freebox possible GPL violation

classic Classic list List threaded Threaded
47 messages Options
123
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Vincent Hanquez-3
On Wed, Oct 05, 2005 at 05:18:46PM +0200, Pierre Michon wrote:
> Why does it need to reboot when there is a new firmware ?

To use it, exactly like when you reboot your pc to change kernels.

> How they manage to download the firmware (need led driver, ppp, http,
> adsl driver, atm stack, ...)

How do you think some random network card with do netbooting works ?
(got a led driver, ipv4 simplified "stack", dhcp & tftp capabilities)

Just like your pc has a BIOS to search for booting devices

> Please suggest other mailling lists.

the one you CC at first @lists.gpl-violations.org and only this one ...

--
Vincent Hanquez
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Pierre Michon
In reply to this post by Pierre Michon
>> Why does it need to reboot when there is a new firmware ?

>To use it, exactly like when you reboot your pc to change kernels.
Yes but in this case you have just rebooted. It is like when you reboot
to change your kernel, the new kernel notice it is newer and reboot...


If it has an external firmware in the adsl chips for downloading the
linux kernel, why after you download the new linux firmware, you need to
reboot ?

I forgot to say that in case of a new firmware, you can see the upload
(and flash ?) of the new firmware with ____,----- symbol on led. See
step 6 of [1].

So why in case a new firmware you need to wait more time (about 10
second) that the case where there not new firmware ?

>> How they manage to download the firmware (need led driver, ppp, http,
>> adsl driver, atm stack, ...)

>How do you think some random network card with do netbooting works ?
>(got a led driver, ipv4 simplified "stack", dhcp & tftp capabilities)

>Just like your pc has a BIOS to search for booting devices
Adsl is far more complex than ethernet...

>> Please suggest other mailling lists.
>the one you CC at first @lists.gpl-violations.org and only this one ...
Ok, let's continue on this mailling list.
Register is needed to post, but I think it is worth to continue, to
clarify how works the freebox and some wrong assuptions.

Pierre

[1] http://forums.grenouille.com/index.php?showtopic=14659
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Emmanuel Fleury
Pierre Michon wrote:
>
>>Just like your pc has a BIOS to search for booting devices
>
> Adsl is far more complex than ethernet...

Not complex enough so that a network boot protocol can't fit on a BIOS
chip, believe me.

> Ok, let's continue on this mailling list.
> Register is needed to post, but I think it is worth to continue, to
> clarify how works the freebox and some wrong assuptions.

The only wrong assumptions that I see here are yours.

I don't understand why you cannot accept that the Freebox is part of the
Free network infrastructure and that you are not using directly the OS
but only the service that they provide.

You have to understand that this is just like if the nodes to which your
mobile phone is connecting were running Linux. Just because your mobile
phone is your, you cannot ask for the code of what is running on the node.

'Got it, now ?

Regards
--
Emmanuel Fleury

A good compromise leaves everyone mad.
   -- Calvin & Hobbes (Bill Waterson)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Alexandre Oliva-2
In reply to this post by Emmanuel Fleury
On Oct  5, 2005, Emmanuel Fleury <[hidden email]> wrote:

> First, it is very arguable to say that they are "distributing" the
> software as it does not comes with the FreeBox but is automatically
> downloaded at each boot through the DSLAM network (which the user is not
> supposed to know about).

So if I tell you to download a Live CD using say bittorrent and don't
tell you that this Live CD contains Linux the kernel because you're
not supposed to know that, you're not entitled to get the sources?

--
Alexandre Oliva         http://www.lsd.ic.unicamp.br/~oliva/
Red Hat Compiler Engineer   aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist  oliva@{lsd.ic.unicamp.br, gnu.org}
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Pierre Michon
In reply to this post by Pierre Michon
Hi,

>Not complex enough so that a network boot protocol can't fit on a BIOS
>chip, believe me.

So _why_ the freebox act _differently_ in the boot process when there is
a firmware update ?
Just for the fun ?

> he only wrong assumptions that I see here are yours.
I provide facts and arguments, you provide nothing.

>I don't understand why you cannot accept that the Freebox is part of the
>Free network infrastructure and that you are not using directly the OS
>but only the service that they provide.
So what about _my_ wifi pcmcia card ?
What about the people who had to paid 400 euros and receive a letter
from free telling them that according to CGV there are the onwer of the
freebox (ok this one need some checks).

Again in my first post I provide facts for this (with links), you provide
nothing than replying always the same things without arguments against
mine.


Please take my first post and reply to point A, B, C with arguments.

>'Got it, now ?
No, because you didn't answer to my questions...

Pierre

Please let's continue on legal gpl-violations.org ML.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Helge Hafting-2
In reply to this post by Emmanuel Fleury
On Wed, Oct 05, 2005 at 02:29:50PM +0200, Emmanuel Fleury wrote:
> Arjan van de Ven wrote:
[...]

> > they don't do a)
> >
> > they don't do b)
> >
> > c) is only for noncommerial distribution (not the case here) and only if
> > they got it in a type b) before, eg it allows you to transfer a type b)
> > in the non-commerical case.
>
> First, it is very arguable to say that they are "distributing" the
> software as it does not comes with the FreeBox but is automatically
> downloaded at each boot through the DSLAM network (which the user is not
> supposed to know about).

If the box downloads a linux kernel through the DSLAM network, then
someone is clearly distributing linux kernels through the DSLAM network.
I would guess it is the same guys, because relying on someone else providing
them with kernels is a risky business.  But whoever is on the other end
of the DSLAM net have to offer the source as well, because they _are_
distributing kernels.

The fact that the user isn't supposed to know how this box work
doesn't change anything, of course.  The GPL says those who
distribute the work - it doesn't matter that they don't tell the
customer that they're given a linux kernel. They still have to offer
the source if asked.


Helge Hafting
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

David Lang
On Thu, 6 Oct 2005, Helge Hafting wrote:

> If the box downloads a linux kernel through the DSLAM network, then
> someone is clearly distributing linux kernels through the DSLAM network.
> I would guess it is the same guys, because relying on someone else providing
> them with kernels is a risky business.  But whoever is on the other end
> of the DSLAM net have to offer the source as well, because they _are_
> distributing kernels.
>
> The fact that the user isn't supposed to know how this box work
> doesn't change anything, of course.  The GPL says those who
> distribute the work - it doesn't matter that they don't tell the
> customer that they're given a linux kernel. They still have to offer
> the source if asked.

the argument that they are making is that they are only moveing the kernel
within their own companies equipment, and therefor it doesn't count as
'distribution'

agree with this argument or not, but please acknowledge this point of view
rather then pretending that they have no argument at all and are just
plain refusing.

David Lang

--
There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.
  -- C.A.R. Hoare
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Stefan Smietanowski
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>> If the box downloads a linux kernel through the DSLAM network, then
>> someone is clearly distributing linux kernels through the DSLAM network.
>> I would guess it is the same guys, because relying on someone else
>> providing
>> them with kernels is a risky business.  But whoever is on the other end
>> of the DSLAM net have to offer the source as well, because they _are_
>> distributing kernels.
>>
>> The fact that the user isn't supposed to know how this box work
>> doesn't change anything, of course.  The GPL says those who
>> distribute the work - it doesn't matter that they don't tell the
>> customer that they're given a linux kernel. They still have to offer
>> the source if asked.
>
>
> the argument that they are making is that they are only moveing the
> kernel within their own companies equipment, and therefor it doesn't
> count as 'distribution'
>
> agree with this argument or not, but please acknowledge this point of
> view rather then pretending that they have no argument at all and are
> just plain refusing.
>
> David Lang
>

If one turns it on, doesn't turn it off, pays the 400 EUR and
as a result OWNS it, then what one has is a box that at that point
in time is running Linux and one is the owner of it.

// Stefan
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)

iD8DBQFDRHnpBrn2kJu9P78RApviAJ9AwjF8wU+6ao/L61AC7xW/QSBRZwCaA9u1
yDDXxWQ/0MHeAS7pSg4C4rg=
=oLR8
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

David Lang
On Thu, 6 Oct 2005, Stefan Smietanowski wrote:

> If one turns it on, doesn't turn it off, pays the 400 EUR and
> as a result OWNS it, then what one has is a box that at that point
> in time is running Linux and one is the owner of it.

as I said, feel free to argue against their point, but let's stop having
people getting on their high horse pretending that they have no argument
at all.

David Lang

--
There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies.
  -- C.A.R. Hoare
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Helge Hafting
In reply to this post by David Lang
David Lang wrote:

> On Thu, 6 Oct 2005, Helge Hafting wrote:
>
>> If the box downloads a linux kernel through the DSLAM network, then
>> someone is clearly distributing linux kernels through the DSLAM network.
>> I would guess it is the same guys, because relying on someone else
>> providing
>> them with kernels is a risky business.  But whoever is on the other end
>> of the DSLAM net have to offer the source as well, because they _are_
>> distributing kernels.
>>
>> The fact that the user isn't supposed to know how this box work
>> doesn't change anything, of course.  The GPL says those who
>> distribute the work - it doesn't matter that they don't tell the
>> customer that they're given a linux kernel. They still have to offer
>> the source if asked.
>
>
> the argument that they are making is that they are only moveing the
> kernel within their own companies equipment, and therefor it doesn't
> count as 'distribution'

Interesting argument, but it breaks for at least two reasons:
1. You can buy that box instead of just hiring it. That moves kernels
"outside the company",
    for money even.
2. It doesn't matter if they only move kernels withing their own
companys equipment.
    If they lend a customer equipment containing a linux kernel, then
they're lending
    them a linux kernel.  Lending is distribution!

>
> agree with this argument or not, but please acknowledge this point of
> view rather then pretending that they have no argument at all and are
> just plain refusing.

The argument might be fine, if they were moving linux kernels into
company equipment
used by company personell only.  (I.e. linux-powered
desktops/servers/gadgets for their employees.)
And it might not.  Maybe they actually have to distribute source to
employees too, if they
request it.  The GPL only mentions recipients, no exceptions for
"internal company use".  A company
may perhaps demand that the employees never request the source, though.
Or perhaps
"internal use" is covered by the company being a "legal unit".

People breaking the GPL should be taken seriously.  Fortunately, the
solution is easy for
GPL-breakers.  Break someone else's license, and they have to pay
damages.  Break the GPL,
and all you need to do is to stuff some source code onto a public
(web/ftp)server - and all is fine again.

The situation is so cheap and _easy_ to rectify, that is one reason
people gets so pissed off at
a violation.  It is not as if complying with the GPL would be any kind
of burden to them.

Helge Hafting
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Emmanuel Fleury
Helge Hafting wrote:
>
> Interesting argument, but it breaks for at least two reasons: 1. You
> can buy that box instead of just hiring it. That moves kernels
> "outside the company", for money even.

I might have misunderstood but I think that if you buy the hardware you
cannot connect it to the DSLAM network anymore. So that only the boxes
they own are connected to the DSLAM.

> 2. It doesn't matter if they only move kernels withing their own
> companys equipment. If they lend a customer equipment containing a
> linux kernel, then they're lending them a linux kernel.  Lending is
> distribution!

Are you sure this point has been clarified in court in the past ?
If not, I would bet on it (for the specific case of settop boxes).

> The argument might be fine, if they were moving linux kernels into
> company equipment used by company personell only.  (I.e.
> linux-powered desktops/servers/gadgets for their employees.) And it
> might not. Maybe they actually have to distribute source to
> employees too, if they request it.  The GPL only mentions recipients,
> no exceptions for "internal company use".  A company may perhaps
> demand that the employees never request the source, though. Or
> perhaps "internal use" is covered by the company being a "legal
> unit".

"internal use" is kind of a buzz word here and should probably be
clarified for this kind of cases.

For now, I really don't see the flaw in Free's argument.

I mentioned in another mail the case of a mobile phone network
infrastructure where the network nodes to which mobile phones are
connecting are running Linux. It seems to be an "internal use" (as it
never leak out of the company network) and yet providing a service to
customers.

The only difference in the Freeboxes case is that the node is at the
customer place (you can compare the customer's mobile phone to the
customer's computer plugged on the Freebox). But the fact that you don't
share your node with others and that you have it at home doesn't change
the fact that the company own it.

Has been any previous similar cases in the past which went in court ?

Maybe the best attack angle would be to say that if a GPL system is
interacting directly with a customer, then the source code should be
distributed. But I don't see if this requirement need changes in the GPL
(I'm ain't no expert).

Regards
--
Emmanuel Fleury

Always program as if the person who will be maintaining your program
is a violent psychopath that knows where you live.
  -- Unknown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Emmanuel Fleury
Emmanuel Fleury wrote:
>
> Are you sure this point has been clarified in court in the past ?
> If not, I would bet on it (for the specific case of settop boxes).

I _wouldn't_ bet on it....

Argh.

Regards
--
Emmanuel Fleury

Given that sooner or later we're all just going to die,
what's the point of learning about integers?
  -- Calvin & Hobbes (Bill Waterson)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Helge Hafting
In reply to this post by Emmanuel Fleury
Emmanuel Fleury wrote:

>Helge Hafting wrote:
>  
>
>>Interesting argument, but it breaks for at least two reasons: 1. You
>>can buy that box instead of just hiring it. That moves kernels
>>"outside the company", for money even.
>>    
>>
>
>I might have misunderstood but I think that if you buy the hardware you
>cannot connect it to the DSLAM network anymore. So that only the boxes
>they own are connected to the DSLAM.
>  
>
Well, but there still is a kernel in the box that was downloaded before
they bought it?  Or does the box become unuseable when they buy it?

>  
>
>>2. It doesn't matter if they only move kernels withing their own
>>companys equipment. If they lend a customer equipment containing a
>>linux kernel, then they're lending them a linux kernel.  Lending is
>>distribution!
>>    
>>
>
>Are you sure this point has been clarified in court in the past ?
>If not, I would bet on it (for the specific case of settop boxes).
>  
>
Licencing rules applies when copying stuff for internal use.
Consider what would happen, if the company used windows
instead of linux on their boxes:
Everytime they copy windows onto a box they have to pay ms for another
licence.  Big companies can't jsut buy a single windows licence and
copy it to all their desktops.  BSA has definitely clarified that in court.
Now, the ms licence specifies payments to ms.  The GPL is just another
licence,
with slightly different terms.  Instead of a payment, it specifies source
availability as the "price".

There is clearly court precedent that companies have to comply with
software
licences when making copies for _internal_ use.  GNUs licence or ms licence
shouldn't matter.

>"internal use" is kind of a buzz word here and should probably be
>clarified for this kind of cases.
>
>For now, I really don't see the flaw in Free's argument.
>  
>
If "when do we invoke the GPL" is hard to see, try considering
"when do we have to pay" if using ordinary proprietary pay-per-instance
software.  You will then find that the cases are similiar.

If the company makes and distributes an internal copy of windows, then
they pay ms.
If the company makes and distributes an internal copy of linux, then
they have to
provide an internal copy of the source as well.

If I make a business out of lending windows boxes, then I have to pay
licences
on each box.  If I lend customers linux boxes, I should lend them the
source too if they
requests it.  Remember, even if the average customer doesn't know what
software
is in the box, they still have the right to make a copy of the linux
kernel, because you
cannot take away that right.

>I mentioned in another mail the case of a mobile phone network
>infrastructure where the network nodes to which mobile phones are
>connecting are running Linux. It seems to be an "internal use" (as it
>never leak out of the company network) and yet providing a service to
>customers.
>  
>
This is fine.  Similiar to how I can run a linux-based webserver, without
having to provide people with linux source.  This because I don't give
them the server that contains linux.  But if you _sell_ one of those
network nodes, then you have to provide linux source along with it.

>The only difference in the Freeboxes case is that the node is at the
>customer place (you can compare the customer's mobile phone to the
>customer's computer plugged on the Freebox). But the fact that you don't
>share your node with others and that you have it at home doesn't change
>the fact that the company own it.
>  
>
Interesting argument indeed.  But consider: what would happen
if the phones (or freebox) were to run windows?  The distributing
company would have to pay licencing fees, right?

>Has been any previous similar cases in the past which went in court ?
>
>  
>
There have at least been cases where companies were selling
linux-powered products, and were told that they had to
provide the sources.  I don't know if any of them bothered
going to court, simply making the source available (on a cd
or webserver) is so much cheaper than that.

>Maybe the best attack angle would be to say that if a GPL system is
>interacting directly with a customer, then the source code should be
>distributed. But I don't see if this requirement need changes in the GPL
>(I'm ain't no expert).
>  
>
An interesting thing about the GPL is that it talks about
"distributing copies", not about "selling or otherwise changing ownership".

"Distributing" a linux kernel embedded in a product owned by the
company doesn't change that.  Where the binary kernel go, the
source should go too (if requested).

Fortunately, this licencing term is so easy to satisfy that it'd be silly
to try to fight it. Stick the source on a webserver somewhere.  Provide
the URL in the accompagnying paper (or a README file if appropriate.)
If distributing cd's, consider sticking a tarball there.

Helge Hafting
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Pierre Michon
In reply to this post by Pierre Michon
Hi,

>I might have misunderstood but I think that if you buy the hardware you
>cannot connect it to the DSLAM network anymore. So that only the boxes
>they own are connected to the DSLAM.

Again have you any proof that there aren't any Linux firmware in the
flash of the freebox ?
How do you explain that the boot sequence isn't stateless ?
Why in case of a firmware update, you have a special state of 10 seconds
were the freebox seem to download and write some data somewhere ?

So yes may be you can't connect anymore to the free DSLAM, but there is
may be still GPL data in the flash.

>Are you sure this point has been clarified in court in the past ?
>If not, I would bet on it (for the specific case of settop boxes).

For french law I don't know, but someone on gpl-violation this is true
for de and au.

>I mentioned in another mail the case of a mobile phone network
>infrastructure where the network nodes to which mobile phones are
>connecting are running Linux. It seems to be an "internal use" (as it
>never leak out of the company network) and yet providing a service to
>customers.

No the freebox is more like a dvb box that is lended by a satellite
provider and could do firmware update via satellite.

I don't know if there are similar case for dvb box.


Pierre
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Emmanuel Fleury
In reply to this post by Helge Hafting
Helge Hafting wrote:
>
> Well, but there still is a kernel in the box that was downloaded before
> they bought it?  Or does the box become unuseable when they buy it?

No idea, I don't have a Freebox yet.

> If I make a business out of lending windows boxes, then I have to pay
> licences
> on each box.  If I lend customers linux boxes, I should lend them the
> source too if they
> requests it.  Remember, even if the average customer doesn't know what
> software
> is in the box, they still have the right to make a copy of the linux
> kernel, because you
> cannot take away that right.

You got an extremely good point here. At least it shows why this way of
doing is not "moral", but, looking at the GPL text, there is nothing
stating any obligation to "pay" in any manner (money or contributions)
to use and/or modify GPLed softwares.

Just to illustrate my point, in the case of an webserver, if the
webmaster patch the code of his own webserver to provides his customers
with a new service. Has he the obligation to redistribute this code ?
Namely, his patched webserver will never get distributed. The only
interaction between the customers and his webserver will be through
exchanges of HTML files.

And anyway, to whom redistribute the code ? Indeed, what would do the
customers with such code ? As they are only using the service without
really touching the software.

Therefore, it would be nice from the webmaster to contribute with his
patch, but I do think that it is his own choice to do so.

Note: Originally, the redistribution of the code was mainly to avoid
customers or companies to get stuck with a "no more maintained"
binaries. In the case we are looking now, as the hardware is not
belonging to the customers, there is no such risk. So the protection
seems to be against something else... but what ?

> There have at least been cases where companies were selling
> linux-powered products, and were told that they had to
> provide the sources.  I don't know if any of them bothered
> going to court, simply making the source available (on a cd
> or webserver) is so much cheaper than that.

LinkSys is an example. But the customers were owning the machine with
everything in it (including the OS). Again, the clause on distributing
the sources help to not get stuck with a piece of hardware that you own
with no possibility of upgrade (remembers me the famous story of RMS and
the laser printer).

> An interesting thing about the GPL is that it talks about
> "distributing copies", not about "selling or otherwise changing ownership".
>
> "Distributing" a linux kernel embedded in a product owned by the
> company doesn't change that.  Where the binary kernel go, the
> source should go too (if requested).
>
> Fortunately, this licencing term is so easy to satisfy that it'd be silly
> to try to fight it. Stick the source on a webserver somewhere.  Provide
> the URL in the accompagnying paper (or a README file if appropriate.)
> If distributing cd's, consider sticking a tarball there.

Well, I'm really sorry to play the Devil Advocate once time more, but as
far as I know all these DSL companies have big secrets because of
weaknesses in their security. Being hacked at the Internet level is one
thing, being hacked at the DSLAM level means a lot. Try to imagine if
anybody could upload to you his own modified kernel, this means that you
can tape all the internet traffic, all the phone calls, all the TV
programs that you are looking at, and also probably having an easy way
in to your local network (wired and wifi).

Regards
--
Emmanuel Fleury

Live as if your were to die tomorrow.
Learn as if you were to live forever.
  -- Mahatma Gandhi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Emmanuel Fleury
In reply to this post by Pierre Michon
Pierre Michon wrote:
>
>>I might have misunderstood but I think that if you buy the hardware you
>>cannot connect it to the DSLAM network anymore. So that only the boxes
>>they own are connected to the DSLAM.
>
> Again have you any proof that there aren't any Linux firmware in the
> flash of the freebox ?

Helloooo !!! Have you proofs that they have ???

You're always assuming the worst from Free, this is really starting to
be annoying. Just stick to the FACTS and if you want to argue on
something, bring PROOFS !

And even if it was the case, you missed the point here, if they own the
Freebox their point is that they are using Linux for "internal use" only.

>>Are you sure this point has been clarified in court in the past ?
>>If not, I would bet on it (for the specific case of settop boxes).
>
> For french law I don't know, but someone on gpl-violation this is true
> for de and au.

Nonsense, you are talking about cases of softwares which were sold to
customers with GPL code inside. This is no such case here.

>>I mentioned in another mail the case of a mobile phone network
>>infrastructure where the network nodes to which mobile phones are
>>connecting are running Linux. It seems to be an "internal use" (as it
>>never leak out of the company network) and yet providing a service to
>>customers.
>
> No the freebox is more like a dvb box that is lended by a satellite
> provider and could do firmware update via satellite.
>
> I don't know if there are similar case for dvb box.

You obviously need a brain, try to get one and come back after you
learned to use it.

Regards
--
Emmanuel Fleury

Shut up and hack !
  -- Theo de Raadt (OpenBSD Hackaton)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Michael Poole
Emmanuel Fleury writes:

>>>Are you sure this point has been clarified in court in the past ?
>>>If not, I would bet on it (for the specific case of settop boxes).
>>
>> For french law I don't know, but someone on gpl-violation this is true
>> for de and au.
>
> Nonsense, you are talking about cases of softwares which were sold to
> customers with GPL code inside. This is no such case here.

In the US, the law (17 USC 106) is very clear that renting, lending,
and leasing are "distribution" that is a protected right.  The Berne
Convention says the same in article 11bis (remember that a later
revision explicitly included computer programs in "literary works").
Do you think this interpretation of "distribution" does not apply to
Free?  If not, why not?

Michael Poole
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Michael Poole
In reply to this post by Emmanuel Fleury
Emmanuel Fleury writes:

> Well, I'm really sorry to play the Devil Advocate once time more, but as
> far as I know all these DSL companies have big secrets because of
> weaknesses in their security. Being hacked at the Internet level is one
> thing, being hacked at the DSLAM level means a lot. Try to imagine if
> anybody could upload to you his own modified kernel, this means that you
> can tape all the internet traffic, all the phone calls, all the TV
> programs that you are looking at, and also probably having an easy way
> in to your local network (wired and wifi).

Lousy security is not an excuse to violate contract or copyright law.

Michael Poole
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Helge Hafting
In reply to this post by Emmanuel Fleury
Emmanuel Fleury wrote:

>Helge Hafting wrote:
>  
>
>>If I make a business out of lending windows boxes, then I have to pay
>>licences
>>on each box.  If I lend customers linux boxes, I should lend them the
>>source too if they
>>requests it.  Remember, even if the average customer doesn't know what
>>software
>>is in the box, they still have the right to make a copy of the linux
>>kernel, because you
>>cannot take away that right.
>>    
>>
>
>You got an extremely good point here. At least it shows why this way of
>doing is not "moral", but, looking at the GPL text, there is nothing
>stating any obligation to "pay" in any manner (money or contributions)
>to use and/or modify GPLed softwares.
>
>Just to illustrate my point, in the case of an webserver, if the
>webmaster patch the code of his own webserver to provides his customers
>with a new service. Has he the obligation to redistribute this code ?
>  
>
No, because he didn't distribute any binary code.

>Namely, his patched webserver will never get distributed. The only
>interaction between the customers and his webserver will be through
>exchanges of HTML files.
>  
>
Correct, so only the licence on the html files (if any) will matter.

>Therefore, it would be nice from the webmaster to contribute with his
>patch, but I do think that it is his own choice to do so.
>  
>
Indeed, because he didn't distribute the webserver binary
in any way. He still only got his own single (modified) copy.
So he has choice.  But if he starts selling "improved webserver boxes"
then the GPL kicks in.  Source too - the price of getting the sw for
no money in the first place.

>Note: Originally, the redistribution of the code was mainly to avoid
>customers or companies to get stuck with a "no more maintained"
>binaries. In the case we are looking now, as the hardware is not
>belonging to the customers, there is no such risk. So the protection
>seems to be against something else... but what ?
>  
>
The point is forced open source.  If you can do business using
open-source stuff, then you shall be unable to prevent others from
doing the same.  This is the "price" of open source, and keeps the
sw prices way down.  Nobody can charge much for the open software
component, because the source must be available for free so
anybody capable of compiling it can create their own product.

Competition and the ability to make money then, is not about
having the best sw (because it is forcibly not secret) but in
providing the best service and hardware.

>>There have at least been cases where companies were selling
>>linux-powered products, and were told that they had to
>>provide the sources.  I don't know if any of them bothered
>>going to court, simply making the source available (on a cd
>>or webserver) is so much cheaper than that.
>>    
>>
>
>LinkSys is an example. But the customers were owning the machine with
>everything in it (including the OS). Again, the clause on distributing
>the sources help to not get stuck with a piece of hardware that you own
>with no possibility of upgrade (remembers me the famous story of RMS and
>the laser printer).
>  
>
Not getting stuck is one thing.  Not needing to reinvent the wheel
is another.  Nobody need to make another linux kernel from scratch, they
can instead grab the existing one and build on that.  In the long run, this
saves a lot of reimplementation cost for society.  Instead, whe can focus on
improving the software further.

>>An interesting thing about the GPL is that it talks about
>>"distributing copies", not about "selling or otherwise changing ownership".
>>
>>"Distributing" a linux kernel embedded in a product owned by the
>>company doesn't change that.  Where the binary kernel go, the
>>source should go too (if requested).
>>
>>Fortunately, this licencing term is so easy to satisfy that it'd be silly
>>to try to fight it. Stick the source on a webserver somewhere.  Provide
>>the URL in the accompagnying paper (or a README file if appropriate.)
>>If distributing cd's, consider sticking a tarball there.
>>    
>>
>
>Well, I'm really sorry to play the Devil Advocate once time more, but as
>far as I know all these DSL companies have big secrets because of
>weaknesses in their security. Being hacked at the Internet level is one
>thing, being hacked at the DSLAM level means a lot. Try to imagine if
>anybody could upload to you his own modified kernel, this means that you
>can tape all the internet traffic, all the phone calls, all the TV
>programs that you are looking at, and also probably having an easy way
>in to your local network (wired and wifi).
>  
>
Well, then they need to secure their DSLAM setup.  If it is at all
vulnerable this way, then they need to fix it.  Most users may be
"computer dummies", but there are enough experts among them too.
It only takes one leak, breakin, or reverse engineering session to
break through security-by-obscurity.  And when the cat is out of the
bag, it is out forever.

The internet level is secure enough, when set up by competent people.
Surely the same can be done at DSLAM level.  This reminds me of ethernet
many years ago, when people realized the possibilities of a hacked network
driver.  (A simple way to sniff all traffic, and inject spoofed traffic.)
Easy to do these days, with a open-source kernel.
But these problems are solved - mostly with encryption to protect
what must not be sniffed, and firewall routers preventing the routing
of spoofed packets. With a good setup, spoofing is limited to
spoof other machines on the same network, and then the local
admin can set things straight.

Bad security is not an excuse for disobeying the GPL.  The GPL itself states
that there are no exceptions. If "other concerns" means you can't obey
the GPL to the letter, then you _must_ refrain from distributing the
GPLed software altogether.  In such cases, the open software is not a
legal option.

Very similiar to a company that cannot afford to pay licences - in that case
proprietary sw is not an option.  They can't just pirate anyway and get away
with it because "otherwise their business model won't work and result in
bankrupcy".
If you can't take the "cost" of open sw, then don't use it.  
Fortunately, the cost is
usually low.  And they _can_ keep a linux device driver secret, they
merely have to offer
the source for the rest of the kernel.

Helge Hafting
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
Reply | Threaded
Open this post in threaded view
|

Re: freebox possible GPL violation

Matan Peled
In reply to this post by Michael Poole
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Poole wrote:
> In the US, the law (17 USC 106) is very clear that renting, lending,
> and leasing are "distribution" that is a protected right.  The Berne
> Convention says the same in article 11bis (remember that a later
> revision explicitly included computer programs in "literary works").
> Do you think this interpretation of "distribution" does not apply to
> Free?  If not, why not?

The argument seems to be that you're paying for the service, and not the box,
and that the box is owned by Free and therefore no distribution occurs here, as
the kernel moves from Free to Free.

The obvious example is web servers, where you aren't distributing anything (at
least not the server software) and still providing service.

The difference here is that the box is physically at the customer's house, which
could be considered "lending", but IANAL.

Anyway, I guess you'll have to ask a (preferably French) lawyer to find out.

BTW, the whole thing about the kernel being in ROM or RAM or whatever and how it
got there are moot - its still running Linux. And if lending is distribution,
then they need to offer the source code.

FYI: Needing to reboot to change firmware makes sense, and those 10 extra
seconds might involve upgrading the proprietary firmware... But thats irrelevant.

- --
[Name      ]   ::  [Matan I. Peled    ]
[Location  ]   ::  [Israel            ]
[Public Key]   ::  [0xD6F42CA5        ]
[Keyserver ]   ::  [keyserver.kjsl.com]
encrypted/signed  plain text  preferred

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDRTlGA7Qvptb0LKURAs9iAJ9NKgLPDkUl/BBeAMJBot0PGzIDBwCfY/SS
pxRwgjqVPlasdIPTG/kvp6U=
=uAEf
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [hidden email]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
123