What's that? Did we have piss-poor sales performance? I know how to fix that: drive away the rest of our customers.

Any major OS may have an occasional problem. There is a difference between occasional problems and epidemic problems, though. Just about every piece of self-replicating malware created for Unix-like systems in the last twentyish years has required user intervention to allow it to execute (and thus replicate), in fact -- maybe all of them (I'm sure there are some I haven't read about, but all of them that I have read about require user intervention somehow). One of the big differences is Microsoft's reticence to admit to a vulnerability -- a problem Apple shares -- which tends to incent the vendor to hide or deny vulnerabilities rather than fix them a rather unacceptable percentage of the time. Another is the relatively small pool of people who know the system well enough to develop specific solutions (last I checked, a few years ago, Microsoft's fastest-ever turn-around time on a vulnerability from report to fix was longer than the average for core open source OS projects like OpenBSD and the Linux kernel).

Probably the biggest for Microsoft, though, is its refusal to consider many types of vulnerabilities as system issues at all. Instead, they are regarded as though they are unavoidable forces of nature, offloading the task of securing the system against these problems to detection and removal systems (e.g. antivirus software) rather than dealing with it at the source (addressing the system's flaws). As a result, there are always legions of viruses and other pieces of malware floating around out there that are largely identical to older viruses and other malware previously detected and protected against by those detection and removal systems. The new malware continues to work because it has been altered enough to escape immediate detection, even though it is basically v3.3 of a virus that has been through half a dozen other major and minor versions that attracted the attention of antivirus vendors in the past. New signatures and heuristic detection routines then need to be developed -- and, adding insult to injury, the new heuristic detection routines end up generating false positives a dismaying percentage of the time, resulting in occasional news items on Slashdot about some antivirus software flagging legitimate software as a "virus". All of this could be avoided by simply addressing the vulnerabilities at the source. Too bad some of those vulnerabilities are "features" that people who are aware of the dangers often try to turn off or otherwise render inoperable, an effort that is generally only partially effective (breaking the feature not not preventing all exploits of the underlying system behavior).

Examples of certain classes of software (notably including web servers) that are dominated by non-Microsoft (and especially open source) alternatives, where the Microsoft offerings still tend to be the most-compromised examples, point to a much more endemic problem with Microsoft's software development and maintenance policies than can be simply explained away by popularity making MS Windows a bigger target. An understanding of the architectural designs of various systems also lends itself to recognition of the fact that the kinds of problems "enjoyed" by Microsoft's software offerings seem pretty much inevitable at a technical level. Consider the fact that for almost thirty years Microsoft has failed to ever implement any kind of architectural privilege separation in an OS, merely laying a thin veil of permission-checking over a system without concern for privilege separation as a fundamental design principle, to the point where Microsoft's phone-home license verification has been found to literally turn off privilege checking so it can run. Even if it was merely a matter of popularity, though, that wouldn't change the fact that for security purposes you'd be much better served using something other than MS Windows, anyway.

Of course, some of this is changing for some Linux distributions, and the GNU project is a complicit contributor to the problem. Consider the case of Ubuntu's root privilege management, for instance, which has by default essentially replaced su with sudo, sudo being set up to use the non-privileged user account's credentials to authenticate privileged actions. This seems rather insane, especially given the potential dangers of nonroot passwords giving root access and the weight of additional complexity added to the privilege elevation authentication system (where complexity means more opportunity for vulnerability). In the end it does not even eliminate the ability to perform the same actions as su (sudo can be used to gain a root login shell). The sudo tool, after all, was designed to provide limited access to specific users, not full-system root access for the standard user, which means it is being abused to do something for which it was not intended, with predictable security consequences. It essentially creates a situation equivalent to MS Windows' superficial appearance of privilege separation, rather than taking advantage of the system's architectural privilege separation system. Of course, there's a caveat that applies thanks to the GNU coreutils version of su, which was intentionally maimed by eliding traditional ability to limit which accounts are capable of elevating privileges through su. The sudo tool at least returns that bit of control to system privilege management policy, working around the GNU coreutils version of su and Stallman's dogmatic opposition of authorization mechanisms. Stallman is, as clearly indicated by his commentary in the documentation for GNU su about why support for wheel groups to manage privilege elevation was left out, opposed to limiting public access to root privileges.

So . . . some of the open source Unix-like systems, in becoming decreasingly Unix-like, are rapidly approaching the Microsoft level of security stupidity. Those that are not doing so, however, still have distinct technical advantages for security over MS Windows, as well as benefiting from strong social advantages for security maintenance and bugfixing. It's not all about popularity.

I think you're confusing statutory damages with the kinds of penalties applied to criminal cases. If there are penalties, apart from those that must be specifically shown to have occurred by way of evidence in court, that is because they were specified by statute (thus the term "statutory damages"). This is not always the way it works, though; it depends on the specific violation committed. Sometimes (often, in fact) there simply are not any statutory damages for a particular violation -- and statutory damages are often less costly than buying a commercial license, so it's often a win just to have gotten statutory damages assessed rather than playing by the rules all along. Of course, that mostly only applies in cases where the license violation is not itself shown to be measurably damaging, because otherwise damages can be assessed above statutory damages. This is why the GPL (along with other restrictive "free" licenses) is kinda special when it comes to enforcement -- because it can be violated by the licensee, but does not have an easily applied standard for determining damages due to the fact there is no cost for the license, which is offered freely to the public.

Meanwhile, theft lands you in jail. It's a different ball of wax entirely. Ultimately, the difference is that civil cases are about damages -- a fact that leads to the possibility of someone being acquitted of a murder charge in a criminal court case, then found guilty of wrongful death in a civil court case, where the penalty assessed is . . . wait for it . . . damages.

At least, that's the case in the US, as far as I'm aware. Where are you located?

When fredprado said "the money the original owner can make diminished" he was talking about enforceability of a license in court, because pretty much all the courts can do in a civil case (like a license enforcement case) is either award damages or issue an injunction.

So . . . the reason I thought that is that it was true.

I'm not sure you understand that word.

The fact you do not understand how copyright law works internationally, or how people benefit from various licensing models, is a failure in your argument, and not in mine. Some businesses use copyleft licenses to establish anticompetitive advantages over their competitors, to say nothing of the fact that there are many people who simply don't understand what the hell they're doing with licensing and as such end up using restrictive "free" licensing to serve ends that are actually undercut by their own license choices. Then, of course, there's the fact that something released into the public domain in the US (which hasn't really been comprehensively tested in court, as far as I'm aware, and the laws on the books that I've seen are hopelessly vague about that, but let's just assume it works) is not considered public domain in France, where the law does not recognize the power of individual people to release a copyrighted work into the public domain before the expiration of its copyright -- which is why SQLite, a supposedly public domain piece of software, still gets $1000 licensing deals in some countries for people who don't want to be sued when they use it.

That's pretty much the whole reason that copyfree licenses (including the Unlicense and CC0 License) exist.

Uh, no, I haven't. I fully recognize that there are things of worth other than money. In fact, I probably know better than you that the crap people tend to call "money" isn't even worth the ink in the bills. This does not change the fact that the courts measure the worth of something in a civil suit by its measurable dollar "value", which means that if you cannot attach a dollar value to something you aren't going to get anything in a lawsuit beyond statutory damages, which usually costs less than buying a license anyway -- and that assumes there are even any statutory damages for the case in question.

I'm really not sure why, but you've responded for some reason as though my commentary about artificial scarcity was a statement that the only way to measure the value of something is with dollars. That's absurd and, frankly, kinda irrelevant to my point. Perhaps you'd like to try again.

I didn't say reverse engineering was the same as getting the source code. I pointed out that you were ignoring what others had said about reverse engineering.

Eliminating copyright wouldn't eliminate the "need" for the GPL -- it would just eliminate the ability to place many systematic restrictions on what people can do with things they possess (including the restrictions in the GPL).

By the way, saying that eliminating copyright would make the GPL impossible in the tone of a doomsayer is kind of silly, considering I would rather the GPL (and all other copyleft licenses) just went away. The last thing we need is more restriction in the name of "freedom".

Technically, I think it would make it a license violation to combine the "or any later version" files with the project as a whole, and not just make the project license invalid.

The guy in the example was reverse engineering a physical device, not a piece of software. The point was that "IP" was not respected much in China, and potential patent violations with regard to machinery fits that just as well as potential GPL violations with regard to software.

Copyright license cases (as with GPL violations) are not about theft. They're about damages. This is why an apple theft would be a criminal case, but a GPL violation would be a civil case.

It's worth highlighting this as the best argument I've heard for GPL violation being translatable into monetary damages so far. I have a vague recollection of some kind of precedent that established the GPL as being enforceable in civil court through damages, but don't recall the specifics. Regardless of those specifics, though, your explanation is pretty damned cogent, I think.

I thought we were talking about the enforceability of the license in court, not whether you wanted your children to die.

The point made wasn't about whether you could make money on the software -- it was about whether violating the license causes any quantifiable damages according to the law. While there may be a reasonable argument that the $0 statement is wrong, your argument wasn't it. I don't even think it was relevant.

I think the point the previous coward meant to make (though made the effort in terms of "freedom" rather than actual economic effects of commercial activity using the GPL as leverage, which is understandably confusing) is that copyleft licenses create anticompetitive benefits for the copyright holder in that various business models built on holding copyright on copyleft licensed software creates asymmetries with recipients of the software in question. A common case is maintaining a public open source project with copyright assignment for all contributions, offering the software under a copyleft license, then producing commercial closed source "value added products" of some kind, as MySQL AB did with MySQL's multi-licensing scheme before Sun bought the company and all its assets. This sets any would-be competitors using the copyleft codebase of the software at a disadvantage, because their modifications have to be made public and, to take advantage of continuing development of the original codebase, they then have to either expend significant resources on continuous re-merging of custom modifications (which can be specifically targeted for manufactured incompatibility by the copyright holder of the original codebase, making that re-merging more expensive, because of the necessarily public nature of the competitor's modifications) or contribute their improvements to the project maintained for the original codebase by the copyright holder, complete with copyright assignment, so that the copyright holder can then incorporate those improvements into its own closed source "value added product". The upshot, then, is that I do not believe the lost value to which the previous coward meant to refer was limited to a feeling of warmth and fuzziness for altruistic sharing, even if altruism is part of his product's marketing.

Many opportunities for using copyleft licenses as leverage in anticompetitive business practices exist, and any violation of the copyleft license in those business models may then have a negative effect on the profitability of the copyright holder's business model, which could then be argued in court to constitute damages.

(I am not a lawyer, this is not legal advice, et cetera, et cetera, et alii, ad infinitum, ad nauseam, insert further disclaimers here.)

It only reduces artificial value, because copyright is a mechanism for manufacturing artificial scarcity in support of rent-seeking behavior.

Interestingly, that is increasingly becoming the case, as it becomes decreasingly possible to enforce copyright in a cost effective manner. That's a good turn of events, too, because (among other reasons) copyright stifles a lot of creative work that might otherwise flourish.

By the way, it's not "the mere right to copy" that is of value to copyright holders (who are usually not the creators themselves in the case of commercially profitable works) -- it's the enforced prohibition on copying imposed on the rest of the world that is of value to them.

You do not seem to understand the meaning of the term "stolen". Stealing is appropriating something for oneself by removing it from someone else, an act that has meaning only for rivalrous goods. When you talk about "stealing" in this context, you basically have three options for what you are saying is stolen. One is a physical representation or medium for a work, in which case what is stolen has nothing to do with copyright itself (as in the case of a meatspace dead-tree book, or of a physical optical medium like a CD regardless of what is stored on it). Another is the work itself, in the abstract, in which case it is non-rivalrous and can only be copied, not "stolen", thus increasing the wealth of the world through essentially cost-free replication. The third is the "value" of the work under circumstances of artificial scarcity, where some enforcement of circumstances of scarcity is imposed on a market where scarcity effectively has no natural meaning, but as you pointed out the value itself is not transferred in this act you describe as "stealing"; the recipient may not have the same value in the work that the copyright holder previously had. The closest you could reasonably get (at least if you try to be rational, honest, and consistent about it) to theft in the case of a wholly subjective sense of value is vandalism -- not stealing.

I doubt that. In my experience, many more users of Linux as a "desktop" OS started using MacOS than users of BSD Unix for the same purpose. Large numbers of members (as a percentage) of several LUGs with which I've been involved have started using Macs in addition to Linux-based systems, and none of the BSD Unix users I know have made the same migration. In the cases where people who used BSD Unix heavily started using MacOS laptops and desktops, they were people who used BSD Unix heavily for servers, but used Linux-based systems for desktops and laptops, only replacing the Linux in their lives with MacOS, which to me looks like a case of people who used Linux-based systems moving to MacOS, rather than people who used BSD Unix doing so.

I have, however, seen a few people go from Linux-based systems (only) to MacOS+Linux, and from there to MacOS+Linux+BSD, to MacOS+BSD, and finally to BSD Unix (only). Those people have also, I've noticed, generally tended to become more active contributors to open source projects, which I find interesting as a phenomenon. I suspect the only connection MacOS had to the ultimate path of migration was filling a third OS slot, because from what I've seen people who just move from MS Windows to Linux-based systems tend to be very limited in their thinking about operating system options (not as much as those who've always used MS Windows, period, but pretty limited nonetheless), while those who've moved through at least three OS families (pretty much regardless of what families they are) tend to be much more open to regarding the world as something other than a battleground between One True OS and a major competitor or two.

Unlike the legions of copyleftists who tend to describe Apple as some evil entity that can do no right, and never gives anything to open source software communities, many of the people who actually use Macs along with some open source OS realize that Apple not only regularly releases sources for software that uses copyfree or otherwise permissive licenses (e.g. the Darwin OS basis of MacOS), but also takes on maintenance of existing open source projects (e.g. CUPS) and creates new open source software it shares with the world (e.g. LLVM+Clang).

All of this is, of course, not a defense of all the evil Apple does. Malevolence in patent enforcement and suing customers for doing unauthorized things with hardware they bought with their own money is only the tip of the iceberg of stuff that Apple does wrong. It's just silly to make hand-wavy accusations that haven't much basis in truth the way a lot of copyleftists do when there are so many legitimate gripes to have with Apple. It similarly doesn't make any sense for copyleftists to pretend that BSD Unix users choose to defend Apple as a class, or to pretend they use descriptively accurate terms for a license longer than some Microsoft EULAs only as a means of defending Apple.

You go ahead and pretend that the only way anyone could ever disagree with you is by being consciously and irredeemably evil, though. See how far that gets your advocacy efforts.