Stuxnet/Flame/Duqu Uses GPL Code 221
David Gerard writes "It seems the authors of Stuxnet/Duqu/Flame used the LZO library, which is straight-up GPL. And so, someone has asked the U.S. government to release the code under the GPL. (Other code uses various permissive licenses. As works of the U.S. federal government, the rest is of course public domain.) Perhaps the author could enlist the SFLC to send a copyright notice to the U.S. government..."
Clever idea, actually. (Score:5, Interesting)
Someone with gigantic balls of steel should file a FOIA on this basis.
It would be interesting to see if the request would even be acknowledged.
What makes the idea clever is that it's a public request (and publicise the hell out of it!) and it's powered by copyright. This is why the GPL is so effective...
Re:is the CIA selling these viruses? (Score:5, Interesting)
Distribute, not sell. (Though you absolutely have the right to sell GPL code as well, as long as you abide by the rest of the license and release your source.)
In any case, I'm guessing that one of the following things will happen:
- Some sort of secrecy / national security provision is given as a reason source cannot be released (1% probability)
- Changes to the GPL portions are released (0.01% probability)
- Stone-cold silence (98.99% probability)
Remember, the US Government hasn't even acknowledged that they created these worms. We're still firmly in the "plausible deniability" phase.
Re:Who gets to request code? (Score:5, Interesting)
Also, you'll have to prove in a court of law that the Government did, in fact, distribute the software; that the recipient requested and was denied the source code; and that the owners of the Copyright have standing to sue. That's even before Sovereign issues. I'm not optimistic.
Re:Not gonna happen (Score:5, Interesting)