Saturday, October 22, 2005
GPL Violations Irk Me
Frustrating it is for the software developer who writes code that is gratiutiously usurped by a software company without any credit or royalty. Frustrating still, for the owners of a product by these companies that want to repair problems and ehance the product but are blocked from doing so by proprietary encryption that prevents access to the GPL code within. Fun, it is, to learn that the companies have all but abandoned any further development of the product too.
By this time many people are aware of the Gnu General Public License (GPL). It is a license created by the Free Software Foundation that grant any user the right to copy, modify and redistribute programs and source code from developers that have chosen to license their work under the GPL. The stipulation is that the user release and make available any and all GPL-licensed source code. Further all derivitives of the GPL-source code also becomes covered under the GPL. That is, any user that modifies a piece of GPL code to work with his project (or product), that entire project may be subject to the GPL and the source code must be released to the public.
So what happens when a company builds and sells a product that incorporates GPL code? Well, they're allowed to use and sell that product for a profit. BUT, they're also required to release all of the source code utilized as well as any and all modified GPL source code. If a company takes GPL source and modifies it heavily with their "proprietary" code, then that new piece of code is considered a derivative of the original GPL code and thus automatically covered by and subject to the terms of the GPL, and must be made public.What companies fail to realize is that is by statically binding GPL code into their product, they have now created an entire project that is subject to the GPL, and the entire source code must be released, in its re-compilable form. What's surprising is that large, well-known companies are brought into the spot-light for these transgressions. To Wit:
Linksys (WRT54G): http://developers.slashdot.org/article.pl?sid=03/07/31/1350217&tid=117&tid=193&tid=8&tid=106
Nvidia : http://slashdot.org/features/00/05/01/0047219.shtml
Compaq : http://slashdot.org/article.pl?sid=00/09/13/1540253&tid=140
Epson : http://slashdot.org/article.pl?sid=02/09/11/2225212
Various companies : http://www.drunkenblog.com/drunkenblog-archives/000534.html
Linksys eventually relented and published a complete set of source code for the WRT54G.
The issue is that this is not new, nor is it relegated to large companies. Other companies such as Rockford Fosgate/Omnifimedia who distribute two versions of media players (one in-home streaming media, one in-car media player) from SimpleDevices are in the same boat.
Members of the Omnifi Yahoo forum have learned that companies often play naive or take the "innocent" tact. The DMP1 & DMS1 players manufactured and distributed by SimpleDevices, OmnifiMedia and Rockford Fosgate are built on a Linux kernel. A couple of tech-savvy forum members were able to peer into the the kernel and applications and discovered massive amounts of GPL code. They approached Rockford Fosgate, SimpleDevices Omnifimedia about a possible GPL violation. The companies just shrugged their shoulders and said it was the other company's problem. Finally someone at SimpleDevices.com came clean and published a list of source code (in their pristine unmodified condition) to some (not all) of the open source modules used in the system. Additiionally, the manufacturers seem to have statically incorporated GPL code into their binaries. Members of the forum have set up and signed an online petition against the software companies: http://www.petitiononline.com
Other possible violations in action:
Checkpoint: http://www.ethereal.com/lists/ethereal-dev/200308/msg00175.html
Cygwin: http://www.cygwin.com/ml/cygwin/2003-03/msg01926.html
DrDos: http://freedos.org/freedos/news/bits/drdos81.html
What does it take to get these companies off their duffs and onto the chopping block?
