lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <bae41a84e6f302eda4d552154ca301e3@redchan.it>
Date:   Mon, 31 Jul 2017 14:46:08 +0000
From:   nisus@...chan.it
To:     "David C. Rankin" <drankinatty@...denlinkmail.com>
Cc:     linux-kernel@...r.kernel.org, bruce@...ens.com, moglen@...umbia.edu
Subject: Re: Yes you have standing to sue GRSecurity - Two options that can be
 used in concert or separately

Thank you Mr. Rankin for saying this. Bruce Perens blocked me* (also 
calling me a "fool" later to a 3rd party) after I started to brainstorm 
the defenses that would be raised about a week or two ago: letting 
everyone in the world know what he thought of me for mentioning laches 
etc.

Such talk is naivete to him and he "doesn't suffer fools willingly".

Brainstorming what defenses the opposition will raise is the thinking of 
a naive fool according to Bruce Perens.

I also noticed that Bruce Perens friend Professor Moglen hasn't 
commented, instead opting to sit and silently judge, but I did bring up 
the fact that GPL v2 lacks a no-revocation clause, thus (barring 
estopple) said license can be revoked at any time by the grantor. Which 
is the actual reason v3 of the GPL needed to be drafted (the patents 
issue being a foil). I guess Professor Moglen (RMS, ESR) and the rest 
don't want too many people to know about that part either and thus would 
rather downplay anything else I have written.

To be clear: Rights-Holders can sue GRSecurity for the copyright 
violation stemming from the flagrant violation of section 6 of the 
license. Rights-Holders can also revoke GRSecurity's license to their 
code by notice and then sue them if they continue to make derivative 
works of said work. So Rights-Holders have two options there at their 
disposal.

The GPL v2, by itself, does not give rise to an estopple situation where 
there has been no communication to the other party that they relied upon 
that the license would never be revoked by Rights-Holder.

The permission flows from the Rights-Holder and not through 
intermediaries. Thus even if Linus made communications that HE would 
never revoke the permission he has given regarding his works of 
authorship, that does not bind other Rights-Holders regarding their 
code.


*(  lists.debian.org/debian-user/2017/07/msg00830.html )

On 2017-07-30 07:14, David C. Rankin wrote:
> On 07/30/2017 12:55 AM, David Lang wrote:
>> You are thinking of Trademarks, they must be defended or you loose 
>> them.
>> Contracts and Licenses do not need to be defended at every chance or 
>> risk
>> loosing them.
> 
> No, not always, it can apply in plain contract as well. The defenses 
> that
> could be later raised by grsecurity if this issue goes unaddressed is 
> are (1)
> latches; and (2) waiver. It is a slippery slope. While, without 
> commenting on
> the dubious nature of the current use of the defenses (as catch-all,
> kitchen-sink affirmative-defenses), they can be expected to be raised 
> if
> rights under GPL to insure no further restrictions are placed on 
> subsequent
> use of the kernel-code are not enforced.
> 
> I hope there is a centralized forum that will be established for this 
> issue
> (there may be and I'm just not smart enough to have found it yet). 
> Certainly,
> if for nothing else, so the advantages and disadvantages of both 
> action, and
> inaction, can be peer-reviewed on both the legal and technical side.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ