[linux-elitists] Re: GPL Violations [was Re: Mobile Phone Choices]

Shlomi Fish shlomif@iglu.org.il
Thu Jul 27 11:08:17 PDT 2006


On Thursday 27 July 2006 18:18, Chase Venters wrote:
> (Mr. Fish was kind enough to point out that this list discards Cc'd
> messages, so this response will be arriving late).
>
> On Wednesday 26 July 2006 07:17, Shlomi Fish wrote:
> > There's a certain BSD developer I know, who is a mega-troll and tends to
> > be an "idiot" in a sense (despite being very intelligent), but I am
> > sometimes reaching some interesting insights from him[Fool]. In any case,
> > he claims that sites like gpl-violations.org are the "anti-thesis of
> > hacking", in which hackers instead of hacking on software, become lawyers
> > and prosecuters who attempt to prosecute, defame and harass people who
> > "violate" their open-source software. He said he's still waiting for the
> > bsd-violations.org site.
> >
> > I generally don't hold the view that the GPL is an evil licence or is not
> > free enough. It is possible that some problem domains necessisitate GPLed
> > or LGPLed code. However, one of the reasons that I've been using the
> > Public Domain for my work, and am using the MIT X11 licence now, is
> > because of the least-worrying principle: the more I allow people to
> > "abuse" my code, the less I am worried about it being abused. In fact the
> > COPYING file of my software, back when I still used the PD, used to read:
>
> I don't think things like the Linux kernel would be near what they are
> today without the protection of copyleft. I can't speak for IBM, SGI,
> Novell, Red Hat, Oracle, or any of the many other companies that feed
> serious developer hours into the kernel, but given that many of the named
> companies are competitors, I think some rules about how code is used are
> absolutely necessary.
>
> Why would SGI contribute a filesystem if IBM could 'steal it' for their
> proprietary products, and vice versa?

Well, hoping I'm not making a few false analogies here, but such cases 
occurred in the past:

1. X11 - 

http://catb.org/~esr/writings/cathedral-bazaar/magic-cauldron/ar01s11.html#id2825874

Digital Equipment Corp. funded the development of the BSD-licensed X11 system, 
in order to establish an open source standard to compete with proprietary 
graphics' systems like Sun's NeWS. It worked and now X11 is the de-facto 
standard on UNIX systems and many non-UNIX ones.

2. NFS -

This time Sun released the code for its Network File System under a BSD-style 
licence, and it ended up becoming the de-facto standard too. (While AT&T's 
RFS which was proprietary quickly became forgotten).

All these things put aside, there are several BSD-style projects that are very 
successful: Apache, X11, the various BSDs, Python, BIND, PostgreSQL, OpenSSL, 
etc. And a lot of commercial code out there is BSD-licensed. Most of these 
projects will reject copyleft code, but they still receive a lot of 
contributions from companies, who do not fear other people misappropriating 
their code.

>
> Contrast this to things that are BSD licensed (which is fairly close to
> public domain) - Apple builds XNU using pieces of FreeBSD, and then upon a
> move to the x86 platform, decides to stop releasing XNU sources. Grab and
> run. (That's not to say that Apple isn't a good citizen in some
> departments; they do have a lot of other open source activities).
>

OK, so this happened, so? FreeBSD is still alive and kicking. The original XNU 
(isn't it called Darwin?) code right before it was closed is also available. 
I should also note that a risk that you describe exists in a way for GPLed 
code as well. If all the developers (read the 1 or 2) of a GPLed project 
decide to only continue working on a proprietary fork, then the project may 
become abandoned. It actually happened with a certain proprietary project.

One advantage to BSD-style licence is that when the copyright holder changes, 
you are still not held ransom. See what happened with BDB and InnoDB in MySQL 
after Oracle bought both for example.[Oracle]

I should note that according to Joel Spolsky's "Strategy Letter V": 
http://www.joelonsoftware.com/articles/StrategyLetterV.html, it may be a good 
idea for a large software or hardware vendor to buy Troll Tech and make Qt 
BSD or at least LGPL. It may make Troll Tech less profitable, but will also 
make Qt, KDE, etc. more popular and closer to GNOME.

> > Several people told me what would I feel if someone took the code,
> > incorporated it into a commercial product or even modified and extended
> > it without releasing back contributions. What I said in this case is
> > something along the lines of "all the power to them." I'd rather have
> > such proprietary forks, which could prove to be a good inspiration (and I
> > have garnered some useful ideas from commercial equivalents to my
> > software, and heard that other people too), than make sure my licence
> > does not allow such forks, which in case it happens, there's little I can
> > do rather than feel disgruntled about the world and people at large.
>
> Some things are nice to have in the public domain (or close to it). And it
> is always the author (copyright holder)'s decision, of course...
>
> That said, I think there's a good reason why 70% or more of free software
> is released under the GPL. It's a license that really works.
>

That or the guys who release it believe it's the best licence out of various 
reasons (including ignorance and hype - "Aren't you going to make it 
GPLed???").

> > One thing the FSF got right and the gpl-violations.org got wrong is that
> > dealing with GPL violations should be done discretely, with respect to
> > the violator, without much publicity (at least not until the case is
> > resolved) and with as few negotiators as possible. (much less lawyers
> > involved). This is because GPL violations are often done innocently
> > because of ignorance or lack of knowledge due to the inherent complexity
> > of the GPL.[GPL Complexity]
>
> It's true that violations are often done unknowingly; but frankly, they
> need to be stopped. Just the other day I had to educate a potential
> employer that using GPL code in their closed and proprietary product was
> not going to be a successful strategy. They had no idea that the GPL
> brought in code sharing requirements.
>
> I'm finding that many businesses (irresponsibly) think that "open source"
> means public domain. And I'm one of a large percentage of people who
> wouldn't want to see free software contributions I was involved in or
> responsible for being assimilated into a proprietary product.
>

I realise there's such a problem. However, there's also a reverse problem. 
Some people believe that all open-source code is GPLed and viral, etc. One 
person I know said he'd rather not incorporate OpenSSL's code into his 
encryption product (for doing a certain task), because many vendors believe 
that it is "viral".

> So while it's not proper to portray GPL violators as evil bastards the
> moment a violation is discovered, companies need to be educated that GPL
> software is not the same thing as public domain.

Possibly right. But this should still be handled with respect, discreteness, 
and friendliness. With all due respect to the GPL, copyrights are not an 
inalienable, ethical right like life, property, or freedom. They're just a 
way to "promote the progress of Science and useful Arts". So it should be 
taken with proportion.

Here is an interview with the CEO of Ernie Ball, a manufacturer of Guitar 
Strings:

http://news.com.com/2008-1082_3-5065859.html

Quoting from the interview:

<<<
In 2000, the Business Software Alliance conducted a raid and subsequent audit 
at the San Luis Obispo, Calif.-based company that turned up a few dozen 
unlicensed copies of programs. Ball settled for $65,000, plus $35,000 in 
legal fees. But by then, the BSA, a trade group that helps enforce copyrights 
and licensing provisions for major business software makers, had put the 
company on the evening news and featured it in regional ads warning other 
businesses to monitor their software licenses.

Humiliated by the experience, Ball told his IT department he wanted Microsoft 
products out of his business within six months. "I said, 'I don't care if we 
have to buy 10,000 abacuses,'" recalled Ball, who recently addressed the 
LinuxWorld trade show. "We won't do business with someone who treats us 
poorly." 
>>>

So I don't think we should treat companies like this either. And from my 
understanding, that's what gpl-violations.org is trying to do.

>
> (As an aside, I have had a former employer ask me to evaluate a so-called
> 'GPL loophole' they had found on Google at one time; they wanted to escape
> a software vendor's dual-licensing scheme. This only confirmed my belief in
> the value of copyleft.)
>
> > A company values its good reputation a lot, and even if it violated the
> > GPL, we should not deprive it of it.
> >
> > According to ESR (IIRC, I cannot find it anymore on Google) the FOSS
> > hackers' ethics can be summarised as "Do and let do". Nevertheless, as
> > expected there's a lot of people who are trying to prevent people from
> > doing what they want to do. Such actions can be legal or
> > ethical[Ethical], but they're certainly immoral and undesirable. And a
> > restrictive licence is certainly very not "Do and let do"-ish.
> >
> > The "How to become a hacker" document (
> > http://catb.org/esr/faqs/hacker-howto.html ) says that "No problem should
> > ever have to be solved twice.":
> >
> > http://catb.org/esr/faqs/hacker-howto.html#believe2
> >
> > One can philosophise whether the GPL helps this or not, due to the fact
> > it discourages proprietary code, that often (but not always) have to be
> > re-implemented as free software. However, one thing we cannot deny is
> > that one has to think about whether making his software GPLed or LGPLed
> > is in fact a good idea in accordance to it.
>
> Not everyone sees eye to eye with ESR. Particularly when he boldly claims
> that the GPL is now useless:
>
> http://www.onlamp.com/pub/a/onlamp/2005/06/30/esr_interview.html
>

OK, I agree with Rick Moen that ESR had many good points in the article. 
However, I gave some arguments from ESR (which I fully agreed with) for 
support, not because I believe that what ESR says is always right. This is 
the Ad-hominem fallacy:

http://www.nizkor.org/features/fallacies/ad-hominem.html

> Perhaps what we're doing isn't just hacking, but science? Science works
> better when it always stays open. The GPL doesn't get in the way at all
> unless you want to close things up.

Well, Paul Graham discusses why he dislikes calling hacking "Computer Science" 
and what is Computer "Science" exactly here:

http://www.paulgraham.com/hp.html

I disagree with him that I'd rather see CS/SE/Programming/Algorithmics/etc. 
fragmented any further (Science is fragmented and specialised enough as it 
is[Fragment]), but I agree that hackers do not do "science" per-ce. In every 
field, there are engineers, technicians, researchers, scientists, managers, 
etc. and software hackers are certainly not scientists all the time.

>
> I think SCO v. IBM is a great example of why it's a good thing that we have
> a set of common laws regarding our software. There are plenty of predators
> out there.
>
> Finally, I'd like to point out that while some might find the GPL
> 'complex', it's actually written in clear, easy-to-understand terms.
> Compare that to your latest Microsoft EULA.
>

I realise the MS EULA is much more complex than the GPL (and in most regards, 
more restrictive.) Nevertheless, the GPL is still much more complex and 
harder to understand than a Public Domain licence, or even the SleepyCat 
licence, which is GPL-like, but simpler (allows proprietary sourceware to 
link against it.).

For me, the GPL was kind of the Perl of FOSS licences. It took me a lot of 
time to understand it, and I kept learning newer things and newer subtelties.

Regards,

	Shlomi Fish

[Oracle] - There were a few theories that claimed that Oracle did it on 
purpose to "kill" MySQL. I'm not sure this is the case. It could be that they 
decided that they want the profits of SleepyCat. Or they could simply want a 
share of all MySQL sales. I didn't read Larry Ellison's mind, but there were 
many good reasons, and I have little serious management experience.

[Fragment] - see:

http://www.neo-tech.com/neotech/zero/part5.html

Search for "In regard to the second substrategy of training the bright to 
become specialized scholars,"

---------------------------------------------------------------------
Shlomi Fish      shlomif@iglu.org.il
Homepage:        http://www.shlomifish.org/

Chuck Norris wrote a complete Perl 6 implementation in a day but then
destroyed all evidence with his bare hands, so no one will know his secrets.



More information about the linux-elitists mailing list