violation of the GPL, since the sources required by it are no longer available from you.

The only way to deal with this would be for you to enter into a contract with the party hosting the sources to make sure the correct versions are available as long as your obligation continues.

Re:confused (0)

Anonymous Coward | more than 5 years ago | (#23843977)

What about just providing the diffs and the actual source that you created/changed? Otherwise, to use GPL software you have to create and maintain the IT infrastructure to support downloading it/etc. Do other GPL software projects that modify source provide all the source relevant to download? Are they likewise being sued?

What if someone takes your stuff and puts it on something not distributed by you? Are they responsible for now hosting and serving up the whole shebang?

What a freaking versioning nightmare.

Re:confused (1)

Todd Knarr (15451) | more than 5 years ago | (#23844357)

Other GPL software projects do in fact provide all the source code, or they're distributing very clearly under 3c. Diffs are not acceptable under the GPL. You aren't providing just diffs of the binaries either, after all. And of course a company always has the option of using 3a, eg. including the source code on a CD with the product, at which point their obligation ends completely when they give the binaries and accompanying source to the user and they don't have to host anything ever.

If someone else takes the stuff and puts it up, they are doing the distributing. Per the GPL, providing source code is their responsibility.

No nightmare at all, not unless you insist on creating one for yourself by adding things the GPL doesn't.

Re:confused (1)

clampolo (1159617) | more than 5 years ago | (#23843751)

Shouldn't time an effort be spent on finding the guys who modify the sources, and make a profit, rather than those who merely fail to mirror and honour the distribution agreement because they're lazy?

This is a good point and I'll take it one further. Despite all the talk about Linux desktops, Linux and open source have succeeded best in the embedded market. Why nitpick over stuff like this when it can only hurt adoption of open source in the future?

When you consider all the potential lawsuits, lawyers' fees, etc, the couple extra bucks per device for a commercial OS starts to sound reasonable.

what product does supermicro use BB in ? (2, Interesting)

bugs2squash (1132591) | more than 5 years ago | (#23843321)

I've never seen busybox on any of it and I generally buy a dozen or so servers per year (mostly from serversdirect.com).

If they're taking the piss I'll look out for an alternative for future purchases.

Re:what product does supermicro use BB in ? (4, Informative)

$RANDOMLUSER (804576) | more than 5 years ago | (#23843523)

According to the complaint [slashdot.org] , SuperMicro's "AOC-SIM1U+ IPMI 2.0 System Management Card" contins BusyBox; and while SuperMicro supplied the source, they did not supply

the "scripts used to control compilation and installation of the executable" and therefore did not constitute "complete and corresponding source code" within the meaning of the license.
Sounds a little thin to me.

Re:what product does supermicro use BB in ? (1)

bugs2squash (1132591) | more than 5 years ago | (#23844253)

Me too...

It must be hard to draw the line, but it seems over zealous to me - after all, the scripts may only be a convenience measure to automate a perfectly do-able manual installation.

I don't see why Supermicro should be expected to teach everybody how to install, compile and use BB.

I'd hate SFLC to over-reach and create a bad precedent over something like this, there must be more egregious cases to pursue.

I guess that's one other reason why IANAL.

Why NOT hand out the source? Its an app. (4, Insightful)

quarrel (194077) | more than 5 years ago | (#23843327)

Can anyone shed any light on why companies repeatedly do this with Busybox?

I can sort of understand their motivation (if not their ethics/commercial sense!) if they've got a highly modified Lunix kernel where they've made extensive changes to the networking stack to enable their "unique" feature or similar, but why with Busybox? Surely the path of least resistance is just to make the tar ball available (or realise, you've stuffed up, and start making the offer and send any that ask the tarball to play catch-up). Are any of these guys really making proprietary improvements with amazing IP involved to Busybox? It seems an unlikely place to do it..

Maybe they've ported it to the latest tiniest CPU, but they still get a time to market advantage their (particularly versus producing Busybox like functionality from scratch!), but even that seems unlikely to be worth fighting hard when you'll quickly realise you'll lose.

Why go to the hassle?

I suspect that this probably boils down to default policies and a lack of understanding of the GPL more than anything, sadly. By default most companies would have a "We don't make available ANY of our IP unnecessarily" and that hasn't yet gelled with the GPL. No one wants to stand up and make the call that compiling Busybox didn't involved much of the companies IP, and releasing the source is an obligation.. The people involved with the IP aren't the same people that make the 'legal' calls and so companies come across with these silly positions..

--Q

Re:Why NOT hand out the source? Its an app. (1)

cfulmer (3166) | more than 5 years ago | (#23843455)

Busybox is a fairly common thing to include in embedded linux applications. It has the advantage that its copyright is owned by a very small group of people, who have shown some willingness to go after infringers.

This is a central problem with open source software -- only the copyright owner has standing to sue for a breach of the license. But, the copyright ownership of a lot of open source software is widely distributed among the contributors. You don't need each contributor to go along with the suit, but it helps.

Some licenses solve this problem by specifying, in the license, that modifications are owned by the original author.

Re:Why NOT hand out the source? Its an app. (1)

klingens (147173) | more than 5 years ago | (#23844015)

Usually companies do this the full Linux based software which comprises their firmware, it's just that almost only busybox and netfilter developers actually enforce the and sue if needed.

The "IP people" and the "legal people" have to interact for any 3rd party library a company uses, be it proprietary or open source, so this is no excuse.

Maybe I'm wrong... (0)

Soko (17987) | more than 5 years ago | (#23843371)

As I understand the GPL V2, unless Mr. Toth has actually purchased the products in question the vendor is under no obligation to distribute the source to him.

Refusing to send source to a valid owner is definitely a violation, of course, but if you sell a device that contains GPL code I don't think you are required to give the source to the public at large, just people who bought your product and then request said source.

Yes, I'm being pedantic, but lawyers are worse.

Soko

Re:Maybe I'm wrong... (0)

Anonymous Coward | more than 5 years ago | (#23843419)

You are. If you have the object code, you're entitled to the source that it builds from.

Re:Maybe I'm wrong... (1)

Achromatic1978 (916097) | more than 5 years ago | (#23843831)

That's silly. How did you get the object code? They are obliged to make the source code available to users of their product. Not "I happen to have the object code here".

Re:Maybe I'm wrong... (5, Informative)

Todd Knarr (15451) | more than 5 years ago | (#23843473)

No, you're not being pedantic, you're being wrong. To quote from the GPL v2, section 3b (which covers distribution of source for binaries which were distributed without accompanying source), the vendor must:

Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange;

Notice that the offer does not say the vendor must give only people who bought their product the source code. It says they must give any third party the code. Now, under section 3a the vendor only has to give the code to people who receive the product, but 3a pertains to the vendor distributing the source code with the product itself. If they don't include the source code with the binaries, 3a doesn't apply. And since it's not a non-commercial distribution, 3c doesn't apply either.

Re:Maybe I'm wrong... (1)

Soko (17987) | more than 5 years ago | (#23843541)

Thanks for the clarification. 3a and 3b did seem at odds - hard to parse legalese I guess.

Soko

Re:Maybe I'm wrong... (1)

Todd Knarr (15451) | more than 5 years ago | (#23843935)

It's not that hard, as 3a, 3b and 3c are alternatives ("or" relationship). And the requirement to give anybody the code flows from the very obvious implications of 3c and the fact that the GPL prohibits you from barring further redistribution. Suppose vendor V sells a product containing GPL'd code to person A. Person A redistributes the GPL'd code to person C under section 3c, passing on the written offer from V as the GPL allows them to. Person C then takes advantage of the offer and asks V for the source code. If V could refuse just because C didn't get the code directly from them, there'd be an obvious loophole that'd allow companies to distribute GPL'd code without providing source. So 3b explicitly blocks that loophole, and 3a never had the loophole.

Re:Maybe I'm wrong... (1)

lucas_picador (862520) | more than 5 years ago | (#23843545)

Refusing to send source to a valid owner is definitely a violation, of course, but if you sell a device that contains GPL code I don't think you are required to give the source to the public at large, just people who bought your product and then request said source.

You really ought to read the license. It's not that long.

If you do not distribute the source alongside the object code, you must include an offer to ship the source separately, and that offer must be redeemable by anyone, not just the person who got the object code from you. (See GPLv2, Section 3. BB is distributed under GPLv2.)

Yes, I'm being pedantic, but lawyers are worse.

Yes, we are. Of course, the odiousness of pedantry can be mitigated somewhat by being correct.

THEY DID IT!!!! (0, Flamebait)

spotlight2k3 (652521) | more than 5 years ago | (#23843383)

Growing up tattling was always frowned upon, however in cases like this .. it should be brought forward. But also if it news worthy .... you would expect you wouldn't have to try and toot your own horn, someone else would have posted the story for you.

Lawsuits help open source.... (0, Troll)

rwrife (712064) | more than 5 years ago | (#23843561)

...not really. Commercial companies that use and contribute to open source projects are just opening themselves up to litigation due to GPL and copyright violations. Hopefully they'll learn that using closed, proprietary designs is the safest way to go.

Lots that love the GPL don't really understand it (0)

Anonymous Coward | more than 5 years ago | (#23843771)

Interesting reading. Its made more so by some of the comments put up about a review of a book about a GPL script.
http://books.slashdot.org/books/08/06/11/1345255.shtml

"I'm supposed to BUY this?"
"there's a whole parasitical industry built up around it..... It's amazing the number of people that do, indeed, expect you to pay for Joomla stuff."
"Buy it scan it torrent it done"

Its seems like there is great confusion amoung GPL die hards as to what part to pay for... the freedom or the beer....

The supermicro suit is a joke. (1, Interesting)

Anonymous Coward | more than 5 years ago | (#23843863)

Come on, supermicro produced the source, but the SFLC is suing because they didn't include the scripts used to compile the source.

Pretty lame lawsuit.

When will closed-source companies learn? (-1, Troll)

s_p_oneil (795792) | more than 5 years ago | (#23843965)

Always use BSD.

Re:When will closed-source companies learn? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#23844291)

No shit. This is why I try not to use GPL in my day to day life as a programmer. One idiot manager forgetting to put code up. One asshole GPL guy. Suddenly you have a lawsuit.
Seriously guys this crap is as bad as a record company suing someone for have MP3s they don't approve of. It's as bad as Microsoft suing a 16 year old who runs a cracked copy of Windows.

The GPL, DMCA, and EULA's are all the spawn of evil idiots. Except I don't expect anyone on Slashdot to equate them properly.

Evil Anonymous Coward.

Business Plan (1)

RAMMS+EIN (578166) | more than 5 years ago | (#23844417)

I think I have just come up with a new business plan:

1. Create Linux-based device.
2. Sell without providing source (PROFIT).
3. Wait until GPL violation is discovered.
4. Wait until outcry over GPL violation ensues (PUBLICITY).
5. Provide source code.
6. Linux-based device, with source code ... a hacker's dream!
7. ???
8. PROFIT!!!

They should fight the GPL all the way.. (0, Troll)

tjstork (137384) | more than 5 years ago | (#23844427)

I mean, if you got a lot of money, and you are infringing on the terms of the GPL license, why not just go for broke and get the whole dang thing tossed out of court? Right now, a lot of GPL cases are being settled behind the scenes but no one has ever really made a fantastic push to just gut the license.

Right off the wheel, if they were infringing, they could argue that:

a) Putting something into GPL is the same as putting it into the public domain because there is no control over distribution and no economic damages associated with infringement. Does Bells use of GPL code actually cause economic harm to the developers, and the answer is arguably no.

b) Third parties cannot file or sue on behalf of GPL'd items because they do not suffer economic loss. Basically, this would mean that in order to bring a GPL case, the authors of the GPL code would actually have to file the complaint.

Point a would basically render the GPL useless, and point b would at least make it impractical to enforce.

Seriously. why not just get the law settled?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...