:: Re: [DNG] grsecurity ripoff by Goog…
Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Rick Moen
Fecha:  
A: dng
Asunto: Re: [DNG] grsecurity ripoff by Google, with Linus' approval WAS: I have a question about libsystemd0 in devuan ascii,
Quoting Bruce Perens (bruce@???):

> I did offer to discuss the case with companies and their counsel,
> under NDA, without charge. In addition, I just added to the article
> parenthetically that I am willing to discuss why fair-use does not
> apply, but would not complicate that article with it.


Makes sense.

> Essentially, I don't think your addition to work under DJB's silly
> non-license was transformative fair use, I think the work was
> all-rights-reserved under the Bern Copyright Convention of 1981 or so,
> and you never even had the right to run his code.
>
> You should have avoided the work until DJB got off his drug trip about
> the lack of necessity to have any license at all nor even to dedicate
> the work to the public domain. Which is why I was working on Postfix
> after being a Qmail beta tester before DJB announced his plan.


{broad smile}

It's really funny that you think I am or ever was a DJBware fancier.
More like the opposite.

Back in 1999, I was chief sysadmin at Linuxcare, Inc. in San Francisco.
My friend Dave Mandala had set their corporate SMTP up with qmail, him
having a high opinion of it at the time. He gave me a few pointers, as
I'd never admined it before.

Word got around in the San Francisco Bay Area Linux community that Rick
Moen didn't like qmail very much, and that they could crank him up and
hear why. After about the third time this happened, I got wise and
FAQed the answer (http://linuxmafia.com/~rick/faq/warez.html#djb), which
cited several reasons I considered individually compelling, including
his non-licensing. In that FAQ, I was the first person on the Internet
to explain in layman-friendly language the Jedi mind-trick Dan pulled of
having a proprietary implicit (default) licence through default
operation of copyright law in the absence of an accompanying licence
text (beyond what was said on one of his Web pages).

Within a couple of months, some of Dan's roving fan club alerted him to
my FAQ, and I suddenly received highly belligerent mail from Dan,
more-or-less threatening me with litigation for 'libeling his software'
[sic]. I gave him a very polite response that was not even remotely
what he was hoping for -- and immediately expanded my FAQ to not only
list affected DJBware but also all the leading open source alternatives
to them.

You might find our correspondence entertaining:
http://linuxmafia.com/~rick/faq/dan-brandishing-legal-threats

For his part, Dan responded to my polite referral to my attorney by
calling me an 'idiot' and impugning my honesty on his Web main page that
granted (selected) rights to qmail.

I of course don't know for sure what was going through Dan's head, but I
have long speculated that what most annoyed him about my FAQ is the bit
where I ruined his trolling of open source people who kept being
confused by his non-licence and unable to determine whether it was open
source or not -- because they didn't understand the default proprietary
licence inherent in copyright statutes unless overriden explicitly.
It seemed to me that Dan enjoyed screwing with people's heads, and I
ended that.

The name-calling on http://cr.yp.to/distributors.html was entirely
delightful: For many years, I was able to honestly tell people I'm the
only person I'm aware of who's mentioned by name in a major software
licence (on the page where Dan calls me an idiot). Also, the DJBware
cult adopted me as Chief Devil Figure for 14 years, until I was replaced
by Theo de Raadt on account of this openbsd-ports thread:

http://linuxmafia.com/pub/humour/dan-versus-theo

Anyway, gosh, no, I'm really _not_ a DJBware guy, and that's the most
amusing statement you've made about me since the one about
'testosterone' back in 2012. (You might remember that one.)


> > The key bit is your sentence 'GPL version 2 section 6 explicitly
> > prohibits the addition of terms such as this redistribution
> > prohibition', which does not accord with my own understanding of that
> > clause or of pragmatic copyright caselaw -- as I've said.
>
>
> OK. I just read it again:
>
> 6. Each time you redistribute the Program (or any work based on the
> Program), the recipient automatically receives a license from the
> original licensor to copy, distribute or modify the Program subject to
> these terms and conditions. You may not impose any further restrictions
> on the recipients' exercise of the rights granted herein.
>
> And your theory of this not applying is?


Simply that Spengler and friends have not imposed any further
restriction on the recipients' exercise of the rights granted therein.

Hypothetically, it is claimed that they have suggested that they will
terminate the support contract of any customer who exercises that right.
If true, their doing so would not prevent or impede the customer
exercising the rights granted to them by the upstream coders (as applied
to the grsecurity/PaX patchsets).

Shall we take this a step at a time?

1. I, Rick Moen, will stand in for your example grsecurity/PaX
commercial customer.

2. One day, I decided that because I am entitled by applicable licence
agreements to do so, I am going to distribute my existing grsecurity/PaX
patchsets to a set of my friends.

3. Just to be communicative and clear the air, say, I lob off an e-mail
to Brad Spengler, advising that I have done so.

4. Spengler's firm replies cancelling my remaining support entitlement
(either refunding pro-rata or not, as applicable) and saying I'll not
receive further updates.

5. I check with my friends. They still possess the grsecurity/PaX
patchsets I gave them. Thus, so far, Spengler and friends have
apparently not succeeded in restricting my or their exercise of the
rights granted therein.

6. Just to make sure, I distribute my set of grsecurity/PaX
patchsets to another 250 or so friends and acquaintances, pass them out
on streetcorners, list them for public http/ftp/rsync, etc. No matter
whom I aspire to distribute to, where, and how, I observe no restriction
of my or my further recipients' exercise of the rights granted therein.

So, the reason I say I see no restrictions is that there were, in this
scenario, no restrictions. I don't happen to possess the further work
that Spengler and friends may or may not release to some people
following step #4, but if one of them _happened_ to give me a copy, I
would be entirely free to proceed once again as shown above in steps
2-6. So, again, no restriction.


Anyway, you disagree. Fine, shouldn't you be taking this up with the
Linux kernel copyright owners? They're the only people who'd have
standing, as I'm sure you're aware.

> That customer can, if they wish, go to court and claim that they were
> terminated unlawfully from their own contract because they exercised
> their rights under another contract to which _both parties were
> joined,_ and which did not permit the addition of any terms whatsoever
> regarding the right exercised, including their termination. They can
> depose everybody in the company, and with any luck someone will
> corroborate the reason for their termination.


This does not comport with my understanding of contract law. (I'm not
an attorney, but did study the UCC and common-law contracts pretty
extensively to pass the CPA exam.)

But certainly you are correct that this person can go to court. As you
know, anyone may sue on essentially any theory of law. Whether that
filing will survive contact with the judge and opposing party's counsel
is another matter.


> > Customer does not have a cause of action under copyright,
>
> It doesn't have to be under copyright at all.


Customer doesn't have a cause of action under any other tort theory,
either, IMO. You disagree. Fine, we agree to disagree, then.