Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
On Thu, 15 Jun 2017 13:52:04 -0700, Brendan || Lyn Perrine wrote: >On Thu, 15 Jun 2017 16:17:53 + aconcernedfoss...@airmail.cc wrote: >> Oh exaulted one, I am so sorry to have wasted your inbox space. >> You see we all live for you, exalted aryan queen! Hi, should we tolerate the above tone of voice from an anonymous disposable email account? We all make mistakes, but we are using our real names and/or identifiable email accounts. >I personally care about gpl enforcement but am a bit too broke right >now to donate money and do not possess the social skills to be in a >courtroom nor do I personally have any code in the linux kernel. It's not my domain, but seemingly Ubuntu provides AppArmor and no GRSecurity at all. However, the problem with this person aren't the concerns. It's the tone of voice and that there isn't an evidence for a violation. Regards, Ralf -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
On Thu, 15 Jun 2017 16:17:53 + aconcernedfoss...@airmail.cc wrote: > Oh exaulted one, I am so sorry to have wasted your inbox space. > You see we all live for you, exalted aryan queen! > > Some of us care about the legal aspects of "copyleft". > Without enforcement there is no reason for anyone to contribute to > linux. > There is a simple trade: we trade our labor for your labor. > > > On 2017-06-15 16:05, J wrote: > > On Thu, Jun 15, 2017 at 11:58 AM, W Stacy Lockwood > > wrote: > >> Did you not see Liam's reply, or do you just want to add nothing but > >> noise > >> to this list? > > > > Given the repeated spamming the list, the cross posting, and replying > > on this list to response external to this list (oh the joys of > > crossposting), can we just chuck this account into a moderation bin > > and let him/her rant into a bit bucket? > > > > I'm on both the Ubuntu lists, so I'm getting these double... yes, I > > can filter this myself, but that doesn't help the larger group... > > > >> On Jun 15, 2017 10:51, wrote: > >>> > >>> It's an obvious blatant violation. He is not allowed to add > >>> additional > >>> terms, but being a "clever" programmer it seems that he has decided > >>> that > >>> because the additional term that he (and seemingly PaxTeam) has > >>> imposed is > >>> not written within the four corners of license grant document but > >>> instead is > >>> communicated in some other way that "doesn't make it an > >>> additional > >>> term" and he has cleverly circumvented the linux copyright > >>> terms, which obviously is not the case but other random > >>> programmers will > >>> argue and swear it's fine till hell freezes over and get very angry > >>> when > >>> someone with a legal background informs them otherwise. > >>> > >>> I think many people are not aware of the violation because it's only > >>> been > >>> a month since GRSecurity pulled the sourcecode: it was almost a moot > >>> point > >>> before then with no real damage. Such is no-longer the case. > >>> > >>> On 2017-06-15 15:43, Greg KH wrote: > > On Thu, Jun 15, 2017 at 03:34:06PM +, > aconcernedfoss...@airmail.cc > wrote: > > > > Why does no one care that Brad Spengler of GRSecurity is blatantly > > violating > > the intention of the rightsholders to the Linux Kernel? > > He is also violating the license grant, Courts would not be fooled > > by > > his > > scheme to prevent redistribution. > > > > The license grant the Linux Kernel is distributed under disallows > > the > > imposition of additional terms. The making of an understanding that > > the > > derivative work must not be redistributed (lest there be > > retaliation) is > > the > > imposition of an additional term. The communication of this threat > > is > > the > > moment that GRSecurity violates the license grant. Thence-forth > > modification, making of derivative works, and distribution of such > > is a > > violation of the Copyright statute. The concoction of the > > transparent > > scheme > > shows that it is a willful violation, one taken in full knowledge > > by > > GRSecurity of the intention of the original grantor. > > > If you feel that what they are doing is somehow violating your > copyright > on the Linux kernel, then you have the right to take legal action if > you > so desire. To tell others what to do, however, is not something > that > usually gets you very far in the world. > > Best of luck! > > greg k-h > >>> > >>> > >>> -- > >>> ubuntu-users mailing list > >>> ubuntu-us...@lists.ubuntu.com > >>> Modify settings or unsubscribe at: > >>> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users > >> > >> > >> -- > >> ubuntu-users mailing list > >> ubuntu-us...@lists.ubuntu.com > >> Modify settings or unsubscribe at: > >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users > >> > > -- > Ubuntu-devel-discuss mailing list > Ubuntu-devel-discuss@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss This statement needs to be false or else it violates the gpl in my mind as it limits the reasons people want to contriubte. Telling people there reason for contributing does not exist will not make you many friends either. I personally contribute because it gives me a sense of service in life I do not expect to be recompensed that much provided I can have enough food to survive and an internet connection. I personally care about gpl enforcement but am a bit too broke right now to donate money and do not possess the social skills to be in a courtroom nor do I personally have any code in the linux kernel. -- Lyn Perrine -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
I'm listening to your responses, and responding myself. You call me a spammer. Which is a libel. Would you like me to file over it? On 2017-06-15 16:05, Wade Smart wrote: Whoever this person is, not only is s/he spamming multiple lists here, there are several over lists where Im getting the same emails but from a different address. Clearly not listing to any responses, just a spammer with an agenda. -- Registered Linux User: #480675 Registered Linux Machine: #408606 Linux since June 2005 -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
Nice vally-girl yawn. Because you are not interested in legal matters vis a vis GRSecurity, no one should be and the discussion should be censored You're a real piece of work, you know. A real piece of work. So I ask the question again: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? Why does no one care that Brad Spengler (seemingly aswell as PaxTeam) of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? He is also violating the license grant, Courts would not be fooled by his scheme to prevent redistribution. The license grant the Linux Kernel is distributed under disallows the imposition of additional terms. The making of an understanding that the derivative work must not be redistributed (lest there be retaliation) is the imposition of an additional term. The communication of this threat is the moment that GRSecurity violates the license grant. Thence-forth modification, making of derivative works, and distribution of such is a violation of the Copyright statute. The concoction of the transparent scheme shows that it is a willful violation, one taken in full knowledge by GRSecurity of the intention of the original grantor. Why does not one person here care? Just want to forget what holds Libre Software together and go the way of BSD? (Note: last month the GRSecurity Team removed the public testing patch, they prevent the distribution of the patch by paying customers by a threat of no further business: they have concocted a transparent scheme to make sure the intention of the Linux rights-holders (thousands of entities) are defeated) (This is unlike RedHat who do distribute their patches in the form the rights-holders prefer: source code, RedHat does not attempt to stymie the redistribution of their derivative works, GRSecurity does.). -- ( This song is about GRSecurity's violation of Linus et al's copyright**: www.youtube.com/watch?v=CYnhI3wUej8 (A Boat Sails Away 2016 17) ) On 2017-06-15 16:05, J wrote: On Thu, Jun 15, 2017 at 11:58 AM, W Stacy Lockwood wrote: Did you not see Liam's reply, or do you just want to add nothing but noise to this list? Given the repeated spamming the list, the cross posting, and replying on this list to response external to this list (oh the joys of crossposting), can we just chuck this account into a moderation bin and let him/her rant into a bit bucket? I'm on both the Ubuntu lists, so I'm getting these double... yes, I can filter this myself, but that doesn't help the larger group... On Jun 15, 2017 10:51, wrote: It's an obvious blatant violation. He is not allowed to add additional terms, but being a "clever" programmer it seems that he has decided that because the additional term that he (and seemingly PaxTeam) has imposed is not written within the four corners of license grant document but instead is communicated in some other way that "doesn't make it an additional term" and he has cleverly circumvented the linux copyright terms, which obviously is not the case but other random programmers will argue and swear it's fine till hell freezes over and get very angry when someone with a legal background informs them otherwise. I think many people are not aware of the violation because it's only been a month since GRSecurity pulled the sourcecode: it was almost a moot point before then with no real damage. Such is no-longer the case. On 2017-06-15 15:43, Greg KH wrote: On Thu, Jun 15, 2017 at 03:34:06PM +, aconcernedfoss...@airmail.cc wrote: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? He is also violating the license grant, Courts would not be fooled by his scheme to prevent redistribution. The license grant the Linux Kernel is distributed under disallows the imposition of additional terms. The making of an understanding that the derivative work must not be redistributed (lest there be retaliation) is the imposition of an additional term. The communication of this threat is the moment that GRSecurity violates the license grant. Thence-forth modification, making of derivative works, and distribution of such is a violation of the Copyright statute. The concoction of the transparent scheme shows that it is a willful violation, one taken in full knowledge by GRSecurity of the intention of the original grantor. If you feel that what they are doing is somehow violating your copyright on the Linux kernel, then you have the right to take legal action if you so desire. To tell others what to do, however, is not something that usually gets you very far in the world. Best of luck! greg k-h -- ubuntu-users mailing list ubuntu-u
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
Oh exaulted one, I am so sorry to have wasted your inbox space. You see we all live for you, exalted aryan queen! Some of us care about the legal aspects of "copyleft". Without enforcement there is no reason for anyone to contribute to linux. There is a simple trade: we trade our labor for your labor. On 2017-06-15 16:05, J wrote: On Thu, Jun 15, 2017 at 11:58 AM, W Stacy Lockwood wrote: Did you not see Liam's reply, or do you just want to add nothing but noise to this list? Given the repeated spamming the list, the cross posting, and replying on this list to response external to this list (oh the joys of crossposting), can we just chuck this account into a moderation bin and let him/her rant into a bit bucket? I'm on both the Ubuntu lists, so I'm getting these double... yes, I can filter this myself, but that doesn't help the larger group... On Jun 15, 2017 10:51, wrote: It's an obvious blatant violation. He is not allowed to add additional terms, but being a "clever" programmer it seems that he has decided that because the additional term that he (and seemingly PaxTeam) has imposed is not written within the four corners of license grant document but instead is communicated in some other way that "doesn't make it an additional term" and he has cleverly circumvented the linux copyright terms, which obviously is not the case but other random programmers will argue and swear it's fine till hell freezes over and get very angry when someone with a legal background informs them otherwise. I think many people are not aware of the violation because it's only been a month since GRSecurity pulled the sourcecode: it was almost a moot point before then with no real damage. Such is no-longer the case. On 2017-06-15 15:43, Greg KH wrote: On Thu, Jun 15, 2017 at 03:34:06PM +, aconcernedfoss...@airmail.cc wrote: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? He is also violating the license grant, Courts would not be fooled by his scheme to prevent redistribution. The license grant the Linux Kernel is distributed under disallows the imposition of additional terms. The making of an understanding that the derivative work must not be redistributed (lest there be retaliation) is the imposition of an additional term. The communication of this threat is the moment that GRSecurity violates the license grant. Thence-forth modification, making of derivative works, and distribution of such is a violation of the Copyright statute. The concoction of the transparent scheme shows that it is a willful violation, one taken in full knowledge by GRSecurity of the intention of the original grantor. If you feel that what they are doing is somehow violating your copyright on the Linux kernel, then you have the right to take legal action if you so desire. To tell others what to do, however, is not something that usually gets you very far in the world. Best of luck! greg k-h -- ubuntu-users mailing list ubuntu-us...@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users -- ubuntu-users mailing list ubuntu-us...@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
their customer restriction "you can redistribute this code, but if you do we will on longer provide you with updates" does not change that. That is the imposition of an additional term, a court would not be amused by the programmers claim it's fine because he didn't ink it into the copy of the license he distributed the code with. The court would not be blind to the effect and the intention. The law has dealt with transparent schemes like this for hundreds of years, and within copyright for about a century (but much longer within contract law). There should be a joint action. On 2017-06-15 15:58, Rik van Riel wrote: On Thu, 2017-06-15 at 15:34 +, aconcernedfoss...@airmail.cc wrote: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? He is also violating the license grant, Courts would not be fooled by his scheme to prevent redistribution. Right now there are a few million systems that use grsecurity, and over a billion systems that are not protected by grsecurity functionality. Removing grsecurity from the community has been an impetus to finally get the grsecurity functionality into the upstream kernel, where it can benefit the billion systems that do not have it today. Why does not one person here care? Just want to forget what holds Libre Software together and go the way of BSD? What holds Linux together is community. The license is one of many aspects to that community, but far from the only one. GRSecurity has been outside of the community for years, and their customer restriction "you can redistribute this code, but if you do we will on longer provide you with updates" does not change that. Having the remaining developers who are interested in hardening work on getting more functionality upstream, now that the grsecurity patches are no longer available to non-customers, is likely a good thing for everybody. Want to help out? Join us in ##linux-hardening on irc.freenode.net. kind regards, Rik van Riel -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
If Mr Spengler would like to market a non-re-distributable hardened kernel, he can write his own kernel from scratch. Currently he is marketing a non-redistributable derivative work of the Linux Kernel. He prevents customers of his from redistributing the derivative work by threatening a non-renewal of whatever contract exists between his company and the customers. This scheme has been successful. That is certainly the imposition of an additional term, which the Linux licensing terms forbid, when he imposed that additional term on his clients he violated the licensing terms and has no right to even modify the linux kernel from that point forward. On 2017-06-15 15:53, Casey Schaufler wrote: On 6/15/2017 8:34 AM, aconcernedfoss...@airmail.cc wrote: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? He is also violating the license grant, Courts would not be fooled by his scheme to prevent redistribution. The license grant the Linux Kernel is distributed under disallows the imposition of additional terms. The making of an understanding that the derivative work must not be redistributed (lest there be retaliation) is the imposition of an additional term. The communication of this threat is the moment that GRSecurity violates the license grant. Thence-forth modification, making of derivative works, and distribution of such is a violation of the Copyright statute. The concoction of the transparent scheme shows that it is a willful violation, one taken in full knowledge by GRSecurity of the intention of the original grantor. Why does not one person here care? Email lists are never* the correct mechanism for the resolution of legal issues. If someone from these email lists is working to address a legal issue you are extremely unlikely to see any evidence of it on an email list. --- * I am not a lawyer. Do not construe this as legal advice. Just want to forget what holds Libre Software together and go the way of BSD? (Note: last month the GRSecurity Team removed the public testing patch, they prevent the distribution of the patch by paying customers by a threat of no further business: they have concocted a transparent scheme to make sure the intention of the Linux rights-holders (thousands of entities) are defeated) (This is unlike RedHat who do distribute their patches in the form the rights-holders prefer: source code, RedHat does not attempt to stymie the redistribution of their derivative works, GRSecurity does.). -- ( This song is about GRSecurity's violation of Linus et al's copyright**: youtube.com/watch?v=CYnhI3wUej8 (A Boat Sails Away 2016 17) ) -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
Also Brad Spengler has been threatening legal action against an openwall developer back-porting features of Brad's wholly, non-standalone, derivative work. He also calls GRSecurity an "Original Work", which it is not (see the Anime Subs cases for the court's opinion) (GRSecurity is such a non-standalone derivative work, so the Linux Licensing terms absolutely do apply (it's a patch that snakes through the whole of the Linux Kernel source tree, touching everything like a vine). Here's a quick rundown: - GRSecurity goes full commercial, no more free testing patches, threatens programmer trying to port. (*1) https://lwn.net/Articles/723169/ (*2) https://www.phoronix.com/forums/forum/software/general-linux-open-source/948623-grsecurity-kernel-patches-will-no-longer-be-free-to-the-public?page=1 (*3) https://www.embedded-linux.de/18-news/886-grsecurity-nicht-mehr-kostenlos-verfuegbar (*4) https://www.theregister.co.uk/2017/04/26/grsecurity_linux_kernel_freeloaders/ GRSecurity removes public testing patch - goes full commercial. (*5) http://www.openwall.com/lists/kernel-hardening/2017/06/04/24 "Don't worry about it, there's nothing for a "grateful" user like yourself to download anymore. Boy, if I had more "grateful" users like yourself obsessed with harrassing us on Twitter, Reddit, and IRC so that they can go around and paint themselves as some kind of victim, I wouldn't know what to do with myself. -Brad" Brad Spengler prevents a private purchaser from redistributing the sourcecode via contract clauses between him and they: thus willfully frustrating the purpose of the license HE was granted by the linux kernel rightsholders. This is another reason a court may find him in violation of the license grant of the GPL. As we discussed previously. (See: ) Also Brad Spengler threatens others with lawsuit in a nearly transparent attempt to get them to stop porting over the work: " This stops *now* or I'm sending lawyers after you and (*6) http://www.openwall.com/lists/kernel-hardening/2017/06/03/14 Guys, this is your *last warning*. This stops *now* or I'm sending lawyers after you and the companies paying you to plagiarize our work and violate our *registered* copyright (which for the record entitles us to punitive damages which now are very easily provable). It's time to get serious about attribution -- what you are doing is completely unacceptable. I'm already in contact with lawyers to prepare for the next time this happens. If any of this plagiarized and misattributed code actually made it into the Linux kernel, you'd all be in a world of pain. Here Brad Spengler threatens a copyright infringement lawsuit regarding his non-original wholly-derivative work. (An original work stands alone). This while he threatens those paying customers who might redistribute the work (see: below). Note: Copyright licenses (like any license to use the property of another (copyright is freely alienable in the same way real property is)) are freely revocable unless barred by estoppel. The GPL v2 lacks a no-revocation clause thus estoppel would be more difficult to argue (additonally none of the "agreeing parties" have ever met each other). Note2: GrSecurity is a derivative work of the linux kernel, it is non-seperable: it wholly relies on the linux kernel source code to work. Courts in both the US and Germany have reaffirmed that if a work based on another work cannot stand alone it is clearly a derivative work. (See the Anime Subtitles case from a few years ago) (See page 6 of the phoronix discussion at *2 for a review) Note3:The linux kernel is not under joint copyright, it is simply a collection of derivative work upon derivative work. A simple solution is for one or many of the rightsholders to the code GRSecurity is derived from/ modifies to rescind Brad Spengler's license to use or modify their code. Additionally copyright violation claims can be filed as Brad Spengler has reportedly attempted to frustrate the purpose of the agreement that allows him to modify the linux kernel in the first place; placing additional restrictions to prevent redistribution of the sourcecode (a court would not be fooled by such a scheme). (Addionally there were third parties who contributed to the GRSecurity code base when it was publically distributed.) Other snippets from (*5) include Mr Spengler's unhappiness with the publication of his scheme and RMS's opinion of it: ... It has been nearly 4 months now and despite repeated follow-ups, I still haven't received anything back more than an automated reply. Likewise regarding some supposed claims by RMS which were published last year by internet troll mikeeusa -- I have been trying since June 3rd of last year to get any response from him, but have been unable to. So when you ... RMS' opinion can be seen here: (*7) https://lists.debian.org/debian-user/2016/06/msg0
Re: [kernel-hardening] Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel?
It's an obvious blatant violation. He is not allowed to add additional terms, but being a "clever" programmer it seems that he has decided that because the additional term that he (and seemingly PaxTeam) has imposed is not written within the four corners of license grant document but instead is communicated in some other way that "doesn't make it an additional term" and he has cleverly circumvented the linux copyright terms, which obviously is not the case but other random programmers will argue and swear it's fine till hell freezes over and get very angry when someone with a legal background informs them otherwise. I think many people are not aware of the violation because it's only been a month since GRSecurity pulled the sourcecode: it was almost a moot point before then with no real damage. Such is no-longer the case. On 2017-06-15 15:43, Greg KH wrote: On Thu, Jun 15, 2017 at 03:34:06PM +, aconcernedfoss...@airmail.cc wrote: Why does no one care that Brad Spengler of GRSecurity is blatantly violating the intention of the rightsholders to the Linux Kernel? He is also violating the license grant, Courts would not be fooled by his scheme to prevent redistribution. The license grant the Linux Kernel is distributed under disallows the imposition of additional terms. The making of an understanding that the derivative work must not be redistributed (lest there be retaliation) is the imposition of an additional term. The communication of this threat is the moment that GRSecurity violates the license grant. Thence-forth modification, making of derivative works, and distribution of such is a violation of the Copyright statute. The concoction of the transparent scheme shows that it is a willful violation, one taken in full knowledge by GRSecurity of the intention of the original grantor. If you feel that what they are doing is somehow violating your copyright on the Linux kernel, then you have the right to take legal action if you so desire. To tell others what to do, however, is not something that usually gets you very far in the world. Best of luck! greg k-h -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss