Forgot your password?
typodupeerror
The Courts Government Businesses GNU is Not Unix Networking News

FSF Settles Suit Against Cisco 194

Posted by timothy
from the good-on-them dept.
Saint Aardvark writes "The Free Software Foundation has announced that they've settled their lawsuit with Cisco (reported earlier here). In the announcement, they say that Cisco has agreed to appoint a Free Software Director for Linksys, who will report periodically to the FSF; to notify Linksys customers of their rights; and to make a monetary donation to the FSF. An accompanying blog entry explains further: 'Whenever we talk about the work we do to handle violations, we say over and over again that getting compliance with the licenses is always our top priority. The reason this is so important is not only because it provides a goal for us to reach, but also because it gives us a clear guide to choosing our tactics. This is the first time we've had to go to court over a license violation.'"
This discussion has been archived. No new comments can be posted.

FSF Settles Suit Against Cisco

Comments Filter:
  • by fermion (181285) on Wednesday May 20, 2009 @04:19PM (#28030607) Homepage Journal
    This is the way that software should be handled. If someone is not in compliance, work with them to get them in compliance.

    Compare this to what the BSA is advocating [pcmag.com]. Essentially any disgruntled employee can put unlicensed commercial software on a computer and then report the violation to the BSA for a reward. Sure companies can put millions of dollars of safeguards to prevent harassment from inefficient employees, but why bother. Just make it a policy to only use free software, and when the BSA comes knocking, show them the policy and the minimal cost efforts that makes all other software the responsibility of the user.

    This will also help long term interpretability, as OSS has minimal incentives to obstificate the data to force users to continue to pay the ransom to access said data.

  • by ruin20 (1242396) on Wednesday May 20, 2009 @04:25PM (#28030679)
    Cisco releasing the source code for thousands of routers doesn't strike me as being a good thing. I mean it's one thing to develop in an open environment and being open from the start, and I agree security though obscurity is bound to fail but as someone running Linksys routers on my network, I would expect there to be some stepped process, as I don't trust Cisco was totally competent in their development. Imagine if windows source was suddenly made available to the masses, the time it would take to identify, patch, and distribute a fix vs the time it takes to just identify and exploit is a significant window of vulnerability. Security through obscurity doesn't work because it assumes no one will ever find out and people will. But dissemination of that information takes time. Discovery of defect takes time. Opening the source of a previously closed product greatly reduces that time and therefore intensifies the threat. Overall this will lead for a much stronger product but I fear what is going to happen in the first few weeks.
    • by Ilgaz (86384) on Wednesday May 20, 2009 @04:34PM (#28030775) Homepage

      Cisco decided to release their sources right when they used GNU licensed code. If there is a security risk because of being open, it will be their fault and not RMS :)

      I think it won't be a bad thing, you will see amazing amount of obvious flaws will be fixed in months as result of it. Especially home devices will benefit. Don't worry, MS thought home users (with unfortunate reasons) that they should update their software for security, performance. All Cisco/Linksys product I have is a dumb gigabit switch but I am sure the smart stuff already has easy update functionality.

      • Re: (Score:3, Interesting)

        by Fred Ferrigno (122319)

        Linksys always intended to release the code. By and large, they already have. If you follow all the way to the original complaint [fsf.org], it's all about modified GNU tools, not any core router components that Linksys might want to keep secret. Also, they usually would release the source, only they made a lot of mistakes in the process. They'd release the source late, release the wrong version of the source, or forget to include all the necessary tools to build the source, etc.

        Even though in most cases Linksys did

        • by Paul Jakma (2677)

          So are you saying Linksys have started supplying the source for the drivers for the Broadcom wireless in many of their routers?

          • by Paul Jakma (2677)

            Oh, obviously FSF could only sue regarding software they are the copyright holders to. So not the drivers (that'd require Linux copyright holders to sue), not Busybox, etc.

            I wonder if the FSF's settlement was restricted in the same way. I suspect it was, in which case this settlement does not mean LinkSys have or will cease breaching the GPL with their products shipments..

    • by lwsimon (724555)

      I must be missing something - I only see where they are releasing the code to version of GPL software used on their routers. That's not the same thing as releasing their OS.

    • If closed source is secure, then please hook up windows XP to the internet without a opensource router in between.

      Thanks for playing clueless scaremongerer. You fail, please insert another coin to try again.

      • Re: (Score:3, Insightful)

        by ruin20 (1242396)

        You misunderstand. Just because you release the code, it doesn't magically become as secure because it's "open source". Open Source is secure because it goes through a process. A process this code didn't see. That process allows for corrections when errors are made. This process takes time. And what I said in my original post is that there is going to be a window between when we, the community, improve the quality of product up to other open source standards, and when the source code is released, during whi

      • ...hook up windows XP to the internet without a opensource router in between.

        Be, all that you can be, in a botnet!
        Uncle Spam wants you!

    • by spun (1352)

      Who said anything about Cisco releasing the source to their routers? Please read the article before working yourself into a tizzy over nothing.

    • Re: (Score:3, Insightful)

      by vertinox (846076)

      Cisco releasing the source code for thousands of routers doesn't strike me as being a good thing.

      Huh? What part of GPL did Cisco not understand? If they did not want to release their source code, then they should not have used used other's GPL code in their products.

      They could have either:

      A. Used something under BSD license and kept the code closed

      or

      B. Wrote their own.

      The fact they used someone else's GPL code in their products means they used someone eles's work.

      If you are so worried about it, then take y

      • by drinkypoo (153816)

        They also had the option to stop distributing the stuff right now, that is considered a 'remedy' under the GPL. Or at least it was under GPLv2. If you cannot contractually release the code, it is your sole remedy. Or again, was. I'm waayyyy too lazy today. Headache, hard to think.

    • There's no good reason to be nervous. Adovcating for obscurity through secrecy is never wise, not in the short term nor in the long term. In your scenario the vague threat you point to always existed, it was a matter of time before it was fixed and (so long as the software was non-free) never under anyone's control to fix except the proprietor (who may have become uncooperative). Software freedom doesn't become a bad idea because it becomes real late in the process. Software freedom is always better tha

    • by mzs (595629)

      Cisco got into trouble about this when they bought linksys which made some hardware that used GPL stuff. They used linux, uLibC, BusyBox, Zebra, and other projects. Then they were contacted and they released source that was not really the source used. They then basically corrected that. Then this situation kept repeating a few times.

      If you were worried about security, there was a bug in an web page used for ping that let you run arbitrary commands as root on a whole bunch of hardware. This was figured-out b

    • Re: (Score:2, Informative)

      by dopodot (1559063)
      They're only releasing source code related to the Linksys products, which were in violation. Cisco acquired Linksys a few years ago -- Linksys still operates mostly as their own company. Cisco proper already has people responsible for ensuring source license compliance and they seem to have done a good job. I don't think there's any GPL code in IOS, which is what it sounds like you're worried about. There's lots of BSD-style code though.
    • by petrus4 (213815)

      As I've said before, people use the GPL in order to try and maintain favour/good PR with Stallmanite fanatics, when in practical terms, another license would be a better choice.

      The BSD license makes no stipulations as to whether parts of a given program license it or not. Cisco could have licensed 3-5 files of their entire project BSD if they wanted, while still closing the rest completely, and if they then wanted to, they could relicense and close the rest later on, in order to create a product.

      The BSD (o

  • !donation (Score:5, Insightful)

    by nsayer (86181) <nsayer@k[ ]com ['fu.' in gap]> on Wednesday May 20, 2009 @04:42PM (#28030927) Homepage

    Cisco has agreed to [...] make a monetary donation to the FSF.

    Um, that's not a donation.

    Donations are gifts. Gifts are given freely, not as a penalty for wrongdoing or in return for dropping a cause of action.

    • It's just an issue in the summary write-up, they used the word contribution in the actual acticle.

    • RTFA (Score:5, Insightful)

      by spun (1352) <loverevolutionaryNO@SPAMyahoo.com> on Wednesday May 20, 2009 @05:09PM (#28031401) Journal

      This is a tax deductible donation to a 501(c)3 charitable foundation, agreed to as part of a out of court settlement. It was freely given, Cisco could have gone to trial instead.

      • This is a tax deductible donation to a 501(c)3 charitable foundation, agreed to as part of a out of court settlement. It was freely given, Cisco could have gone to trial instead.

        If the alternative is being taken to court, you can hardly call it a "freely given" donation.

        • by spun (1352)

          Okay, but it is a donation. The important part is that it's tax deductible. I don't think we really have a word for 'tax deductible contribution given under duress,' so 'donation' will have to do.

        • by bug1 (96678)

          Perhaps the FSF didnt want to put a price on it, so they required cisco to pay what they think is fair.

          In that situation, cisco has choice in the amount they pay rather than if they pay or not, they amount the choose is far more powerful than the demand of having to pay something, so its reasonable i think to consider it a donation.

          But then again i didnt RTFA, so i could have it all wrong.

      • by nsayer (86181)

        This is a tax deductible donation

        The correct word is "contribution," not "donation." Modern dictionaries don't draw much distinction between the two words, but if you look at the origin of each word, contribute comes from the latin for "bringing together," and donate comes from the latin for "giving." It is more precisely correct to describe an involuntary transfer of funds that is still tax deductible as a "contribution" rather than a "donation."

        To say that Cisco acted voluntarily since their alternative was going to trial is like saying

      • by petrus4 (213815)

        I can only assume that this was modded Insightful by your fellow cultists.

        I suppose in a way, it's something to be admired. Loyalty in really any form is rare, these days.

  • ... anti-GPL trolls are sobbing silently in the dark. Boo fricken hoo!

    • by petrus4 (213815)

      No, we aren't. It's on record that cults generally don't outlive their founder, and he's getting on in years.

      The only thing that those of us who dislike the FSF really need to do is wait, at this point. The group is primarily Stallman's cult of personality, and as I've already said, now that they're not producing code any more, they don't have any hugely compelling reason to exist.

      Once Stallman dies, the group will collapse. It might take a couple of years, perhaps; but a look at the historical pattern w

  • John Chambers is now required to grow a neckbeard.

  • by jbn-o (555068) <mail@digitalcitizen.info> on Wednesday May 20, 2009 @06:50PM (#28032859) Homepage

    Whenever we talk about the work we do to handle violations, we say over and over again that getting compliance with the licenses is always our top priority.

    This cannot be said enough, particularly amongst a crowd that discusses the latest goings-on with the corporate media lobbyists they (justifiably) hate: Unlike the major corporate media copyright holders, the FSF sues and gets license compliance which is what they're really after. You'll notice that the FSF isn't seeking to bankrupt Cisco (even while recognizing that corporations aren't people). This is a far cry from what the MPAA, RIAA, and other corporate copyright holders pursue with the public—economic domination.

    And, as I've said before [slashdot.org], violating the GPL is not like violating other licenses and here's another way in which that is the case: GPLv3 has language which makes the situation better for violators who correct their behavior. As the plain language guide to the GPL [fsf.org] explains, under GPLv2 a violator had to beg the copyright holder to have their rights under the GPL restored because those rights vanished instantly and permanently upon license violation. Under GPLv3 section 8 [fsf.org] violators catch a break: "if you violate the license, you'll get your rights back once you stop the violation, unless a copyright holder contacts you within 60 days. After you receive such a notice, you can have your rights fully restored if you're a first-time violator and correct the violation within 30 days.". Other free software licenses have no similarly forgiving language; it appears that under the new BSD license if one violates any of the 3 conditions listed in the license one loses permission to "[redistribute] and use [the covered program] in source and binary forms" because the violator reverts to the default state of copyright: no permission to copy, share, or modify.

    • by petrus4 (213815)

      Other free software licenses have no similarly forgiving language

      That's because other (read: legitimate) free software licenses generally don't need them.

      I'm tired of hearing people claim that the FSF is anything other than a disease, to be honest. Maybe back when they were still actually developing or maintaining software, you might have been able to claim that they were doing something useful; but these days they don't really do anything other than rabble rouse and occasionally legally harass people.

      I kn

      • Re: (Score:3, Insightful)

        Other free software licenses have no similarly forgiving language

        That's because other (read: legitimate) free software licenses generally don't need them.

        I'm tired of hearing people claim that the FSF is anything other than a disease, to be honest. Maybe back when they were still actually developing or maintaining software, you might have been able to claim that they were doing something useful; but these days they don't really do anything other than rabble rouse and occasionally legally harass people.

        I know, I know...you're going to say that the only reason why the FSF goes after people in court is because they violate the GPL. If the GPL wasn't blatantly anticommercial, however, it wouldn't be an issue; if Cisco had simply used something BSD licensed, they could have done what they liked and the court case never would have happened.

        Of course, we know the reason why people who have no intention of complying with the GPL use it; it's because they want to curry favour with the freaks who've drunk sufficient amounts of Stallman's Kool Aid that they actually think it's a genuinely worthwhile license.

        The GPL 2 I can tolerate, but the GPL 3, no. The license aside, however, one thing that has always been true is that the FSF are a textbook destructive cult, and Stallman himself is the proverbial aspirant cult leader; he's the computing world's answer to Lefayette Ronald Hubbard.

        Development of the GNU project has been primarily handed over to Red Hat at this point, and as I've already said, I consider the GPL 3 a bad and overly restrictive license, even if v2 wasn't. Given those two points, the FSF have been reduced to not much more than a group of low budget terrorists, and the organisation should thus be abolished at this point. If it has ceased maintaining software or generating real code, it has outlived its' usefulness.

        Little bitter?

        The canard that the GPL is "anticommercial" is silly, but it's repeated often enough it's worth dismantling.

        The GPL is not in any way anticommercial. It explicitly permits commercial use. When I license my code under the GPL, I'm accepting that someone can take that code and make billions from it, and they will not owe me a nickel. I'm not presenting that as a negative, mind you. When one licenses under any free license, that is one of the freedoms one is granting to everyone in the world.

        Many

    • by Nazlfrag (1035012)

      I think the forgiving language there is the three conditions the BSD license imposes. With such trivial requests anyone violating should lose any and all protection afforded by the license.

The universe does not have laws -- it has habits, and habits can be broken.

Working...