AOL Pulls Nullsoft's WASTE

dmehus writes "America Online, parent company of Nullsoft, has pulled what it views as a controversial project called WASTE from Nullsoft's servers. This is not the only time it has stepped in to Nullsoft's doings. It had quickly taken down Gnutella, developed by Nullsoft co-founder Justin Frankel, and shut down an MP3 search engine. CNET's News.com has more details." For those not keeping track, WASTE was only recently released.

Does GPL apply?

[Skynet]

The code was written in house, and thus was the copyrighted property of AOL Time Warner. It was released without the consent of the company by some developers at Nullsoft. If that is true, isn't it still the property of AOLTW?

Are there any precedents for this type of thing?

Where's the money?

[bigman2003]

AOL sees WASTE (and a few other Nullsoft products) as something that:

A- Doesn't provide them with a revenue stream.

B- Could bring on lawsuits

C- Competes with their other products.

AOL is a huge company, with lots of money. They could get sued for *real* money, not just Napster money. Also, the fact that they own a lot of media might cause them problems.

We are on the cusp of a new era of 'authorized' file downloads (iTunes). Finally big business is learning how to make money from music on the web, and letting another free service rear it's free little head isn't part of their plans.

It seems like Nullsoft is forgetting who butters its bread.

Contracts?

[ggruschow]

From the outside, these guys just seem to be screwing off all day long. It all sounds rather fun, but why does AOL need to employ them to do this?

Do they want this publicity?

Did the NullSoft buyout contract specify that they had to keep them on for a decade?

What is it?

What a Waste....

[moehoward]

But not surprising. I just don't get what these developers are thinking. Something like, "Yes sir! May I have another?!?!?!"

This is not the type of fight you can win from within. It's long past time that they free themselves from AOL.

Step 1: Write great software
Step 2: Make sure the IP for that software belongs to a meglomaniacal corporate structure
Step 3: Disappointment, Rinse, Repeat

Re:haaaaaa told you SO !!

[moonbender]

Ehm, no. Eminence said: "It's already irrelevant whether AOL would pull the plug on them. The source is out. GPL-ed."

And that remains absolutely correct. Of course AOL can pull the plug, but the damage has been done, in a manner of speaking. That said, AOL pulling the plug might mean there is no or hardly any support (user or developer) for WASTE now, so people will have to figure it out themselves. That might hinder the development a bit. Still, if there is demand for an app like WASTE - and I'm not sure there is - people will figure out just fine.

WHAT DOES IT DO?

[jrest]

Hello?

All this talk about the GPL is fine, but WHAT DOES IT DO?

Regards, etc.

only 2 possibilities

[DrSkwid]

1. AOL are the copyright holders and as such the code was never released by them under the GPL so it's not under the GPL now and never has been.

2. AOL don't own the copyright and as such the code is, and always will be , subject to the GPL.

Difficult Question

[0x0d0a]

Well...that's a difficult question. First, Justin may have the ability to make official Nullsoft releases, unless AOL specifically forbid this when they purchased Nullsoft. If he's authorized to act as an agent of the company...then the company did the release. Second of all, while it's conventional for software developers to sign with a company saying that (at least) stuff written on company time is owned by the *company*, IIRC Justin was a founding member of Nullsoft. There may not have been any such contract when he joined up. Third, while he definitely *used* it on company time, nobody has made any statement to the effect that he *wrote* it on company time. If he did this at home, it may mean that he owns the code.

Re:I dont think AOL like Justin much

[TeddyR]

Hmm... maybe the only way for him to get out of his "contract" might be to get fired by aol?

There may be a non-compete or other clause making it that if he quits, then he may have to give back some of the money/NOT be able to do what he likes.. (ie: he has more freedom now as an employee than he would if he quit; but not as much as if he was fired)....

just a random non-thought...

Re:GPL - Source Posted

[Jameth]

- - "exactly how can AOL plan to pull that?"

- They can't. Dave Winer has posted the source.

They Can. Read what they posted in its place. They say it wasn't released legally. If it wasn't released by anyone with the right to the code, it isn't under the GPL, just as an employee at MicroSoft couldn't release Windows under the GPL.

On another note, although I usually don't think companies are this Machiavellian, does anyone else see this possibility:
AOL faked an illegal release so that tons of people would have copied of illegal source code. Then, if a similar competing Open-Source project is created they can easily claim it used their code and wasn't actually developed independently. After all, they could definitely say that the authors of the other project could have easily stolen their source code. I'd only suspect something like this because WASTE actually isn't that complex of a program. It's not nothing, but its definitely something the community could put out in a month if some people tried.

However, I suspect it is more likely this was just a mistake, or Nullsoft not checking with the high-ups.

Re:Where's the money?

[Jameth]

I suspect its more a matter of AOL getting the heebie-jeebies about the words 'File Sharing'. WASTE wasn't a massive-share system. Rather, it was a tool for work-groups, something many companies want. Or, equally likely, AOL saw the product and saw big money, because people Will pay for something that does that, and with reason. Secure sharing of whatever is needed to be shared is something many companies need, especially if they want to allow their employees to work on confidential files from home.

Re:To everyone posting the source code

[Anonymous Coward]

Just because you want this to be true does not make it so.

If an employee steals money from a company and distributes it, does the company not deserve to get its money back, in addition to having recourse against the employee?

Re:GPL - Source Posted

[Anonymous Coward]

It doesn't matter if the source was posted on God's web site. If the individual who posted it (somebody other than God, presumably) didn't have the exclusive copyright to the code, they couldn't legally release it.

That's what AOL is saying. And they're almost certainly right, from what I can tell.

"GPL" is not a synonym for "I can do whatever I want."

Re:GPL - Source Posted

[Anonymous Coward]

Well, no. Nullsoft owned the copyright, and Nullsoft posted it. Where Nullsoft (or the employee) was authorized to do it is between Nullsoft, AOL, and that employee.

If Nullsoft had first set a precedent by releasing this another way, then I could see them saying that this was against their published policy, but they didn't demonstrate that this code was meant to be licensed another way.

AOL forced them to say it after the fact, but it's just like a trade secret. There is no secret once the secret is told. If Nullsoft wants damages, then they should go after the unauthorized employee.

Re:Mirrored

[LostCluster]

If parent AOL says they had approval authority over Nullsoft's releases, then that approval or disappoval should have happened before the release hit the www.nullsoft.com servers.

If AOL was really scared of Nullsoft making unauthorized releases, they could have required that Nullsoft not have a website under their direct control, and that they'd have to send all web content to the people who run www.aol.com who would of course send the content to headquarters for approval before putting it up. The fact that such a process doesn't exist tends to indicate that somebody at Nullsoft has the authority to post software.

Re:GPL - Source Posted

[Arslan ibn Da'ud]

n another note, although I usually don't think companies are this Machiavellian, does anyone else see this possibility: AOL faked an illegal release so that tons of people would have copied of illegal source code. Then, if a similar competing Open-Source project is created they can easily claim it used their code and wasn't actually developed independently. After all, they could definitely say that the authors of the other project could have easily stolen their source code. I'd only suspect something like this because WASTE actually isn't that complex of a program. It's not nothing, but its definitely something the community could put out in a month if some people tried.

Doesn't matter. If WASTE is really a simple protocol then it can be reverse-engineered. And therefore built w/o using any 'tainted' NullSoft code.

After all Gnutella's protocol (and code) was reverse-engineered. No current Gnutella s/w uses NullSoft code. AOL pulled Gnutella's release just days after NullSoft released it, yet they've been silent regarding Gnutella's propagation ever since.

You can't sell the Brooklyn Bridge

[ikekrull]

If this release was not authorized by AOL, and it isn't entirely clear that Nullsoft did not have the right to do this, then I would say that you would be forbidden from distributing the code, regardless of the fact that it carries a GPL license.

You can't take, for example, Microsoft sourcecode from the WinCE SDK, slap a GPL license on it and claim it is now covered by the GPL.

If, however, the WinCE division at MS, who presumably has full responsibility and authority to handle code releases put the WinCE code under the GPL and released it, in good faith, then that would be binding.

i.e. if the city of New York sells the Brooklyn Bridge for $1 in a legal transaction, then the new owner owns that bridge, regardless of the seemingly low price.

If it was cool to buy hundreds of thousands of acres of land off the indigenous peoples of america for some muskets and smallpox-infected blankets, this is cool too.

However, the code has been released, so while you could not distribute the code as-is, there is nothing to prevent anyone studying the code and and releasing a compatible implementation, unless it infringes copyright (contains cut n pasted sections) or patents (not sure whether P2P patents exist or who owns them). You are not doing anything illegal if you use an MP3 (regardless of its origin) of a pop song to figure out how to make a pop song of your own. The person who sold/gave you the MP3 might have a problem however, and the owner of the copyright that covers the MP3 could demand you destroy/return it upon discovery of it's improper distribution to you.

This would have to be ordered by a court to be legally enforceable, but you may be guilty of a crime by delaying the destruction/return if you do this in bad faith. i.e you know the copyright they hold is valid, yet you ignore their reasonable and legal request for its destruction/return.

AOL could, assuming their claims that Nullsoft were not authorised to release the code under GPL are true, sue anyone they can prove is distributing the code for copyright infringement.

However, if such a lawsuit was pressed, you could request that AOL prove that Nullsoft were not authorised to release software that carried AOL-owned copyright, or that they prove that Nullsoft were acting in bad faith - that is they knew the licensing terms of the software in question would violate the law or go against AOL's wishes.

If they cannot prove this, then I would guess the GPL stands, and tough cookies AOL.

But certainly the mere presence of a GPL notice does not convey legitimacy to the GPL license terms.

So, what it really comes down to is 'do you trust AOL to tell you the truth that this code was released improperly'.

If you can convince a court that you were honestly unable to determine the legitimacy of their demands (not sure you could use this as a defense against AOL, it would be watertight against SCO), then you are also OK for keeping and distributing this code despite requests from them to remove it.

After all, they can lie to you about this and not run any significant risk because of the size of their bank account, yet you have no way to verify the authenticity of their claim without a court order for them to unseal the terms of their contracts with Nullsoft, or their sworn statement in court of law.

How can we know that AOL is not lying about the fact they did legitimately GPL this software, and since there is no law against making false claims outside the realm of contract or consumer law, it seems a pretty murky area. Its not like AOL has any disincentive for lying about this.

I can stand up and say 'I am the Pope of Hudson County! Bow before my lily white ass', but failing to bow is not a crime, much to my chagrin.

It is an interesting position, and bears remarkable similarity to the whole SCO debacle.

Re:GPL - Source Posted

[Anonymous Coward]

Similarly, to help the community better understand, if somebody released GPL code under a BSD license, it would be illegal

Re:only 2 possibilities

[Daniel Phillips]

This post shouldn't be modded offtopic...

Well, the "you're wrong" part is wrong, because I didn't realize right away the author was presenting a list of alternatives, and stopped reading at the "wrong" first one.

Other than that, it still seems pretty accurate.

Re:It's illegal

[Felinoid]

There is the rub...
If an employee released it on his own then he's in deep trubble.
Somehow I highly doupt this is what actually happend.

It appears that Nullsoft released this software and AoL/TW is now trying to UNrelease it.

For now I'd like to suggest this software is lethal. Treat it like DeCSS and archive it for a while. At least untill we have the full story.

I however don't believe it was released illegally by an employee acting on his own but legally by Nullsoft.

What this looks like...

[Ryan Amos]

AOL's higher ups have enough clue to realize this wouldn't be used for much wide-scale P2P sharing; indeed, it's limited to 50 users so something like BitTorrent is still much better suited to piracy. Rather, AOL probably saw WASTE as a competitive edge, as it was developed so that employees working on projects at different AOL field offices could collaborate without having to worry if one of AOL's competitors (or their boss) was snooping. If it's GPLed, all of AOL's competitors get the same advantage, as AOL can't snoop on their conversations, though more than likely they're using secure VPNs or direct fiber links anyway.

So basically, I don't think this was a case of AOL being worried about piracy, this was a case of AOL wanting to protect their company secret. You really can't blame them either way, but regardless, it's too late. WASTE will continue to be developed just like Gnutella was, and Open Source developers will probably try and reverse engineer it and write their own version just to be safe and in the clear with respect to copyrights. But this is just speculation, I might be wrong.

Re:Wait a minute...they can't do that!

[Alsee]

If you downloaded or otherwise obtained a copy of the Software, you acquired no lawful rights to the Software and must destroy any and all copies of the Software, including by deleting it from your computer

Even if the code was posted without permission, that statement by Nullsoft is not valid.

The internet is a global medium. Anyone who downloaded the code is subject to their local laws. There are quite a few countries where the people who downloaded the code are completely free to keep, use, and distribute that code in any way they see fit - no matter what the circumstances.

Making legal threats telling people what they "must" do to a global audience is just stupid.

-

This is going to be resolved rather quickly.

[Anonymous Coward]

1.) WASTE seems to have been a proof-of-concept. Just like GNUtella. AOL got queasy and pulled it, but you can't un-ring a bell.

2.) Somebody's going to reverse-engineer the code and put out a "kosher" version. Call it Basura, call it TheRoundFile, call it Garbageman, call it whatever. Everyone will know what it is...nudge nudge, wink, wink, say no more, say no more. Just like GNUtella.

3.) Someone at AOHell's Nullsoft subsidiary got fired yesterday. Guaranteed.

4.) AOHell will toss the whole Netscape subsidiary over the side. This will mean that Mozilla will be forked and renamed. Hmm...where have I seen that before? Netscape 6.x will be a dead cul-de-sac. Heh, apropos, because Netscape 6.x did indeed bite the sac...;-)

Re:GPL - Source Posted

[Cyberdyne]

Except that some random employee could just as easily post it there as somewhere else, assuming he had access to the source and the website farm. Right? The point being AOL can claim that Nullsoft division had no right to distribute that, and bingo, thats it.

They'd have difficulty pulling that one off; as their employer, AOL is subject to vicarious liability - within certain limits, it doesn't matter whether it was authorized or not, AOL are still stuck with it. So, if (for example) a Microsoft guy gives me a free copy of Visual Studio, they can't come after me for license fees later. IIRC, the limit is whether or not it was "reasonable" (to the court) for that employee to be doing so: a PR guy handing out free samples is OK, claiming to give me authorization to post it on Usenet is not ;-)

In this case, I'm pretty sure any court would uphold the Nullsoft action: assuming it wasn't a case of their website being cracked, the software was developed and released in the usual way, as they've released other programs in the past. AOL would have great difficulty getting past that. (Of course, they're free to delete the files from their own website - they just can't retract the GPLed copies already out there...)

Re:Already on sourceforge.

[Tanaan]

informative ? there are exactly zero files in the project's CVS and no files to download

Early analysis of Waste

[Checkered Daemon]

There's been some early analysis of the WASTE system on the cryptography mailing list, which tends to attract some pretty high-powered crypto talent. While a lot of the discussion has centered on factors that would require a highly sophisticated attack (is MD5 broken, would AES be better than Blowfish, is PCBC mode appropriate, etc.) the main argument is that using a well established crypto system such as SSL/TLS would be far better than trying to design a whole new system from scratch, a conclusion that I highly agree with.

Re:Wait a minute...they can't do that!

[stinky wizzleteats]

And add to that my mutella node. Do a gnutella search for "waste". We need more people to pick this up and run with it. Any freenetters out there that can throw it up on freenet? Probably gnunet, too.

Re:Contracts?

[jackb_guppy]

I had that...

It was "No Jeans"

So I looked up Jeans and found "made from denim", looked up denim "100% cotton twill"

I found a blend of 70% cotton and 30% - so not Jeans.

Then was called for that. Pointed out that legal base. They then tried:
Lapped Seams -- showed 2 people in the room wore pants for that type.
Cotton Twill - showed them cords in the room.
"rivets" -- showed 2 more that had those.
"color and look" -- pointed out the Head of HR a skirt on that was all of that -- a converted blue jeans pants.

I got suppended for "bad attitude" without pay for the weekend. It was late Friday when it happend, I shouldn't have to work the weekend, anyway. I could not come into work, had to take the weekend off. And this was during a year I put in 3000+ hours of work. Documented! and got a great bonus at the end of year. ... I thanked them for the vacation time, and went home. At 6am on Saturday my manager called and asked if the release was ready for Monday Morning shipping. I said no, that was what I was going to doing this weekend, but you sent me home. He asked if I could come in a get it ready, he would give me whole week-off next week with pay and get me an exeption to rules.

So the rule became: "No looking Jean pants of the colors blue, white or red."

I had Black Jeans :-).

I did point out the head of HR would have to give up wearing the fadded Jeans (blue w/ white patches) - he smiled and said "Yes".

Re:It's illegal

[ChaosDiscord]

Yeah people will really take slashdot posters seriously on other issues now...Everyone will no longer believe any excuses slashdot crowd makes, since /. make judgement 100% for selfish reasons.

Anyone who only weighs the opinions and statements of Slashdot users as a whole is an idiot. Picking one end of the spectrum of views and holding it as the beliefs of an entire large group is idiotic.

Slashdot has hundreds of thousands of readers. Despite popular troll claims, we are not a hive mind. Expecting every single reader to hold the same opinion and toe some sort of party line is stupid.

Re:GPL - Source Posted

[dirk]

That depends on the how Nullsoft usually gets approval (if at all) to release software. Are they supposed to clear anything they release through AOL? Clear any new program they release through AOL? In these cases, if they didn't clear it through AOL, then it was released illegally. If they have never had to receive the OK from AOL to release anything before now, then this release will probably stand as legal.

As for whether they can come after you, if the release is illegal, they can certainly come after you if you use code they posted. They can't come after you for downloading it, but if you repost it or use it in another program they can certainly come after you (mainly they will be able to stop you from using or posting the code, but if you continue to do so after they have informed you to stop, then they can go after you monetarily). To use your example, MS could make you stop using the free copy of VS if the PR person didn;t have authorization to give it out. If you ignored them and kept using it, then they could try and get license fees out of you. Once you are informed of the facts (that the guy didn't have the authorization to give it out), then you can be held responsible for your actions.

I had a (legit) use for WASTE

[TheSync]

I was intending to use WASTE to do secure p2p exchange of broadcast-quality MPEG-2 video files between television stations for co-production and regional distribution that was cost impractical to do by satellite.

Oh well...

Re:GPL - Source Posted

[Anonymous Coward]

> So, if (for example) a Microsoft guy gives me a
> free copy of Visual Studio, they can't come
> after me for license fees later.

Sure they can. If the person who gave you the free software wasn't the copyright holder, the copyright holder can come after you.

The funny thing is...

[Pulsar]

I saw the original headline about WASTE on Slashdot, never even read the story, forgot about it. But now that I've seen AOL has yanked it from Nullsoft's site, I'm downloading it and trying it out, not to mention posting it in a few safe places.

Scarcity is an amazing thing - by trying to put a lid on this, they're actually creating a huge demand for this program. I can't wait to try it out.

CYA

[Esion Modnar]

Isn't it possible that AOL knows the genie's out of the bottle (and doesn't really *care*), but wants some good plausible deniability in case of a lawsuit?

So they can say: "Hey, don't look at us! We *told* them don't grab that source code and run with it..."

Re:GPL - Source Posted - Not a Mistake

[Nom du Keyboard]

likely this was just a mistake, or Nullsoft not checking with the high-ups

I'd say that the real mistake would have been checking with the high-up first.

It's easier to beg for forgivness afterwards, than ask for permission first.

Re:GPL - Source Posted

[harlows_monkeys]

Another factor to consider is that the code that was on Nullsoft's site includes RSA code that is not only NOT GPL'ed, it is under a license that is incompatible with GPL! (Take a look at the MD5 code).

The P2P Wishlist (tm) and why WASTE isn't It (tm)

[Anonymous Coward]

WASTE sucks - Blowfish? Why not Twofish or AES? It doesn't scale (broadcasts), no point-to-point encryption, it must trust all nodes, no internal network anonymity, bloody awful key management, shit swarming, bad firewall circumvention... and something about the link negotiation looks wrong to me, though I can't put my finger on why (I'll go read it again and check my notes).

It's not the only project doing this sort of thing. Freenet, IIP, Bittorrent, eMule, hell even DC++... P2P is fashionable. Sometimes because it's thumbing a nose at control and copyright (hello, Freenet), often because when done right it works really, really well and is shockingly useful (hello, Bittorrent, eMule).

And it just isn't as fashionable if it doesn't include all the features on The P2P Wishlist(tm)... to be P2P's Ultimate Killer App(tm), a network/client must have ALL the following properties:

1. Cannot be shut down, even in the presence of multimillion-dollar organisations and even governments actively trying to do so.
2. 100% distributed to avoid all single points of failure (see 1)
3. Really, really, really fast.
4. Must scale - i.e., still be at least just as good, preferably better when it has 50 million nodes rather than 50, and not merely survive but flourish under a slashdotting.
5. Cannot, or will not, be easily targeted for blocking or ratelimiting by any ISP.
6. Must be leech-proof, yet not screw over those with restricted uploads or bad connections too badly.
7. Must be resistant to all forms of attack (see 1), even in the presence of a considerable number of malicious nodes attempting to disrupt the network by, for example, releasing fake files, flooding or spamming the network, or actual compromise by worms, viruses, script kiddies or professionally contracted full-time teams of crackers.
8. All parties must be strongly anonymous or psuedonymous.
9. All private communications must be end-to-end encrypted.
10. All connections must either be link encrypted, or actively not require encryption (but remember 5).
11. Must be resistant to traffic analysis.
12. Must be light on the protocol bandwidth and support very good, reasonable, rate limiting/traffic shaping internally (but still leech-proof).
13. Must be completely functional even behind highly restrictive firewalls - ideally, even behind HTTP-only proxy situations.
14. Should support some form of long-term intentional digitally-signed nym-based release-oriented file archive which is highly suitable for slashdotting. Digitally signed comments on releases/files from nyms allow for dedicated nyms to review or virus check releases.
15. May also support passive filesharing.
16. Should securely (nym-based) integrate everything we've seen from IM - presence, profiles, private communication (peer-to-peer and group-oriented), public communication (both moderated and unmoderated). Online (irc-style) and offline (email-style and usenet-style) ideally, at least in text, and also in voice and/or video if you're feeling really saucy, peer-to-peer file transfer also a cool idea if integrated intelligently.
17. Should support realtime previewing of media files even over slow links (hard, but sometimes possible - peeling, anyone?).
18. Should support realtime internet pirate radio/TV broadcast.
19. Should work very nicely with good media players and good CD/DVD ripping utilities, along with best-of-breed and cool audio and video codecs.
20. Must get on with personal firewall (yes, including XP integrated firewall) and antivirus software, even if said software is a bitch to get on with (hello Norton, Zonealarm).
21. Must not contain spyware, ad banners or anything of the sort.
22. Must be available for and get along with, at minimum, Windows (95 through XP/2K3 and beyond), Linux (all distributions, even weird ones) and Mac (OS X Jaguar, earlier versions optional).
23. Should be open-source, preferably free software. Securit

Take It Down

[Dolohov]

As badly mod-punished as I'm going to get for this, you're burning a hell of a lot of good will by hosting mirrors of WASTE. What if it were your own software that someone put up under the GPL without your permission? And before I get the chorus of, "All my software is under the GPL anyway!!" even software intended for free release shouldn't be distributed before the author is ready for it to be.

It's fine to speculate what exactly brought this about (And Nullsoft really should be more forthcoming than a plaintext legalistic note!), no speculation is grounds enough to justify redistribution of someone else's code that they've explicitly asked you not to redistribute. Period.

Re:Makes me feel like a teenager again

[blixel]

However, now that there's a big fuss about it, I couldn't help but grab it from a mirror and compile it. Just because it's illegal!

Maybe you're joking, but I'm being serious when I say I think that sentiment is wildly popular. By pulling the plug on this project, AOL has ensured it's success.

Re:WASTE...

[blixel]

Has anyone here actually used WASTE?

Myself and a friend of mine are running WASTE under Windows. Here's what I've learned so far:

• A lot of people don't understand what public/private keys are. Myself included, allthough I believe I now understand it thanks to an analogy posted by someone else. (See below)
  
• In order to establish a connection with 1 other person, both you and that person both have to have each other's Public Keys. (i.e. Jon has to know Jane's Public Key, and Jane has to know Jon's Public Key.)
  
• By default WASTE is setup to broadcast your own Public Key over the Network and to automatically receive Publically broadcasted keys. If that is changed, the following does not apply.
  
  In order to establish a connection with a 3rd person (or 4th, 5th, 6th and so on), the 3rd person only has to have the Public Key of 1 other person on the network. The other people's Public Keys will be automatically distributed to the 3rd person once they've established their first connection. (i.e. Jon and Jane have a connection established. Nick comes along and exchanges Public Keys with Jon. Because Jon and Jane already know each other's Public Keys, Nick automatically gets Jane's Public Key through Jon, and Jane automatically gets Nick's Public Key through Jon.)
  

(My findings could be wrong. This is just what I have observed to be the case with my own tinkering.)

An analogy for Public/Private keys as described by Jellybob [slashdot.org]. My Public Key is like the key to my house. I don't give it to just anyone, I give it only to people I trust, because I have to trust anyone who has that key with the contents of my house. I have to trust they won't "break" in, and I have to trust they won't give it out.

My Private Key is like the lock itself. If I decide I don't want anyone to have access to my house any more, I change the lock (the private key). Now everyone who has the old key to my house can no longer get in.

Re:GPL - Source Posted

[LostCluster]

On the other hand, AOL did act very quickly to take the software off of the website. A court might feel that this was sufficient to nullify the rights granted under the GPL to those who downloaded the software. Or a court might feel that it was AOL's internal responsibility to assure proper security procedures to prevent unwanted posting of software under GPL terms, and that the rights granted under the GPL to recipients cannot be revoked.

DANGER: Landmark test case lawsuit ahead...

If AOL wins: The GPL suddenly becomes revokable after the fact... which could help SCO in their profit-by-lawsuit business plan, and will likely prompt somebody into trying a GPL-and-run scam.

If AOL loses: They're now stuck with it... they just wrote and released a P2P client. Their only hope will be to try to push Nullsoft far enough away so the multibillion dollar Napster-style lawsuits only bankrupt Nullsoft and not the AOL/TW mothership. If that doesn't work, it's a horrible death for a megacompany.

Wow... high stakes here... who thought a simple piece of software could cause so much trouble?

Re:GPL - Source Posted

[WNight]

As long as the Nullsoft employee believed they were acting in good faith, the release is valid and AOL can't change their mind.

If a store clerk sold you a new computer, only to find that it wasn't general stock but intended to be a sales terminal, it wouldn't mean that they could find you and take the computer back. (With some small exceptions.)

A more relevant example might be if I worked in a tech support job and a customer called with a problem. I write a small GPLed perl script for them run to fix their computer. Technically, the company owns that program because I wrote it on company time, but this doesn't mean the customer doesn't have the right to use their copy (and if the license allows, distribute it). I was acting as a representative of the company at the time so my actions are their actions...

Re:GPL - Source Posted

[irontiki]

... who thought a simple piece of software could cause so much trouble?

cough...Phil Zimmermann [philzimmermann.com]