Is UnitedLinux Violating The GPL?

mmayberry writes "NewsForge has posted an article, UnitedLinux might not be very GPL-friendly. With a closed beta that includes an NDA, UL may be on the verge of angering a large part of their target market. You'd think that the likes of Suse, Turbo, SCO, and Conectiva would get the point by now..."

This is comical...

[meis31337]

What is the best way to NOT gain ground and support in the open source community??

How bout violating the GPL. Duh.

Considering the companies in UnitedLinux...

[leviramsey]

...It's not that surprising.

SuSE are not exactly huge supporters of the GPL, what with a non-Free installer and configuration tools.

Wasn't Ransom Love bashing the GPL a few years ago, while at Caldera and saying that the BSD license is better?

Yes, but...

[redragon]

The Linux community is pretty fickle. Seriously, with the number of licenses, distrobutions, holy-wars, does it surprise anyone that people are getting grumpy? There are just a lot of grumpy people, and seems a lot of them have a passion for Linux. :)

I figured at some point someone's toes would get stepped on.

GPL Death Penalty

[bwt]

I'm amazed that they would pull this. Their competitors have undoubtably contributed to some of the GPL software that is covered by the NDA.

What incentive does a company like say Red Hat have to not enforce the GPL death penalty, which says if you violate the GPL, your licence is revoked (GPL, section 4 sentance 2).

Well then

[sulli]

Don't use it.

Ehm......about that closed beta...

[The J Kid]

Not meaning too troll or anything, but...

The GPL states that you must make the Source Code freely avilible to your customers...

So if it's a closed beta only the people who recieve that beta have right to that source... and anyway, all the programmes are available on the internet (freshmeat) and as part of other distro's...!

Speellling is mi graetest good ting!

Re:Stupid Question

[enjo13]

I beleive that the only person with authority to prosecute them is whomever licensed whatever programs that they are violating the GPL with.

So if I made "Nicks uber cool GPL spreadsheet" and United Linux decided to take it, make a couple of tweaks and not release the changes I would be the one who was harmed and thus have legal standing to go after them.

I can also appoint a representative authority (with legal restrictions) like the FSF to go after them as well.

The point being, that whoever is at the top of the GPL pyramid (AKA the original creator) has to be the one to actually take action.

Amazing!

[Jason Earl]

RedHat has been handing these guys their hats for years now, and they still don't get it. It's the developers and the systems administrators that get Linux in the door, and likewise it is the developers and systems administrators that end up picking the distribution that gets deployed when the suits finally get the go-ahead. This is actually good news for distributions like SuSE, or Connectivain that if management makes the decision you can bet that they are going with RedHat, because they are perceived as the front-runner.

SuSE, SCO, Turbo, and Connectiva have to have made this connection by this point. After all, SuSE and SCO have had distributions that were as good or better than RedHat since the earliest days of RedHat's existence. Yet RedHat consistently has grown their market share and nabbed the big customers while the rest have struggled. The reason for RedHat's success is simple, they release their code under the GPL, and they actively court developers and systems administrators. Not that RedHat is neglecting CIOs. I am sure they are schmoozing the heck out of those guys too, but they realize that Freedom is an important selling point for Linux.

Think about it for a moment. As a developer or systems administrator which distribution would you rather deploy? Would you deply the distribution with FTP access to their emerging beta version or the distribution that requires you to sign an NDA before they will send you the binary-only CD? The choice for anyone that has ever banged his head against some piece of black-box software is obvious. Even CIOs are starting to get this.

How does an NDA violate the GPL?

[dasmegabyte]

NDAs generally prevent you from talking to people OUTSIDE a beta group about the product. Little prevents you from talking to others in the group about it.

The GPL guarantees copyleft to the "community" and availability of source to customers. As long as the beta members can get the source are free to share their changes to the source with other members of the beta group, they've maintained these rights, NDA or no. And UL doesn't have to worry about supporting a thousand different takes on a hundred different betas -- or about unfair reviews based on "stolen," partially working prereleases of their distro.

I've read the GPL a couple times, and have never gotten the perception that it prevented a company from preserving its right to sell a product and not offer Joe Q. Hacker full rights to recompile the source. As long as actual customers have rights to source, and a forum for sharing updates, I think there can be "closed" projects that maintain the GPL.

I'm amazed (well, maybe not)

[minkeyboodle]

I'm amazed at the jump-to-conclusion-ness of the croud here. Read the article, folks! It doesn't say a violation was found (which is what many are assuming in their replies); it mentions that there is a possible violation with the closed-beta NDA. Without seeing the actual NDA, nobody knows if there is a GPL violation.

I'm not saying there is or isn't a problem here, I'm just saying, "Don't count your chickens before they hatch."

Call me a cynic...

[perrin5]

Look,

Anyone commenting "Those bastards shouldn't violate the GPL!!!!" need to read the article, and if they have, they need to get their critical thinking caps on and RE-read the article. For all of you who just skim over the comments before making your own (I know you're out there), Here's a brief synopsis:
our "heroes" (the writers of this rather elitist sounding article) were concerned about the closed beta testing that went on, and asked how they "got away" with it w/o violating the GPL. UL said something non-commital, which the article attempted to paint as evil, and included a letter from the FSF asking to SEE the NDA that beta testers had to sign.

THAT'S IT!! There is NO PROOF OF ANYTHING. TO my mind, this is just a giant FUD (yep, I said it) to drum up anti-UL sentiment. The UL people didn't say anything bad during the conference call, as far as I can tell, but the tone of the article is set up to riducle and shame the UL project for anything it said out of line. (see the crack about "line-ux"...

So maybe I'm over-reacting - but on the other hand, just cause you're paranoid, doesn't mean they're not out to get you.

just my $.02

Re:This is comical...

[Elbereth]

So, it's okay for you to ignore the copyright on movies and music, but they can't ignore the copyright on some software?

I would die laughing if I saw modified, binary-only releases of GNU utilities on a P2P network.

Re:Hardly unusual

[rjw57]

The problem is that any NDA which restricts the right of the beta testers to distribute the distribution is in violation of the GPL. If the NDA mentioned doesn't remove the rights of the GPL and the beta-testers just don't re-distribute voluntarily, then the GPL isn't violated.

The GPL only protects distribution rights for the people you distribute to, it doesn't require that you personally release it publically, only that you can't stop the people you do give it to from doing so.

Or just the accusation

[ACNeal]

Why have proof or anything like that.

If they haven't modified anything GPL, then they CAN'T violate the GPL.

If the basis of the distro is security and configuration scripts slapped around the outside of the normal kernel, then there is nothing to fear.

And since this was my understanding of what the distro was supposed to be, they can't be violating the GPL. If they give you a piece of GPL'ed software, they can't keep you from distributing it.

They can keep you, with an NDA from distributing their distribution, with all the proprietary products slapped around it. They can keep you from spilling the beans as to exactly what little tools they have produced.

This is not to say they havn't, but the simple fact of an NDA and a closed beta doesn't even begin to smell of a GPL violation when you take into account what you already know of the companies involved, and what they have already stated their goals to be.

But lets accuse 'em anyway, just cause we already hate 'em. We can always apologize later, and claim absence of malice.

This is a pre-beta so,

[ebuck]

Since this is a pre-beta, can the software be considered released?

If you can consider it released, clearly they are in the wrong, but if the company wants some extra eyes to overlook their bug-laden code, what do they do?

Can they not release it, yet distribute it to developers they can trust as to not spill the beans to their competition?

What sort of arrangement must be made to be considered an "inside" developer?

Perhaps I'm simply not ready to burn UL since I haven't heard any FSF / GNU statements demonizing this action.

The intro to the article sets the tone for big business bashing, and the allusions to removed executives and emphasis on mis-pronunciation only create a literary atmosphere of distrust.

Which brings me to my only useful question. Why are we reporting about a "May be" on NewsForge? If we can get a "They violated X" that's real news!

Re:Stupid Question

[aero6dof]

The NDA's might be incompatible with the GPL, but I'm not sure that the GPL is being violated unless one of the receiving companies tries to excercise their GPL rights with the UL distro and is denied. Now if UL was making it difficult for end customers to redistribute or receive source there might be a story here. Until then, it's just an undefined, untested legal situation. (And I doubt any of the NDA companies would will bother trying to redistribute the UL distro because of business reasons - not because they feel limited by an NDA.)

How many of you have actually READ the GPL?

[Anonymous Coward]

I am not a lawyer, so what follows is 100% fictional, and bears no resemblence to anything:

A lot of people seem to think that if you edit a GPLed program, you have to give away the source code. WRONG!

You do not have to give it away at all, but if you distribute a binary you must make the source code available to everybody that you make the binary available to.

So, say I edit a GPLed program, and give a copy of the source code to my friend. Now, say you ask me for a copy, the GPL says I have to give you a copy, right?

WRONG! It says no such thing.

So, you ask my friend for a copy, he has to give you a copy, right?

WRONG! If we both want to, we don't have to give a copy to anybody else.

However, what I am not permitted to do under the GPL, is to prevent my friend from giving a copy to you, or to then prevent you from further distributing it.

It depends on the nature of NDA ...

[bockman]

if the NDA force them not to distribute some GPLed software, then it is a violation.

If the NDA is only related to some proprietary add-on software (like SuSE Yast2), or more generally to the way in which the distribution is assembled, it is not (IMO) a violation. It may be a stupid move, but not illegal.

This is, I think, why FSF asked UL to disclose the terms of the NDA.

defending a GPL

[chongo]

but exactly who is going to prosecute them?

As the first person who ever took legal action against somebody who wanted to violate a GPL (back in 1989) I can definitively say: The GPL Copyright holder is the one who has standing to seek legal action against the party they suspect is violating the GPL.

I.e., somewhere in your GPL / LGPL there is a:

Copyright (C) date

name

The name, or somebody to who they have signed over the copyright to, is the one who has standing to bring suit against a potential violator.

this isn't the generally accepted position

[Trepidity]

Corporations are legal entities, so distributing within a corporation is "private use", which the GPL explicitly exempts, since all the various copies of the code within the company are all licensed to the company, not the individual employees. I don't believe the FSF disagrees with this interpretation.

What's at issue here is whether distributing a beta to non-employees under NDA can count as private use, which it probably can't.

Re:How many of you have actually READ the GPL?

[coolfrood]

That is precisely what the NDA says. When they give you a software with the associated NDA, they are telling you to NOT give out the source code. If the software is GPL, you cannot force someone to not distribute it if he wishes to.

I'm glad none of you serve on juries...

[erat]

Without seeing UL, without seeing the NDA, without having any evidence whatsoever other than the dent in your chin from your knee jerking upward unexpectedly, most of you already seem to have tried and convicted the UL folks for GPL violations.

Tell me, what are you going to do if the UL closed beta NDA stated that only the proprietary components of UL are not distributable but the open sourced and GPL'd components are? Pull the usual trick: sit back and pretend you never said anything, then wait a month and start bashing UL as Satan's distro again?

That's just plain creepy... You let your senseless rage get in the way of reason. You probably don't even know why you hate UL so much other than the fact that you simply WANT to hate it.

If the UL team violated the GPL, fry 'em. Until I see damning evidence, though, they're innocent until proven guilty.

Re:Public Release vs Distribution

[Fastolfe]

A "recipient" is not explicitly defined to be a human being. Corporations enjoy status as individuals just as people do. You can license software to corporations, and the corporation is what ends up taking possession of the software. People acting as agents or employees of a company do not receive individual rights to software licensed to the company (which is what's happened here).

You are *perfectly* free, however, to go download the same GPL'd software on your own time and do whatever the hell you want with it. But don't expect to be able to include your company's copyrighted code in your derivative until your company has released that code.

Here's the way I see it.

[shren]

United Linux has a GPL piece of software. United Linux offers you that GPLed piece of software. You accept. United Linux says, "Wait. If we give this to you, you can't give it to anybody else." You sign the NDA and accept the copy of United Linux.

The GPL just says that if you do give it away, then you must give the source too. I don't see anything in the GPL saying that you can't forbid redistribution - it just governs what you must do if you distribute.

If UL gives you the software with source and binaries, then they have obeyed the GPL. If you sign the NDA, you waive your redistribution rights.

If you gave out the source after signing the NDA, you're breaking the NDA. If you give out the binaries alone after signing the NDA, you're breaking the NDA and the GPL at the same time.

Unless I'm reading the GPL wrong, you could GPL photoshop and sell customers both the source and the binaries, then require that they not redistribute the source. If you waive your distribution rights, then it doesn't matter if it's GPLed or not - you're forbidden to redistribute it.

It'd be interesting to see a license that combined aspects of the GPL - in that you must distribute the source - and some kind of micropayment screme, where your software or any software based on it requires n cents per day to run. Like, you can give it away all you want, but you can't use it without paying all of the authors of the software.

I write, say, a graphics library, and license it under this model. I give out the code of my graphics library, and in addition my graphic library requires a payment of one cent per day, which is managed by a central micropayment program running on each machine.

You can base code off of my library. You can charge a cent per day for your new version of the library. However, you can't take away my cent. Alternatively, you can write code and not charge anything - but I'll still get my cent, as you accept my license when using the code which says I get a cent.

That variant would be interesting. The source is open and free, but running the source costs money. Developers would be paid, but you'd get the advantages of seeing the inside and even the ability to redistribute different versions.

I'm sure the open-source commies are ready to cruicify me, but you could have a lot of pull to get people who sell software to open thier source under this model. They'd be releasing open code and making money at the same time. It's no more or less circumventable than normal software distribution, but it has open code.

Re:This is comical...

[numark]

There's quite a bit that they'd have to rewrite. Here's just a few of the programs that any Linux user can recognize that are GPLd:

bash, gcc, glibc, both KDE and GNOME, plus quite a few other window managers, virtually all drivers in existence, etc.

It's highly doubtful in the short year or so that UnitedLinux has been around for that all of those programs could either be replaced or rewritten. It's therefore logical to conclude that the UnitedLinux group is violating the GPL. There's virtually no way around it.

The Real Question

[Quixadhal]

Ok, let's see. "United" Linux wants to make a single unified base for linux distributions, what once upon a time was called a "standard". Good for them!

Since too many people have different ideas about what the "right" way is, and many of them have the technical ability to say "Fine! I'll go build my own linux distro, with blackjack, and hookers!"... they decided to make a corporate entity and just say "I am the law!" instead of continuing to argue with everyone else. Ummm, ok.

Now, they decide that all that GPL stuff, which each of the members has -- at one time or another -- spoken lots of pretty poetic phrases of support, and did much clapping of hands for... is not really as important as making their new business model/standards base work. Sooo, they ignore the SPIRIT of the GPL, even if they might or might not be violating the letter of the law. Ewwwww.

Let me ask this question of the United Linux folks... what are you afraid of? The traditional reason people DON'T embrace the GPL is fear that if their code (and thus algorithms) became public knowledge, others might do it better than they have, and thus steal away their market share. The assumption there is that service means nothing, and that the original developers would rather sit back and drink beer than continue to advance and evolve their product.

Why should I buy into the "United Linux" front? What do they do for me? It sounds to me like they want to be RedHat, but NONE of them individually have the talent, ability, or balls to make a better Redhat than RedHat. Don't get me wrong, I don't like RedHat... I actually like SuSE -- but that's why I don't want UL. I don't want SuSE, SCO, and all the others to become the next RedHat. We don't need it. We need cooperation, not more "our way or the highway" attitude.

Grow up people. If you don't like the GPL, then go rewrite things for yourself and call it something other than linux... call it ulix, call it moneyix, but play nice or go away.

Re:depends what you mean by freedom

[Mr. Slippery]

If you take a more libertarian view of softare freedom -- the ability to do whatever the hell you want to the software -- then requiring one to distribute source code when one prefers not to is actually restricting freedom.

When compared against a situation where everyone has the right to "do whatever the hell you want to the software", perhaps. But that's not the case under current copyright law. Under current conditions, the GPL adds to your freedom - without it, nothing permits you to distribute the software at all.

If copyright law went away and we could copy and distribute binaries willy-nilly, there's be no reason not to make source available, and market forces would make open source the norm. But given the interference of copyright applied to software, the GPL is a freedom-enhancer.

Re:Here's the way I see it.

[RealAlaskan]

I don't see anything in the GPL saying that you can't forbid redistribution ...

I do. Look here:

6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions.

You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License.

What part of that is hard to understand? You have no right redistribute GPLed software unless you accept, and abide by, the GPL:

5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it.

If UL gives you the software with source and binaries, then they have obeyed the GPL. If you sign the NDA, you waive your redistribution rights.

If UL requires you to sign the NDA, they are violating the GPL, and have no right to redistribute. You, on the other hand, do have the right to redistribute the GPLed code they gave you:

4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License.

However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.

Unless I'm reading the GPL wrong, ...

You are.

Re:This is comical...

[hayden]

The GPL allows you to distribute a closed-source modification of a GPL, as long as the distribution is within the organization making the modification. One could argue that by placing beta testers under an NDA, they're making those testers part of their organization. Who knows? Maybe they're giving them membership cards.

Ummm, no. The reason you can distribute GPL code internally in a corporation is (as far as I understand it) because in the eyes of the law the corporation is a person. Giving binary only GPL'd stuff to yourself isn't a violation so distributing around a corporation isn't either.

As for this being a loophole, I think closing it would be a bad thing. Getting Free software on the inside of a company is a Good Thing.