lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <37663a792cfe0e7fe572d38e74ddf215@redchan.it>
Date:   Sat, 29 Jul 2017 12:30:52 +0000
From:   nisus@...chan.it
To:     linux-kernel@...r.kernel.org
Subject: Yes you have standing to sue GRSecurity.

It has come to my attention that some entities are claiming that you, 
dear Linux Hackers, (1)need to go through some foundation or get some 
permission from upon high in-order to sue the progenitors of GRSecurity 
for their violation of section 6 of the terms underwhich the linux 
kernel is distributed (version 2 of the GPL). And, furthermore, that 
(2)this foundation has no intention of bringing such a suit.

(1) is false.
(2) may very well be true.

You do have standing to sue GRSecurity for their blatant continuing 
copyright violation if GRSecurity has made a derivative work of your 
code contribution to the Linux Kernel as-long as (a)you have not 
assigned your copyrights, and (b)you are not a work-for-hire.

How do you know if you are a work for hire or if you have signed away 
your copyrights?
If you are working for a company and as your job duties you are 
programming the linux kernel, there is a good chance that you are a work 
for hire and thus the company owns said copyrights.

How do you know if you signed away your copyrights? Well if you singed a 
document transferring ownership of your copyrights for the code you 
produced at some point.

If you are not working for a company while hacking linux and you haven't 
assigned your copyrights away then YOU OWN YOUR CONTRIBUTIONS.

This means most of you hobby hackers, if GRSecurity has modified your 
code, YES YOU HAVE STANDING TO SUE.

Yes your "betters" are lying to you.
You have individual separate standing to sue.

Yes you SHOULD consult a lawyer of your own.
Yes you SHOULD consider a joint filing with other individual 
rights-holders willing to bring suit against GRSecurity for their 
blatant violation of your terms, and yes you should consider starting 
CLASS ACTION since the number of Linux Kernel Contributors seemingly 
numbers in the multitudes upon multitudes upon multitudes.

And yes, I am an attorney.
But no, I'm not looking for clients. Just correcting some false 
information that has been spreading.

And yes, GRSecurity will try to claim that the linux-kernel is a work of 
Joint ownership (so as to shield themselves via procedural law) and yes 
they will try to claim fair use (probably de minimus), and yes your 
Lawyer will have to respond to these claims. The Joint ownership claim 
will go down quickly but it will have to be responded to. De minimus 
Fair Use depends on how much code is modified and how signifigant the 
modifications are. Don't anyone but your own legal council dissuade you 
from bringing suit: Remember the statute of limitations is only a few 
years, so the clock is ticking on the CURRENT violation.

Also make sure you register your copyright of the version of the 
linux-kernel that GRSecurity is using in its violation prior to bringing 
suit. The registration must be for the specific version. Yes you can 
register after the violation has occurred, however if you have 
registered before the violation then you can also pursue recovery of 
legal fees, pursue statutory damages, etc.


( NOTE: If you would like to read on how your copyright is being 
violated by GRSecurity, Bruce Perens posted a good write-up on his 
web-page )
( 
perens.com/blog/2017/06/28/warning-grsecurity-potential-contributory-infringement-risk-for-customers/ 
   )
( There was also a discussion on the linux section of slashdot, and on 
the debian user mailing list, and on the dng devuan mailing list and on 
the openwall mailing list and the fedora legal mailing list )

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ