Jumping the licensing shark
The concept of copyleft is compelling in a lot of ways, at least for those who want to promote software freedom in the world. Bradley Kuhn is certainly one of those people and has long been working on various aspects of copyleft licensing and compliance, along with software freedom. He came to Everything Open 2023 to talk about copyleft, some of its history—and flaws—and to look toward the future of copyleft.
Kuhn began by saying that he spends much of his time these days thinking about the enforcement of GPLv2 and LGPLv2.1; "it turns out that those are the most widely used copyleft licenses in the world", thus they are the most frequently violated. It is sometimes painful to be looking at license text written in 1991 and 1993 as we move through 2023, but that is what he has to do. Outside of work, though, he has time to think about what sort of copyleft license he would draft if he were to do so. He was just out of high school when GPLv2 was released, so he did not participate in that process at all.
![[Bradley Kuhn]](https://static.lwn.net/images/2023/eo-kuhn-sm.png "Bradley Kuhn")
He turns 0x32 this year and, as an elder statesperson of FOSS, he has a duty to help figure out "where, exactly, we went wrong in how we got to where we are with copyleft", he said. In his view, copyleft exists to "achieve one very important principle"; it is working toward a world where everyone "has a fundamental right to examine, change, and install modified versions of their software onto the devices that they have in front of them".
Many of those in the audience who have Linux-based devices will realize that they cannot do that with many of those devices, which is a violation of GPLv2, he said. That is something that he and his colleagues at Software Freedom Conservancy (SFC) have been working on, but that is not what he wanted to focus on in the talk. Instead, he wanted to look at how we arrived at the current state of copyleft and if there is anything that can be done to improve the situation going forward.
History
When free and open-source software got its start, there were basically just three licenses that were in widespread use: BSD, X11, and the GPL. While the BSD license appeared a bit earlier, at this point we can say they all emerged at roughly the same time, certainly in "the same era of computing", he said. After its proto-versions (such as the Emacs public license), the GPL became the standard for copyleft releases, while the X11 license—essentially the same as the MIT license—generally was the choice for permissively released code. Until late in the 1990s, the (4-clause) BSD license had the "problematic advertising clause", which reduced its applicability.
Copyleft is primarily a strategy, Kuhn said, "it is not a principle unto itself", but that is often misunderstood by its fans. Copyleft is a tool to be used to reach the goal he described earlier about users having the source and the ability to modify and install it on their devices. "That is a principle." Since it is simply a tool, we should not treat any copyleft license or even the idea of copyleft as sacrosanct; if it is failing to get us to that goal, we should reconsider it.
The BSD advertising clause was well-known at the time that copyleft was being created, but nothing like that was added to the early versions of the GPL—though it does start to appear later. It is an "ego clause" in his view—a way for developers to get credit for their "amazing" work—which is rather comical to those who have been in the industry for long enough. "No one has ever written any good software ever in the history of software and it is a constant process to make it better." It makes no real sense to be "so arrogantly proud of our software", he said.
Because copyleft was focused on the principle behind it, at least in its early days, it did not incorporate anything like the advertising clause. Copyleft was aimed at helping the entire public, not simply the developers behind the software who might want credit. "It was designed to help people who use software."
Proliferation
It turns out that it is difficult to write good open-source and free-software licenses, but that has not stopped people from trying. In the early days of open source, everyone wanted to write their own license, he said. There were "dozens of organization-specific licenses", all of which were approved by the Open Source Initiative (OSI); sadly some of those licenses are still in use. He noted that the Postfix mail-transfer agent, which is the one he uses, is released under the IBM Public License. He does not think there is anyone at IBM who still remembers why it was drafted—or how—and what it had that some other already-existing license was missing.
Around 2004 or 2005, "almost everyone, in complete agreement, decided that there were too many open-source licenses". The only people who were opposed to the license non-proliferation efforts that came about was "basically a small group of lawyers". There was an opportunity to make a name for yourself as an open-source lawyer by creating a license and getting it approved by OSI.
Being a lawyer is a fairly boring job, Kuhn said; "open-source licensing was the most exciting thing to happen in the field of software licensing in history". So lawyers got excited by this prospect and created many different licenses—of highly variable quality. Some of those licenses still appear on the OSI list, though others have been deprecated at this point.
He has spent a lot of time worrying about the problem of approved, but low-quality, licenses, many of them copyleft or quasi-copyleft, over his career. As recently as a few months ago, he was complaining on the OSI mailing list about a proposed open-source license that was tied to the laws of Germany, though the proposer has not been forthcoming about why such a license is actually needed. While he still will jump in to try to prevent proliferation from time to time, these days he sees the problem as more of an annoyance than a disaster
Copyleft abuse
One of the interesting things he has seen with all of the license proliferation is the idea of "badgeware licenses". These are licenses that require something like the BSD advertising clause, but the dangerous thing is that the advertising requirement is linked to the copyleft provisions of the license. "If you don't do my badgeware the way I want you to do it, you lose your right to distribute the software."
There are licenses that purport to be copyleft licenses that have a badgeware clause. So, if you remove the logo of the company who released the software, you lose the right to distribute it—or perhaps even to use it as a web service of some kind. If this practice is confined to that particular license (or a small set of them), perhaps it is not that big of a problem, he said. The bigger problem is that companies are finding ways to use the established copyleft licenses in abusive ways.
Kuhn said that he has spoken at numerous editions of linux.conf.au (LCA), which is the predecessor to Everything Open, on the "danger and horror of proprietary relicensing"; he quickly summarized the problem in his talk. The idea is that a company runs a project where it requires all contributors to grant it the copyright or to sign a contributor license agreement (CLA) so that the company can offer the code under any license that it chooses. The code is then offered to the public under a copyleft license, typically either the GPL or the Affero GPL (AGPL).
Once people start using the code, though, the company spends its time finding users who "make minor mistakes with their copyleft compliance" and, effectively, shake them down to pay for a proprietary license. "Pretty nice business you have here, it would be a shame if you were violating our license." This business model was originally pioneered by Aladdin, which was the company behind the Ghostscript PostScript interpreter. There have been multiple lawsuits by the company (and its successors in interest) trying to get users to buy its proprietary license for supposedly not complying with the GPL.
There are certain areas of computing, open-source NoSQL databases for example, where this business model is more or less standard. MongoDB, Neo4j, and others release their code under copyleft terms, many using the "copyleft licenses that we know and love, but they are being used in this nefarious way". This is a huge problem, he said, and one that "we should have anticipated in license drafting"; there is a solution for that now, though it is not part of the GPLv3 or AGPL.
MongoDB was not happy with that model, he said, the company felt it did not go far enough, so it created its own license, the Server Side Public License (SSPL). The company said that it wanted to make a better copyleft license, but "as it turns out, no one can actually comply" with the SSPL; meanwhile the company was pitching that "we think that will get the most software freedom in the world". The SSPL requires that those offering its covered code as a service to also release all of the other code on the system under the SSPL—something that is completely impossible for anyone deploying on Linux (or, really, any other operating system).
Kuhn does not think anyone took MongoDB's claim that it was advancing the cause of copyleft for everyone's benefit seriously, but it is worrisome that the SSPL was seriously considered as a possible OSI-approved license until he pointed out its inherent flaw. He sees this incident as the culmination of what has been going on in the copyleft world for quite some time now; companies have "co-opted the message of copyleft, they have drafted on the idea that copyleft is some sort of sacrosanct principle" to try to make people believe what they are doing is "the right thing". What they are really doing is "misusing a tool".
Applying copyleft further
Another concerning thing is that people have started to want to apply copyleft to areas beyond just the realm of software freedom. A number of social-justice advocates have become excited about using copyleft to further the aims of social justice, for example. This came about when it was discovered that the US Immigration and Customs Enforcement (ICE) agency was using a variety of open-source programs, so people thought that software licenses should be used to prohibit these kinds of bad actors. While he agrees that ICE "is a very bad actor", copyleft licenses have always been focused on the issues of software freedom.
This has led to license proliferation of a different sort. He has tried to explain to the social-justice advocates that he does not think copyleft will work to achieve their aims, in a practical sense, even if some kind of agreement could be found on the wording for licenses of that sort. But these two sets of efforts, from companies in search of a business model and people looking to right injustices, have teamed up to cross boundaries that were long established norms in the copyleft community.
Over the years, that community has made plenty of mistakes, one of which is in not really focusing on adoption, both of the licenses and the software covered by them. "There was a lot of rhetoric in the free-software advocacy world that 'better the software be under a copyleft license and never used, than be under a non-copyleft license and be widely adopted in proprietary software'", Kuhn said. But that misses the point of how copyleft became successful; Linux is the most successful copyleft project because companies did not want to live without it. Unless the software gets adopted widely, it is not going to have a big impact on the software freedom of users.
Copyleft advocacy has not done the work "to convince developers that they want to create software [...] under copyleft", thus there is this weird belief that non-copyleft licenses are for adoption, while copyleft is for software freedom. "There is no software freedom unless you have adoption."
Drafting copyleft licenses
A problem that is apparent to him, now, in hindsight, is that the approach that has been used to draft new copyleft licenses is flawed. That can be seen in the work on GPLv3: it was targeted at large software businesses (and their lawyers). That led to a bunch of complicated licensing terms being added to the GPLv3 family of licenses, which has been a barrier to adoption of the license.
He did not participate in the drafting of GPLv3 as much as he would have liked, but in talking to those who were more heavily involved, he learned that there were serious lobbying efforts from large companies going on during the process. He believes that those who were drafting the license were ill-equipped to handle these aggressive lobbying efforts, which came easily to the companies because they lobby governments and each other all the time. "The inexperience of the GPLv3 drafting team led to some really bad decisions", he said.
For example, he does not understand why the GPLv3 ended up with a badgeware
clause; it is effectively an additional restriction that can be placed on
the distribution to require preservation of "specified reasonable legal
notices or author attributions
" (from clause 7b). The badgeware
companies, with SugarCRM being the biggest proponent that he is aware of,
wanted much more in that clause; "they feel like they got a horrible
compromise". But the confusion about the language of that clause has led to
various kinds of abuse.
His second example of where the GPLv3 process went awry was about the
patent language. At the time of the license drafting, there was "this
weird deal done by Novell and Microsoft" around
patents with regard to Linux. He believes that the deal was clearly a
violation of GPLv2, but it ended up adding a bunch of complicated legalese
about patents to GPLv3 (section 11), which includes a date ("prior
to 28 March 2007
") that
effectively grandfathers in the Novell/Microsoft agreement. "Who do you
think lobbied to put that date in there?"
So, in an effort to get the GPLv3 out the door, two paragraphs of complicated language were included in it to preclude others from following in Microsoft's footsteps—but still allow the agreement that had already been made. That language is simply wasted space at this point, since the GPLv2 already had much simpler language precluding it—and it was already clear that the Linux kernel would not be switching to GPLv3 in any case. The only purpose it serves now is to confuse users who might adopt GPLv3 except that "it's so long and annoying and I don't know what all these words mean".
In the past, licenses have been managed and shepherded by license stewards, but he thinks that era has passed. He used to work for a license steward (the Free Software Foundation), but does not anymore; he does not want to see his current employer become a license steward either. He believes that "license stewardship has not worked for us". It raises the barrier to entry for new licenses and allows the elite to control what the licenses say. He makes that statement with full recognition of his membership in the "licensing elite", but he does not want to be in control of what the next copyleft license says. On the other hand, he would like to contribute to a new license on an equal footing with everyone else.
He thinks that people have mostly chosen licenses based on their stewards, rather than on reading the text of the license. Back in 1995, he read the text of the GPLv2 and could mostly work out what it was about; it was written to be read by developers first and lawyers second. GPLv3 was drafted by lawyers and he doubts that any developer really wants to read it. So people fall back on simply trusting the steward, which he does not think works well either.
The shark
Kuhn riffed a bit around the title of the talk: "Did FOSS Licenses Jump the Shark?" He put up a slide with artwork of Fonzie jumping the shark (from the 1970s TV show Happy Days) and asked: "Do we have to cancel the whole thing because it's over and just live with the licenses we have now?" The idea of "jumping the shark" refers to the decline in quality (and popularity) of the show after a cliff-hanger at the end of season 5 in 1977. It is a phrase that denotes something that has run its course and, perhaps, is simply moving forward on inertia after said shark-jumping.
Interestingly, though, season 5 was the peak of popularity for the show and it did decline a bit the next year, but not by all that much. The real decline came after season 7 when the star of the show left. "Wasn't Ron Howard leaving really jumping the shark, not Fonzie literally jumping the shark?", he asked with a laugh—maybe jumping the shark is not actually so bad. He showed another image of Henry Winkler, the actor who played Fonzie, jumping a shark in a different context, which is a kind of cultural reinterpretation or reinvention.
"I feel like we should just reinvent copyleft", Kuhn said. Sometimes he wonders if the whole idea of using licenses to promote software freedom should be abandoned. But there are some hard facts that make it difficult to take another path. The copyright regime restricts software freedom by default; that is true worldwide due to the Berne Convention. "So we are stuck with software being governed by copyright."
So copyleft licenses have to be a component of the struggle for software freedom. They are necessary, even if not sufficient, to achieve the aims of free software. He does not believe that software freedom will ever be mandated in legislation or written into the UN Declaration of Human Rights, which are other paths that might be chosen.
Relaunching copyleft-next
Kuhn has decided to help relaunch the copyleft-next project that was started by Richard Fontana a little over ten years ago. The project is going to try to write a copyleft license in an open and transparent way; "write a free-software license the way we write free software". That is really how it should be done.
The license should be written "slowly, carefully, deliberately, [and] don't rush to address the issues of the day". The license text should be short and readable by non-lawyers, something he thinks that GPLv2 accomplished and GPLv3 did not. The project uses the "hindering backchannels rule" (HBR) to try to ensure that lobbying efforts are thwarted by ensuring that all of the discussions are done openly and in public.
He would like to try to rekindle a world where hobbyists write free software. So he wants to work on a license in a "hobbyist way", rather than in a top-down fashion like a license steward might employ. While license language is not code, it does have some similarities, so he wanted to encourage developers to get involved.
The project is just getting restarted now. "Even if it fails, we need to experiment at this point", Kuhn said. GPLv3 itself is almost 15 years old and no one is looking at alternatives. The idea is to have a community-owned license, so there will be no steward other than the community as a whole. Fontana does not want to be the dictator for life, and, even though SFC will be funding some of Kuhn's work on the project, that organization will not be the steward either.
In an email, Kuhn said that he plans to put his slides in a permanent location soon, which we will link for interested readers. At some point soon, a video of the talk should appear in the Everything Open YouTube channel as well. [Update: The slides are now available.]
[Thanks to LWN subscribers for supporting my travel to Melbourne for Everything Open.]
| Index entries for this article | |
|---|---|
| Conference | Everything Open/2023 |
Posted Mar 22, 2023 22:04 UTC (Wed)
by Trelane (subscriber, #56877)
[Link] (7 responses)
I'm surprised that the GPL gets dinged for being written by lawyers. My recollection is that the GPLv2 was dinged for _not_ being written by lawyers, because it lead to a bunch of loopholes.
Posted Mar 23, 2023 5:21 UTC (Thu)
by rfontana (subscriber, #52677)
[Link] (4 responses)
As for why not work instead on a GPLv4: I can speak to this as to the old copyleft-next project. A few reasons come to mind:
* The FSF has not shown any interest in writing a new (post-GPLv3) version of the GPL
Posted Mar 24, 2023 16:12 UTC (Fri)
by IanKelling (subscriber, #89418)
[Link] (3 responses)
You omit the most important fact: A GPLv4 has inherent important negative consequences due to creating license compatibility, so until it is shown that there are important enough benefits to a GPLv4, we should hope it will never exist. As soon as GPLv4 exists, it would cause an important decrease in the ability to share code between different programs out in the wild. Even announcing the drafting GPLv4 would cause problems as people anticipate these consequences. That is part of why even announcing work on it now requires FSF board super-majority approval. https://www.fsf.org/news/fsf-board-adopts-updated-by-laws...
"FSF has not shown any interest", sounds like an incomplete slanted view. The FSF has shown that it invests significantly and cares deeply about being the GPL license steward and keeping up on issues which could warrant a GPLv4.
Posted Mar 24, 2023 16:14 UTC (Fri)
by IanKelling (subscriber, #89418)
[Link]
Posted Mar 24, 2023 17:57 UTC (Fri)
by rfontana (subscriber, #52677)
[Link] (1 responses)
I suspect, at least, that the FSF is under pressure *not* to be perceived as even thinking about updating the GPL, especially given the significantly (and often highly unfair) hostile public reaction during the GPLv3 drafting process ~17 years ago. So at the very least, the FSF must find itself in a somewhat conservative role with respect to its stewardship of the GNU licenses, even more than is typical among FOSS license stewards (who tend to be very conservative around license updating). That means public experimentation with copyleft licensing, including rapid iteration over license drafts, has to take place elsewhere. It is ironic of course that copyleft-next has, for various reasons, been dormant for, er, several years, but maybe bkuhn can help get it up and running again. :)
I think the assumption that future versions of the GPL must inherently be incompatible with earlier versions (leaving aside "or-later" licensing) is questionable, but that's a whole other complex topic. Also, the experience of GPLv3 shows that concerns about GPLv2/GPLv3 compatibility problems (as expressed, for example, here on LWN.net in the famous kernel developers' denunciation of GPLv3 in September 2006 [https://lwn.net/Articles/200422/]) were severely overblown.
Posted Mar 24, 2023 19:35 UTC (Fri)
by IanKelling (subscriber, #89418)
[Link]
And sorry for being a bit over reactionary. In that light, your comment makes sense. In internet comments, things can look very different depending how people see the context.
> has to take place elsewhere
I agree it definitely seems best to take place outside of GPL and any FSF controlled process. Best of luck on copyleft-next.
> GPL must inherently be incompatible with earlier versions is questionable
Interesting. I'll ask your thoughts on the next time I see you.
Posted Mar 24, 2023 15:05 UTC (Fri)
by IanKelling (subscriber, #89418)
[Link] (1 responses)
1. A GPLv4 would be completely different than publishing any other new license.
As written in https://www.fsf.org/news/fsf-board-adopts-updated-by-laws... :
Releasing new versions of a GNU license calls for great care, because programs released under "GNU XYZ License version N or later" will automatically give users the option to choose later revised versions published by the FSF.
2. No one but the FSF can publish a GPLv4.
Posted Mar 24, 2023 16:59 UTC (Fri)
by IanKelling (subscriber, #89418)
[Link]
Posted Mar 22, 2023 22:47 UTC (Wed)
by josh (subscriber, #17465)
[Link] (151 responses)
Unfortunately, two clauses in it make it DOA for any project I'd want to work on:
Clause 8, "Copyleft Sunset", makes the copyleft expire after 15 years. While I definitely appreciate the notion that copyright should not last as long as it does, that's no reason to "unilaterally disarm" here; copyleft should last as long as copyright does.
Clause 7, "Nullification of Copyleft/Proprietary Dual Licensing", waives the copyleft if offering a dual-license with any license that isn't Open Source. This seems very much against "don't rush to address the issues of the day". I appreciate that some companies have done unreasonably aggressive enforcement. But I think the *concept* of "free for Open Source users, pay if you want to use it in proprietary software" is an entirely reasonable one. I don't want to see a license try to kill that business model.
Posted Mar 22, 2023 23:24 UTC (Wed)
by NYKevin (subscriber, #129325)
[Link] (4 responses)
> "Derived Work" means a work of authorship that copies from, modifies,
If "My Work" is a library, does this cover applications that "merely make reference" to that library (by instructing the operating system to dynamically load it at runtime)? If so, then it should be explicitly clarified under the definition of "Separate Work" (the phrase "runtime library" presumably does not include application libraries). But if it is not so covered, then what does this "merely make reference" phrase mean?
The license is outbound-compatible with the GPL and AGPL, but not the LGPL, so presumably they intend to interpret* dynamic linking as creating a derivative work (or else they would allow the LGPL, too). They should say that more explicitly.
* To the extent permitted under applicable copyright law. You cannot just wave a magic licensing wand and sweep things under the "derivative work" umbrella. If your country's copyright law says that dynamic linking does not create a derivative work, then a license probably can't fix that. But in jurisdictions where dynamic linking does create a derivative work, an explicit exemption such as this might serve to undermine that rule.
Posted Mar 30, 2023 14:46 UTC (Thu)
by ksandstr (guest, #60862)
[Link] (3 responses)
Conversely, take the BSD-licensed rewrites of Readline: their interface is the same and programs written to that interface can be interchangeably linked to the copylefted Readline or a non-copyleft substitute regardless of license. Whether this allows a program previously copylefted due to derivation from Readline to become non-copylefted if it were retargeted to a non-copylefted implementation of the same interface is between the reader and his time machine.
Posted Mar 30, 2023 15:29 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (2 responses)
Readline's licence does not affect the licence used on said program. Obviously, if I've released a proprietary program, using Readline, I have to allow my recipients to distribute my code under the GPL. I also can't revoke the GPL on the copies they've already got.
But there's nothing stopping me replacing Readline with the BSD equivalent, and then no longer distributing source. Whether that's wise/economically feasible is another matter.
Cheers,
Posted Mar 30, 2023 15:46 UTC (Thu)
by ksandstr (guest, #60862)
[Link] (1 responses)
Posted Mar 30, 2023 17:07 UTC (Thu)
by Wol (subscriber, #4433)
[Link]
The licence of Readline is not allowed to affect the licence on the SOURCE of my program. If I wish to include Readline in my program, I have to allow my source to be distributed under the GPL, too.
But, as I said, as soon as I swap Readline for the BSD equivalent, I no longer have to distribute my source under the GPL. I can't do anything about the copies already out there, but if things go right for me, they will wither on the vine. If things go wrong, ... well I'm probably no worse off than I was to start with.
Cheers,
Posted Mar 23, 2023 10:21 UTC (Thu)
by kay (subscriber, #1362)
[Link]
Posted Mar 23, 2023 13:38 UTC (Thu)
by paulj (subscriber, #341)
[Link] (6 responses)
I appreciate a lot of what Bradley and others are trying to do, but I dislike the idea that companies contributing to Free Software a) Are somehow "bad" for enforcing their licence, other than for "non-minor" issues (what does that mean?) b) Not allowed to even dual-licence under this copyleft-next licence.
I think any problem of copyleft licence holders over-doing enforcement is _non-existent_ compared to the *vast* problem of many, many, many non-copyright-holder corporates taking copyleft software and just caring not a jot about their copyleft obligations. We need to be concerned about the latter, and _more enforcement_ in that area, rather than focusing on the complete non-issue of the former case.
And if that's about Patrick Hardy, to this day, I've still not seen any clear documentation to show that the companies he sued were "good" companies making "minor" mistakes. They were companies which abused the GPL _multiple_ times - cause AIUI the first time they did Hardy didn't sue them, but made them sign an agreement to honour the GPL, and it was only /after/ that and further ignoring the GPL that Hardy was able to pursue them.
But people involved seem to be determined to keep the details hidden.
Posted Mar 23, 2023 13:52 UTC (Thu)
by paulj (subscriber, #341)
[Link] (2 responses)
1. The Free Software developers who write the code, and choose which licence to apply.
2. The Free Software licence professionals - lawyers and paralegals, in the tech industry and non-profits - who are focused on developing the licence texts.
It feels like the latter group, least so far as Bradley's views are representative, are pretty "softly-softly" on enforcement. And indeed, wish to actively prevent some cases of enforcement against non-conforming users (the "minor" abusers) - by putting language in to effectively disallow copyleft enforcement if resolution in any way involves another licence. The problem is that this view is not universal in set 1. While there certainly are some in set 1 who dislike any enforcement (some notable developers of Linux kernel and tools), there are also many in set 1 who have the opposite view - they want more enforcement, and they certainly want to be able to enforce their own copyleft licences.
I think set 2 really really need to ensure the licence(s) they propose allows set 1 - and the wider market in the longer run - to *choose* which approach they prefer. Abandon this attempt to impose the view of set 2 onto all of set 1 (and the wider market after) via their (perceived) power over the licensing text.
Otherwise there will be a significant breach of standing of set 2 in the eyes of a portion of set 1.
Posted Mar 23, 2023 16:17 UTC (Thu)
by bkuhn (subscriber, #58642)
[Link] (1 responses)
I think this is a false dichotomy. There are a lot of different interests and incentives of those who focus on copyleft. Even among group (1), there are some nuance and diversity, and group (2) not only lumps together various people who have varied interests and motivations [0], but also even among the lawyer-class, there is widespread disagreement on enforcement (some of those lawyers, for example, do proprietary relicensing and help companies like Neo4j).
[0] I realize my talk tried to draw some parallels and weird allies among these various groups, but it was only a 40 minute talk, not a dissertation so I wasn't able to present full nuance on all this.
Posted Mar 27, 2023 12:02 UTC (Mon)
by paulj (subscriber, #341)
[Link]
Posted Mar 23, 2023 16:11 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (2 responses)
The problem with Patrick Hardy, aiui, is he was out for personal gain. He basically bamboozled companies into signing a contract - which was almost impossible to comply with - and then he gouged them.
So while your characterisation may be close to the truth, there is always more than one side to the story, and your "didn't sue them" is my "bamboozled them", and your "Hardy was able to pursue them" is my "then he gouged them".
Bear in mind Hardy had very little copyright code in Linux to start with, enough to get any copyright case thrown out as "insufficient standing to sue". THAT is why he got them to sign a contract WITH HIM, at which point the only way to get him off the company's back was for the company to abandon Linux. Is that what the real owners of Linux want?
Cheers,
Posted Mar 23, 2023 16:30 UTC (Thu)
by paulj (subscriber, #341)
[Link]
Except, I know a number of those people have "softly softly" views on enforcement that differ from my own, so I do wonder if their view of reasonableness might also differ.
So I want the details. But they've been withheld.
You are also going by what was reported here, I'm sure - which was incomplete.
Posted Mar 23, 2023 16:33 UTC (Thu)
by paulj (subscriber, #341)
[Link]
I know there are questions over whether that individual actually had contributions of significance, to morally gain from, but that is a separate question from the principle above. The other examples given in the article involve people/companies that definitely did make large code contributions (if not write the entire thing) - why shouldn't they benefit?
Posted Mar 23, 2023 16:13 UTC (Thu)
by bkuhn (subscriber, #58642)
[Link] (134 responses)
Yeah, Fontana and I have argued about this in the past. I think we could definitely revisit the sunset provision. Fontana is a bigger fan of it than I am, for sure. I forget who else in copyleft-next felt it was a good thing, but we should definitely have the discussion again.
> Clause 7, "Nullification of Copyleft/Proprietary Dual Licensing", waives the copyleft if offering a dual-license with any license that isn't Open Source. This seems very much against "don't rush to address the issues of the day".
By issues of the day, I meant somewhat literally of the day. The Novell/Microsoft deal was announced while GPLv3 was being drafted, and it was a mere matter of months (not years) from when the community understood the deal, to when GPLv3 was finalized and included a clause to address the issue.
Meanwhile, the first proprietary relicensing was done in the early 1990s for Ghostscript, and has been a mainstay for decades. I don't think it's the issue of the day, I think it's more of an issue of the generation. You have to address problematic issues in a license (it's what it's for), you just have to be sure they're perennial issues. Given that nearly every copyleft license in history has been used for decades for proprietary relicensing, and we've had time to see how toxic the business model is, I think it should be addressed. But let's discuss more in the copyleft-next project.
(BTW, I wrote more here about the copyleft equality clause you mention:
Posted Mar 23, 2023 19:45 UTC (Thu)
by rfontana (subscriber, #52677)
[Link] (24 responses)
I think it was an interesting feature (AFAIK not found in any other license) but by no means of critical policy importance.
As I recall, tytso liked it when it was discussed on a mailing list thread.
Posted Mar 23, 2023 23:04 UTC (Thu)
by comex (subscriber, #71521)
[Link] (3 responses)
Having the license set in stone could be considered a good thing, since it prevents the copyleft from being weakened – but it also prevents it from being strengthened, or just clarified or improved in other ways (like by adding a cure provision to the GPLv2).
The usual solution to this problem is to license under GPLv2-or-later, but that vests all power over any future relicensing in a single organization (the FSF) that often has no relationship to the project being licensed.
With a 15-year copyleft sunset, if you wanted to change at least the copyleft provisions, there would be two options:
1. Dual-license for 15 years, then drop the (copyleft provisions of) the old license. Admittedly prohibitive in many circumstances – many projects have no idea whether they'll still exist or be relevant in 15 years – but for something like Linux I could see it happening.
2. Contact everyone as usual, but excluding contributions that are over 15 years old. This would be helpful since, the older the contribution, the more likely the contributor is to be hard to reach, or deceased.
Admittedly, the problem of relicensing might be better addressed with a more targeted clause – say, allowing relicensing if contributors representing 95% of a codebase agree. But it would be hard to word that in a way that isn't at least somewhat abusable. A 15-year rule is easy to explain and, I'd argue, hard to abuse. Sure, someone could take some 15-year-old codebase and fork it into a proprietary version, but I'd say that updating that codebase to not only be compatible with modern systems, but be competitive with modern versions of the same codebase and/or replacements in the same space, would almost always require enough development work that it'd be more effective to just rewrite from scratch.
Posted Mar 23, 2023 23:35 UTC (Thu)
by leromarinvit (subscriber, #56850)
[Link] (2 responses)
OTOH, it creates an incentive for device manufacturers to use grossly outdated versions of components under such a license. And security issues due to never updated software are already an issue for consumer IoT devices, even if the manufacturer has nothing to gain from using obsolete software (other than of course avoiding the work to release updates).
Posted Mar 24, 2023 0:36 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (1 responses)
Cheers,
Posted Apr 16, 2023 9:20 UTC (Sun)
by sammythesnake (guest, #17693)
[Link]
At the least, there's the difficulty of defining "security" "known" and just about every other relevant term. Perhaps the more worrying concern from my POV is how to avoid making it essentially impossible to comply without a fleet of lawyers - putting a lot of the "hobbyist" end of the developer spectrum in something of a pickle...
Unfortunately, legislatures in general are crap at considering impact on those who *aren't* giant multinationals. A an example, I would love to try making my own whisky, just for shits and giggles, , but getting the relevant permits explicitly *requires* making a commercial case and is *expensive* :-(
Posted Mar 24, 2023 0:39 UTC (Fri)
by josh (subscriber, #17465)
[Link] (19 responses)
Posted Mar 24, 2023 12:11 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (13 responses)
I'd like to see something like
(1) Copyright is automatic for about 20 years from publication - the economic limit for most works, after that 99% of them are worthless. Some of them are private.
That would actually achieve a heck of a lot of what we want from copyright, and also get round the problem of dead contributors with no known heirs :-)
Cheers,
Posted Mar 25, 2023 1:25 UTC (Sat)
by josh (subscriber, #17465)
[Link] (12 responses)
Posted Mar 25, 2023 20:50 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (11 responses)
And who are YOU to dictate that people should have their income arbitrarily taken away from them? If they create something popular, why *shouldn't* they benefit from it? (Given that the majority of people get almost nothing - seizing low-value income streams can do serious damage to peoples' wealth.)
This way, people can abandon copyright if it isn't worth having - how many films etc have been lost because they've decayed while in copyright?
And if a franchise is valuable they can trade-mark it and carry on ...
Fix today's problems, don't try and get the perfect result yesterday. But personally, I think objecting to "copyright = author's lfe" is a freeloader's argument, sorry. People have to eat. Pirates of Penzance<strikeout>New York, anyone ...
But if the copyrights are worthless, fair enough.
Cheers,
Posted Mar 28, 2023 12:34 UTC (Tue)
by josh (subscriber, #17465)
[Link] (10 responses)
Posted Mar 30, 2023 17:36 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (9 responses)
The other thing is, Linux is all about freedom, FAIRness, and EQUITY. Again, to me, that means *I* need a justification to seize someone else's property. We've seen the detrimental effects of "perpetual copyright" - I don't want to go there. But we've also seen the destrimental effects of The Pirates of Penzance <strikeout> New York, and I don't want to go there either!
Cheers,
Posted Mar 30, 2023 17:48 UTC (Thu)
by josh (subscriber, #17465)
[Link] (8 responses)
To suggest how your position comes across to those who don't agree with you, consider if I said "you need justification for telling others they can't copy data on their own computers". (You *do* need such justification, but I didn't think it useful to phrase it that way.)
Copyright should be abolished entirely, but as a *compromise* I would settle for granting a few years. :)
Posted Mar 30, 2023 21:52 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (7 responses)
I think you'd be shocked by the consequences ...
We've never had a situation before when things could be freely copied at minimal cost. Before the days of the printing press, copyists got paid good money. Once we had the press, authors got paid good money for scripts. Then we had bands and they got paid for recording sessions and stuff like that.
You've just destroyed authors, musicians, software writers, anybody's hopes of making money. Which means creatives will either have to be rich and do it for pleasure, or poor and if they're lucky get a job where somebody rich pays them. That puts music back to the 1600s, probably destroys the market for literature, ... painting and art will probably survive because artists will be able to sell originals, but basically anything that can easily be copied, won't be made.
> Copyright is a privilege, not a natural right. It's granted by placing restrictions on what would otherwise be a natural activity, copying.
Since when has it been normal - or even possible! - to copy quickly, easily, and at next to no cost? It's NATURAL for copying to be an expensive activity, not a cheap one - that's how it's been for pretty much all of recorded history. You may not be happy with "artificial scarcity" keeping prices up, but the alternative could be natural scarcity as the supply of new things to copy dries up.
Why, in the late 1800s early 1900s, were the Americans so eager to "steal" European culture? is there a lot of "turn of the century" American literature, American music? (Honest question, I don't know.) But if the culture of that time is mostly European, then it shows that the lack of protection stifles creativity.
Cheers,
Posted Mar 31, 2023 8:12 UTC (Fri)
by joib (subscriber, #8541)
[Link] (4 responses)
> I think you'd be shocked by the consequences ...
Maybe. But it isn't written in stone that the current scheme of "artificial scarcity" via copyright is the only way, or even the best way, to arrange things. That one cannot think of any other consequence than some kind of dystopia if the current regime is changed, belies a lack of imagination rather than a true lack of alternatives. Unfortunately we don't have alternative universes to perform experiments in, so nobody really knows for sure what the space of possible outcomes (emphasis on the plural!) are.
> It's NATURAL for copying to be an expensive activity, not a cheap one - that's how it's been for pretty much all of recorded history.
I'm genuinely curious how you can think of copying information being expensive is NATURAL. How do you define natural? Did cavemen pay royalties when they were retelling stories because that's the natural way to compensate whoever originally came up with the story?
And which is the NATURAL state of things? Before writing, disseminating information was very inefficient (telling stories by the fire?), though I guess back then there wasn't much of a money economy either so it's hard to say what the cost was. After writing was invented, when copying was very time-consuming, was that the natural state of things? Or after the printing press was invented, which dramatically reduced the cost of copying? Or the current state, where thanks to digital technologies the cost of copying has further reduced dramatically? I would claim that there is no 'natural' state, but rather the cost of copying is a function of the available technology. And further, our current copyright regime was something that was invented roughly in the age of the printing press, and worked passably in that world. There's zero evidence that it's the "optimal" for the current state of technology, or for that matter that it would have been better than what historically happened in the age before the printing press was invented.
Posted Mar 31, 2023 10:25 UTC (Fri)
by Wol (subscriber, #4433)
[Link]
> I'm genuinely curious how you can think of copying information being expensive is NATURAL. How do you define natural? Did cavemen pay royalties when they were retelling stories because that's the natural way to compensate whoever originally came up with the story?
Okay, to pick on this particular example, but let's separate "performance" from "copying". Telling a story by the fire is a performance. The guy may have been paid with food, with status, whatever. But the performance probably hasn't been recorded, hasn't been copied, *hasn't been memorised!*
Your bard, on the other hand, has invested a lot of time and effort training his memory to retain all this stuff. Okay, back then, their memories may have been better thanks to regular usage - what evidence we have suggests that such copying was actually pretty accurate! And that includes down the centuries!
In the past, the making of accurate, durable copies, has always involved significant investment of one sort or another. Today, we copy like kleptomaniacs, because it's so cheap (I do, too, ...).
Cheers,
Posted Mar 31, 2023 11:32 UTC (Fri)
by paulj (subscriber, #341)
[Link] (2 responses)
Interesting... ;)
Posted Mar 31, 2023 14:03 UTC (Fri)
by Wol (subscriber, #4433)
[Link]
Cheers,
Posted May 3, 2023 9:04 UTC (Wed)
by paulj (subscriber, #341)
[Link]
Posted Jun 14, 2023 15:09 UTC (Wed)
by nix (subscriber, #2304)
[Link] (1 responses)
> You've just destroyed authors, musicians, software writers, anybody's hopes of making money.
In context (that you were proposing lifelong copyright terms, renewable for the lives of heirs, indefinitely: i.e. infinitely long copyright terms, in effect), this is ridiculous. Almost all income from almost all copyrighted works occurs in the first decade: after that it's minimal except for a very few very famous works (think LOTR or Charles Dickens or something like that). For computer software it is effectively nil -- but that won't stop corporate owners, in particular, from automatically renewing just in case and because it's the way it's always been done and because it might just possibly hurt some competitors somehow. And meanwhile you just destroyed what little remains of the public domain, while providing more or less zero incentive to authors to create new works.
In any case, why do you need an infinitely-long income stream to provide incentive? Why isn't a much shorter stream adequate? I don't know about you, but in my job I don't expect to get paid forever for work I do only once, and definitely I don't expect my heirs to ever get paid for work I did. Nor should anyone. That way lies increased concentration of unearned wealth, feudalism and the divine right of copyright holders, not a democratic society. IMHO it should be *impossible* to pass on copyrights to your heirs, not the default state. Tough luck on writers who die shortly after writing a book, but, well, it's not like they're going to be incentivized any more, they're *dead*, so that argument falls at once.
Now maybe indefinite renewal is acceptable if coupled with an exponentially-rising renewal cost, but even that runs the risk of lobbying to eliminate the cost rise while keeping the indefinite renewal. Simply banning it and limiting copyright (particularly of software) to something sane (10, 15 years, something like that) seems a lot more sensible, and a lot more in line with how people *actually* treat it (very few people think that grabbing still-in-copyright 1980s software off abandonware sites is in any way unethical, even if it's technically illegal: it's not on sale any more, you can't buy it, it's of archaeological interest).
Posted Jun 14, 2023 16:02 UTC (Wed)
by Wol (subscriber, #4433)
[Link]
> > You've just destroyed authors, musicians, software writers, anybody's hopes of making money.
> In context (that you were proposing lifelong copyright terms, renewable for the lives of heirs, indefinitely: i.e. infinitely long copyright terms, in effect), this is ridiculous. Almost all income from almost all copyrighted works occurs in the first decade: after that it's minimal except for a very few very famous works (think LOTR or Charles Dickens or something like that).
Except that what I was proposing is WEAKER copyright than today.
"Heirs alive at creation" - hardly "infinitely long". Given that a fair few places now have "life plus 95", it will be noticeably shorter in most cases. Especially as most people are most prolific when they are young, when they are trying to impress the females ... In a LOT of cases, it will be less than "life plus 50", and quite likely the heirs will not be able to renew because the copyright was born before they were.
And it should cost to renew copyright. Which means that many copyrights will be abandoned long before then. Which is the idea ...
Replacing copyright with trademark will also make legal copies much easier, even if it is "only for personal use" - the more copies, the more likely stuff is to survive.
Don't try to get Utopia today. One step at a time.
Cheers,
Posted Mar 25, 2023 17:38 UTC (Sat)
by NYKevin (subscriber, #129325)
[Link] (4 responses)
Posted Mar 25, 2023 18:32 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (3 responses)
I think the minimum may be 50 years. But the "Mickey Mouse Copyright Extension Acts" keep moving the goalposts.
Cheers,
Posted Mar 25, 2023 18:44 UTC (Sat)
by mpr22 (subscriber, #60784)
[Link]
Posted Mar 26, 2023 1:34 UTC (Sun)
by NYKevin (subscriber, #129325)
[Link] (1 responses)
It should also be noted that countries can offer greater limits. The US limit is currently life + 70 years (for works of human authors) or a flat 90 years (for works of corporate authorship).
Posted Mar 26, 2023 1:36 UTC (Sun)
by NYKevin (subscriber, #129325)
[Link]
Correction: This is just flat wrong. The reforms were indeed retroactive. What I was thinking of was the fact that the URAA actually pulled things out of the public domain that were previously in the public domain. So anything that expired *before* the reforms were enacted stayed in the public domain. The other half is that the retroactive portion of the reforms amounted to a flat extension rather than a life + X extension.
Posted Mar 23, 2023 19:56 UTC (Thu)
by rfontana (subscriber, #52677)
[Link]
Posted Mar 23, 2023 23:41 UTC (Thu)
by timrichardson (subscriber, #72836)
[Link] (7 responses)
A CLA does not stop someone from calling a project an "open source" project or a copyleft project, because they can use such a licence, while effectively reserving the right to change at any point. So you don't know everything you need to know if you rely on the licence "brand". Such a CLA significantly modifies the relevance of a contributor holding copyright, but covertly. Some of the CLAs seem very onerous, and yet experience contributors comply. We can't stop CLAs but perhaps we can hinder the exploitation of copy left or even open source promises.
I think it is justifiable to have a licence which enforces no dual licensing, so that when people see a project is licensed under that "brand", they have a guarantee about dual licensing which is currently missing.
Posted Mar 24, 2023 0:32 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (6 responses)
At which point, you have just blown your feet off with a machine gun. *NO* existing project will be able to adopt this licence, all code will need to be rewritten from scratch.
When you absorb other code into a GPL project you do not - you cannot - relicence that code under the GPL. What the GPL guarantees is that, by complying with the GPL, you also comply with any conditions that any other licences impose.
A GPL program distributed as source is a "mere aggregation" of other peoples' code. Any binary is a derivative work - probably under a multitude of licences all of which must be complied with. The magic of the GPL is that it is the only one you need to worry about.
And I don't think you can successfully say which licences are acceptable for dual licencing and which are not. Firstly, you're playing God by doing so, and secondly if you say "only copyleft licences are acceptable" or "only Open Source" or "not proprietary" then how do you define those terms? "proprietary" in particular is a very difficult word because, while the Free Software crowd have defined it to mean "owned by a (private) company", the word itself actually only means "has an owner". Which means the mere existence of a licence - ANY licence - defines the software as "proprietary" - someone owns it or they couldn't licence it.
Cheers,
Posted Mar 28, 2023 5:15 UTC (Tue)
by timrichardson (subscriber, #72836)
[Link]
Posted Apr 16, 2023 11:47 UTC (Sun)
by sammythesnake (guest, #17693)
[Link] (4 responses)
I think it's the other way around - more permissive licences (BSD/MIT style ones) don't have requirements that conflict with much of anything, whether that be GPL or a typical closed source situation.
That means it's *easy* to combine BSD-etc. licensed stuff with almost all other licences, but that's not the case with the GPL. That's by design, of course, but the GPL isn't the odd one out on that front, the permissive licences are.
Posted Apr 17, 2023 15:45 UTC (Mon)
by Wol (subscriber, #4433)
[Link] (3 responses)
Permissive licences make life easy for the developer. He doesn't have to worry about the licence on the code he's copying.
Copyleft licences like GPL make life easy for the end user. He doesn't have to worry about the licence on the code he's using.
Who's side are you on? :-)
Cheers,
Posted Apr 17, 2023 16:10 UTC (Mon)
by sfeam (subscriber, #2841)
[Link] (2 responses)
Posted Apr 17, 2023 18:44 UTC (Mon)
by geert (subscriber, #98403)
[Link] (1 responses)
Posted Apr 18, 2023 21:47 UTC (Tue)
by Wol (subscriber, #4433)
[Link]
Cheers,
Posted Mar 24, 2023 0:46 UTC (Fri)
by josh (subscriber, #17465)
[Link] (6 responses)
I fundamentally disagree with that being a toxic business model. But more importantly, that clause also eliminates the possibility of selling exceptions, which is an even more appealing business model, and one that seems inordinately equitable. Either you contribute back in the form of code, by following the copyleft, or you contribute back in the form of money, by purchasing an exception. A purchased license exception won't be a standard open source license (since at the very least it needs to be non-transferable), so it would trigger this clause.
Posted Mar 24, 2023 1:02 UTC (Fri)
by Wol (subscriber, #4433)
[Link]
I would have no qualms with a CLA that allows dual licencing. But what do you get in return for a CLA?
The FSF used to demand copyright assignment, but said that the payment for the copyright was a guarantee that the code would remain "Free". So all these people afraid of a hostile take-over of the FSF - well there's no point because a company getting hold of the FSF's copyrights couldn't take the code private - they'd be in breach of the contract granting copyright to the FSF. (I don't think that's quite true - there was at least one story on Groklaw of a Judge unlawfully seizing and reselling copyrights ...)
I think my price for granting a CLA (and what I would offer if I wanted people to give me a CLA) would be a guarantee that the code will be "open source" (not "Open Source"). In other words, while it might be tied up with copyrights, trade secrets, NDAs what have you, any customer is guaranteed a copy of the source, to give THEM all the four freedoms EXCEPT the right to share.
And to be honest, at the end of the day, that is the freedom companies can, and should, care the least about ...
Cheers,
Posted Mar 24, 2023 1:09 UTC (Fri)
by pizza (subscriber, #46)
[Link] (3 responses)
I've personally used this approach multiple times, but it was only an option because I am the sole copyright holder of the software in question.
Posted Mar 24, 2023 2:10 UTC (Fri)
by josh (subscriber, #17465)
[Link] (2 responses)
That would eliminate the need for a CLA, and provide projects with a great way to fund themselves.
Posted Mar 25, 2023 2:02 UTC (Sat)
by mathstuf (subscriber, #69389)
[Link]
Posted Mar 27, 2023 11:35 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
You could do this today, with a project that you start out owning - even GPL.
Put in a CONTRIBUTING file a clause saying that by contributing you allow the controlling foundation to sell licence exceptions. Then the foundation needs to make sure that anybody contributing has signed to say (a) they are aware of this clause, and (b) anything they contribute they take responsibility for ensuring they have the copyright (or copyright holders permission) to allow that.
Personally I don't think I'd be happy with exceptions above and beyond administrative ones, but I'd be quite happy to say "you don't need to worry about providing source to your customers, if the foundation has access to your git source tree". Something like that ...
Cheers,
Posted Mar 27, 2023 13:13 UTC (Mon)
by paulj (subscriber, #341)
[Link]
You have companies which have 2 sets of interactions:
a) With the Free Software world, by contributing Free Software under Free Software terms.
b) With another world, by selling proprietary software they will or already have donated to 1.
Typically, b is used to fund a; the client base for b is very different to a; and a acts as marketing for b.
I think what people dislike is the "open core" model - a different thing to the above - where the software in b is a superset of a, those extensions will never be made available under a, and a is artificially and generally limited as a result (i.e., we're not talking about customer-specific hacks and integrations).
To try deal a blow to "open-core", with a clause that completely disallows the above, is a bad bad idea though.
Posted Mar 27, 2023 12:49 UTC (Mon)
by smoogen (subscriber, #97)
[Link]
1. The length of copyright is set by laws and treaties. For many countries on the Berne convention the length of Copyright is set as some number of years AFTER the death of the creator
For me this means that the 15 year code issue causes problems:
This means basically anything 'long living' under this license needs a set of lawyers attached to the code. You need to let people know which countries which state the code is in and whether this is possible.
Posted Mar 28, 2023 12:20 UTC (Tue)
by calumapplepie (guest, #143655)
[Link] (91 responses)
Why take this nuclear option, of saying "if you wanna try and build a business model around this software, we'll stop being copyleft entirely", blocking business models that are broadly thought to be acceptable (eg, an "open core" model a la Gitlab would become impossible). Why can't we take a more moderate tack and use the flexibility of contract law? We don't have to write licenses that solely rely on copyright law's massive infringement penalties.
Just a clause "Excepting willful and prolonged violations of this license, the holders of rights in this program agree that if you fail to abide by the terms of this license, you will not be punished beyond the payment of all reasonable fees (including legal) incurred by others in working to bring you into compliance".
Maybe add some language requiring notification that you are in violation, so I can't say "I had to pay 4 hours of top-tier legal fees to send you an email that your site had a broken link". You can also drop the "willful and prolonged" stuff and just rely on contempt of court to prevent companies from just deciding to stay in violation and eat the legal fees. And probably tweak it in a lot of other ways once an actual lawyer gets to look at it.
If you're gonna make a new license, and you want it to be used and enforced in a certain way, then why not simply embed that in the license? Bake the "Community standards for GPL enforcement" into the text of copyleft-next; that neatly protects both against corporations and individual actors wielding violations as extortion. Those who attempt extortion no longer have the tantalizing call of "all revenue made from the product"; those who would be extorted no longer have the threat of their whole business simply being given to the original creator, that copyright infringement law has as remedies.
Those penalties are still there, as a hammer hanging over infringers who want to argue that the license isn't a contract and can't limit it's own enforcement in that way (since then it's invalid and they have no rights at all, and can now forward all profits to me, please). I suppose a copyright holder could try and advance that argument to get more money out of an infringer, but then they'd be arguing that their own license is invalid, and I don't think most courts would let them pull that more than once.
Sure, you can probably still get some companies wielding FUD, to encourage people to buy the fancy premium license. But with this clause, that becomes no different from many companies offering 'support contracts': what they're selling is the reassurance that comes from someone is being paid for the product your company is built on, that you're still living in the comforting warmth of capitalist corporate society where all goods cost money and someone else can be sued if anything breaks.
Posted Mar 28, 2023 12:38 UTC (Tue)
by Wol (subscriber, #4433)
[Link] (90 responses)
No need to say what "all reasonable fees" is, the court has their own very restricted interpretation of that.
Although jurisdictions do vary wildly - I expect the UK will give you a far larger portion of a far smaller bill back, than if you sued in the US for example.
Cheers,
Posted Mar 28, 2023 12:47 UTC (Tue)
by mathstuf (subscriber, #69389)
[Link] (89 responses)
Posted Mar 28, 2023 14:54 UTC (Tue)
by farnz (subscriber, #17727)
[Link] (88 responses)
Then you bias towards corporates with in-house counsel; I infringe, you sue me costing you $10,000 in total (court fees, 100 hours of legal fees etc), I use my in-house lawyers to do the defence, and thus pay $1,000 in court fees for it (because I have no legal fees), and you're still out $9,000.
The English system is complicated precisely because of the need to remove loopholes like the two we've seen so far in this thread, where someone with significant money can put pressure on someone without money to avoid a pyrrhic victory. The below is only an approximation of the rules, and they need constant interpretation by judges to avoid becoming unfair.
The starting position is that the loser pays the winner's court fees (all of them), plus reasonable legal fees and costs for the winning side. The definition of reasonable here is set out in the Civil Rules and Practice Directions (CRPD); these can change over time, but will cover the costs of a decent lawyer (but not the best money can buy), plus things like photocopying, postage etc.
English law allows for the concept of a "without prejudice" settlement offer. The rules for this are themselves complicated, and also in the CRPD, but the core is that you set out what you're willing to pay and do to make the case go away. As long as you've followed the rules for making such an offer, the existence of this offer cannot be brought before the court until after it's made its decision, but before a costs award has been made. If a "without prejudice" offer existed, and the offer was at least as generous as the court's decision, then costs incurred after the offer was made (itself a term of art, since it refers to a point in time somewhere between when the winning side received the offer, and when it rejected it) are out of scope for a costs order, and the winner has to pay those costs themselves.
If, on the other hand, the offer was less generous than the court's decision, the costs after the offer are in-scope; however, those costs are limited by yet another set of rules (notably that you're expected to minimise the number of things you litigate, so if something is accepted as true in a settlement offer, you shouldn't spend any chargeable legal time proving it, but instead assert it and not litigate it properly unless the losing side disputed it once you asserted it).
Finally, and in support of all this, you can ask the judge to indicate how they would rule on parts of the case if you believe that that would result in you making a settlement offer should the judge rule against you. This plays into the reasonableness tests above; if you have consistently asked the judge to prioritise particular matters, your costs are more likely to be deemed reasonable if you either made a new and more generous settlement offer after the judge indicated that they were inclined to find against you, or if you repeated a previous offer after the judge indicated that they were likely to find in your favour on that matter.
The underlying principle of these rules is that you should try to settle your disputes out of court; if the rules are being applied correctly, then you only end up paying the costs of litigating the things that you disagreed on before going to court, and not the costs of litigating things you agree on. Ultimately, the court wants to be faced with a minimal case where it's told what you disagree on, and is able to focus on just the disagreement; the costs rules exist to ensure that if you fight for the sake of fighting in court instead of accepting a settlement, then you lose out financially.
But trying to encode all of this into a licence is going to be "entertaining" for all the wrong reasons; every one of those rules summarised above exists because without it, a richer party was able to abuse the system to make a poorer party lose out due to legal costs.
Posted Mar 30, 2023 13:39 UTC (Thu)
by mathstuf (subscriber, #69389)
[Link] (1 responses)
Posted Mar 30, 2023 14:31 UTC (Thu)
by farnz (subscriber, #17727)
[Link]
You now have a measurement problem. How many hours did my in-house counsel spend on this case?
If you just count the time that's unarguable, then being rich enough to afford in-house counsel gives me a huge advantage - your external counsel bills many more hours than my in-house counsel. I will naturally fight to bring the time measurement down to this level.
If you do manage to measure my in-house counsel's time spent fairly, you still give a significant advantage to people who can afford in-house counsel; on average, the hourly cost of in-house counsel including overheads is significantly smaller than the cost of paying external counsel, because external counsel charge not only for the time they spend on your case, but also for the time they spend searching for the next case to work on - they have to do this to end up being paid comparable amounts to in-house counsel.
And if you measure all the time my in-house counsel are employed for from start of case to end, you end up with a grossly unfair setup again - my in-house counsel may be working on more than one thing at a time, and you're effectively counting them each and every time.
To protect Free Software, you also don't want to bias in favour of external counsel; the SFLC, Red Hat and others will normally use in-house counsel when defending against misbehaviour by people trying to take Free Software and make it proprietary, except when they need to buy in specialist skills they don't have on staff. If there's bias in favour of external counsel, then someone trying to do damage will use external counsel to make it hurt the SFLC and similar.
This sort of thing is why the English rules are so complex, and have so many places in them where your behaviour affects the final costs settlement - a simple rule is, unfortunately, one that's exploitable by bad actors.
Posted Apr 27, 2023 13:06 UTC (Thu)
by calumapplepie (guest, #143655)
[Link] (85 responses)
Further, while the phrasing could add detail, its worth noting that this can only be exploited against people who refuse to move into compliance by those who have the rights to enforce the license anyways. From the moment $VIOLATOR is in compliance, any legal fees you accrue to try and pry your money out of them are explicitly out-of-scope. The failure mode of under-defined 'reasonable fees' is a person who is already out-of-compliance is attacked by a bad enforcer (individual or corporate) who wants a payout. For an individual, that means there's a hard limit of being unable to get more out of the lawsuit than they put in; there's no large payout to fund your retirement. For a corporation working to suppress competition... my license could use some work, but the maximum damages are still clearly far less than 'all the money you've made with this', which is a lot less intimidating.
Ultimately, the 'reasonable fees' thing could be just dropped.. Just leaving it at:
And then maybe add:
That means enforcers can't make a profit enforcing (disencentivizing individual enforcement), and can't make you pay for any non-compliance before they told you they thought you were violating.
It also (based on what I think "wilful" means) lets any potential violator who can convince a lawyer to advise them 'no you're good' is off the hook. This is a single-use get-out-of-jail-free for a large violator against a small enforcer, since once they lose the lawsuit and get to the damages stage, the expenses start accruing.
Ultimately, if it works as I intend, enforcers aren't entirely reliant on pro-bono lawyers against massive corporations (like they would be if it was a blanket ban on all damages), and small violators can't be pushed into bankruptcy for innocent-ish violations (since they can't lose more than they gained, even if they gained every cent exclusively due to intentional violations). Even if it fails, bad enforcers are still far weakened, and bad violators still eventually have to come into compliance (which is the only thing the SFC seeks when they enter lawsuits).
Posted Apr 27, 2023 14:07 UTC (Thu)
by farnz (subscriber, #17727)
[Link] (84 responses)
There's a huge hidden assumption in a lot of what you've written: that the violator and the enforcer agree on what "in compliance" actually means. A case I've dealt with in the past had us shipping the source code for software on DVD upon request, with build instructions; we had someone try and argue that this wasn't sufficient under GPLv2 section 3b, since our build instructions assumed that you were running a Linux OS on your desktop, and thus in the eyes of the person attempting enforcement against us, we had not shipped "the scripts used to control compilation and installation of the executable", since as far as they could tell on their Windows system, the scripts we used did not work to control compilation, and thus we were hiding the "real" scripts used to control compilation.
And I see an easy way to abuse your setup - I am not in compliance; you contact me, I immediately come into compliance, and thus, per your definition, any costs you incur are out-of-scope. The moment you lose interest in trying to enforce, I stop complying, because compliance is expensive compared to not complying; you get in touch again, and I come into compliance.
In this setup, the enforcer has to keep spending their own money trying to get me to come into compliance; I'm never wilfully non-compliant, since my non-compliance is a consequence of neglecting things that I don't want to do, so the wilful term doesn't come into it, and thus the wilful violation clauses don't apply. You've declared that you will not hold me responsible for damages unless it's wilful, so there's nothing to gain from enforcing, and thus there's no loss to me if I keep giving up on compliance when not pursued directly by an enforcer with standing.
Underlying all of this is that the problem you're facing is not a global issue - it's a consequence of the way the US court system specifically works. In England and Wales, for example, the default position is that your damages payout is there to "make good" the affected parties, and no more; the cap is not "the total amount you made with this", but "what it would have cost you to comply had you been in compliance from the beginning, plus interest on that money". The only way to move from this position to a more punitive payout is for the enforcer to prove that you were deliberately non-compliant, and gambling on lack of enforcement, and even then, the bound on the payout is the amount it would have cost you to build an equivalent piece of software from scratch.
Posted Apr 29, 2023 13:55 UTC (Sat)
by calumapplepie (guest, #143655)
[Link] (83 responses)
Actually, I didn't assume that, though clearly my writing failed to convey that. If there is an actual disagreement about what compliance means, then it goes to the courts, like the existing process. If the courts then find that there was no compliance and there is no way the violator didn't know that, then the damages can apply for the full duration.
> And I see an easy way to abuse your setup
I don't think your way is any worse than what is currently the status quo, which the SFC believes to be acceptable. That is, right now, the SFC seeks $0 in monetary damages in all their cases, paying for all enforcement actions themselves. They only ask the court to issue orders that compliance be observed properly; which the courts then enforce with contempt-of-court charges as needed.
> I am not in compliance; you contact me, I immediately come into compliance, and thus, per your definition, any costs you incur are out-of-scope. The moment you lose interest in trying to enforce, I stop complying, because compliance is expensive compared to not complying; you get in touch again, and I come into compliance
Compliance is only expensive when you have not achieved it. Serving up some source code files for 10 years is far cheaper than even a 20 minute consultation with a lawyer to see what this letter from the SFC is on about. The reasons companies remain noncompliant is they either lack the rights to release the source code for some component they linked into the code, or they worry that if they do release the code their competition will steal their secret sauce. But in order to be compliant, you need to release that source code (even if only briefly), and that requires you to both get those rights and show their secret sauce. Once you've done that, there's almost no incentive to return to being non-compliant; compliance only requires you to occasionally update the server with your latest code, and let two or three curious people download it a month.
Further, my language doesn't actually mention any notification or 'grace period'. It just says "willful". Your cycle of enforcement/noncompliance would require that a new form of noncompliance be found each time, since otherwise the previous notification would still apply. Ultimately, though, the cycle would be acceptable: enforcers just need to routinely send emails saying "hey, you forgot to include the code for your latest update in your code posting". Then the violator would need to release the latest code, allowing folks to download it and mirror it. The open source community is happy, they have the code they need even if the company went back to trying to hide it.
> Underlying all of this is that the problem you're facing is not a global issue - it's a consequence of the way the US court system specifically works
That's certainly true. However, just because some clauses of a license are useless in some jurisdictions doesn't mean they're useless in all. In today's globalized world, especially when it comes to matters like copyright, enforcers get to decide what jurisdiction to pursue damages under. As long as the US court system allows for titanic damages, bad enforcers will continue to seek massive damages there; so our licenses must protect against that.
Posted Apr 29, 2023 14:15 UTC (Sat)
by pizza (subscriber, #46)
[Link]
No, falling back out of compliance is common because $vendor sees "coming into compliance" as a one-off act (ie "manually scramble around to find the source code and upload it somewhere"), instead of something that needs to be incorporated into their release process. Without that process change (eg "add a source tarball to your build script and post both up at the same time"), every time you release something new you're automatically out of compliance and have to do that time-consuming manual scramble all over again when you're inevitably called out for it.
Relatedly, when "compliance" is a manual act, it means that "source code access" isn't considered to be a requirement that needs to be met whenever you revamp/rebrand/etc your web site (or shuffle old product support/download pages to an EOL section) meaning the source code links get routinely broken or dropped, etc even for the old/existing stuff that you've already gone through all that trouble for.
I know McHardy's GPL enforcement is generally considered to be done in bad faith, but his approach did have a valid point -- if organizations treated source code access as a process/requirement change instead of as a one-off act, they would have completely avoided falling back out of compliance.
Posted May 2, 2023 10:40 UTC (Tue)
by farnz (subscriber, #17727)
[Link] (81 responses)
But I came into compliance, so the previous notification has been dealt with in full. I've now not bothered keeping in compliance (didn't keep source code up when the web site was rearranged, removed the source code when I made a patch release because it was tied to the withdrawn release, whatever), and I'm not being wilful - I'm being negligent (I'm simply not caring about compliance).
You now have to make a new notification that I've gone back out of compliance, having previously agreed that by providing full source for the product, I was in compliance. You don't get to say "I'm taking back my previous acceptance that you are in compliance"; instead, you have a new non-compliance (probably the same issue as last time) to address, and need to notify me all over again.
Ultimately, the problem is that by tying your hands with the licence, you've ensured that I have no incentive to put together a process for perma-compliance. That process isn't free to create and is a constant drain on resources as I ensure that every time I do a new software release, I have the matching sources put up on offer with the release. By saying "no compensation required as long as you come into compliance on demand", you've said that the maximum cost of not complying is the same as complying, but the minimum cost of non-compliance is zero, since it's possible that people won't make the demand. The thing that makes it worth being in permanent compliance, and not coming into compliance on-demand, is the risk that a court will order significant compensation for a given period of non-compliance, such that it would have been cheaper to be in compliance from day one than to come into compliance and pay the compensation, but that's the very thing that you want to get rid of!
And it's worth noting that in a less unbalanced system, like England and Wales, absent the clauses you're describing, the courts would normally set the compensatory payment for the period of non-compliance at a level a bit above the cost of compliance; your clause would cause them to set it to 0, making it not worth complying in a jurisdiction that doesn't have crazy payouts as a norm.
Posted May 2, 2023 11:59 UTC (Tue)
by kleptog (subscriber, #1183)
[Link] (80 responses)
I guess that depends on what compliance means. Is it that you met the terms of the licence for a fraction of a second, or does it mean you changed your processes you ensure future compliance as well.
Now, I imagine its a question of writing it down properly, but if judge tells a business to comply to cutting pollution in half, the business cannot comply with that order by simply running at half power for a week (box ticked) and then switching everything back on. Compliance has to talk about the future otherwise its meaningless.
Posted May 2, 2023 12:07 UTC (Tue)
by farnz (subscriber, #17727)
[Link] (79 responses)
If I don't change my processes to ensure future compliance, I'm negligent, but not wilful - wilful is that I've acted to be non-compliant, negligent is a failure to act. The licence language proposed bans you from claiming compensation from me if I'm negligent, and requires me to be wilful.
In your pollution analogy, if I simply run at half power, but I don't put a process in place to stop the power going back to full until I've found a solution, I'm negligent in permitting a new non-compliant situation to exist. Normally, that negligence opens up compensation to exactly the level I'd have had to pay if I wilfully breached the court's order (so the distinction doesn't matter), but in this case, we've said that negligence doesn't open up room for compensation, only wilfulness, which closes off the court's options.
It's why this is a tricky thing to address in the terms of the licence language; you're deliberately setting out to stop the court from making certain decisions, but a consequence of that is that you block the court from making those decisions when they're in your favour. Unless you can put down "fair" in a very detailed way, it's impossible to ensure that a court's decisions always meet your standards of "fair"; and anything that blocks McHardy's style of enforcement operation also blocks off court decisions that might be needed to deal with a routinely negligent party.
Posted May 2, 2023 12:56 UTC (Tue)
by pizza (subscriber, #46)
[Link]
At some point, "negligence" becomes "willful negligence", because you're presumed to have an [orgainzational] memory greater than that of a goldfish.
The way this sort of thing is _usually_ handled is that as part of a settlement, you agree to remain in compliance in the future, lest $much_bigger penalties apply.
Posted May 2, 2023 16:31 UTC (Tue)
by paulj (subscriber, #341)
[Link] (77 responses)
We've had articles on this on LWN in the past, but never got any real detail on exactly what was so objectionable in the contracts he got the GPL violaters to sign (because those few in the community who know think the rest of us shouldn't know those details IIUC).
Posted May 2, 2023 16:43 UTC (Tue)
by paulj (subscriber, #341)
[Link]
See here (and background via links): https://lwn.net/Articles/882397/
I note the "community principles" are ones that are unilaterally touted as such by SFConservancy. However, while I appreciate 90%+ of what SFConservancy do, I thoroughly disagree with a few aspects of their approach. In particular, the softly-softly attitude, and the idea in those principles that Free Software developers may not seek full damages from violators - especially repeat ones - but only their costs in remediating violations, I thoroughly disagree with.
That idea seems to have evolved now into this new licensing model, which seeks to remove the ability for Free Software developers to make profit by co-licensing - including in cases where all the software remains available under Free Software licences. Which I, and others commenting here, disagree with - see other threads.
Posted May 2, 2023 18:43 UTC (Tue)
by Wol (subscriber, #4433)
[Link] (2 responses)
Basically he was out to make money. He approached nicely, got them to sign a contract (important, that meant he could sue them for violating OTHER PEOPLES copyrights), and then - because he worded the contract deliberately so - he gouged them for pretty much everything.
Yes you should be in compliance. But compliance is hard. And he was targetting people for profit, who were actually "trying to do the right thing". And I don't think he was interesting in helping people comply.
If he'd got them to sign a consultancy contract for him to bring them into compliance, fine. He would have worked for the money and earned it. But basically, once he'd got them to sign this contract, all he did was collect rent on other peoples' property.
Cheers,
Posted May 2, 2023 18:50 UTC (Tue)
by paulj (subscriber, #341)
[Link]
That is my understanding of the concrete objection too.
> he was targetting people for profit, who were actually "trying to do the right thing"
Is that a fact? I've read it phrased it way - by people and statements reported on here on LWN - but I've not seen any detail on this. We have to take it as received fact - from people who are known to be in the softly-softly camp on enforcement AFAIU (which is, to my thinking, effectively a pro-corporate violators and anti-individual-developers camp - not the intent, but that's my view). I respect those people, but I think it's possible there some is subjectivity here that may be coloured by the positions people hold.
Posted May 2, 2023 22:50 UTC (Tue)
by paulj (subscriber, #341)
[Link]
The details are very murky.
The characterisations of McHardy's nefarious ways come from those who a) have a well described position that Free Software developers should not "profit" from GPL violators - even /serial/ ones and/or b) represented GPL violators, and have an obvious interest in describing their client's violations as minor, minimising the serial nature of those violations, and characterising McHardy as the bad guy.
The details are murky... Even SFConservancy can be quoted as stating that.
Posted May 2, 2023 21:01 UTC (Tue)
by malmedal (subscriber, #56172)
[Link] (72 responses)
The main allegation is that he knew of multiple infringements at the start but would only mention a small issue that could be resolved for a small amount of money, and in the next multiple lawsuits he would collect larger amounts than if the victims had not signed an agreement.
This is considered to be a deceptive practice and disliked by a number of people.
Further allegations are that he would also run these lawsuits against companies which did not in fact use any code he had written.
Posted May 2, 2023 21:39 UTC (Tue)
by farnz (subscriber, #17727)
[Link] (70 responses)
I'd be interested in seeing if the further allegation can be proven - in theory, at least, the only way for that to happen is if the company agrees that he can do so, and that implies that companies know they're infringing, agree to such a contract out of generalised guilt, and then get sued.
Note, though, that what I'd want to see in order to condemn McHardy is proof that someone was in compliance in principle, but making technical errors (e.g. firmware download on a server with higher uptime than the source server), rather than someone non-compliant who perhaps would have won a copyright infringement lawsuit against McHardy, but not against someone with standing.
Posted May 3, 2023 9:01 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (69 responses)
My point is that McHardy was accused of something far more serious than "he got money in a lawsuit from open-source work."
Whether the accusations are true I don't know, I doubt we will get any more first-hand information about this since he has agreed to a legal
Posted May 3, 2023 9:33 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (68 responses)
Sure, but I've seen accusations of all sorts of things thrown around - and SCO accused Linux developers of some quite serious copyright infringement without good evidence, so I'm not going to react to a claim of wrongdoing without seeing the evidence first.
And I don't actually agree that he was accused of something "far more serious"; stripped of the emotive language, the claim is that the companies he pursued was engaged in copyright infringement, knew their processes were inadequate to prevent infringement, but promised McHardy that they wouldn't infringe in future. He then proved that they were still infringing, and got money from them, and they're hurt that just a pinky promise to not infringe wasn't enough to protect them from a contract they entered into.
This is largely a tale of the company's lawyers being incompetent. Either McHardy had a copyright infringement case on his own copyrights to start from, and the contract was a way for them to play "double or nothing" where either McHardy gets nothing for their infringement of his copyright, or they continue to infringe on someone's copyright, and McHardy gets damages, or they knew they were infringing loads of copyrights, didn't realise that they weren't infringing McHardy's specifically (but were infringing lots of others), and chose to pay off McHardy rather than stop infringing.
Neither of those involve particularly serious accusations against McHardy - unless your claim is that it should be cheaper to infringe copyright than to comply with OSS licences.
Posted May 3, 2023 11:15 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (67 responses)
Deception, which you dismiss as emotive, is widely considered a bad thing and is a serious accusation.
It can also have legal repercussions, depending on details deception might invalidate his contracts.
Unlike the Linux community in the SCO case McHardy has been publicly silent. Why isn't he giving us his version of the story?
Posted May 3, 2023 12:15 UTC (Wed)
by paulj (subscriber, #341)
[Link] (20 responses)
If I were dealing with a company violating my copyright, and I told them, and they agreed to stop. And they continued to do so anyway, does it really make a difference if the continued violation was one I knew of before but didn't tell them about? The company concerned clearly is incompetent at a minimum in its processes for incorporating other people's code into their product - if not wilfully malicious.
These companies are profiting from other people's software - while a subset of the Free Software developers who wrote that code struggle to make ends meet. And these "softly softly" attitudes mean there is little incentive for any of these companies to change their ways.
Posted May 3, 2023 12:40 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (4 responses)
If SOMEONE ELSE knew of a company violating YOUR copyrights, and then (through whatever means) got them to sign a contract which allowed THEM to claim damages for violation of YOUR copyrights, would you be happy?
Hardy is that "someone else", and he made a pretty tidy penny out of it. Especially as (iirc) his code had been removed from the kernel several years prior.
If Hardy had been collecting damages on HIS OWN code, a lot of people would have been happy, a lot of people would have been miffed, most people would not have complained. The problem is he was collecting damages on OTHER PEOPLES' code.
Cheers,
Posted May 3, 2023 12:50 UTC (Wed)
by paulj (subscriber, #341)
[Link] (3 responses)
And indeed, I think I'd be a bit of a dick if I then launched a campaign to smear that other author within my community because he enforced his copyright against *serial* and _commercial_ violators, and only /after/ first asking the violator to stop, and the violator not doing so. (Least, I think I would be, on /those/ facts).
Now, whether McHardy has enough code in Linux, in the form Genietech (or whoever) were using it, to give him legal or moral standing to take copyright enforcement actions, those are other questions. Assuming he does, refer to above. If not - that's a *different* matter.
Posted May 3, 2023 15:52 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (2 responses)
Except McHardy is NOT a joint copyright holder. If my co-holder chooses to enforce copyright and I don't, that's our mutual separate decisions, and we both have to put up with the consequences of our decisions. But if some random joe decides to enforce MY copyright to HIS benefit in a work to which he has made no contribution whatsoever ... ???
Cheers,
Posted May 3, 2023 16:02 UTC (Wed)
by paulj (subscriber, #341)
[Link] (1 responses)
There-after, if the company signs an agreement to stop violating anyone's code, in return for a "let off" on the original violation, then that is an agreement that McHardy and the company are allowed to enter into between themselves. That agreement is predicated on *McHardy's copyright in the code* and the *original violation of McHardy's copyright* (and above, we are taking that as given - if not, that's a different issue).
Posted May 3, 2023 16:09 UTC (Wed)
by paulj (subscriber, #341)
[Link]
The precise details still elude the wider community - these seem only deemed suitable for discussion behind closed doors at the Chatham House LLW type events. :(
Posted May 3, 2023 13:15 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (14 responses)
The allegation I heard is that companies were asked to pay a small fee and sign a contract and then they could continue to use technology A and the matter of technology A would be resolved forever.
Then later they would get a claim demanding money for technology B. This sum was much larger and had more legal teeth because of the first contract for technology A.
Note that when the lawyer for one party comments on a case while the other side is silent that is usually a sign that anything they could possibly say would only make the situation worse.
Posted May 3, 2023 13:44 UTC (Wed)
by paulj (subscriber, #341)
[Link] (13 responses)
Farnz's comment about this being about - at best - incompetence at the companies concerned. Remember, the clearest and most detailed description we have of McHardy's actions are this, from the lawyer who represented geniatech:
"The tactics used by McHardy are to first notify the company of the GPL violation and ask for a cease-and-desist declaration that would subject the company to a flexible contractual fine. If that is signed, it is followed up with another letter, pointing to a different GPL violation, that asks for a second cease-and-desist declaration with a fixed contractual fine. After that is signed, further violations are alleged, each of which comes with a request for the fines (which can be a five-figure value per infraction), along with further cease-and-desist declarations with even higher fines."
From LWNs reporting, https://lwn.net/Articles/752485/, of the presentation given at the FSFE Legal and Licensing Workshop: https://fsfe.org/activities/ln/llw-past.en.html - under Chatham House rules, so we have very little to go on. We don't have the presentation, but presumably Wensler agreed for LWN to report on it, and presumably LWN has given a fair characterisation (complete?).
So, to be clear,
1 Company is violating the GPL on Linux
"You're violating my copyright on the netfilter Flobble module in the Linux kernel. Sign this agreement, promise to stop, and we're good. If you do it again, you'll owe me X".
3 Company removes the Flobble module from their product, and ships updated Linux, without the Flobble module
5 McHardy comes back and says (explicitly or implicitly):
"You're still violating the GPL on Linux, and I also have the Wibble module in it, even if you removed the Flobble module. You owe me X. Sign this new agreement and stop violating. Violate again and you owe me X*Y"
And so on.
If anything, if McHardy repeated his copyright claims over a series of distinct modules, then this is _worse_ for the company than I thought. The only way this story adds up is if these companies did _work_ to address the violation /only/ of McHardy's components - that he'd told them about. Which implies they updated their product, and continued to wilfully violate the copyright vested in the remaining code!
And the "deception" is that McHardy hadn't told them he happened to still have copyright in that remaining code, which they continued to wilfully violate?
I have even _less_ sympathy for these companies than before. And I am increasingly sceptical of the criticism of McHardy. McHardy is the "troll"?
Posted May 3, 2023 13:53 UTC (Wed)
by paulj (subscriber, #341)
[Link]
An earlier LLW, LWN report: https://lwn.net/Articles/721458/
"The panel was moderated by OpenChain program manager Shane Coughlan and consisted of Armijn Hemel, of Tjaldur Software Governance Solutions, and Mark Radcliffe, chair of global open source practice at DLA Piper, who has advised a number of clients in disputes with McHardy. Coughlan and Hemel have both been active in the GPL compliance world for many years; they have written about some of that here at LWN as well as in a new freely available book on GPL compliance."
"who has advised a number of clients in disputes with McHardy."
So basically, serial GPL violators dislike Free Software developers enforcing their copyright and the GPL. And the lawyers they pay who are active in Free Software licensing are now trying to defang copyleft completely, while smearing said Free Software dev for taking enforcement action against GPL violators who signed a contract with McHardy to stop violating, and who then _actively did work_ to remove McHardy's code so they could *continue* to violate the GPL - not realising McHardy had more code? (If we assume McHardy did indeed have copyright on multiple modules, as McHardy appears to have claimed, going by the violators accounts - different issue).
Posted May 3, 2023 14:18 UTC (Wed)
by paulj (subscriber, #341)
[Link]
- McHardy got them to sign to agree to stop violating.
"Our agreement bound you to stop violating /any/ of Linux, not just my code in it that you removed".
Which still means the company _did work_ so they could keep wilfully violating the licence on the code, thinking they could workaround McHardy!
It appears these companies must have been active, wilful GPL violators?
Posted May 3, 2023 15:45 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (1 responses)
No. What he apparently said was "You're still violating the GPL on Linux with regard to the Wibble module. You owe me X". After removing the Flobble module, ALL MCHARDY'S CODE HAD BEEN REMOVED. So McHardy is now collecting damages on a version of Linux in which he has no copyright interest whatsoever.
HOW HARD IS THIS FOR PEOPLE TO UNDERSTAND. The outrage from the community is not because McHardy is enforcing his own copyrights. It is because he is collecting damages for a version of Linux in which he has no copyright interest whatsoever !!!
Cheers,
Posted May 3, 2023 15:56 UTC (Wed)
by paulj (subscriber, #341)
[Link]
So they removed his code - a deliberate and knowing act - and then kept on violating!
The penalty is basically on the strength of the *original copyright violation* of /his/ module, and then failing to stick to the "let off" agreement to be good to the community.
So, on the story as you present it we have:
A: A company which is a deliberate and repeated GPL violator.
B: McHardy, who tried to get this company to respect both his own copyright and the entire community's. And gave Company A a let-off on the original violation if they did so in future.
And company A are the poor victim here, and McHardy is the bad guy?
Posted May 3, 2023 16:45 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (8 responses)
Such a strategy would be very foolish on McHardy's side.
Posted May 3, 2023 17:07 UTC (Wed)
by paulj (subscriber, #341)
[Link] (7 responses)
Note, in the scenario I gave - which I'm trying to make consistent with what you wrote as your understanding of what happened (at a high-level) - it is NOT that McHardy asked them to remove anything, but that the company removed the code (a "technology" in your words, I take it meaning a netfilter module of some kind) that McHardy had told them he had copyright in and they had violated the licence of.
I.e., the company removed McHardy's code, as he had communicated to them; and then continued to violate the licence of the kernel - and hence violating the "let off" agreement they had with McHardy (whether or not there was still code of McHardy's remaining - I am assuming McHardy did have code and standing in the first instance, on the back of which the company made the agreement).
Is that consistent with your understanding too?
Posted May 3, 2023 17:09 UTC (Wed)
by paulj (subscriber, #341)
[Link] (4 responses)
(As is farnz I think).
Posted May 3, 2023 18:40 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (3 responses)
Posted May 3, 2023 20:55 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (2 responses)
I am posting based on the facts that have been given by the copyright infringer's lawyer in relation to the case, ignoring their framing of the issue.
I understand that the infringer might want to make it look like McHardy is the bad guy here, but if there's genuinely more to it than they've revealed so far, I'd like to see the facts, not just their claims - letters from McHardy, perhaps?
Posted May 3, 2023 21:22 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (1 responses)
Posted May 3, 2023 21:44 UTC (Wed)
by farnz (subscriber, #17727)
[Link]
I've sent him an enquiry by e-mail, but had no response. If you have his contact details, why not try yourself?
Posted May 3, 2023 17:40 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (1 responses)
Posted May 3, 2023 18:36 UTC (Wed)
by paulj (subscriber, #341)
[Link]
The claim made by others is that on the /subsequent/ violations, that McHardy did not have code in whatever software it was that was at issue. Whether that was because the company concerned removed it, or whether it was because the kernel community had rewritten the code to remove anything associated with McHardy, I do not know.
The claim by some here seems to be that the deceptiveness was that McHardy claimed to be a copyright holder when he was not. I have not seen evidence that this is true.
As far as I can tell it is accepted that McHardy had a copyright interest in the earlier violations. Or at least, that there was a good chance.
Posted May 3, 2023 14:09 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (45 responses)
You've explained why I consider the accusation of deception (without matching evidence) emotive - deception is a serious accusation, and widely considered to be a bad thing. As a result, accusing someone of engaging in deception is an appeal to emotion to get you to condemn the alleged deceptive person, without thinking through what they've actually done.
Given that you're saying this is a serious accusation, where's the evidence of actual deception?
All I can find is that McHardy offered a settlement saying that he'd expect to be paid for the infringement of his rights each time he could show that the company accepting the settlement was failing to comply with the GPL on any code. Someone at the settling company read "any code" as "any code I have copyright in", and has been surprised that their reading wasn't right - and is calling it deceptive because they misunderstood.
And as for why McHardy is publicly silent - as far as I can tell, there's still ongoing and related legal action; in many jurisdictions, talking about things that are being litigated can only ever go against you in court, and McHardy may well be staying quiet because his lawyer has advised him that he should stay quiet until the judge is done ruling.
Posted May 3, 2023 15:48 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (1 responses)
And plenty of people who DO have copyright in Linux are - quite rightly imho - seriously upset that McHardy is rent-collecting on code that he has no rights to! If he still had code in Linux, fair dos. But he doesn't!
Cheers,
Posted May 3, 2023 15:57 UTC (Wed)
by paulj (subscriber, #341)
[Link]
Posted May 3, 2023 15:59 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (42 responses)
Based on your statements I got the impression that you did not understand why McHardy was disliked.
It seems like you don't understand/agree that being seen as a deceptive person is something that can make you widely disliked?
Far from being emotive, shunning deceptive people is a pragmatic self-defence strategy.
Posted May 3, 2023 16:31 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (41 responses)
I still don't know why he's disliked - you've told me that he's disliked because he's done something that some people think is a reason to dislike him, but you've not told me what he's actually done - it's been words like "practices" hiding it.
If he's been deceptive, then you should be able to tell me what he's done that's deceptive, without using the emotive words - you should be able to say what he did, not just how it made people feel.
Posted May 3, 2023 17:00 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (3 responses)
We HAVE told you - he is rent collecting on other peoples' work.
(And he is widely seen as tricking his victims into signing these contracts.)
It's not the deceptive practices that really annoy a lot of people, it is the fact that he is driving people AWAY from linux. And he's collecting monies that are NOT his by rights. The fact that he's used deceptive tactics to achieve that is a side show.
Cheers,
Posted May 3, 2023 17:13 UTC (Wed)
by paulj (subscriber, #341)
[Link]
Posted May 3, 2023 17:14 UTC (Wed)
by paulj (subscriber, #341)
[Link]
Posted May 3, 2023 20:52 UTC (Wed)
by farnz (subscriber, #17727)
[Link]
No, you haven't. You've shown that he's rent collecting on his own work, and is offering a discount on that rent if people decide to bother with licence compliance in future, then withdrawing that discount when they demonstrate that they lied when they said they were going to comply in future.
Posted May 3, 2023 17:02 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (36 responses)
https://lwn.net/Articles/930693/
Please note that "deceptive" is not an emotive word, it is used to describe a situation where you deliberately make someone believe something which is not true. The word can be used for outright lying, misleading statements, deliberately withholding information and other tactics.
The allegation implies that the victim companies were led to believe that signing the contract and paying money would make the problem go away, while in reality it made the problem worse.
Posted May 3, 2023 17:33 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (35 responses)
No, you did not. You described a whole bunch of practices that are completely normal in copyright infringement cases generally, and called them deceptive in order to get me to feel that McHardy had done something wrong. You've not even told me who claimed they're deceptive - as far as I can find, everyone calling them deceptive is on the side of infringers in copyright cases a lot of the time, and is basically arguing that it's unfair to expect infringers to comply with copyright law.
It's completely and utterly standard (I've been involved indirectly in a number of copyright-related software lawsuits, gathering up evidence requested in discovery) to not notify all infringement at first, but instead to offer a sample of known infringement; the idea is that the infringing company, now that they know that they're doing something wrong, will not only fix the notified problem, but also go away and check that they're generally getting things right. Part of the reason copyright holders do this is that they want to see whether you're going to fix your process issues that result in infringement, and confirm that you've found all the infringements you're engaging in, or whether you're going to simply address the one issue you've been told about and continue otherwise infringing.
The idea is that if your idea of "fixing" your infringement is to remove my copyrighted code, rather than licence it, you need to do the work to actually find all of my code and remove it. I keep my knowledge of further infringement to myself, so that if you simply remove the things I've told you about, I can come back round with the things I didn't mention the first time - and I can demonstrate to the court that you are not only infringing on the latest matter, but also that it's part of a pattern of behaviour, and not a one-off error.
So, I ask again - what's he doing that's not normal practice for copyright lawsuits outside the oepn source space, and therefore might qualify as deceptive?
Posted May 3, 2023 17:52 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (15 responses)
Claiming damages on OTHER PEOPLES' code. If that's standard practice, I'm horrified ... to be frank I'd call that either *fraud*, or *theft*.
Cheers,
Posted May 3, 2023 18:32 UTC (Wed)
by paulj (subscriber, #341)
[Link] (14 responses)
Posted May 3, 2023 19:40 UTC (Wed)
by Wol (subscriber, #4433)
[Link] (13 responses)
In other words, he was mostly claiming damages for code he had no copyright interest in whatsoever.
Cheers,
Posted May 3, 2023 20:48 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (12 responses)
But he wasn't claiming damages for the newer kernels - the damages were for the kernels he had code in, but he'd offered to discount the amount he claimed if you promised to not infringe the kernel's licences in future.
That some companies wish to characterise "we took a discount on damages that we were offered in return for a promise of future good conduct, then had that discount withdrawn because we couldn't be bothered to keep to the contract we signed" as "McHardy is claiming damages on code he didn't write" is a stretch.
Posted May 4, 2023 14:58 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (11 responses)
Given that - when McHardy came back for more money - the companies were no longer infringing ON MCHARDY'S CODE I fail to to see any difference.
Yes, legally, he was dinging them for breaking a contract, but that was why he got them to sign the contract (rather unusual in the Free Software world) in the first place. Without that contract, they would have said "On yer bike mate", and there would have been ABSOLUTELY NOTHING he could do about it.
In other words, the quickest, cheapest and easiest way to come into compliance with respect to McHardy, would have been to upgrade the kernel. He took advantage of their ignorance to put himself in a position where he could claim rent on other peoples' code.
Cheers,
Posted May 4, 2023 15:10 UTC (Thu)
by farnz (subscriber, #17727)
[Link] (10 responses)
They didn't have to sign the contract - they could have said "no, we are not willing to agree that we will not violate the kernel licence in future in order to get a settlement from you". If they'd done that, they'd be taking the risk that McHardy would pursue them through the courts for more damages than they were willing to pay, and that the fact of McHardy suing and winning over past infringements would cause other people whose copyrights were infringed to do the same thing as McHardy.
That's where all of this comes from, after all - they knew they were violating McHardy's copyrights, and believed that McHardy's settlement offer was a better deal than they'd get offered in court. So they agreed to it, and then, because their legal advisors were incompetent, discovered that the agreement they'd signed wasn't as good a deal as they thought it was.
They always had the option of saying "we don't like your settlement offer - this is our counter-offer, take it or see us in court", and they chose not to do that. Why? And why should we feel sorry for a serial GPL violator whose lawyer made a huge mistake when advising them to take the settlement agreement McHardy offered instead of either counter-offering, or insisting on going to court?
Posted May 4, 2023 16:11 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (9 responses)
Which McHardy was banking on. Isn't that the DEFINITION of deception? Offering some sucker a deal which you *know* is too good to be true?
Cheers,
Posted May 4, 2023 17:49 UTC (Thu)
by farnz (subscriber, #17727)
[Link] (8 responses)
See, this is where I disagree - I don't think McHardy was banking on them continuing to violate, I think he'd have been just as happy if they'd done as they agreed and stopped violating the licence.
The only person who's actually claimed that McHardy was banking on that is the lawyer for a company that took the settlement, and then chose to continue violating the kernel licence, ignoring the settlement language. And he's not a trustworthy source, because it's entirely possible that he's saying that because he was banking on McHardy not enforcing the settlement after McHardy's code was removed from future versions.
Posted May 4, 2023 19:42 UTC (Thu)
by Wol (subscriber, #4433)
[Link] (7 responses)
I don't think he CARED if they continued to violate or not, he had a plentiful source of suckers. How can you claim repeatedly offering a deceptive agreement isn't intentional deception?
Cheers,
Posted May 4, 2023 20:00 UTC (Thu)
by farnz (subscriber, #17727)
[Link]
How can you claim the agreement is deceptive without seeing it, purely on the basis of a claim by a copyright infringer's lawyer?
Posted May 4, 2023 21:48 UTC (Thu)
by rschroev (subscriber, #4164)
[Link] (3 responses)
Posted May 5, 2023 9:57 UTC (Fri)
by malmedal (subscriber, #56172)
[Link] (2 responses)
Imagine you are a company making something traditionally non-computer related, say a CNC-machine or something. At some point you hire a contractor who designs a box to control your machine.
Later you get hit with a lawsuit because something called Linux in this box which you weren't aware of.
And then the same guy comes back with another lawsuit for what you thought was already resolved.
This is the alleged tactic.
The tactic is deceptive because it exploits the victim's ignorance, The fact that the victim was indeed doing something illegal is not relevant for whether something is deceptive or not.
Posted May 5, 2023 10:04 UTC (Fri)
by farnz (subscriber, #17727)
[Link] (1 responses)
Except you're missing a key part - the contract is alleged to have included a requirement that you ship the source code for Linux with the CNC machine (or whatever) in future.
And it's this requirement that companies thought they'd work around - instead of shipping the source code, like you agreed to, you instead remove McHardy's code from future versions of the CNC machine, and say "well, I know we signed an agreement, but your code isn't in our machine any more, so we can ignore the agreement now". And then get surprised that the agreement is enforceable against your past violation.
Posted May 5, 2023 10:49 UTC (Fri)
by rschroev (subscriber, #4164)
[Link]
That's not how agreements work?!. Once you signed the contract, you have to comply, unless the contract states otherwise. You can't simply ignore the agreement.
Posted May 5, 2023 9:20 UTC (Fri)
by paulj (subscriber, #341)
[Link] (1 responses)
Might it not be an idea to just have a /smidgen/ of caution about taking that as gospel?
Posted May 5, 2023 9:26 UTC (Fri)
by paulj (subscriber, #341)
[Link]
I just see greed and incompetence by said serial GPL violators.
Posted May 3, 2023 18:16 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (18 responses)
To quote myself:
> The main allegation is that he knew of multiple infringements at the start but would only mention a small issue that could be resolved for a small amount of money, and in the next multiple lawsuits he would collect larger amounts than if the victims had not signed an agreement.
Note the allegation used the word "resolved". This would mean the victim company would think they needed to take no further action after paying.
If the allegation is accurate this would be very different from a standard enforcement action.
Posted May 3, 2023 18:40 UTC (Wed)
by paulj (subscriber, #341)
[Link] (17 responses)
The onus is not on the copyright holder to fix all the violators issues. Indeed - and I have mentioned this in other articles on this in the past - the copyright holder taking the enforcement action may be legally ill-advised to indemnify the violator for any and all other issues that may or may not be known to the copyright holder, for a variety of reasons. Why would the copyright holder want to risk that they are blocked from tackling further wilful violations, because of a dumb "I won't ever take any further action against you once you sign this" clause? That would be incredibly stupid.
Farnz has just made similar points.
Posted May 3, 2023 19:11 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (16 responses)
However, if he does this every single time with every company and multiple times with each, as was alleged, you will find that quite a few people will consider it deceptive.
Anyway, I have no interest in convincing you of this point, I was just trying to explain why so many people were unhappy with him.
Posted May 3, 2023 20:50 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (15 responses)
Why is it "deceptive" to expect that a company that has agreed that they have at least one issue with their licence compliance, and has further agreed that they will put processes in place to ensure that they are compliant in future to actually put those processes in place?
Posted May 3, 2023 21:15 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (14 responses)
Posted May 3, 2023 21:18 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (13 responses)
That is exactly the situation the infringer's lawyer has alleged has happened, and where they're calling McHardy deceptive, since he did not tell them about all the infringements, and hence they were still out of compliance when they addressed just the reported infringement.
Unless, of course, you have more facts to link - court filings, letters from McHardy, or other evidence beyond what the infringer's lawyer has said?
Posted May 3, 2023 21:53 UTC (Wed)
by malmedal (subscriber, #56172)
[Link] (12 responses)
You seem to just want to invent excuses that would make his alleged behaviour reasonable, if you want to help him I would instead suggest you talk to him directly and then come back and present his version of the events.
I'll just stop here, except since you asked for more information, the rumours have been going on for years, it's not just that one lawyer, an old LWN article:
https://lwn.net/Articles/694890/
Posted May 3, 2023 21:58 UTC (Wed)
by farnz (subscriber, #17727)
[Link] (11 responses)
I have read that LWN article, and looked at the sources. I've also read the stuff from the lawyer whose client was caught up in this, and who kicked it all off. What I said is a literal restatement of what the lawyer said, which you're calling "not a reasonable interpretation" - but it's literally what the lawyer said happened, and they're saying that he was deceptive because, while he said that they would have to pay more if they continued to be non-compliant with the kernel licence, McHardy only told them about some of the non-compliance, and not others.
This is not an interpretation - it's a restatement of the facts of the case that led rise to people calling McHardy deceptive - apparently, it was deceptive of McHardy to offer a settlement that included a "you will ensure that you comply with the kernel licence in future" clause while knowing that the client had more non-compliance than McHardy pointed out.
Posted May 4, 2023 9:26 UTC (Thu)
by paulj (subscriber, #341)
[Link] (10 responses)
And now they are helping to shape a vision for future of copyleft licensing. A "softly softly" vision which of course suits their clients and sponsors.
Posted May 4, 2023 10:52 UTC (Thu)
by farnz (subscriber, #17727)
[Link] (2 responses)
And further, they've managed to conflate the SFLC's position with their own.
The SFLC's position is that copyright enforcement is inherently unfair and arbitrary, because you can only ever enforce against a subset of violators - there is no way to enforce your rights against all violators at a time (not least because you can only enforce against violators you've discovered, and not ones you don't yet know about). Free Software lays claim to being a morally better way to do software, and thus enforcement should be "softly softly", since we know that enforcement is unfair. They would still agree that violating Free Software rights is wrong, and worse than any form of enforcement - their claim is just that gentle enforcement is better than harsh enforcement.
The serial violators are trying to reorder the bottom of that pile - they know that they can't get away with "violating Free Software rights is morally superior to any form of enforcement", but they're trying to shift the perception from "gentle enforcers have the moral high ground, harsh enforcers are somewhere less moral than gentle enforcers, violators are less moral than harsh enforcers" to "gentle enforcers have the moral high ground, violators are less moral than gentle enforcers, harsh enforcers are less moral than violators", thus justifying their clients' positions.
Posted May 4, 2023 11:08 UTC (Thu)
by paulj (subscriber, #341)
[Link] (1 responses)
If BadCorp only has to pay /costs/ of some poor Free Software dev or para-legal every now and then, while reaping the benefits of in lower R&D and licensing of exploiting Free Software (which could easily be many millions - licensing a proprietary embedded OS need not be cheap say) and ignoring the licensing obligations, then BadCorp's economic incentives are obvious.
Are we for the BadCorps?
Posted May 4, 2023 11:28 UTC (Thu)
by pizza (subscriber, #46)
[Link]
Yep, exactly. And the penalties need to be _very_ large in order for it to make a dent in BadCorp's bottom line.
Unfortunately, with said very large penalties on the line, it's going to take years of very expensive lawyering to get to the point where you might eventually collect.
Posted May 4, 2023 11:17 UTC (Thu)
by pizza (subscriber, #46)
[Link] (6 responses)
That's not really fair.
What's the point of Free Software? Empowering users by ensuring they have the complete source code and the rights necessary to utilize it. The approach "traditionally" taken is intended to maximize compliance, ie bring about process changes so that organizations would be compliant in the future, thus maximizing the overall "user empowerment" in the future.
The McHardy approach encouraged "compliance by payoff" rather than something more, um, sustainable. Of course that small payoff did nothing to make the underlying problem go away as it was much lower than the internal cost of changing processes. If anything the payoff made it _worse_ as the settlement contract expanded the scope of what could trigger a new breach beyond the stuff that McHardy directly "owned", with those proceeds going to McHardy rather than that stuff's nominal "owner".
TBH I think that was ultimately due to incompetent corporate counsel (and I don't have any sympathy for "serial GPL violators" as you put it) but it does reek of deliberately-setting-them-up-to-fail bad faith. Furthermore, because corporate lawyer-types talk to each other, this meant that those trying softer approaches aimed at maximizing compliance through process change (eg the SFC) found themselves facing "you're operating in bad faith so we're just better off not engaging at all" doors suddenly slammed in their faces, undoing many months (if not years) of effort.
So the net results of McHardy's efforts seems to hurt, rather than helped, overall compliance, and it has been also been cited as one of the primary reasons why so many organizations are actively trying to avoid copyleft anything. So if you consider the "empower users" to be the end goal of this Free Software thing, everyone but McHardy ends up worse off.
Posted May 4, 2023 11:38 UTC (Thu)
by farnz (subscriber, #17727)
[Link] (4 responses)
Ultimately, the core of the conflict is that on the Free Software side, which includes the SFLC, the goal is to get everyone to Free their software, so that there's no non-Free software out there. On the Open Source side, which includes McHardy, the goal is to get companies to either respect the licence or not use Open Source code at all.
This is an unresolvable situation - the Free Software side would prefer you to use only Free software, and will accept you using it in violation of the licence as the first step towards full Freedom. The Open Source side doesn't care what software you use, but wants you to respect their decisions as set out in their licence.
McHardy's approach fits the Open Source side - if more people did that, then many entities would stop using FOSS because they do not intend to ever comply with the licence. The SFLC, meanwhile, is on the side that says that it's better that you're using FOSS, because once you depend on enough of it, enforcement can bring you into the Free Software community.
Posted May 4, 2023 15:13 UTC (Thu)
by pizza (subscriber, #46)
[Link] (3 responses)
I don't know if that generalization is accurate. I'd think that all sides want their chosen licenses to be respected; after all that's why those particular licenses were chosen, and it is quite common to waive or ignore violations for strategic purposes (eg to encourage wider adoption, or perhaps more commonly, a lack of resources to put into enforcement [1])
Where things differ is that the "Open Source" side has deliberately chosen weaker licenses that are nearly impossible to violate unintentionally. For example, about the only way to run afoul of the (1) BSD license family is to strip off copyright notices in what you redistribute, and (2) Apache license adds retaliation if you launch legal attacks against other authors or users of the software.
[1] Granted, most of us completely lack the means to effectively enforce these licenses -- taking a single lawsuit to trial would probably cost more than my lifetime earnings, and that is something the more cynical players are absolutely counting on.
Posted May 4, 2023 16:19 UTC (Thu)
by farnz (subscriber, #17727)
[Link] (2 responses)
I don't think you're actually disagreeing with me.
Both sides want the licence to be respected - the one I'm characterising as Open Source, and the one I'm characterising as Free Software. Indeed, the Free Software side ideally wants all software to be Free. Both sides also agree that the best result if you find a violation is for the violator to come into compliance.
But, when faced with a violator who does not intend to comply, the two sides take different views; the Free Software side sees enforcement as a tool towards the bigger moral imperative of getting all software to be Free Software, and will ignore or waive the violation if that's a better route to the final goal.
The side I called the Open Source side doesn't see a bigger moral imperative - they choose licences like the GPL because, in their view, they want something back if you use their code. If you don't intend to give back as required by the licence, then they'd prefer you to not use their code at all, or indeed any code under that licence.
And this is a fundamental divide, not easy to cross.
Posted May 5, 2023 9:25 UTC (Fri)
by paulj (subscriber, #341)
[Link] (1 responses)
Though, for whatever reason, in my mind it would be the "open source" side who are the "just use the code, don't really enforce" types, and the Free Software ones would be "Either you follow the licence to the letter, or you don't use it at all". E.g., Look at the FSF position on firmware.
But the exact labels matter less. That divide is certainly there. In my mind, the strong-enforcement view was more dominant earlier on, and the "softly softly" developed later, as the economic-goodness (for everyone and for developers) argument was developed ("The Cathedral and the Bazaar" being an example of the development of that argument for Free Software).
Posted May 5, 2023 18:29 UTC (Fri)
by pizza (subscriber, #46)
[Link]
FWIW, I'd agree with this sentiment.
(Because licenses typically chosen by "open source" folks are tend to not have many (if any) terms that can actually be enforced, whereas "free software" folks chose licenses that have a bit more teeth to them, presumably because they care!)
> But the exact labels matter less. That divide is certainly there. In my mind, the strong-enforcement view was more dominant earlier on, and the "softly softly" developed later, as the economic-goodness (for everyone and for developers) argument was developed ("The Cathedral and the Bazaar" being an example of the development of that argument for Free Software).
Yeah, CatB was a major inflection point that led to the "softly softly" folks breaking away from the "strong enforcement" types, and created the "open source" movement in the process.
Posted May 4, 2023 13:00 UTC (Thu)
by farnz (subscriber, #17727)
[Link]
I would note, though, that if Mentor Graphics get in touch saying "you're infringing our rights in Nucleus, let's talk", or Blackberry get in touch to ask you to bring your use of QNX into compliance with the licence, corporate lawyers don't close the door. They talk instead, because they know that their choice is to deal with this while it's being done on the "softly, softly" basis, or face enforcement action that'll cost them far more than dealing while everyone's playing nice.
This leads to the SFLC's problem with doors being closed being a self-fulfilling prophecy; as long as the chances of harsh enforcement are close to zero, there's no consequences for refusing to talk to the SFLC. If, however, enforcement was common, then violators would talk the moment the SFLC knock on their door - better to talk to the SFLC when they're playing nice and get things fixed at low cost, rather than wait for enforcement action that's likely to happen soon and cost a lot (be it a McHardy, or the SFLC losing patience).
Posted May 3, 2023 9:00 UTC (Wed)
by paulj (subscriber, #341)
[Link]
I get it that there is a separate question about whether McHardy even has a legal or moral right to claim to be an author of the code, to the extent he can profit off it. And many feel he has no right. Set that aside. This question also should not affect the other questions ("I can't get him on X, so I'll get him by denying him and everyone Y" - but Y may be a good tool in hands of others).
I also get that a number of other Linux authors dislike the idea that other Linux authors profit from enforcement action. But really, just cause one Linux author is happy to treat their Linux code as efffectively being permissively licensed, that should not (and does not) mean they have any right to deny other authors their right to claim penalties from violators under the GPL, and other agreements following on from compliance action.
But hey...
Posted Mar 23, 2023 22:30 UTC (Thu)
by ranger207 (subscriber, #134731)
[Link] (2 responses)
Posted Mar 24, 2023 0:38 UTC (Fri)
by josh (subscriber, #17465)
[Link]
Posted Mar 25, 2023 15:49 UTC (Sat)
by rfontana (subscriber, #52677)
[Link]
Posted Mar 23, 2023 0:37 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (7 responses)
It focused solely on anti-TiVo-ization to preserve the freedom to run custom software on fridges and toasters. Because otherwise, we'd be all locked into using Microsoft Windows without access to the root account (see: "The Right to Read"). This fear was understandable back when computers were large things sitting on a desk and worth at least thousands of dollars.
These days a powerful computer can be bought for the price of an inflation-adjusted cereal box in 2002. There is no danger of getting locked out of all computing equipment.
And to make matters worse, GPLv3 also doesn't solve the DRM issue. It's trivially easy to design hardware with completely free firmware that can be used to play DRM-ed media. This hardware just needs to have an e-fuse that will destroy DRM decryption keys if it detects an unapproved version of the software.
Posted Mar 23, 2023 3:45 UTC (Thu)
by jengelh (guest, #33263)
[Link] (2 responses)
That is then the territory of (hardware) warranty. Considering that evil third-party powers can remotely deprive users of hardware functions *today* (trojans entering through zerodays) without the user making actual use of the device, I expect that manufacturer would rather not terminate hardware functions upon software events, for it could make them liable for "defects right out of the factory" and subsequent costly replacements.
Posted Mar 23, 2023 4:33 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Not really. Your device will still work. After all, you can boot your software and do whatever you want with the hardware. Playing DRM-ed videos can contractually require unmodified firmware.
For example, gaming console manufacturers can and do ban consoles with modchips from online play. I'm not aware of this being a warranty issue.
Also, device manufacturers can just kindly offer to fix your device by replacing your custom firmware with stock firmware.
> I expect that manufacturer would rather not terminate hardware functions upon software events, for it could make them liable for "defects right out of the factory" and subsequent costly replacements.
There's no financial motive for this. And if this happens once or twice, manufacturers will just eat the cost.
Posted Mar 23, 2023 7:57 UTC (Thu)
by NYKevin (subscriber, #129325)
[Link]
The Switch is obviously not GPLv3 compliant anyway, but it clearly demonstrates that manufacturers very much are willing to burn fuses in response to software events, even to the point of potentially bricking the hardware if the wrong fuse gets burned. But frankly, even that is more than is required. A manufacturer can stick a TPM in the hardware, detect any unofficial software, and deny access* to whatever cloud service the hardware is attached to. Sure, you can still use the hardware as a general-purpose computer, but it would be cheaper and easier to just buy a Raspberry Pi instead, so nobody is going to bother.
* The GPLv3 explicitly permits the manufacturer to deny access to a "network" when "the modification itself [...] violates the rules and protocols for communication across the network" - so you can just have a "rule" that says the client must be official. I'm not sure this is how the FSF intended for the sentence to be interpreted, but contra proferentem is probably against them here. The manufacturer can argue that it signed some sort of licensing agreement with one or more rightsholders, and so this "rule" is not merely some contrivance by the manufacturer, but a real and material contractual term requiring the use of DRM on the client. The manufacturer might also choose to offer some non-DRM'd content (e.g. public domain materials) over the same network, and refrain from requiring TPM attestation for those materials - then it can argue that the unofficial software has not been denied access to the network as a whole, and so the clause is not triggered in the first place. Unfortunately, this is probably unfixable unless you want to require the use of open and standardized protocols, which IMHO is rather problematic for a number of reasons (most significantly, open and standardized protocols are often hard to modify without breaking compatibility all over the place, so freedom 1 would come into conflict with freedom 0 under such a regime).
Posted Mar 23, 2023 18:15 UTC (Thu)
by flussence (guest, #85566)
[Link]
I believe there's a relevant line in the original Star Wars that addresses this. Something about being tight-fisted.
Posted Mar 23, 2023 20:42 UTC (Thu)
by comex (subscriber, #71521)
[Link] (2 responses)
> These days a powerful computer can be bought for the price of an inflation-adjusted cereal box in 2002. There is no danger of getting locked out of all computing equipment.
Huh. I see things the exact opposite way.
Back then, software lockdown was mainly a problem with special-purpose products, whether TiVos or fridges and toasters, which were not designed to have third-party software installed on them at all, let alone provide root access.
The idea of Windows being similarly locked down was a legitimate fear given the 'Trusted Computing' efforts of the time, but it wasn't a reality.
Today, of course, most people have a phone they use extensively as a general-purpose computing device; for some it's their primary computing device. Essentially all of those phones lock the user out of root by default; some can be officially reflashed to provide root, but many can't, and even the ones that can be officially reflashed are designed lock you out of some functionality after doing so (SafetyNet), something which may or may not be possible to work around.
On the desktop side, Macs now disable some functionality (such as Apple Pay, running iOS apps, and some video DRM) if you choose to unlock 'real' root access. The state of the Windows ecosystem is less concerning, but newer games are starting to require Secure Boot for anti-cheat purposes, and don't forget that Microsoft did ship some ARM Windows devices where Secure Boot can't be disabled (though the policy was apparently changed for more recent devices).
In short, we're not going to get locked out of *all* computing equipment but we sure are getting locked out of a lot of it.
Would the GPLv3 help? Contrary to your statement, I don't believe the GPLv3 allows the manufacturer to disable or destroy decryption keys when unapproved software is detected. Per the text, the manufacturer must provide "Installation Information" which "must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made." There is some ambiguity in the wording, but I'd argue that removing the keys necessary to use the device as intended counts as "interfer[ing] with" "continued functioning".
But of course that only matters if manufacturers actually ship GPLv3 software. In practice, they have found or created alternatives to all of it. This is partly because Linux never switched to GPLv3. But even if it had switched, that may have just led to another project overtaking Linux as the de facto standard kernel for various classes of devices; compare how the GPLv3 spurred Apple to sponsor the development of Clang, which replaced GCC in their products and many other companies' as well.
Some programmers may feel satisfied that, even if manufacturers are locking down devices, at least the software *they* wrote (and released under the GPLv3) isn't being used to do it. Personally I don't care whose software is being used; I just want to see less lockdown.
So from my perspective, GPLv3 fought the last war and it *lost*. We need its protections today more than ever, but we don't have them. Perhaps the GPLv3 could have given more people more rights in practice had it been a little more corporate-friendly... or perhaps it was a lost cause. Who knows.
Either way, it's too late now. Any new copyleft license will face stiff headwinds getting adoption today even if it's more permissive than the GPLv2, let alone if it tries to do anything similar to the GPLv3. If I'm optimistic, a new license might be buoyed by anti-corporate political currents, and it would be free from associations with GNU, both the recent controversy around Richard Stallman and GNU's general old-fashionedness. But a new license would also face the practical obstacle that copyleft works best when there is only one copyleft license.
Still, I wish them luck.
Posted Mar 23, 2023 21:15 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Yup. Yet anti-TiVo-ization was the main reason and the main feature of GPLv3!
> Would the GPLv3 help? Contrary to your statement, I don't believe the GPLv3 allows the manufacturer to disable or destroy decryption keys when unapproved software is detected. Per the text, the manufacturer must provide "Installation Information" which "must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made." There is some ambiguity in the wording, but I'd argue that removing the keys necessary to use the device as intended counts as "interfer[ing] with" "continued functioning".
NYKevin already provided an example. You will still be able to run all the code and use all the device functionality, nothing is going to be interfering with it. But it won't be able to use the restricted cloud services or play restricted physical media (and physical media is not that relevant anymore anyway).
GPLv3 completely missed this, and arguably even condoned it by explicitly excluding the network protocols.
> But of course that only matters if manufacturers actually ship GPLv3 software. In practice, they have found or created alternatives to all of it. This is partly because Linux never switched to GPLv3.
I now believe that the industry's avoidance of GPLv3 was mostly an over-reaction. It could have been easily worked around with a bit of hardware. And probably it was more psychological: "GPLv3 is bad but we can work around it, but who knows what GPLv4 will bring?"
Posted Mar 23, 2023 21:29 UTC (Thu)
by pizza (subscriber, #46)
[Link]
I think that's a good way to characterize it. But I think the cause would have been even if v3 had been more "corporate friendlier", because the fundamental "problem" is with the entire concept of "copyleft". Granted, the rise of "cloud computing" has made that distinction largely moot as we continue to turn end-user devices into little more than a glorified web browser.
Posted Mar 23, 2023 5:55 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (37 responses)
I'd love to have a license like LGPL that would force the users of the library to communicate back the changes to it. However, I don't particularly care about the other parts of the LGPL that require making it possible for the end user to replace the library. Mostly because it makes no sense for a lot of modern languages like Go or even good old C++ template libraries.
Posted Mar 23, 2023 7:06 UTC (Thu)
by rwmj (subscriber, #5474)
[Link] (5 responses)
Posted Mar 23, 2023 17:31 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (4 responses)
The problem with exceptions is that they are not standardized. Somebody might look into the license, see the "LGPL" blurb and just move over. License scanners and compliance checkers also usually incorrectly classify the library.
Basically, I really want a separately named license.
Posted Mar 23, 2023 17:36 UTC (Thu)
by joib (subscriber, #8541)
[Link] (2 responses)
Posted Mar 23, 2023 20:35 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (1 responses)
Posted Mar 24, 2023 8:19 UTC (Fri)
by joib (subscriber, #8541)
[Link]
Posted Mar 23, 2023 22:36 UTC (Thu)
by rwmj (subscriber, #5474)
[Link]
Posted Mar 23, 2023 7:34 UTC (Thu)
by pbonzini (subscriber, #60935)
[Link] (1 responses)
Posted Mar 23, 2023 22:39 UTC (Thu)
by rwmj (subscriber, #5474)
[Link]
Posted Mar 23, 2023 9:32 UTC (Thu)
by pabs (subscriber, #43278)
[Link] (6 responses)
Posted Mar 23, 2023 16:53 UTC (Thu)
by NYKevin (subscriber, #129325)
[Link] (4 responses)
Technically, it is possible for downstream to be non-public, but this is a corner case that we may choose to ignore in the interest of pragmatism.
Posted Mar 24, 2023 1:06 UTC (Fri)
by dvdeug (guest, #10998)
[Link] (3 responses)
Posted Mar 25, 2023 0:42 UTC (Sat)
by NYKevin (subscriber, #129325)
[Link] (2 responses)
Posted Mar 25, 2023 2:54 UTC (Sat)
by pabs (subscriber, #43278)
[Link] (1 responses)
Posted Mar 25, 2023 10:19 UTC (Sat)
by Jandar (subscriber, #85683)
[Link]
Posted Mar 23, 2023 17:14 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Posted Mar 23, 2023 10:09 UTC (Thu)
by bluca (subscriber, #118303)
[Link] (21 responses)
Posted Mar 23, 2023 17:18 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (20 responses)
Posted Mar 23, 2023 17:33 UTC (Thu)
by joib (subscriber, #8541)
[Link] (17 responses)
I guess the question is if file based copyleft really provides much copyleft protection. If not, just go with a permissive license? Perhaps it's more a signal of a project's values than making it particularly difficult to use in proprietary software?
Posted Mar 23, 2023 18:08 UTC (Thu)
by Wol (subscriber, #4433)
[Link]
A very powerful p-code engine, with massive amounts of functionality built in. Ship it, with source, and an added bunch of p-code without source, and you've got a very nice system, built on GPL software, that is completely proprietary. And there's nothing the GPL can do about it.
Cheers,
Posted Mar 23, 2023 19:05 UTC (Thu)
by Cyberax (✭ supporter ✭, #52523)
[Link] (15 responses)
Yup, exactly. MPL2 is a relatively unknown license, it has some strange language about patents, and it doesn't provide that much protection anyway. So why bother?
I'd love to have stronger copyleft protection, but not at the cost of users' convenience.
Posted Mar 23, 2023 21:40 UTC (Thu)
by bluca (subscriber, #118303)
[Link] (14 responses)
<cries in Firefox>
> it has some strange language about patents, and it doesn't provide that much protection anyway. So why bother?
What do you mean by "doesn't provide protection"? It's a copyleft license: if you ship my code in binary format, you also must ship the sources.
Posted Mar 24, 2023 0:46 UTC (Fri)
by Wol (subscriber, #4433)
[Link]
LibreOffice is MPL/GPL, and the GPL is very definitely the red-headed step-child. Okay, MPL2 explicitly permits re-licencing as GPL iirc, so there's no reason it shouldn't be MPL-only, but I think the LO crew are covering their backsides.
The original code was released GPL2, and it was Apache that did the audit and said "everything is now Apache 2.0". The LO crew haven't done their own audit, so they're playing safe and leaving the GPL in place, though in practice they might accept code that was solely MPL. They wouldn't touch solely GPL with a barge pole.
Cheers,
Posted Mar 24, 2023 8:50 UTC (Fri)
by joib (subscriber, #8541)
[Link] (12 responses)
> What do you mean by "doesn't provide protection"?
Since it's a per-file weak copyleft, Evil Inc. can just put their proprietary extensions of the MPL2 code in a separate file, possibly helped by some trivial entrypoints to access internal functionality in the MPL2 licensed files which are of no interest to upstream. Of course this is largely possible with LGPL as well, just a few more minor hoops to jump through. Which is the crux of the matter: if it's this easy to circumvent, why bother in the first place? Either go "full copyleft" or then pick a simple permissive license.
The counter-argument, IMHO, as I mentioned in the grandparent comment, is that a weak copyleft communicates the intents and wishes of the author(s); "I don't care if you use this library proprietary code, but I'd like improvements to the library itself back, please", even if it's legally easy to circumvent.
Posted Mar 24, 2023 8:55 UTC (Fri)
by joib (subscriber, #8541)
[Link]
Posted Mar 24, 2023 12:18 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (4 responses)
Because your motives are not the same as the people who choose that licence.
I mentioned ScarletDME, which, because it's a p-code engine, even the GPL cannot stop commercial actors "easily circumventing" it.
The point of the MPL is it provides a clear fence between what is Copyleft and what is commercial/proprietary. Something like MIT allows the whole gamut from "here's the complete source" through "here's the public source we started with" to "bugger off".
MPL at least draws the line at "here's the public source we started with PLUS any changes we made to that source".
Cheers,
Posted Mar 24, 2023 20:41 UTC (Fri)
by joib (subscriber, #8541)
[Link] (3 responses)
FWIW I have chosen MPL2 for some of my personal projects. I don't think it's a bad license, and I reflects how I wish said project to be used (that is, I don't care if you use it as part of some proprietary software, but I'd appreciate if any improvements to my project is contributed back). My argument here is merely that I don't harbor any particular illusion that the weak copyleft provisions in MPL2 would be a big roadblock for somebody that wishes to improve my code without giving anything back (e.g. by doing what I described in the grandparent comment). So from that perspective I should have just chosen a permissive license (for maximum convenience) or gone to a full copyleft license (to incentivize the creation of more FOSS software, and not help proprietary software to compete with FOSS).
As for ScarletDME, I've never heard of that project, but isn't it a bit like e.g. openJDK? So a compiler that generates some intermediate format bytecode (p-code like ye olde Pascal compilers?), and then a runtime that runs that code. And just like openJDK is GPL it doesn't mean that the GPL "infects" the code that is compiled and/or ran.
Posted Mar 25, 2023 12:24 UTC (Sat)
by Wol (subscriber, #4433)
[Link] (2 responses)
A descendant of GIRLS and a clone of Pick - an OS/Database (along the lines of the IBM AS/400, I believe).
If you haven't seen my occasional database rants you must be new here :-) ScarletDME basically is an incarnation of "the database is the computer", although like all modern versions it's now an application that sits on top an OS.
It's MultiValue, not relational, so if you want to be converted to the light side, you can find my email easy enough. Find ScarletDME on github, or find me on linux raid.
Cheers,
Posted Mar 27, 2023 12:38 UTC (Mon)
by joib (subscriber, #8541)
[Link] (1 responses)
Well, my user id, while bigger than yours, is still relatively low, so I've been around on this site for quite a while.
As for your database rants, I've seen them, but it's not a topic particularly relevant to my interests so I tend to not comment on them.
Posted Mar 27, 2023 14:28 UTC (Mon)
by Wol (subscriber, #4433)
[Link]
The more I deal with SQL, the more I think it's a piece of ****, but it doesn't pay to off on one too often - it upsets people.
Cheers,
Posted Mar 24, 2023 14:05 UTC (Fri)
by bluca (subscriber, #118303)
[Link] (5 responses)
Posted Mar 24, 2023 20:30 UTC (Fri)
by joib (subscriber, #8541)
[Link] (4 responses)
I understand that's the motivation behind weak copyleft licenses in general, yes. My argument is that the protections offered by weak copyleft against entities that wish to break the spirit of the agreement while remaining compliant with the letter of the law, are not particularly strong. If one accepts that argument, one is thus faced with the choice of going either to a full copyleft license or to a permissive license, as the half-way point of weak copyleft offers neither the convenience of a permissive license nor the benefits offered by a full copyleft license.
Posted Mar 27, 2023 12:06 UTC (Mon)
by bluca (subscriber, #118303)
[Link] (3 responses)
Posted Mar 27, 2023 12:28 UTC (Mon)
by joib (subscriber, #8541)
[Link] (2 responses)
I use "weak" as in "weak copyleft", a commonly used term covering a bunch of licenses like LGPL, MPL, EPL and so forth. No moral judgement implied. See e.g. https://en.wikipedia.org/wiki/Copyleft#Strong_and_weak_co...
> You might disagree with the purpose
I'm not disagreeing with the purpose. I think the idea is perfectly valid, and suitable to a lot of software. My only argument, which I've been repeating in this entire subthread (and I'm beginning to wonder what I'm doing wrong as I'm clearly not making myself understood?), is that it's pretty easy to circumvent the protections offered by weak copyleft licenses. Thus, against an unscrupulous leecher that doesn't want to share their improvements to the library, they offer little more than a permissive license.
Posted Mar 30, 2023 13:05 UTC (Thu)
by bluca (subscriber, #118303)
[Link] (1 responses)
Posted Mar 30, 2023 20:08 UTC (Thu)
by joib (subscriber, #8541)
[Link]
I know, and I don't disagree. Though the FSF seems to think the world should create more GPL licensed libraries: https://www.gnu.org/licenses/why-not-lgpl.html
> What evidence do you have of "unscrupulous leechers" making improvements to said libraries and not sharing them due to the license?
Off the top of my head, I can't come up with any; OTOH it's not an issue that I've been tracking either. But if such cases are indeed very rare, as I suspect they are, that would imply that the entire issue of 'unscrupulous leechers' is mostly non-existent, and in reality users prefer to contribute back improvements to the libraries so they don't have to shoulder the burden of maintaining their own forks. From that it follows those libraries could just as well have been licensed under permissive licenses, as what protects the libraries from 'proprietarization' is mostly the desire to avoid maintaining their own fork rather than the weak copyleft license (which, as mentioned, is easy to circumvent in case anyone would want to go down that route).
Oh dear, this is starting to sound a lot like the open source side of ye olde 'open source vs. free software' debate.
Posted Mar 24, 2023 8:58 UTC (Fri)
by joib (subscriber, #8541)
[Link] (1 responses)
What's wrong with the MPL2 patent related clauses? IANAL, but they seem to say roughly the same thing as Apache2 or GPLv3 patent clauses?
Posted Mar 24, 2023 22:43 UTC (Fri)
by Cyberax (✭ supporter ✭, #52523)
[Link]
Thanks!
Posted Mar 23, 2023 8:04 UTC (Thu)
by LtWorf (subscriber, #124958)
[Link] (5 responses)
What advantage does adoption with no freedom bring me? I've worked on the thing for free and published it.
I want to help other libre software, I don't want to help companies hire fewer people (the very same people that in their spare time make cool libre software) to make more money. I want more libre software to be available.
Posted Mar 23, 2023 9:36 UTC (Thu)
by jmalcolm (subscriber, #8876)
[Link] (4 responses)
If your goal is to have more libre software available, I am happy that you have copyleft licenses to choose from so that you can create such software ( or even just promote its creation ).
For myself, I am very happy that not all open source licenses are copyleft because I want more open source software available and believe very strongly that, if it all had to be copyleft, we would have a lot less of it.
As for what good it does me to have my software widely adopted, there are many reasons but of course one of the main benefits is that some of those that adopt the software will contribute back. Some copyleft advocates like to pretend that does not happen but of course it does.
Both Xorg and Wayland are governed by the MIT license. Do you benefit from those?
Do you game on Linux? Mesa is MIT licensed as well which allows lots of corporate participation which means better drivers. It is hard to overstate the value for Linux gamers of Proton which of course is a result of Valve adopting Wine to port Windows games as part of their Steamdeck and Linux strategy. Wine is LGPL which is only "weak" copyleft.
Perhaps the most important software created by the FSF is GCC. I prefer Clang and am thankful that Apple for contributed so heavily to this BSD licensed compiler. Despite the availability of GCC, Clang / LLVM has attracted usage and contributions from Microsoft, IBM, Qualcomm, Intel, Meta, and others. I benefit tremendously from the fact that these companies use this software. Mozilla was able to use LLVM as the back-end when they created Rust which is itself released under Apache 2.0. Apache includes a patent grant and is perhaps my favourite license. Amazon, Google, and Microsoft all contribute to Rust. We will all benefit from that I believe.
Anyway, my core point is that users, even commercial users, of software give back to software governed by permissive licenses. There is also a lot of incentive to contribute to the main projects instead of just forking them or taking them entirely internal ( which is still fine by me ). The GPL does not have some kind of exclusive on expanding the universe of open source software that is available for me to use.
In fact, I argue at this point with Open Source being so mainstream that GPL projects are at a disadvantage. A lot of popular GPL software gets "used" by companies ( eg. on the web ) but they do not "distribute" it and do not contribute back even their changes any more frequently than they would if the license was more permissive.
Perhaps the most successful GPL software out there is the Linux kernel. Linux has dominated everywhere. That said, while I see lots and lots and lots of Linux usage in embedded, I rarely see source code. The vast majority of the companies using Linux, especially embedded, are violating the GPL. If the license had been strictly enforced, I wonder if a permissively licensed alternative might have dominated instead ( eg. a BSD perhaps ). Who knows.
Posted Mar 23, 2023 12:52 UTC (Thu)
by pizza (subscriber, #46)
[Link] (1 responses)
There are some technical reasons why GCC was[/is/remains] inferior, but the overwhelming majority of the corporate interest in LLVM has been because it's not copyleft -- that is, one can provide binaries without supplying source code. So in effect it's a way for folks to drastically cut their costs wrt developing/maintaining their own proprietary toolchains.
I'm not saying that's not a worthy goal in of itself (from their perspective definitely, but also in the sense that end-users get a higher-quality proprietary toolchain then would have otherwise happened), but at the end of the day the results are still largely proprietary.
At one point I had five LLVMs on my system, four were proprietary from one vendor or another, and of those, two required a connection to a license server to do anything. (The other was the distro-supplied LLVM package. Actually make that six; Mesa's embedded copy was different). The fact that they were built on "open source" LLVM was irrelevant to me, as the only ones with the ability to pull in a bug fix or add a new feature was the vendor.
Posted Mar 23, 2023 18:16 UTC (Thu)
by jhoblitt (subscriber, #77733)
[Link]
This sounds like a bug, not a feature.
Posted Mar 23, 2023 16:19 UTC (Thu)
by bkuhn (subscriber, #58642)
[Link] (1 responses)
I think folks who make this argument tend to count proprietarized deployments of code that was previously FOSS *as* having more FOSS. I disagree with that assumption; if it's proprietary *now*, it doesn't matter that it came from some FOSS upstream IMO. Proprietary software is proprietary, no matter its earlier provenance.
Posted Mar 23, 2023 16:59 UTC (Thu)
by NYKevin (subscriber, #129325)
[Link]
In other words, the people making this argument do not care at all about whether the amount of proprietary software goes up. They only care about whether the amount of FOSS goes up.
Posted Mar 23, 2023 13:45 UTC (Thu)
by cesarb (subscriber, #6266)
[Link] (9 responses)
A more likely path would be something related to Right to Repair.
Posted Mar 23, 2023 16:22 UTC (Thu)
by bkuhn (subscriber, #58642)
[Link] (1 responses)
Tons of collaboration is going on between copyleft enforcement efforts and the Right to Repair movement. My colleague Denver at SFC is working a lot on that front. But, they've had trouble getting legislation passed; most right to repair efforts are grassroots advocacy because it's hard to hold corporate actors accountable. It's a great collaboration, because grassroots advocacy backstopped with copyleft enforcement has a huge benefit for the right to repair.
Posted Mar 24, 2023 3:50 UTC (Fri)
by pabs (subscriber, #43278)
[Link]
Posted Mar 24, 2023 7:07 UTC (Fri)
by josh (subscriber, #17465)
[Link] (6 responses)
That would result in a *lot* of software being released as Open Source.
Posted Mar 24, 2023 8:51 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (5 responses)
As a minimum, if you have the product you should have the source.
Cheers,
Posted Mar 24, 2023 9:02 UTC (Fri)
by josh (subscriber, #17465)
[Link] (4 responses)
I don't know what point you're trying to convey, but I specifically did intend to use "Open Source".
Posted Mar 24, 2023 11:11 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (3 responses)
But if this is your aim, manufacturers could achieve this just as effectively with open source. You don't need Open Source.
Yes it would be nice if it was released as Open Source. But your justification isn't enough to achieve it.
I'm not a fan of open source. But on the pragmatic road, it is MUCH better than no source at all.
Cheers,
Posted Mar 24, 2023 17:10 UTC (Fri)
by NYKevin (subscriber, #129325)
[Link] (2 responses)
(You may disagree with the dominant definition of "open source." That is irrelevant. You can use the terminology that everyone else uses, or you can be misunderstood. Pick one.)
Posted Mar 24, 2023 18:38 UTC (Fri)
by Wol (subscriber, #4433)
[Link] (1 responses)
Well, I can't remember ever seeing the term "source available". And while I don't see the term much any more, "open source" was quite common a while back.
If you're going to give Open Source a special meaning - like "Complies with the Open Source definition", then make it stand out and capitalise it! After all, we have "free software" (which we don't care for), and "Free Software" which we most definitely do.
Open Source is exactly the same, and I guess "source available" is an attempt by the Open Source guys to replace the term "open source". "open source" means exactly that - the source is open. "Open Source" contains loads of overtones, it IS special, so MAKE it special. And people were using "open source" long before they were using "source available" - after all, open source LONG predates the FSF - quite probably predates RMS (I don't know the relevant dates).
Cheers,
Posted Mar 25, 2023 0:43 UTC (Sat)
by NYKevin (subscriber, #129325)
[Link]
Posted Mar 23, 2023 16:24 UTC (Thu)
by bkuhn (subscriber, #58642)
[Link]
Posted Mar 24, 2023 16:18 UTC (Fri)
by IanKelling (subscriber, #89418)
[Link]
What solution is being referred to?
Posted Mar 24, 2023 18:07 UTC (Fri)
by IanKelling (subscriber, #89418)
[Link]
I'm lost here. Copyleft-next says "The Copyleft-Next Project may release new versions of copyleft-next". Any license that has a provision like that has a license steward. In this case, the Copyleft-Next organization, which will have a structure and process for making decisions. This isn't some optional thing from the past we can do away with.
> there will be no steward other than the community as a whole
It sounds like Bradley is selling the idea that people should ignore the real structure, which I think is a very bad idea. Reminds me of https://www.jofreeman.com/joreen/tyranny.htm .
Posted Mar 25, 2023 16:49 UTC (Sat)
by matt-y (guest, #163257)
[Link] (3 responses)
Copyleft having provisions or additional license variants for some kind of dual licensing - where a copyleft or a more permissive "open source" license is used for non commercial purposes and commercial entities using said software would be beholden to some other license - would also be nice to see as a first class member of copyleft.
I'm curious also what people think of this model license: https://blueoakcouncil.org/license/1.0.0
Posted Mar 25, 2023 18:26 UTC (Sat)
by mpr22 (subscriber, #60784)
[Link]
We have an example of a "network copyleft" in the form of the AGPL.
A lot of people don't like it for various reasons.
Personally, after reading it I couldn't shake the feeling that it only makes sense if you assume that all network-facing software presents human-interactive interfaces as the first port of call.
Posted Mar 26, 2023 19:13 UTC (Sun)
by rfontana (subscriber, #52677)
[Link]
Well, it's not a copyleft license. But I think there is much to admire in it from a stylistic perspective, and I see it as being akin to copyleft-next in that both are part of a general recent (mostly post-2008) minimalist and plain-language movement in FOSS licensing. Although I believe a number of people helped draft it, I think it is largely the work of Kyle Mitchell.
Posted Mar 27, 2023 13:29 UTC (Mon)
by paulj (subscriber, #341)
[Link]
And no, the AGPL does not cut it, because it's conditions are predicated on interactive use. As a thought experiment: https://github.com/pjakma/fopl
Posted Mar 25, 2023 23:41 UTC (Sat)
by amarao (guest, #87073)
[Link]
Posted Mar 30, 2023 6:51 UTC (Thu)
by gwg (guest, #20811)
[Link] (3 responses)
Posted Mar 30, 2023 10:49 UTC (Thu)
by paulj (subscriber, #341)
[Link]
One has the sense these players would love to see the obligations of copyleft disappear, by social pressure wrt the copyleft licences they can not change, and - if copyleft-next is representative - by a degree of capture of those working to draft new copyleft licences.
In which case, what is the point of copyleft-next? Why bother with a copyleft licence that is difficult to enforce? It's neutered - just use a permissive licence.
Posted Mar 31, 2023 2:11 UTC (Fri)
by pabs (subscriber, #43278)
[Link] (1 responses)
Posted Mar 31, 2023 3:07 UTC (Fri)
by mathstuf (subscriber, #69389)
[Link]
Posted Mar 30, 2023 15:31 UTC (Thu)
by ksandstr (guest, #60862)
[Link]
One of the things that rose to my eye in particular is how the copyleft-next project is presented as immune, or less susceptible, to backchannel influence than the FSF's GPLv3 process was. But in practice the "hindering" policy does nothing to cabals (just say there isn't one!), extrajudicial influence (i.e. someone's spouse's grandfather having an "accidento bizarro"), or any form of lobbying that results in a guy with enough strings in his hands going up on stage and making halfway-unargued statements of opinion (*cough*). Conspicuously missing in said policy are the bits where the result of the process must derive from communications made in open channels, and a means by which the "no private chats" rule doesn't become a tool of bogging the process down through spurious accusations of said chats.
On the other hand, requiring all decisionmaking to happen on open channels paints a great big red bullseye on the faces of everyone perceived to have put themselves in a position of practical authority. Who'd ever participate in plain sight on any process important enough to draw big capital's ire? I'd expect the power that buys lobbying would prefer compulsory openness over having to discover points of pressure in a given project through trial-and-error, risking exposure. It looks as though the "hindering" policy were yesterday's war for someone, a wishlist without as much as a first per-item cost-benefit analysis.
Jumping the licensing shark
Jumping the licensing shark
* copyleft-next was, in a sense, a critique of GPLv3, and the earliest textual history of copyleft-next consisted basically of taking the text of GPLv3 and throwing everything out
* I do not think the FSF as currently constituted would embrace the highly public, HBR-conformant, non-institutional, collaborative approach to license drafting which (AFAIK) copyleft-next pioneered.
* A number of the drafting objectives embodied in copyleft-next clash with core stylistic and substantive features of GPLv3 and, in all likelihood, any foreseeable post-v3 revision of the GPL that the FSF would make or endorse. Conceivably, future work on copyleft-next may minimize or abandon some of those objectives (for example, the "less is more" assumption) but no doubt not all of them.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
> adapts, is based on, is a derivative work of, transforms, translates or
> contains all or part of My Work, such that copyright permission is
> required. The following are not Derived Works: (i) Mere Aggregation;
> (ii) a mere reproduction of My Work; and (iii) if My Work fails to
> explicitly state an expectation otherwise, a work that merely makes
> reference to My Work.
> [...]
> "Mere Aggregation" means an aggregation of a Covered Work with a
> Separate Work.
> [...]
> "Separate Work" means a work that is separate from and independent of a
> particular Covered Work and is not by its nature an extension or
> enhancement of the Covered Work, and/or a runtime library, standard
> library or similar component that is used to generate an Object Code
> form of a Covered Work.
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
> 2. The Free Software licence professionals - lawyers and paralegals, in the tech industry and non-profits - who are focused on developing the licence texts.
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
https://sfconservancy.org/blog/2020/jan/06/copyleft-equal...
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
(2) Copyright can be renewed for the life of the author and their heirs alive at creation (Copyright should subsist in unpublished works until someone entitled to do so publishes, so copyright effectively dies with the last heir, but private stuff stays private).
(3) Copyright can be replaced with TradeMark for things like Mickey Mouse - which would give similar protection but means we don't get mickey mouse copyright extension any more!
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
2. In various countries, one can not give up copyright. The author can not sell nor can they put something in the public domain without usually a specific 'act of the law'.
3. Certain acts are considered by law to be 'renewing copyright' in other countries. It isn't the first publication of the work, but each subsequent 'reissue' is considered a new copyright creation. Some places require changes and updates (aka patches) and others allow for general reissues.
1. At the end of the 15 years, the code could revert to a state where all rights are the authors for the length of the countries copyright. If the Linux kernel was under this license, then no one except Linus could use it in multiple countries (even though the code was written in an other country).
2. Due to the problems in 3, even if the age clause was changed that the code went to MIT-0 at 15 years, this would be different in different countries. In some countries only the code written before 15 years would change, and in others only the entire 'version' of the work written before 15 years would have that happen. So if the kernel had been under this license you would end up with multiple different scenarios:
a. the code is completely now under MIT-0 in some countries.
b. only code written before 2008 would be MIT-0 in other countries.
c. only code not touched (reformatted, patched, moved, etc) would be MIT-0 in some countries.
d. only the kernels before 15 years (2.6.26 and below) would be MIT-0. The same exact code in any kernel after that would be under this license.
e. some countries may not see that the license could change to MIT-0 and would say all rights are back with the authors. They would need to relicense the code under some other license.
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
> Excepting if they can prove you committed willful and prolonged
> violations of this license, the holders of rights in this program agree
> that if you fail to abide by the terms of this license, you will not be
> held responsible for any damages.
> In no case may the damages claimed against you be greater than the lessor of
> - the reasonable costs incurred by others to bring you into compliance while you were
> willfully violating this license
> - the total profit made by you as a result of willful violations of this license
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Further, my language doesn't actually mention any notification or 'grace period'. It just says "willful". Your cycle of enforcement/noncompliance would require that a new form of noncompliance be found each time, since otherwise the previous notification would still apply.
Jumping the licensing shark
Jumping the licensing shark
I guess that depends on what compliance means. Is it that you met the terms of the licence for a fraction of a second, or does it mean you changed your processes you ensure future compliance as well.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
If it was only that, it wouldn't have been a problem, even if it was several million euros.
settlement to stop.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
2 McHardy (let's assume he has copyright in bits of netfilter, that were in the Linux that the alleged violator was distributing) notices and contacts them and says something like (based on others' characterisations of his deceptive practices, note):
4 Company keeps violating the GPL on Linux
Jumping the licensing shark
Jumping the licensing shark
- Company agrees and signs
- Company does work to remove McHardy's Flobble module from their product, updates the product, and wilfully keeps on violating the remaining code.
- McHardy comes back:
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Whether the allegations are true or not is a different matter.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
So I explained that it was because he was accused of deceptive practices.
Is that the case?
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
So you pay and sign the contract as requested.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Furthermore, because corporate lawyer-types talk to each other, this meant that those trying softer approaches aimed at maximizing compliance through process change (eg the SFC) found themselves facing "you're operating in bad faith so we're just better off not engaging at all" doors suddenly slammed in their faces, undoing many months (if not years) of effort.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
The text of all versions of copyleft-next has been released under CC0 from the start.
CC0, of course, should not be used for code, but it's okay for something like a license text.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
When people hacked those devices to get root anyway, it tended to produce cool but impractical demos. Sure it was fun to see DOOM boot up on your iPod nano after installing Rockbox, but nobody wanted to actually *play* DOOM on such a device. One semi-exception were gaming consoles, which did allow third-party software but had been locked down in some fashion for decades. But in practice they weren't so different: as cool as it was to run Linux on your PS3 (officially) or on your Wii (through hacks), few people were interested in getting actual work done on those devices.
copyleft-next provides one-way GPL compatibility but that's only a partial fix.
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Wol.
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Jumping the licensing shark
Wol
Jumping the licensing shark
Meta-comment on the article and LWN
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark
Jumping the licensing shark