[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20171017145759.GA14386@kroah.com>
Date: Tue, 17 Oct 2017 16:57:59 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: David Woodhouse <dwmw2@...radead.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Andrew Morton <akpm@...ux-foundation.org>,
linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] Documentation: Add a file explaining the requested
Linux kernel license enforcement policy
On Mon, Oct 16, 2017 at 03:50:19PM +0100, David Woodhouse wrote:
> On Mon, 2017-10-16 at 15:46 +0200, Greg KH wrote:
> > > conversations with the TAB on early drafts of this — but I'm a little
> > > concerned that what we've ended up with is a bit one-sided. We're
> > > giving something away, for nothing in return.
> >
> > I don't feel that is true at all, what we are doing here is providing a
> > well-documented way toward compliance and the reinstatement of our
> > license. That's a key issue with regards to the existing trolls we are
> > currently facing today, which we have to address in order to preserve
> > our community.
>
> Which trolls? Do you mean Broadcom or Patrick? :)
>
> I think think this directly addresses either of them. Not unless you're
> planning to get Patrick, or those who aspire to his methods, to sign up
> to this document somehow?
In consulting with a _lot_ of people, and lawyers involved in cases with
Patrick, they have told us that this _will_ help with the troll issue
that Patrick is currently engaging in.
> I do agree that *both* of them need dealing with somehow though.
>
> I'm actually *more* worried about the Broadcoms of this world, because
> with Patrick there's an easy safeguard that most people seem to have
> forgotten about — do not break the law. Make sure you are so obviously
> complying with the GPL that any claim to the contrary would be
> immediately thrown out of court and your costs awarded. (I know that's
> over-simplifying quite a bit — but while I don't condone Patrick's
> actions, at a personal level I do find it slightly hard to sympathise
> with his victims.)
You should sympathise, as the "victims" here are almost always companies
that had no idea what was going on in the first place. Their first
interaction with this "Linux thing" is a person demanding that they pay
up in court, and then, when they initially comply because they think
that is what they need to do, they get hit again with loads of other
issues out of their control and are forced to pay even more money.
Does that help us as a community? No. It ensures that no one wants to
use Linux in their products.
Yes, the correct response is of course providing tools and education and
other methods in which companies can learn, change, and then track their
open source usage and ensure that they are compliant. And that is what
a lot of people have been doing for the past few years, look at the
links I did provide with regards to that.
Heck, one of those free e-books could pretty much be subtitled "How to
avoid being hit by a copyright troll!"
So that's one front in fixing this obvious problem where companies are
just not compliant. We have to also cut off the ability for trolls to
go after companies like this, and that's what this statement is for, and
will help out immediately.
I understand you are wanting to help solve the Broadcom issues in the
world. Great, let's work to address that, and we can take it off-line
if you want. But that's not what we are trying to solve here at all.
Don't get into the common mistake that lots of people are doing right
now of, "Oh look, why didn't they also do this and this and this as I
wish they always would have!" That's not how you solve specific
problems.
> > > This would have been better if it specified that it applied to
> > > *unintentional* violations, and also gave a time limit — automatic
> > > reinstatement *only* happens if complete compliance is achieved within
> > > 90 days, for example. That would help genuine developers who are only
> > > *accidentally* committing a criminal offence through not paying enough
> > > attention, while not giving succour to those who intentionally do so.
> >
> > Defining "unintentional" and "accidentally", might be a bit difficult,
> > given that GPLv3 didn't even attempt to do something like that.
>
> Sure. But as you know, those who are *intentionally* violating the
> licence will drag out their repeated candidate releases for years,
> fixing one thing at a time and costing us loads of time and money as we
> painstakingly investigate each attempt. While genuine mistakes are much
> more quickly fixed.
Intentional violators are a different issue here, as you say. And
really, this 30 days thing means nothing to them, as it is not meant to
at all.
> So a time limit may well have worked as as primitive proxy for "intent".
Maybe, if so, why doesn't GPLv3 have this in it? :)
> And more to the point, it deprives us of the *one* lever we have, short
> of the last resort of legal action, for persuading them to come into
> *complete* compliance as we define it.
I disagree, see my previous public statements about how I feel is the
best way to work with companies to get them to properly comply with our
license.
Hint, it's not to bring in lawyers, we have many many other "levers" we
can, and do, use to solve it.
thanks,
greg k-h
Powered by blists - more mailing lists