lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <MDEHLPKNGKAHNMBLJOLKMEEPOJAC.davids@webmaster.com>
Date:	Wed, 30 Jul 2008 11:03:03 -0700
From:	"David Schwartz" <davids@...master.com>
To:	<alan@...rguk.ukuu.org.uk>
Cc:	"Stefan Richter" <stefanr@...6.in-berlin.de>,
	"Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>
Subject: RE: 463 kernel developers missing!


> > No, but that all the submissions were made under the GPL, whose
> > explicit purpose is to allow information to be changed,
> > processed, and reused for other purposes does.

> So why hasn't Jon included a copy of the GPL and the sources with his new
> data set ?

I would assume that was either an error or because he believes the
information contains insufficient creative content to be covered by
copyright. It seems to me more like a functional, factual report. But I can
see both sides of that argument.

> > If you don't want your submissions to be in the public record
> > for all eternity to be used for any lawful purpose, don't make
> > them to a GPL project.

> The GPL doesn't trump data protection law. It can't.

No. But the GPL can be used to show the intent to consent to the use of the
information by others. I don't know the data protection law in your country,
of course.

> > You have no right whatsoever to look at how one person chooses
> > to use them and say "I didn't agree to that". Yes, you did. You
> > gave up the right to approve or reject each use when you made the
> > submission. If you don't like it, submit under some other license.

> Disagree - firstly national law trumps licences, secondly there is the
> (regrettably increasingly) small matter of manners.

I think it's terribly bad manners to submit something to a GPL project and
then complain when someone else uses it the way they want to. If you want
the benefit of using and modifying GPL software, you have to let others do
what they want with your contributions. If you don't find that deal fair,
don't make it. But then don't make the deal and then claim others are being
rude when they take what the deal gave them.

As for GPL only being about copyright, I don't think that's true. The GPL is
a copyright license. It grants you rights that the author would otherwise
hold exclusively under copyright. But it doesn't follow that the rights you
give up are only rights under copyright. See, for example, section 7.

If you want the rights GPL grants you under copyright, you have to give up
certain things, and not just copyright. One of the things you have to give
up is *any* legal mechanism that would permit you to restrict other people's
GPL rights.

GPL section 6 clearly prohibits you from using any data protection laws in
your jurisdiction to prevent someone else from modifying and redistributing
information you submitted under the GPL.

The "GPL only affects copyright" argument would mean that I could
redistribute modified GPL'd work with an EULA. Obviously, I can't do that.
Enforcing data protection laws to restrict rights granted under the GPL is
no different from enforcing an EULA to do ths same thing.

DS


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ