On Wed, Feb 20, 2013 at 1:21 AM, adrelanos <adrela...@riseup.net> wrote: > These pages are confusing: > http://www.torproject.org/docs/trademark-faq.html.en > https://trac.torproject.org/projects/tor/wiki/LikelyTMViolators > > Please re-consider your standpoint. > > It's not uncommon to include a part of the name of the original project, > into the name of the derivate/based/related project. Out of respect or > to show how the projects are affiliated. Official or not.
Here's my opinions, speaking on my own behalf and not on behalf of my employer (Tor). I generally try not to get into legal stuff, since IANAL, and since any time I spend legalling is time that I'm not spending on software, so please forgive my legal ignorance. First off here, I want to thank you for writing this. I don't agree with a lot of what you said, but I agree it's important to talk about, and hope I can respond as thoughtfully as your message deserves. (IOW, please forgive me if I sound like an utter asshole at any point below-- that's not what I want to do. I mostly try to write about technical stuff, so I'm a little out of my usual waters.) The next thing: I don't understand how your paragraph above is using the word "Affiliated". (Did you mean another word?) After all, I object to projects using "Tor" exactly when they are *not* affiliated with the Tor Project. It's projects that are trying to feign affiliation that I object to the most. Actually, no. There's something I object to most of all: Any project that actually misleads users, intentionally or not. Here's why: Historically we started on this road when there were a couple of commercial efforts selling software with "Tor" in their names, doing their very best (as far as we could tell) to make people think that Tor was backing their efforts. One of them was just a one-hop web proxy running Squid or something. There were a significant number of users who thought that by using their products, they were getting Tor. This, frankly, pissed me off. I wouldn't personally care very much about people using my software's name for whatever reason, if there weren't a substantial number of users who believed that their software was actually made or developed or endorsed by the same people working on mind. (IANAL, so I won't get into the topic of trademark dilution. IIUC, trademarks are unlike copyrights in that we we don't legally have the flexibility to let well-intentioned folks infringe without challenging them, if we want to keep the trademark so that we can use it to challenge obvious imposters. Wendy could say more here probably.) > Just examples coming to my mind. > > git -> github, gitorious > Firefox -> Firesheep, FasterFox, PortableFirefox > i2p -> i2psnark > BitTorrent -> BitBlender > Tor -> LASTor > eMule -> aMule > > There are many more. > > It's sad, that a project encouraging free speech has a restrictive > trademark policy. Among free software projects with a trademark and a policy about use of that trademark, who do you think is doing a better job? Which free software project's trademark policy would you suggest we adopt instead? I'd love to see ways we can be more permissive without abandoning the trademark entirely. I'd been under the impression that we were doing pretty good. We seem to be at least as open as with our trademark as Debian, for example. Where specifically is our current policy shitty? After reading it... what specifically should it allow IYO that it doesn't? >> Current domain names trying to confuse users with fake or poor > software. Users are currently emailing us asking for help related to > these domains: > > I wouldn't use fake and poor software in the same sentence. Anybody implying that they're Tor when they aren't is IMO fake. Anybody who accidentally implies that they're Tor is IMO accidentally fake. (see below) IMO also that's not the best paragraph about our trademark problems that we could haver written. I would personally prefer something like "Here are a bunch of sites that have confused users into thinking that we are producing or endorsing their software by using Tor in the name." But please realize that there's a tension here between transparency and diplomacy. I want as much as possible of Tor's work to be done in public. That means that I want napkin-notes and random lists like this one to be kept on the wiki, not in some text file on Andrew's HD. (Also, it's a wiki. It's easy to change the paragraph there to avoid subjective pejoritives -- I just did, because I agree that it wasn't the optimal way to say what it needed to. Now it says, "Current domain names confusing users about the origin of their software". I'll stand by that: those project names are, as a matter of objective fact, making a substantial number of users think that we wrote the software. Probably still not optimal though) > Poor is subjective and may be the result of good intend and low skill, > while fake software includes malicious intend, which is much worse. I understand what you're saying here, but what concerns me most is not people's intentions, but the effect on users. The possibility of misattribution isn't theoretical -- it happens every day in support requests. People assume that projects with "Tor" in the name are made by and endorsed by the Tor Project, all the time. > I also don't think tormail fails in the category of poor software or > poor service. They are offering squirrelmail and pop, and from my > experience, it works reliable. (Not so much for mailing lists.) For > being the hidden service they are providing a stable service and I am > not sure how they finance the mail exit servers. > > Yes, I have a tormail account. No, I don't trust tormail just as I don't > trust any other mail provider. > > I don't agree, that tormail is trying to confuse users. > > I never thought tormail is affiliated with The Tor Project. They have a > disclaimer at the bottom of their page and before I think any project is > affiliated with the original one, I check that with the original. That > is simply common sense. Not doing so is just bad practice and failing > into such obvious traps, they will mess up anonymity one way or another > anyway. > > Fighting anyone having the name "Tor" in their software or domain name > (I am wondering why TorChat hasn't made it into that list.) Probably because nobody's edited the list to put it on, I guess. We get tech support requests from people who think that we wrote and endorse "TorChat" all the time. >is offensive > with respect to the work they have done by supporting the original > project with their contribution to the ecosystem. > > And if you want stick with enforcing that policy, please inform projects > as you first notice their name, We try to do that! That's why we have a FAQ entry, after all. Please consider this: you think that not reading disclaimers or checking with the original is an "obvious trap", and that anybody who messes up there is not following "common sense". But then what could we say about people who decide to start new projects based on Tor without even reading the FAQs? To me, that seems like it should be at least as obvious. Also, we try to contact projects with Tor in their names as early as we can. (Subject to our insanely overworked and disorganized schedules. :[ ) > that you preferred a different name. In > the beginning it's easier to change the name, they are more likely to do > it. It might be initially more workload, but there are not *that* many > projects with Tor in their name. Waiting for a long time, then > complaining and perhaps getting a attorney involved creates much more > workload in the long run. This isn't what we do. I think we've tried to contact *all* the people listed there as soon as we found out about them. I don't know if we've done a good job contacting them or not: Andrew could say more. Despite the impression some people have, we're a really small organization, where everybody is overworked. Please don't attribute to malice what can be explained by ... trying to do as much as we can with too few hours? I *DO* know that trademark issues are something that we've talked about again and again on the tor-talk list. And think about it: if these people aren't aware that we don't want other projects using our name like this, they aren't even reading tor-talk. They aren't looking at our website and clicking on the trademark link at the bottom. Well-intentioned people can make mistakes like that! But I don't think those mistakes are so very different from the kind of mistakes that users make when they look at a website for TorWhatever and assume that this is a Whatever made by Tor, and not merely a Whatever made using Tor by some third party. If I am going to treat intelligent, thoughtful developers who overlook our trademark policy as not necessarily evil, then I need to treat intelligent, thoughtful users who overlook their disclaimers as not necessarily "too stupid for anonymity". [[Finally -- if I'm far offbase or wrong in some of my assumptions or whatevers, please drop by some place where I hang out for chat and chat with me, or something. What I really want here is to do the best thing, and I can only do that if people try to convince me when I'm wrong.]] [[[Okay. Back to software. Am I still awake enough for software? Wow, I hope so. Software is excellent. Of course, writing paragraphs like this one is a sign I am maybe too sleepy for software. let's see what happens when I start refactoring....]]] my opinion for whatever it's worth, -- Nick _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk