lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3709f199e5f0c527aa3e7e63b228e94a@aaathats3as.com>
Date:   Fri, 19 Oct 2018 11:40:13 +0000
From:   vca@...thats3as.com
To:     linux-kernel@...r.kernel.org
Subject: Bruce Perens-inconsistent statements regarding Copyright, GPL, Open
 Source Security.

In a prior public statement, Bruce Perens put forth a legal theory where 
users of a certain piece of Software would be liable for contributory 
copyright infringement*[1]. This statement, specifically the 
pronouncement of such damages reachable, is predicated on a pure 
copyright License theory regarding the grant under-which the Linux 
Kernel is distributed and modified.

* 
(https://perens.com/2017/06/28/warning-grsecurity-potential-contributory-infringement-risk-for-customers/ 
)

As we all know, under a contract theory, damages are quite limited 
regarding opensource licenses** (See the initial district court 
determination of Jacobsen v. Katzer) and the legal theory published by 
Bruce Perens, if analyzed under a contract theory regarding the GPL 
would become a less-than-likely scenario.

** (For this very reason, the FSF specifically drafted version 2 of the 
GPL to avoid language that would tend to induce a contract reading 
rather than a bare license construction. The FSF has maintained for 
decades that the GPL is a bare license and is not a contract)

It is just that utterance, added by Bruce Perens, regarding contributory 
copyright infringement damages reachable vis a vis the GPL version 2, 
that induced upwards of 70 of Open Source Security's clients to cease 
their business dealings with Open Source Security.

Bruce Perens has recently made known, publicly, that he currently 
believes in a Contract theory regarding the GPL version 2, specifically 
regarding the Linux Kernel. He has stated that he, infact, in the past 
has supplied expert testimony praying to the court for it to find that 
the GPL is, in fact, a contract (and not a bare (copyright) license). He 
has stated that the court has indeed relied on his testimony in various 
pleadings. ***[3]

Here, ( 
https://developers.slashdot.org/comments.pl?sid=12767438&cid=57489528 ) 
Bruce Perens argues that case law has overridden the esteemed Raymond 
Nimmer's opinion that the GPL is not a contract and is, at best, a 
failed contract, and likely a bare license akin to a property license. 
Bruce Perens further clarifies that it was his very own testimony that 
has convinced the court that the GPL is infact not a bare license and is 
instead a contract.

If these pleadings were to have occurred prior to the theory published 
regarding Open Source Security and its Contributor Access Agreement, 
that would put the lie to any suggestion that Bruce Perens in fact 
believed in the theory that he published at the time of publication and 
would instead suggest that rather than proffering his opinion regarding 
a matter - he was instead intentionally publishing a theory he believed 
to be a lie in-order to harm Open Source Security - A goal that has 
indeed been effected (specifically by the "Contributory Copyright 
Infringement" addendum).


Download attachment "bruce-perens-on-gpl-contract-vs-license.png" of type "image/png" (141253 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ