LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

LWN Weekly Edition

Front page
Security
Kernel development
Distributions
Development
Linux in Business
Linux in the news
Announcements
Letters to the editor
->One big page

 

This page

Previous week
Following week

Recent Features

LWN.net Weekly Edition for December 4, 2008

KSM runs into patent trouble

Tux3: the other next-generation filesystem

LWN.net Weekly Edition for November 27, 2008

LWN.net Weekly Edition for November 20, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Letters to the editor

software and warranties

From:	 "Krishna E. Bera" <keb@cyblings.on.ca>
To:	 lwn@lwn.net
Subject: software and warranties
Date:	 Fri, 24 May 2002 16:08:05 +0500

Re: http://www.lwn.net/2002/0523/

Under the Free Software model, software is not a product, it is a service.
That is, Free Software creators are continuously and incrementally adapting
the existing knowledge and code base for clients' needs.  Therefore, the
kind of liability laws used by lawyers and doctors would be applicable,
rather than those used by consumer products.

Closed source and proprietary software most closely resembles a black box 
product as you said.

It's a more difficult question how open source proprietary software, such as 
Sun's Java, should be treated.  Having the source and not being allowed to 
modify or release changes seems a lot like a "no user serviceable parts 
inside" kind of label, which implies manufacturer product liability.  On the 
other hand, who is to blame when people follow instructions in, say, 
Chilton's Auto Repair guides and get hurt?

Cheers,
Krishna E. Bera
Consultant, Cybling Systems
Ottawa, Canada

Comments (1 posted)

Software liability

From:	 Duncan Simpson <dps@io.stargate.co.uk>
To:	 letters@lwn.net
Subject: Software liability
Date:	 Thu, 30 May 2002 17:58:31 +0100


Surely the simplest solution for liability is simpler: if you sell the software
you are liable and if not then you can hide behind a disclaimer. Any attempts
to sell software and hide behind a disclaimer would be legally null and void or
simply illegal, with stiff penalties for contravention.

The latter would probably face significant restistance---at present claims that
something sold is not subject to a warranty are just legally null and void.
AFAIK nobody has tried to sue a softwrae manufatcurer on this basis yet,
possibly becuase of the vast sums that would be required to avoid losing by
default when a well funded vendor spins the process out as much as possible.

This is in line with my understanding of existing consumer protection laws. It
should be possible to claim that you are not selling the software if I can buy
one copy, install and use it on an infinte nummber of machines and lend my copy
to anybody else and allow them to do the same.

I am sure RH, SuSe, etc could live with that kind of redsitributability and
suspect the GPL requires them to allow this anyway (modulo the non-free items
merely aggegrated on the same media). I suspect all the commercial software
vendors could not accept these conditions and therefore be forced to sell their
software and thereby be liable for it's security, and hopefully merchantability
and so forth too.

If problems do come to light then vendors should be able to rectify this by
releasing a patch for no charge and notifying their customers, after which
their liability for that particular problem would cease. This might make
security patches avialable sooner because assuming that only 1% of your
customers are affected and therefore the bug does not maytter would become
unsafe. If that 1% might be able to sue you for $100 million+ actual damages
you might not be willing to take that risk.
-- 
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."

Comments (2 posted)

The war requires closed source?

From:	 James Crouchet <crouchet@sd.is.irs.gov>
To:	 letters@lwn.net
Subject: The war requires closed source?
Date:	 Tue, 28 May 2002 11:16:46 -0500

Dear LWN,

Reading through this week's front page I was struck by this pair of 
statements:

"The national security of the United States, it would seem, is dependent 
on the continued security-through-obscurity of closed source code.

Of course, there is no way, really, to know if that claim is true or 
not. The code is closed, so we will never know where the problems might 
be until somebody breaks it."

What bothers me is that this accepts Microsoft's Big Lie(tm) to 
concentrate on the small lies. The big lie is that by hiding the source 
code one can hide the workings of a program. The truth is that, at best, 
this approach will deter those of small technical ability or who lack 
determination. For those with more savvy and determination the binaries 
themselves can be analyzed and disassembled. Perhaps even decomplied. 
While it would be daunting to consider such a process for all the code 
in Windows, that is also unnecessary. One need only target the specific 
parts one wishes to break. None of of these are new ideas.

The only effective barrier that closed source builds is legal and foes 
such as crackers, foreign agents and terrorists care nothing about 
whether they might be violating Microsoft's copyright; they have already 
determined to violate much more serious laws.

I urge you to keep Microsoft's claims in perspective and refuse to 
accept their Big Lies(tm)

James Crouchet

Comments (none posted)

GNU/LINUX and RMS

From:	 "Anand Srivastava" <Anand.Srivastava@ascom.ch>
To:	 rms@gnu.org
Subject: GNU/LINUX and RMS
Date:	 Thu, 23 May 2002 09:42:32 +0200
Cc:	 letters@lwn.net

Dear Mr. Stallman,

Reading the letters at lwn today I realised, a basic problem with
your request of calling Linux GNU/Linux. 

Linux is agnostic to the debate of free or commercial software. People
developing Linux do not in general care about whether a software is 
free or not, as exemplified by the Bitkeeper case. If it works they will 
use it. But they are together in that they would use GPL license to 
develop their software because that protects their rights better. 
I believe that is the thinking of the majority of the Linux developers. 
So Linux will end up in free distributions as well as commercial
distributions. In fact the only free distribution that I can think of is
Debian, which already uses the GNU/Linux name.

Calling Linux would associate the name GNU/Linux with all the
commercial distributions as well, with non-free software. Do you
really want GNU name associated with commercial software.

I think its better that GNU/Linux name is only associated with the
Debian distribution. I wouldn't want its significance diluted by it
being used with commercial software.

thanks,
-anand

Comments (3 posted)

Re: it's not GNU/Linux; it's GNU

From:	 Steven Bosscher <s.bosscher@student.tudelft.nl>
To:	 Richard Stallman <rms@gnu.org>
Subject: Subject: Re: it's not GNU/Linux; it's GNU
Date:	 23 May 2002 11:33:43 +0200
Cc:	 letters@lwn.net

GNU/Linux? *sigh* Here we go again...

You know what? How about using the acronym LINU-X from now on, to refer
to the system Linux^WGNU/Linux?

LINU-X: Linu Is Not Unix with X. A perfect mix of Linux/GNU, I would
say. Not a complete GNU system, not a complete Linux system, something
in between. And it also emphasizes another major compoment of the
system: the X window system, which is not part of GNU but should also
get its credits, at least if we apply your reasoning for GNU/Linux to X
as well.

But hey, what's a system without a decent desktop these days? Now this
is interesting, because what would happen if somebody uses KDE? KDE is
not linux, it's not X, and it most certainly is not GNU, either. So
should we call the system LINU-X/KDE? And if somebody want to use an
office suite with that, say OpenOffice? LINU-X/KDE/OpenOffice! And a
system without a browser isn't of much use these days, either. Now I
don't like Konq, so I use Mozilla. LINU-X/KDE/OpenOffice/Mozilla!!!

But then all of a sudden you don't agree!?
> Reductio ad absurdum says that it should be
> GNU/BSD/TrollTech/MySQL/etc/Linux which aside from being unreasonable
> would be bad because it also highlights non-Free and less Free
> licences.

OK I follow you when you say this would be unreadable. But
LINU-X/KDE/OpenOffice/Mozilla doesn't highlight any non-Free and/or less
Free licenses. The whole system would be GPL/LGPL/X, in fact... These
are all Free licenses.

So, what you're actually saying is:
1) Linux is not Linux, it's GNU/Linux because it's actually GNU
GNU deserves credits.

2a) Linux is not X, it's X on Linux, which is actually X on GNU/Linux,
but we should not call this system X/GNU/Linux.
2b) Linux is not KDE, it's KDE on GNU/Linux, etc.
2c) Linux is not {Open,K,GNOME-}office, its... etc.
They don't deserve credits.

You make no sense to me, you're arguments are at best inconsistent. If
you were consistent, your GNU (with hurd) system should be called
GNU/Mozilla/etc. Maybe you can explain once more: Why does GNU have
rights to credits for the Linux system, and why don't other major
contributors have those same rights?

Greetz
Steven

Comments (none posted)

Re: it's not GNU/Linux; it's GNU

From:	 Richard Stallman <rms@gnu.org>
To:	 s.bosscher@student.tudelft.nl
Subject: Re: Subject: Re: it's not GNU/Linux; it's GNU
Date:	 Fri, 24 May 2002 15:13:15 -0600 (MDT)
Cc:	 letters@lwn.net

    You know what? How about using the acronym LINU-X from now on, to refer
    to the system Linux^WGNU/Linux?

This seems to be an attempt to excuse not solving the problem, rather
than a serious attempt to solve it.

In terms of informing the public, and in terms of fairness to the GNU
Project, there is no difference between "LINU-X" and "Linux".  Both of
them will spread the same inaccurate picture of how *and why* the
system was developed.  People will think it was started by Linus
Torvalds in 1991 just for fun, and won't know it was started by the
GNU Project in 1984 for the sake of your freedom and ours.

    Now I
    don't like Konq, so I use Mozilla. LINU-X/KDE/OpenOffice/Mozilla!!!

    So, what you're actually saying is:
    1) Linux is not Linux, it'ss GNU/Linux because it's actually GNU
    GNU deserves credits.

    2a) Linux is not X, it's X on Linux, which is actually X on GNU/Linux,
    but we should not call this system X/GNU/Linux.
    2b) Linux is not KDE, it's KDE on GNU/Linux, etc.
    2c) Linux is not {Open,K,GNOME-}office, its... etc.
    They don't deserve credits.

All of the contributors deserve credit, but some deserve it more
strongly than others.  The system is basically GNU; the GNU Project is
the principal contributor.  The others are secondary contributors.
They all deserve credit, but the principal contributor deserves it
most.

You cannot mention all the secondary contribitions in the name,
because there are too many of them.  But you can mention more than
one, and where to draw the line is up to you.  You can call the system
GNU/KDE/OpenOffice/Linux/Mozilla, and thus give credit to KDE,
OpenOffice, Mozilla and Linux, if you want.  That would not be wrong.

However, if you feel that name is too long, then you can drop some of
the secondary contributions such as KDE, OpenOffice, Linux and
Mozilla.  For instance, you might call it GNU/OpenOffice/Linux, or
GNU/Linux, or just GNU.  The one name that you shouldn't omit is the
name given by the system's principal developer -- GNU.  It's not right
to leave out the principal developer and give all the credit to a
secondary contribution such as KDE, OpenOffice, Linux or Mozilla.

The shortest legitimate name for this system is "GNU".  I prefer to
call it "GNU/Linux", for three reasons:

* This system is not exactly the GNU system--it has a different
  kernel.  Calling it "GNU/Linux" helps distinguish it from GNU.

* It would be ungentlemanly to ask people to stop giving Linus
  Torvalds a share of the credit.  "GNU/Linux" gives him equal mention.

* People who have been taught that the system is "Linux" will see the
  name "GNU/Linux" and realize it has something to do with what they
  know about.  They may not recognize this if we call it just "GNU".

Comments (6 posted)

GNU & Linux???

From:	 Ron Johnson <ron.l.johnson@cox.net>
To:	 rms@gnu.org
Subject: GNU & Linux???
Date:	 25 May 2002 23:39:16 -0500
Cc:	 krooger@debian.org, letters@lwn.net

Mr. Stallman,

> It is not wrong to shorten the name GNU/Linux to GNU.  The system is
> basically GNU.  There are three reasons why I say "GNU/Linux":
> 
> * To distinguish it from GNU properly speaking, which uses the Hurd.
> 
> * To give Linus a share of the credit.  It would be ungentlemanly
> to ask people to stop giving him credit.

Gack!!  

Every night when you lay down to sleep, you should thank 
${DEITY} that Linus came along to spread the GNU utilities 
beyond academia.  

In the past 11 years, _at_least_ 100,000 man-hours of effort 
have gone into that kernel.  GNU has been working on Hurd since 
_way_ before Linux came out, and _still_ isn't at v1.0!  

For you then to say "It would be ungentlemanly to ask people 
to stop giving him credit" takes way more chutzpah than in all 
of NYC & Miami Beach combined.

-- 
+---------------------------------------------------------+
| Ron Johnson, Jr.        Home: ron.l.johnson@cox.net     |
| Jefferson, LA  USA      http://ronandheather.dhs.org:81 |
|                                                         |
| "I have created a government of whirled peas..."        |
|   Maharishi Mahesh Yogi, 12-May-2002,                   |
!   CNN, Larry King Live                                  |
+---------------------------------------------------------+

Comments (2 posted)

Re: GNU & Linux???

From:	 Richard Stallman <rms@gnu.org>
To:	 ron.l.johnson@cox.net
Subject: Re: GNU & Linux???
Date:	 Sun, 26 May 2002 19:50:20 -0600 (MDT)
Cc:	 krooger@debian.org, letters@lwn.net

    Every night when you lay down to sleep, you should thank 
    ${DEITY} that Linus came along to spread the GNU utilities 
    beyond academia.  

Describing the GNU system as "utilities" is quite an understatement.
GNU is not a set of utilities--GNU is an operating system.  The
GNU/Linux system is pretty much the same as GNU, but not entirely the
same, because it has Linux in it too.

I appreciate Torvalds' contribution to the GNU/Linux system.  I credit
Torvalds (not hypothetical gods) for this work, and that's one reason
I mention his contribution in the name of the operating system.

I also appreciate that Torvalds' kernel would have mattered little for
computer users' freedom, if not for the fact that we had already
produced most of a free operating system for it to fit in.
Giving him equal mention is more than fair.

Comments (4 posted)

Re: Open-Source Fight Flares at Pentagon (Washington Post)

From:	 Eric Smith <eric@brouhaha.com>
To:	 letters@lwn.net
Subject: Re: Open-Source Fight Flares at Pentagon (Washington Post)
Date:	 28 May 2002 14:10:25 -0000

Gentlemen,

On May 23, you referenced an article by Jonathan Krim in the Washington
Post regarding use of open-source software in the Defense Department.
There was an interesting statement in the last paragraph of that
article:

    ... the Defense Department is now prohibited from purchasing any
    software that has not undergone security testing by the NSA.

Perhaps more interesting is what the article did NOT say, which is that
free software does NOT need to be purchased.  While many people focus on
the "free speech" aspect of free software (and rightfully so), there are
definitely some circumstances in which the "free beer" aspect can be
important and useful.

I'm not trying to suggest that the Defense Department and NSA should not
conduct security testing of free software, but merely that procurement
regulations are a complete non-issue for it.

Comments (2 posted)

Page editor: Jonathan Corbet

Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds