| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 01 Jun 2016 15:03:55 +0000 From: concernedfossdev@...nik.io To: linux-kernel@...r.kernel.org Subject: RE: (RMS responded) GRsecurity is preventing others from employing their rights under version 2 the GPL to redistribute source code RMS has weighed in: Re: GRsecurity is preventing others from employing their rights under version 2 the GPL to redistribute source code Richard Stallman (May 31 2016 10:27 PM) [[[ To any NSA and FBI agents reading my email: please consider ]]] [[[ whether defending the US Constitution against all enemies, ]]] [[[ foreign or domestic, requires you to follow Snowden's example. ]]] If I understand right, this is a matter of GPL 2 on the Linux patches. Is that right? If so, I think GRsecurity is violating the GPL on Linux. -- Dr Richard Stallman President, Free Software Foundation (gnu.org, fsf.org) Internet Hall-of-Famer (internethalloffame.org) Skype: No way! See stallman.org/skype.html. ------------------------------------------------ GRsecurity (Brad Spengler) is preventing others from employing their rights under version 2 the GPL to redistribute (by threatening them with a non-renewal of a contract to recive this patch to the linux kernel.) (GRsecurity is a derivative work of the linux kernel (it is a patch)) People who have dealt with them have attested to this fact: https://www.reddit.com/r/KotakuInAction/comments/4grdtb/censorship_linux_developer_steals_page_from_ andi "You will also lose the access to the patches in the form of grsec not renewing the contract. Also they've asked us (a Russian hosting company) for $17000+ a year for access their stable patches. $17k is quite a lot for us. A question about negotiating a lower price was completely ignored. Twice." -- fbt2lurker And it is suggested to be the case here aswell: https://www.reddit.com/r/linux/comments/4gxdlh/after_15_years_of_research_grsecuritys_rap_is_here "Do you work for some company that pays for Grsecurity? If so then would you kindly excersise the rights given to you by GPL and send me a tarball of all the latest patches and releases?" -- lolidaisuki "sadly (for this case) no, i work in a human rights organization where we get the patches by a friendly and richer 3rd party of the same field. we made the compromise to that 3rd party to not distribute the patches outside and as we deal with some critical situations i cannot afford to compromise that even for the sake of gpl :/ the "dumber" version for unstable patches will make a big problem for several projects, i would keep an eye on them. this situation cannot be hold for a long time" -- disturbio Is this not tortious interference, on grsecurity's (Brad Spengler) part, with the quazi-contractual relationship the sublicensee has with the original licensor? (Also Note: the stable branch now contains features that will never make it to the "testing" branch, and are not allowed to be redistributed, per the scheme mentioned above (which has been successful: not one version of the stable branch has been released by anyone, even those asked to do so, since the scheme has been put in place (they say they cannot as they cannot lose access to the patch as that may cost the lives and freedom of activists in latin america))) https://twitter.com/marcan42/status/726101158561882112 @xoreipeip @grsecurity they call it a "demo" version "20:14 < spender> what's in the public version is < 1/5th the size of the full version" oreipeip @grsecurity "20:21 < spender> also it wouldn't be as fast as the commercial version [...] there are missing optimization passes"
Powered by blists - more mailing lists