Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror
GNU is Not Unix

Abstract Programming and GPL Enforcement 219

Posted by CmdrTaco
from the stuff-to-think-about dept.
Headius writes "Through events of the past couple months, I've ended up as the lead developer for the Litestep project, a several-year-old effort to write a GPL'ed shell replacement for Win32 platforms, for use in place of the standard Explorer shell. Current efforts involve a large rewrite of existing code and a complete refactoring of core services. Part of this new architecture is the abstracting of services to simple interfaces. Unfortunately, several other developers have brought up concerns that the hard work they put into developing the implementations of these interfaces (which will not have any dependency on Litestep-specific code) will be silently stolen by other (closed-source) projects in the cutthroat shell replacement arena and elsewhere. Is there any real way to protect GPL'ed code that has no interdependencies and abstracts away all the implementation details (as good OO code should)? I'm not as concerned about license violations as some, but how do I put the other devs' minds at ease? "
This discussion has been archived. No new comments can be posted.

Abstract Programming and GPL Enforcement

Comments Filter:
  • by coaxial (28297) on Friday January 28, 2000 @08:49AM (#1327516) Homepage
    When I saw Mad Dog at LInux World (Chicago Comdex) last year someone asked him this very thing. His answer was quite insightful. Basically said:


    I was an educator before I started doing what I'm doing now. I've seen people cheat. Why do they do it? They're too lazy to do the work themselves. Now if you're lazy, are you actually going to take the time to covertracks right, or are you just going to do a halfass job?

    If it looks like someone has stolen something, people are going to look at it, watch what goes in and what comes out, figure out what is going on, and then eventually call the theif on it. It's just like any other company enforcing patent or copyright infringement.
  • Taiwan has very weak IP control as well, at least as far as copyright (I'm not sure about patents), and we produce most of the PC hardware used in the world. I hardly think you argument holds up.

    Also, there are a huge number of other factors that you'd need to consider as well. I don't know about GB/US vs France/Germany in the 1700s, But I think its pretty stupid to blame IP laws for the difference between N.Koria/S.Koria and E.German/W.Germany. Ever hear of totalitarian Communism? It hasn't been very good for any kind of economic advancement. It's the same with India and the PRC. I suspect that as the PRC moves more to a free market (with more special economic arias) their economic level will increase, regardless of what IP laws they chose to enforce.

    Finally, what your talking about has more to do with copyrights then with patents. When you design some new technology, you don't copyright it, you patent it. Copyrights have nothing to do with technological advance in a non-information economy. As we move into a more digital world (where software is the technology), the situation may change. We'll have to see... Of course by then Open Source may have taken over, and the issue will be mute :)

    Amber Yuan (--ell7)
  • Yeah and when Win2K's TCP stack suddenly sucks, its support for SMP is suddenly kludgey and its default filesystem is like something out of the early 70s.
  • ESR was worth like $38 million? or something on paper. By the time he can sell off his shares, he'll probably be worth like $10 million. ~5-6 after taxes. A nice chunk of change but a far cry from $100 billion and climbing.

    In any case, the original poster is a moron, equating monetary wealth with usefulness to society.


  • Their implementation doesn't rely on Litestep-specific code, so the implementation + interface could be lifted out and used by closed-source projects.

    The interface certainly could be implemented in a proprietary way but if they put the implementation under the GPL/LPGL then those that want to implement the interface have to start to code the implementation from scratch, without code from the GPL'd implementation.

    The interface itself remain copyable fortunately, otherwise their would be no Linux/*BSD/... and not even MS-DOS would have been legal (being a copy of CPM).
  • Well, I think there's a fundamental difference between math PhD's and the general populous. IIRC, there are only a few hundred math majors Created in the US each year. The majority of the ethnic Americans actually end up working for the NSA, witch many of us would consider the epitome of proprietary knowledge (about half the math majors are not native born).

    Now, contrast this with something like computer sciences or Computer engineering. You have tens, if not hundreds of thousands of people entering this field every year, on many different levels, from your lowly MSCE tech, to your high paid distinguished engineer SUN. Anyone who works an MS for more then five years will be a millionaire.

    Certainly, just as in mathematics, there will be people who love CS, and CE just as much as the math people love Math. And those people will become professors, just as those people with Math PhDs do. At the same time however, those people aren't going to be the ones coding the new backend for some server app, or the Document View for Word For Windows 2000. Yes, mathematics advances, but it is a very 'closed' field, only with years of training and understanding can you even begin to understand how its advancing, unlike CS, biotech, or other types of Engineering.


    Amber Yuan (--ell7)

  • "t's interesting to see that the same people who scream bloody murder when Microsoft fails to reveal its interfaces now want to restrict others' use of their interfaces. "



    Did you actually read the origional post? This isn't about hiding the interface but about someone stealing this particular implementation of it.


    Why is it more ethical for the FSF to keep its interfaces proprietary or to run worthy programmers out of business than it is for Microsoft to do this?


    Nobody said anything about keeping the interface proprietary and this isn't a FSF project.
  • At least a decade ago, I was given some statistics about China (that supposedly were from a very credible source, yadda yadda).

    Among them was one about Refrigeration. That far from considering how many Chinese have telephones, televisions, and computers, we should consider how few of them even have refrigeration.

    It's likely you've lived in a house with electricity and a refrigerator, and if you're REALLY old, that you had a man bring an ice cube to you on a wagon each day, o maybe you cannot relate to this. But if you can imagine what it must be like to have to get your meat and dairy products on a daily basis, and not have the ability to store food (no leftovers, no frozen pizza!), you probably aren't thinking about whether these people have computers or SDSL lines.
    Many of them may not even have the certainty they they will have food from one day to the next.
  • "copying the code into another application would be sufficiently easier than..."

    But that's not what he's worried about. The GPL already protects against that. He's worried (as far as I can tell) about someone using the interface to the source code.

  • haha, how much time did you waste writing that? fucking karma whore. look. i'm logged in. mod me down. karma is lame. and posting +1 because you wasted your time meta-mod'ing is as lame as your posts are (i am supposing you are WNight. if not, why do you waste your time defending his lame-ass posts). god, this makes me feel stupid for caring about /. once.

    sh_

    oh yea, i forgot: GPL sucks ass. (god forbid i should get "offtopic")
  • Ok, nice having met you, don't let the door hit you on the way out.


    If you don't care about something, don't read it, and definately don't post telling us you don't care. If you took the time to read it, to post that, you're just proving that you DO care.
  • [1] Does compiling proprietary code with gcc make it GPL? How do you know which libraries are okay to link in (if any)?

    Nope, ever heard of the LGPL??

    That only works if all the linked in libraries are LGPL. And some GNU pronents (including RMS, IIRC) advocate using GPL for libraries too - just so that code linked with it turns into GPL code.

    Of course, this can lead to interesting situations. Suppose I write some code C, under license L, with L != GPL. C needs a library L. I use a non-GPLed implementation of L. Now, I give you the code. Your system has a GPLed implementation of L. Now what?

    -- Abigail

  • This is a re-hash of what others have said but:

    Code theft happens in many ways. Outright theft, where the code is copied.
    Reading the code of one, and re-implementing is another form of theft.
    Taking the code, and doing variable replacements.

    Is this theft:
    two screens. One has what you are copying, the other where you are re-tying the code you are using for guidance.

    At what level of theft would a judge agree with you that you have been violated?

    In the end, it is far more productive for the coders to stop worring about code theft (because it WILL happen) and if others will make money off their code (Example: Linux) and worry more about doing the best they can with the code.
  • Didn't "The Saint" from Maximum PC magazine talk about this last year?
  • Bits in your binary will always be indentical. Like 0x85 will always be indentical to 0x85. On a somewhat large scale things will vary depending on what changes were made. Adding a single C statement to an inner loop can change the code for the rest of the function and will potentially cause a significant difference in the resulting binary image. Using different compilers will result in massive differences and using something as simple as a different optimization option can also result in a completely different object code.

    Code auditing is typically done by hand by an expert witness that is paid under observation of the court. The binary almost never enters into the situation at all.
  • by Corrinne Yu (121661) on Friday January 28, 2000 @11:24AM (#1327536)
    I misunderstood. I should be moderated down for OT! :)

    I finally was able to get on the site. While it is cool what the project is.

    What I am looking for (wishful thinking :) ) is a "thinner than real Operating System basic functionality 'shell'." I am less concerned about deskstop appearance.

    I am more concerned or interested in some sort of global universal coding project in which a lowest common denominator set of basic Operating System functionality is supported.

    This is *different* from Linux or FreeBSD or any other full blown Operating System in the sense that it is both smaller than an Operating System, and most likely sits on top of Operating System.

    What I mean by is a small universal library, that gets accurate clock (system timer), that handles directory and data streaming services.

    I appear to misunderstand both "shell" (a literal GUI shell, and not an "abstraction shell or layer"), and interface (visual interface, and not "interface into Operating System / hardware / functionality").

    For everyone who shall respond to this as: just support "X" Operating System. That is the point. :) I wonder if it is possible for small game app to be cross operating system by sitting on top a small lib like such. :) (instead of manually porting the small API to each platform every time).

    Apologies for misunderstanding. And moderate me down darn it!

    P.S. They are then in fact in the *same* market as Operating System / Linux. They shall have the same "technical support user-friendliness manpower" problem of competing against commercial houses as they do. Thus, some of my above advice shall be more difficult to apply.

    It is *easy* to support code for engineers.

    It is *too much work* to support "low literacy users" like how can I customize my widget to a different color?

    P.P.S. Isn't it annoying or funny Operating System and Open Source have the same initials?

  • Yes, the GPL covers the expression only, not the ideas. This means a company can't snap up a GPLed program and close the source, but they can rewrite it, or mine it for ideas.

    But, ideas aren't protected anyways (except by software patents, spit spit) so they could just disassembled your program to see how you did something anyways.

    You can detect your code by looking at the binaries of their program. Usually the compiler used is easy to determine (usually it identifies itself) and if you compiled your code with that compiler and checked for similar strings, you'd be able to detect wholesale copying, especially since you'd probably have an idea of what part of their program was a copy.

  • by twit (60210) on Friday January 28, 2000 @08:52AM (#1327538) Homepage
    The Sun-Blackdown debacle had nothing to do with the merits of the GPL. Blackdown was developing under the Sun Community Source License, which lies nowhere near the GPL and could be liberally translated as "please develop software for us, then let us sell it."

    If Blackdown is a bit saddened and deceived by the whole affair, they could have seen it coming. Sun was entirely within its rights through the whole thing. It also took advantage of Blackdown, but the business world exists on principles of bad faith and this is no exception.

    --
  • He is refering to explorer shell replacements.
    If you go to skinz.org I would say a third of the links down the right side are themes for alternate windowmanagers for windows. Litestep was one of the first and probably one of the most popular.
  • [1] Does compiling proprietary code with gcc make it GPL? How do you know which libraries are okay to link in (if any)?

    Nope, ever heard of the LGPL??

    [2] Does including some GPL tool with your proprietary package put the *whole* package under GPL?

    Nope, just make sure the tool is a seperate program and your distro method complies with the GPL.

    [3] Does using GPLed software to write *nix drivers for some piece of hardware mean that the the hardware specs/design have to be made "open" now?

    Nope, see [1]

  • It seems obvious to you that your "simple economics" is correct, equally obvious to others that it is directly opposed to common sense.

    I make no judgement one way or the other.

    But I do want to point out that your example is very weak.

    Even to the extent that the lack of software development in China is related to the strength of "intellectual property" controls there, it can not be considered in isolation. Perhaps if they did not have all that marvelous software to import and copy from the USA, they would write their own, even in the absensce of IP enforcement.

    Also; it is far from clear that the reason for Chinese people on average produce very little computer software isn't simply that they don't have the kind of pervasive computing infrastructure that we in North America enjoy. Something like >50% of American homes have at least one PC in them. I doubt China can make the same claim.

    The analogy to barriers to entry in heavy industry also fails. "Historically", if what you suggest is true, there has been no barrier to plagiarism. What you describe is a barrier to production. Software is different in that it is being treated as a product, not a means of production.

  • The "joke" I was making was that Microsoft would be the company to steal the idea because every idea Microsoft has had, they have stolen. I put joke in quotes because it's not a joke, it's serious, but I was using it in a dark humor sort of way.

    That said, your point is right, you just draw the wrong conclusion: since Big Business uses them against Open Source, yes it is OK to use them back. That's not hypocritical, it's called tit-for-tat in game theory.

    I am up in arms against Microsoft because they not only steal ideas, but because they are a monopolist, the worst anti-consumer thing one can be. Apple is an also-ran, but I'd be happy to use whatever means to bring them down too.

  • The Java API would present no problem (it is included with the compiler), but these APIs are not included, you need to get them separately, which means the exception for things included with the compiler doesn't apply. Personally, I think it wouldn't violate the GPL to distribute just the source, but IANAL and people disagree with me on this quite often .
  • Oh my god, you mean a person actually did something wrong, immoral, or illegal! Holy shit,I've never heard of such a thing. Why perhaps we could form an organization to stop such people, then maybe we could call them, and report this. Why I have a suggestion, lets use the number 911, thats an easy number to remember, now ..... what to call these enforcers that will make us all correctly following the law.... hummm ..... weird, that we would ever need such a strange organization. My goodness, what shenanigans these GPL types will get themselves and us into.
  • ... for use in place of the standard Explorer shell.

    Bash is a program that lets you run other programs by typing their names. Explorer lets you run other programs by clicking with a mouse. Since they basically do the same thing (run programs), people refer to the Windows interface as a "shell" too. It took me a little effort to get my mind around this when I first heard it. :-)

    Bash for Windows is cool, however.


  • except that the analogy between murderers and people who write and sell software is not very good in a strict sense.

    by choosing GPL, you are saying that you don't want to play with for-profit software writers who would presumably like to use your code and sell their product to others. by the way, what exactly are they being dishonest about?

    incidentally, there is no need to use quotes when describing GPL as less free than other licenses. to the extent that GPL differs from the public domain, it is less free than the public domain. no quotes. less free.

    sh_
  • When win2k starts working :) (dangit! had a dupe posted as a seperate string)
  • by Score Whore (32328) on Friday January 28, 2000 @11:31AM (#1327551)
    Nobody ever said or asked anything about their practices as far as I know so unless you go out and actively look for things that might be yours not too many people are going to care to look for this. It really sucks since you put in all the effort and then some schmuck that runs a sweat shop programming company makes money off of you. If anything, that's what would burn me about it happening.


    I know this particular paragraph refers to your own work, but in the context of your previous paragraph you do realize that bit BSD and the X Consortium released their code under licenses that specifically allowed this to happen? And they probably understand licensing issues as well as anybody at the FSF. So it's probably safe to assume that the sentiment expressed (that of some schmuck making money off your work is a sucky thing) is probably not one shared by the people in your examples.
  • I think the rule was originally designed to prevent people from making proprietary 'add-ons' to open source software. If someone were to make a proprietary front-end to some OSS, there would be grounds for suit based on the GPL. However, if making an OSS front end for proprietary code goes against the GPL, who would sue you? Certainly not the makers of the proprietary software (unless they have restrictions on frontends as well). Obviously, you wouldn't be able to sue the makers of the proprietary software for the link. I don't think you would sue yourself, so that leaves... RMS? What grounds could he possibly have?

    So, making your little thing wouldn't piss anyone off enough to sue, and they wouldn't have any grounds if they did.

    Did you write your mail client? If you really felt the GPL wouldn't let you do it, you could have gone with the LGPL, or something similar

    Amber Yuan (--ell7)
  • The classical solution would be to watermark the code. Now I really don't know if any techniques are known for watermarking source code in a way that the watermark will still appear in the compiled code. (Watermarking compiled code is a now pretty well established technique.) Especially if the source is to be free (as in speech).

    I can suggest a solution that uses obfuscation techniques, but that isn't too intrusive either (in that it doesn't break the modularity of the code too much). The idea is this: somewhere in the code you define a const char copyright = "Copyright (C) 2000- by Me and co". Now you calculate the md5 fingerprint of this string, as well as this string with a few simple strings appended. This will give a few dozen bytes of essentially random data, which can then be combined in various ways (added, XORed, and so on) to give many different constants. Now, you take a hundred places in the code where you have used an absolute constant (like ``42'' - or even ``1'' or ``2'': these happen often enough), and you replace this constant by a computation based on the md5 sums which will yield that constant. Use a different one each time. That takes some work, and it is a disagreeable form of obfuscation (I surely don't like it), but it probably would work. To reuse the code, you either need to include the copyright string (or at least store it in some form so that it will appear in memory at some point, giving a proof of theft), or you need to go through each and every place where a constant has been obfuscated, calculate the md5 strings, and replace by the constant (that is doable, but it requires a lot of effort). So in effect you have a kind of watermark.

    I restate that I don't like this idea at all. But that's the best I can think of, to prevent theft of an open source code.

  • RMS once argued that you could not make GPL plugins for Netscape and Netscape is not GPL. I think it would apply the other way to - as you plugin links to a GPL (ie not LGPL) program, your plugin must also be GPL. Of course I guess plugins don't actually have to communicate by linkage - I'm not sure how litestep plugins work...
  • by WNight (23683) on Friday January 28, 2000 @11:40AM (#1327557) Homepage
    This is most likely not true, no matter what RMS said.

    It's like writing a macro program, to automate system usage, and having the author of a program write to you demanding that you pay him royalties to have your program mimick keyboard/mouse events in his application.

    If you write an application that depends on a GPLed program, and won't run with a replacement, then it's likely going to infringe. But if you write a program, like a compiler front-end, and it simply has the option to use a GPLed compiler, among others, then it doesn't infringe.

    Similarly, if you wrote a WM replacement for win95 and it has the ability to use GPLed components for Litestep, without depending on those, and without using GPLed Litestep code in doing so, it wouldn't infringe on the GPL.

    A user of a program can only infringe on the GPL by distributing a binary without source, or by using GPLed code and not following the license. Anything else they do is kosher. If I wanted to download GCC and write extensions to it, or use it in a non-GPLed wrapper, this would be fine, regardless of how I used it. Only if I released this would it change.

    Thus, if you release a program that *can* use GPLed components, you're not responsible for the actions of a user, if they choose to install those GPLed components, or make the whole package dependant on them in some way.

    This assumes that your package has other concievable uses, than JUST a wrapper for the GPLed code.

    An example would be photoshop filters. Photoshop could write the filter interface such that it could read call binary filters from other programs, and if one of those filters was GPLed, photoshop wouldn't be in violation. But, if photoshop was written such that it required the graphics core from GIMP to even work, then it would be a violation.
  • Windows has contained OS code from the very beginning; try DOS. Ever wondered why such a primitive OS like DOS had multitasking by way of TSRs? I bet that code was ripped right out of (fill in any OS that Microsoft could bribe, er, steal the code from here). Win 3.x's WM code? Straight from _____. So why was it always so unstable, bad, etc.?

    Because the lame "programmers" at MS guessed on how to interface that code with the little bits and pieces that they wrote. Maybe a pointer type isn't the same but is pretty close. Or maybe one function assumed that some other was called first, but the MS developers didn't make sure of that. In such a big piece of ____ like Windows, it's pretty hard not to _____ up.

    So why do so many people use Windows, and so many programs are writted for it? Because underneath the cobwebs straining to hold it all together is the rock-solid code right from the core of ____.

    Ken

    btw, this is posted from mozilla M12. I now know where MS got its code for IE5 from... Just kidding.

  • Warning: I've been reading the injunction against 2600, so I'm in sort of a legal mood, but IANAL. So, some interesting thoughts:

    Could the GPL be used as a legal lever to open up all source code? Probably not, since I would think that you would have to show "probable cause" to obtain a court order to examine the offending code. What sort of evidence would constitute that "probable cause"?

    Any software company would clearly be in violation of the GPL if they re-licensed part or all of a GPL'd piece of software. How does one define "part" of a software program? Is there a certain level of granularity where code becomes generic? I mean, you can't copyright the if-then-else format -- or can you?

    Isn't one of the points of the open source movement to improve coding techniques and code quality? Following that line of thought, wouldn't one be at least a little happy if Microsoft (for example, I've nothing against Microsoft) included some code in their product that was known and solid? How far are we willing to go with subverting proprietary code in order to further the open source movement? I mean, by the theories we all hold dear, eventually the proprietary code would fall behind in development, and Microsoft would be forced to update, again using the open source software. As new functionality is added, it would be easier for Microsoft to just use the related open source programs rather than write their own, thus furthering the quality and "known" aspect of their products, probably to the point where most of their product was taken from open sources. Now, that would be in direct conflict with the GPL (assuming Microsoft continued to sell their products under a restrictive license) but how "bad" would that actually be for developers and the world as a whole?

    Aetius

    As always, flaming, diatribing, thoughtful commentary, and logical destruction of my position is welcome.

  • The GPL seems pretty ill-equipped to deal with this type of code 'piracy'. (I think the whole Sun-Blackdown situation pretty much showed that.)

    Get a clue! The JDK that Blackdown is working on is NOT licensed under GPL. It is licensed under Sun's license which basically means Sun can do anything it wants.

    The rest of your argument is similarly bogus.


    ___

  • by nowan (4075) <nowan&nowan,org> on Friday January 28, 2000 @09:03AM (#1327568)
    I don't think he's concerned about other people writing modules for litestep. It's the people who write (GPL'd) modules for litestep who are concerned that their code will be apropriated for use in a non-GPL shell replacement. Evidently the problem is made worse than usual because the modules have a very general interface and could (presumably) trivialy be integrated into another shell replacement in a non-GPL way.

    Anyway, since I'm posting anyway, I'll put in my $.02. Knowing that someone else has stolen your GPL code could be very difficult. If you know, though, you can take legal action. One option would be to sign the copyright over to the FSF, in which case they will take responsibility for bringing violators to court.
  • It doesn't matter if your code is under the GPL or under the MS EULA, the problem of detecting whether someone has taken your code is the same. If they swipe your code, parts of the resulting binary might be bit for bit identical. Greater similarity could probably be found in the output of a disassembler. Talk to a lawyer if you find this.
    If the thief is a large software company, the odds of someone revealing the theft are probably quite high due to the large number of people who will look at the code. In the world of windows shell replacements, it's a lot harder since the teams are small and the software is (lets be honest here) extremely trivial. (not a flame, I've used litestep and it looked cool and all, but it didn't have 1/1000th the impact on my productivity that the cygnus win32 port of bash did.)
    --Shoeboy
  • [In case you're referring to my own converting-code-to-GPL, that was actually done by the original copyright holder at the time that I was given the code...but I'm just mentioning this for future readers as you probably did not realize that someone in this thread was involved in a similar situation]
  • First off, this is the first time I've ever jumped into a GPL debate, so cut me some slack if I'm wrong about things.

    OK, these are indeed Litestep *modules* are they not? I'm of the opinion that a closed source shell could include in its distribution one of these modules (as long as the interface that the module hooked to was developed independently, and could be put under a commercial license) As long as the author of the non-gpl application acknowledged the modules GPL status and distributed them with source, what would be wrong with the main appilcation even depending on these modules?

    My reasoning comes from looking at something like perl. There are plenty of people out there selling perl programs under a commercial license. Many of these are not open source and are run through a code-scrambler and then sort of "linked into" a perl binary so they are standalone. Many of these programs use GPL'd perl modules and interfaces to many other closed and open-source applications. E.g. Tk, ImageMagick, GD on the free software side and things like Win32::GUI on the commercial side. As I understand it, the perl application can be licensed under any terms as long as accompanying software is acknowledged as being developed independently.

  • I'm talking about all these "GPL sucks, good thing it's useless" posts. If you don't like it, then don't read the articles.

    Slashdot has the article classification system (those little icons) specifically to save you the time of having to tell us that you hate the GPL, etc.

    If you're just going to come in and bitch about the fact that the article exists, then stay out.

  • Recent: I wanted to use a few Sun Java libraries in writing a GPL'd frontend for an IMAP client. RMS told me this was not allowed -- even
    dynamic linking is covered by the GPL.


    RMS wishes that he'd worded it that way, but he didn't, and you shouldn't let him bludgeon you into not writing good software just because the particular tools you want aren't available under his license.
  • by Anonymous Coward
    Presumably you know this, but just in case others
    get confused, try these sorts of examples and
    imagine what must be going on:

    strings /proc/kcore | grep "Adolph Hitler"
    strings /proc/kcore | grep "totally random string"
    strings /proc/kcore | grep "I must be doing something wrong, but what???"
  • by Brett Glass (98525) on Friday January 28, 2000 @12:33PM (#1327587) Homepage
    It's interesting to see that the same people who scream bloody murder when Microsoft fails to reveal its interfaces now want to restrict others' use of their interfaces.

    This is hypocritical. Interfaces should be open -- to open source developers, to closed source developers, to everyone. If someone -- anyone -- wants to use them, he or she should be able to do so.

    Fortunately, interfaces -- unlike code -- are not subject to copyright. The GPL cannot and will not protect them any more than the Microsoft EULA.

    What's scarier, though, is the extremism and hypocrisy we see here. Followers of Stallman -- whose agenda already includes driving commercial software companies out of business via anti-competitive practices -- appear to want to adoptyet another leaf from Microsoft's playbook in their attempt to destroy commercial programmers' livelihoods and businesses. Why is it more ethical for the FSF to keep its interfaces proprietary or to run worthy programmers out of business than it is for Microsoft to do this? The answer: It's not. As a project leader, the author of the message which started this discussion should maintain high ethical standards and refuse to yield to such an agenda.

    --Brett

  • Look at the many companies who have attempted Windows shell replacements. Quarterdeck? Now bought and gone. Symantec? They dropped it for lack of interest. And so it goes. Replacement shells for Windows aren't a "cutthroat arena;" they're a Quixotic, ultimately wasted effort.

    Historically, doing a replacement Windows shell has been a misguided last-ditch effort of utility companies whose products Microsoft has copied and given away for free. It's not a hot market at all. Companies find little interest from customers. (How many Windows machines do you see running replacement shells? Virtually none.) And Microsoft does very well at making sure that none of them are fully compatible.

    In short, the "excuse" which these people are making for GPLing the code is bogus. It's a bad idea to GPL code to begin with, since the GPL is the embodiment of a spiteful anti-business agenda. But it's worse still to attempt to restrict an interface! Do the project under the MIT X license, and open both the code and the interface to the world -- open source, closed source, anyone. It works for X, and it's the only thing that makes sense for an open source GUI.

    --Brett Glass

  • I was an educator before I started doing what I'm doing now. I've seen people cheat. Why do they do it? They're too lazy to do the work themselves. Now if you're lazy, are you actually going to take the time to covertracks right, or are you just going to do a halfass job?

    But this isn't cheating. The whole point is to be able to use other peoples' code so you don't have to write every single thing yourself.

    The issue here is that some people don't want other people to make a buck off their work Or, rephrased, some people don't want to mess with the business side of things, so they give their work away free; other people enjoy the business end.
  • The GPL seems pretty ill-equipped to deal with this type of code 'piracy'. (I think the whole Sun-Blackdown situation pretty much showed that.)

    Only, I don't recall the code given to blackdown everbeing GPLed. I believe the terms of the license said it could be used by Sun @ any time. And they took it.

    On a more general note, I can't really think of any way to tell (absolutely) if your code has been stolen, provided its been embedded deeply enough. With something like an IP stack, you might be able to tell because an implementation responds precisely the same way as your piece of code, and may or may not have the same control structures. One thing I found pretty funny was looking in C:\WINNT\SYSTEM32\drivers\etc to find a hosts, and services file, for the first time and wondering which *nix got its code into NT.

    So in the end you either have to have someone with the source, who knows its been grabbed, or you have to test the offending software looking for the same performance/functionality signature as your piece of software. Having the same flaws in the ip stack would be an example.

    --locust

  • by Anonymous Coward on Friday January 28, 2000 @09:13AM (#1327597)
    (Disclaimer: IANAL, and I'm in the UK).

    I'm going to argue wrt UK law, but US law (at least in some circuits) is pretty similar, if a little more developed.

    It is perfectly possible to protect interfaces (especially APIs) in the way you suggest, and I don't see why the GPL shouldn't allow you to enforce that protection, though it would probably be easier if there was an explicit notice about APIs and other interfaces being covered.

    Relevant cases in the US include (he said, reading from his lecture notes :-)) Whelan Associates vs. Jaslow Dential Laboratory Inc. (3rd circuit, 1986), and in the UK Ibcos Computers vs. Barclays Mercantile Highland Finance Ltd (1994).

    That said, actually claiming this protection is problematic: protectable expression is subject to a number of tests, and there are several ways in which the defence can argue that the expression they copied isn't protected (including functional expression in the US, but not in the UK), in addition to the inevitable problems involved in showing that copying took place.

    Having said that, my advice (though IANAL, and this isn't legal advice of any kind, just my opinion) would be not to bother: relying on emerging concepts in IPR is a high-risk strategy to start with, you're unlikely to want to sue anyway, if you do the damages aren't likely to be high (the defence is likely to argue that since you gave your software away, you have incurred no loss by their action - it probably won't fly, but it might make the judge think), and it's bad manners for the OS movement as a whole to look at commercial interfaces (eg. to lex and yacc) and copy them, then sue the commercial world for copying our interfaces.

    However, the biggest reason that you probably don't want to go for this sort of protection is fairly simple: if you protect your interfaces like this, you have to admit that other people can too: a decision in your favour would set a precedent that things like the Win32 API can be protected (so all Win32 programs need to be licenced by Microsoft - there are defences to this which we won't get into, but it's probably going to be ugly even if they are made out). It would also mean that, for example, drop-in replacements for pretty much any library would need to be licensed, and that wouldn't be pretty at all - the GPL'd Qt clone and Lesstif would be two fairly obvious casualties.

    In my view, this whole idea of non-literal copying applied to computer programs is a disaster and should be removed by legislation (the EU directive on the protection of computer programs starts to do this, but doesn't seem to go far enough). Encourage it, and one day (probably fairly soon), you'll be the one being sued for writing Hello, World.
  • So someone could read your code, see a nifty idea/algorithm, and use it with impunity.
    I don't think the GPL really tries to protect the ideas or algorithms. That's the sort of thing software patents address, and I don't anyone wants to propose that sort of solution.

    Copyright pretty much protects the code itself, not the underlying idea behind it. It protects the expression -- you aren't violating copyright when you copy a plotline, after all, just when you copy the expression of that plotline.

    Thank goodness -- or else all sitcoms would be horribly mired in copyright law.

  • The desktop environment in Win32 is what's being refered to as a shell. Basically, LiteStep is a desktop environment. It replaces the silly little taskbar, the silly little desktop icons, and the silly little start button. It doesn't manage windows (small w). It manages tasks and the desktop. (Go read the revlevant link).. this is for those of you who were comparing it to bash. It's not a CLI. =)
  • ... why do we see no innovation in Open Source software? Why is it simply a rehashing of what has been done before years after it is done elsewhere?

    According to your hypothesis, GPL has infinite manpower. Why, then, do 99% of GPL projects have a single author and why are they only improved by that one author until they are abandoned? You see, the Linux OS and the few other large open source projects are an extreme oddity in the open source world. Yes, they stick out, as they should, they are quite good working copies of other peoples work done as hobbies in peoples spare time.

    However, if you consider the tens of thousands of open source programs out there, you will soon see that GPL has severely limited manpower.

    Will this change? No. Why? Because the majority of people that program nowadays do not do it as a hobby - they do it as a job. They are not 50 yr old ex-plumbers who picked up programming after a few college courses or college students, which is where the majority of open source software comes from. Either people who picked it up late in life or people just getting started early in life. The people learning programming right now are learning it as their trade skill and that's what they'll get a job doing. If anything, the open source pool of developers should shrink.

    As well, the number of projects that are very good but have to be abandoned because someones wife has a baby or because their new "day job" (which they hate) takes too much time is a real shame, but a necessity.

    If programming in your field (the open source one) is looked upon as simply a hobby, it will be treated as such.

    Esperandi

  • Remember that that Linux API is entirely a copy of someone else's API. Either Unix or Plan 9

    Linux does implement some API from Plan 9??? I didn't knew (well, I don't know that much about Plan either :( but I remember reading an article about it and it seemed quite cool).
  • This sounds too much like an API copyright. Free software licenses protect the implementations, not the interfaces. We'd be very angry at anyone who protected an interface from our implementing it in free software. It has to work the other way, too.

    Thanks

    Bruce

  • Catching perpetrators using your code in closed-source programs is, admittedly, difficult. As for enforcement, if you assign the copyright to the FSF they will (and have) take legal action *if* you find violators.

    You have to assign the copyright to FSF for them to have legal standing in any infringement case.
  • Way non-GPL a in replacement shell another into integrated be trivially (presumably) could and interface general very a have modules the because usual than worse made is problem the Evidently. Replacement shell non-GPL a in use for appropriated be will code their that concerned are who litestep for modules (GPL'd) write who people the it's. litestep for modules writing people other about concerned he's think don't I.

    Court to violators bringing for responsibility take will they case which in, FSF the to over copyright the sign to be would option one. Action legal take can you though, know you if. Difficult very be could code GPL your stolen has else someone that knowing. $.02 my in put I'll, anyway posting I'm since, anyway.

    I actually agree 100% with your post. Just didn't want to post a "Me too" post. I know (Score:-1 silly)

    Never knock on Death's door:

  • Well you can elect to receive statuatory damages in the amount of anywhere $200 to $100,000 depending on willfulness of the offense, etc. See 17 USC 504. Also see the rest of 17 USC Chap 5. You can recover attorney's fees, get their stuff impounded, confiscated, subject to remedial modification and/or destroyed. And you can get injunctions filed against them. The proprietary camp uses all of this against us. We should go on the attack and use it against them. It would be great to see Open Source as the plaintiff once, instead of as a defendant. You can read the US CODE at http://www.law.cornell.edu/uscode/ [cornell.edu]
  • This is something people keep saying. The GPL DOES NOT in ANY WAY *FORCE* you to release your code.

    What it does say is that if you *DO* want to release your code that includes GPL code, that you MUST abide by the GPL. IF you cannot or will not, you simply cannot release it. IF you had already released it, and realize that it wasn't legal, you must stop releasing it. Period.
    Nothing will put you in a position of forcing you to release your code.

  • by Corrinne Yu (121661) on Friday January 28, 2000 @09:46AM (#1327634)
    // Good Thing

    The brief description appears to be Very Good Thing. It shall increase the number of applications and games on more OS's.

    If it becomes phenomenally successful, your participants would have been instrumental to some large positive contributions to application spread.

    Would this "historical" motivation be suficient? :)

    // GPL is the only way

    The precise reasons why all the commercial cross-UI projects fail / fall short is ...

    The only way such a layer can be constructed is through GPL.

    There are too many platforms, each of those platforms upgrades (downgrades :) ) too quickly too often, too many new devices popping out too fast.

    Any commercial limited-man team (versus the infinite manpower of GPL code resource) shall eventually be outstripped.

    GPL is the only chance for a successful implementation of this.

    I myself am looking forward to it both as user, and as coder.

    Don't even think of anyway to "protect" commercial interests. The moment any part of it becomes "closed" (even in the form of "cannot be modified until after inconvenient beureaucracy") would hamper or destroy this project.

    You shall succeed where commercial apps precisely and only because of open-ness.

    // Commericial : higher level applications

    How do you protect yourself against higher level applications (like games, database applications) that co-opt your code *freely* to provide our commercial applications with your functionality?

    1. Credit and Appreciation

    We commerical users of GPL code shall do what we always do. Accord code authors and groups with proper credit. Demonstrate our appreciation with thanks.

    2. Donation

    We commercial users shall thank you, after your code module demonstrates sufficient robustness, by donating actual development budget, to further fund your work.

    There is precedence for this, and I do not suspect we shall change.

    I shall watch your project very closely, and if I do see many other commercial developers or peers making good use of it in the future, I shall personally goad such peers into donation. :)

    The same speaks for me. If I personally find your code base highly helpful to my commercial projects, I shall contribute what I can, even non-financially, to ensure the continual growth and support of your group.

    // Commerical : lower level implementations

    How do you protect yourself from commercial developers of low level layers?

    The answer is you don't have a thing to worry from them. :)

    1. GPL

    That you are GPL and open, and they are closed and have limited manpower, shall easily cause your product (if organized properly, and if sufficient good code is contributed) easily to become technically superior and robust.

    As I exposit above, there is no way any commercial company can keep up with all the versions of all the platforms. It shall bankrupt their payroll before this happens.

    You *are* at a technological advantage.

    2. Free or Pay

    What if they just *copy* your layer verbatim and sell it for a profit?

    As my understanding, this is exactly what GPL or Free Software is about! People are free to make profit off the code.

    How shall your coders protect yourself?

    Easy.

    Be available to offer good friendly support to "users" (most likely higher level developers like us).

    As *competitor* with the above commercial plagiarizer, you are already at an advantage:

    1. Your product is free. Theirs cost money.

    You are winning on the cost / price competition.

    2. Your product can potentially have better technical support than theirs, if you do it right.

    You have the resource of the original coders of the modules to support application developers.

    They merely have plagiarizers or interpretors. Or a phone technician who did not even work on the code.

    You actually have a better chance of this *protection* than Linux.

    The average user or target market of Linux are lower literacy non-coders who need a lot of hand-holding ( and all the users who don't belong this category are already using Debian and not Red Hat :) ).

    The target market or user of your layer are high level application technology literate commerical coders like myself, who are "easier" to support.

    The scope of what you need to answer or help, would not run as wide a gamut as an entire Operating System.

    // Project Scope Suggestion

    I have been thinking the same thing on a much smaller scale for a very small subset of OS services that are needed by most game applications.

    If this project is early on, may I suggest a smaller scope of Operating System Services?

    In fact I can submit you privately a short spec of a small handful of *essential* functionality.

    Besides the obvious personal bias that I am a commerical game developer, there are some gains for you as well:

    1. A completed small project is better than a non-completed larger entity.

    If done modularly and correctly, such completed small project can easily be grown and extended to its final ambition.

    You can get to your technical proof of concept quicker. Ensuring both momentum and success.

    2. Test Bed

    By building your first iteration to a set of common functions, that already have quite a few applications waiting to ride on top of them, you have the fastest means to a nice group of users.

    This again helps to smooth out kinks, track down bugs, proof in the pudding, kind of feedback that is hard to get by writing a "lower layer" in a "user-less" vaccuum.

    // Disclaimer

    Your site had been /.'ed. I could not get not on the site to review the project's technicality and specification.

    The above is only based on what I can guess from your summary. Apologies to any misunderstanding.



  • by cburley (105664) on Friday January 28, 2000 @09:47AM (#1327635) Homepage Journal
    I can't really think of any way to tell (absolutely) if your code has been stolen

    In fact, it's easy to tell whether Linux contains code written by Microsoft!! The "strings" command outputs "printable" strings it finds in a stream of (binary) data; "/proc/kcore" is, in most GNU/Linux systems, a file that represents the current state of the kernel's "core", or RAM; and "grep" outputs lines containing the string on the command line that it finds in its input.

    If you try the command below under Linux, you are asking for a printout of all strings containing "Copyright 2000 Microsoft" found in the your computer's RAM -- which includes the Linux kernel itself!

    And, on my computer, which runs Red Hat Linux 6.1, it prints out plenty of lines before I interrupt it with Control-C!! Try it!! Doesn't it show that Linux contains W2K code?

    bash$
    strings /proc/kcore | grep "Copyright 2000 Microsoft"

    Copyright 2000 Microsoft

    Copyright 2000 Microsoft

    Copyright 2000 Microsoft

    Copyright 2000 Microsoft

    (Yes, this is an old trick. ;-)

  • Of course the GPL is valid. It merely requires that all dependencies are standard shipping parts of the operating system, OR are GPL'd,

    This was one of the original complaints about KDE. The KDE was claiming to use the GPL, yet QT was not GPLd and was NOT a standard component shipped with the operating system.

    In any case, a shell for windows can and has been written and GPLd. Bash exists for windows, for example, as well as a host of other GNU software such as emacs (not microemacs which is NOT GPLd).

  • by mindstrm (20013) on Friday January 28, 2000 @09:48AM (#1327638)
    It does not state that code is GPL'ed automatically.. it states that IF the modified code is released, it must be released under the terms of the GPL.
    It is still possible for someone to a) release the code and b) have a bad license on it, one that the GPL forbids. It is then up to the copyright holder(s) to deal with the legalities, as the user has violated their license agreement (the GPL).

    Repeat.. this does NOT mean that code is automatically GPL'd because it includes GPL. It just means that it can only be legally distributed under the terms of the GPL.
  • But it doesn't run on FreeBSD or VMS! :)

    J/king aside. That is my point with GOSIX. You appear to be completely unable to grasp the concept proposed. :)

    The *problem* with most engines, commercial and open source, in terms of operating system support, is that it is a priori.

    You must take the lump sum of the engine (i.e., Quake, that would be the static non-deformable BSP data structure?) when all you want is the lowest level common denominator functionality.

    To most commercial games, engines like Quake, to even Unreal Tournament or Quake 3 Arean, is about 70% to 90% useless, or non-reusable, for me (or other commercial developers).

    As coders, id have been relatively conscientious of modular coding practices.

    I am advocating taking the next step up.

    I am advocating first developing, then evangelizing, then distributing, the idea of most future 3D engines (or wrappers) to build on top, or next top, a simple cross-OS GOSIX low level operating system.

    You may mind if your latest game doesn't have bump-mapping, or self-shadowing terrain (that for example is not in Quake).

    You probably won't mind if your latest game on Wintel is still using _rdtsc to doing function timing. That functionality is supported (by a different command) on Motorola chipsets.

    I am talking encapsulating the low level and less performance dependent Operating System functionality that is used by almost all games and engines, and yet is continually re-written, re-ported, re-upgraded (redudantly) on very version of every engine and game from every company and every developer.

    And then I am talking about this layer being truly free and open in every sense.

    Then instead of waiting for your developer or company to *port* your favorite game to your smaller (and I am talking about smaller than BeOS) platform, you can merely upload and conribute GOSIX implementation code.

    And Voila, all engines and games that abide by GOSIX will run on your tiny platform ... that you help to code a small part.

    Any truly technically literate caveats, critiques, contributions, ideas, suggestions to GOSIX are deeply appreciated.

    Any illiterate "people who don't understand the concept" posters, *PLEASE* *FIRST* re-read and re-read and re-read and re-read (and re-read again please :) ) this post here, before posting your technically illiterate response.

    P.S. Apologies to going "medievally anal" on your reponse, AC. :)

    I empathize it is very easy to misunderstand technical context (as I did on the first post, mis-grasping both "interface" and "layer" of the abstract summary, until I was able to visit the site and read the project spec).

    As an advice (and one I am teachng myself to practice), please read very carefully before posting your non-sequitor response?

    I do look forward to your "more well-thought-out" discussion and critcism to the idea. Especially any infeasibility issues.

    P.P.S. "Prior Art"

    In terms of "prior art", I would say Quake engine is a poor example.

    The best example of "prior art" for GOSIX so far (if you can grasp the concept) is Mr. (Dr.?) Jay Lepreau's excellent OSKit work.

    http://www.cs.utah.edu/flux/oskit/

    I respond to your post, only to give an excuse to link to Lepreau's OSKit html!

    The above is a lot closer to prior art than your Quake source example.






  • Yes, people stealing GPL modules for use in proprietary shells would be improper. But as GPL source is open, it is susceptible to such theft. There's not much you can do other than make sure each module is clearly labeled as being under the GPL, and even then it won't matter as a criminal is not stopped by laws.

    Later you can scan commercial programs for the fingerprints of your routines (sequences of code, etc.), but at that point you're trying to do law enforcement rather than prevention. If you're keeping records of how much time was spent on each routine that may help set a price/damages for any court case, but here we're wandering in the nebulous world of what may be decided at the stroke of a judge's pen.

  • by konstant (63560) on Friday January 28, 2000 @09:29AM (#1327656)
    There is no remedy for you through the GPL, but if you ever expect a remedy through the courts, you will need proof of plagiarism. As I imagine you don't have the resources to hire lawyers who could force a disclosure of the hidden code, you need a mechanism that would allow you to prove copying with only a released copy of the proprietary software in hand.

    What you need to do is include a highly obfuscated trigger in your code. When a series of complicated and rare actions execute through code, a trigger message is displayed proclaiming "This code written by ABC and licensed under the GPL". That would be irrefutable proof of copying.

    I believe the legal criterion to establish plagiarism is replicated *errors*. Another option is to include an intentional but, again, very obfuscated bug in your code. Either method should demonstrate beyond doubt that their product is based upon yours.

    -konstant
    Yes! We are all individuals! I'm not!
  • by Hieronymous (80899) on Friday January 28, 2000 @09:48AM (#1327658)

    A few years back I worked for a software company that wrote mostly Windows specific network application software.

    Well, I know for a fact that they would just take most of the MIT X server code and incorporate it into their X Server product (To be honest, I don't know how/why/etc. they did this because I wasn't in that software group and I really didn't care at the time). But their DNS server was definitely almost entire BSD code...file for file...except for the source files that implemented the UI and the Windows Service interfaces. There were probably a few more applications that had this crap in it too but those were the only ones I saw for sure during my tenure with them.

    Nobody ever said or asked anything about their practices as far as I know so unless you go out and actively look for things that might be yours not too many people are going to care to look for this. It really sucks since you put in all the effort and then some schmuck that runs a sweat shop programming company makes money off of you. If anything, that's what would burn me about it happening.

    ===============
    "All I ask is for a chance to prove that money doesn't make me happy."
  • by John Murdoch (102085) on Friday January 28, 2000 @09:52AM (#1327660) Homepage Journal
    "The analogy to barriers to entry in heavy industry also fails. "Historically", if what you suggest is true, there has been no barrier to plagiarism. What you describe is a barrier to production. Software is different in that it is being treated as a product, not a means of production."

    I'm not suggesting, I'm stating. And yes, historically, it is true--there is no barrier to plagiarism in intellectual property law. The whole point of the patent system is to encourage plagiarism. The concept is called "derivative works."

    For example, suppose that you come up with a better method for stamping sheet steel (this happened in the 1920s). I've been working on the same problem, but taking a much different approach. I read your patent application (which is public information) and the lightbulb goes on--I have the solution, and my new solution is even better than yours. I rush to the Patent Office and file a patent. The world, recognizing a better mousetrap, beats a path to my door. I get rich--but because my patent depends upon yours (and identifying those dependencies is part of the patent process) you get rich too. You and I get rich--but society as a whole reaps an enormous benefit. Since we've improved metal stamping technology automobiles can now have enclosed bodies and still cost less to build. Aircraft wings can be assembled from stamped parts, rather than be hand-made from wood and fabric. Consumer products will drop in price--a whole cycle of economic activity will take place due to our technological innovation. (True fact: simultaneous innovation in cold-rolled steel and steel-stamping technology was one of the very few pieces of good news in economics in the 1930s.)

    My point, which I think you misunderstood, is that even if someone were to try to plagiarize an invention without licensing it, typical barriers to production effectively prevented it. I know how ABB's continuous casting process works--so what? I can't set up a continuous caster in my back yard. With software there are no such barriers--if you have the source code to Bank A's consumer lending software you can easily sell a consumer lending solution to Bank B without ever getting caught. (In fact, many consulting companies do this all the time--they write a solution for a client, then sell the same solution to the client's competitors.)

    Without intellectual property protection (which is what the GPL amounts to) there is no legal recourse to somebody plagiarizing your code. That was my point.
  • If your "plugin developers" (as they could be construed as being) are concerned about their plug-ins being used as parts of other programs, then they only have to withdraw the GPL on them. It'd suck, but if they really don't want to let their source code fall into bad hands, then they should just lock it, obfuscate it, encrypt it, or whatever. Just because LiteStep is GPL, that doesn't mean that all the add-ons have to be GPL too. Right?

    Even a limited license could be applied to certain parts of the code. Then again, it seems to me that your developers are missing the point - either they want to benefit the open-software community or they don't! You can't say who can and who can't look at your open source-code simply because you don't like them. The GPL is a double-edged sword - like any kind of freedom it can be used for good and bad alike.

    On the subject of stealing portions of code for proprietary (closed-source) software. There's not a lot you can do to prevent it, because you can't check the source without "probable cause" and a warrant or something. However, surely if someone "steals" portions of your code, they've taken a part of a good piece of software and (presumably) are now charging for it. What's the average consumer going to do when faced with two software packages (one open-source and free, and the other costing $xxx)?

    It just sounds a bit to me like your developers don't want other people to make money from their own software without them getting any of it - this may sound fair enough, but isn't RedHat making a tonne of money selling a distro with your latest GPL toy?

  • by John Murdoch (102085) on Friday January 28, 2000 @09:57AM (#1327663) Homepage Journal
    "When was the last time you heard of a piece of *free* software developed in mainland China?"

    Which means that software innovation in China isn't happening. But is it because all of the Chinese are poor?

    (Been to China lately?)

    India has significantly greater poverty than China--but India has a booming software industry. (Just consider how many tens of thousands of Indians are in the U.S. on H1B visas.) Why is software innovation booming in India, but not in China? (And why, for that matter, is software booming in Taiwan, which forty years ago was poorer, and which has zero natural resources?)

    This is Macroeconomics 1A material--intellectual property rights are the basis for technological innovation, which is the basis for economic growth.

  • only about 1% of the Chinese population

    hmmm, 1 billion Chinese, 1% of 1 billion == 10 Million. That's still a lot of people! ;-)

    Steven Rostedt
  • Open Source is like a drug. Once you use it (legal or otherwise) you'll become dependent on it if it's any good. And if you use the code in your project, you'll probably never fork the work because if it was too hard to develop in the first place, you're not going to maintain the thing on your own.

    Worst case scenario? The shell never catches on, but the interface does and eventually becomes its own project. C'est la vie!
  • by xeno (2667) on Friday January 28, 2000 @10:11AM (#1327669)
    Others have said parts of this, but let me try to put them together:

    Sure you can sue someone for taking your GPL code and incorporating it into a proprietary package or system. It's not stealing; you can't pursue that avenue. It is a license violation, and you could sue for that. But even better would be to take the resulting proprietary product, decompile it, and post the code publicly with specific documentation that it is now GPL code itself.

    Some thoughts about this:
    - The company will surely try to sue you and/or get an injunction. But then again, you were thinking about spending time in court anyway suing them, and you can surely countersue for costs and time lost. If you did your homework documenting that the code is a derivative of yours and that you were entirely within the bounds of the license that they adopted by using your code, you stand a good chance of having the case thrown out.
    - By releasing their GPL code for them, you expand the market for implementation and support services. Since it's a derivative of your code, you stand to benefit from it because you're more familiar with the code. Therefore it's mostly a good thing.

    This underscores the critical requirement for the legality of reverse-engineering. If click-licenses take the essential right to examine what you have purchased away from you, you have lost the right to know when or if you have been violated as a consumer or as a competitor. That's a completely unacceptable state of affairs: Imagine you buy a car with a 2.5L engine and the mfr puts a clause in the purchase agreement that licenses you the engine when you purchase the physical media of the frame and body -- and precludes you from disassembling the engine to see if they really gave you a 1.9L HO engine for which they stole the design from a competitor. It would be ludicrous, yet we accept the same arrangement in software. Why is Ferarri not worried that Chevrolet will steal their engine designs? Why are architects ok with giving their innovative structural designs to the public records office at City Hall? Why doesn't Makita worry that Dewalt will reverse-engineer their new compound-slide saw and put out a derivative work? Because these are all in mature enough industries where people realize that there's already ways to prevent misappropriation of technology (in the current legal context) without placing onerous legal restrictions on the consumer.

    Not to defend them, but one can obtain patents to protect novel algorythms and innovative software. Why hide code? For example, why doesn't Microsoft publish the source for Word and sue the hell out of anyone that inappropriately uses it? One would think that the best way to defend a patent would be to openly establish ones' work as prior art by publishing the source just as every car comes with an openable hood.

    Jon
  • you're concerned that someone might *USE* your code? That can only be what it is, otherwise just put it under the GPL and no one can take modifications private. Geez, you're using Bill's code but you don't want him using yours...you are such a model of even-handedness.

    If your abstraction code is so abstract that it doesn't need modifications to be used elsewhere, yet so useful that you fear people might use it, then it must be pretty cool.

    Just let people use it. Share your code with the world. Be magnanimous with your creations. Cast off your xenophobia and fear of outsiders, and let people outside of your tribe partake of your labors.
  • when it comes down to it, there is no case law regarding inforcing the GPL, and even if there would be, there is no magical way to detect violations. You just have to watch the market you're in and hope you'll spot obvious violations.

    For all we know, there's Linux kernel code in the Win2k code. Can you prove there is or isn't? No way!

  • by Anonymous Coward
    It sounds like what you're saying is that you want to design an interface and make sure that everything built to conform with that interface has to be open source. I don't think there's any easy way to do that, and I don't think there should be; interfaces ought to be public domain.
  • by SEWilco (27983) on Friday January 28, 2000 @08:36AM (#1327676) Journal
    It's an open interface. It's designed so others can interface to it. You can't stop it. You really should be asking how to embrace it.

    You could produce a manual which clearly describes the components and interfaces, and get a tiny income by selling it to that handful of developers who will be creating new modules.

    You could make what you're supplying so good that nobody will want to replace it.

    You could encourage replacement of components and focus on providing good parts for those components. Such as assuming that your user interface isn't the best, but you've decided that you're just making a user interface which is so flexible that it will be tuned by others to do what they need.

  • But this problem faces EACH AND EVERY Open Source project! What makes this case so different from all the other ones? Did we just discover today that it's hard to tell what code a proprietary binary uses?

    You're right, I didn't read it clearly. It's pretty obvious that something is missing in the story. Without knowing what it is, I am forced to use my own imagination as to where the problem lies.
  • Maybe I'm missing the point here, but if you absolutely, positively do _NOT_ want someone using your code, why the hell would you make your project open source in the first place?
  • by John Murdoch (102085) on Friday January 28, 2000 @09:35AM (#1327687) Homepage Journal
    Thanks for your comments.

    First, the question of China and intellectual property. This is a settled question in the history of economics: there was no such thing as intellectual property protection before the mid 1700s in Britain. The development of intellectual property protection--specifically the monopoly rights to your creation--was the basis for the Industrial Revolution. The nations that industrialized early were those nations that adopted intellectual property protections (such as the U.S.). Those that did not adopt IP protection (France, the German states) were left behind. They did not begin to catch up until they adopted protections for intellectual property.

    Poverty in China is no reason why there is no Chinese software industry--there is plenty of poverty in India and Pakistan, but there are booming software industries in both countries. Remember that before Ed Yourdon was crying wolf about the Year 2000, he was crying wolf about the threat from cheap labor in India. (And many of us who have worked in IT for a long time can name former clients or employers who outsourced all their programming to Indian firms.) What's the difference? India and Pakistan both protect intellectual property rights. China doesn't.

    If you want to look at a broader comparison, consider East Germany vs. West Germany; North Korea vs. South Korea; Singapore vs. Malaysia; or practically anybody in Asia vs. Indonesia. Technological innovation boomed in West Germany, driving the booming economy--to the extent that the Third World War that we were brought up to expect didn't happen because West Germany more or less just bought East Germany. It wasn't a war--it was a white-knight takeover. Technological innovation in West Germany was protected by intellectual property rules, it was not protected in East Germany. Without an impetus to innovation, nobody in East Germany felt a burning desire to innovate. The same situation exists in all the other countries I listed: forty years ago there was no economic distinction between the pairs of countries I mention. The country that has prospered has done so through technological innovation. If the other country (such as Indonesia) has prospered at all, it is largely a result of the extraction of natural resources and the exploitation of cheap labor.

    Intellectual property protection begets technological innovation. Technological innovation begets economic progress. You can have technological innovation without IP protection--but the record of history is brutally clear: without IP protection the rate of technological innovation is dramatically lower.

    (This, incidentally, is a major part of the World Trade Organization's dialogues with the People's Republic of China. The industrialized West wants the PRC to develop strong intellectual property rights to encourage technological innovation. To many people it looks like the U.S. is trying to jail people bootlegging copies of Windows. What those people, including the PRC's leadership, don't get is that if and when somebody develops a Chinese OS that's better than Windows, Microsoft will instantly become the #2 player in the game. Way more people speak Chinese than English.)
  • But on further review, it's not as bad as it seems. Yes, it sucks if people steal your code and use it in closed-source software, and there's not really any way to prove that they did.

    But now assume that this has happened, and let's look at what we have:

    1) An open-source piece of software (yours)

    vs.

    2) A closed-source piece of software (theirs)

    YOUR software is open-source, so it will continue to be better quality than theirs.

    THEIR software is closed-source, and we all know the problems inherent in that.

    So the problem is really only a moral one. Yes, it's lame that they're stealing your code, but they're not going to profit from it as much as it would seem. I don't think there's a whole lot to worry about. And, you can take solace in the fact that if people are stealing well-written GPL code, the average quality of software is increasing, which is a good thing!

    So the point is, essentially, that you don't need to try and protect your code, because it doesn't make any difference whether people steal it or not, if it's already GPLed.

  • although even a line of original GPL code is enough to keep it under the GPL

    Actually I believe the legal precedent is that that about 10 LOC is about the limit for copyright protection (regardless of license).

  • I'm not sure, but I don't think the question was so much a matter of whether the code could be stolen right out -- that's an issue in all Free Software, but for the most part doesn't seem to be too big a problem.

    The question seemed to me to be if it was possible to protect the code from being manipulated. If they have well-defined, open interfaces between everything with a high level of modularity, it might be possible for some person (but probably a company) to use many of these modules with some replaced by their proprietary modules. The product as a whole would be proprietary, though many of the pieces would not be. This would obviously be in violation of the spirit of the GPL.

    The GPL does try to protect against this very thing. A GPL program cannot link -- even dynamically -- to anything less free than the GPL -- or, conversely, linking to a GPLed library can only be done by something that is GPLed. There is a (possibly dangerous) exclusion for system libraries -- but in a Win32 environment, that exclusion is obviously quite necessary as well.

    It's not clear whether the GPL's protection would also would be true for other interfaces -- what is a shared library? Is a CORBA interface a form of shared library? Is it protected under the GPL? Other interfaces? I think this is the issue in question. The output of a GPLed program is specifically not covered under the GPL, but output and interface can be a fuzzy distinction at times.

    Some people question whether you can protect an interface. That is, does fair use protect the use of all public interfaces? I believe the author of Ghostscript had these very same questions. You can read an interesting interview [devlinux.org] with him where he talks about these things and why he used a different license.

    One thing you might do is to clarify your own interpretation of the GPL in this context. This is something Reiser did for ReiserFS -- and he got a lot of flack for it, because he was adding something the the GPL. But I think it makes sense, since Linus has made his (I think flawed) interpretation of the GPL in regard to binary-only modules, you shouldn't let that be seen as the de facto interpretation in regards to your software.

  • by piloteer (38596) on Friday January 28, 2000 @09:39AM (#1327696)
    IMHO, while dollar values are important, they are really important in the context of opportunity cost (like everything else in economics). For example, suppose a large software company stole significant chunk of some of my GPL'd code. The fact that I decided to distribute the software for $0.00 does not matter. The important factor is that the large software company is selling it. If my code was 25% of the proprietary software and they sold 5000 copies at $50 a piece then a court ruling SHOULD look like this:

    Plantiff: they used my GPL code in their closed source code
    Defendent: yes we did
    Judge: Mr. Plantif, what is your lost revenue due to this theft?
    Plaintiff: Based on their selling price of $50 dollars a copy, of which 25% of my code is used, my lost revenue is $12.50 ($50*.25) per copy they have or will sell. (Opportunity cost being defined as the money lost by NOT selling my code). Total loss $62,500.00.
    Judge: I rule for the plaintiff in the amount of $62,500.00.

    At least that is the way things should work. You have to remember that in economics and law the value of forgone opportunities is just as real as cash in the pocket.
  • Your comparisons are very flawed.

    East Germany vs West Germany...

    You give all credit to the difference to their IP laws, not considering that there was modern democratic government with a commitment to industry in one country and a totalitarian government known for oppressive rule in the other.

    Ditto with a lot of other countries you mention. India is poor, like China, but has a much more open government and much better human rights history.

    And you also ignore the fact that the open IP systems in the leading countries give these non-IP countries a leg up. If China had all the same technology the US did, after sufficient delay to allow for copying it, then your argument might be believable.

    You'd have us believe that the whole country is full of people just waiting for an idea to pounce on and steal, yet they can't arrange plane fare to send someone to the USA and bring back books of patents?

    And then you point to "history", saying it proves your point. One example does not an argument make. Especially when it has holes. The renaissance started before IP laws were thought of. Much of history in prosperous countries has examples of science being funded by the government and financial concerns.

    I'm not saying anything about your ultimate conclusion, that IP laws are important to development, just that your arguments leading up to them are spurious at best.
  • I think you completely misunderstood. The article summary says Litestep is licensed under the GPL--his software _IS_ GPLed software. He's worried about other people completely and easily "borrowing" it for projects for which no source is released. Because much of his software is well-written (modular, with cleanly defined interfaces), copying the code into another application would be sufficiently easier than extracting an algorithm from spaghetti code.

    --
  • by Anonymous Coward
    The leading EJB open source effort just went through that battle a couple of weeks ago.

    http://www.ejboss.org/license.html

    They favor the GPL heavily. When java is used as an OS and uses pieces of independent developed code the GPL stops short of being viral.
  • by Orville (104680) on Friday January 28, 2000 @08:41AM (#1327703) Journal
    The GPL seems pretty ill-equipped to deal with this type of code 'piracy'. (I think the whole Sun-Blackdown situation pretty much showed that.)

    The thing I don't know: has the GPL ever been legally challenged? (i.e. has a company ever been sued for 'stealing' GPL'ed materials?) Seeming how this project revolves around a Win32 platform, I could easily imagine M$ lifting the best parts of the redesigned interface and billing them as their own. ('Freedom to Innovate').

    If having your code 'lifted' is a concern, I might almost try to find some form of legal advice about this.

    Another thing I've always wondered about: how does existing copyright law apply to "open" software? I remember Apple suing M$ over the use of the Win 3.x interface, but that case was settled out of court. (Any legal-type geeks out there?)

  • by Deadbolt (102078) on Friday January 28, 2000 @08:41AM (#1327704)

    If I understand your project correctly, then you might not be able to release this thing, at least not under the GPL.

    IIRC, use of a GPL interface, unless explicitly declared otherwise à la Linus' amendment to the GPL for Linux, generally means that the using code must also be covered by the GPL.

    Historical: NeXT wanted to use gcc as their compiler, so they wrote an obj-c frontend to link to gcc statically. RMS told them that that wouldn't get around the GPL's terms, so they put the whole thing under the GPL.
    Recent: I wanted to use a few Sun Java libraries in writing a GPL'd frontend for an IMAP client. RMS told me this was not allowed -- even dynamic linking is covered by the GPL.

    IANAL, but you may not be able to use the GPL. This sounds like a job for the LGPL, but talking to the FSF about this would definitely be a good idea.

    Cheers.

  • by Anonymous Coward
    ...is not suing someone who violates it. Remember, GPL says that whatever code incorporates your GPL'ed code is itself GPL'ed. Therefore, if a closed-source company takes your open code, and you can prove it, then anyone can legally "pirate" the closed-source code. They are only closed until someone figures it out.

    So if you want to enforce the GPL, run your decompilers, find all the closed stuff that incorporates open code, make sure you have a strong case, and post that software to the net. Then you'll get your case law...

  • That may be what most people think the GPL means, and it may be what RMS wants it to mean, however, the subject of dynamically linking to non-GPL libraries from GPL code is rather vague.

    GPLv3, of course, will address this issue. It will clarify the point that dynamic or other runtime linking will not allowed with non-GPL code. This would normally not be a problem, and many library licenses have clauses pertaining to runtime linkage. However, couple this with the "viral" clauses of the GPL, and the situation becomes untenable. Hell, even viewing a javascript-laden webpage under Netscape could land you in jail! Talk about freedom!
  • Could you please explain exactly what the problem was with GPL'ing code that used a few Sun Java libraries? I've seen GPL'd java programs out there, so this is very confusing.

    On a slightly different note, let's say you have a proprietary library, but with an open API spec. Can you right a GPL'd front-end that uses that proprietary library? Could you distribute the whole thing, front end GPL'd, backend binary only?
  • If you hold the license, yes. When you GPL code you still own the copyright and you can release it later under different terms, or use it yourself in any way you wish.

    The only thing to note is that you can't retroactively revoke a license. If you release a work under GPL then later stop offering it and offer the same work under a different license (if at all) people can still distribute the GPLed version and new users are entitled to use the GPLed version if they can find it.

    On the redhat thing... Redhat doesn't charge for any of the software (AFAIK) except that which is covered by patents and they have to pay a licensing fee for. They do charge for support.

    But, go for it. More GPL software is always good, and as you say, if someone wants the interface badly enough, they can always write it themselves.
  • You have that right.

    Remember that that Linux API is entirely a copy of someone else's API. Either Unix or Plan 9, and yes, the system calls, details of files, networking, etc.

    Thanks

    Bruce

  • As I read it, and IANAL either, is that you can not produce proprietary, closed programs if you base them on something that is GPL.

    This is why GPL is sometimes referred to as viral copyright, it infects all derivative work to be like it, or not be at all.

    And you thought Microsoft was the BORG?? Resistance is futile, you will be GPL! Ha!
  • As someone who works for an ISP and hacks mail code for a living, I can say that your example of the DNS server is not completely a bad thing.

    I can't count the number of times we've had stupid problems because other people run lameass SMTP daemons, which were likely all written from scratch. I guess it's irritating that companies would make money off one's code though I don't object to it much. But having a free (free enough to be closed) reference or standard implementation means that there's fewer morons out there writing their own bogus code to mess with my servers.

    You can say that it's dishonest or unethical or whatever to just take bind or whatever, close it and add a little interface, but would you rather have 8 bind-alikes out there or 8 scratch written DNS servers with their own little bugs and idiosyncracies making everyone else's lives miserable?

    Personally, I see that as a win for Open Source. The point is to make software better. If someone's good free code can prevent a moron from writing his own crappy closed code, software is better. While irksome in its cheapness, that behavior is far better than many alternatives.
    --
    Kevin Doherty
    kdoherty+slashdot@jurai.net
  • These beasts are inherently evil, we all sense that. But the only way to protect your open source software is to patent the concept.

    If it's something totally novel, you might get away with it, but you probably won't. If it's an alternative, you'd better hope yours is most efficient by orders of magnitude, else nobody cares about your approach at all.

    And your definition of the algorithm/method has to be nebulous enough to prevent alternative implementations. After all, source code is not poetry, you can get the same effect if you rephrase things.

    So this is how we get to the patents on 'one-click shopping' and the trademarking of the word MULTIMEDIA.
  • "Personally, I wouldn't want people using my open code in closed source software."

    If that's what you want, then come right out and say so! Don't stoop to using the GPL which is quite vague on the subject of linkage. If you don't want runtime linkage, then write your own license that specifically prohibits it.
  • by twit (60210) on Friday January 28, 2000 @08:46AM (#1327729) Homepage
    If your code is to be stolen, it's almost impossible for you to prove it. This is an argument against all GPL'ed code, for that matter. However, there are two arguments against license violation of a GPL'ed piece: one for you, the other for those who would violate the GPL.

    Firstly, there's the fact that for a freely distributed, GPL'ed work, you yourself lose nothing, those to whom you distribue lose nothing, and those who would respect your license lose nothing. There will always be freeloaders, and there will be freeloaders no matter which license you use, even a proprietary one. If you are using the GPL for the right reasons, the benefit of placing free - as in libre - code in the public sphere outweighs the irritation of having ne'er do wells use your code.

    Secondly, to create a distinctive piece of software, the advantage from using GPL'ed code is greatly overweighed by the potential for legal action. A lawsuit can kill any product and even any company; the expense of a clean-room rewrite of a tainted product is so much greater than the potential benefit from using restrictively licensed code. Any corporate lawyer could make this call instantly, although I have less faith in PHB's and even less on individual coders. Still, I doubt that your prodct will be thoroughly exploited; snippets yes, the whole thing, no.



    --
  • by redelm (54142) on Friday January 28, 2000 @08:46AM (#1327730) Homepage
    This bothers me a bit too. The GPL covers "derivative work", although just how much code needs to be included to make something "derivitive" is not clear. And copyright doesn't protect ideas, just their expression. So someone could read your code, see a nifty idea/algorithm, and use it with impunity.

    Detection is another problem. How are you going to know they used your code? They don't publish theirs! You could always try to figure out what compiler & options they used (but watch that EULA!], compile your code that way, and compare.
    Very tough.

    Fortunately, once you really think they did steal GPL code and you're willing to start a lawsuit, things paradoxically get easier. IANAL, but you have subpoena power for depositions and discovery. They will have to produce their source code, and employees will have to answer were it came from.

    -- Robert
  • by John Murdoch (102085) on Friday January 28, 2000 @08:47AM (#1327733) Homepage Journal
    In theory you can enforce the GPL in court--suing someone who pirates your code. In practice, you have no defense against somebody plagiarizing your code. Your team members are entirely correct to worry that the fruit of all their hard labor might be swiped by somebody and used in a commercial product.

    You and I and the entire SlashDot community might argue about whether such plagiarism might happen--but the simple facts of history are brutally plain: without intellectual property protection that kind of plagiarism practically always occurs.

    Example: consider the People's Republic of China. The PRC has paid lip service to intellectual property issues, but fundamentally there isn't any such thing. When was the last time you bought (or heard of) a piece of software developed in the PRC? It isn't because the Chinese are stupid--far from it. The ranks of American software firms (and the membership of SlashDot, I'm sure) are chock full of ethnic Chinese, and Chinese emigrants. But because anybody can peek at your work and swipe the results--and laugh at you while he's headed for the bank--most people decide that there is little reward for innovation. What innovation there is tends to be "protected" by some kind of secrecy scheme, or done because the innovator derives personal pleasure from giving his creations away.

    This is a painful lesson to learn--but this is simple history, and simple economics. In some technologies there have been significant barriers to plagiarism (I can plagiarize ABB's technology for continuous-casting sheet steel--but unless I have $100 million for the machinery, not to mention sales contracts with Ford, I can't use their invention) but in software there are no barriers at all. If I can read your source code, I can use it. I may not copy it--I might just grasp the ideas and incorporate them in my next product design. And there is practically no way to prevent that from happening. The only way to protect the work that you have done (and to profit from it) is to seek refuge in the rules of intellectual property.
  • Be inventive about the features and patent the novel ideas. Hang on to the patents, and then when MS steals the code, enlist IBM's aid in fighting back

    Also, have faith that in the long run, the open source version will win anyway. Think of it like forking: the main branch will prevail. Remember, Stallman started on the whole endeavor by de-closing features he wanted. It looked hopeless but it turns out it he was pulling on a thread that unravelled the whole wooly closed source sweater.

To restore a sense of reality, I think Walt Disney should have a Hardluckland. -- Jack Paar

Working...