tz1
Posts: 22
Joined: Tue Jan 07, 2014 10:09 pm

Raspberry Pi-racy, GPL violation edition

Tue Mar 18, 2014 7:03 pm

http://gpl-violations.org/faq/vendor-faq.html
http://gpl-violations.org/faq/sourcecode-faq.html
https://www.softwarefreedom.org/resourc ... guide.html
http://www.gnu.org/licenses/gpl-faq.htm ... JustBinary

I am really getting tired of all the software piracy going on by vendors of Pi accessories.

Yes, piracy. I am one of the authors of the software included in the Linux Kernel and a few of the GPL sources which comprise the distributions which run on the Pi.

I won't name names here, but barely a month goes by where there is some new accessory that connects to the Pi, that includes a BINARY ONLY image or package. And absolutely NOTHING about where I can get the corresponding build source. The source and build instructions which are required to comply with the terms of the Gnu General Public License, version 2 or version 3. Binary, sometimes a new binary. No source. Or a bunch of patches that fail with every kernel tree I try. Or even when patched, the hardware doesn't work because they forgot something or modified something else and forgot.

Note you can do a fully proprietary module if it is entirely your own work and link to the existing kernel. It isn't that hard. But you can't even make a single patch to the kernel and distribute the binary without distributing the corresponding source.

It must be the corresponding source. You are in violation if you just claim the code is "somewhere out there" and have a bunch of patches that might or might not apply cleanly to no one knows which one of the hundreds of versions of the pi kernel but fail everywhere else, and don't mention other settings or modifications not included. The whole point of the GPL is to allow me to recreate the SPECIFIC working binary. Even if you maintain a parallel development kernel tree, you need to tell me which exact checkin was used to create a binary.

I really don't want to start sending out DMCA takedown notices or their equivalent in other countries to everyone, but if nothing happens, I'm going to start being militant about the GPL.

If you do want to put up a binary-only, at least have the decency to put it up on one of those torrents with the other pirated material and mention it using a fake account in a product forum.

Otherwise, please at least note the "oops" where you are distributing existing binaries and replace it with a binary with corresponding source ASAP. Everywhere there is one of your own pages linking to the binary, there should be a corresponding link to how to get and build that binary from the sources.

Instructions and recommendations are given at the links at the top of this post. It isn't hard and you don't have to duplicate every source file included. But you must give sufficient instructions for anyone who wants to recreate the binary to find and build it.

The Pi providers could do a better job of adding a label on github when they select a particular version to be a binary, I shouldn't have to go through a complex process to find the corresponding source on github, but I don't consider it noncompliance since I can find it by following a well documented if tedious process. I'm asking vendors to do at least that much, tell me how and where I can find the sources.

You are benefiting from my work and the work of thousands of others. The GPL was designed so that sharing would occur. That is why they REQUIRED to make the modifications and build instructions available when publishing a binary. And that is why I chose the GPL. I find nothing more unfair and unjust for people to use my work for free, then make me spend several hours trying to find out what scattered pieces of different versions of code out there are required to make a kernel I'm loading work like a binary image with a new piece of hardware.

If you don't like the GPL, find another OS under a more liberal license that doesn't require distribution of sources. They are out there. And make a binary image of that and don't include any of the GPLed components and use that with your accessory.

The community can and should do better. It is legally obligated to do so.

If you are a just a user, and see a binary derived from GPLed source for the Pi (the Linux Kernel is one, but most of the user programs are too), look for the exact corresponding source used to create it, and if you don't find it, politely ask for it. Unless they are the sole author, and the program is not derived from other GPL code, they have no right (unless they obtain such permission) to distribute the binary without the source.

We need to keep software free - as in freedom. The freedom to study. The freedom to modify. The freedom to build your own version and make your own changes.

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 25367
Joined: Sat Jul 30, 2011 7:41 pm

Re: Raspberry Pi-racy, GPL violation edition

Tue Mar 18, 2014 7:40 pm

tz1 is absolutely right ( I wish you had posted your name...it makes statements such as this much more valid).

I will add that all the code used by Raspberry Pi themselves is GPL compliant and is available on GitHub. This post is specifically about third parties writing drivers or similar that link in to the kernel. Those MUST has corresponding source code released in order to comply with the GPL licenced Linux kernel.

People who are simply writing userland code with non-GPL libraries (e.g. the C libraries) do not have to publish their code UNLESS they link in to other GPL licenced libraries. This is the majority of people, so please don't feel threatened by the tone of the original poster.

The whole area of licencing is complicated, so if you are concerned, please check out the links above.
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
“I own the world’s worst thesaurus. Not only is it awful, it’s awful."

User avatar
DougieLawson
Posts: 37455
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Raspberry Pi-racy, GPL violation edition

Tue Mar 18, 2014 7:43 pm

Let me guess this rant is about the Wolfson audio card.

Seeing the multitude of posts about needing to download their image has put me off buying one. If I had to build a package from source that would be better than some obscure pre-built image. (The hardware problems are secondary.)
Note: Having anything humorous in your signature is completely banned on this forum. Wear a tin-foil hat and you'll get a ban.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

Dutch_Master
Posts: 362
Joined: Sat Jul 27, 2013 11:36 am

Re: Raspberry Pi-racy, GPL violation edition

Tue Mar 18, 2014 7:44 pm

May I suggest 'naming and shaming' persistent perpetrators perhaps? Private request, private warning, private warning from the RPi Foundation, public warning in these forums and as a last resort, a full "name&shame" post on the RPi webpage/blog. If it's a commercial entity making money by associating themselves with the RPi brand, revoke their licence. No licence: sue them :) Could be an issue with (primarily) Asian copy-cats, but in such case the appropriate authorities can be informed the particular vendor is selling counterfeit goods, to be confiscated upon entry. Mind, in Asia generally "loosing face" is a disgrace to yourself and maybe your family. Be careful though, if done unjustifiably they're not very forgiving :roll:

In any case, it helps if you get local media on your side ;)

Return to “Off topic discussion”