Stories
Slash Boxes
Comments

SoylentNews is people

posted by cmn32480 on Monday September 07 2015, @08:31AM   Printer-friendly [Skip to comment(s)]
from the the-GPL-is-open-to-interpretation dept.

Grsecurity® is an extensive security enhancement to the Linux kernel that defends against a wide range of security threats through intelligent access control, memory corruption-based exploit prevention, and a host of other system hardening that generally require no configuration. It has been actively developed and maintained for the past 14 years. Commercial support for grsecurity is available through Open Source Security, Inc.

In a big red block at the top of their home page is the following warning:

Important Notice Regarding Public Availability of Stable Patches
Due to continued violations by several companies in the embedded industry of grsecurity®'s trademark and registered copyrights, effective September 9th 2015 stable patches of grsecurity will be permanently unavailable to the general public. For more information, read the full announcement.

And I thought GRSecurity was based on the GPL'd work called "Linux". Guess I was wrong.


Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by Runaway1956 on Monday September 07 2015, @08:59AM

    by Runaway1956 (2926) Subscriber Badge on Monday September 07 2015, @08:59AM (#233194) Homepage Journal

    "We don't like to be plagiarized, so we're not giving our stuff away anymore. It's to expensive to defend our trademark and copyright, so we're changing the rules of the game."

    I kinda think these guys have an inflated sense of their own importance. Personally, I've never used their products. I guess I can probably survive the rest of my life without their product.

    --
    "I didn't lose to him!" - The Donald referring to Trippin' Joe
    • (Score: 2, Informative) by Anonymous Coward on Monday September 07 2015, @10:41AM

      by Anonymous Coward on Monday September 07 2015, @10:41AM (#233213)

      "several very large companies in the embedded Linux world who have gone beyond simply taking advantage of our work. Not only has the entire embedded industry as a whole not contributed a single dime toward our continued development and maintenance (despite our work being critical to the security of the millions of devices using our code: streaming media players, credit card processing systems, etc), the companies we've identified have actively violated the GPL and even our trademark. These transgressions have continued despite their awareness and our legal action."

  • (Score: 2, Insightful) by Anonymous Coward on Monday September 07 2015, @09:06AM

    by Anonymous Coward on Monday September 07 2015, @09:06AM (#233195)

    They complained that a company took unstable code and called it "grsecurity" code (which it was). Now they are limiting access to the stable code, while leaving the unstable code available..

    ..so that exact situation can still happen. What.

    Also:

    > stable patches of grsecurity will be permanently unavailable to the general public

    I'm sure the people who care about having access to the source code they are running the binaries of will take this gracefully.

  • (Score: 5, Interesting) by Anonymous Coward on Monday September 07 2015, @09:22AM

    by Anonymous Coward on Monday September 07 2015, @09:22AM (#233201)

    based on the GPL'd work called "Linux". Guess I was wrong.

    You are wrong. Copyleft covers copying ONLY. The copyright holder retains all other rights, including the right to choose whether to distribute and to whom to distribute. The GPL clearly mandates that source be provided ONLY to recipients of binaries. If you do not buy binaries and you do not receive binaries, you have absolutely no right to receive sources.

    From TFA:

    Therefore, two weeks from now, we will cease the public dissemination of the stable series and will make it available to sponsors only.

    So, if you want patches, buy them from Grsecurity or negotiate to buy them from a sponsor. If you are lucky then someone might be willing to sell to you. But the GPL does NOT EVER guarantee you free shit for free, which is what you seem to want "because Linux."

    • (Score: 3, Interesting) by Anonymous Coward on Monday September 07 2015, @09:41AM

      by Anonymous Coward on Monday September 07 2015, @09:41AM (#233203)

      Therefore, two weeks from now, we will cease the public dissemination of the stable series and will make it available to sponsors only.

      The GPL does NOT EVER guarantee you free shit for free, which is what you seem to want "because Linux."

      But the GPL does promise that you can do what you like with it, without any restriction other than preserving GPL terms. So, it only takes one person to subscribe to their "improvements", and publish them for everyone to use.

      Personally, I' take the view that if their "improvements" to the kernel were uncontroversially beneficial, they would have been absorbed into mainstream code already, so I'm not intending to use them.

      • (Score: -1, Flamebait) by Anonymous Coward on Monday September 07 2015, @09:52AM

        by Anonymous Coward on Monday September 07 2015, @09:52AM (#233204)

        But the GPL does promise that you can do what you like with it, without any restriction other than preserving GPL terms. So, it only takes one person to subscribe to their "improvements", and publish them for everyone to use.

        That's why the market value of Free Software is $0.00 and Linux users are smelly freetard neckbeards who beg on street corners.

        • (Score: 0) by Anonymous Coward on Monday September 07 2015, @10:51PM

          by Anonymous Coward on Monday September 07 2015, @10:51PM (#233493)

          beggars in IN make over 100k, AND they have neckbeards!

        • (Score: 0) by Anonymous Coward on Monday September 07 2015, @11:13PM

          by Anonymous Coward on Monday September 07 2015, @11:13PM (#233508)

          >That's why the market value of Free Software is $0.00 and Linux users are smelly freetard neckbeards who beg on street corners.
          They make a deal with a devil and then wish not to give him his due when it turns out that the deal was exactly as stated:
          We give you something for "free", you give us the best years of your lives.

      • (Score: 4, Insightful) by ThePhilips on Monday September 07 2015, @10:03AM

        by ThePhilips (5677) on Monday September 07 2015, @10:03AM (#233205)

        But the GPL does promise that you can do what you like with it, without any restriction other than preserving GPL terms. So, it only takes one person to subscribe to their "improvements", and publish them for everyone to use.

        Yes.

        But recall the whole RHEL vs CentOS debacle.

        RedHat sells lots of of GPLed components to the RHEL customers. And even though they are GPLed, you would rarely, if ever, find them for free download on the net.

        Personally, I' take the view that if their "improvements" to the kernel were uncontroversially beneficial, they would have been absorbed into mainstream code already, so I'm not intending to use them.

        That discussion is more than a decade old.

        GrSecurity patches (and similar) are very intrusive, and generally trade performance for a promise of higher security. It's not just couple of places patched or a loadable module a-la AppArmor or SELinux. They patch and change lots of code, including the very low-level routines, making the kernel as a whole harder to develop and maintain.

        OTOH, the security people also not very eager. The fame of merging it into the mainline would fade quickly. While by maintaining their own patchsets, they have something akin to a product, and an associated with it service to sell.

    • (Score: 0) by Anonymous Coward on Monday September 07 2015, @10:10AM

      by Anonymous Coward on Monday September 07 2015, @10:10AM (#233207)

      Also, the Linux=GPL snark is utterly irrelevant unless GRSecurity is being distributed as a binary without sources. Which it isn't. They're playing the game to the rules. They're pissed off by big guys who aren't.

      I know they can't name names, but would be interested in knowing who to sneer at.

    • (Score: 3, Informative) by stormreaver on Monday September 07 2015, @11:23AM

      by stormreaver (5101) on Monday September 07 2015, @11:23AM (#233226)

      Copyleft covers copying ONLY.

      Copyright, and therefore copyleft, covers copying, modification, and distribution.

      The GPL clearly mandates that source be provided ONLY to recipients of binaries. If you do not buy binaries and you do not receive binaries, you have absolutely no right to receive sources.

      Provided that GRSecurity distributes the entire kernel with their patches to its customers, there's no problem. There is a problem, though, if GRSecurity distributes only its patches to its customers without the rest of the kernel sources, or if GRSecurity tries to prohibit its paying customers from making the patches publicly available.

      • (Score: 0) by Anonymous Coward on Monday September 07 2015, @11:36AM

        by Anonymous Coward on Monday September 07 2015, @11:36AM (#233230)

        There's no problem with distributing patches alone without the rest of the kernel sources, as long as GRSecurity offers to provide the rest of the kernel sources to anyone who asks for them. And no, GRSecurity can't prohibit paying customers from making the patches publicly available, but they can jack up the price until customers don't want to give away for free something that they paid a lot of money for.

        • (Score: 0) by Anonymous Coward on Monday September 07 2015, @07:35PM

          by Anonymous Coward on Monday September 07 2015, @07:35PM (#233392)

          > but they can jack up the price until customers don't want to give away for free something that they paid a lot of money for.

          The presupposes that there is an actual set of prices at the intersection of "too expensive to give away" and "cheap enough to buy."
          I doubt it.

        • (Score: 0) by Anonymous Coward on Monday September 07 2015, @10:52PM

          by Anonymous Coward on Monday September 07 2015, @10:52PM (#233496)

          > And no, GRSecurity can't prohibit paying customers from making the patches publicly available, but they can jack up the price until customers don't want to give away for free something that they paid a lot of money for.

          Ever heard of "bad faith".

          No?

          Ever heard of "frustration of purpose"

          No?

          You seem to be forgetting the thousands of copyright holders who aren't spengler who own the work from which this patch is derived.

          Oh but you think there's no agreement between spengler and they now, don't you? Ok, so then there is just a bare license, not an irrevokable agreement between the linux copyright holders and spengler, and they can revoke that license. Is that what you want?

    • (Score: 0) by Anonymous Coward on Monday September 07 2015, @10:42PM

      by Anonymous Coward on Monday September 07 2015, @10:42PM (#233484)

      GRsecurity is a derivative work. Why that matters is discussed way below.

      Copyright allows you to restrict a work, what area of the law allows you to grant permission?
      Property and Contract law.

      The significance of this is discussed in other posts below.

      Suffice to say: either spengler's license to modify linux can be revoked at will (barring estoppel) if he has permission as a license (property law), or extrinsic evidence that bears on the agreement (such as the intention of the parties, usage in trade of terms, course of dealings, etc) can be brought in to discover the full effect of the agreement (remeber: no integration clause here) since we would be proceeding under contract law (which is what you want if you want what linux is licensed under to be irrevokable). We can discover if all X contributors to linux intended derivative works to be closed in this manner, what the usage in trade was of these terms, what the course of dealings were vis a vis spengler and the linux rightsholders up till this time. Etc. It all bears to what the actual agreement is (if there is any to begin with).

      If he has neither (another possibility), then his "grant" to modify the linux source code is just completely invalid from the start.

      And before you dismiss all this, please study the basis of the law onwhich you base you documents and agreements.
      Just because your techi friends repeat some dogma about OSS "license"s, doesn't mean they have a firm basis in law.

      Guess why it takes years to get a law degree.

  • (Score: 1, Disagree) by cloud.pt on Monday September 07 2015, @10:09AM

    by cloud.pt (5516) on Monday September 07 2015, @10:09AM (#233206)

    Personally, I find the hypocrisy of this amusing: they just unGPL'd their Linux modifications arguing that other parties abused their own GPL license. I'm not super-duper-savvy about the inner workings of a GPL license, but the general feeling which I abide to has always been that GPL is commercial poison, thus I will never include such stuff in my professional endeavors (unless I'm working on FOSS software professionally, which I usually don't :/ ).

    I believe that is exactly what the makers of GPL, the FSF, intended it for when specifically crafting it for the GNU Project, so I'll take any argument stating GPL can be commercial "if this or that" with a big ass grain of salt.

    • (Score: -1, Troll) by Anonymous Coward on Monday September 07 2015, @10:42AM

      by Anonymous Coward on Monday September 07 2015, @10:42AM (#233214)

      The GPL isn't just commercial cancer, it's blatantly communist. Programmers are supposed to work for the government and be paid through taxation. We joke about the Microsoft Tax, yet such a tax is exactly what Stallman proposed in the GNU Manifesto.

      All sorts of development can be funded with a Software Tax:

      Suppose everyone who buys a computer has to pay x percent of the price as a software tax. The government gives this to an agency like the NSF to spend on software development.

      The only differences are Microsoft isn't a government agency and Microsoft rarely shares source code.

    • (Score: 4, Interesting) by stormreaver on Monday September 07 2015, @11:31AM

      by stormreaver (5101) on Monday September 07 2015, @11:31AM (#233229)

      ...so I'll take any argument stating GPL can be commercial "if this or that" with a big ass grain of salt.

      I distribute some of my commercial products under the GPL, and it has not been a problem. My customers pay me to create a product, some of which was written using GPL'd components, for their internal use. I give them the complete source code under the GPL, and tell them of their rights and responsibilities. The clincher that makes this not a problem for them is that they don't have to share the source with anyone as long as they don't redistribute the software outside of their own company. Since that's something they won't do anyway, it's a non-issue. They come back to me for any and all improvements and bug fixes.

      • (Score: 2) by jimshatt on Monday September 07 2015, @12:01PM

        by jimshatt (978) on Monday September 07 2015, @12:01PM (#233244) Journal
        This works very well for custom-made software, and I don't think anyone has a problem with that model (I suppose that this was one of the main scenarios RMS and the FSF had in mind). For more generic software this model is a little harder to rationalize since there is incentive to share (opening up to the advantages of Open Source: many eyeballs and the likes).
      • (Score: 2) by JoeMerchant on Monday September 07 2015, @08:56PM

        by JoeMerchant (3937) on Monday September 07 2015, @08:56PM (#233428)

        Not saying anyone will ever make you change, but I think if you read the GPL carefully you will find that it demands that you make your modifications and improvements generally available - including to the original authors your work is based upon.

        Thing is, since they will never know that you have made these mods, the clause is basically un-enforceable, unless you go bragging about it on an internet forum or something.

        --
        My karma ran over your dogma.
        • (Score: 0) by Anonymous Coward on Monday September 07 2015, @10:47PM

          by Anonymous Coward on Monday September 07 2015, @10:47PM (#233489)

          Could you explain that clause and how it works out.

          Because that is exactly what the grsecurity person has announced he is doing.

          Everyone is swearing this is A-OK.

        • (Score: 2) by stormreaver on Tuesday September 08 2015, @02:44AM

          by stormreaver (5101) on Tuesday September 08 2015, @02:44AM (#233583)

          Not saying anyone will ever make you change, but I think if you read the GPL carefully you will find that it demands that you make your modifications and improvements generally available....

          The GPL requires sources to be made available under any one of three circumstances, at my option. The one I choose under this model is the first one: providing full source code along with the compiled binary. At this point, my GPL obligations are fulfilled. I am under no obligation to provide sources to any one else.

          What you are probably referring to is option number 2: providing the binary, but not providing the sources. This option requires the sources to be made available to anyone who asks for them.

          • (Score: 2) by JoeMerchant on Tuesday September 08 2015, @03:24AM

            by JoeMerchant (3937) on Tuesday September 08 2015, @03:24AM (#233598)

            "Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying."

            Seems on its face to apply to all source, might not be requiring public availability... Their FAQ backs you up:

            Does the GPL require that source code of modified versions be posted to the public? (#GPLRequireSourcePostedPublic)

            The GPL does not require you to release your modified version, or any part of it. You are free to make modifications and use them privately, without ever releasing them. This applies to organizations (including companies), too; an organization can make a modified version and use it internally without ever releasing it outside the organization.

            But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the program's users, under the GPL.

            ---------------

            I'm used to distributing my products to multiple end users, effectively the public... it is different if you have a closed-end user base.

            --
            My karma ran over your dogma.
            • (Score: 1) by cloud.pt on Tuesday September 08 2015, @11:34AM

              by cloud.pt (5516) on Tuesday September 08 2015, @11:34AM (#233715)

              @stormreaver JoeMerchant makes a good point: "But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the program's users, under the GPL."

              This seems pretty clear to me - commercial poison. Poison is a strong, pejorative word but I just want to state the fact it poisons your code. I'd say more, it's a form of distributed code virus, because whenever you stop using it privately, it stops being: 1. Private and 2. closed-source. Those are the rules, they're pretty clear.

              But let's focus on GRSecurity's use case: do they use it solely privately? It depends on your point of view (and that's what they're playing with). To me, since they provide it to different organizations with different missions as their own, I'd say it's pretty clear the use case stopped being "internal". But others (like GRSEcurity itself) are arguing their group of customers, together with GRSEcurity itself form a closed group which is the sole private "user" of the software, in it's "internal" fashion, it just so happens to involve a "binary/working code for money" exchange.

              You could also argue that a service provider (i.e. an employee) working internally for a single company, who uses GPL for an internal project, is also providing his own (originated out of his creativity) code for external use. I believe this is a flaw of GPL and should be clarified/modified under it's raison d'être for a next version - what is private? Is it for a single, indisputable purpose, or for a catch-all purpose of an organization?

              • (Score: 2) by stormreaver on Tuesday September 08 2015, @01:56PM

                by stormreaver (5101) on Tuesday September 08 2015, @01:56PM (#233771)

                @stormreaver JoeMerchant makes a good point: "But if you release the modified version to the public in some way, the GPL requires you to make the modified source code available to the program's users, under the GPL."

                JoeMerchant has misread and misapplied the GPLv3. See my previous reply.

            • (Score: 2) by stormreaver on Tuesday September 08 2015, @01:53PM

              by stormreaver (5101) on Tuesday September 08 2015, @01:53PM (#233769)

              Seems on its face to apply to all source....

              Your quote is out of context. The section you quoted is describing how the source code must be provided to those who are eligible to receive it.

              Even if my product were GPLv3, which it isn't (it's GPLv2 only), that wouldn't change anything: under the correct circumstances, the GPL is a great tool for bringing a commercial product to market quickly. The whole point of my reply is to counter the misconception that the GPL is never usable for commercial software. It has its place and its uses for that purpose, if used correctly.

              • (Score: 0) by Anonymous Coward on Tuesday September 08 2015, @02:20PM

                by Anonymous Coward on Tuesday September 08 2015, @02:20PM (#233782)

                GPLv2 doesn't even have a no-revocation clause. Licenses are revokable at will. The only hope for a non-revokable GPLv2 is that it is somehow a contract (where the parties have never met and there seems to be no consideration on atleast one side of the "agreement"....)... in-which case since its not fully-integrated extrinsic evidince can be brought in to show that, no, the rights-holders never intended derivative works to be able to be closed.

                GPLv3 was published for a reason

          • (Score: 2) by stormreaver on Tuesday September 08 2015, @01:35PM

            by stormreaver (5101) on Tuesday September 08 2015, @01:35PM (#233762)

            I'm reposting this because I didn't end the quote correctly. Here is what it should have been:

            Not saying anyone will ever make you change, but I think if you read the GPL carefully you will find that it demands that you make your modifications and improvements generally available....

            The GPL requires sources to be made available under any one of three circumstances, at my option. The one I choose under this model is the first one: providing full source code along with the compiled binary. At this point, my GPL obligations are fulfilled. I am under no obligation to provide sources to any one else.

            What you are probably referring to is option number 2: providing the binary, but not providing the sources. This option requires the sources to be made available to anyone who asks for them.

  • (Score: -1, Spam) by Anonymous Coward on Monday September 07 2015, @10:43AM

    by Anonymous Coward on Monday September 07 2015, @10:43AM (#233215)

    You'll never feel quite the same,

    When you get a whiff of my Hershey stains,

    I wanna poop on you too,

    I want to pee in your food,

    Only thing that makes my life complete,

    Is when I turn your face into a toliet seat,

    I want to pee on you,

    Yes I do, Yes I do I'll pee on you,

    I'll piss on you

  • (Score: 1) by eravnrekaree on Monday September 07 2015, @02:11PM

    by eravnrekaree (555) on Monday September 07 2015, @02:11PM (#233272)

    What a way to punish a billion dollar corporation, take i out on the rest of the community, many common everyday users, who don't have anything to do with the billion dollar corporation. This action, if i am not mistaken, it appears will not have any effect on the big corporation, it mainly will hurt small individual users.

  • (Score: 2, Interesting) by Anonymous Coward on Monday September 07 2015, @03:27PM

    by Anonymous Coward on Monday September 07 2015, @03:27PM (#233296)

    Grsecurity is a 4MB patch of the linux kernel. For 14 years now Brad Spengler and "PaxTeam" have released
    to the public a patch to the kernel that prevents buffer overflows, adds address space protection, adds
    Access Control List functions, prevents various other security related errors (the programs are terminated
    rather than allowed to write to protected memory or execute other flaws), aswell as various improvements
    shell servers might find useful such as allowing a user to only see his own processes (unless he is in
    a special group), and tracking the ipaddress associated with a particular process.

    Now Brad Spengler has announced that there will be no more public distribution of the stable GRSecurity
    patch of the linux kernel.

    Some supporters of GRSecurity have claimed that GRSecurity is not even a derivative work of the linux kernel
    and that Spengler may do whatever he wishes, including closing to code to all except those who pay him 200
    dollars per month. Detractors contend that GRSecurity is a derivative work, and have noted that it is not likely that the thousands of linux code contributors intended that derivative works be closed in this manner. Detractors have also noted the differences between copyright grants and alienations based on property law and those based on contract law, and that the linux kernel is likely "licensed" under contract law and not "licensed" under property law (to use the term loosely), and that this has implications regarding the relevancy of the intentions of the parties. Detractors have also noted that the agreement is not likely to be deemed fully integrated. Supporters of GRSecurity have then claimed that the linux kernel's license (GPLv2) is just a "bare license". Detractors then noted that licenses (creatures of property law) can be rescinded by the licensor at-will (barring estoppel), and in that case any contributor to the Linux Kernel code could rescind Brad Spengler's permission to create derivative works of their code at will, and that the GRSecurity Supporters should hope that Linux (and the GPL) is "licensed" under a contract and not a bare license.

    The whole situation stems from WindRiver, a subsidiary on Intel(R), mentioning that they use GRSecurity in their product. Brad Spengler wished for WindRiver to pay him a 200 dollars per month fee. Spengler then threatened to sue Intel under copyright law and trademark law. He, at that time, claimed that Intel was "violating the GPL" (a claim that has now been rescinded) and his trademark on the word "GRSecurity" (a claim which still stands but is currently not being pursued in court). Intel threatened to ask for legal cost reimbursement if Spengler brought this to court (Judges often reward this for spurious baseless claims to discourage excessive litigation).

    It has been noted that Brad Spengler's copyright claim is more-or-less non-existent, and his trademark claim is very weak and near non-existent (thus the threat for reimbursement of fees). In trademark law one is barred from, within a field of endeavor, conflating another persons trademark with ones own product one created. Here WindRiver (a subsidiary of Intel(R)) simply noted that it used the grsecurity patch in it's product: It did not create a brand new piece of code and call that "GRSecurity": It simply used what Spengler provided.

    In retaliation, Spengler has announced he is closing the stable grsecurity patch to all but those who pay him 200 dollars per month. (And notes that any other branch is not fit for human consumption)

    --

    More can be found at: grsecurity.org and http://grsecurity.net/announce.php [grsecurity.net]

    The text of the announcement:
    "Important Notice Regarding Public Availability of Stable Patches
    Due to continued violations by several companies in the embedded industry of grsecurity®'s trademark and registered copyrights, effective September 9th 2015 stable patches of grsecurity will be permanently unavailable to the general public. For more information, read the full announcement."

    • (Score: 2) by hemocyanin on Monday September 07 2015, @03:58PM

      by hemocyanin (186) Subscriber Badge on Monday September 07 2015, @03:58PM (#233316) Journal

      Sounds like he missed a marketing opportunity. "You know [randomMovieStar] uses [randomProduct] -- now you can too!!"

      • (Score: 0) by Anonymous Coward on Monday September 07 2015, @10:30PM

        by Anonymous Coward on Monday September 07 2015, @10:30PM (#233478)

        Instead we get: . "You know [randomMovieStar] used [randomProduct] -- now no one can!"

  • (Score: 0) by Anonymous Coward on Monday September 07 2015, @03:32PM

    by Anonymous Coward on Monday September 07 2015, @03:32PM (#233299)

    Spengler announced he is closing grsecurity, he will only distribute to those who pay him 200 dollars per month
    grsecurity is a derivative work of the linux kernel, which has 10000s of rights holders
    Spengler only has permission to modify the linux kernel at the grace of those rights holders
    either: through bare license (property law), or contract (contract law)
    licenses can be revoked at any time by the rights holder, provided he is not estopped from doing so
    thus a plaintiff, if linux is merely licensed (if the GPL and agreement is not a contract), can simply bar him and then seek statutory damages if he continues to create derivative works (100k+ per violation)
    if the GPL and the agreement which allows Spengler to modify the copyrighted work is a contract, then we proceede under contract law
    here first we look to if the document is fully integrated or not, the linux documentation, and the GPL makes no mention of this
    but since the linux kernel is under GPL, it's ok to distribute copies of his work for a fee, as long as the source code is published isn't it?
    He is not publishing the source code.
    He is keeping it closed, except to people who pay 200 a month
    since there is no integration clause we can likely bring in extrinsic evidence to show that the rights holders never intended that someone may close a derivative work as such
    when a contract is not fully integrated, evidence to the intentions of the parties, their state of mind, usage in trade of terms, etc can be brought in, even if they contradict the written terms of the agreement.
    Now, if the GPL is neither a license, and if it also does not satisfy the elements of a contract (perhaps there is no meeting of the minds, or more likely one party has not given anything up), then Spengler is simply violating copyright

  • (Score: 0) by Anonymous Coward on Monday September 07 2015, @03:35PM

    by Anonymous Coward on Monday September 07 2015, @03:35PM (#233301)

    http://oxwugzccvk3dk6tj.onion/tech/res/346860.html [oxwugzccvk3dk6tj.onion]
    http://pipedot.org/pipe/K33M [pipedot.org]

    11:01 -!- Irssi: Starting query in OFTC with secondparty
    11:01 [secondparty] hello
    11:01 [secondparty] I'm sorry I don't understand what is reproached to grsec team?
    11:04 [Prty1] read the links
    11:05 [Prty1] Spengler announced he is closing grsecurity, he will only distribute to those who pay him 200 dollars per month
    11:05 [Prty1] grsecurity is a derivative work of the linux kernel, which has 10000s of rights holders
    11:05 [Prty1] Spengler only has permission to modify the linux kernel at the grace of those rights holders
    11:06 [Prty1] either: through bare license (property law), or contract (contract law)
    11:06 [Prty1] licenses can be revoked at any time by the rights holder, provided he is not estopped from doing so
    11:07 [Prty1] thus a plaintiff, if linux is merely licensed (if the GPL and agreement is not a contract), can simply bar him and then seek statutory damages if he continues to
    create derivative works (100k+ per violation)
    11:08 [Prty1] if the GPL and the agreement which allows Spengler to modify the copyrighted work is a contract, then we proceede under contract law
    11:08 [Prty1] here first we look to if the document is fully integrated or not, the linux documentation, and the GPL makes no mention of this
    11:09 [secondparty] but since the linux kernel is under GPL, it's ok to distribute copies of his work for a fee, as long as the source code is published isn't it?
    11:11 [Prty1] He is not publishing the source code.
    11:11 [Prty1] He is keeping it closed, except to people who pay 200 a month
    11:11 [secondparty] oh I see
    11:11 [Prty1] anyway
    11:12 [Prty1] since there is no integration clause
    11:12 [Prty1] we can likely bring in extrisic evidence to show that the rights holders never intended that someone may close a derivative work as such
    11:13 [Prty1] when a contract is not fully integrated, evidence to the intentions of the parties, their state of mind, usage in trade of terms, etc can be brought in, even if
    they contradict the written terms of the agreement.
    11:14 [Prty1] Now, if the GPL is neither a license, and if it also does not satisfy the elements of a contract (perhaps there is no meeting of the minds, or more likely one
    party has not given anything up), then Spengler is simply violating copyright
    11:14 [secondparty] i see
    11:14 [secondparty] I'm so sad :(
    11:14 [Prty1] He, and all of free/opensource software, may very well be relying only on good will, which Spengler clearly is violated
    11:15 [Prty1] secondparty try to get the message through to spengler, and ask him to change course. He may dismiss this as "trolling" but I've been through lawschool, graduated,
    he has not.
    11:17 [secondparty] I will
    11:18 [secondparty] are you sure selling a patch for a GPL software without publishing source code is an infridgement to the GPL?
    11:18 [secondparty] I mean he doesn't publish the linux kernel code along with his patches, just the patches themselves
    11:19 [Prty1] secondparty the agreement, if one exists, may extend to more than the language within the document (GPL)
    11:19 [Prty1] He is, if you will, "hanging on a technicality", and perhaps not the actual agreement between he and the parties
    11:19 [Prty1] often this is known as "bad faith"
    11:21 [Prty1] The FSF is not a party to this agreement, nor is the "GPL" (it is not the GPL that is being infringed against, it is the rights holders to the copyrighted work).
    The GPL is a document adopted by the rightsholders to, in part, describe the relationship between the parties.
    11:22 [secondparty] what kind of law school have you followed? Is it specialized in software, open source license etc?
    11:23 [Prty1] secondparty the granting of permission to use a copyrighted work is based on either property law or contract law
    11:24 [Prty1] Under property law, a holder of title may license a person to use their property (real or personal)
    11:24 [Prty1] this is called a license
    11:24 [secondparty] yeah I agree with this point, but "We don't know for sure what constitutes a derivative work in software. No one has truly tested this definition. The GPL
    implies that a derivative work is one that is linked, statically or dynamically, with the original work. Yet this might change with GPL v3. "
    11:24 [Prty1] (the term of art in copyright litigation is "bare license")
    11:25 [Prty1] Licenses can be revoked at any time by the owner.
    11:26 [Prty1] (unless he is estopped by his own words: ie he promised he would allow the licensee to build a garden in spot X, and then tries to sell a license to a 3rd party
    to build a road through that garden)
    11:26 [Prty1] So you don't want the GPL to be a "bare license"
    11:26 [Prty1] You want it to be a contract, some of which are irrevokable.
    11:27 [Prty1] GRSecurity is clearly a derivative work, there is no argument there.

    11:27 [secondparty] I'm not saying it is not, I just have no clue
    11:27 [secondparty] could you help me prove this is derivative work
    11:27 [secondparty] to me it feels like some author A publish a book, then author B publish some addendum to this book, it shouldn't impact the original author rights
    11:28 [secondparty] doesn't it?
    11:29 [Prty1] If Author A publishes a work, and then Autor B publishes an edited version of that work, it is clearly derivative
    11:29 [secondparty] no
    11:29 [secondparty] what I meant
    11:29 [secondparty] was like
    11:29 [Prty1] We don't need to test the edge cases here
    11:29 [secondparty] well I'm not trying to troll or anything, I'm really just trying to see clearly
    11:30 [Prty1] But yes, if you publish an addendum to a book, it is a derivative work: it uses the same characters, the same settings, etc.
    11:30 [secondparty] doesn't have to
    11:30 [Prty1] If you published an addendum to a Micky Mouse story, you would be violating Disneys Copyright.
    11:30 [secondparty] I could publish a book saying author A forgot to mention a point in his book, here the point he missed
    11:31 [secondparty] without revealing anything of A's book
    11:31 [Prty1] Anyway, GRSecurity is a derivative work, don't worry about it.
    11:31 [secondparty] to me a patch feels the same
    11:31 [Prty1] well you're wrong, as I said, lay opinion.
    11:31 [secondparty] could you point me to a law article that proves grsecurity is derivative work?
    11:31 [Prty1] Nope.
    11:31 [secondparty] grsecurity or anything that is just a patch for a GPL software
    11:32 [Prty1] Unless you'll pay for westlaw or nexuiz lexis subscription.
    11:32 [Prty1] (paywalled)
    11:32 [secondparty] you mean I need to pay for you to give me this information?
    11:32 [Prty1] I don't currently have a subscription/
    11:33 [Prty1] But yes, you have to pay to access public court documents, let alone copyrighted law articles.
    11:33 [Prty1] Same in science.
    11:33 [Prty1] Anyway let us say you took someone's book, and then you edited in 4 million places (the book is 20 million places long)
    11:34 [secondparty] seems weird to have to pay for knowing a law everyone is assumed to know
    11:34 [Prty1] then you published your new book
    11:34 [secondparty] that's not what spender is doing
    11:34 [Prty1] obviously that is a derivative work
    11:34 [Prty1] now
    11:34 [Prty1] let us say you compiled just your edits
    11:34 [secondparty] he doesnt' publish the full book, only his modification to the book
    11:34 [Prty1] let us say you compiled just your edits
    11:34 [Prty1] and information on how to apply that to the original book
    11:34 [Prty1] That too is a derivative work.
    11:35 [Prty1] you cannot hang on a technicality here
    11:35 [Prty1] just think of the word "derivative" in your mind
    11:35 [Prty1] "Can this work stand alone" ask even?
    11:35 [Prty1] no it cannot.
    11:36 [Prty1] Just as a celing beam cannot stand without a foundation, walls, etc, to hold it up.
    11:38 [Prty1] secondparty: I think this discussion might be useful to others, may I publish it?
    11:39 [Prty1] [secondparty] seems weird to have to pay for knowing a law everyone is assumed to know [--- That's why the subscriptions cost so much :(
    11:40 [secondparty] I dont' mind as long as you remove my nick
    11:41 [Prty1] Ok, thanks

  • (Score: 0) by Anonymous Coward on Monday September 07 2015, @03:40PM

    by Anonymous Coward on Monday September 07 2015, @03:40PM (#233306)

    -!- Irssi: Starting query in OFTC with ryao
    23:14 [ryao] If you are an attorney, then here is some advice. Others in the channel know that the trademark case is weak. We just keep our
                              mouths shut.
    23:15 [cylinder] I don't.
    23:15 [cylinder] Because once you stop publishing grsec, I'm not on your side.
    23:15 [ryao] How is that?
    23:15 [cylinder] Linux is worthless without grsec.
    23:16 [ryao] I don't understand how his mind works. I am not going to tell him what is right and wrong as he is smart enough to learn the
                              hard way.
    23:16 [cylinder] (Atleast on the net)
    23:16 [ryao] You cannot force him to provide you with patches.
    23:16 [cylinder] If he learns the hard way he'll just quit grsec dev completely
    23:17 [cylinder] He can be forced to stop working on derivative works of linux alltogether, even in his own home.
    23:17 [ryao] Arguing in the channel isn't going to help.
    23:17 [cylinder] If he doesn't have permission, then statutory damages apply.
    23:17 [ryao] Ah, yeah. The GPL has a clause about something like that, but only if he violates it.
    23:17 [ryao] Can you claim that he is in violation?
    23:18 [cylinder] ryao is the GPL a fully integrated document?
    23:18 [ryao] My understanding is yes.
    23:18 [cylinder] It isn't
    23:18 [ryao] Have you read it?
    23:18 [cylinder] no integration clause.
    23:18 [cylinder] yes
    23:18 [cylinder] v2
    23:18 [ryao] Okay. Maybe I do not understand what a fully integrated document is.
    23:18 [cylinder] ryao in lay terms, the document claims it covers all bases of the agreement etc
    23:19 [cylinder] you need an integration clause for that
    23:19 [ryao] Okay. Then no.
    23:19 [cylinder] also your contract then usually is about a book in length
    23:20 [cylinder] ok, then we can bring in extrinsic evidence to define the terms of the agreement between the various rights holders to
                                      linux, and spengler.
    23:20 [cylinder] basically: filling in all that the document leaves out
    23:20 [ryao] Hmm.. I don't see the clause I recall about revoking rights. Tha tmust be under something else.
    23:20 [cylinder] (it can even be adverse to the written text of the document, at times)
    23:21 [ryao] Quite frankly, I think Spengler's trademark case is weak because he failed to file for a trademark.
    23:21 [cylinder] If the rightsholders did not intend for derivative works to beable to be closed in this case, and this can be shown, then
                                      spengler is in violation of their copyright
    23:21 [cylinder] and liable for statutory damages
    23:21 [ryao] I also think he is upset mostly about the patches being integrated without proper updates to resolve issues.
    23:22 [cylinder] now that is _IF_ the GPL is a contract
    23:22 [cylinder] if it's just a license, any one of them can revoke spenglers permission at will
    23:22 [ryao] My understanding is that you can make any derived works you want and do whatever you want with them provided that you do not
                              redistribute them.
    23:22 [cylinder] (unless estopped)
    23:22 [ryao] s/derived/derivative/
    23:22 [cylinder] ryao yes I know, that's the lay interpretation.
    23:22 [cylinder] and I'm telling you it's wrong.
    23:22 [ryao] If he makes derivative works and attempts to attach additioanl terms, that is a problem.
    23:23 [ryao] How is that wrong?
    23:23 [cylinder] because you don't take into account the foundations of how one grants permission
    23:23 [cylinder] Copyright restricts the right of others to copy or modify the work.
    23:23 [cylinder] by what operation of law can one grant permission?
    23:23 [cylinder] Property law and Contract law
    23:24 [cylinder] only under contract law can you really make an irrevokable grant or permit.
    23:24 [cylinder] (you can do almost anything under contract law: it's all agreements between parties)
    23:24 [cylinder] but, as I said before, then we look to extrinsic evidence to flesh out the full terms of the agreement
    23:25 [cylinder] (since the four corner rule does not apply, not being a fully integrated agreement)
    23:25 [cylinder]
    23:25 [ryao] Wouldn't this be covered by modification? Also, does any of this apply if he just keeps his changes to himself?
    23:26 [cylinder] Strike your first question because we are "below" the area of whatever is in the agreement or license.
    23:26 [cylinder] Yes it applys if he keeps his changes to himself.
    23:26 [ryao] Seriously, everyone developing GPL software has modified versions that aren't necessarily published. Some are bad and others
                              just do not have the time to publish them.
    23:26 [ryao] If this is the case, developing GPL software as a community effort is not possible.
    23:26 [cylinder] If he has no license, and no contract or has violated the contract, he may not modify the copyrighted work
    23:26 [cylinder] 23:26 [ryao] If this is the case, developing GPL software as a community effort is not possible.
    23:26 [cylinder] Bingo
    23:27 [cylinder] Only by good will
    23:27 [ryao] That would apply to Linux kernel development too.
    23:27 [cylinder] which is why I wish someone would ask spengler not to close grsec.
    23:27 [ryao] Which means every Linux kernel developer is in violation.
    23:27 [cylinder] :) now you're seeing it
    23:27 [ryao] Myself included. we all have versions of Linux that were not published.
    23:27 [cylinder] is that the future spengler wants?
    23:28 [ryao] I think this is reductio ad absurdem.
    23:28 [cylinder] ryao would you like other's opinions on opensource "licenses"?
    23:28 [cylinder] when you build your house on sand....
    23:28 [ryao] The GPL was never intended to force people to publish derived works for internal use. There are plenty of legal departments
                              that have said that this is fine. Facebook for instance has modified MySQL code that they do not share.
    23:28 [cylinder] I'd rather there not be a reason to test these things in court.
    23:29 [cylinder] But if spengler wants it to be so, we can do so.
    23:29 [ryao] This line of reasoning is absurd. Requirements on source disclosure only apply to distribution. If you don't distribute, you
                              do not need to disclose source.
    23:29 [cylinder] The whole thing can be invalidated.
    23:29 [cylinder] believe that if you wish.
    23:30 [cylinder] But you might want to read some case books etc.
    23:30 [ryao] That is the thinking of everyone involved in OSS, including their attorneys.
    23:30 [cylinder] it doesn't matter.
    23:31 [cylinder] This is a worst case senario, where the case could go.
    23:31 [cylinder] It could also be decided the GPL is a bare license (not so good either)
    23:31 [ryao] I think a meteorite striking every Linux kernel developer on the planet is more likely.
    23:31 [cylinder] or a contract (best IMHO, then can bring in extrinsic evidence)
    23:32 [cylinder] ryao that's why you're known as a lay person: you're just ignorant.
    23:32 [ryao] I have spoken to attorneys who are willing to have their bar numbers verified.
    23:32 [cylinder] Doesn't it suck when behind each door lays a trap?
    23:32 [ryao] Not about Spengler's case though.
    23:32 [cylinder] They want work.
    23:33 [ryao] I don't think any judge is going to disagree with all of the legal thinking on the matter. Your position is unique.
    23:33 [ryao] Also, there is a matter of jurisdiction too. Law is different in different places.
    23:34 [ryao] Maybe this might apply where you practice law (although I cannot confirm that you actually do), but I do not think it will
                              apply in any jurisdiction where this case might be held.
    23:34 [ryao] If it is held... it is weak.
    23:34 [ryao] And I don't think you have a case either. You don't hvae copyright on anything in the kernel from what I know so far.
    23:34 [cylinder] Here's an online resource you can read, it's from AU, but the basics are the same in the US and the UK:
    23:34 [cylinder] http://www.ilaw.com.au/public/licencearticle.html [ilaw.com.au]
    23:35 [ryao] You are also incredibly unlikely to fnd someone with copyright to join you on your crusade.
    23:36 [cylinder] here's a US one on license vs contract:
    23:36 [cylinder] http://www.law.washington.edu/lta/swp/law/contractvlicense.html [washington.edu]
    23:37 [ryao] Licenses grant rights. Contracts are agreements with signatures.
    23:37 [cylinder] The law is very similar though, the difference is that Copyright is granted by Constitution-]Statute in the US, and simply
                                      parlimetary staute in the UK and AU. (Originally royal patent in the UK IIRC)
    23:37 [cylinder] ryao licenses can be revoked at will.
    23:37 [cylinder] property law 101.
    23:38 [cylinder] who ever told you a signed writing was needed for a contract?
    23:38 [ryao] http://www.smashingmagazine.com/2010/03/a-short-guide-to-open-source-and-similar-licenses/ [smashingmagazine.com]
    23:38 [ryao] "A) ?Rights are perpetual?.. so are the BDSs, the GPL and MIT since they all have recurring ?anything derived from this has to
                              have this copyright notice?. Only one that doesn?t have this perpetuity is the LGPL license seems."
    23:39 [cylinder] lol
    23:39 [cylinder] hahhaha
    23:39 [cylinder] grasp at straws
    23:40 [cylinder] Why can't I even find the word estoppel in that short "guide" lol
    23:40 [cylinder] I mean if they're going to make THAT claim...
    23:41 [cylinder] ][ryao] You are also incredibly unlikely to fnd someone with copyright to join you on your crusade.
    23:41 [cylinder] Lot of people may be pissed about what Spender is doing with their work.
    23:41 [cylinder] just need one.
    23:42 [ryao] Mind if I revoke your right to use Linux under your theory?
    23:42 [cylinder] If you want to test it in court :)
    23:43 [cylinder] I'll help you win
    23:43 [ryao] To revoke your ability to use Linux?
    23:43 [cylinder] then I'll use that precidence against spengler
    23:43 [cylinder] (please be in same juristiction, please be in same juristiction)
    23:44 [ryao] I don't think you would win either way against spengler if you weren't able to use Linux. Even if you win, you would still
                              lose.
    23:44 [cylinder] Lot easier to throw a case than to win a case :)
    23:44 [cylinder] ryao: all you linux people are pro-women's rights SJWs
    23:44 [ryao] You wouldn't be able to use GRSecurity even if he changed his practices.
    23:44 [cylinder] I'd be happy to help you lose it all.
    23:44 [ryao] I think you are nuts. :/
    23:45 [cylinder] I think I want to marry a nice young girl child like is allowed under the Old Testament
    23:45 [cylinder] (Deuteronomy 22 28-29, hebrew)
    23:45 [cylinder] but SJWs like you-all banned that in 1870s.
    23:46 [cylinder] So if I could just get that sand to sweep away beneath your feet, I would become somewhat happy while what you had
                                      crumbled.
    23:47 [cylinder] But what do I know about the law. I am just a.... hellishly fat, ignorant-of-the-law, never-coded-anything for the last 14
                                      years, nor contributed any media, etc etc, troll, right :)
    23:47 [cylinder] That's what everybody tells me.
    23:48 [cylinder] Such conflicts with my memories, and eyes, but ohwell.

  • (Score: 0) by Anonymous Coward on Tuesday September 08 2015, @02:48AM

    by Anonymous Coward on Tuesday September 08 2015, @02:48AM (#233588)

    20:51 -!- Channel #nottor created Mon Sep 15 22:59:50 2008
    20:51 [ greg] We've been discussing locating plaintiffs to bring suit on the issue of Brad Spengler of GRSecurity once he closes his derivative work (with some new discussions):
    20:51 [ greg] https://soylentnews.org/article.pl?sid=15/09/07/040206 [soylentnews.org] http://pipedot.org/pipe/KPRX [pipedot.org]
    20:51 [ greg] http://oxwugzccvk3dk6tj.onion/tech/res/346860.html [oxwugzccvk3dk6tj.onion] http://pipedot.org/pipe/K33M [pipedot.org]
    20:51 [ greg] If you've not been taught the law, don't try to debate the legal merits of the case and show yourself to be a lay fool, please.
    20:51 [ virus] matt green from john hopkins unleashed his ph.d's students and himself and could not find an issue with crpyto
    20:51 -!- Irssi: Join to #nottor was synced in 14 secs
    20:51 [ coderman_] "bring suit on the issue of Brad Spengler of GRSecurity" ?
    20:51 [ cacahuatl] Yeah, they were here yesterday flooding it
    20:51 [ coderman_] is this like suing Theo under tort?
    20:51 [ Wax] the khan academy lawyer is back
    20:51 [ coderman_] :P
    20:52 [ virus] lol
    20:52 [ cacahuatl] They say that Linux contributers can sue him
    20:52 [ virus] for?
    20:52 [ cacahuatl] mumble mumble mumble
    20:52 [ coderman_] Gee Pee Elll violashionz
    20:52 [ greg] virus: read the links, the case is set out there.
    20:53 [ cacahuatl] it's a case that doesn't improve anything
    20:53 [ greg] the people here don't know the difference between a license and a contract.
    20:53 [ virus] no seriously for what giving a shit about linux security when the kernel dev's themselves don't
    20:53 [ cacahuatl] just for greedy law students to try and make money
    20:53 [ greg] virus: Spengler has announced he is closing the stable patch.
    20:53 [ coderman_] greg wants help grinding this axe
    20:53 * coderman_ *sparks fly*
    20:53 [ wgreenhouse] greg: I have been taught the law and think the case is without merit. The "contract theory of copyright" argument is blown apart by federal preemption; something that is adjudicated by a federal court as a copyright license stands or falls on that basis; you don't get to try it again as a state-law contract. Res judicata.
    20:54 [ wgreenhouse] greg: also you have no damages yet, even hypothetical ones.
    20:54 [ greg] if Linux is merely licensed, then any rightsholder can revoke it
    20:54 [ virus] greg: i read that a week or so ago but it was because of lack of funds and the abuse of commercial interest with the product no?
    20:54 [ greg] wgreenhouse: statutory damages.
    20:54 [ ncl] I wonder why people keep taking him seriously when he's been spamming this for days
    20:54 -!- tdruiva [~tdruiva@0SGAADOT8.tor-irc.dnsbl.oftc.net] has quit [Quit: Leaving]
    20:54 [ coderman_] [greg] the truthiness of my agitation shall be leverage enough! bow to me, Mad Spender!
    20:54 -!- tdruiva [~tdruiva@relay2.tor.maximilian-jacobsen.com] has joined #nottor
    20:54 [ greg] wgreenhouse: Contract theory of copyright helps brad slightly, bare license is fine.
    20:55 [ wgreenhouse] greg: None yet. You only have damages if requests for source are not honored; at the moment, and based on my reading of GRSec's "ultimatum," it looks like they'd simply direct you to the git repo.
    20:55 [ wgreenhouse] which is a valid response to GPL requirement that source be available on request
    20:55 [ greg] grsec is a derivative work.
    20:55 [ wgreenhouse] it doesn't have to be made available in your preferred form, i.e. .patch files.
    20:55 [ cacahuatl] Ask yourself: Who wants to see grsec fail?
    20:55 [ greg] the stable patches are a derivative work.
    20:55 [ cacahuatl] Then ponder on "greg"s motives :P
    20:55 [ wgreenhouse] greg: I concede that. The question is if they are infringing derivative works. Right now, they are not.
    20:55 [ greg] the git repo is another version of that derivative work.
    20:56 [ wgreenhouse] No, it's a series of versions of that derivative work, including the stable patches
    20:56 [ wgreenhouse] as release tags
    20:56 [ Wax] he wants grsec to fail so kernel devs can do security correctly
    20:56 [ greg] wgreenhouse: you really want Linux to be merely licensed so any rights holder can recind at any time?
    20:56 [ cacahuatl] lol except they won't
    20:56 [ wgreenhouse] So I think you have and will have no damages.
    20:56 [ greg] Please answer me this.
    20:56 [ greg] we will have statutory damages
    20:56 [ greg] 100k per violation
    20:57 [ cacahuatl] So you think Spender should just delete grsec?
    20:57 [ wgreenhouse] greg: That's only if there is infringement, which requires interpreting the license. And your interpretation is nonsense.
    20:57 [ wgreenhouse] greg: Copyright licenses are enormously powerful. Strict liability for infringement is a great thing to have.
    20:57 [ wgreenhouse] You lose that if the GPL becomes a state-law contract.
    20:57 [ greg] No we do not
    20:57 [ virus] isn't he stopping release of stable because of infringment and lack of funds to pursue
    20:57 [ wgreenhouse] Yes, you do. You cannot have it both ways.
    20:58 [ greg] if Linux is licensed under a contract, it certainly isn't fully integrated
    20:58 [ greg] no four corners doctrine
    20:58 [ cacahuatl] virus: Right, it's not about money though.
    20:58 [ wgreenhouse] greg: Which means that unintegrated terms would be inferred from conduct, which is not necessarily in the LF's favor.
    20:58 [ wgreenhouse] greg: depends on the whims of your crazy state court judge
    20:58 [ cacahuatl] grsec has always run on a shoestring budget for the work it produces
    20:58 [ cacahuatl] like gpg
    20:58 [ wgreenhouse] greg: and then that crazy judgment could be imposed elsewhere
    20:58 [ greg] then we show the usage in trade, course of dealing, and intent of the parties. It is unlikely that it was intended that the code ever be closed.
    20:59 [ greg] Contract is fine too thusly.
    20:59 [ wgreenhouse] greg: You're comfortable leaving that decision to a state court in a forum chosen by the defendant?
    20:59 [ wgreenhouse] as opposed to strict copyright liability?
    20:59 [ wgreenhouse] you're an idiot.
    20:59 [ greg] Yes, outcome doesn't affect me.
    20:59 [ ncl] zzz
    21:00 [ wgreenhouse] greg: Then you have, quite frankly, no business soliciting plaintiffs :D
    21:00 [ cacahuatl] greg just wants to scam money out of people who want to scam money out of grsec
    21:00 [ virus] greg wouldn't under your interpretation every dev for any project under GPL that stopped working on it or shut it down altogether be liable in the same way despite intention or motive
    21:00 [ coderman_] it might get funny again, ncl
    21:00 [ wgreenhouse] greg: Thanks for admitting that you don't care about the outcome in terms of the stability of adjudicating copyright licenses, though.
    21:00 [ greg] wgreenhouse: if the outcome affected me, I'd pray I was a plaintiff.
    21:00 * coderman_ keeps hope alive
    21:00 [ greg] wgreenhouse: suggest to spengler that he reverse course then.
    21:00 [ wgreenhouse] greg: If the outcome doesn't affect you, then why are you rabidly preaching this minority theory?
    21:01 [ greg] wgreenhouse: I hate when the devil doesn't get his due.
    21:01 [ greg] and OSS is a deal with the devil.
    21:01 [ wgreenhouse] greg: I think what Spengler proposes to do is valid, so long as he makes some version of the stable patch source available. That doesn't have to be the .patch files; the git repo would suffice.
    21:01 [ cacahuatl] lolwat
    21:01 [ cacahuatl] okay 100% troll now
    21:01 [ greg] You agree to give away your best years for nothing.
    21:01 [ virus] instead of sueing we should be fundraising for the project
    21:01 [ wgreenhouse] greg: Then he's basically charging for the privilege of running git format-patch
    21:01 [ cacahuatl] LOL
    21:01 [ greg] and many others are convinced to do the same.
    21:01 [ cacahuatl] For nothing!
    21:01 [ virus] greg we volunteer silly
    21:01 [ cacahuatl] Spoken like a true capitalist
    21:02 [ wgreenhouse] greg: ...okay, so you're kind of admitting that this business of interpreting the GPL as a contract is an attempt to kill the GPL.
    21:02 [ cacahuatl] No sense of improvement for all people
    21:02 [ virus] no one is forcing us to dev anything
    21:02 [ greg] I'm an OSS contributor too, but I recognise what it is.
    21:02 [ cacahuatl] It's about $$$
    21:02 [ wgreenhouse] by subjecting it to conflicting state-court interpretations
    21:02 [ cacahuatl] greg: You're not
    21:02 [ ncl] [ cacahuatl] okay 100% troll now
    21:02 [ ncl] wow
    21:02 [ ncl] you dont say
    21:02 [ greg] wgreenhouse: interpreting it as a license would kill it deader than as a contract
    21:02 [ greg] licenses can be recinded at will, barring estoppel.
    21:02 [ wgreenhouse] greg: I disagree; it's perfectly valid as a license. Busybox among others have litigated it quite successfully in US courts.
    21:02 [ greg] you don't want it to be a license
    21:03 [ cacahuatl] greg: Can we see your license to practise law and such, please?
    21:03 [ greg] wgreenhouse: they've only scratched the surface, no one attacked the foundations.
    21:03 [@ruds] Is this the same troll from yesterday?
    21:03 [ cacahuatl] Yeah
    21:03 [ wgreenhouse] greg: GPL3 is explicitly irrevocable. I'd rather see people move on to that
    21:03 [ cacahuatl] Same troll
    21:03 [ wgreenhouse] than the world decide that the GPL is not a license.
    21:03 [ greg] wgreenhouse: I'm aware linux is under v2 of the GPL
    21:03 [ greg] so don't try to pull that
    21:03 [ greg] and no any later version clause.
    21:04 [ virus] greg: ok wait so what are you trying to "advocate" for exactly give me your perfect senario
    21:04 [ greg] Linux will never be relicensed due to the dead former contributors who's estates hold the rights now.
    21:04 [ wgreenhouse] greg: Not "pulling" anything; I realize that about Linux. There probably would've been no grsec in the first place without that.
    21:04 [ greg] wgreenhouse: please advide spengler to reverse course.
    21:04 [ greg] *advise
    21:05 [ cacahuatl] Or don't
    21:05 [ wgreenhouse] greg: I have no sway over him
    21:05 [ cacahuatl] You know, it's up to you
    21:05 [@ruds] It is advised to ignore
    21:05 [ greg] wgreenhouse: teach him about license vs contract.
    21:05 [@ruds] Once he takes up the whole chat I will kick
    21:05 [ wgreenhouse] greg: It's a license. It's not a contract. There's no consideration.
    21:05 [ virus] yea greg: how exactly do you propose we do that?
    21:05 [ greg] wgreenhouse: then it's revokable at will.
    21:06 [ wgreenhouse] greg: Maybe so. Another reason to use GPL3 for all your future projects.
    21:06 [ wgreenhouse] :)
    21:06 [ wgreenhouse] You should anyway
    21:06 [ greg] wgreenhouse: we do
    21:06 [ greg] dual licensed v2 and v3
    21:06 [ greg] :)
    21:06 [ wgreenhouse] greg: good. you're covered then.
    21:06 [ wgreenhouse] I don't see there being any benefit to giving up strict liability and the Berne Convention
    21:07 [ greg] wgreenhouse: ill be back in abit, nice talking to you
    21:07 [ wgreenhouse] greg: No, don't come back.
    21:07 [ wgreenhouse] greg: Not until you've stopped advocating for something you don't understand and have no stake in.
    21:07 [ virus] wow that was a crazy trainwreck of a discussion holy hell
    21:07 [ greg] wgreenhouse: atleast you realise the precarious situation GPLv2 is in
    21:08 [ xeb] I RIDED THE CHATS PONY AND IT POO EVERYWHERE!
    21:08 [ virus] we all do at least as dev's that's y v3 came out
    21:08 [ xeb] what's the craic but?
    21:08 [ greg] and thus spengler's buisness plan of closing the stable patch of the derived work.
    21:08 [ xeb] oh lol licensing
    21:08 [ cacahuatl] troll pretending to be a lawyer
    21:08 [ xeb] spender is butthurt because everyone's an idiot
    21:08 [ xeb] and some of the idiots are also quite rude
    21:08 [ xeb] and he's right on both counts
    21:08 [ xeb] and linux doesn't deserve grsec
    21:08 [@ruds] I would kick but you guys seem to be enjoying this conversation
    21:08 [ xeb] and humans don't deserve nice things. film at eleven
    21:08 [ xeb] shup ruds
    21:08 [ greg] So you all see that wgreenhouse agrees with me on the points I've been making
    21:08 [ ncl] ? YOU ARE AN IDIOT ?
    21:09 [ virus] xeb: probably the truest thing said
    21:09 [ greg] but still you don't understand it
    21:09 [ cacahuatl] greg: You're still either a dull troll or a scammer
    21:09 [@ruds] It seems this chat needs to calm down
    21:09 -!- mode/#nottor [+m] by ruds
    21:09 [ greg] GPLv2 being a license means spenglers permission to modify linux can be revoked at will by any rights holder
    21:09 -!- #nottor Cannot send to channel

  • (Score: 0) by Anonymous Coward on Tuesday September 08 2015, @02:22PM

    by Anonymous Coward on Tuesday September 08 2015, @02:22PM (#233783)

    Imagine if someone claimed copyrightable works and the alienation thereof, had nothing to do with property law, and infact were not property, and they just kept banging on that.

    You try to explain to them that there is realty, personal property, and intellectual property (copyrighted works specifically), and that you grant rights to these via license (under property law) or contract.

    And that licenses are revokable at the will of the licensor.

    And that v2 of the GPL does not have a no-revokation clause, so you really want to argue it's a contract (which it isn't...), otherwise spengler's permission to modify the linux kernel can be revoked at will by any plaintiff (linux kernel contributor).

    Then the person you're talking to says "you can't copyright land", and just keeps repeating that and "hahaha".

    #grsecurity
    irc.oftc.net

  • (Score: 0) by Anonymous Coward on Wednesday September 09 2015, @03:45AM

    by Anonymous Coward on Wednesday September 09 2015, @03:45AM (#234065)

    US 1976 Copyright Act
    SS 304(c)(6)(A)
    "A derivative work prepard under authority of the grant before its termination may continue to be utilizd under the trms of the grant after its termination, but this privledge does not extnd to th preparation after the termination of other derivative works based upon the copyrightd work covered by the terminated grant."

    IE: Once the permission to modify linux is revoked, no furthur work on grsecurity may commence: it's over.

  • (Score: 0) by Anonymous Coward on Wednesday September 09 2015, @02:26PM

    by Anonymous Coward on Wednesday September 09 2015, @02:26PM (#234245)

    Still not one legal counter argument presented! Just handwaves that even put in scare quotes the idea of revocation, something central and fundamental to the issuance of licenses in property law.

    >So, again, your 'revocation' is fundamentally incompatible with the GPL. Nothing grsecurity is doing is violating the GPL, and your fantasy land 'revocation' would itself be a violation of the GPL.

    "I, a lay techi faggot said so, and thus it is so, I don't need years of training in the law: I'm a genius, look at these square glasses!"

    Why you're wrong has been stated above, you have yet to refute any of it with legal arguments. All you've done is cite press releases with no information, and a case that is not on-point at all (derrrr it be using duhh same lycennsue sooo derrrrrrr it must ddeeeuuuuuhhhhhh be speakin dUUUHHHH to eheheh dee same issueee EHHhhshsh) Yea, we get it, you're not a student of the law. You are just a lay piece of shit FUCK.

    > 6. Each time you redistribute the Program (or any work based on the
    Program), the recipient automatically receives a license from the
    original licensor to copy, distribute or modify the Program subject to
    these terms and conditions. You may not impose any further
    restrictions on the recipients' exercise of the rights granted herein.
    You are not responsible for enforcing compliance by third parties to
    this License.

    The ability of a copyright holder to rescind a license is not a restriction on the recipient: it is a right, as of law, of the rights-holder. Secondly the You spoken of here is not the original copyright holder but the manufacturer of the derivative work or a intermediary recipient. A license is a grant from the rightsholder to others to use his property, this document is read as if the rightsholder was speaking it to you (or whomever the second party is). Basic stuff, obvious from the language.

    As I said, no training in the law on your side, you're even citing things that do not help you at all since you do not understand their basis.

    Sorry SJW piece of shit. You didn't go through law school, you don't even know the edges of the law, and you are wrong. You can believe the FSF all you want; they have an interest in hiding the truth. I'd be happy for your whole edifice to crumble as that would hurt you pro-women's rights, anti-marry-young-girls pieces of filth.

    >I try not to put too much effort into arguing with the schizophrenic on anonymous imageboards, especially you MikeeUSA.

    Not a legal argument you piece of shit. Not one. Just handwaves and insults. :)