Re: Yes you have standing to sue GRSecurity - Two options that can be used in concert or separately
Thank you Mr. Rankin for saying this. Bruce Perens blocked me* (also calling me a "fool" later to a 3rd party) after I started to brainstorm the defenses that would be raised about a week or two ago: letting everyone in the world know what he thought of me for mentioning laches etc. Such talk is naivete to him and he "doesn't suffer fools willingly". Brainstorming what defenses the opposition will raise is the thinking of a naive fool according to Bruce Perens. I also noticed that Bruce Perens friend Professor Moglen hasn't commented, instead opting to sit and silently judge, but I did bring up the fact that GPL v2 lacks a no-revocation clause, thus (barring estopple) said license can be revoked at any time by the grantor. Which is the actual reason v3 of the GPL needed to be drafted (the patents issue being a foil). I guess Professor Moglen (RMS, ESR) and the rest don't want too many people to know about that part either and thus would rather downplay anything else I have written. To be clear: Rights-Holders can sue GRSecurity for the copyright violation stemming from the flagrant violation of section 6 of the license. Rights-Holders can also revoke GRSecurity's license to their code by notice and then sue them if they continue to make derivative works of said work. So Rights-Holders have two options there at their disposal. The GPL v2, by itself, does not give rise to an estopple situation where there has been no communication to the other party that they relied upon that the license would never be revoked by Rights-Holder. The permission flows from the Rights-Holder and not through intermediaries. Thus even if Linus made communications that HE would never revoke the permission he has given regarding his works of authorship, that does not bind other Rights-Holders regarding their code. *( lists.debian.org/debian-user/2017/07/msg00830.html ) On 2017-07-30 07:14, David C. Rankin wrote: On 07/30/2017 12:55 AM, David Lang wrote: You are thinking of Trademarks, they must be defended or you loose them. Contracts and Licenses do not need to be defended at every chance or risk loosing them. No, not always, it can apply in plain contract as well. The defenses that could be later raised by grsecurity if this issue goes unaddressed is are (1) latches; and (2) waiver. It is a slippery slope. While, without commenting on the dubious nature of the current use of the defenses (as catch-all, kitchen-sink affirmative-defenses), they can be expected to be raised if rights under GPL to insure no further restrictions are placed on subsequent use of the kernel-code are not enforced. I hope there is a centralized forum that will be established for this issue (there may be and I'm just not smart enough to have found it yet). Certainly, if for nothing else, so the advantages and disadvantages of both action, and inaction, can be peer-reviewed on both the legal and technical side.
Re: Yes you have standing to sue GRSecurity.
On Mon, Jul 31, 2017 at 5:01 PM,wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > On Mon, Jul 31, 2017 at 09:23:06AM +0200, deloptes wrote: > > [...] > >> Recently I found out that when ideology stands higher than pragmatics the >> whole thing affected dies ... numerous examples like communism or democracy >> in our modern understanding. > > This is so... unpragmatic that it could itself be called an ideology. Precisely. We can only do what we can, and part of what we can do is educate ourselves. If we don't educate ourselves, we end up being able to do less. Getting depressed at the real world is also not going to help us do what we can. And that's the way the world has been for as long as I've been alive, and, near as I can tell, for as far back as we have history. > best > - -- t And I'll echo that. Best. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Yes you have standing to sue GRSecurity.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Jul 31, 2017 at 09:23:06AM +0200, deloptes wrote: [...] > Recently I found out that when ideology stands higher than pragmatics the > whole thing affected dies ... numerous examples like communism or democracy > in our modern understanding. This is so... unpragmatic that it could itself be called an ideology. best - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAll+4+4ACgkQBcgs9XrR2kYnLgCdHMpZI1lB4dACKz7xo5TEzwM3 st8AmQHfx3Jt1gPjCXwK3E9VM4JB0O7B =zQYv -END PGP SIGNATURE-
Re: Yes you have standing to sue GRSecurity.
Joel Rees wrote: > We may not support GRSecurity's questionable methods, but we may > well decide we should boycott the companies who induced GRSecurity's > stance. > > If you want to know who those companies are, you can find out pretty > quickly by searching the web. I was going to stop writing to this thread, but those two got me again. The idea that we can change something by boycoting is dead to me. When I do not like Google, Apple or Microsoft ... what mobile phone should I exactly buy today? I spent days with SailFish ... it is not at the level of the big players. What has FSF or any of you (moral preachers) done to help us have an alternative? I stop before I get cynical. In fact the mass does not care and your idea boycoting ... what? qualifies you as naive. Naive is also the idea that we can relay on GPL2 or GPL3 from the 80s and 90s. I would like to see more education, Enlightment coming from FSF and community in fact I see more and more closed source devices, while the community is (mostly) stuck in the FSF dream of the 80s and 90s in lack of focus and unity. This is my personal opinion. The mass however moved forward and the young people are getting more and more pragmatic. If you don't win them for your cause, you are lost. So I think in future we will see more and more violations of the kind and less and less responses to them. Recently I found out that when ideology stands higher than pragmatics the whole thing affected dies ... numerous examples like communism or democracy in our modern understanding. So before FSF dies we may do something to adapt to the new world. I write not exactly about GRSecurity but in a wider scope regards
Re: Yes you have standing to sue GRSecurity.
On Mon, Jul 31, 2017 at 3:33 AM, delopteswrote: > Nicolas George wrote: > >> How do you know you can trust that "legal clarification" better than >> what any of us could have written? I do not have any legal training, and >> I know approximatively what is written in the first message, but you >> would be wrong to take my opinion at face value. >> >> Have you checked « ni...@redchan.it »'s credentials as an attorney? >> >> Regards, > > Why do you think I trust you or him? I mean - every one can put forward a > proposition. The statement was clear and from argumentative point of you > OK. It was definitely informative. I do not take it as granted but as a > fair stand point - same as your statement. > > There is a lot the community could do, but it spends time being and arguing > about political correctness and trying to bring all parties together > etc ... if those guys are too far right, you are too far left - IMO. > > regards One thing that might be worth saying here: Partial truths are sometimes more damaging than outright lies. Specifically, GRSecurity is, in fact, misusing the GPL in a way which we do not want to see becoming common. This is the part the troll is quite willing to tell. What the troll is not telling is that they are doing so in response to certain parties who are in flagrant violation of the GPL, specifically regarding their (GrSecurity's) contributions. (And have a record of other, more general violations.) Since the original offenders seem to be more willing to throw lawyers and legal filings at the problem than simply come into compliance regarding their use of GRSecurities patches, I would question the motives of the trolls. Frankly, the large corporations who are doing this with GRSecurity have no logical reason to be so recalcitrant. The old expression, "Cutting off their noses to spite their own faces," seems to apply. If the patches are useful, they should be willing to support the source of the patches. And if the patches are useful, they should be willing to help their customers keep their firewalls and other infrastructure equipment up-to-date. We may not support GRSecurity's questionable methods, but we may well decide we should boycott the companies who induced GRSecurity's stance. If you want to know who those companies are, you can find out pretty quickly by searching the web. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html
Re: Yes you have standing to sue GRSecurity.
On Sun 30 Jul 2017 at 20:33:50 +0200, deloptes wrote: With apologies to Ansgar Burchard https://lists.debian.org/debian-user/2017/07/msg01524.html (who was spot-on with his assessment) and anyone else who sees this thread as completely off-topic for -user. > Nicolas George wrote: > > > How do you know you can trust that "legal clarification" better than > > what any of us could have written? I do not have any legal training, and > > I know approximatively what is written in the first message, but you > > would be wrong to take my opinion at face value. > > > > Have you checked « ni...@redchan.it »'s credentials as an attorney? > > > > Regards, > > Why do you think I trust you or him? I mean - every one can put forward a > proposition. Everyone can spam numerous mailing lists; they don't. Everyone can lie and claim to be an attorney; they don't. Everyone can make an effort to hide their identity; they don't. Everyone can resurrect a topic which has received previous exposure on -user; they don't. Everyone can start an email with a pompous "It has come to my attention"; they don't. Everyone can write a mail looking like they know what they are talking about and inudate mailing lists about it; they don't. Everyone can be inconsiderate, unthinking, self-centred, rude, unthinking, foolish, uninformed or lacking in nouse when posting to debian-user. The OP has managed all of these simultaneously. Anyone can can put forward a proposition on -user. That does not mean it needs to be taken as requiring a response. Trusting the OP as a person of integrity requires a feat of the imagination. Some appear to possess it. > The statement was clear and from argumentative point of you > OK. It was definitely informative. I do not take it as granted but as a > fair stand point - same as your statement. > > There is a lot the community could do, but it spends time being and arguing > about political correctness and trying to bring all parties together > etc ... if those guys are too far right, you are too far left - IMO. This mailing list thankfully spends most of its time trying to help users. It suceeds in many, many ways. If this is on the left - put me there rather than with the bonkers posters. -- Brian.
Re: Yes you have standing to sue GRSecurity.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Jul 30, 2017 at 05:58:54PM +0200, deloptes wrote: > to...@tuxteam.de wrote: > > > This is my opinion, and I hope y'all read it as critically as > > you should read anything. > > I appreciate and value your opinion, but as so much was written here > regarding this subject I find the legal clarification in place. It saves > one (like me) a lot of digging in the subject to get an overview. In this > sense the intention of nisus was ok so far. > > But I understand your point and agree. OK, thanks regards - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAll+ONkACgkQBcgs9XrR2kas7QCggDuKLCjMZ/tzB1/ejXqZJ6D6 hVUAnRprnaCVrGiEbtOIds/TWvxMmldL =qgNI -END PGP SIGNATURE-
Re: Yes you have standing to sue GRSecurity.
Nicolas George wrote: > How do you know you can trust that "legal clarification" better than > what any of us could have written? I do not have any legal training, and > I know approximatively what is written in the first message, but you > would be wrong to take my opinion at face value. > > Have you checked « ni...@redchan.it »'s credentials as an attorney? > > Regards, Why do you think I trust you or him? I mean - every one can put forward a proposition. The statement was clear and from argumentative point of you OK. It was definitely informative. I do not take it as granted but as a fair stand point - same as your statement. There is a lot the community could do, but it spends time being and arguing about political correctness and trying to bring all parties together etc ... if those guys are too far right, you are too far left - IMO. regards
Re: Yes you have standing to sue GRSecurity.
Le duodi 12 thermidor, an CCXXV, deloptes a écrit : > I appreciate and value your opinion, but as so much was written here > regarding this subject I find the legal clarification in place. It saves > one (like me) a lot of digging in the subject to get an overview. In this > sense the intention of nisus was ok so far. How do you know you can trust that "legal clarification" better than what any of us could have written? I do not have any legal training, and I know approximatively what is written in the first message, but you would be wrong to take my opinion at face value. Have you checked « ni...@redchan.it »'s credentials as an attorney? Regards, -- Nicolas George signature.asc Description: Digital signature
Re: Yes you have standing to sue GRSecurity.
to...@tuxteam.de wrote: > This is my opinion, and I hope y'all read it as critically as > you should read anything. I appreciate and value your opinion, but as so much was written here regarding this subject I find the legal clarification in place. It saves one (like me) a lot of digging in the subject to get an overview. In this sense the intention of nisus was ok so far. But I understand your point and agree. regards
Re: Yes you have standing to sue GRSecurity.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Jul 30, 2017 at 12:14:53PM +0200, deloptes wrote: > ni...@redchan.it wrote: > > > I needed to highlight some things in the text so one's eyes don't bleed > > out reading it. > > > > Some variation here and there. > > > > But the key is you have individual standing to sue. You don't have to > > ask the free software conservancy or the linux foundation permission. > > And you should not rest on your rights. > > Thank you for the professional and very meaningful explanation. I indeed > thing it was necessary and helpful and disagree with what tomas stated. > > @tomas the shit smells already so it doesn't matter what you do, it won't > get better and not everyone has the time to get a legal overview such that > nisus provided. > In fact your comment on his mail is in my opinion obsolete as you are > stepping in position to judge ones post in the name of all readers. Sigh. I don't know whether you are trolling or not, but I'll go with Hanlon's razor and assume you are not. The OP's position is well-known: in the Linux kernel, any contributor has a standing to defend her/his rights, since the copyrights are with the respective code "owner". This has repeatedly passed the "court test"; one example is Harald Welte's activity. So nothing new *in content* here. What I take issue with, and strongly, is the form: the free software community at large tends, and for a good reason, to take a careful position: first give infringers a chance to come into compliance, then, if nothing helps, perhaps take legal action. The main aim is to bring people into compliance, and that phase takes a while (years). Shouting around and stirring bad feelings doesn't help. In the case of GRSecurity, it's important to keep in mind that they have (despite the very problematic attitude) done important contributions which actually landed in the kernel (thanks to the often thankless work of the likes of Kees Cook). So there you have it. Redchannel and MikeeUSA are troubleseekers -- they show up where there's conflict and do whatever seems best to kindle the flames. They are not helpful. And if they are the same, as Ansgar suggested, the worse. They don't contribute anything to the greater good, and have, I think, a different agenda. This is my opinion, and I hope y'all read it as critically as you should read anything. Regards - -- tomás -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAll90b4ACgkQBcgs9XrR2kaQQQCfQTrzyoei7AZB4XhqhY3FSCN7 D54An1uVLEHWuLCjfOvnfjAyQ6idAd2e =v9Yy -END PGP SIGNATURE-
Re: Yes you have standing to sue GRSecurity.
Hi, deloptes wrote: > not everyone has the time to get a legal overview such that nisus provided. I beg your pardon. But that "legal overview" is trivial and off topic here. Firstly, the GRSecurity issue is discussed more than enough by the people whom it concerns, namely those who contributed copyrightable material to the Linux kernel code, which GRSecurity takes as base for its work. I doubt that many people on this list have earned the merit of adding the own copyright to the kernel. Those who have, will be well aware whether they are affected by this issue. Secondly, enforcing the GPL is a matter of thorough thought, good planning, excellent legal advice, and a solid piece of luck in court. Shouting a hysteric "you-can-do-too" message is not helping in any way. And finally, i suspect that the whole GRSecurity issue is currently in the focus of lawyers who want to sue somebody regardless of the facts or their legal entitlement. I don't say that the GRSecurity issue should not be assessed by law courts. But i say that it shall not fall victim to crooked lawyers. The disputable point about GRSecurity's stance is that they claim to provide the patches under GPL but threaten to end a customer's subscription if that customer makes use of the freedom to distribute copies. At least if the end of this article represents them correctly: https://www.theregister.co.uk/2017/04/26/grsecurity_linux_kernel_freeloaders/ But hey, nobody needs GRSecurity to run Linux. The best way to deal with this is to stay away from any pseudo-GPL'ed software. We have a clear statement from the nexus, on which we all trust when using a Linux kernel: http://lkml.iu.edu/hypermail/linux/kernel/1706.2/06228.html "Don't bother with grsecurity." - Linus Torvalds Have a nice day :) Thomas
Re: Yes you have standing to sue GRSecurity.
to...@tuxteam.de wrote: > That's what I was trying to say: while some of the things in his/her > post may be correct, the way they are brought about seems to aim at > spreading hate and chaos instead of at finding a good solution. > >> Just don't feed him here :-) > > Agreed. Again the moral judge ... guys come down. As nisus wrote the target of the mail is developers ... where do you see feeding and why you are focused so much on this. You don't want this being discussed in that way on the list? Might be you are right, but so far I have not read anything that stupid on the subject. And in fact the first time one writes something useful and professional you hit the fingers :) I just want to say that you could have spared the comments exactly this time in this mailthread. regards
Re: Yes you have standing to sue GRSecurity.
ni...@redchan.it wrote: > I needed to highlight some things in the text so one's eyes don't bleed > out reading it. > > Some variation here and there. > > But the key is you have individual standing to sue. You don't have to > ask the free software conservancy or the linux foundation permission. > And you should not rest on your rights. Thank you for the professional and very meaningful explanation. I indeed thing it was necessary and helpful and disagree with what tomas stated. @tomas the shit smells already so it doesn't matter what you do, it won't get better and not everyone has the time to get a legal overview such that nisus provided. In fact your comment on his mail is in my opinion obsolete as you are stepping in position to judge ones post in the name of all readers. regards
Re: Yes you have standing to sue GRSecurity.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, Jul 29, 2017 at 03:25:08PM +0200, Ansgar Burchardt wrote: >writes: > > On Sat, Jul 29, 2017 at 12:35:55PM +, ni...@redchan.it wrote: > >> haven't assigned your copyrights away then YOU OWN YOUR > >> CONTRIBUTIONS. > > > > Uh, oh. Redchannel. [...] > MikeeUSA is a well-known troll using different mail addresses all the > time. Ah, OK. I remember well MikeeUSA. So you say MikeeUSA == redchannel? Given the post's tone that seems plausible. Oh, goody. > Sometimes people fall for him (resulting for example in the > earlier thread about GRsecurity here or a certain Debian derivative > refers to MikeeUSA for why a certain init system is bad). That's what I was trying to say: while some of the things in his/her post may be correct, the way they are brought about seems to aim at spreading hate and chaos instead of at finding a good solution. > Just don't feed him here :-) Agreed. Thanks & cheers - -- tomás -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAll8pU8ACgkQBcgs9XrR2kYsvQCdEo5CHAge8XkOLenKSQ9XJFYp lC4An316NlW8rf9gyNDCkGhD3soefDpL =bdSY -END PGP SIGNATURE-
Re: Yes you have standing to sue GRSecurity.
writes: > On Sat, Jul 29, 2017 at 12:35:55PM +, ni...@redchan.it wrote: >> haven't assigned your copyrights away then YOU OWN YOUR >> CONTRIBUTIONS. > > Uh, oh. Redchannel. > > While what you write is true (everyone should know by now that every > contributor has a right to sue, Harald Welte's initiative wouldn't > have been possible otherwise), I have the strong suspicion that you > are here merely to stir the shit. > > Try to be constructive, instead of YELLING AROUND here. MikeeUSA is a well-known troll using different mail addresses all the time. Sometimes people fall for him (resulting for example in the earlier thread about GRsecurity here or a certain Debian derivative refers to MikeeUSA for why a certain init system is bad). Just don't feed him here :-) Ansgar
Re: Yes you have standing to sue GRSecurity.
I needed to highlight some things in the text so one's eyes don't bleed out reading it. Some variation here and there. But the key is you have individual standing to sue. You don't have to ask the free software conservancy or the linux foundation permission. And you should not rest on your rights. On 2017-07-29 13:09, to...@tuxteam.de wrote: On Sat, Jul 29, 2017 at 12:35:55PM +, ni...@redchan.it wrote: [...] haven't assigned your copyrights away then YOU OWN YOUR CONTRIBUTIONS. Uh, oh. Redchannel. While what you write is true (everyone should know by now that every contributor has a right to sue, Harald Welte's initiative wouldn't have been possible otherwise), I have the strong suspicion that you are here merely to stir the shit. Try to be constructive, instead of YELLING AROUND here. -- t
Re: Yes you have standing to sue GRSecurity.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, Jul 29, 2017 at 12:35:55PM +, ni...@redchan.it wrote: [...] > haven't assigned your copyrights away then YOU OWN YOUR > CONTRIBUTIONS. Uh, oh. Redchannel. While what you write is true (everyone should know by now that every contributor has a right to sue, Harald Welte's initiative wouldn't have been possible otherwise), I have the strong suspicion that you are here merely to stir the shit. Try to be constructive, instead of YELLING AROUND here. - -- t -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAll8iO8ACgkQBcgs9XrR2kZ6JwCeOCdUX9w6UlylYakoBLPQQkei sOwAn2c9cQKGT2m7+cNmPiWOEX6Cztz8 =k/KB -END PGP SIGNATURE-
Yes you have standing to sue GRSecurity.
It has come to my attention that some entities are claiming that you, dear Linux Hackers, (1)need to go through some foundation or get some permission from upon high in-order to sue the progenitors of GRSecurity for their violation of section 6 of the terms underwhich the linux kernel is distributed (version 2 of the GPL). And, furthermore, that (2)this foundation has no intention of bringing such a suit. (1) is false. (2) may very well be true. You do have standing to sue GRSecurity for their blatant continuing copyright violation if GRSecurity has made a derivative work of your code contribution to the Linux Kernel as-long as (a)you have not assigned your copyrights, and (b)you are not a work-for-hire. How do you know if you are a work for hire or if you have signed away your copyrights? If you are working for a company and as your job duties you are programming the linux kernel, there is a good chance that you are a work for hire and thus the company owns said copyrights. How do you know if you signed away your copyrights? Well if you singed a document transferring ownership of your copyrights for the code you produced at some point. If you are not working for a company while hacking linux and you haven't assigned your copyrights away then YOU OWN YOUR CONTRIBUTIONS. This means most of you hobby hackers, if GRSecurity has modified your code, YES YOU HAVE STANDING TO SUE. Yes your "betters" are lying to you. You have individual separate standing to sue. Yes you SHOULD consult a lawyer of your own. Yes you SHOULD consider a joint filing with other individual rights-holders willing to bring suit against GRSecurity for their blatant violation of your terms, and yes you should consider starting CLASS ACTION since the number of Linux Kernel Contributors seemingly numbers in the multitudes upon multitudes upon multitudes. And yes, I am an attorney. But no, I'm not looking for clients. Just correcting some false information that has been spreading. And yes, GRSecurity will try to claim that the linux-kernel is a work of Joint ownership (so as to shield themselves via procedural law) and yes they will try to claim fair use (probably de minimus), and yes your Lawyer will have to respond to these claims. The Joint ownership claim will go down quickly but it will have to be responded to. De minimus Fair Use depends on how much code is modified and how signifigant the modifications are. Don't let anyone but your own legal council dissuade you from bringing suit: Remember the statute of limitations is only a few years, so the clock is ticking on the CURRENT violation. Also make sure you register your copyright of the version of the linux-kernel that GRSecurity is using in its violation prior to bringing suit. The registration must be for the specific version. Yes you can register after the violation has occurred, however if you have registered before the violation then you can also pursue recovery of legal fees, pursue statutory damages, etc. ( NOTE: If you would like to read on how your copyright is being violated by GRSecurity, Bruce Perens posted a good write-up on his web-page ) ( perens.com/blog/2017/06/28/warning-grsecurity-potential-contributory-infringement-risk-for-customers/ ) ( There was also a discussion on the linux section of slashdot, and on the debian user mailing list, and on the dng devuan mailing list and on the openwall mailing list and the fedora legal mailing list )