lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200709160217.55933.jcroberts@designtools.org>
Date:	Sun, 16 Sep 2007 02:17:53 -0700
From:	"J.C. Roberts" <jcroberts@...igntools.org>
To:	Jeff Garzik <jeff@...zik.org>
Cc:	Kyle Moffett <mrmacman_g4@....com>,
	Jason Dixon <jason@...ongroup.net>, misc@...nbsd.org,
	moglen@...twarefreedom.org, lessig_from_web@...ox.com,
	bkuhn@...twarefreedom.org, norwood@...twarefreedom.org,
	fontana@...twarefreedom.org, karen@...twarefreedom.org,
	linux-kernel@...r.kernel.org
Subject: Re: Wasting our Freedom

On Sunday 16 September 2007, Jeff Garzik wrote:
> J.C. Roberts wrote:
> > http://marc.info/?l=linux-wireless&m=118857712529898&w=2
>
> Link with outdated info.
>
> > http://madwifi.org/browser/branches/ath5k
>
> Link with outdated info.
>
> > I suggest actually taking the time to get the facts before making
> > completely baseless statements. When you make obviously erroneous
> > statements, it leaves everyone to believe you are either hopelessly
> > misinformed, or a habitual liar. -Which is it?
>
> Please take a moment to understand the Linux development process.
>
> A better place to look would be 'ath5k' branch of
> git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-dev.g
>it
>
> but nonethless, the fact remains that ath5k is STILL NOT UPSTREAM and
> HAS NEVER BEEN UPSTREAM, as can be verified from
>
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
> 	(official linux repo; nothing is official until it hits here)
>
> Part of the reason why ath5k is not upstream is that developers are
> actively addressing these copyright concerns -- as can be clearly
> seen by the changes being made over time.
>
> So let's everybody calm down, ok?
>
> Regards,
>
> 	Jeff

Jeff,

Look at what you are saying from a different perspective. Let's say 
someone took the linux kernel source from the official repository, 
removed the GPL license and dedicated the work to public domain or put 
it under any other license, and for kicks back-dated the files so they 
are older than the originals. Then they took this illegal license 
removal copy of your code and put it in a public repository somewhere.

You'd be perfectly content with such a development because it had not 
been officially brought "upstream" by the "offical" public domain or 
whatever project?

No, you would most likely be absolutely livid and extremely vocal 
getting the problem fixed immediately, so your reasoning falls apart.

If the people who could fix the problem continued to ignore you, and the 
people in leadership roles tell you then intend to steal your code, 
then you would continue to get more angry and vocal about it. 

Now take it one step further. For the sake of example, let's assume all 
of this atheros driver nonsense went to a German court and the 
GNU/FSF/SFLC/Linux or whoever you want to call yourselves lost a 
criminal copyright infringement suit. You have now been legally proven 
to be guilty code theft.

After such a ruling let's assume some jerk was to do the all the 
horrific stuff mentioned in the first paragraph above to the linux 
source tree, along with a little regex magic to call it something other 
than "linux" and seeded the Internet with countless copies. At this 
point, the GNU, FSF, GPL and all of the hard working Linux devs are now 
stuffed. A company could download the bogus source, violate the now 
missing GPL license, claim you stole the code from someplace else on 
the `net and illegally put your GPL license on it... Worst of all, they 
now have your past conviction of criminal code theft to back up their 
assertion about the way you normally operate.

You should be concerned. The above is an immoral and illegal but still 
practical attack on the GPL and all of hard work by many great people. 
By having some people within the GNU/FSF/GPL camp indulging in code 
theft to push their preferred license and the reasonable folks in the 
GNU/FSF/GPL camp refusing to voice a strong opinion against code theft, 
you are weakening your own license.

jcr
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ