Linux programmer wins legal victory

(continued from previous page)

terms and limitations of the GPL through litigation will likely seem interminably long to industry watchers, but this latest result suggests that the process in the United States is soon to begin."

There could be several reasons companies don't release source code for GPL software that they include in products. They might not be aware of the GPL's provisions, thinking that software it governs is merely in the public domain. They might have software enhancements they want to keep secret. Or they might simply be using software from a third party and not even know it contains GPL components.

Open education
Activities to inform the computing industry about open-source licenses have become common. Attorneys could get continuing-education credit for two days of speeches on legal matters at the Open Source Business Conference this month, for example, and Linux seller Red Hat has just posted a video of its in-house lawyer discussing various licenses.

However, it's hard to tell whether GPL violations are decreasing, Welte said in an interview. "The number of cases I know about is always rising, but my guess is that this is mainly because the GPL Violations project becomes more known to the community, and therefore I receive more user reports (from people) who find GPL-licensed software in products they have bought."

And Welte said he wasn't happy with the response to the letters he delivered to company representatives at CeBit.

"Most of them failed to create any form of reaction on behalf of the companies. It's very sad to see that in most cases nobody would even start to listen to you unless you sent it via a lawyer," Welte said.

Without access to the underlying source code, Welte often has to work hard to find out if GPL software is used in a product. In Fortinet's case, the use of GPL software was unusually difficult to verify, because the company had encrypted it, Welte said. It took 40 hours of work to ferret out the information, he said.

The next step in the legal proceedings depends on Fortinet's response, Welte said. "If they do not appeal and (begin to) distribute products according to the license, then the case is basically closed, and they will have to pay all expenses. If they choose to appeal, or ignore the court order, then the case will continue," he said.

Initrd is a module essential to the process of starting up a Linux computer. Welte also has helped write the netfilter/iptables software that provides Linux with protective firewall abilities.

Welte didn't write initrd, but author Werner Almesberger transferred copyright on the software to him earlier in 2005, Welte said.

The court said Fortinet would have to pay a fine of five to 250,000 euros and that employees would face up to 6 months imprisonment for violation of the injunction. In addition, the company is responsible for Welte's legal fees.

The General Public License is 14 years old, but its creator, the Free Software Foundation, has begun an effort to modernize it.

Regardless how the Fortinet case turns out, one message is clear, said Mark Radcliffe, an intellectual-property attorney with DLA Piper Rudnick Gray Cary and legal counsel for the Open Source Initiative.

"In any case," Racliffe said, "companies obviously need to be more attentive to the possible use of GPL code in their products."

[aabcdefghij987654321]

gpl clarification

" when they ship such a product."

it is "when they distribute modified versions of the product (derivative works)"

[Shankland]

author replies: Well, sort of

The GPL requires source code to be available even if it's not modified, and i's not clear exactly what Fortinet did. Section 2 of the GPL governs derivative works, but in cases where a company distributes code--modified or not--in executable form, Section 3 kicks in:

3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following:

a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.)

--Stephen Shankland

A shadow?

A shadow over open source, or a careless developer's product? Please. This was a case of the developer either not paying attention or not wanting to abide by the terms (attempting to plagiarize/obtain free development work from others).

Is news.com ignorant of GPL requirements? They aren't complex, but like any license, somebody needs to pay attention. A company that uses external code without understanding the licensing terms is shooting their own foot. A company that tries to weasel out of their obligations after repeated requests deserves the cloud over their derivative products.

Thanks

News.com, thanks for the "shadow" headline change.

[David Arbogast]

SCORE

"You didn't give your work freely to the community!"

Score one for the socialism police.

The GPL is simple.

It is not, however, a declaration of carte blanche or public domain status.

Pay attention, give credit where due, and enjoy the numerous benefits. Simple stuff for those not looking to plagiarize.

[pcLoadLetter]

More FUD

If they didn't want to abide by the terms of the license, they should not have used it.

The company in question was trying to get a free lunch, by climbing on the backs of others without having to abide by the terms. They wanted the quid without giving a bit of quo.

You socialist comment was unintelligent and unnecessary.

Socialist?

OSS software under the gpl is no more socialist than broadcast television. You get to watch it free, yes? Are they socialistic? Certainly not. They sell commercials, but not the broadcasts. They make money from a "free" broadcast.

The same thing happens with software under the gpl. At a bare minimum, they are getting access to everyone else's work who used their product. That has value even if dollars don't change hands. Some companies sell service and support for their gpl products. How can that be socialistic in any fashion?

[TheMidnightCoder]

Well, you OSS guys do tend to sound a bit

Socialist once in a while. Generally I think your living in a wonderful fantasy land. I would love to live there too, but I have bills to pay. Music should be free, movies should be free, heck, and I wish my car was free too. OSS will probably disappear once the Evil Nemesis M$ is no longer king. Then the major hardware companies that support OSS so much really won't need to anymore (great for marketing). I know, I'm evil too.

[unknown unknown]

reply

No one is forced to use GPLed code or software. Companies who don't want to turn over their source shouldn't use GPLed code in their projects. It's really very simple. It might be socialism, but it's opt-in. Those who opt-in are expected to comply with the terms.

Fortinet are dumb as bricks

"Fortinet recently became aware of Mr. Welte's allegations and has, in good faith, been diligently working with him to resolve this matter outside of the German court system"

Fortinet knew they were taking GPL code and reselling without distributing their source code. To act all surprised is a ruse. Welte's legal actions are to wake up companies that think they can get away with this.

If Fortinet is a real company they would have had their lawyers read over the GPL license before using it. Fortinet is a tech company selling a computer firewalls, for crying out loud! For them to have never heard of the GPL license is simply a lie.

[David Arbogast]

Not a Victory by a Longshot

I call it... shooting yourself in the foot.

Fortinet may have broken the rules, but if you call this a victory for GPL or OSS you are pretty foolish. Fortinet wanted to make a profit, and probably realized that *giving away their software* would make that very difficult. Now that they have been smacked upside the head by the GPL-Police, you can bet they'll find a new approach. Proprietary software anybody? One less GPL contributor. One more win for closed-source software. I'm sure Fortinet isn't too broken up about it. They obviously have no desire to *Give Away Their Hard Work For Free."

[pcLoadLetter]

Give away their hard work for free?

That is amusingly ignorant considering that much of their 'hard work', is nothing more then using others hard work that was free.

You FUD spreaders need to get it through your head that free does not have to mean free of cost.

[TimeBomb]

You mean psuedo-opt-in

There is nothing "opt-in" about using GPL code without being aware of it, because it was imbedded in a product you obtained.