229 lines
8.2 KiB
Plaintext
229 lines
8.2 KiB
Plaintext
%include "default.mgp"
|
|
%default 1 bgrad
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
%nodefault
|
|
%back "blue"
|
|
|
|
%center
|
|
%size 7
|
|
|
|
|
|
Enforcing the GNU GPL
|
|
Copyright helps Copyleft
|
|
|
|
|
|
%center
|
|
%size 4
|
|
by
|
|
|
|
Harald Welte <laforge@netfilter.org>
|
|
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Contents
|
|
|
|
|
|
Introduction
|
|
|
|
The GNU GPL Revisited
|
|
Motivations for licensing under the GPL
|
|
Enforcing the GNU GPL
|
|
|
|
Thanks
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Introduction
|
|
|
|
Who is speaking to you?
|
|
|
|
an independent Free Software developer
|
|
who earns his living off Free Software since 1997
|
|
who is one of the authors of the linux kernel firewall system called netfilter/iptables
|
|
who IS NOT A LAWYER, although this presentation is the result of dealing six months with lawyers on the GPL
|
|
|
|
Why is he speaking to you?
|
|
|
|
because he became aware of copyright (copyleft?) infringement and took legal action within German jurisdiction
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
What is copyrightable?
|
|
|
|
The GNU GPL is a copyright license, and thus only covers copyrighted code
|
|
Not everything is copyrightable (German: Schoepfungshoehe)
|
|
Small bugfixes are not copyrightable (similar to typo-fixes in a book)
|
|
As soon as the programmer has a choice in the implementation, there is significant indication of a copyrightable work
|
|
Choice in algorithm, not in formal representation.
|
|
Apparently, the level for copyrightable works is relatively low.
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
The GNU GPL Revisited
|
|
|
|
Revisiting the GNU General Public License
|
|
|
|
Regulates distribution of copyrighted code, not usage
|
|
Allows distribution of source code and modified source code
|
|
Allows distribution of binaries or modified binaries, if
|
|
The license itself is mentioned
|
|
A copy of the license accompanies every copy
|
|
The complete source code is either
|
|
included with the copy
|
|
made available to any 3rd party
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Complete Source Code
|
|
|
|
|
|
%size 3
|
|
"... complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable."
|
|
|
|
Our interpretation of this is:
|
|
Source Code
|
|
Makefiles
|
|
Tools for generating the firmware binary from the source
|
|
(even if they are technically no 'scripts')
|
|
General Rule:
|
|
Intent of License is to enable user to run modified versions of the program. They need to be enabled to do so.
|
|
Result: Signing binaries and only accepting signed versions without providing a signature key is not acceptable!
|
|
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Derivative Works
|
|
|
|
What is a derivative work?
|
|
Not dependent on any particular kind of technology (static/dynamic linking, dlopen, whatever)
|
|
Even while the modification can itself be a copyrightable work, the combination with GPL-licensed code is subject to GPL.
|
|
No precendent in Germany so far
|
|
As soon as code is written for a specific non-standard API (such as the iptables plugin API), there is significant indication for a derivative work
|
|
This position has been successfully enforced out-of-court with two Vendors so far (iptables modules/plugins).
|
|
Result
|
|
Position of my lawyers and IBM lawyers:
|
|
In-kernel proprietary code (binary kernel modules) are not compliant
|
|
Case-by-case analysis required, especially when drivers/filesystems are ported from other OS's.
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Confusion about the GPL
|
|
|
|
Unfortunately, the wide misconception about copyright, free software, public
|
|
domain (even the RedHat CEO!) leads to people unknowingly, or even wilfully
|
|
only benefit from the freedom but not fulfill the obligations of the GPL.
|
|
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Enforcing the GNU GPL
|
|
|
|
Enforcing the GPL
|
|
GPL violations are nothing new, as GPL licensed software is nothing new.
|
|
However, the recent Linux boom
|
|
The FSF enforces GPL violations of code on which they hold the copyright
|
|
silently, without public notice
|
|
in lengthy negotiations
|
|
During 2003 the "Linksys" case drew a lot of attention
|
|
Linksys was selling 802.11 WLAN Acces Ponts / Routers
|
|
Lots of GPL licensed software embedded in the device (included Linux, uClibc, busybox, iptables, ...)
|
|
FSF led alliance took the 'qiet' approach and it took about four months until the full source code was released
|
|
Some developers didn't agree with this approach
|
|
not enough publicity
|
|
violators don't loose anything by first not complying and wait for the FSF
|
|
four months delay is too much for low product lifecycles in WLAN world
|
|
So the netfilter/iptables project started to do their own enforcement in more cases coming up
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Enforcing the GNU GPL
|
|
|
|
Enforcing the GPL
|
|
chronological order
|
|
reverse engineering of firmware images
|
|
sending the infringing organization a warning notice
|
|
wait for them to sign a statement to cease and desist
|
|
applying for a preliminary injunction if they don't (max 4 weeks after reverse engineering)
|
|
|
|
Success so far
|
|
amicable agreement with Asus, Belkin, Allnet, Fujitsu-Siemens, Siemens, Securepoint, U.S. Robotics, ...
|
|
some of which made significant donations to charitable organizations of the free software community
|
|
preliminary injunction against Sitecom, Sitecom also lost appeals case
|
|
more settled cases (not public yet)
|
|
negotiating in more cases
|
|
public awareness
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Enforcing the GNU GPL
|
|
|
|
Enforcing the GPL
|
|
remains an important issue for Free Software
|
|
will start to happen within the court
|
|
has to be made public in order to raise awareness
|
|
|
|
Problems
|
|
only the copyright holder (in most cases the author) can do it
|
|
users discovering GPL'd software need to communicate those issues to all copyright holders
|
|
|
|
The http://www.gpl-violations.org/ project was started
|
|
as a platform wher users can report alleged violations
|
|
to verify those violations and inform all copyright holders
|
|
to inform the public about ongoing enforcement efforts
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
How to make later enforcement easy
|
|
|
|
Practical rules for proof by reverse engineering
|
|
Don't fix typos in error messages and symbol names
|
|
Leave obscure error messages like 'Rusty needs more caffeine'
|
|
Make binary contain string of copyright message, not only source
|
|
Practical rules for potential damages claims
|
|
Use revision control system
|
|
Document source of each copyrightable contribution
|
|
Name+Email address in CVS commit message
|
|
Consider something like FSFE FLA (Fiduciary License Agreement)
|
|
Make sure that employers are fine with contributions of their employees
|
|
If you find out about violation
|
|
Don't make it public (has to be new/urgent for injunctive relief)
|
|
Contact lawyer immediately to send wanrning notice
|
|
|
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
|
%page
|
|
GNU GPL - Copyright helps Copyleft
|
|
Thanks
|
|
|
|
Thanks to
|
|
Alan Cox, Alexey Kuznetsov, David Miller, Andi Kleen
|
|
for implementing (one of?) the world's best TCP/IP stacks
|
|
Paul 'Rusty' Russell
|
|
for starting the netfilter/iptables project
|
|
for trusting me to maintain it today
|
|
Astaro AG
|
|
for sponsoring parts of my netfilter work
|
|
Free Software Foundation
|
|
for the GNU Project
|
|
for the GNU General Public License
|
|
%size 3
|
|
The slides of this presentation are available at http://www.gnumonks.org/
|
|
%size 3
|
|
The netfilter homepage http://www.netfilter.org/
|
|
%size 3
|
|
The http://www.gpl-violations.org/ project
|
|
|
|
|