SoylentNews is people
SoylentNews
https://www.itwire.com/open-source/linux-kernel-patch-maker-says-court-case-was-only-way-out.html
The head of security firm Open Source Security, Brad Spengler, says he had little option but to file a lawsuit against open source advocate Bruce Perens, who alleged back in 2017 that security patches issued for the Linux kernel by OSS violated the licence under which the kernel is distributed.
The case ended last week with Perens coming out on the right side of things; after some back and forth, a court doubled down on its earlier decision that OSS must pay Perens' legal costs as awarded in June 2018.
The remainder of the article is an interview with Brad Spengler about the case and the issue.
iTWire contacted Spengler soon after the case ended, as he had promised to speak at length about the issue once all legal issues were done and dusted. Queries submitted by iTWire along with Spengler's answers in full are given below:
Previously:
Court Orders Payment of $259,900.50 to Bruce Perens' Attorneys
(Score: 2) by Immerman on Monday February 17 2020, @08:38PM (6 children)
But (it sounds like) they *aren't* putting any other restrictions on redistributing the code - that's the point. They give you the code under the GPL, and freely acknowledge that you can redistribute it under the same terms. Nothing in their contract limits that in any way.
Basically, there's nothing stopping someone from entering into a GRSecurity contract, getting the code, and immediately sharing that code with the world. The code itself is completely free of any non-GPL requirements, and neither you, nor anyone downstream, will face any legal difficulties for doing so, as GRSecurity freely acknowledges your rights to do so.
Doing so terminates your contract with GRSecurity - but that's an independent business agreement, and in no way impairs your rights with respect to the GPLed code that they have already provided you.
If the contract with GRSecurity obligated you to not redistribute the code they provide, or imposed any other license limitations, then that would be a clear violation of the GPL - but it doesn't. You're free to redistribute their GPLed code - you just voluntarily terminate your contract in the process so that you won't get any future software from them. And nothing in the GPL explicitly states that other, unrelated (future performance) business agreements can't depend on your actions with GPLed code. Nothing in the GPL obligates them to continue doing business with you.
I'm sure lawyers could argue interminably over the details, but that's the point - GRSecurity has found a slimy way to skirt the limits of the GPL so that they aren't in clear violation. The fact that they (presumably, since they're still in business) haven't been pressured or sued by any major Linux stakeholders would suggest that the stakeholders' lawyers agree that it wouldn't be a cut-and-dried case, but instead a potentially long and expensive trial with a murky outcome.
(Score: 0) by Anonymous Coward on Monday February 17 2020, @09:00PM
i don't even think it's slimy anymore. i probably did at one time. it's just a way to make sure you (OSS, in this case) aren't enabling your competitors. They are still getting Free Software and they can do what they want with it, but if they want to copy it and create their own competing company, you don't have to help them do it going forward. It's definitely an interesting option for commercial Free Software. People who think FOSS should be all volunteer won't like any of that though.
(Score: 1) by khallow on Monday February 17 2020, @09:53PM (4 children)
Except of course, they cut off the supply if they catch you doing it. Which is a limit, contrary to assertion.
(Score: 2) by Immerman on Monday February 17 2020, @10:09PM (3 children)
It is a limit, but it's NOT a limit on your rights under the GPL - just on your future business dealing with them, which aren't covered by the GPL
(Score: 1) by khallow on Monday February 17 2020, @10:37PM
But it is a limit on OSS's rights under the GPL.
(Score: 0) by Anonymous Coward on Tuesday February 18 2020, @07:02AM (1 child)
>It is a limit, but it's NOT a limit on your rights under the GPL - just on your future business dealing with them, which aren't covered by the GPL
OSS is not allowed to proffer /any/, A_N_Y, additional terms OTHER than the GPL when distributing a derivative work of a GPL'd work. They are NOT allowed to make ANY "contract": they can ___ONLY___ give the terms of the GPL: that is IT.
They have put forth the GPL AND additional terms. That is FORBIDDEN by the linux copyright holders under section 6 and 4 of the GPL.
They do NOT have a license for linux kernel ANYMORE. That's RIGHT NOW.
Get it through your FUCKING head you MORON.
Linux Kernel is NOT their property. The Linux Kernel devs HAVE __BANNED__ certain business practices, regarding their Work. This is ONE of those banned practices.
(Score: 2) by Immerman on Tuesday February 18 2020, @03:29PM
>OSS is not allowed to proffer /any/, A_N_Y, additional terms OTHER than the GPL when distributing a derivative work of a GPL'd work.
And they are not doing so - they're providing the source to their derivative patches under the GPL2.