User: Password:
|
|
Subscribe / Log in / New account

How not to handle a licensing violation

How not to handle a licensing violation

Posted Apr 11, 2007 20:34 UTC (Wed) by madscientist (subscriber, #16861)
In reply to: How not to handle a licensing violation by drag
Parent article: How not to handle a licensing violation

The right thing to do was to contact the BSD developer and let HIM go public asking people to remove the old version with incorrect copyrights and start using the new version where the copyright issues had been resolved, along with an explanation.

As Our Editor says, clearly this was handled badly by all concerned. This kind of thing is exactly why the FSF always starts with private conversations whenever a GPL violation is discovered: you can get so much more accomplished so much more rapidly if you don't make the other person feel like they're being attacked.


(Log in to post comments)

How not to handle a licensing violation

Posted Apr 11, 2007 21:03 UTC (Wed) by drag (subscriber, #31333) [Link]

Well as long as somebody ended up going public without much delay. It doesn't realy matter a whole lot who does it.

The way I look at it it seems that it should off been handled in a manner similar to how you deal with security disclosures. You go to them first, in private, then you let the end users know what happenned after it's been resolved.

It's a bit different from your normal GPL violation because generally your trying to prevent people from closing off access to code. In this case your trying to prevent third party mostly anonymous people from using tainted code from the OpenBSD project.

How not to handle a licensing violation

Posted Apr 11, 2007 22:04 UTC (Wed) by dlang (subscriber, #313) [Link]

not completely, you are also trying to prevent people from takeing the code that's apparently released under the BSD license and putting it in their private codebase. without publicity there is no way for these third parties to know that they shouldn't do this.

How not to handle a licensing violation

Posted Apr 11, 2007 22:24 UTC (Wed) by dmarti (subscriber, #11625) [Link]

The security scene balanced full disclusure vs. privately giving people a chance to fix things: RFPolicy. Maybe we need something similar for attribution or copyright issues.

How not to handle a licensing violation

Posted Apr 11, 2007 22:44 UTC (Wed) by ajross (guest, #4563) [Link]

Absolutely not. The purpose behind the limited disclosure rules for security vulnerabilities is to limit exposure of public systems until a solution is found. It's a public safety concern.

This whole brouhaha, as far as I can tell, is about hurt feelings, decorum, and email etiquette. In what possible way can that be considered morally or practically equivalent? Remember that the real issue here was a copyright and license violation, and that issue was resolved successfully and quickly. Your suggestion is just a band-aid for avoiding the resulting flame war.

Developers are, as a rule, socially insensitive jerks and flame wars happen all the time. Why does this one deserve special treatment? My guess is that it's because one of the biggest bomb throwers was the leader of a high profile project, and as a result lots of high profile people were embarrassed. I'm sorry, but "don't embarrass important people" seems like a pretty obscure and special case requirement for a development process.

And, by way of full disclosure: these flame wars aren't exactly without value. I'll come right out and admit that this was one of the most entertaining I've read in years. It's right up there with Tannenbaum vs. Torvalds, or Tridgell vs. McVoy in my book. I mean, let's just admit it: this kind of train wreck can make for a pretty great afternoon's reading for those of us not directly involved.

How not to handle a licensing violation

Posted Apr 12, 2007 0:05 UTC (Thu) by dmarti (subscriber, #11625) [Link]

People who want to jump into flame wars can easily find them.

Ability and willingness to participate in unnecessary flame wars shouldn't be a prerequisite for participating in a project, though. Raise the standard of discourse, and you make a project attractive to people who aren't "socially insensitive jerks", bring in useful contributors who won't bother with flame-infested projects, and you win.

How not to handle a licensing violation

Posted Apr 12, 2007 8:59 UTC (Thu) by sdalley (subscriber, #18550) [Link]

Am I permitted to wonder whether "socially insensitive jerk" attitudes like this are one big reason why there are so few women in FOSS ??

How not to handle a licensing violation

Posted Apr 12, 2007 9:59 UTC (Thu) by aigarius (subscriber, #7329) [Link]

Oh, please. Women can be just as insensitive as men if they try :)

How not to handle a licensing violation

Posted Apr 12, 2007 21:41 UTC (Thu) by amikins (guest, #451) [Link]

Or if they don't try. Being, you know, insensitive and all. Sensitivity requires effort. :D
<-- Insensitive

How not to handle a licensing violation

Posted Apr 11, 2007 22:34 UTC (Wed) by ekj (guest, #1524) [Link]

It matters a lot to the person guilty of infringing the copyrigth.

There's a rather large difference between having "this person is an asshole who stole my code" posted very publicly one the one hand, and on the other hand to get a private message about it, being able to relicence some of the code, rewrite or otherwise fix the remaining issues and then be able to yourself post a message of the type;

I was recently contacted by the developers of X about my recent contributions to Y. In an attempt to get the driver working quickly, I improperly copied some functions from their similar Linux-driver, planning to replace them as the driver started working. The developers of X have however agreed to relicence parts of their driver under the BSD-license, and I have rewritten other parts -- the driver in current CVS is clean. Everybody should stay away from the driver in CVS rev X to rev Z, as that code contains GPLed parts not distributable under the BSD-licence.

How not to handle a licensing violation

Posted Apr 11, 2007 22:46 UTC (Wed) by k8to (subscriber, #15413) [Link]

If the license problem is limited to the developer being contacted yes. In this case the license problem was being inflicted upon any users who acquired CVS HEAD (ie. the public). See my comment below for more detail.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds