Re: Bug#628952: minidlna: Possible unknown copyright status of hardcoded image blobs in source code
tag 628952 pending -- Hi everyone, First of all, I'd like to thank everyone for their comments, they were all very helpful. And in light of all of this, I think the best approach is first of all removing the Netgear logo since we're not using it in Debian anyway, and then replacing the Tux logo with the Debian logo. This should be fixed in the next upload of minidlna. Thanks again to everyone. -- Benoît Knecht -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/2011063018.gd5...@marvin.lan
Re: Bug#628952: minidlna: Possible unknown copyright status of hardcoded image blobs in source code
On Mon, Jun 6, 2011 at 19:20, Bernhard R. Link wrote: > * Benoīt Knecht [110606 11:57]: >> I had a look at these, and I'm pretty sure they're not eligible for >> copyright protection (a white 'N' on a blue background is not nearly >> creative enough). So I don't think there's a problem there; the license >> header should just be corrected to state that there's no copyright on >> this particular logo. What do you think? > > Removing the copyright notice is extremly dangerous. It's the only thing > universally forbidden even before the copyright-mafia successfully lobbied > for more in many countries. > > So ideally the copyright holder would have to do it (or at least the one > having written the copyright notice), but then it is easier to just add > some permissive license to it. > > Also note that the "not eligible for copyright" is a very hard question > if looking at more than one country. Ironically the most problematic > countries might be those that have historically high requirements on > creativity for work to be protected (as the general "needs creativity" > rule has to be lifted for software in order to have any commercial > software to be eligible) > > Bernhard R. Link > I've have had an discussion with upstream Justin Maggard (added as cc), and following is what his legal department says: >Here's what I got from the legal dept: > >"We consider the NETGEAR image to be copyrighted property of NETGEAR. >The image's binary blob does not contain any GPL code and is not >licensed under any software license. Permission has been granted for >the free distribution of these images with the MiniDLNA software >application." > >Just thinking about this stuff makes my head hurt. :) If it makes you >more comfortable, feel free to rip out the NETGEAR images from your >tree. Regarding the Tux image, it's hard for me to image it being an >issue, since the Linux kernel has been embedding it for years. > >-Justin -- Carl Fürstenberg -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/banlktik5c1vyz_vhzzruwsgs9aef+yz...@mail.gmail.com
Re: Bug#628952: minidlna: Possible unknown copyright status of hardcoded image blobs in source code
* Benoît Knecht [110606 11:57]: > I had a look at these, and I'm pretty sure they're not eligible for > copyright protection (a white 'N' on a blue background is not nearly > creative enough). So I don't think there's a problem there; the license > header should just be corrected to state that there's no copyright on > this particular logo. What do you think? Removing the copyright notice is extremly dangerous. It's the only thing universally forbidden even before the copyright-mafia successfully lobbied for more in many countries. So ideally the copyright holder would have to do it (or at least the one having written the copyright notice), but then it is easier to just add some permissive license to it. Also note that the "not eligible for copyright" is a very hard question if looking at more than one country. Ironically the most problematic countries might be those that have historically high requirements on creativity for work to be protected (as the general "needs creativity" rule has to be lifted for software in order to have any commercial software to be eligible) Bernhard R. Link -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110606172032.ga12...@pcpool00.mathematik.uni-freiburg.de
Re: Bug#628952: minidlna: Possible unknown copyright status of hardcoded image blobs in source code
On Mon, 6 Jun 2011 11:34:34 +0200 Benoît Knecht wrote: [...] > Francesco Poli wrote: [...] > > > While the source code is licensed under GPL2, the file in question only > > > states following: > > > > > > * Penguin images are the creation of Larry Ewing (lew...@isc.tamu.edu) > > > using The GIMP. > > > > More information about the famous Tux the Penguin image here: > > http://www.isc.tamu.edu/~lewing/linux/ > > (I'm assuming we are talking about this image, right?) > > > > Unfortunately the "license" is very incomplete and unclear: > > > > | Feel free to do whatever you see fit with the images, you are > > | encouraged to integrate them into other designs that fit your need. > > [...] > > | Permission to use and/or modify this image is granted provided > > | you acknowledge me lew...@isc.tamu.edu and The GIMP if someone asks. > > I agree that's rather vague, especially regarding commercial use, Commercial use is not explicitly mentioned, but it is not even explicitly prohibited: it says that "use" is permitted, without further specifying, hence I think commercial use is indeed allowed, at least in the copyright holder's intentions. My personal opinion is that the most serious issue of this "license" is the lack of explicit permission to copy and (re-)distribute the original image and/or a modified version of it. Without those permissions, copyright laws say by default that you are not allowed to perform such operations (unless you are the copyright holder, of course). > although commons.wikimedia.org [1] seems to consider it free enough. > > [1] http://commons.wikimedia.org/wiki/File:Tux.png Free enough for what? For uploading the image to Wikipedia? There are lots of non-free images on Wikipedia, even covers of proprietary music albums [2][3][4]... [2] http://en.wikipedia.org/wiki/File:Iron_Maiden_(album)_cover.jpg [3] http://en.wikipedia.org/wiki/File:Metallica_-_Kill_%27Em_All.jpg [4] http://en.wikipedia.org/wiki/File:Scream_Bloody_Gore.jpg And anyway, the page [1] you cited says: [...] | Please check that the conditions given above are compliant to | the Commons licensing policy. Most importantly, derivative work | and commercial use must be allowed. [...] So, in summary, I am not sure what "free enough for Wikimedia" should mean. > > > I tried (back in 2005) to get in touch with Larry Ewing and persuade > > him that a clearer license should be granted, but I have never received > > any reply to my messages... > > You may try to contact him now: it's possible that you turn out to be > > luckier than me! > > According to > > http://en.wikipedia.org/wiki/Larry_Ewing > > his current home page is: > > http://lewing.org/ > > Maybe the e-mail address shown there is more up-to-date or > > appropriate... > > Well I could try, but I'm not very optimistic about it (I guess it's not > the first time the issue was brought up to Larry Ewing's attention, and > apparently no one was successful so far). I'm thinking the best solution > for now is to replace the logo altogether. In Debian we could use the > Debian logo, In that case, please use the Debian Open Use Logo without the "Debian" text [5], which is (unfortunately) the only DFSG-free logo that the Debian Project offers. It is released under the terms of the Expat license (see [6]). [5] http://www.debian.org/logos/openlogo-nd.svg [6] http://www.debian.org/logos/ > but I don't know what free image to suggest as a > replacement upstream. Any suggestions? I don't know: maybe the levitating GNU [7] (which is dual-licensed under the GNU GPL v3 or later, and under the horrible GNU FDL v1.1 or later)? But, please recall that GPLv3 and GPLv2 are incompatible with each other... [7] http://www.gnu.org/graphics/meditate.html > > > > * NETGEAR images Copyright (c) 2008- NETGEAR, Inc. All Rights Reserved. > > > > > > It doesn't explicit state which licenses these binary blobs are under > > > (there are four of each, two png and two jpeg). Only the tux image is > > > used in the binary package. > > > > If this is confirmed, then I think the best thing to do is dropping the > > NETGEAR images from the source package, and trying to get a > > GPL-compatible license for the Tux images (I suggest a simple > > permissive non-copyleft license: the Expat one, > > http://www.jclark.com/xml/copying.txt ). > > I had a look at these, and I'm pretty sure they're not eligible for > copyright protection (a white 'N' on a blue background is not nearly > creative enough). I would not be so fast in claiming that a work (especially a graphical image) is not creative enough to be covered by copyright... > So I don't think there's a problem there; the license > header should just be corrected to state that there's no copyright on > this particular logo. What do you think? If those images are not used in the binary package, I still think they should be dropped from source package. -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG ke
Re: Bug#628952: minidlna: Possible unknown copyright status of hardcoded image blobs in source code
Hi, Francesco Poli wrote: > On Thu, 02 Jun 2011 15:59:11 +0200 Carl Fürstenberg wrote: > > the source code file icons.c includes binary blobs detailing the NetGear > > logo and the Tux logo. > > Hi! > I am a debian-legal subscriber, and I would like to comment on this bug > report. Thanks a lot for your input, it's very much appreciated. > First of all, thanks for spotting this issue and for reporting it. > > > > > While the source code is licensed under GPL2, the file in question only > > states following: > > > > * Penguin images are the creation of Larry Ewing (lew...@isc.tamu.edu) > > using The GIMP. > > More information about the famous Tux the Penguin image here: > http://www.isc.tamu.edu/~lewing/linux/ > (I'm assuming we are talking about this image, right?) > > Unfortunately the "license" is very incomplete and unclear: > > | Feel free to do whatever you see fit with the images, you are > | encouraged to integrate them into other designs that fit your need. > [...] > | Permission to use and/or modify this image is granted provided > | you acknowledge me lew...@isc.tamu.edu and The GIMP if someone asks. I agree that's rather vague, especially regarding commercial use, although commons.wikimedia.org [1] seems to consider it free enough. [1] http://commons.wikimedia.org/wiki/File:Tux.png > I tried (back in 2005) to get in touch with Larry Ewing and persuade > him that a clearer license should be granted, but I have never received > any reply to my messages... > You may try to contact him now: it's possible that you turn out to be > luckier than me! > According to > http://en.wikipedia.org/wiki/Larry_Ewing > his current home page is: > http://lewing.org/ > Maybe the e-mail address shown there is more up-to-date or > appropriate... Well I could try, but I'm not very optimistic about it (I guess it's not the first time the issue was brought up to Larry Ewing's attention, and apparently no one was successful so far). I'm thinking the best solution for now is to replace the logo altogether. In Debian we could use the Debian logo, but I don't know what free image to suggest as a replacement upstream. Any suggestions? > > * NETGEAR images Copyright (c) 2008- NETGEAR, Inc. All Rights Reserved. > > > > It doesn't explicit state which licenses these binary blobs are under > > (there are four of each, two png and two jpeg). Only the tux image is > > used in the binary package. > > If this is confirmed, then I think the best thing to do is dropping the > NETGEAR images from the source package, and trying to get a > GPL-compatible license for the Tux images (I suggest a simple > permissive non-copyleft license: the Expat one, > http://www.jclark.com/xml/copying.txt ). I had a look at these, and I'm pretty sure they're not eligible for copyright protection (a white 'N' on a blue background is not nearly creative enough). So I don't think there's a problem there; the license header should just be corrected to state that there's no copyright on this particular logo. What do you think? Cheers, -- Benoît Knecht -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110606093433.ga7...@marvin.lan
Re: Bug#628952: minidlna: Possible unknown copyright status of hardcoded image blobs in source code
On Thu, 02 Jun 2011 15:59:11 +0200 Carl Fürstenberg wrote: > Package: minidlna > Severity: serious > Justification: Policy 2.1 > > the source code file icons.c includes binary blobs detailing the NetGear > logo and the Tux logo. Hi! I am a debian-legal subscriber, and I would like to comment on this bug report. First of all, thanks for spotting this issue and for reporting it. > > While the source code is licensed under GPL2, the file in question only > states following: > > * Penguin images are the creation of Larry Ewing (lew...@isc.tamu.edu) using > The GIMP. More information about the famous Tux the Penguin image here: http://www.isc.tamu.edu/~lewing/linux/ (I'm assuming we are talking about this image, right?) Unfortunately the "license" is very incomplete and unclear: | Feel free to do whatever you see fit with the images, you are | encouraged to integrate them into other designs that fit your need. [...] | Permission to use and/or modify this image is granted provided | you acknowledge me lew...@isc.tamu.edu and The GIMP if someone asks. I tried (back in 2005) to get in touch with Larry Ewing and persuade him that a clearer license should be granted, but I have never received any reply to my messages... You may try to contact him now: it's possible that you turn out to be luckier than me! According to http://en.wikipedia.org/wiki/Larry_Ewing his current home page is: http://lewing.org/ Maybe the e-mail address shown there is more up-to-date or appropriate... > * NETGEAR images Copyright (c) 2008- NETGEAR, Inc. All Rights Reserved. > > It doesn't explicit state which licenses these binary blobs are under > (there are four of each, two png and two jpeg). Only the tux image is > used in the binary package. If this is confirmed, then I think the best thing to do is dropping the NETGEAR images from the source package, and trying to get a GPL-compatible license for the Tux images (I suggest a simple permissive non-copyleft license: the Expat one, http://www.jclark.com/xml/copying.txt ). Bye. (And good luck with the persuasion effort for the Tux image!) -- http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt New GnuPG key, see the transition document! . Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE pgp2ppkRyzEbZ.pgp Description: PGP signature
Bug#628952: minidlna: Possible unknown copyright status of hardcoded image blobs in source code
Package: minidlna Severity: serious Justification: Policy 2.1 the source code file icons.c includes binary blobs detailing the NetGear logo and the Tux logo. While the source code is licensed under GPL2, the file in question only states following: * Penguin images are the creation of Larry Ewing (lew...@isc.tamu.edu) using The GIMP. * NETGEAR images Copyright (c) 2008- NETGEAR, Inc. All Rights Reserved. It doesn't explicit state which licenses these binary blobs are under (there are four of each, two png and two jpeg). Only the tux image is used in the binary package. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to debian-legal-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110602135911.5043.55480.report...@azaboxen.carl
