SlideShare une entreprise Scribd logo

13 Years of GPL Compliance: A Historical Perspective

Paris Open Source Summit
Paris Open Source Summit
1  sur  10
Télécharger pour lire hors ligne
13 Years of FLOSS License Compliance: A Historical Perspective Bradley M. Kuhn Friday 12 October 2012 My History • Worked my first GPL enforcement case in 1999 (as FSF volunteer). • Started working for FSF in 2000 (was there until 2005). • Now: Executive Director of Software Freedom Conservancy & on Board of Directors of the FSF. • Plurality of my time since 1999 has been spent on GPL enforcement. – I’m probably the person “responsible” for every major USA GPL enforcement action. Nature of Free Software Community • Through the eyes of a GPL enforcer . . . • The Free Software Community is separated into two equally important groups: – The permissively licensed, who use social pressure to liberate code. – The copyleft licensed, whose license requires liberation. • Copyright infringement shouldn’t be a crime . . . – . . . but if you analogize, I’m the only cop left on the beat. 1
On Requirement By License • Social pressure does work . . . – . . . and should be used (and is), even for copylefted software. – . . . enforcement is a last resort. • GPL == Constitution of Software Freedom Land. – a “written down” embodiment of core principles. • GPL’s a detailed implementation of the four freedoms: – freedom to run and study. – freedom to improve. – freedom to share. – freedom to share improvements. How GPL Works (Theoretically) • Copyright: the internationalized standard for authors’ controls over works. • Use copyright license to grant permission. • Make permission conditional on giving your downstream the four free- doms. • This is the copyright law hack of copyleft. • Copyright rules require compliance with the license. How GPL Works (In Reality) • What do you do when someone violates? – (and social pressure for compliance fails)? • Copyright enforcement – . . . (yes, similar stuff to what the MPAA does: EEP!) – . . . but for a good cause: the four freedoms. – “using the tools of the oppressor against the oppressor” 2
Earliest Copyleft Programs • GNU Emacs: was the first GPL’d program. • AFAIK Emacs’ copyleft never been violated. Second Copyleft Program • GCC: second GPL’d program. – much more interesting to proprietary software companies. • So, who was the first GPL violator? The NeXT Shall be First • Objective-C front end. Earliest Post I Could Find Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cs.utexas.edu!usc!apple!bbn!bbn.com!bpalmer From: bpal. . . @bbn.com (Brian Palmer) Newsgroups: gnu.misc.discuss Subject: Objective Gnu? Message-ID: <5768@bbn.COM> Date: 19 Sep 89 15:36:16 GMT In “The NeXT Book” by Bruce Webster, he says: (page 134): Objective C is based on the Gnu C compiler developed by Richard Stallman. Release 0.9 has merged the Objective C syntax with the the Gnu C compiler to speed up compilation and to produce faster, more efficient code. Are they using FSF software in their product? Or is Webster just badly explaining the situation . . . and Objective C is just preprocessing and passing C to gcc. Otherwise Gang, I see a Copyleft violation right? Brian NeXT Answers Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!apple!gem.mps.ohio-state.edu!tut.cis.ohio- state.edu!NEXT.COM!Matthew Self From: Matthew S. . . @NEXT.COM News- groups: gnu.gcc Subject: Objective-C front end for GCC from NeXT Message- ID: <8909210104.AA14825@batcomputer.NeXT.COM> Date: 21 Sep 89 01:01:50 GMT Sender: dae. . . @tut.cis.ohio-state.edu In response to Steve Simmons’ in- quiry about an Objective-C front-end for GCC, NeXT will be making our modifi- cations to GCC for Objective-C available very soon. Once GCC–1.36 is released (any day now), I will create a patch kit which will be announced on this mailing list. (The modifications are very small.) Matthew Self 3
Tar Wars A long time ago, in a city far far away, the Empires had taken GNU tar and placed it into proprietary backup solutions. A small band of freedom fighters enforced the GPL to liberate users who were oppressed by the proprietary nature of GPL violators. Tar Wars • Tape backup systems essential in late 1990s. • Many companies made forks of GNU Tar, and violated. • Sysadmins were good at finding these violations. • All but one violator came into compliance. Court May Not Mandate Source Release • Last GNU tar enforcement I ever did was circa mid–2002. • Company decided to remove tar & rewrite rather than compliance. • Let’s sue! • Lawyers told me courts are unlikely to order a source release as a remedy. • Courts usually give money and an injunction – Company already gave latter of their own accord (de-facto injunction) Coalition of the Willing • Spring 2003: dozens of reports on WRT54G. • Discussions begin with Cisco (who’d bought Linksys just weeks before) • Story hits slashdot on 2003–06–08 • FSF puts together group to do enforcement. – key members: Erik Andersen (BusyBox) & Harald Welte (Linux) 4
Compliance Takes Soooo Long • FSF represents the coalition. • Broadcom is discovered as upstream. • WRT54G source is released (but wireless driver kept proprietary). • Broadcom argues FCC prohibits; FSF agrees not to pursue (can’t really anyway). • WRT54G releases spawns OpenWRT community. • Harald is frustrated. GPL-violations.org • FSF was initially shy about lawsuits. • Harald disagreed with FSF strategy (in hindsight, he was right). • launches multiple lawsuits in Germany (about 8 between 2005–2008). • Quite successful, although has in some cases, courts only grant injunction. GCC Redux, 2003–2005 • Embedded systems become major part of industry. • GCC is the best compiler. • Many companies start making GCC-based toolchains. • Focus of post-WRT54G enforcement at FSF. Funding Crisis for Enforcement • FSF had hoped to raise funds “certifying compliance”. • You can’t break even on this for less than $10,000/release. • No one is willing to pay (still true today, AFAICT). • Those who’d know enough to buy services think they’ll get away with violations anyway. 5
Money • No one in non-profits is getting rich from this. • Who should pay for enforcement: – Those who comply or those who violate? – Individual donors? • There must be a deterrent. • Non-profit enforcement == accountability. • Confidentiality is something violators ask for. Enforcement Corruption: MySQL • Proprietary relicensing (by holding all copyright). – As I spoke about this morning. Embedded Violations Prevalent • Erik Andersen becomes exasperated by mid–2006. – post-Linksys compliance, router & NAS market is a violation haven. • Erik asks for help. • Conservancy becomes his enforcement agent (& receive some others’ c assignment) • Conservancy has had > 100 GPL violations queued for action since 2007. – Conservancy’s list is now > 300 The Era of GPL Litigation • Lawsuits become undeniably necessary. – Dan Ravicher file some in USA: for Conservancy & Erik. • Focus is to settle: – More than anything else, we want full compliance . . . – . . . on all GPL’d and LGPL’d components . . . 6
– . . . judge is unlikely to grant us all that . . . – . . . so we work hard to settle on that request . . . – . . . taking extra money & injunctions only as a consolation prize. Linksys Redux • 2003–2004: all embedded consumer devices are VxWorks. • Circa late 2004, BusyBox/Linux & GNU/Linux slowly becomes the Linksys default again. • FSF finally gets fed up and sues. • One wonders: Why don’t these companies just come into compliance be- fore getting sued? Challenges of Modern Compliance • Saavy violators meant intelligent discussion. – Jobs knew just what he was trying to get away by proprietarizing Objective C. • Clueless violators means difficult conversations: – Me: “Your software violates GPL.” – Them: “We make hardware.” – Me: “I know, but it has software in it. Our members’ software. Under the GPL.” – Them: “No, it doesn’t. We make hardware.” – Me: “But your firmware download. . . on your website. . . that’s soft- ware.” – Them: “Oh, that’s not ours. We got that from someone. Nothing to do with us.” • Having the above conversation across four phone calls every two months is why I seem so insane most of the time. The Upstream Problem When I said that I was king of forwards, you got to understand that I don’t come up with this stuff. I just forward it along. You wouldn’t arrest a guy who was just passing drugs from one guy to another. — Michael Scott, The Office (USA Version) 7
Suppliers Bully OEMs, AFAICT • I’d be the worst police officer in the world. • No one ever turns “states’ evidence” – . . . at least they don’t for me, anyway. • Me: “Please, just tell me on the record your supplier violated when dis- tributing to you.” • Them: “We’ll work with our upstream to get into compliance.” Embedded Device Software Freedom • Sure, I’ve got the sources. • But, can I build it in the same way the company did? • If I get it built, can I install it? • By the time I get all that working, will the device be discontinued? • Will they get away with it if they do, only to violate in the next product line? • In the age of the embedded device, copyleft seeks to answer these questions correctly. GPL Predicted this Problem • Even in 1991, RMS made sure GPLv2 handled this. GPLv2: More than Just Source For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. (emphasis mine) 8
GPLv2: More than Just Source • “the scripts to control. . . ” gets us close. • It handles most of the issues. • I even argued it includes authorized install information. – Unfortunately, RMS gave in on that one. GPLv3: Installation Information “Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute mod- ified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in per- petuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. (emphasis mine) GPLv3: Installation Information • In my view, just clarifies GPLv2’s terse wording. • In any event, it makes it certain. • Users of device can modify and upgrade their devices . . . – . . . as it should be. • This is one of the reasons projects should upgrade to GPLv3. Today. • I continue enforcement for Conservancy. – new reports each week. • I wish more individuals and non-profits would enforce. 9
• There are saavy violators out there that we’re dealing with now. – I wish I could say more on the record. Constant Vigilance! • GPL Violations are everywhere. • My only recourse is . . . – Constant Vigilance! • I’m not giving up on this . . . – . . . until there is no developer left in the world . . . – . . . who cares to enforce the GPL for the rights of users . . . – . . . no matter how many embedded companies try to make me stop ... – . . . or how many anti-GPL developers they recruit to try to stop me. More Info / Talk License • URLs / Social Networking / Email: – Conservancy: sfconservancy.org & @conservancy – Me: faif.us, ebb.org/bkuhn & @bkuhn (identi.ca only) – FSF Licensing Site: fsf.org/licensing – Report GPL violations: <compliance@sfconservancy.org> – Slides at: ebb.org/bkuhn/talks & gitorious.org/bkuhn/talks (source) Presentation and slides are: Copyright c 2008, 2009, 2010, 2011, 2012 Bradley M. Kuhn, and are licensed under the Creative Commons Attribution-Share Alike (CC-By-SA) 3.0 United States License. Some images included herein are c ’ed by others. I believe my use of those images is fair use under USA c law. However, I suggest you remove such images if you redistribute these slides under CC-By-SA-USA 3.0. 10

Recommandé

2600 v18 n3 (autumn 2001)
2600 v18 n3 (autumn 2001)2600 v18 n3 (autumn 2001)
2600 v18 n3 (autumn 2001)Felipe Prado
 
Research paper outline 25 july 2012
Research paper outline 25 july 2012Research paper outline 25 july 2012
Research paper outline 25 july 2012rclambert
 
Open_Source_Litigation_8-2004
Open_Source_Litigation_8-2004Open_Source_Litigation_8-2004
Open_Source_Litigation_8-2004webuploader
 
Keynote #Society - How Open Source drives Innovation ? par Javier SERRANO
Keynote #Society - How Open Source drives Innovation ? par Javier SERRANOKeynote #Society - How Open Source drives Innovation ? par Javier SERRANO
Keynote #Society - How Open Source drives Innovation ? par Javier SERRANOParis Open Source Summit
 
Keynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCK
Keynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCKKeynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCK
Keynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCKParis Open Source Summit
 
Keynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESI
Keynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESIKeynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESI
Keynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESIParis Open Source Summit
 
Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...
Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...
Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...Paris Open Source Summit
 
Keynote #Society - How Open Source drives Innovation ? par Allison RANDAL
Keynote #Society - How Open Source drives Innovation ? par Allison RANDALKeynote #Society - How Open Source drives Innovation ? par Allison RANDAL
Keynote #Society - How Open Source drives Innovation ? par Allison RANDALParis Open Source Summit
 

Recommandé

2600 v18 n3 (autumn 2001)
2600 v18 n3 (autumn 2001)2600 v18 n3 (autumn 2001)
2600 v18 n3 (autumn 2001)Felipe Prado
 
Research paper outline 25 july 2012
Research paper outline 25 july 2012Research paper outline 25 july 2012
Research paper outline 25 july 2012rclambert
 
Open_Source_Litigation_8-2004
Open_Source_Litigation_8-2004Open_Source_Litigation_8-2004
Open_Source_Litigation_8-2004webuploader
 
Keynote #Society - How Open Source drives Innovation ? par Javier SERRANO
Keynote #Society - How Open Source drives Innovation ? par Javier SERRANOKeynote #Society - How Open Source drives Innovation ? par Javier SERRANO
Keynote #Society - How Open Source drives Innovation ? par Javier SERRANOParis Open Source Summit
 
Keynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCK
Keynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCKKeynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCK
Keynote #Society - Openness, Freedom and the Digital Age, par Rufus POLLOCKParis Open Source Summit
 
Keynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESI
Keynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESIKeynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESI
Keynote #Society - Openness, Freedom and the digital age, par Laure LUCCHESIParis Open Source Summit
 
Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...
Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...
Keynote #Society - L'innovation ouverte, une pratique régionale et internatio...Paris Open Source Summit
 
Keynote #Society - How Open Source drives Innovation ? par Allison RANDAL
Keynote #Society - How Open Source drives Innovation ? par Allison RANDALKeynote #Society - How Open Source drives Innovation ? par Allison RANDAL
Keynote #Society - How Open Source drives Innovation ? par Allison RANDALParis Open Source Summit
 
Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBIN
Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBINKeynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBIN
Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBINParis Open Source Summit
 
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEUR
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEURKeynote #Society - How Open Source drives Innovation ? par Laurent LE MEUR
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEURParis Open Source Summit
 
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZ
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZKeynote #Society - How Open Source drives Innovation ? par Thierry CARREZ
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZParis Open Source Summit
 
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...Paris Open Source Summit
 
Keynote #Tech - Cloud & DevOps, par Hervé LECLERC
Keynote #Tech - Cloud & DevOps, par Hervé LECLERCKeynote #Tech - Cloud & DevOps, par Hervé LECLERC
Keynote #Tech - Cloud & DevOps, par Hervé LECLERCParis Open Source Summit
 
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...Paris Open Source Summit
 
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...Paris Open Source Summit
 
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUET
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUETKeynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUET
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUETParis Open Source Summit
 
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...Paris Open Source Summit
 
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...Paris Open Source Summit
 
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...Paris Open Source Summit
 
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...Paris Open Source Summit
 
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUET
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUETKeynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUET
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUETParis Open Source Summit
 
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondes
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondesKeynote d'ouverture #OSSPARIS16 - Class code en 180 secondes
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondesParis Open Source Summit
 
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...Paris Open Source Summit
 
LCA14: LCA14-110: FLOSS Training
LCA14: LCA14-110: FLOSS TrainingLCA14: LCA14-110: FLOSS Training
LCA14: LCA14-110: FLOSS TrainingLinaro
 
Linux presentation
Linux presentationLinux presentation
Linux presentationKęstutis Česnavičius
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guidebcantrill
 
Kernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsKernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsAnne Nicolas
 
Open source software licenses
Open source software licensesOpen source software licenses
Open source software licensesDrexelELC
 
Software licenses: short unofficial overview
Software licenses: short unofficial overviewSoftware licenses: short unofficial overview
Software licenses: short unofficial overviewVisma Lietuva
 
Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Shane Coughlan
 

Contenu connexe

En vedette

Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBIN
Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBINKeynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBIN
Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBINParis Open Source Summit
 
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEUR
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEURKeynote #Society - How Open Source drives Innovation ? par Laurent LE MEUR
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEURParis Open Source Summit
 
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZ
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZKeynote #Society - How Open Source drives Innovation ? par Thierry CARREZ
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZParis Open Source Summit
 
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...Paris Open Source Summit
 
Keynote #Tech - Cloud & DevOps, par Hervé LECLERC
Keynote #Tech - Cloud & DevOps, par Hervé LECLERCKeynote #Tech - Cloud & DevOps, par Hervé LECLERC
Keynote #Tech - Cloud & DevOps, par Hervé LECLERCParis Open Source Summit
 
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...Paris Open Source Summit
 
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...Paris Open Source Summit
 
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUET
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUETKeynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUET
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUETParis Open Source Summit
 
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...Paris Open Source Summit
 
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...Paris Open Source Summit
 
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...Paris Open Source Summit
 
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...Paris Open Source Summit
 
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUET
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUETKeynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUET
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUETParis Open Source Summit
 
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondes
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondesKeynote d'ouverture #OSSPARIS16 - Class code en 180 secondes
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondesParis Open Source Summit
 
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...Paris Open Source Summit
 

En vedette (15)

Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBIN
Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBINKeynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBIN
Keynote #Society - Openness, Freedom and the digital age, par Thomas SAINT-AUBIN
 
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEUR
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEURKeynote #Society - How Open Source drives Innovation ? par Laurent LE MEUR
Keynote #Society - How Open Source drives Innovation ? par Laurent LE MEUR
 
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZ
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZKeynote #Society - How Open Source drives Innovation ? par Thierry CARREZ
Keynote #Society - How Open Source drives Innovation ? par Thierry CARREZ
 
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...
EOLE / OWF 12 - The affero gp lv3. why it exists and who it's for - bradley m...
 
Keynote #Tech - Cloud & DevOps, par Hervé LECLERC
Keynote #Tech - Cloud & DevOps, par Hervé LECLERCKeynote #Tech - Cloud & DevOps, par Hervé LECLERC
Keynote #Tech - Cloud & DevOps, par Hervé LECLERC
 
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...
Keynote #Tech - API Management, comment orchestrer vos API ? par Philippe DE ...
 
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...
Keynote #Society - Priorité au logiciel libre dans le secteur public, par Jea...
 
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUET
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUETKeynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUET
Keynote #Society - Open Source, les pratiques et les tendances, par Gaël MUSQUET
 
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...
Keynote #Society - Open Source, les pratiques et les tendances, par Jean-Chri...
 
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...
Keynote #Tech - Intel : Sécurité & protection des données privées dans les ob...
 
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...
Keynote #Society - Open Source, les pratiques et les tendances, par Benjamin ...
 
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...
Keynote #Tech - Solution métier Open Source : exemple de nouvelle approche te...
 
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUET
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUETKeynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUET
Keynote #Society - Openness, Freedom and the digital age, par Lancelot PECQUET
 
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondes
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondesKeynote d'ouverture #OSSPARIS16 - Class code en 180 secondes
Keynote d'ouverture #OSSPARIS16 - Class code en 180 secondes
 
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...
Keynote d'ouverture #OSSPARIS16 - Le cnll au service des entreprises de la f...
 

Similaire à 13 Years of GPL Compliance: A Historical Perspective

LCA14: LCA14-110: FLOSS Training
LCA14: LCA14-110: FLOSS TrainingLCA14: LCA14-110: FLOSS Training
LCA14: LCA14-110: FLOSS TrainingLinaro
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guidebcantrill
 
Kernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsKernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsAnne Nicolas
 
Open source software licenses
Open source software licensesOpen source software licenses
Open source software licensesDrexelELC
 
Software licenses: short unofficial overview
Software licenses: short unofficial overviewSoftware licenses: short unofficial overview
Software licenses: short unofficial overviewVisma Lietuva
 
Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Shane Coughlan
 
If you think open source is not for you, think again by Jane Chakravorty
If you think open source is not for you, think again by Jane ChakravortyIf you think open source is not for you, think again by Jane Chakravorty
If you think open source is not for you, think again by Jane ChakravortyAlex Cachia
 
Casual Cyber Crime
Casual Cyber CrimeCasual Cyber Crime
Casual Cyber CrimeBrian Baskin
 
Corporate Open Source Anti-patterns
Corporate Open Source Anti-patternsCorporate Open Source Anti-patterns
Corporate Open Source Anti-patternsbcantrill
 
Open vs Closed - Which is more secure?
Open vs Closed - Which is more secure? Open vs Closed - Which is more secure?
Open vs Closed - Which is more secure? SYNAQ
 
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksTHOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksJohn Bambenek
 
Understanding open source licenses
Understanding open source licensesUnderstanding open source licenses
Understanding open source licensesRogue Wave Software
 
Scylla Summit 2022: Predicting the Past
Scylla Summit 2022: Predicting the PastScylla Summit 2022: Predicting the Past
Scylla Summit 2022: Predicting the PastScyllaDB
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...EC-Council
 
Long Life Software
Long Life SoftwareLong Life Software
Long Life SoftwareMike Long
 
Software Freedom Licensing: What You Must Know
Software Freedom Licensing: What You Must KnowSoftware Freedom Licensing: What You Must Know
Software Freedom Licensing: What You Must KnowPOSSCON
 
Litigation and Compliance in the Open Source Ecosystem
Litigation and Compliance in the Open Source EcosystemLitigation and Compliance in the Open Source Ecosystem
Litigation and Compliance in the Open Source EcosystemBlack Duck by Synopsys
 
Managing Open Source Licenses (Geeks Anonymes)
Managing Open Source Licenses (Geeks Anonymes)Managing Open Source Licenses (Geeks Anonymes)
Managing Open Source Licenses (Geeks Anonymes)Geeks Anonymes
 
Keynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapKeynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapSecurityTube.Net
 

Similaire à 13 Years of GPL Compliance: A Historical Perspective (20)

LCA14: LCA14-110: FLOSS Training
LCA14: LCA14-110: FLOSS TrainingLCA14: LCA14-110: FLOSS Training
LCA14: LCA14-110: FLOSS Training
 
Linux presentation
Linux presentationLinux presentation
Linux presentation
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guide
 
Kernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doorsKernel Recipes 2019 - Kernel hacking behind closed doors
Kernel Recipes 2019 - Kernel hacking behind closed doors
 
Open source software licenses
Open source software licensesOpen source software licenses
Open source software licenses
 
Software licenses: short unofficial overview
Software licenses: short unofficial overviewSoftware licenses: short unofficial overview
Software licenses: short unofficial overview
 
Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science? Open Source Software Licence Compliance: Art or science?
Open Source Software Licence Compliance: Art or science?
 
If you think open source is not for you, think again by Jane Chakravorty
If you think open source is not for you, think again by Jane ChakravortyIf you think open source is not for you, think again by Jane Chakravorty
If you think open source is not for you, think again by Jane Chakravorty
 
Casual Cyber Crime
Casual Cyber CrimeCasual Cyber Crime
Casual Cyber Crime
 
Corporate Open Source Anti-patterns
Corporate Open Source Anti-patternsCorporate Open Source Anti-patterns
Corporate Open Source Anti-patterns
 
Open vs Closed - Which is more secure?
Open vs Closed - Which is more secure? Open vs Closed - Which is more secure?
Open vs Closed - Which is more secure?
 
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksTHOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
 
Understanding open source licenses
Understanding open source licensesUnderstanding open source licenses
Understanding open source licenses
 
Scylla Summit 2022: Predicting the Past
Scylla Summit 2022: Predicting the PastScylla Summit 2022: Predicting the Past
Scylla Summit 2022: Predicting the Past
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
 
Long Life Software
Long Life SoftwareLong Life Software
Long Life Software
 
Software Freedom Licensing: What You Must Know
Software Freedom Licensing: What You Must KnowSoftware Freedom Licensing: What You Must Know
Software Freedom Licensing: What You Must Know
 
Litigation and Compliance in the Open Source Ecosystem
Litigation and Compliance in the Open Source EcosystemLitigation and Compliance in the Open Source Ecosystem
Litigation and Compliance in the Open Source Ecosystem
 
Managing Open Source Licenses (Geeks Anonymes)
Managing Open Source Licenses (Geeks Anonymes)Managing Open Source Licenses (Geeks Anonymes)
Managing Open Source Licenses (Geeks Anonymes)
 
Keynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication GapKeynote - Closing the TLS Authentication Gap
Keynote - Closing the TLS Authentication Gap
 

Plus de Paris Open Source Summit

#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...Paris Open Source Summit
 
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...Paris Open Source Summit
 
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...Paris Open Source Summit
 
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, ArduinoParis Open Source Summit
 
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...Paris Open Source Summit
 
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...Paris Open Source Summit
 
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, ZabbixParis Open Source Summit
 
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, InriaParis Open Source Summit
 
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...Paris Open Source Summit
 
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...Paris Open Source Summit
 
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...Paris Open Source Summit
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...Paris Open Source Summit
 
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...Paris Open Source Summit
 
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...Paris Open Source Summit
 
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...Paris Open Source Summit
 
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...Paris Open Source Summit
 
#OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données #OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données Paris Open Source Summit
 
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...Paris Open Source Summit
 
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...Paris Open Source Summit
 
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...Paris Open Source Summit
 

Plus de Paris Open Source Summit (20)

#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
#OSSPARIS19 : Control your Embedded Linux remotely by using WebSockets - Gian...
 
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
#OSSPARIS19 : A virtual machine approach for microcontroller programming : th...
 
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
#OSSPARIS19 : RIOT: towards open source, secure DevOps on microcontroller-bas...
 
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
#OSSPARIS19 : The evolving (IoT) security landscape - Gianluca Varisco, Arduino
 
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
#OSSPARIS19: Construire des applications IoT "secure-by-design" - Thomas Gaza...
 
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
#OSSPARIS19 : Detecter des anomalies de séries temporelles à la volée avec Wa...
 
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
#OSSPARIS19 : Supervision d'objets connectés industriels - Eric DOANE, Zabbix
 
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
#OSSPARIS19: Introduction to scikit-learn - Olivier Grisel, Inria
 
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
#OSSPARIS19 - Fostering disruptive innovation in AI with JEDI - André Loesekr...
 
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
#OSSPARIS19 : Comment ONLYOFFICE aide à organiser les travaux de recherches ...
 
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
#OSSPARIS19 : MDPH : une solution collaborative open source pour l'instructio...
 
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
#OSSPARIS19 - Understanding Open Source Governance - Gilles Gravier, Wipro Li...
 
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
#OSSPARIS19 : Publier du code Open Source dans une banque : Mission impossibl...
 
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
#OSSPARIS19 : Libre à vous ! Raconter les libertés informatiques à la radio -...
 
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
#OSSPARIS19 - Le logiciel libre : un enjeu politique et social - Etienne Gonn...
 
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
#OSSPARIS19 - Conflits d’intérêt & concurrence : la place de l’éditeur dans l...
 
#OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données #OSSPARIS19 - Table ronde : souveraineté des données
#OSSPARIS19 - Table ronde : souveraineté des données
 
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
#OSSPARIS19 - Comment financer un projet de logiciel libre - LUDOVIC DUBOST, ...
 
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
#OSSPARIS19 - BlueMind v4 : les dessous technologiques de 10 ans de travail p...
 
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
#OSSPARIS19 - Tuto de première installation de VITAM, un système d'archivage ...
 

13 Years of GPL Compliance: A Historical Perspective

  • 1. 13 Years of FLOSS License Compliance: A Historical Perspective Bradley M. Kuhn Friday 12 October 2012 My History • Worked my first GPL enforcement case in 1999 (as FSF volunteer). • Started working for FSF in 2000 (was there until 2005). • Now: Executive Director of Software Freedom Conservancy & on Board of Directors of the FSF. • Plurality of my time since 1999 has been spent on GPL enforcement. – I’m probably the person “responsible” for every major USA GPL enforcement action. Nature of Free Software Community • Through the eyes of a GPL enforcer . . . • The Free Software Community is separated into two equally important groups: – The permissively licensed, who use social pressure to liberate code. – The copyleft licensed, whose license requires liberation. • Copyright infringement shouldn’t be a crime . . . – . . . but if you analogize, I’m the only cop left on the beat. 1
  • 2. On Requirement By License • Social pressure does work . . . – . . . and should be used (and is), even for copylefted software. – . . . enforcement is a last resort. • GPL == Constitution of Software Freedom Land. – a “written down” embodiment of core principles. • GPL’s a detailed implementation of the four freedoms: – freedom to run and study. – freedom to improve. – freedom to share. – freedom to share improvements. How GPL Works (Theoretically) • Copyright: the internationalized standard for authors’ controls over works. • Use copyright license to grant permission. • Make permission conditional on giving your downstream the four free- doms. • This is the copyright law hack of copyleft. • Copyright rules require compliance with the license. How GPL Works (In Reality) • What do you do when someone violates? – (and social pressure for compliance fails)? • Copyright enforcement – . . . (yes, similar stuff to what the MPAA does: EEP!) – . . . but for a good cause: the four freedoms. – “using the tools of the oppressor against the oppressor” 2
  • 3. Earliest Copyleft Programs • GNU Emacs: was the first GPL’d program. • AFAIK Emacs’ copyleft never been violated. Second Copyleft Program • GCC: second GPL’d program. – much more interesting to proprietary software companies. • So, who was the first GPL violator? The NeXT Shall be First • Objective-C front end. Earliest Post I Could Find Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cs.utexas.edu!usc!apple!bbn!bbn.com!bpalmer From: bpal. . . @bbn.com (Brian Palmer) Newsgroups: gnu.misc.discuss Subject: Objective Gnu? Message-ID: <5768@bbn.COM> Date: 19 Sep 89 15:36:16 GMT In “The NeXT Book” by Bruce Webster, he says: (page 134): Objective C is based on the Gnu C compiler developed by Richard Stallman. Release 0.9 has merged the Objective C syntax with the the Gnu C compiler to speed up compilation and to produce faster, more efficient code. Are they using FSF software in their product? Or is Webster just badly explaining the situation . . . and Objective C is just preprocessing and passing C to gcc. Otherwise Gang, I see a Copyleft violation right? Brian NeXT Answers Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!apple!gem.mps.ohio-state.edu!tut.cis.ohio- state.edu!NEXT.COM!Matthew Self From: Matthew S. . . @NEXT.COM News- groups: gnu.gcc Subject: Objective-C front end for GCC from NeXT Message- ID: <8909210104.AA14825@batcomputer.NeXT.COM> Date: 21 Sep 89 01:01:50 GMT Sender: dae. . . @tut.cis.ohio-state.edu In response to Steve Simmons’ in- quiry about an Objective-C front-end for GCC, NeXT will be making our modifi- cations to GCC for Objective-C available very soon. Once GCC–1.36 is released (any day now), I will create a patch kit which will be announced on this mailing list. (The modifications are very small.) Matthew Self 3
  • 4. Tar Wars A long time ago, in a city far far away, the Empires had taken GNU tar and placed it into proprietary backup solutions. A small band of freedom fighters enforced the GPL to liberate users who were oppressed by the proprietary nature of GPL violators. Tar Wars • Tape backup systems essential in late 1990s. • Many companies made forks of GNU Tar, and violated. • Sysadmins were good at finding these violations. • All but one violator came into compliance. Court May Not Mandate Source Release • Last GNU tar enforcement I ever did was circa mid–2002. • Company decided to remove tar & rewrite rather than compliance. • Let’s sue! • Lawyers told me courts are unlikely to order a source release as a remedy. • Courts usually give money and an injunction – Company already gave latter of their own accord (de-facto injunction) Coalition of the Willing • Spring 2003: dozens of reports on WRT54G. • Discussions begin with Cisco (who’d bought Linksys just weeks before) • Story hits slashdot on 2003–06–08 • FSF puts together group to do enforcement. – key members: Erik Andersen (BusyBox) & Harald Welte (Linux) 4
  • 5. Compliance Takes Soooo Long • FSF represents the coalition. • Broadcom is discovered as upstream. • WRT54G source is released (but wireless driver kept proprietary). • Broadcom argues FCC prohibits; FSF agrees not to pursue (can’t really anyway). • WRT54G releases spawns OpenWRT community. • Harald is frustrated. GPL-violations.org • FSF was initially shy about lawsuits. • Harald disagreed with FSF strategy (in hindsight, he was right). • launches multiple lawsuits in Germany (about 8 between 2005–2008). • Quite successful, although has in some cases, courts only grant injunction. GCC Redux, 2003–2005 • Embedded systems become major part of industry. • GCC is the best compiler. • Many companies start making GCC-based toolchains. • Focus of post-WRT54G enforcement at FSF. Funding Crisis for Enforcement • FSF had hoped to raise funds “certifying compliance”. • You can’t break even on this for less than $10,000/release. • No one is willing to pay (still true today, AFAICT). • Those who’d know enough to buy services think they’ll get away with violations anyway. 5
  • 6. Money • No one in non-profits is getting rich from this. • Who should pay for enforcement: – Those who comply or those who violate? – Individual donors? • There must be a deterrent. • Non-profit enforcement == accountability. • Confidentiality is something violators ask for. Enforcement Corruption: MySQL • Proprietary relicensing (by holding all copyright). – As I spoke about this morning. Embedded Violations Prevalent • Erik Andersen becomes exasperated by mid–2006. – post-Linksys compliance, router & NAS market is a violation haven. • Erik asks for help. • Conservancy becomes his enforcement agent (& receive some others’ c assignment) • Conservancy has had > 100 GPL violations queued for action since 2007. – Conservancy’s list is now > 300 The Era of GPL Litigation • Lawsuits become undeniably necessary. – Dan Ravicher file some in USA: for Conservancy & Erik. • Focus is to settle: – More than anything else, we want full compliance . . . – . . . on all GPL’d and LGPL’d components . . . 6
  • 7. – . . . judge is unlikely to grant us all that . . . – . . . so we work hard to settle on that request . . . – . . . taking extra money & injunctions only as a consolation prize. Linksys Redux • 2003–2004: all embedded consumer devices are VxWorks. • Circa late 2004, BusyBox/Linux & GNU/Linux slowly becomes the Linksys default again. • FSF finally gets fed up and sues. • One wonders: Why don’t these companies just come into compliance be- fore getting sued? Challenges of Modern Compliance • Saavy violators meant intelligent discussion. – Jobs knew just what he was trying to get away by proprietarizing Objective C. • Clueless violators means difficult conversations: – Me: “Your software violates GPL.” – Them: “We make hardware.” – Me: “I know, but it has software in it. Our members’ software. Under the GPL.” – Them: “No, it doesn’t. We make hardware.” – Me: “But your firmware download. . . on your website. . . that’s soft- ware.” – Them: “Oh, that’s not ours. We got that from someone. Nothing to do with us.” • Having the above conversation across four phone calls every two months is why I seem so insane most of the time. The Upstream Problem When I said that I was king of forwards, you got to understand that I don’t come up with this stuff. I just forward it along. You wouldn’t arrest a guy who was just passing drugs from one guy to another. — Michael Scott, The Office (USA Version) 7
  • 8. Suppliers Bully OEMs, AFAICT • I’d be the worst police officer in the world. • No one ever turns “states’ evidence” – . . . at least they don’t for me, anyway. • Me: “Please, just tell me on the record your supplier violated when dis- tributing to you.” • Them: “We’ll work with our upstream to get into compliance.” Embedded Device Software Freedom • Sure, I’ve got the sources. • But, can I build it in the same way the company did? • If I get it built, can I install it? • By the time I get all that working, will the device be discontinued? • Will they get away with it if they do, only to violate in the next product line? • In the age of the embedded device, copyleft seeks to answer these questions correctly. GPL Predicted this Problem • Even in 1991, RMS made sure GPLv2 handled this. GPLv2: More than Just Source For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. (emphasis mine) 8
  • 9. GPLv2: More than Just Source • “the scripts to control. . . ” gets us close. • It handles most of the issues. • I even argued it includes authorized install information. – Unfortunately, RMS gave in on that one. GPLv3: Installation Information “Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute mod- ified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in per- petuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. (emphasis mine) GPLv3: Installation Information • In my view, just clarifies GPLv2’s terse wording. • In any event, it makes it certain. • Users of device can modify and upgrade their devices . . . – . . . as it should be. • This is one of the reasons projects should upgrade to GPLv3. Today. • I continue enforcement for Conservancy. – new reports each week. • I wish more individuals and non-profits would enforce. 9
  • 10. • There are saavy violators out there that we’re dealing with now. – I wish I could say more on the record. Constant Vigilance! • GPL Violations are everywhere. • My only recourse is . . . – Constant Vigilance! • I’m not giving up on this . . . – . . . until there is no developer left in the world . . . – . . . who cares to enforce the GPL for the rights of users . . . – . . . no matter how many embedded companies try to make me stop ... – . . . or how many anti-GPL developers they recruit to try to stop me. More Info / Talk License • URLs / Social Networking / Email: – Conservancy: sfconservancy.org & @conservancy – Me: faif.us, ebb.org/bkuhn & @bkuhn (identi.ca only) – FSF Licensing Site: fsf.org/licensing – Report GPL violations: <compliance@sfconservancy.org> – Slides at: ebb.org/bkuhn/talks & gitorious.org/bkuhn/talks (source) Presentation and slides are: Copyright c 2008, 2009, 2010, 2011, 2012 Bradley M. Kuhn, and are licensed under the Creative Commons Attribution-Share Alike (CC-By-SA) 3.0 United States License. Some images included herein are c ’ed by others. I believe my use of those images is fair use under USA c law. However, I suggest you remove such images if you redistribute these slides under CC-By-SA-USA 3.0. 10