Re: The linux devs can rescind their license grant.
On Thu, Oct 25, 2018 at 07:56:26AM +, visionsofal...@redchan.it wrote: > The linux devs can rescind their license grant. Greg KH responded on Thu, 25 Oct 2018 09:19:11 +0100: >> No they can not, please do not keep spreading false information. I was explicitly cc'ed on this thread by visionsofalice. I've read the whole thread, and the only useful thing I can contribute here is to agree with Greg and additionally provide some backup research on the point: https://sfconservancy.org/news/2018/sep/26/GPLv2-irrevocability/ Software Freedom Conservancy engaged our legal counsel to write a new section for the Copyleft Guide that further explains the irrevocability of GPLv2. We published this when others raised these specious claims back in September. Direct link to new section: https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x11-540007.4 HTH, -- Bradley M. Kuhn Distinguished Technologist of Software Freedom Conservancy Become a Conservancy Supporter today: https://sfconservancy.org/supporter
Re: The linux devs can rescind their license grant.
On Thu, Oct 25, 2018 at 07:56:26AM +, visionsofal...@redchan.it wrote: > The linux devs can rescind their license grant. Greg KH responded on Thu, 25 Oct 2018 09:19:11 +0100: >> No they can not, please do not keep spreading false information. I was explicitly cc'ed on this thread by visionsofalice. I've read the whole thread, and the only useful thing I can contribute here is to agree with Greg and additionally provide some backup research on the point: https://sfconservancy.org/news/2018/sep/26/GPLv2-irrevocability/ Software Freedom Conservancy engaged our legal counsel to write a new section for the Copyleft Guide that further explains the irrevocability of GPLv2. We published this when others raised these specious claims back in September. Direct link to new section: https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x11-540007.4 HTH, -- Bradley M. Kuhn Distinguished Technologist of Software Freedom Conservancy Become a Conservancy Supporter today: https://sfconservancy.org/supporter
Re: [GIT PULL] Documentation: Add a file explaining the requested Linux kernel license enforcement policy
> On Thu, Oct 19, 2017 at 06:28:12PM +0300, Pavel Nikulin wrote: > Modification of GPL V2 terms are explicitly disallowed. Greg KH replied at 03:29 (US/Eastern) on Friday: >> Again, we are not modifying the license, so all should be fine I agree with Greg; the Linux Kernel Enforcement Statement does not change the license of Linux as a whole, and it does not modify the GPLv2. Pavel Nikulin wrote at 11:28 (US/Eastern) on Thursday: > Greg, are you trying to put a new addendum to the terms of GPL v2? ... Pavel Nikulin wrote further at 15:16 (US/Eastern) today: > If you say that your lawyers have comprehensively researched that, > I can't say they did a good job. Almost every line sounds close to > being a contractual agreement. ... > And even this last phrase does not states explicitly that the nature of > the document as non-legally binding. ... > Moreover, you put "additional permissions under our license" wording > there, Certainly this issue is complicated. https://sfconservancy.org/blog/2017/oct/20/additional-permissions/ might help. I decided yesterday to write a blog post digging deep into the weeds on this, for those interested. -- Bradley M. Kuhn Distinguished Technologist of Software Freedom Conservancy Become a Conservancy Supporter today: https://sfconservancy.org/supporter
Re: [GIT PULL] Documentation: Add a file explaining the requested Linux kernel license enforcement policy
> On Thu, Oct 19, 2017 at 06:28:12PM +0300, Pavel Nikulin wrote: > Modification of GPL V2 terms are explicitly disallowed. Greg KH replied at 03:29 (US/Eastern) on Friday: >> Again, we are not modifying the license, so all should be fine I agree with Greg; the Linux Kernel Enforcement Statement does not change the license of Linux as a whole, and it does not modify the GPLv2. Pavel Nikulin wrote at 11:28 (US/Eastern) on Thursday: > Greg, are you trying to put a new addendum to the terms of GPL v2? ... Pavel Nikulin wrote further at 15:16 (US/Eastern) today: > If you say that your lawyers have comprehensively researched that, > I can't say they did a good job. Almost every line sounds close to > being a contractual agreement. ... > And even this last phrase does not states explicitly that the nature of > the document as non-legally binding. ... > Moreover, you put "additional permissions under our license" wording > there, Certainly this issue is complicated. https://sfconservancy.org/blog/2017/oct/20/additional-permissions/ might help. I decided yesterday to write a blog post digging deep into the weeds on this, for those interested. -- Bradley M. Kuhn Distinguished Technologist of Software Freedom Conservancy Become a Conservancy Supporter today: https://sfconservancy.org/supporter
Re: [GIT PULL] Documentation: Add a file explaining the requested Linux kernel license enforcement policy
I want to thank everyone who has spent years putting together this Linux Kernel Enforcement Statement. Conservancy issued a public thank-you today: https://sfconservancy.org/news/2017/oct/16/linux-kernel-enforcement-statement/ Greg wrote: > What? I thought I did in my blog post! Ugh, you are right, it's not > there, my fault, it was in an earlier draft, I swear, sorry about that, No problem! Here's the stable URL for that link when you add it: https://sfconservancy.org/copyleft-compliance/principles.html When Conservancy released those Principles of Community-Oriented GPL Enforcement, we asked for the copyleft-using community (in general) and the Linux community (in particular) to join us in discussing it and looking for ways to adopt those Principles in everyday work. I'm thus really glad to see this great outcome! The additional permission in Greg's proposed patch is an excellent way to begin incorporation of those Principles into Linux's license officially, via an opt-in exception for copyright holders. Conservancy plans this week to officially sign it for the Linux copyrights that have been assigned to us. I also would like to invite everyone to the mailing list created specifically for this subject, at https://lists.sfconservancy.org/mailman/listinfo/principles-discuss . Folks should feel free to Cc that list with this thread, and/or (if the discussion becomes OT for LKML) start a new thread there. Greg, finally, I noticed you had some links to resources about compliance in your blog post. Your readers may also be interested in FSF and Conservancy's Copyleft Guide, which is at https://copyleft.org/guide/. A direct link to the chapters on GPL compliance are: https://copyleft.org/guide/comprehensive-gpl-guidepa2.html#x17-116000II https://copyleft.org/guide/comprehensive-gpl-guidepa3.html#x26-152000III I think the latter (the case studies) are particularly useful and my talk on the most recent case study was well-received at Embedded Linux Conference 2015. -- Bradley M. Kuhn Distinguished Technologist of Software Freedom Conservancy Become a Conservancy Supporter today: https://sfconservancy.org/supporter
Re: [GIT PULL] Documentation: Add a file explaining the requested Linux kernel license enforcement policy
I want to thank everyone who has spent years putting together this Linux Kernel Enforcement Statement. Conservancy issued a public thank-you today: https://sfconservancy.org/news/2017/oct/16/linux-kernel-enforcement-statement/ Greg wrote: > What? I thought I did in my blog post! Ugh, you are right, it's not > there, my fault, it was in an earlier draft, I swear, sorry about that, No problem! Here's the stable URL for that link when you add it: https://sfconservancy.org/copyleft-compliance/principles.html When Conservancy released those Principles of Community-Oriented GPL Enforcement, we asked for the copyleft-using community (in general) and the Linux community (in particular) to join us in discussing it and looking for ways to adopt those Principles in everyday work. I'm thus really glad to see this great outcome! The additional permission in Greg's proposed patch is an excellent way to begin incorporation of those Principles into Linux's license officially, via an opt-in exception for copyright holders. Conservancy plans this week to officially sign it for the Linux copyrights that have been assigned to us. I also would like to invite everyone to the mailing list created specifically for this subject, at https://lists.sfconservancy.org/mailman/listinfo/principles-discuss . Folks should feel free to Cc that list with this thread, and/or (if the discussion becomes OT for LKML) start a new thread there. Greg, finally, I noticed you had some links to resources about compliance in your blog post. Your readers may also be interested in FSF and Conservancy's Copyleft Guide, which is at https://copyleft.org/guide/. A direct link to the chapters on GPL compliance are: https://copyleft.org/guide/comprehensive-gpl-guidepa2.html#x17-116000II https://copyleft.org/guide/comprehensive-gpl-guidepa3.html#x26-152000III I think the latter (the case studies) are particularly useful and my talk on the most recent case study was well-received at Embedded Linux Conference 2015. -- Bradley M. Kuhn Distinguished Technologist of Software Freedom Conservancy Become a Conservancy Supporter today: https://sfconservancy.org/supporter
Re: An example of prideful GPL violators who do their violating out in the open
Eric Appleman wrote a few days ago: > https://plus.google.com/115556873499158641618/posts/KwG8uhU5DGk > https://plus.google.com/102371604344319409727/posts/CSNGXqxzxf4 > https://plus.google.com/115556873499158641618/posts/ZegjCZ3FyDE > I bet you've never seen such open hostility towards the GPL and its > enforcement. Actually, in my nearly 15 years of GPL enforcement, I've seen much worse said about the GPL and its enforcement from much more eloquent and knowledgeable folks. In the whole vast configuration of things, Goodman's attacks on GPL are quite juvenile. There are currently thousands of ongoing GPL violations impacting millions of users. How many users are being impacted by Goodman's violation? It can't be more than hundreds, and probably not more than dozens. As a triage matter, my analysis of this hasn't changed since the last time we discussed it, but I'm open-minded to reconsider if any Linux copyright holders would like the GPL Compliance Project for Linux Developers to do prioritize this violation. They know how to reach me. -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy (home of BusyBox, Samba, and the GPL Compliance Project for Linux Developers) -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: An example of prideful GPL violators who do their violating out in the open
Eric Appleman wrote a few days ago: https://plus.google.com/115556873499158641618/posts/KwG8uhU5DGk https://plus.google.com/102371604344319409727/posts/CSNGXqxzxf4 https://plus.google.com/115556873499158641618/posts/ZegjCZ3FyDE I bet you've never seen such open hostility towards the GPL and its enforcement. Actually, in my nearly 15 years of GPL enforcement, I've seen much worse said about the GPL and its enforcement from much more eloquent and knowledgeable folks. In the whole vast configuration of things, Goodman's attacks on GPL are quite juvenile. There are currently thousands of ongoing GPL violations impacting millions of users. How many users are being impacted by Goodman's violation? It can't be more than hundreds, and probably not more than dozens. As a triage matter, my analysis of this hasn't changed since the last time we discussed it, but I'm open-minded to reconsider if any Linux copyright holders would like the GPL Compliance Project for Linux Developers to do prioritize this violation. They know how to reach me. -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy (home of BusyBox, Samba, and the GPL Compliance Project for Linux Developers) -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: scsi target, likely GPL violation
Lawrence Rosen wrote at 17:13 (EST) on Sunday: > First, I hope that we can tone down the arguments about whether the > use of Linux APIs and headers automatically turns a program into a > derivative work of Linux. I think that argument has been largely > debunked in the U.S. in the recent decision in Oracle v. Google, and > in Europe in SAS v. World Programming. Does anyone here question > whether the original work that RTS contributed to Linux (and that *is* > under the GPL) is an original work of authorship of RTS despite the > fact that it links to other GPL code using headers and APIs? My point remains that most of us simply don't have enough facts to know at this point what case law applies to the situation. Andy is seeking facts to determine if a violation occurred, and I hope he gets them. As I said in my previous email at 10:15 (EST) on Sunday: >> lawyers disagree, and will often just take the position their client >> wants them to take ... I realize fully, Larry, that you're taking the position of your client, whom you've identified as Rising Tide Systems. Meanwhile, obviously, I know many lawyers who disagree with your widely known interpretation of the implications of the two cases you mention. I'd suspect that most lawyers looking at this situation would probably agree with me that the facts aren't fully known enough to make an assessment about the derivative nature of any code involved (other that the code that Rising Tide Systems pushed upstream already). While the facts regarding other code are presumably fully known to you, Larry, because you have extra information under attorney-client privilege from your client Rising Tide Systems, no one else can make an independent evaluation of the facts yet. I therefore suggest that Andy be permitted to continue seeking facts on this question without being squelched, and we see what the facts bear out. If some copyright holders believe a violation has occurred, provided the facts can be ascertained (which might prove difficult, given the political climate this thread has created), I'm sure those copyright holders will take up the matter at that point. > Second, we are grateful for the efforts that Bradley Kuhn and others > put in to enforce the GPL. Thank you. > So Brad[ley], we may solicit your assistance if we find any third > party who is distributing an unauthorized non-GPL derivative work of > the scsi target now in Linux. Conservancy is a 501(c)(3) charity in the USA and is thus not able to engage in copyright enforcement action on behalf of for-profit companies like Rising Tide Systems. However, individual copyright holders who wish to put their copyrights forward as part of the coalition described in Conservancy's May announcement at http://sfconservancy.org/news/2012/may/29/compliance/ are welcome to do so, provided those copyright holders agree in writing that their copyrights will only be enforced to advance the public's access to Free Software. (Details of that can be discussed in private email; feel free to contact me if you're an individual copyright holder in Linux and interested in discussing it.) Larry, Conservancy *could* accept a charitable donation of copyright assignment to Conservancy if Rising Tide Systems wishes to do that. Feel free to contact my privately if your client is interested in that. > RTS, of course, retains the exclusive right to do so, but no third > party can do so without a license from RTS. I'm sure you agree that Rising Tide Systems has already granted a license under GPLv2 for their contributions to Linux, so parties redistributing the derivatives of their code that are part of upstream Linux already have a license under GPLv2 for that specific code. > P.S. In accordance with my obligations as an attorney when > communicating with a represented person, I am copying attorneys for > Red Hat and Linux Foundation on this email. This inclusion seems a bit more than necessary to me, but I'm always happy to have Karen Copenhaver's and Richard Fontana's input on any situation where they're willing to opine. :) -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: scsi target, likely GPL violation
Lawrence Rosen wrote at 17:13 (EST) on Sunday: First, I hope that we can tone down the arguments about whether the use of Linux APIs and headers automatically turns a program into a derivative work of Linux. I think that argument has been largely debunked in the U.S. in the recent decision in Oracle v. Google, and in Europe in SAS v. World Programming. Does anyone here question whether the original work that RTS contributed to Linux (and that *is* under the GPL) is an original work of authorship of RTS despite the fact that it links to other GPL code using headers and APIs? My point remains that most of us simply don't have enough facts to know at this point what case law applies to the situation. Andy is seeking facts to determine if a violation occurred, and I hope he gets them. As I said in my previous email at 10:15 (EST) on Sunday: lawyers disagree, and will often just take the position their client wants them to take ... I realize fully, Larry, that you're taking the position of your client, whom you've identified as Rising Tide Systems. Meanwhile, obviously, I know many lawyers who disagree with your widely known interpretation of the implications of the two cases you mention. I'd suspect that most lawyers looking at this situation would probably agree with me that the facts aren't fully known enough to make an assessment about the derivative nature of any code involved (other that the code that Rising Tide Systems pushed upstream already). While the facts regarding other code are presumably fully known to you, Larry, because you have extra information under attorney-client privilege from your client Rising Tide Systems, no one else can make an independent evaluation of the facts yet. I therefore suggest that Andy be permitted to continue seeking facts on this question without being squelched, and we see what the facts bear out. If some copyright holders believe a violation has occurred, provided the facts can be ascertained (which might prove difficult, given the political climate this thread has created), I'm sure those copyright holders will take up the matter at that point. Second, we are grateful for the efforts that Bradley Kuhn and others put in to enforce the GPL. Thank you. So Brad[ley], we may solicit your assistance if we find any third party who is distributing an unauthorized non-GPL derivative work of the scsi target now in Linux. Conservancy is a 501(c)(3) charity in the USA and is thus not able to engage in copyright enforcement action on behalf of for-profit companies like Rising Tide Systems. However, individual copyright holders who wish to put their copyrights forward as part of the coalition described in Conservancy's May announcement at http://sfconservancy.org/news/2012/may/29/compliance/ are welcome to do so, provided those copyright holders agree in writing that their copyrights will only be enforced to advance the public's access to Free Software. (Details of that can be discussed in private email; feel free to contact me if you're an individual copyright holder in Linux and interested in discussing it.) Larry, Conservancy *could* accept a charitable donation of copyright assignment to Conservancy if Rising Tide Systems wishes to do that. Feel free to contact my privately if your client is interested in that. RTS, of course, retains the exclusive right to do so, but no third party can do so without a license from RTS. I'm sure you agree that Rising Tide Systems has already granted a license under GPLv2 for their contributions to Linux, so parties redistributing the derivatives of their code that are part of upstream Linux already have a license under GPLv2 for that specific code. P.S. In accordance with my obligations as an attorney when communicating with a represented person, I am copying attorneys for Red Hat and Linux Foundation on this email. This inclusion seems a bit more than necessary to me, but I'm always happy to have Karen Copenhaver's and Richard Fontana's input on any situation where they're willing to opine. :) -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: scsi target, likely GPL violation
> On Sun, Nov 11, 2012 at 09:34:16AM +, James Bottomley wrote: >> Anybody who does enforcement will tell you that you begin with first >> hand proof of a violation. That means obtain the product and make >> sure it's been modified and that a request for corresponding source >> fails. I agree with James that the text quoted above is generally good advice. However, sometimes, it's very difficult to follow this advice. In such cases, it's worth raising the issue directly with the company to learn the facts. The discussion thread here indicates there's a very good chance that this situation was one of the times when such was necessary. Thus, Andy's actions seem pretty reasonable to me given the facts that seemed to be before him when he wrote his first email earlier this week. Theodore Ts'o wrote at 08:05 (EST): > this is a generalized statement and not one where I have attempted to > apply the facts to the law --- that requires the expertise of a > lawyer, and please let's not play lawyer on LKML I agree fully with that. IANAL either. :) I'd add, though, that lawyers aren't magicians -- they simply have an area of expertise and it's worth seeking a copyright law specialist in matters related to copyright. But, such lawyers don't necessarily know better how the GPL works simply because they passed a bar exam; I'm sure no bar exam that has questions about the GPL. For example, many copyright law experts understand how copyright law works with regard to music but are lost when it comes to applying it to software. Also, lawyers disagree, and will often just take the position their client wants them to take even if it's asinine and unsupported by the law. I've seen it happen many times. > [I]t *is* possible for the copyright owner to license the code under > more than once license. ... > The bottom line is that copyright licensing can get *complicated* I think the second sentence I've quoted above is the most salient. While Ted's right that it *is* theoretically possible for a copyright holder to release code under more than one license, that copyright holder may however be confined to a single license choice due to the fact that his/her work is derivative of another work. The detailed facts of a given situation, plus the license text in GPLv2§2¶2-3 and GPLv2§7, all become very important in such situations. In short, the details always matter in such situations, and it's IMO impossible to generalize beyond that. > and so before you start flinging about accusations, one would be wise > to be 100% sure of the facts. Andy's initial email ended with the request: "Please explain." Thus, Andy's email seemed designed to seek facts, which I think is a reasonable and good thing to do here. Meanwhile, the facts *still* aren't clear here yet. James wrote: >> [I'd like to see] a genuine public apology for the libel... >> Because any further discussion of unsubstantiated allegations of this >> nature exposes us all to jeopardy of legal sanction. That's a gross overstatement. I've seen nothing on this thread that IMO puts anyone on the hook for libel or legal sanctions. Can you show us the statue that you believe was violated here? -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: scsi target, likely GPL violation
On Sun, Nov 11, 2012 at 09:34:16AM +, James Bottomley wrote: Anybody who does enforcement will tell you that you begin with first hand proof of a violation. That means obtain the product and make sure it's been modified and that a request for corresponding source fails. I agree with James that the text quoted above is generally good advice. However, sometimes, it's very difficult to follow this advice. In such cases, it's worth raising the issue directly with the company to learn the facts. The discussion thread here indicates there's a very good chance that this situation was one of the times when such was necessary. Thus, Andy's actions seem pretty reasonable to me given the facts that seemed to be before him when he wrote his first email earlier this week. Theodore Ts'o wrote at 08:05 (EST): this is a generalized statement and not one where I have attempted to apply the facts to the law --- that requires the expertise of a lawyer, and please let's not play lawyer on LKML I agree fully with that. IANAL either. :) I'd add, though, that lawyers aren't magicians -- they simply have an area of expertise and it's worth seeking a copyright law specialist in matters related to copyright. But, such lawyers don't necessarily know better how the GPL works simply because they passed a bar exam; I'm sure no bar exam that has questions about the GPL. For example, many copyright law experts understand how copyright law works with regard to music but are lost when it comes to applying it to software. Also, lawyers disagree, and will often just take the position their client wants them to take even if it's asinine and unsupported by the law. I've seen it happen many times. [I]t *is* possible for the copyright owner to license the code under more than once license. ... The bottom line is that copyright licensing can get *complicated* I think the second sentence I've quoted above is the most salient. While Ted's right that it *is* theoretically possible for a copyright holder to release code under more than one license, that copyright holder may however be confined to a single license choice due to the fact that his/her work is derivative of another work. The detailed facts of a given situation, plus the license text in GPLv2§2¶2-3 and GPLv2§7, all become very important in such situations. In short, the details always matter in such situations, and it's IMO impossible to generalize beyond that. and so before you start flinging about accusations, one would be wise to be 100% sure of the facts. Andy's initial email ended with the request: Please explain. Thus, Andy's email seemed designed to seek facts, which I think is a reasonable and good thing to do here. Meanwhile, the facts *still* aren't clear here yet. James wrote: [I'd like to see] a genuine public apology for the libel... Because any further discussion of unsubstantiated allegations of this nature exposes us all to jeopardy of legal sanction. That's a gross overstatement. I've seen nothing on this thread that IMO puts anyone on the hook for libel or legal sanctions. Can you show us the statue that you believe was violated here? -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: scsi target, likely GPL violation
This thread is certainly fascinating. As someone who has enforced the GPL for over a decade, and who coordinates a coalition of Linux developers who do GPL enforcement, I am very concerned about any accusation of GPL violation, and I hope that this situation can be resolved reasonably and swiftly. While I usually encourage private discussion about GPL violations -- at least to start -- I've also often found it's nearly impossible to maintain perfect secrecy about alleged GPL violations; openness and public discussions are the standard manner of group communication in the Free Software community. I hope that Rising Tide Systems and its agents are cognizant of this nature of the Free Software community. Furthermore, now that the discussion is public anyway, I hope Rising Tide Systems and its agents will welcome it and avoid any further actions to squelch such discussion. I suggest, though, that perhaps one of the mailing lists that Harlad Welte runs for his GPL Violations Project (such as http://lists.gpl-violations.org/mailman/listinfo/legal/ ) might be a better forum for this thread, rather than the technical discussion mailing lists for Linux and the subsystems in question. Meanwhile, I don't have too much to comment on in detail on this thread publicly at this time, but I do have a few points below: Nicholas Bellinger wrote at 21:08 (EST) on Thursday: > A substantial fraction of the code of which we own the sole copyright > was certified by BlackDuck Software as early as in 2007. Often in my work enforcing the GPL, companies have unsuccessfully proposed a Blackduck review as a defense of copyright infringement. I don't think Blackduck's system does anything to determine whether or not something is a derivative work under copyright law and/or whether a violation of GPL has occurred. Indeed, I know of no algorithmic way to make such determinations, and I'm quite sure they're undecidable problems (in the computability theory sense). To my knowledge, Blackduck's proprietary tool is merely an scanning tool examining source code for copyright header information and to pattern-match against other codebases in Blackduck's private database. (Although, since Blackduck's software is proprietary, trade-secret software, it's impossible to know for sure what it actually does, but we can be sure it doesn't solve any problems that are known to be unsolvable.) Thus, citing a Blackduck certification is simply off-point in refuting an accusation of any form of copyright infringement. Blackduck's software might be able to tell you if you *have* plagiarized someone's source code that appears in their databases, but they can't possibly tell you that you haven't infringed any copyrights. I'm quite sure Blackduck doesn't give away certification on the latter point. > So..., Andy, please start behaving properly ... [you aren't] be[ing] > ... professional in ... communications about licensing compliance > matters, I don't think it's reasonable to chastise Andy for raising these questions. While I personally (and Conservancy as an organization) don't usually raise accusations of GPL violations publicly until other methods of private communication are attempted, I believe public discussion is an important component of GPL compliance. Thus, Andy's strategy of discussing it publicly early in the process -- while not my preferred strategy -- is still a reasonable one. His attempt to raise these serious and legitimate concerns and questions is in no way unprofessional, nor should it be squelched. -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: scsi target, likely GPL violation
This thread is certainly fascinating. As someone who has enforced the GPL for over a decade, and who coordinates a coalition of Linux developers who do GPL enforcement, I am very concerned about any accusation of GPL violation, and I hope that this situation can be resolved reasonably and swiftly. While I usually encourage private discussion about GPL violations -- at least to start -- I've also often found it's nearly impossible to maintain perfect secrecy about alleged GPL violations; openness and public discussions are the standard manner of group communication in the Free Software community. I hope that Rising Tide Systems and its agents are cognizant of this nature of the Free Software community. Furthermore, now that the discussion is public anyway, I hope Rising Tide Systems and its agents will welcome it and avoid any further actions to squelch such discussion. I suggest, though, that perhaps one of the mailing lists that Harlad Welte runs for his GPL Violations Project (such as http://lists.gpl-violations.org/mailman/listinfo/legal/ ) might be a better forum for this thread, rather than the technical discussion mailing lists for Linux and the subsystems in question. Meanwhile, I don't have too much to comment on in detail on this thread publicly at this time, but I do have a few points below: Nicholas Bellinger wrote at 21:08 (EST) on Thursday: A substantial fraction of the code of which we own the sole copyright was certified by BlackDuck Software as early as in 2007. Often in my work enforcing the GPL, companies have unsuccessfully proposed a Blackduck review as a defense of copyright infringement. I don't think Blackduck's system does anything to determine whether or not something is a derivative work under copyright law and/or whether a violation of GPL has occurred. Indeed, I know of no algorithmic way to make such determinations, and I'm quite sure they're undecidable problems (in the computability theory sense). To my knowledge, Blackduck's proprietary tool is merely an scanning tool examining source code for copyright header information and to pattern-match against other codebases in Blackduck's private database. (Although, since Blackduck's software is proprietary, trade-secret software, it's impossible to know for sure what it actually does, but we can be sure it doesn't solve any problems that are known to be unsolvable.) Thus, citing a Blackduck certification is simply off-point in refuting an accusation of any form of copyright infringement. Blackduck's software might be able to tell you if you *have* plagiarized someone's source code that appears in their databases, but they can't possibly tell you that you haven't infringed any copyrights. I'm quite sure Blackduck doesn't give away certification on the latter point. So..., Andy, please start behaving properly ... [you aren't] be[ing] ... professional in ... communications about licensing compliance matters, I don't think it's reasonable to chastise Andy for raising these questions. While I personally (and Conservancy as an organization) don't usually raise accusations of GPL violations publicly until other methods of private communication are attempted, I believe public discussion is an important component of GPL compliance. Thus, Andy's strategy of discussing it publicly early in the process -- while not my preferred strategy -- is still a reasonable one. His attempt to raise these serious and legitimate concerns and questions is in no way unprofessional, nor should it be squelched. -- Bradley M. Kuhn, Executive Director, Software Freedom Conservancy -- To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
