Is Linksys Violating The GPL? 524
jap writes "According to this post on LKML, Linksys is shipping firmware for (at least their) 802.11g access-points based on Linux - without any sourcecode available or mentioning of it on their site. This could be interesting: it might provide the possibility of building an ueber-cool accesspoint firmware with IPsec and native ipv6 support etc etc, using this information!"
Does it matter ? (Score:3, Interesting)
Better drivers? (Score:4, Interesting)
Anyone who have one must have noticed it.
The one thing to say to their defence is that they are usually "driver friendly" with their PCMCIA WiFi cards.
I just hope that now they will wake up, straighten up the mess, and start helping the community with supporting 802.11g in Linux for their NIC's.
More From the Kernel List (Score:5, Interesting)
A very interesting bit from the busybox maintainer, who has evidently already sent linksys two letters [lkml.org]
A post outlinging the possibility that Belkin is also shipping GPL'd code [lkml.org]
A few other people are throwing their two cents in, but those were the most interesting, code be an interesting test of corporate policey, and the ability of the GPL to withstand a court battle.
Obligatory "not a GPL violation" post. (Score:5, Interesting)
First, as someone else already said, just becuase it uses a linux kernel doesn't mean they modified anything, it could be a stock kernel. If they wrote userspace drivers and/or kernel modules using existing interfaces for their custom hardware, they are not obligated to release anything.
Secondly, if they weren't abiding by terms they had to according to the GPL, it would be COPYRIGHT violation, not license violation, as if you don't comply with the license, copyright law says they can't redistribute it. I know it seems like a silly point, but it's not.
People talk about the GPL being "tested in court" and whatnot.. but the fact is: If you don't accept the GPL as valid, then copyright law still stands, and says you can't redistribute, or make derivitive works. A judge can rule the GPL as invalid, but that would mean that nobody had any rights to redistribute anything.
It's not a license you had to accept and agree to in order to use the product.. so you can't "violate" it.
Linus, or any other kernel developer could go to linksys, and say "I have not granted you permission to use my copyrighted work, please demonstrate why you think you are allowed to do this". They can then either cite how the GPL allows them to do what they do, or concede that they have no right to distribute.
So as unclear as I can be.. it's not a GPL violation... and people are not forced to release code because of a nonexistant GPL violation... although that might be an acceptable remedy to all parties in most cases. They could also be forced to simply stop doing it.
Re:Cisco IOS ? (Score:1, Interesting)
Eg. OpenBSD would be ideal for an access point, with all the advanced networking&security features.
Re:Only if they changed something... (Score:5, Interesting)
You may be thinking of the LGPL [gnu.org] instead, which relaxes redistribution requirements.
Re:D-Link, too? (Score:3, Interesting)
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on (192.168.0.1):
(The 1600 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
Remote operating system guess: LinkSys WAP11 wireless AP firmware ver. 2.2
Nmap run completed -- 1 IP address (1 host up) scanned in 8 seconds
hmm..
Re:Only if they changed something... (Score:2, Interesting)
Even if they made no changes, they still have to provide a copy of the GPL itself, and tell the user where they can obtain the source.
As for "legal ways of circumventing the GPL", I've seen plenty of people spout this line, but never seen any of them produce an actual legal loophole in the GPL. I'd bet that you're no different.
Re:Does it matter ? (Score:4, Interesting)
IIRC, that can't really happen accidentally. About the only way something of significance can enter the public domain, sans copyright expiration, is an explicit statement of the legal copyright holder to that effect. i.e., "this work is entered into the public domain."
C//
Re:Cisco IOS ? (Score:3, Interesting)
The module itself is just a PIII 500 mobile processor with a laptop drive and some memory. Basically, just a PC on a tiny card. It's neat.
Re:Cisco IOS ? (Score:5, Interesting)
Looks like they're using zebra, too (Score:3, Interesting)
ObGPLQuote:
Re:Cisco IOS ? (Score:5, Interesting)
Re:Is Checkpoint violating the GPL? (Score:1, Interesting)
Re:Cisco IOS ? (Score:3, Interesting)
Not that such an argument would matter much if they were indeed found to be misusing GPLed code, of course.
Re:It might be available (Score:3, Interesting)
Re:In case gets /.ed (Score:5, Interesting)
I could imagine quite possibly that they've signed some NDAs that won't allow them to release all their source code. Then this GPL stuff means that they have to release all their source code -- or so it seems.
So now they've got to figure out what to do, and while they're figuring, it's legally safer to say nothing to anyone.
Probably their best way out is either get the NDAs released [unlikely], or find out the individual authors of their modules, and work out individual licensing agreements [difficult, but possible] that keep it outside the GPL. At that point, though, you won't have your information.
That said, I have to think about SCO, and think that one shouldn't take a "All your codebase are belong to us" approach. My feeling is that trying to knock others out to get what you want, is kindof evil. And that goes in both directions.
So I think persistance is key, here, but if they made a mistake, (1) don't gloat -- rather, be meek (2) still be persistent, and try to get FSF's help pursuing this (3) hopefully get the FSF to offer them help in finding for themselves a legally sound position.
P.S. Good hacking job [and yes, that's hacking not cracking, though I hope that they don't just decide 'hit him with the DMCA -- he's too small to fight it.' Ugh. This DMCA gives all the power to big criminals, it seems to me, and takes power away from little law abiders.
GPL not always as powerful as people think. (Score:3, Interesting)
The misconception that I see the most is that because a product runs on top of Linux, or uses the Linux kernel then the product is also GPL'd, not so. If the product has changed the sourcecode for Linux, those changes are covered under the GPL. This is why companies like Tivo are not required to release their source. The Tivo software was written without using any existing GPL'd code as it's base, therefore it can be covered under any licensing agreement the author sees fit.
As for Linksys, I'm willing to wager that they implemented all of their code as kernel modules. So if ask for the source code under the name of the GPL, all they are obligated to give you is the source code for the Linux kernel, sin any kernel modules they've written themselves. Kernel modules can be licensed any way the author sees fit.
-Runz
BusyBox GPL violation (Score:5, Interesting)
This is what I did to verify that the Linksys firmware was violating the GPL....
#!/bin/sh
wget ftp://ftp.linksys.com/pub/network/WRT54G_1.02.1_U
# I noticed a GZIP signature for a file name "piggy" at offset
# 60 bytes from the start, suggesting we have a compressed Linux
# kernel
dd if=WRT54G_1.02.1_US_code.bin bs=60 skip=1 | zcat > kernel
# Noticed there was a cramfs magic signature at offset 786464
dd if=WRT54G_1.02.1_US_code.bin of=cramfs.image bs=786464 skip=1
file cramfs.image
sudo mount -o loop,ro -t cramfs
ls -la
file
strings
/usr/i386-linux-uclibc/bin/i386-uclibc-l
Re:Cisco IOS ? (Score:3, Interesting)
My guess is that nobody at Linksys thought about their obligation to provide source code, or if they did, the process fell through the usual corporate cracks.
GPL uses... (Score:2, Interesting)
Comment removed (Score:5, Interesting)
Re:In case gets /.ed (Score:5, Interesting)
It's too late for that: whether they do or do not release the source code at this point, they have already lost their right to release the binary. And their GPL violation is not that they haven't put up the source code for FTP somewhere, the GPL violation is that they didn't identify the product as using GPL'ed code in the first place, accompanied by an offer to make the source code available.
That said, I have to think about SCO, and think that one shouldn't take a "All your codebase are belong to us" approach. My feeling is that trying to knock others out to get what you want, is kindof evil. And that goes in both directions.
If someone has violated SCO's copyright in the way they claim, they should be punished severely: copyright violations like those claimed by SCO threaten not only companies, they threaten the very existence of open source software. (However, I believe that SCO's claims are bogus, so I don't see much danger of that happening.)
Likewise, if Linksys has violated the terms of the GPL, they should be punished severely. Linksys's behavior, shipping GPL'ed code without identifying it as such, is a fundamental violation of the GPL, and if the only consequence is that companies have their wrists slapped when found out (and it has taken years to find this out about Linksys), it undermines the whole idea of the GPL.
Re:I'm sorry--I completely miss your point (Score:2, Interesting)
Bzzz. Wrong. Section 3 of the GPL:
(emphasis mine)If they've distributed executables which would require compiler modifications, those compiler mods would also have to be distributed. The exception above about not distributing the compiler doesn't apply, as the GCC with Broadcom modifications isn't "normally distributed" with the Linux kernel.
Re:Slowing it down? (Score:3, Interesting)
The linksys AP has a MIPS processor, which is probably running at 125 MHz.
It could run IOS without breaking a sweat.
Apples and oranges. On your switch, IOS just manages the system; the heavy lifting (frame forwarding) is actually done by ASICs for that very purpose.
On another note though, I'm not sure why the original posted is calling IOS "bloated" -- perhaps today there are a number of features that are not necessary for the core purpose of the box, but they don't typically add "overhead" to the box itself.
Most Cisco boxes are "underpowered" in terms of CPU, but they still manage to do the job.
The new(er) Cisco Aironet access points migrated away from the old VxWorks-based OS to IOS (see: Aironet 1100 are shipped as such, Aironet 1200 have a conversion kit)
Re:Cisco IOS ? (Score:2, Interesting)
Re:Belkin 54g WAP/Router (Score:1, Interesting)
Re:How they get away with it on the average (Score:2, Interesting)
companies use GPL'ed stuff, and if they get caught, they (often) comply. For each violation that gets caught, there might be several that get away.
So what? I mean, I'm all pro GPL and also a GPL sw coder. I work for a company that manufactures slot machines that run linux and loads of other GPL'd software aswell as our own apps. Technically we don't distribute the slotmachines so we're not bound by GPL, and if we were, we'd just put a simple ftp server that would have the
And what's the real beauty is that when we discover bugs or make future enhancements or such changes, we try real hard to get them into the actual sw package, again just to avoid having to maintain a large set of patches.
And for example Linksys failing to offer a stock kernel tar ball in their site doesn't sound that serious to me. A proprietary sw mogul using gpl'd code in their product, now that would be a serious violation.
Re:The GPL: Open Source or Intellectual Theft? (Score:2, Interesting)
"Part of this license states that any changes to the kernel are to be made freely available.
Unfortunately for us, this meant that the great deal of time and money we spent "touching up" Linux to work for this investment firm would now be available at no cost to our competitors."
Sorry, thanks for playing. It merely states that you have to make the source available to those you give binaries. You can make all the changes you want to the kernel for a client, as long as you give that client the source as well. No-one else need have it.
In the instance of kernel changes, it makes a hell of a lot of sense, too. Lets assume for a moment that you weren't a troll. This company would have a custom kernel, but without the new modified kernel source they couldn't install anything else that would also patch the kernel, or even rebuild when bugfixes are released.