On Fri, Sep 25, 2020 at 09:34:28AM +0800, Pen-Yuan Hsing wrote: > 2. To my surprise, the highly proprietary messaging app WhatsApp uses the > GPL-licensed implementation of the Signal protocol developed by Open Whisper > Systems for its self-proclaimed end-to-end encryption: > > https://en.wikipedia.org/wiki/WhatsApp#End-to-end_encryption > > I suppose the Facebook army of lawyers were able to perform the necessary > legal gymnastics to make a GPL program fit in their proprietary app, perhaps > by technically keeping the GPL'ed binary separate from the rest of the app? > (can someone more knowledgeable speak to this?)
No. What is more likely is that Facebook paid Open Whisper Systems to give them a proprietary license to libsignal-protocol so that Facebook could use it without complying with the GPL. As far as I can tell from reading the source code headers, Open Whisper Systems retains copyright in all of libsignal-protocol so they are legally permitted to engage in this proprietary relicensing. I'm not a fan of this model, and would recommend people instead maintain multi-copyright-holder codebases instead, so the codebase can't be unilaterally relicensed by a single entity in this way. > My point with the above two examples is that even with GPL software, there > are still ways people/companies who want to make proprietary software can > exploit it. If so, permissive free software licenses are *even more* > dangerous from the perspective of user freedom and strengthens the argument > for copyleft licenses. > > Any thoughts? We definitely need to push back against companies that are violating the GPL. That's the main part of my job at Software Freedom Conservancy, and I encourage people who notice GPL violations in any of our member projects (listed at https://sfconservancy.org/projects/current/ - including BusyBox, Samba, and Linux) to report these violations to complia...@sfconservancy.org - I'll get back to you if we need more details (I manage that address). One excellent way to help with this is to check your devices (phone, TV, car) to see if they include an offer for source code. If so, then check if the offer works by going to the listed website or emailing the listed address to get the source code for your device. If you can't find it or the source is incomplete, let Conservancy know at the email address above. The only way we prevent the GPL from effectively becoming a permissive license is by enforcing the GPL, since big companies won't comply unless we do. Denver https://jmp.chat/ (and FLOSS License Compliance Engineer at Software Freedom Conservancy) _______________________________________________ libreplanet-discuss mailing list libreplanet-discuss@libreplanet.org https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss