Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Stephen Gran [EMAIL PROTECTED] wrote: [...] If it is a license from the copyright holders, than the only ones who can sue Debian for distribution of sourceless GPL'ed works are, er, the people who originally gave out those works in that form. I understand there is some contention around whether this claim is accurate (and I claim no deep understanding of international copyright and contract law to make a claim for either side), but I think that is the fairly simple counter argument. [...] While fairly simple, it is totally incorrect, as public distribution in breach of copyright carries criminal liability in England, as I previously posted. See the Copyright Designs and Patents Act as amended, under the criminal liability heading. http://www.jenkins-ip.com/patlaw/cdpa1.htm I suspect most of the EU has similar law these days, although I cannot name them. By the way, we could be sued by the copyright holders of any firmware which has been reproduced without permission: that is, the copyright holders are not those issuing them under GPL. I remind aj that I am not a lawyer, but have been punished for copyright mistakes in the past, so learnt about it. -- MJR/slef My Opinion Only: see http://people.debian.org/~mjr/ Please follow http://www.uk.debian.org/MailingLists/#codeofconduct -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
MJ Ray wrote: While fairly simple, it is totally incorrect, as public distribution in breach of copyright carries criminal liability in England, as I previously posted. See the Copyright Designs and Patents Act as amended, under the criminal liability heading. http://www.jenkins-ip.com/patlaw/cdpa1.htm I suspect most of the EU has similar law these days, although I cannot name them. You're correct, there is criminal liability in most of Europe for intentional infringement of copyright. Many countries do however require the copyright holder to file charges against the infringer first. The police won't act by itself (how could they, they have no evidence of an illegal act unless the copyright holder files the accusation of distribution without a license). I do wonder, are the copyright holders of the firmware the only people with standing to sue? If the combination of firmware and GPL-licensed kernel is a derivative of the kernel, then anyone with a copyright interest in the kernel can sue for not obeying the GPL. Arnoud -- Arnoud Engelfriet, Dutch European patent attorney - Speaking only for myself Patents, copyright and IPR explained for techies: http://www.iusmentis.com/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Fri, Oct 20, 2006 at 02:10:37PM +0200, Arnoud Engelfriet wrote: MJ Ray wrote: While fairly simple, it is totally incorrect, as public distribution in breach of copyright carries criminal liability in England, as I previously posted. See the Copyright Designs and Patents Act as amended, under the criminal liability heading. http://www.jenkins-ip.com/patlaw/cdpa1.htm I suspect most of the EU has similar law these days, although I cannot name them. You're correct, there is criminal liability in most of Europe for intentional infringement of copyright. Many countries do however require the copyright holder to file charges against the infringer first. The police won't act by itself (how could they, they have no evidence of an illegal act unless the copyright holder files the accusation of distribution without a license). I do wonder, are the copyright holders of the firmware the only people with standing to sue? If the combination of firmware and GPL-licensed kernel is a derivative of the kernel, then anyone with a copyright interest in the kernel can sue for not obeying the GPL. Please check past debian-legal discussion about this. IANAL and everything, but all times we discussed the issue the opinion that prevaled, was that the firmware do not constitute a derivative work of the kernel, in the same way that if the firmware is contained in a flash on the card, it does not constitute a derivative work of the kernel, and in the same way a free compressor which can generate compressed archive with builtin uncompressor binaries, is not a derivative work of the compressed files it contains. More arguments on this can be found in the list archive. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On 10/17/06 15:06, Anthony Towns wrote: On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. I agree. Out of curiosity, I asked my corporate consul about rendering advice on this issue for which he estimated $2500 to start (which would probably be $5k total). This is a corporate attorney who already has some understand of Linux. So, that's one ballpark estimate of what it would cost to get real advice. Based on my previous experiences with copyright, trademark corporate legal issues, my _guess_ would be that the resulting advise would first be based on the side of the actions of the larger corporations. Then, secondly, based on the assumption of good faith intentions of the linux kernel authors developers. In other words, because (as far as the kernel developers and authors can determine) they are acting in good faith by giving the software to Debian in a legal way, Debian is also acting in good faith. Better still, since corporations like Redhat, Novell and (with it's behemoth legal team) IBM also distribute this same software, your legal chances are outstandingly good. As I'm not a lawyer, my experience was to be given the legal advice and then have to decide what to do. One poignant example was when Bill Gates' corporate attorney for Corbis threatened linux/ppc with copyright infringement over the use of the Rosie the Riveter image. That was interesting. In this kernel firmware issue, if the authors of this sourceless firmware threatened Debian (Qlogic, etc), then you would have to decide what to do. In my case, I chose to not honor Corbis' copyright claim and refused to pay the the royalties they asked for. It seemed like there was a good chance that their copyright claim was invalid. You have to decide if you should fight or fold. In the end, it cost me nothing to fight. They gave up rather easy after a few entertaining phone calls. Realistically, Qlogic (or any of the other companies in question here) threatening Debian, the whole free software world the applicable companies over copyright infringement of a file they knowingly released is similar to poking yourself in the eye with a fork. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
This one time, at band camp, Don Armstrong said: On Wed, 18 Oct 2006, Anthony Towns wrote: On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. That should be abundantly apparent to anyone who has been paying attention. Regardless, it doesn't dismiss the crux of the argument: baring competent legal advice to the contrary,[1] distributing sourceless GPLed works is not clear of legal liability. Doing otherwise may put ourselves and our mirror operators in peril. I think the argument here revolves around whether the GPL is a contract to our users, or a license from the copyright holders. If it is a license from the copyright holders, than the only ones who can sue Debian for distribution of sourceless GPL'ed works are, er, the people who originally gave out those works in that form. I understand there is some contention around whether this claim is accurate (and I claim no deep understanding of international copyright and contract law to make a claim for either side), but I think that is the fairly simple counter argument. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Wed, 18 Oct 2006 13:06:19 +0100 Stephen Gran wrote: This one time, at band camp, Don Armstrong said: [...] baring competent legal advice to the contrary,[1] distributing sourceless GPLed works is not clear of legal liability. Doing otherwise may put ourselves and our mirror operators in peril. I think the argument here revolves around whether the GPL is a contract to our users, or a license from the copyright holders. If it is a license from the copyright holders, than the only ones who can sue Debian for distribution of sourceless GPL'ed works are, er, the people who originally gave out those works in that form. I understand there is some contention around whether this claim is accurate (and I claim no deep understanding of international copyright and contract law to make a claim for either side), but I think that is the fairly simple counter argument. How so? Let's assume that *only* copyright holders can sue the Debian Project and mirror operators (whether this is true or false is irrelevant for this discussion). What makes you think that every and each copyright holder acted in good faith when started to distribute firmware under the terms of the GNU GPL v2, while keeping the source code secret? Some copyright holder could be deliberately preparing a trap, in order to be able to sue at whim, whenever he decides he wants to. Moreover, maybe the undistributability could be intended: some copyright holder could have intentionally chosen the GNU GPL v2, while retaining source code, in order to be the *only one* legally allowed to distribute that firmware (you know, forcing users to visit his website and stuff like that...). Or even worse, who says that the copyright holder is actually aware that the firmware is distributed inside a GPL'd driver? In some cases, the firmware blob could be included in the driver without retaining proper copyright and permission notices. The blob could *appear* to be GPL'd, while it's not. Hope that helps. -- But it is also tradition that times *must* and always do change, my friend. -- from _Coming to America_ . Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4 pgpR2Y3Eojese.pgp Description: PGP signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Francesco Poli writes: What makes you think that every and each copyright holder acted in good faith when started to distribute firmware under the terms of the GNU GPL v2, while keeping the source code secret? Some copyright holder could be deliberately preparing a trap, in order to be able to sue at whim, whenever he decides he wants to. If the prospective plaintiff is the person who submitted opaque or object code, the relevant affirmative defense here is called estoppel. Pick your favorite form of estoppel -- several apply. Other copyright holders could sue with at least a colorable position, but not the one who added the sourceless code in the first place. Michael Poole -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
The answer to the question in the subject is simple: NO. This is a matter of copyright law. If we do not have permission to distribute, it is illegal to distribute. GPL grants permission to distribute *only* if we distribute source. So, GPLed sourceless == NO PERMISSON. I will list the usual caveats so that nobody else brings them up. (1) Obviously if we have an alternate license (dual-licensing) which doesn't require source we can use that license. (2) If the material is so trivial it is uncopyrightable we can obviously distribute it. (The classic example is CRC tables, which contain no creative content beyond the CRC polynomial which is generally public domain.) Likewise if it was published prior to 1988 in the US without copyright notices, or is in the public domain for some other reason. (3) If the copyright holder for the firmware donated the firmware to Linux with the understanding that it would be redistributed by Debian and other distributors, this may constitute an implicit license to distribute. This would be a case of dual-licensing, but an unpleasant one because we'd be relying on an *implied* license. This requires tracing down the donation of the material to the Linux kernel and ascertaining the state of mind of the donor (perhaps by reading press releases). This clearly applies only to some of the firmware; other pieces have no such 'paper trail'. Also, this implicit license *does not* include a license to modify, because I've never seen any indication that any firmware donor intended that their firmware be modified. (4) If the hex lumps really are the preferred form for modification, then we have the source and this is not a case of 'sourceless firmware'. I have not yet seen a case where there is any evidence that this is true. It is, however, theoretically possible. If the firmware author came forward and said Yes, that's the form in which we modify the firmware, this would be the case. Sven Luther wrote: Hi debian-legal, ... It seems the firmware kernel issue has reached a deadpoint, as there is some widely different interpretation of the meaning of the GPL over sourceless code. For some background, the kernel/firmware wiki page includes both a proposed GR, the draft position statement by the kernel team, as well as an analysis of how we stand : http://wiki.debian.org/KernelFirmwareLicensing. But this is beside the point. The real problem is that there are a certain amount of firmware in the kernel, embedded in the drivers, which have no license notice whatsoever, and as thus fall implicitly under the common GPL license of the linux kernel. The audit from Larry lists some 40+ such firmware blobs. Actually, I have to split this into two categories: * hex lumps explicitly licensed under the GPL by the copyright holder (e100 for instance) * hex lumps with no license notice - these may be implicitly under the common GPL license for the kernel - but they may also be present inappropriately, with stripped copyright notices and no license at all, if they were inserted into the kernel by someone other than the copyright holder. This has happened at least once already. There is some claims that some of those blobs represent just register dumps, but even then one could argue that the hex blobs doesn't in any way represent the prefered form of modification, but rather some kind of register name/number and value pair. (Well, perhaps the registers are numbered 0,1,2,3,4,5... and the values are listed in that order) So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, This is a case of the RMs not thinking clearly, perhaps. while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. Yep. Since i am seen as not trusthy to analyze such problems, i think to deblock this situation, it would be best to have a statement from debian-legal to back those claims (or to claim i am wrong in the above). Friendly, Sven Luther -- Nathanael Nerode [EMAIL PROTECTED] Bush admitted to violating FISA and said he was proud of it. So why isn't he in prison yet?... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. This is a matter of copyright law. If we do not have permission to distribute, it is illegal to distribute. GPL grants permission to distribute *only* if we distribute source. So, GPLed sourceless == NO PERMISSON. I will list the usual caveats so that nobody else brings them up. (1) Obviously if we have an alternate license (dual-licensing) which doesn't require source we can use that license. (2) If the material is so trivial it is uncopyrightable we can obviously distribute it. (The classic example is CRC tables, which contain no creative content beyond the CRC polynomial which is generally public domain.) Likewise if it was published prior to 1988 in the US without copyright notices, or is in the public domain for some other reason. (3) If the copyright holder for the firmware donated the firmware to Linux with the understanding that it would be redistributed by Debian and other distributors, this may constitute an implicit license to distribute. This would be a case of dual-licensing, but an unpleasant one because we'd be relying on an *implied* license. This requires tracing down the donation of the material to the Linux kernel and ascertaining the state of mind of the donor (perhaps by reading press releases). This clearly applies only to some of the firmware; other pieces have no such 'paper trail'. Also, this implicit license *does not* include a license to modify, because I've never seen any indication that any firmware donor intended that their firmware be modified. (4) If the hex lumps really are the preferred form for modification, then we have the source and this is not a case of 'sourceless firmware'. I have not yet seen a case where there is any evidence that this is true. It is, however, theoretically possible. If the firmware author came forward and said Yes, that's the form in which we modify the firmware, this would be the case. Thanks Nerode for this complete reply. It seems thay 3) is probably the best way we have to be able to distribute sourceless de-facto GPLed firmwares, but as you say, it will be a mess. I suppose the firmwares resolutions, both the one voted, and the one i proposed, both allow to include those firmwares into main under these conditions, for etch only, altough the resolution voted upon is probably much less clear in its wording. It is regretable that Manoj losed patience suddenly after more than a month an a half of discussing the issues. But we will see. I think we all now await impatiently the statement of the RMs on what will happend with the tg3 and acenic firmwares, and if we need a new vote or not. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. Cheers, aj signature.asc Description: Digital signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Wed, 18 Oct 2006, Anthony Towns wrote: On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. That should be abundantly apparent to anyone who has been paying attention. Regardless, it doesn't dismiss the crux of the argument: baring competent legal advice to the contrary,[1] distributing sourceless GPLed works is not clear of legal liability. Doing otherwise may put ourselves and our mirror operators in peril. Don Armstrong 1: And frankly, I'd be suspicious of the source of any legal advice claiming that violating the letter of the GPL was something that could be done without any concern for liability. -- I now know how retro SCOs OSes are. Riotous, riotous stuff. How they had the ya-yas to declare Linux an infant OS in need of their IP is beyond me. Upcoming features? PAM. files larger than 2 gigs. NFS over TCP. The 80's called, they want their features back. -- Compactable Dave http://www3.sympatico.ca/dcarpeneto/sco.html http://www.donarmstrong.com http://rzlab.ucr.edu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Tue, Oct 17, 2006 at 03:35:26PM -0700, Don Armstrong wrote: On Wed, 18 Oct 2006, Anthony Towns wrote: On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. That should be abundantly apparent to anyone who has been paying attention. Regardless, it doesn't dismiss the crux of the argument: baring competent legal advice to the contrary,[1] distributing sourceless GPLed works is not clear of legal liability. Doing otherwise may put ourselves and our mirror operators in peril. So what? Distributing GPL works *with* sources is also not clear of legal liability. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com signature.asc Description: Digital signature
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Anthony Towns wrote: On Tue, Oct 17, 2006 at 03:49:25PM -0400, Nathanael Nerode wrote: The answer to the question in the subject is simple: NO. Thankyou for your opinion. I note you seemed to neglect to mention that you're not a lawyer. Yes, I'm not a lawyer. Do not rely on anything I say as a legal opinion. Even if I *were* a lawyer, my postings here would not constitute legal advice. Please, I don't want to be sued for practicing law without a license! I'm just describing what little I've learned, which is far more than I should have to know under a sane copyright law system. :-/ Actually, you're the frickin' DPL. Go get a real legal opinion already. Call SPI's lawyer. I will be extremely surprised if he says Yeah, sure, this stuff is totally legal to distribute, but who knows? Cheers, aj -- Nathanael Nerode [EMAIL PROTECTED] Bush admitted to violating FISA and said he was proud of it. So why isn't he in prison yet?... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On 10/6/06, MJ Ray [EMAIL PROTECTED] wrote: I'd defer to Larry Doolittle on this one, but I think unless we have some reason to think there is another form used as source code, it's fine to consider the only codes our source code - for all we know, it was written that way. Best of all would be to get clarifications of what type each firmware is, but I doubt that's easy in all cases. However, if we strongly suspect that we don't have a valid permission to modify, distribute and so on, run a mile. I'd like to note a message[1] by Frank Küster concerning this on debian-vote which wasn't posted to debian-legal. A quote from that message: : In making the list, I left off all cases where I had any doubt. : I am not perfect, but I have plenty of experience using and writing : firmware of many kinds. I would be very surprised if any of the : listed firmware is not derived from a human-legible design file of : one form or another. : : So while it is perhaps a polite excuse that we don't know for sure : if these thousands of bytes of hex code were ever compiled from source, : no sane person would bet against it. (And my answer[2] was that IMHO it's not a polite excuse but a blatant attempt to knowingly violate the copyright law without actually admitting the violation.) [1] http://lists.debian.org/debian-vote/2006/10/msg00090.html [2] http://lists.debian.org/debian-vote/2006/10/msg00102.html -- Markus Laire
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Fri, Oct 06, 2006 at 11:18:09AM +0300, Markus Laire wrote: On 10/6/06, MJ Ray [EMAIL PROTECTED] wrote: I'd defer to Larry Doolittle on this one, but I think unless we have some reason to think there is another form used as source code, it's fine to consider the only codes our source code - for all we know, it was written that way. Best of all would be to get clarifications of what type each firmware is, but I doubt that's easy in all cases. However, if we strongly suspect that we don't have a valid permission to modify, distribute and so on, run a mile. I'd like to note a message[1] by Frank Küster concerning this on That message was from Larry, not Frank, since it was Larry who did the original audit, and listed relevant information on his web site, mirrored at : http://wiki.debian.org/KernelFirmwareLicensing#head-93ba883132bc3ebc09131100ec6bb6fbfb5e3e61 debian-vote which wasn't posted to debian-legal. A quote from that message: : In making the list, I left off all cases where I had any doubt. : I am not perfect, but I have plenty of experience using and writing : firmware of many kinds. I would be very surprised if any of the : listed firmware is not derived from a human-legible design file of : one form or another. : : So while it is perhaps a polite excuse that we don't know for sure : if these thousands of bytes of hex code were ever compiled from source, : no sane person would bet against it. (And my answer[2] was that IMHO it's not a polite excuse but a blatant attempt to knowingly violate the copyright law without actually admitting the violation.) [1] http://lists.debian.org/debian-vote/2006/10/msg00090.html [2] http://lists.debian.org/debian-vote/2006/10/msg00102.html Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Thu, Oct 05, 2006 at 07:09:53AM -0700, Steve Langasek wrote: It is not reasonable for the project to vote on questions of legality, nor is it appropriate to rely on debian-legal for questions of legality. If the May I remind that debian-legal is a mailing list ? relevant delegates/maintainers have questions about the legality of distributing a particular piece of software, they should consult a lawyer. Since they will have to make this determination for Etch anyway, would not be useful to do that as soon as possible ? This way illegal firmwares could be removed sooner and the discussion could focus on the remaining one. Cheers, -- Bill. [EMAIL PROTECTED] Imagine a large red swirl here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Wed, Oct 04, 2006 at 10:28:20AM +0200, Sven Luther wrote: There is some claims that some of those blobs represent just register dumps, This is a strawman, and Sven knows this as I have told him quite plainly that this is not my claim. So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, This is a red herring. The *relevant* claim I have made is that it is inappropriate to use our GR mechanism to attempt to *decide* whether GPLed drivers cause a distribution problem. The release team, the ftp team, and I suspect even most of the kernel team have no interest in a GR that authorizes any distribution of software which it at the same time asserts is illegal. It is not reasonable for the project to vote on questions of legality, nor is it appropriate to rely on debian-legal for questions of legality. If the relevant delegates/maintainers have questions about the legality of distributing a particular piece of software, they should consult a lawyer. Sven is incongruously insisting both that these firmware blobs must be included in etch, *and* that they're illegal to distribute. This is nonsense; trying to convince the release team and the ftp team that these are illegal to distribute is contrary to his stated goal of including maximum hardware support in etch. He can't have it both ways, because no GR can compel the release team or the ftp team to knowingly break the law. while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. I have previously given my own understanding of why it is not a problem for us to distribute GPLed firmware blobs pending license clarifications, but I don't see any indication that Sven is interested in understanding that POV, only in tilting at strawmen; so I don't intend to lose any more time on discussing this point beyond this single clarification email. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Thu, Oct 05, 2006 at 07:09:53AM -0700, Steve Langasek wrote: On Wed, Oct 04, 2006 at 10:28:20AM +0200, Sven Luther wrote: There is some claims that some of those blobs represent just register dumps, This is a strawman, and Sven knows this as I have told him quite plainly that this is not my claim. Where did i say it was your claim ? And what exactly do you claim, your position on this, or at least the way you communicated your position has been changing all over, which makes reaching a consensus with you as was the intention of the DPL quite damn hard. So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, This is a red herring. The *relevant* claim I have made is that it is inappropriate to use our GR mechanism to attempt to *decide* whether GPLed drivers cause a distribution problem. The release team, the ftp team, and I suspect even most of the kernel team have no interest in a GR that authorizes any distribution of software which it at the same time asserts is illegal. Please read the new wording of the proposal on : http://wiki.debian.org/KernelFirmwareLicensing It should take care of all problems regarding your fears, but then, i guess nobody cares about my proposals, because they come from me, right ? It is not reasonable for the project to vote on questions of legality, nor is it appropriate to rely on debian-legal for questions of legality. If the relevant delegates/maintainers have questions about the legality of distributing a particular piece of software, they should consult a lawyer. Yeah, but it is ok for you to say we won't distribute illegal to distribute firmwares, while at the same time distributing firmware illegaly. As long as we don't say it, everything is fine, right ? Sven is incongruously insisting both that these firmware blobs must be included in etch, *and* that they're illegal to distribute. This is No, i believe in being honest and saying things like they are. But this is clearly a position which is not welcome in debian these days, and which needs even to be shuted down by aggresive bashing. nonsense; trying to convince the release team and the ftp team that these are illegal to distribute is contrary to his stated goal of including maximum hardware support in etch. He can't have it both ways, because no GR can compel the release team or the ftp team to knowingly break the law. Why do you want a GR then, why did you lose everyone's time by starting this huge threads, while the kernel team was working on a good and consensual proposal, which you didn't want to participate in, and hurried your own proposal out the door, with the result we know ? while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. I have previously given my own understanding of why it is not a problem for us to distribute GPLed firmware blobs pending license clarifications, but I don't see any indication that Sven is interested in understanding that POV, only in tilting at strawmen; so I don't intend to lose any more time on discussing this point beyond this single clarification email. Yeah, because an opponent doesn't agree with you, you don't discuss his argument, but try to bring him down by dirty methods and FUD. I wonder if you are in connivance with Frans's new bashing against me, or if that was just coincidence. Hurt, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Steve Langasek [EMAIL PROTECTED] wrote: The *relevant* claim I have made is that it is inappropriate to use our GR mechanism to attempt to *decide* whether GPLed drivers cause a distribution problem. The release team, the ftp team, and I suspect even most of the kernel team have no interest in a GR that authorizes any distribution of software which it at the same time asserts is illegal. Thank you for making this claim public on this list (where it belongs). I think it's an important point, and if you've already said this to Sven some time ago in a different medium, then I understand the reactions of some people towards him. I have previously given my own understanding of why it is not a problem for us to distribute GPLed firmware blobs pending license clarifications, but I don't see any indication that Sven is interested in understanding that POV, only in tilting at strawmen; so I don't intend to lose any more time on discussing this point beyond this single clarification email. It has already clarified much, and since I personally trust you, I don't insist on your repeating the explanation. However, I'd like to point out that other people are trying to follow this discussion, too. I don't think that your previous explanation was posted to -vote, which IMHO is the relevant list for such discussions. I feel it's particularly hard this time to follow the discussion; with no other GR have there been so many this has been said elsewhere (where? IRC?) statements by so many people, without trying to sum up on a web page or similar. Regards, Frank -- Frank Küster Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich Debian Developer (teTeX/TeXLive)
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Sven Luther [EMAIL PROTECTED] wrote: Hi debian-legal, ... I've trimmed -release, as luk suggested it's unwelcome there. [...] The real problem is that there are a certain amount of firmware in the kernel, embedded in the drivers, which have no license notice whatsoever, and as thus fall implicitly under the common GPL license of the linux kernel. The audit from Larry lists some 40+ such firmware blobs. There is some claims that some of those blobs represent just register dumps, but even then one could argue that the hex blobs doesn't in any way represent the prefered form of modification, but rather some kind of register name/number and value pair. So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. I'd defer to Larry Doolittle on this one, but I think unless we have some reason to think there is another form used as source code, it's fine to consider the only codes our source code - for all we know, it was written that way. Best of all would be to get clarifications of what type each firmware is, but I doubt that's easy in all cases. However, if we strongly suspect that we don't have a valid permission to modify, distribute and so on, run a mile. Since i am seen as not trusthy to analyze such problems, i think to deblock this situation, it would be best to have a statement from debian-legal to back those claims (or to claim i am wrong in the above). debian-legal is a mailing list. It is not easy for it to make a statement itself. Hope that helps, -- MJR/slef My Opinion Only: see http://people.debian.org/~mjr/ Please follow http://www.uk.debian.org/MailingLists/#codeofconduct -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Hi debian-legal, ... It seems the firmware kernel issue has reached a deadpoint, as there is some widely different interpretation of the meaning of the GPL over sourceless code. For some background, the kernel/firmware wiki page includes both a proposed GR, the draft position statement by the kernel team, as well as an analysis of how we stand : http://wiki.debian.org/KernelFirmwareLicensing. But this is beside the point. The real problem is that there are a certain amount of firmware in the kernel, embedded in the drivers, which have no license notice whatsoever, and as thus fall implicitly under the common GPL license of the linux kernel. The audit from Larry lists some 40+ such firmware blobs. There is some claims that some of those blobs represent just register dumps, but even then one could argue that the hex blobs doesn't in any way represent the prefered form of modification, but rather some kind of register name/number and value pair. So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. Since i am seen as not trusthy to analyze such problems, i think to deblock this situation, it would be best to have a statement from debian-legal to back those claims (or to claim i am wrong in the above). Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Sven Luther [EMAIL PROTECTED] wrote: So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. When Debian distributes kernel binaries, Debian makes use of clause 3a (accompany with source code), not 3b (written offer) or 3c (pass on written offer). So source has to accompany everything, even if no one is asking. Debian may decide to make a policy decision that the chances of anyone getting sued are slim. That is presumably what Red Hat etc. are doing. Red Hat's risk profile is a bit different, in that Red Hat would probably be sued directly, while it is more likely that Debian's mirrors and CD distributors would be the target of a lawsuit (and not, for example, the ftpmasters). Cheers, Walter Landry [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
Walter Landry [EMAIL PROTECTED] wrote: Sven Luther [EMAIL PROTECTED] wrote: So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. When Debian distributes kernel binaries, Debian makes use of clause 3a (accompany with source code), not 3b (written offer) or 3c (pass on written offer). So source has to accompany everything, even if no one is asking. Well, I think Sven didn't make the point of disagreement clear. It is whether what in the course of the GR's has been called sourceless firmware is in fact sourceless. If I understood Anthony Towns correctly, the ftpmasters and many others want to give those drives the benefit of doubt and assume that they aren't sourceless, but are, e.g., just dumps of unnamed registers and therefore the preferred form for modification. After all, they were what was given to the kernel people when the driver was released as .c and .h files under the GPL. So the real question is whether we want to do that, whether in the particular cases there's in fact any doubt, etc. Regards, Frank -- Frank Küster Single Molecule Spectroscopy, Protein Folding @ Inst. f. Biochemie, Univ. Zürich Debian Developer (teTeX/TeXLive)
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Wed, Oct 04, 2006 at 09:31:27PM +0200, Frank Küster wrote: Walter Landry [EMAIL PROTECTED] wrote: Sven Luther [EMAIL PROTECTED] wrote: So, the RMs are making claims that those sourceless GPLed drivers don't cause any kind of distribution problem, while i strongly believe that the GPL clause saying that all the distribution rights under the GPL are lost if you cannot abide by all points, including the requirement for sources. When Debian distributes kernel binaries, Debian makes use of clause 3a (accompany with source code), not 3b (written offer) or 3c (pass on written offer). So source has to accompany everything, even if no one is asking. Well, I think Sven didn't make the point of disagreement clear. It is whether what in the course of the GR's has been called sourceless firmware is in fact sourceless. If I understood Anthony Towns correctly, the ftpmasters and many others want to give those drives the benefit of doubt and assume that they aren't sourceless, but are, e.g., just dumps of unnamed registers and therefore the preferred form for modification. After all, they were what was given to the kernel people when the driver was released as .c and .h files under the GPL. Indeed, but even in the case of pure register dumps, there is no way the actual firmware blob in the current kernel constitutes the preferred form of modification. That said, it is my experience that more often than not, those firmware blobs are indeed code, especially when one talks about a device with an embedded mips core for example. We could try to do a determination firmware by firmware, depending on its size and stuff like that, but we are particularly trying to postpone this work post-etch. So the real question is whether we want to do that, whether in the particular cases there's in fact any doubt, etc. The ftp-master position has always been one of erring on the side of caution though. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Kernel Firmware issue: are GPLed sourceless firmwares legal to distribute ?
On Wed, Oct 04, 2006 at 09:31:27PM +0200, Frank Küster wrote: So the real question is whether we want to do that, whether in the particular cases there's in fact any doubt, etc. A quick survey based on the size of the firmware blobs suggests 1/3 of them may be register dumps, while 2/3 are most probably code. That makes a bit less than 30 problematic ones. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]