Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Open Source Piracy Your Rights Online

Stuxnet/Flame/Duqu Uses GPL Code 221

David Gerard writes "It seems the authors of Stuxnet/Duqu/Flame used the LZO library, which is straight-up GPL. And so, someone has asked the U.S. government to release the code under the GPL. (Other code uses various permissive licenses. As works of the U.S. federal government, the rest is of course public domain.) Perhaps the author could enlist the SFLC to send a copyright notice to the U.S. government..."
This discussion has been archived. No new comments can be posted.

Stuxnet/Flame/Duqu Uses GPL Code

Comments Filter:
  • by drinkypoo ( 153816 ) <martin.espinoza@gmail.com> on Wednesday June 06, 2012 @10:45AM (#40232303) Homepage Journal

    Someone with gigantic balls of steel should file a FOIA on this basis.

    It would be interesting to see if the request would even be acknowledged.

    What makes the idea clever is that it's a public request (and publicise the hell out of it!) and it's powered by copyright. This is why the GPL is so effective...

  • by TheSpoom ( 715771 ) <slashdot@nOSPaM.uberm00.net> on Wednesday June 06, 2012 @10:47AM (#40232331) Homepage Journal

    Distribute, not sell. (Though you absolutely have the right to sell GPL code as well, as long as you abide by the rest of the license and release your source.)

    In any case, I'm guessing that one of the following things will happen:

    - Some sort of secrecy / national security provision is given as a reason source cannot be released (1% probability)
    - Changes to the GPL portions are released (0.01% probability)
    - Stone-cold silence (98.99% probability)

    Remember, the US Government hasn't even acknowledged that they created these worms. We're still firmly in the "plausible deniability" phase.

  • by samkass ( 174571 ) on Wednesday June 06, 2012 @11:04AM (#40232575) Homepage Journal

    Also, you'll have to prove in a court of law that the Government did, in fact, distribute the software; that the recipient requested and was denied the source code; and that the owners of the Copyright have standing to sue. That's even before Sovereign issues. I'm not optimistic.

  • Re:Not gonna happen (Score:5, Interesting)

    by T.E.D. ( 34228 ) on Wednesday June 06, 2012 @01:04PM (#40234385)
    I have three issues with this:
    1. Does a virus spreading itself really count as "distribution" under the GPL? It could be argued that copying itself (sometimes to places it isn't wanted) is just the normal execution of this particular program (which the GPL always allows), not a proper "distribution". It's not like Iran called up the DoD and asked for its latest malicious virus.
    2. Legally you have to hold the party you got your distribution from liable for a GPL violation. That's the way the license is written. Thus to hold the DoD liable, you'd have to be the person who got your copy of the virus direct from them, not from another infected party. In other words, you have to be "patient zero". Who could prove that in court?
    3. The USA has laws against copying classified programs. So its quite possible the DoD could decide to turn around and arrest the litigant for posessing and/or distributing classified material.

When you make your mark in the world, watch out for guys with erasers. -- The Wall Street Journal