Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Stuxnet/Flame/Duqu Uses GPL Code

Unknown Lamer posted more than 2 years ago | from the state-sponsored-piracy dept.

Open Source 221

David Gerard writes "It seems the authors of Stuxnet/Duqu/Flame used the LZO library, which is straight-up GPL. And so, someone has asked the U.S. government to release the code under the GPL. (Other code uses various permissive licenses. As works of the U.S. federal government, the rest is of course public domain.) Perhaps the author could enlist the SFLC to send a copyright notice to the U.S. government..."

cancel ×

221 comments

Sorry! There are no comments related to the filter you selected.

Implications (5, Insightful)

tmosley (996283) | more than 2 years ago | (#40232241)

That would imply that the government is ruled by law rather than the arbitrary decisions of a few "top men".

It doesn't take long for such attitudes to spread throughout society.

But hey, Obama said he would have, like, the totally most open presidency ever. Surely the new boss will prove himself different from the old boss in SOME way. Surely!

Re:Implications (2)

operagost (62405) | more than 2 years ago | (#40232279)

I'm sure the decisions made by the Bush administration over three years ago are still holding him back.

Re:Implications (0)

Anonymous Coward | more than 2 years ago | (#40233135)

excuses are for failures

Re:Implications (0, Flamebait)

malakai (136531) | more than 2 years ago | (#40233369)

Am I the only one that is less concerned with copyrighted GPL code being in this rather humane and elegant attack against a country trying to develop nuclear weapons, and more upset with how and why the information about the program was leaked?

I can't help but feel at some point this is going to be a big deal. Hearings, testimony, etc. One or more people are going to lose their jobs, future security clearance, and possibly face jail time. There's just no way this recent and this active a program should have been briefed to the New York Times.

GPL Code in it? Who cares.

Re:Implications (3, Insightful)

TrentTheThief (118302) | more than 2 years ago | (#40232375)

That would imply that the government is ruled by law rather than the arbitrary decisions of a few "top men".

But since we know that to be true, I guess we can all sing like the Who: Won't Get Fooled Again (http://www.sing365.com/music/lyric.nsf/Won%27t-Get-Fooled-Again-lyrics-The-Who/761EF79AAB42FA9C48256977002E72F9)

I'm just wondering when the revolution begins. I don't think that the younger generation realize how dire the situation really is since most of them have less than a zero's interest in history. If they'd even take the time read music lyrics that were being sung 50 years ago, they'd easily see that things are even worse now than they were before.

When does the shooting start?

Re:Implications (4, Insightful)

tnk1 (899206) | more than 2 years ago | (#40232591)

Clearly we should take our cue to start a bloody revolution from music lyrics written by people 50 years ago.

Speaking as someone who does actually read history, I know what happens to people while they are in the midst of their glorious revolutions. That is to say, privation, disorder and mass slaughter. That wonderful period is then most of the time followed by dictatorship or other forms of tyranny. The good times come decades later when someone has managed to restore order.

You'll excuse me if I hope that no one gets around to it for another 50 years or so.

Re:Implications (4, Insightful)

networkBoy (774728) | more than 2 years ago | (#40232757)

And yet somewhere in the middle lies the answer.
It is of use to note that we celebrate a war every year. On the 4th of July we light off fireworks to celebrate going to war with the British and winning (technically we celebrate our declaration to be independent, but we all know damn well that had we lost or had there been no contest, there likely wouldn't be fireworks every year).

Our country does need a revolution. It needs a real tea party, a mass of people who simply refuse to follow governments orders.

The challenge, of course is critical mass. I would wager that in 1776 well over 50% of the population of the nascent United States of America was willing to outright defy the ruling government, while somewhere north of 90% of the remainder at least supported said dissidents. With the combination of the Democrats buying votes from the poor/uneducated/minority/grafters/etc with entitlement programs and the Republicans selling government support to corporations, I believe a civil revolution is impossible.

thk1 is right, an armed revolution is bad, but I'm not sure no revolution is better...

Re:Implications (4, Insightful)

number11 (129686) | more than 2 years ago | (#40232937)

It is of use to note that we celebrate a war every year. On the 4th of July we light off fireworks to celebrate going to war with the British and winning (technically we celebrate our declaration to be independent, but we all know damn well that had we lost or had there been no contest, there likely wouldn't be fireworks every year).

Oh, I dunno. It probably wouldn't be on 4 July. But the Brits have fireworks on Guy Fawkes day (remember, remember, the fifth of November) to celebrate the capture and execution of terrorist plotters in 1605. There would probably be another annual celebration to commemorate the capture and execution of the colonial terrorists (or is that "militants"? it's so hard to remember the correct terminology) of 1776. So there would be fireworks twice a year.

Re:Implications (1)

FudRucker (866063) | more than 2 years ago | (#40233327)

independence from what? a totalitarian monarchy to a totalitarian congress? and the direction the US Gov is going the US Citizens are no more free than they were under British rule and thanks to their "War or Terror" things are sliding down a slippery slope towards something far worse

Re:Implications (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40233365)

The government, while it makes the laws, is subject to the rule of law. The government can be replaced and the laws changed. But by agreeing on a set of laws that apply to everyone is how we keep our noses out of the aforementioned violent chaos.

Revolution is not the answer. Civic engagement is. If we take notice, if we talk about and we insist on accountability and seek to elect politicians that act in our interest. A mature and educated electorate is the required cultural change and I'm optimistic we're heading in that direction. The current shenanigans are not irreperable and are serving a purpose in getting people to take notice.

Re:Implications (5, Informative)

BKX (5066) | more than 2 years ago | (#40233561)

I would wager that in 1776 well over 50% of the population of the nascent United States of America was willing to outright defy the ruling government, while somewhere north of 90% of the remainder at least supported said dissidents.

And you'd be wrong. It's widely accepted that only 1/5 of population were rebels. Another 1/5 were loyalists. The remaining 3/5 were neutral (with a number joining one army or the other for purely economic reasons without actually believing in one side or another). We only won because England was at war with everyone else at the same time.

Re:Implications (3, Informative)

TheCarp (96830) | more than 2 years ago | (#40233047)

And what happens when people don't have that revolution?

Mass slaughters still happen, just elsewhere. Instead of having it here, we have a judicial system run amok that has filled the prisons far past any sane levels with non-violent "offender" after non-violent "offender", where often offences are often nothing more than smoking the wrong plant.

I say we have the revolution now while the people who brought us all this are old and can suffer for lack of their public benefits that they intended to rely on.

Re:Implications (0)

Anonymous Coward | more than 2 years ago | (#40232723)

Did you really walk through a wall once?

Re:Implications (1)

TrentTheThief (118302) | more than 2 years ago | (#40233397)

Twice, actually. But I ran away and no one knew.

Re:Implications (0)

Anonymous Coward | more than 2 years ago | (#40233281)

I don't think that the younger generation realize how dire the situation really is since most of them have less than a zero's interest in history. If they'd even take the time read music lyrics that were being sung 50 years ago, they'd easily see that things are even worse now than they were before.

all you gotta do is mix those lyrics some kind of way with songs from Lil' Wayne, Drake, etc

Re:Implications (2)

couchslug (175151) | more than 2 years ago | (#40233241)

You are being rather harsh on Obush, but fear not!

Robama or Omney will win in November and things....won't be different.

Not gonna happen (3, Insightful)

h4rr4r (612664) | more than 2 years ago | (#40232245)

If you are already breaking laws left and right why would you bother to acknowledge copyright?

The people who released this have no respect for the law, and see themselves as above it they will not comply.

Re:Not gonna happen (4, Insightful)

DickBreath (207180) | more than 2 years ago | (#40232401)

Why would you bother to acknowledge copyright? Because the people who have bought and own the US government want copyright and patents to touch every part of our lives. Buy a cell phone? You should be paying an ever increasing slice to every patent troll that crawls out of the woodwork. Buy blank media, or a blank SD card? You should be paying copyright owners a "tax" on that blank media you dirty filthy pirate! Why else, other than piracy, could you possibly be buying blank media?

/ end rant

Re:Not gonna happen (2)

DarkOx (621550) | more than 2 years ago | (#40232689)

Right they want copyright to touch every part of 'our lives' and when 'you' by blank media 'you' should pay a tax. When 'they' want to manufacture something and use GPL code 'they' think they ought be allowed to do so. When 'they' appropriate a photo or tune to use in 'their' works and sell it its just fine, but if 'you' even make a copy of 'their' stuff for you own viewing; 'you' should pay. The law if for 'you' not for 'them'.

Re:Not gonna happen (1)

networkBoy (774728) | more than 2 years ago | (#40232799)

O_o
Seems a non sequitor in this context along the lines of the $699 SCO license fee trolls.

I see the tie in, but ...

Re:Not gonna happen (5, Insightful)

ZeroSumHappiness (1710320) | more than 2 years ago | (#40232409)

Obviously copyright is the most important issue of our time. Look at how much went into ACTA/SOPA/PIPA/CISPA and how little is going into fixing our education, healthcare, research and poverty issues.

Re:Not gonna happen (0)

Anonymous Coward | more than 2 years ago | (#40233297)

Please stop making stupid statements. Read this for enlightenment. [usatoday.com]

Re:Not gonna happen (2)

Zocalo (252965) | more than 2 years ago | (#40232621)

Why not? It's a library, as in (most probably) a stand-alone binary file, is it not? Provided "lzo.dll" or whatever it was called was shipped as part of the package and only linked against, then there is no need to distribute the rest of the source code in order to achieve GPL compliance. Or am I misunderstanding the GPL FAQ [gnu.org] ?

Re:Not gonna happen (2)

PurpleAlien (797797) | more than 2 years ago | (#40232821)

If the library were under the LGPL, your statement would be correct. It is however licensed under the GPL, which means that even linking with the library would mean that the rest of the code is considered a derivative and would fall under the GPL.

Re:Not gonna happen (1)

drakaan (688386) | more than 2 years ago | (#40233001)

Maybe, maybe not...it depends on how the library is used. See Prelinking [gnu.org] and Aggregation [gnu.org] .

Re:Not gonna happen (2)

Dr_Barnowl (709838) | more than 2 years ago | (#40233131)

The key word here is "library" ; aggregation typically only covers programs running in separate processes. Communication via sockets and pipes is permissible.

If the summary had said "The lzo utility", fair enough. But if it's linking the library, that's linking. Pre-linking is just linking.

Re:Not gonna happen (1)

kbonin (58917) | more than 2 years ago | (#40233253)

Those are rather unusual cases - under normal use (direct linking or use as a shared library), a GPL library imposes GPL on the entire application that uses it. Yes, it may be possible to use a GPL library without imposing GPL terms on the application, but it takes a good deal of effort to try and do so, like running the library in a separate process space and highly constraining communications with it...

See FAQ entry: http://www.gnu.org/licenses/gpl-faq.html#NFUseGPLPlugins [gnu.org]

Re:Not gonna happen (4, Informative)

kbonin (58917) | more than 2 years ago | (#40232839)

The FAQ section you linked to is specific to the LGPL. The LZO library is licensed under the GPL, which means any application that uses it, and is distributed publicly, must be released with full source licensed under the GPL. This is an important distinction between the LGPL and GPL...

Re:Not gonna happen (1)

drakaan (688386) | more than 2 years ago | (#40232847)

I was thinking that, too...I don't see anyone saying that they shipped *modified* versions of GPLed code.

Re:Not gonna happen (4, Informative)

Qzukk (229616) | more than 2 years ago | (#40232967)

LGPL provides a "just linking" exception and is used 99:1 instead of GPL for libraries because the GPL makes no exception for linking. If your code uses GPL code, your code must be GPL.

Generally the only people who write GPL libraries is the GNU Foundation itself, and even then they only do it when they think they have something so awesome people will adopt the GPL license to use it (like libreadline, which is).

is the CIA selling these viruses? (0)

Anonymous Coward | more than 2 years ago | (#40232249)

i was under the impression that you only have to give your code back to GPL if you sell a product with GPL'd code

Re:is the CIA selling these viruses? (4, Informative)

dnaumov (453672) | more than 2 years ago | (#40232275)

No, selling or not selling is irrelevant. "Distributing" is the key.

Re:is the CIA selling these viruses? (3, Insightful)

HarrySquatter (1698416) | more than 2 years ago | (#40232287)

This whole thing is irrelevant due to state sovereign immunity. Good luck suing the government when they have to permit themselves to being sued.

Re:is the CIA selling these viruses? (1)

ballfire (807022) | more than 2 years ago | (#40232447)

License says that with binary package should go the offer to obtain the source, but only for the one that received the binary, isn'it?

Re:is the CIA selling these viruses? (2)

unixisc (2429386) | more than 2 years ago | (#40232835)

Precisely, and if someone writes a virus under the GPL, and only runs the virus, making it infect other computers that were not interested in receiving it, then is that considered a distribution of the binaries such that the source code has to be released?

Re:is the CIA selling these viruses? (4, Interesting)

TheSpoom (715771) | more than 2 years ago | (#40232331)

Distribute, not sell. (Though you absolutely have the right to sell GPL code as well, as long as you abide by the rest of the license and release your source.)

In any case, I'm guessing that one of the following things will happen:

- Some sort of secrecy / national security provision is given as a reason source cannot be released (1% probability)
- Changes to the GPL portions are released (0.01% probability)
- Stone-cold silence (98.99% probability)

Remember, the US Government hasn't even acknowledged that they created these worms. We're still firmly in the "plausible deniability" phase.

Re:is the CIA selling these viruses? (5, Funny)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#40232669)

Option #4: An obscure RFC describing the implementation of TCP/IP on a 5.56x45 'jumbo frame' physical layer is drafted.

Re:is the CIA selling these viruses? (0)

Anonymous Coward | more than 2 years ago | (#40233165)

How would that change anything? It's not the standard/protocol/data structure that's copyrighted under GPL, it's the code implementation.

Re:is the CIA selling these viruses? (5, Informative)

gman003 (1693318) | more than 2 years ago | (#40233325)

5.56x45mm is the specifications for the NATO-standard small-arms ammunition, used by pretty much every modern military assault rifle that isn't a Kalashnikov derivative (and some that are), as well as some police sniper rifles and various civilian rifles.

And now I've explained the joke.

Re:is the CIA selling these viruses? (0)

Anonymous Coward | more than 2 years ago | (#40233329)

Yeah but our 'online petition' will have more of an affect over this new physical layer.

Re:is the CIA selling these viruses? (1)

someSnarkyBastard (1521235) | more than 2 years ago | (#40233341)

You mean like the one about TCP/IP via avian carriers?

Who gets to request code? (5, Insightful)

Anonymous Coward | more than 2 years ago | (#40232251)

Under the GPL, only people that the executable was distributed to are allowed to request the code - and since it's a weapon, the US government isn't alliowed to send it to Iran.

Problem solved.

Re:Who gets to request code? (0)

Anonymous Coward | more than 2 years ago | (#40232533)

Actually, Iran was not the subject of distribution of the executable - Iran was the target of the executable. The "owner" of the executable would, most likely, be the same entity that created it in the first place, so the GPL is irrelevant - they already have the source code.

Re:Who gets to request code? (4, Interesting)

samkass (174571) | more than 2 years ago | (#40232575)

Also, you'll have to prove in a court of law that the Government did, in fact, distribute the software; that the recipient requested and was denied the source code; and that the owners of the Copyright have standing to sue. That's even before Sovereign issues. I'm not optimistic.

Re:Who gets to request code? (1)

Yvanhoe (564877) | more than 2 years ago | (#40232891)

And that is, of course, after Iran successfully won the court case about US sabotaging its uranium enrichment. This may be a slight bit more a serious offense...

Re:Who gets to request code? (2)

HyperQuantum (1032422) | more than 2 years ago | (#40232629)

What are the legal implications of GPL software that 'distributes' itself? Assuming that Flame is self-propagating, of course. Because distributing GPL software obviously implies some responsibilities taken care of (like offering the source code). Now who gets the blame when the receiving party didn't get the offer? Can you argue in court that the originator of the software is responsible instead of just the previous link in the infection path?

Re:Who gets to request code? (1)

funnyguy (28876) | more than 2 years ago | (#40232657)

There is no burden to release code if it was never distributed or sold.

Re:Who gets to request code? (1)

Manfre (631065) | more than 2 years ago | (#40232869)

Antivirus vendors around the global would disagree with you statement that it was never distributed.

Re:Who gets to request code? (2)

TheCarp (96830) | more than 2 years ago | (#40232889)

And how exactly do you claim that this software was never distributed? It was clearly distributed, in fact, it distributed itself to new machines without the owners actual approval. The one claim that the authors most certainly not make is that they did not intend for the binary to be distributed.

Re:Who gets to request code? (1)

PurpleAlien (797797) | more than 2 years ago | (#40232919)

I would argue that if the virus would end up on my computer (asked for or not), it was distributed to me - hence I have the right to ask for the source code under the GPL. Furthermore, I could have gotten the code from Kasperski Labs for instance for my research, and would also be able to ask for the code. Remember that the distribution of the binary does not necessarily need to be done by the original source - anyone receiving a GPL'd binary has the right to redistribute, under the same terms as the original.

"anyone who possesses the object code" (3, Informative)

tepples (727027) | more than 2 years ago | (#40232795)

Under the GPL, only people that the executable was distributed to are allowed to request the code

As I understand the GPL, this offer must be extended to "anyone who possesses the object code" (GPLv3) or "any third party" (GPLv2). Anyone who has ever had a PC infected with any of these viruses "possesses the object code".

Re:Who gets to request code? (4, Informative)

Neil_Brown (1568845) | more than 2 years ago | (#40232875)

Under the GPL, only people that the executable was distributed to are allowed to request the code

It's perhaps a little more nuanced than this, to my mind.

Under GNU GPL 2.0 [gnu.org] , a distributor of a binary of the Program has two main options for distributing the source code:

  • a.) Accompany it with the complete corresponding machine-readable source code ... or,
  • b.) Accompany it with a written offer ... to give any third party ... a complete machine-readable copy of the corresponding source code...

If the source code does not accompany the binary, the binary must be accompanied by a written offer to give the source to "any third party" — it does not say "to give any third party who possesses the object code" or similar.

However, the GPL FAQs [gnu.org] (which I'd treat as one interpretation of the licence), comment that:

The offer must be open to everyone who has a copy of the binary that it accompanies. This is why the GPL says your friend must give you a copy of the offer along with a copy of the binary—so you can take advantage of it.

However, this is not what the wording says — that the offer must be open to "any third party." If I get the binary directly from you, the status is clear, as is the situation in which I get the binary from my friend, who got it from you — but it's unclear, to my mind, what happens when I do not have the binary. I'd probably leave it that you have an obligation to provide the source code to me — an obligation to provide the source code to "any third party" — but that, without a copy of the offer myself, I'd likely have a very difficult time enforcing the obligation.

GNU GPL 3.0 clears this up, with clause 6(b) providing that a non-source distribution on a physical medium can take place if

accompanied by a written offer ... to give anyone who possesses the object code [the source or access to the source]

However, the fact the words are *not* in GNU GPL 2.0 but *are* in GNU GPL 3.0 does not necessarily mean that they should be read in...

YVMV, of course :)

What! (0)

Anonymous Coward | more than 2 years ago | (#40232255)

They're not distributing it (I hope...) so they don't have to do jack shit! Go get the source from the author...

Good luck with that... (1)

HarrySquatter (1698416) | more than 2 years ago | (#40232261)

State sovereign immunity. Game over.

Re:Good luck with that... (1)

number11 (129686) | more than 2 years ago | (#40233061)

State sovereign immunity. Game over.

"Laws? We don't need no steenkin laws!"

You can ask ... (1)

Cassini2 (956052) | more than 2 years ago | (#40232263)

This involves the Mossad, CIA, and national security. You can ask, but you might not survive the attempt.

Gerald Bull [wikipedia.org] and the drone [wikipedia.org] attacks come to mind. Of course, this assumes that they even listen, and don't simply claim National Security! [wikipedia.org]

Re:You can ask ... (1)

neokushan (932374) | more than 2 years ago | (#40232399)

It's all over slashdot now, they can't "contain" it much longer. All they can do is deny, deny, deny. Deny doing it, deny access, deny the whole thing.
It'd be a hell of an interesting test for the GPL in court, though.

Re:You can ask ... (1)

h4rr4r (612664) | more than 2 years ago | (#40232421)

Why would they care about slashdot?

It would not be a test for the GPL at all, nor would it be a test of any other license. They would just invoke sovereign immunity and be done with it.

Re:You can ask ... (1)

neokushan (932374) | more than 2 years ago | (#40232487)

Nothing to do with slashdot, more that thousands and thousands of people have already seen it. If whoever asks the question suddenly disappears, there's plenty of other people that will line up and ask two questions. Plenty of people on slashdot aren't afraid of the government - any government.
Like I said, it would be an interesting test in court. I highly doubt it'll ever get to that stage.

Re:You can ask ... (1)

networkBoy (774728) | more than 2 years ago | (#40232851)

ha ha ha
Plenty of people on /. that have not had a real encounter with the government then. I suspect the Venn diagram is actually two concentric circles of the same diameter...
-nB

Re:You can ask ... (1)

neokushan (932374) | more than 2 years ago | (#40233053)

I think you underestimate the number of people that visit slashdot. Law of averages and all that.

There'll always be another Assange or Manning waiting to stand up and shout loudly, be it for legitimate or self-gratifying reasons (admittedly mostly self-gratifying). People like (the frankly idiotic) Anonymous will make enough of a fuss that it'll get news coverage all over the place and by that point, you can't contain it without making it worse. All they can (and probably will) do is hunker down and deny it all.

Re:You can ask ... (1)

HarrySquatter (1698416) | more than 2 years ago | (#40232635)

All over Slashdot? Oh man, they're quaking in their boots!!!

Re:You can ask ... (1)

neokushan (932374) | more than 2 years ago | (#40232701)

I never said that they'd be scared, all I said was that they couldn't contain it by "removing" a few people.

Yeah, they'll get right on that (2)

TrentTheThief (118302) | more than 2 years ago | (#40232277)

LOLOLOL

What a stupid idea it was to go down that path. Now that the idiots in the us gov't have opened pandora's box, I'm sure we'll all soon have the opportunity to see the code up close and personal.

Re:Yeah, they'll get right on that (1)

1s44c (552956) | more than 2 years ago | (#40233083)

LOLOLOL

What a stupid idea it was to go down that path. Now that the idiots in the us gov't have opened pandora's box, I'm sure we'll all soon have the opportunity to see the code up close and personal.

The decompiled version appears to already be on the net, if you want it you can find it and so can everyone else.

Hopefully this will teach people not to control important things with windows machines but somehow I doubt that will happen.

Re:Yeah, they'll get right on that (1)

TrentTheThief (118302) | more than 2 years ago | (#40233385)

Microsoft Windows: "Kevorkian Approved©" for critical life support applications.

Yeah right... (0)

Anonymous Coward | more than 2 years ago | (#40232285)

Fucking stupid publicity stunt.

They're going to just ignore the request or deny it on national security grounds.

Re:Yeah right... (1)

cryptizard (2629853) | more than 2 years ago | (#40232327)

Considering the "request" was just a joke post an obscure Hungarian blog, they will definitely be ignoring (read: never seeing) it.

Worms with source? (1)

PhilHibbs (4537) | more than 2 years ago | (#40232293)

So if this worm deploys itself onto a machine, it should deploy the source as well? Or, could it just deploy a link to the source, and since the software itself by its very nature tries to hide itself, could it hide the link?

Clever idea, actually. (4, Interesting)

drinkypoo (153816) | more than 2 years ago | (#40232303)

Someone with gigantic balls of steel should file a FOIA on this basis.

It would be interesting to see if the request would even be acknowledged.

What makes the idea clever is that it's a public request (and publicise the hell out of it!) and it's powered by copyright. This is why the GPL is so effective...

Re:Clever idea, actually. (1)

HarrySquatter (1698416) | more than 2 years ago | (#40232337)

Yes, and the government can ignore it since they control the copyright laws. You actually think the government is constrained by the GPL? ROFL.

Re:Clever idea, actually. (3, Insightful)

the eric conspiracy (20178) | more than 2 years ago | (#40232557)

How do you know they didn't buy a commercial license?

Re:Clever idea, actually. (1)

tepples (727027) | more than 2 years ago | (#40232735)

Might it be a lack of a licensee number in the binary? I can't know whether this is required because the terms of an LZO Professional license are subject to NDA.

Re:Clever idea, actually. (1)

jeff4747 (256583) | more than 2 years ago | (#40232983)

The laws on classified information trump copyright.

GPL infects a virus (0)

Anonymous Coward | more than 2 years ago | (#40232377)

Isn't that just, I dunno, special?

I'll venture to guess that the government will say they just can't legally distribute it anymore. Gosh, that sure showed them. From my mother's basement I stab at thee.

Re:GPL infects a virus (1)

lister king of smeg (2481612) | more than 2 years ago | (#40233405)

it really is viral licensing now

Ask away (4, Insightful)

DaveV1.0 (203135) | more than 2 years ago | (#40232413)

The thing is, no one knows who wrote it. Sure, there is speculation that the U.S. and/or Israel did, but no one knows for sure. The simplest thing for the government to do is say "We can't because we didn't write it." Then, it falls on the asker to prove they did.

Re:Ask away (3, Informative)

tnk1 (899206) | more than 2 years ago | (#40232685)

This.

I mean, I'm seeing a leap of logic where we look for a piece of GPL code to throw a legality at the US government, but of course, neglect the little detail that no one knows who wrote it, and that the US government certainly hasn't admitted it.

This just sounds like a strange mixture of anti-government outrage mixed with GPL advocacy which is nothing more than an attention whoring exercise in wankery.

Re:Ask away (1)

silentcoder (1241496) | more than 2 years ago | (#40232995)

True, though the summary is wrong. Yeah, I know I RTFA'd I must be new here, but the actual post said "whoever wrote it please comply with the GPL",
It never actually said it was the US or any other Government.

That claim was made on slashdot alone.

Re:Ask away (-1)

Anonymous Coward | more than 2 years ago | (#40233187)

GPL advocacy meets "Blame Israel and the US Government for Everything Bad, Ever". It's a perfect storm of idiocy.

Re:Ask away (1)

eimsand (903055) | more than 2 years ago | (#40232841)

Even if the US admits they wrote Flame (much like they just did with Stuxnet), it still won't matter. There are catch-all laws that allow the government to (legally) ignore pretty much any request if it compromises national security.

Are we sure it's the GPL version? (1)

jensend (71114) | more than 2 years ago | (#40232495)

Markus Oberhumer, author of LZO, also offers LZO Professional, a commercial version not subject to the GPL.

Re:Are we sure it's the GPL version? (1)

Anonymous Coward | more than 2 years ago | (#40232559)

In this case the Iranian government could solve its problems by serving a DMCA takedown notice to the US

Re:Are we sure it's the GPL version? (0)

Anonymous Coward | more than 2 years ago | (#40233111)

The Iranian government owns the rights to LZO to make such a request? Boy this gets more interesting by the minute.

Re:Are we sure it's the GPL version? (1)

jensend (71114) | more than 2 years ago | (#40232671)

AARGH should have used preview. LZO Professional [oberhumer.com] .

Re:Are we sure it's the GPL version? (1)

arth1 (260657) | more than 2 years ago | (#40232849)

Markus Oberhumer, author of LZO, also offers LZO Professional, a commercial version not subject to the GPL.

Which would make it perfectly legal. But honestly, what do you think the odds are that the TLAs would bother doing what's right?

Re:Are we sure it's the GPL version? (1)

1s44c (552956) | more than 2 years ago | (#40233203)

Markus Oberhumer, author of LZO, also offers LZO Professional, a commercial version not subject to the GPL.

Does he also offer an 'acts of war against a sovereign nation' license?

LZO Licensing (5, Informative)

Anonymous Coward | more than 2 years ago | (#40232521)

From http://www.oberhumer.com/opensource/lzo/lzodoc.php:

"Special licenses for commercial and other applications which are not willing to accept the GNU General Public License are available by contacting the author."

RTFA. (3, Informative)

Robert Zenz (1680268) | more than 2 years ago | (#40232543)

So our questions is: Please, Dear Authors of Duqu (whoever they are), hand over the source code of Duqu (or Beacon/NYT), as it contains GPL code.

Disclaimer: This post is for fun, don’t take it too seriously, but the questions are still valid.

OT - GPL violation doesn't necessarily open code (5, Informative)

caseih (160668) | more than 2 years ago | (#40232611)

Just as an aside, whenever some commercial entity finds itself in violation of the GPL, people start talking like they expect the code to magically be revealed and gifted to the community. This perpetuates the lie that the GPL is viral and can "infect" closed-source code. The reality is far different. If a company is found to be in violation of the GPL, they find themselves in a copyright violation situation. This means that they must a) stop further distribution and b) potentially be held liable for monetary damages resulting from the distribution. They absolutely don't have to release their code. However if they want to continue to distribute and sell their product they will have to do one of three things: 1) remove infringing code, 2) license the infringing code under acceptable terms, possibly by paying a licensing fee to the copyright holder, or 3) release their derivative code under the GPL.

We'll settle if you release the code (2)

tepples (727027) | more than 2 years ago | (#40232695)

and b) potentially be held liable for monetary damages resulting from the distribution. They absolutely don't have to release their code.

Unless the copyright owner of the GPL code offers to drop the claim for monetary damages in exchange for publishing the infringing code. As I understand it, this offer is routine for copyright infringement cases that involve the GPL.

Re:OT - GPL violation doesn't necessarily open cod (0)

Anonymous Coward | more than 2 years ago | (#40233065)

"3) release their derivative code under the GPL."

Upon request, to people who they distributed binaries to.

Re:OT - GPL violation doesn't necessarily open cod (0)

Anonymous Coward | more than 2 years ago | (#40233421)

"3) release their derivative code under the GPL."

Upon request, to people who they distributed binaries to.

Right...and if you don't do that, you're in violation of the license, and are committing copyright infringement. The judge won't force you to release the code, you'll just have to pay damages to the copyright owner and stop distributing the infringing code.

Is this not the source on their website ??? (0)

Anonymous Coward | more than 2 years ago | (#40232673)

http://www.oberhumer.com/opensource/lzo/download/LZO-v1/

It should be possible to sue (1)

the eric conspiracy (20178) | more than 2 years ago | (#40232703)

The Federal Government has specifically disclaimed sovereign immunity in copyright cases under 28 USC 1498(b).

There may be other concerns, like national security that make it difficult though.

Only one question (0)

Anonymous Coward | more than 2 years ago | (#40232729)

Who do I send code requests to? I need to see the part that goes undetected by AV software and messes the other country's infrastructure up...

The source appears to be at their website (0)

Anonymous Coward | more than 2 years ago | (#40232731)

opensource/lzo/download/LZO-v1/

Actually, the GPL isn't very cancerous. (1, Informative)

Anonymous Coward | more than 2 years ago | (#40232789)

As an author of GPLed code, I've read the GPL license. It isn't possible for a random person, including the author of the GPLed works being distributed, to request source code. The only GPL provision for that is if the author distributes binaries of modified GPL code, at which point the author would need to distribute source code as well. Here's the sticky point, whoever requested source code wasn't the recipient of the binaries; therefore, they are not entitled to any source code. The authors of the GPLed source code are not entitled to it either, for the same reason. In fact, the only one who could demand (in theory at least) the source code would be the persons receiving the binaries containing the modified GPL code.

Then there's the point that bundling GPL software with your product doesn't necessarily mean that you're extending that product and therefore bound by the GPL. Not every piece of software compiled on/for Linux is bound by the GPL -- even if that software is distributed as part of a Linux distribution (i.e., bundled as part of a bigger package). Software that has an API and offers services to other software -- compression libraries, SQL, etc -- are expected to offer services to other software. Granted, some developers have taken the stance that if proprietary software works with only a specific GPL software (say, MySQL) and that particular GPL software is distributed with the proprietary software, that it violates the GPL, and a proprietary license is required. However, that is a developer stance, not necessarily a legal one.

So even if the government used GPL software (which may not be the case considering a non-GPL license is available for the software in question), it wouldn't necessarily be required to release any source code. There's a pretty good chance that it didn't change any GPLed source code -- even if it did bundle it with its own software and wrap everything up in a clever installer.

It's a joke (4, Informative)

ildon (413912) | more than 2 years ago | (#40232881)

Quoting the article because so far no one actually followed the link and read it (as usual).

Disclaimer: This post is for fun, don’t take it too seriously, but the questions are still valid. This post is a personal post of one of the Lab members and does not reflect the view of any organization.

Problem Solved (1)

Anonymous Coward | more than 2 years ago | (#40233105)

Do they use a rangeCheck function?
If so, somebody let Oracle know so that they can sue the government.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>