Verizon Being Sued for GPL Infringement 195
darthcamaro writes "According to the SFLC, Verizon can be added to the list of companies infringing on the GPL. They filed a lawsuit in New York yesterday (pdf) alleging that the company is handing out routers using the GPL'd software 'BusyBox' without accompanying source code. Today the SFLC spoke to the media to lay out its case: 'The legal action against Verizon come as the fourth action that the SFLC has undertaken this year on behalf of BusyBox on GPL issues. The GPL is a reciprocal license that requires users of GPL-protected technology to make their source code available to end-users. To date, the SFLC has settled with one defendant out of court. Two actions, facing Xterasys Corporation and High-Gain Antennas, are ongoing and Ravicher said he's optimistic about negotiations resulting in a resolution with each.'"
Is the router user-modifiable? (Score:2, Insightful)
Re: (Score:3, Interesting)
Re:Is the router user-modifiable? (Score:4, Informative)
Don't be offended, but... (Score:2)
There is a huge difference between being able to ssh in as root, and having the ability (with a web interface) to "reconfigure anything you want".
Simple example: The NAS we have at work, despite being basically a hard drive in a box with an ethernet port, does allow us to ssh in as root, which lets us use it for things it was not designed for at all -- for example, we could probably run BitTorrent on the box its
SFLC (Score:3, Informative)
Re: (Score:2, Informative)
It apparantly runs Linux but uses executables signed with their private key and people haven't yet cracked it open.
Shame really because they are nice.
Re: (Score:3, Informative)
The uses I can foresee is modifying the ipstack and modifying snmp of the router. I am sure more creative minds than mine can come up with much more useful ideas.
Re:Is the router user-modifiable? (Score:5, Informative)
Replica of the hardware? (Score:2)
Re: (Score:3, Interesting)
Now, according to the FCC and radio frequencies. If you purchased the radio broad/chip and antenna from the same manufacture, they might have already had it certified. If they haven't, then you c
Re: (Score:2)
You might be able to make a router that doesn't infringe on any hardware patents you can't easily license.
You might want to port any busybox patches to openwrt and use them in a linksys box.
Any inability to replicate the hardware due to other IP is irrelevant, the busybox people don't own that.
Re: (Score:3)
Re:Is the router user-modifiable? (Score:4, Informative)
Re:Is the router user-modifiable? (Score:5, Informative)
(a) They don't actually have to include the source code with every router - just a written offer to supply the source code on demand. (I assume that the references to "including the source code" are journalistic imprecision or its gonna be a very short lawsuit).
(b) Users may also be developers who wish study the source code or to use or modify the software in other systems - as is their right under the GPL.
Anyway, most such products ship with a CD for plug-n-drool installation so how hard can it be to include a few source files?
Re: (Score:2, Interesting)
(b) again, you can study the busybox source code whenever you want, whether you have bought this router or not.
I support the GPL and of course it should be enforceable but I wonder what makes this particular router a target for spending time and money on a lawsuit. Surely there are more pressing threats to freedom that t
Re: (Score:2)
Sure, you can download BusyBox code from BusyBox. But can you download BusyBox code as modified by Verizon? Under the GPL, shouldn't you be able to do that? It might not be the sam as the BusyBox code at BusyBox...
Of course i
Re: (Score:2)
Someone pays to maintain whatever website you download the source from - why should they be obliged to provide a service to "your" paying customers?
Plus, you're missing a major strategic aim of the GPL - it guarantees that the source code of useful products is always available from a multitude of sources and can't easily be "lost".
Get real - we're talking about Verizon sticking a .zip file on a webs
Is the router sold or rented? (Score:3, Informative)
Re: (Score:2)
Suppose I sold something for 400 dollars. I didn't want you to modify it so I leased it instead at a cost of $100 over the expected life span and then claimed that the life span was 4 years and you were to toss it in the trash at the end of it's life.
You would effectively have bought the thing, I can deny service is changes are made and I never actually distributed anything because you are supposed to dispose of it. If you keep it and it still works af
Re: (Score:2)
You're
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
So the benefit that people would get form this lawsuit is the b
They've got bigger problems - router is P.O.S. (Score:5, Informative)
Unfortunately it has a MAJOR flaw. They're giving it out to their FIOS customers now, and the router shuts down when it gets hit too many times. This happens when using a Torrent, but also when refreshing STEAM server lists!
It's quite annoying, and since it's used by the TV set-top-boxes in the house it's kind of necessary. It's a shame, my 20Mbit connection can't handle Steam.
The problem was found a while back (when the casing wasn't as pretty about a year ago) but still no fix. I believe it has to do with a small NAT table.
That's odd... (Score:2, Funny)
It's quite annoying, and since it's used by the TV set-top-boxes in the house it's kind of necessary. It's a shame, my 20Mbit connection can't handle Steam.
That's odd: I thought Steam was supposed to travel through a series of tubes...
Try putting a pressure gauge and valve just upstream from your router: if the Steam pressure goes up too much, you can close the valve. Easy peasy!
PS Get a whistle, too: your router will sound like an old train.
Re: (Score:2)
Re: (Score:3, Insightful)
Re: (Score:2)
A quick search of their site seems to indicate that they have a download [actiontec.com] for it.
Now, Verizon could be protected from having to distribute the code by either of two ways that I can think of. The first might be in that they don't actually sell it but lease it and keep control of it. This sounds like something Verizon might do but I have replaces My ADSL2+ modem after their got hit by lightning. Their tech s
Re: (Score:2)
No, you "purchase" the router. Actually, you get it free. But, if it dies after the 1-year warranty period, you must buy another.
There is an exception: if you are also a FIOS TV subscriber, they will replace it -- because it is used to download program guide information and pay-per-view videos into the
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
So it wasn't the router itself, just connected to it by the firmware.
Re: (Score:2)
I was surprised too. I though verizon might be covered by the right of first sale. But unless they are redirecting the firmware from the ActionTech site, they are probably in violation.
Re: (Score:2)
Is it impossible to use both? (Score:2)
Or maybe some Linux box which fools the router into thinking it's on the Internet, if it won't work behind a NAT.
That is why they won't get my TV business (Score:2)
I have this router (Score:5, Interesting)
The TV set top boxes get IP addresses on the LAN via their coaxial connections. So these Verizon controlled boxes actually sit on my LAN in the same subnet as my PCs. They start at 192.168.1.100 while the PCs start at 192.168.1.2. Well I pinged then port scanned these Motorola set top boxes, and at least the HDTV DVR model of the box had it's VxWorks debug port left open. Interesting...
With the right tools I could imagine full access to the drive and the running software. So what does it take to work with this VxWorks debug port?
Some people may want to copy recordings out or enable the USB/Firewire to allow more than the 80GB internal storage included, but I am more curious if this untrusted box is doing anything I don't want on my home network. Few have the special equipment to tap these MOCA (multi-media over coax) wires between the router and the STBs, so this debug port might be a good way to check.
Uh-oh... (Score:5, Interesting)
I wonder if Verizon is the right place to be looking for the source code?
If the "infringing product" is, indeed, the Actiontec MI424WR, wouldn't the correct place to look be the manufacturer of the hardware and integrator of the firmware, Actiontec?
Looking on Actiontec's "Support: Open Source" website (http://opensource.actiontec.com/index.html [actiontec.com]), I see the following:
Hmmm... looks like Actiontec is at least attempting to honor the license. I haven't researched what's in the tarball, but at least it's there.
So, again, why is SFLC suing Verizon? I'm sure Verizon would argue that (A) they're just retailing and installing off-the-shelf hardware, and (B) any license liability is the hardware manufacturer's.
BTW: to the 4 anonymous cowards that I upmodded earlier in this article, sorry you lost my moderation bump. I hate wasting modpoints, but this seemed relevant and important.
Verizon is distributing the software (Score:3)
Verizon could then turn around and sue the hardware manufacturer as well, but they themselves are still liable under coypright law.
Also, the GPL is quite clear as to when you are allowed to post a link to a website, and when you have to ship the actual source with the product.
Re: (Score:3, Insightful)
They're suing Verizon because Verizon is distributing the hardware boxes (and thus the embedded software).
Verizon could then turn around and sue the hardware manufacturer as well, but they themselves are still liable under coypright law.
I'm not sure if I buy that. At least, I don't think it's that simple. If I sell hardware with GPL firmware, and I don't do firmware support myself, I can't imagine that simply retailing the hardware incurs any kind of source code requirement.
I'm not considering whether Ve
Re: (Score:2)
I'm not sure if I buy that. At least, I don't think it's that simple. If I sell hardware with GPL firmware, and I don't do firmware support myself, I can't imagine that simply retailing the hardware incurs any kind of source code requirement.
Forget about the terms of the GPL. If someone sells you a product, and you sell it on, and the product contains parts that are protected by copyright and you don't have permission from the copyright holder, you are responsible. If I produce 1000 illegal copies of MS Vista, sell them to you, and you sell them on, you can't deny responsibility. Microsoft can and will sue you. You may be able to sue me in turn, depending on circumstances.
Same here. When Verizon gives the product to the end user, they are
Re: (Score:2)
So if load up a PC with a copy of windows i bought in a back alley in china for $1 and "resell" the hardware/software in the US then im legally in the clear, and its only the guy in china that can get in trouble ?
Copyright laws dont just magically disappear just because one commercial transaction has taken place.
Perhaps your confused as a lot o
Re: (Score:2)
So if load up a PC with a copy of windows i bought in a back alley in china for $1 and "resell" the hardware/software in the US then im legally in the clear
With regard to the resale, yes.
The trouble is that you purchased illicit goods knowing them to be of questionable origin (strike one, bad faith), installed unlicensed software (strike two, copyright infringement), aren't licensed to do business with China (strike three, multiple no-nos [tax, commercial code, etc.]), and misrepresented what you're selling as legitimate (strike four, fraud). You'll get busted for any number of things. Resale of goods purchased in good faith would not be one of them.
Now, ha
Re: (Score:2)
Well they know now dont they, so they have to abide by the license, agreed ?
Re: (Score:3, Insightful)
The part that means "get out of jail free"
Re: (Score:2)
Also, the configuration pages that Verizon probably did change to display their logo might not be any different then a webpage running on an GPLed webserver. It probably shouldn't kick in the GPL. And if it did, all verizon would have to do it provide access to the logo's image.
This entire thing is extremely complexed and there is little to no information in the article. I would like to see the actual filings to
Re: (Score:2)
But anyways, The GPL doesn't place any restrictions on anyone that doesn't accept it. Copyright places restrictions on what you can do with copyright covered works. Now, Copyright has a "right of first sale" (or the first sale doctrine) exception that basically says that as long as you legally obtained the co
Re:Uh-oh... (Score:5, Informative)
Re: (Score:3, Interesting)
Now that's the answer which makes the most sense. If it's not stock firmware, and the altered firmware is in the scope of the original open source (i.e., not just simple aggregation), then yes, Verizon is obligated to honor source redistribution requirements.
But remember: not everything in the firmware image is necessarily open source. (Again, the "simple aggregation" criterion.) Therefore, not everything would trigger an obligation to share source.
TFA is a fine piece of press-releasemanship, but awfully li
Re:Uh-oh... (Score:4, Funny)
Re: (Score:2)
Re: (Score:2)
It doesn't matter if they modified the firmware, as long as they didn't modify BusyBox. I guess they must have detected some changes in the binary and went after Verizon.
The GPL covers distribution of copyrighted work, even if it hasn't been modified. (You don't have *any* rights to distribute copyrighted work without some sort of license, such as the GPL.) Simply the act of distributing BusyBox in binary form requires that you also distribute the source used to compile it (or a written offer for said so
Terminology (Score:2, Informative)
Re: (Score:2)
Further, what you claim has never been established or held to be true in a US court. The GNU Public License
Re: (Score:2)
It's bad nitpicking, for several reasons, not the least of which being that GPL violation is copyright infringement, among other things, so you're in distinction-without-a-difference land. Breach of license is a means of infringing on a copyright, and frankly is more useful as a term that "he violated my copyright!" which urges the followup question, "How?" This takes care of both in one fell swoop.
You are wrong. GPL violation is _not_ copyright infringement. Distributing software without permission of the copyright holder is copyright infringement. Not meeting the terms of the GPL just invalidates any claims that you might have permission of the copyright holder. That is an important distinction, because it means the copyright infringement has happened, and distributing the source code now doesn't help anymore.
You cannot sue anyone for breach of the GPL. You can only sue for copyright infringemen
Re: (Score:2)
You are wrong. GPL violation is _not_ copyright infringement. Distributing software without permission of the copyright holder is copyright infringement.
Wow. You were SO close. GPL violation sparks what action? Termination of license. Distributing without a license is what? Distribution without permission. Distribution without permission is what? Copyright infringement.
That is an important distinction, because it means the copyright infringement has happened, and distributing the source code now doesn't help anymore.
It's not a distinction at all! You're living a fiction totally unsupported by the law. There is no mechanism--let me repeat--there is NO mechanism, for perpetually terminating a GPL user's license. You can seek an injunction requiring a company to stop sales until they comply with
Re: (Score:2)
And since we are told to DEATH that "copyright infringement" == "stealing" == "piracy" we could have it read "Verizon being sued for software theft and piracy".
Even harder and more important than the editors and media understanding the subtlety here -- do the lawyers and the courts understand it? If Verizon WINS this case would it set legal precedent to relax judgment on other forms of copyright infringement?
Re: (Score:2)
If Verizon wins this case, it sets no precedent whatsoever. If it evolves to a precedential ruling, at best it will simply cause damage to the notion of suing for any kind of open source infringement, by invalidating restrictions that can't be enforced (granting distributions rights without a contract) or that never legally existed (requires no notice or assent--users are not so much as presented with
Re: (Score:2)
Re: (Score:2)
Strange that you can telnet into it and login, but you can't ssh in. Fortunately the telnet is only listening to machines on its lan ports, since there's no way to turn it off that I know of.
BusyBox v0.61.pre (2006.07.03-16:17+0000) Built-in shell (ash)
ifconfig sure does list a lot of ports. It must be a very generically written os to work easily on a wide variety of their bo
Competition (Score:3, Funny)
Soon, they will find that they are not the only ones prosecuting copyright violators...
Soon, they will be struggling to keep ahead of the organizations that prosecute GPL violations!
Fantastic! (Score:2)
I hope their FIOS is a complete failure.
Re: (Score:2)
So they're patent trolls, at least they provide something useful on the side. I, for one, would rather have a cheap, high-bandwidth connection than cheap VoIP. (Don't we have Skype for that anyway?) 15Mbps upstream is just too good to pass up, compared to the 512Kbps-1Mbps the cable companies provide.
Re: (Score:2)
I realize that clashes with torrents and things like that, but just watch and see what Verizon does. They're famous for luring you in then jacking up the price. The only reason there's any buzz about it is because people have the memory span of a gnat.
Sigh (Score:2)
Re: (Score:2)
Sometimes I think BusyBox was created just so people could bitch about embedded manufacturers.
I laughed at this. But the truth is, the manufacturers could have written their own BusyBox-like toolkit. They wisely chose to use someone else's work instead, and have to pay only the small price of providing the same source that they were given. It's not too much to ask.
Re:Infringed on the GPL? (Score:5, Informative)
They don't really have to bundle the code with the units though. Just hand it over on request from a user. The article wasn't to clear on that. But I expect SFLC tried to ask them for it before it came to this.
Re: (Score:2)
In that case, I would think that Verizon is somewhat protected by the right of first sale and the fact that acceptance isn't necessary for use. It could be that the original manufacturer is the one responsible to the source code.
Re: (Score:2)
Please, read the GPL or one of the five zillion FAQs about it out there---the one one the gnu site might be a great starting point---before commenting...
Do not be the noise: be the signal.
Re: (Score:2)
Re: (Score:2)
Huh?
You must be a very lucky person: essentially all legal documents I have read are basically incomprehensible, except for the GPL and a few others. It is written in what very closely ressembles plain English, which is something that cannot be said of legal texts, generally.
And as for your rant regarding FAQs and what not, you are certainly welcome not to use my code.
Re: (Score:2)
Using the FAQ for the GP
Re: (Score:2)
The FAQ might as well be written about sunshine and lolypops because anything the FAQ says is irrelevant.
No, it isn't. For one thing, it shows how the FSF/SFLC interpret the licence—and they're the ones who will sue you if they think you're distributing software they own in an infringing way. What's more, if they have made public statements (such as the FAQ) describing the way they intend their legal documents to be interpreted, a court will very likely hold them to that. So it is relevant, but I agree it's not a substitute for reading and understanding the licence.
Re: (Score:2)
That is in clear direct violation of the GPL.
If you were to even just download a common oss app like Azureus and tossed it up on your own website for other people to download you are responsible for making the source code available.
As an aside, I'm suddenly curious how and if this impacts on p2p. Would someone downloading a torrent be technic
Re: (Score:2)
You are responsible for fulfilling that gpl obligation by taking responsibility for providing the source. Note that 'taking responsibility' doesn't mean you actually have to do it yourself. You could hire someone to handle that obligation, you could even make an arrangement with the party you got it from to handle that obligation.
But you can't just 'offload' it onto someone else.
I guess a good litmus test of whether you've met your obligation would be: "Does the person fulfi
Re: (Score:2)
I really don't think that this is the case, even though this often is the way it's done. But even if it would be possible to point requesters to the origin of the source, the distributor must inform the user that the product contains code licensed under the GPL and that they thus have a right to request the source code. Otherwise, how would the user know?
IANAL though.
Re: (Score:2)
Re: (Score:2)
If one is distributing the software unmodified, can they not just point requesters to where they got the source from in the first place? It's been a while since I looked at the GPL, but I thought this was the case.
Whether you modified the software or not, you have three choices if you distribute it (and "distribute" means: Give a copy to someone else):
1. Ship the software together with a copy of the GPL and the source code. 2. Ship the software together with a copy of the GPL, a promise valid for three years to provide the source code, and the information how to get the source code. 3. If your distribution is not commercial, and the software is unmodified, and you received it from someone who used method (2) or (
Re: (Score:2)
Re: (Score:2)
You probably has a transmission error while getting the copy of the GPL you read, since it apparently was missing section 6...
As for your last sentence: see http://www.gnu.org/licenses/gpl-faq.html#SourceAndBinaryOnDifferentSites [gnu.org].
Re: (Score:2)
However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable.
I know it is meant for a compiler and so on, but if Verizon hasn't changed the source, could they be using this as the reasons for not giving the sourc
Re: (Score:2)
If they could, I'm pretty certain that Verizon would have to include a note that the product contains code licensed under the GPL and that the user has a right to download the source from the original distributor.
Re: (Score:2)
Verizon is distributing the code and the GPL, as you more or less note, is a license which only affects distribution. Are you seriously saying that acceptance of the GPL does not apply to Verizon's actions? Do you seriously consider them to be users of the code in this situation?
Remark, regarding your last couple of sentences, that neither of the two companies owns or ever owned the copyright to the GPL code in question, so whatever they sold or bought did not include the copyright (ie, the right to make c
Re: (Score:2)
Yep. Verizon isn't modifying the GPLed code. As far as we know they have modified a web page that sits on the code and set passwords. That flows along the lines of use. And they probably had the original manufacturer put that in
Re: (Score:2)
What is the point of trolling like that? (Score:2)
P.S. I went to publick skewl and i right ok.
Re:Business World Fleeing The Viral GPL (Score:5, Insightful)
You claim that Verizon, a huge company, which probably employs quite a few lawyers is unaware about the terms under which the code is distributed? Here's a hint: Every piece of software comes with a license. There are much nastier things out there than the GPL, and it'd be outright stupid for a large company to use anything without having a lawyer through the terms.
Now, if this makes them stop using GPL code, that's a perfectly good thing. I for one write GPL code for very good reasons and prefer it not to be used to infringement.
Re: (Score:2)
I can think of a lot of things Verizon's lawyers might be doing including dealing with RIAA lawsuits against their customers. Big companies don't always think. If lawyers checked everything, we would never see patent lawsuits either. Think about it.
Re: (Score:2)
Because the potential consequences can be quite horrible? Infringe on the copyright of somebody like Microsoft or IBM, and things can get very unpleasant, fast. There are many companies with nasty terms out there. Some for example specify you give the company permission to run an audit o
Re: (Score:2)
You said "AFAIK, you can file a lawsuit for any reason. Look at SCO for instance. No proof at all, yet the whole thing managed to stay in court for years. You can bet they talked to lawyers before they filed it."
Thus the legal teams at big companies are busy fighting "random" lawsuits.
Re: (Score:2)
Re: (Score:2)
The business world has no fear of GPL. The GPL is a license. If a business wants to use someone else's copyrighted code, then they check the license, and the cost, and decide whether the license and the cost are acceptable or not. Some companies will decide that using code licensed under GPL is not suitable to them. Micr
Re: (Score:2)
Re:How did they infringe? (Score:4, Interesting)
Re: (Score:3, Informative)
Wow, that is ridiculously wrong. At least if we're talking about GPLv2, there's no difference between commercial and non-commercial distribution.
The fact of the matter is that if you're distributing GPL'd code in a manner that would violate copyright if no license were given (e.g. copying it), then you must distribute the source code (either directly or via a written offer).
Of course, if you're not distributing GPL'd code in a manner that woul
Re: (Score:2)
You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
b) Convey the object code in, or embodied
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The source code for Busybox, and all of the utilities that can be integrated into it, is already readily available. So, what is Verizon supposedly "withholding?"
The fact that (as you point out) it would be ridiculously easy for Verizon to comply with the GPL does not negate the fact that they are not in compliance.
(Never mind the fact that the GPL, because it constitutes a "contract to make a contract," is invalid.)
Interesting opinion. The GPL has been held up in Germany, and has not made it to court
Re: (Score:2)