“I realize the BSD allows people to sell my binaries and source but I do not believe it authorizes them to sell the source under a different license.”
Er, that's the exact point of the BSD license. The GPL even allows selling binaries and source code, but not re-licensing.
So the gist of this blog post is that you offered your source code under a license that allows re-licensing provided that your copyright and some notices are included, someone did it, and now you realise you want the GPL. I applaud this person for taking advantage of the very point of BSD and making some business out of it, that chap is smart.
If he's using your logo and you didn't license the logo then that's a copyright claim. But you have no right to whine about the source code. He can say whatever he wants about it, that the "product" is his, etc. (You think Google Chrome doesn't use a hundred libraries written by someone else? But it's Google that made Chrome, right?) And in YOUR LICENSE you wrote “you cannot use my name to advertise”, so the only question is whether your copyright notice and license terms are included in the redistribution.
“… illegally selling licenses to my source code for $13.99-$59.99.”
I would be VERY careful about libeling people by publicly outing them as doing illegal activities. Alexander Moskalev may even have a case against you for defamation or libel. I'd take this blog down if I were you. And then go and read some pages from http://fsf.org/.
According to Matt Gemmell's twitter (http://twitter.com/mattgemmell/status/235302914258792448) this morning the same seller had taken his open source split view library, stripped the author name from the header and removed the licence file.
It may not be the case for this library (given that he didn't need to under this licence) but it does suggest its possible.
I was under impression that, since code is copyrighted, release under BSD license does not release the copyright claim and therefore the smart fellow shall indicate whose code he is using/selling.
If you didn't download it, how do you know (s)he removed mentions of your name, and the BSD license mention? Because if those things are still there, what (s)he is doing is perfectly legal and fine.
I see two things that you could do (in addition to the DMCA if the BSD license was actually not respected):
- Selling it yourself cheaper than (s)he is (since anyway you weren't counting on making any money with it) with premium/improved features that are not in the version which is distributed open source ;
- Or you could just try to advertise your free product, saying that it is the same thing that this other person is selling, in order to get credited better for your own work.
I shouldn't have to pay money to find out if my license is being violated. Honestly, I don't even care that they are selling the code, I just care that they are representing my work as their own.
As p4bl0 pointed out though, if your license isn't being violated then you have no claim here, they're obeying the law and your takedowns are not valid.
The regular license allows the use of the purchased item in a project for either
personal or commercial uses, without the payment of any further fees or charges
after the initial download cost.
The regular license gives you the right to use the purchased items within 1
project of your own or on behalf of a client (commercial, personal, or non-profit).
You or your client cannot offer the item up for resale either on its own or as part
of a project.
Items purchased under a regular license must not be redistributed or resold “as-
is” or as part of any other collection of files.
What you can do:
You can integrate the component in 1 APP.
You can be distribute it only as a binary only (You cannot distribute Source Code).
Commercial use is allowed.
You can customize the Source Code.
I think (and actually, I hope too) that this isn't: "You cannot distribute Source Code". The BSD license may not force you to redistribute the source code, but I don't see it allowing you to forbid such a thing. Am I wrong?
EDIT: It seems I am, since if there was any changes to the product, it can be freely relicensed.
The safest way to protect against this is to use a better free software license which is copyleft (for instance the GNU GPL).
There is nothing in the BSD license that doesn't allow you to add additional restriction with respect to distribution. IANAL, but there are still two manners in which there could be a violation:
- The BSD license requires one to preserve the copyright notices and the BSD license. If that person stripped these from the software, he would be in violation of the BSD license.
- If the seller did not add anything that is copyrightable, I guess it's questionable if his added terms hold up. In this case it is exactly the same as the original BSD-licensed product, and covered by the BSD license.
What usually happens is that some proprietary software vendor takes a chunk of BSD-licensed software (say, a TCP/IP stack) and integrates it into their proprietary software (say, a kernel). In that case, you'd theoretically be allowed to pry out the BSD-licensed parts and redistribute it. In practice, this will be impossible, since the original source files are probably changed to such an extend that it's a mixture of BSD-licensed and proprietary software.
~~~
Of course, this is all the effect of choosing a weak copyleft license. You are practically saying 'you can do whatever you want with this code, as long as you list my name and this license in the source code and/or binary versions, and don't sue my if it doesn't work correctly'. If you want stronger protection, you should use a strong copyleft or a proprietary license.
Maybe you should too. The BSD license only requires reproduction of the copyright and license terms in (1) the source code; or (2) in the documentation and/or other materials provided with the a binary distribution.
You don't have to state the use of (revised) BSD-licensed code outside the source or binary distribution.
If he has modified even a single line of your source code, he is free to re-license the entire product as a whole under his own license. As long as your name / copyright notice is preserved in the source code / binary, there is nothing illegal about this. How else do you think GPL projects incorporate BSD-code ?
That's what happens with BSD code man. Do you know how much BSD code is in OS X and Windows and commercial software in general?
Releasing BSD code quickly turns into repackaging of the code by people who are more interested in money than coding. Next time do research on the licenses that are available before you pick one. I recommend the GPL, despite the FUD about how you can make a 'livelihood' off of it, which I somehow find easier to imagine than you being happy with this person piggybacking.
Hey, author of ChatSecure here. Has anyone else experienced plagiarism of their open source software? This guy was almost insultingly lazy and didn't even bother to use a different logo or obfuscate the code.
The whole point of a BSD licence is that I am allowed to redistribute it (with my changes optional) under more restrictive or closed source terms. This is what you explicitly allowed him to do by offering that licence.
If you want copies and derivatives to remain open source always, then use GPL - which adds a list of restrictions for redistribution.
Still, it needs to retain the copyright notice and credit the original author. What the plagiarist in this case did is use it as if it was Public Domain.
Given the audience that'd buy this software, I doubt that just dropping in a LICENSE file -- which is all that is needed -- will materially impact this borderline scam. Unlike the 4-clause BSD, which was not tractable, the modern 3-clause I'm quite sure the author used does not say in any way "must display this copyright in the most obvious place." If the repackager simply includes the file, I believe he will meet BSD provisions, per the letter of the contract. I see two ways to look at this:
* If one really doesn't like things like this to be within the grounds of the copyright, don't use BSD. Use GPL.
* On the other hand, what odds are there that the GPL will be reliably enforced against such small fry actors? Maybe you are best choosing a license based on what makes the most sense for the project's advancement anyway.
i'm a bit confused: the bsd license allows you to re-sell someone else's source, binaries, images, etc for a profit. you just have to include the copyright notice.
is that what you're sending the dmca notice about? because you couldn't find the necessary copyright notice? (if you didn't download it, how do you know it's not in the about box?)
* Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
* Neither the name of ChatSecure nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
I am not a lawyer, but my interpretation of the license was that you had to attribute me if you were selling my source code. Either way, they are the ChatSecure name to promote themselves and representing the work as their own.
Representing someone else's work as your own is plagiarism, regardless of the software license.
Note: I think these guys are obnoxious freeloaders, and I'm on your side, however:
> I am not a lawyer, but my interpretation of the license was that you had to attribute me if you were selling my source code.
Perhaps they do - and if they do, they are within their rights (as granted to them by yourself through the BSD license).
> Either way, they are the ChatSecure name to promote themselves and representing the work as their own.
That would be a trademark violation, and potentially false representation.
As for trademark, if you want to take legal action, you probably need to register it with the USPTO (assuming you are in the US). I am not a lawyer either, but when I inquired about it a few years ago, it was apparently required to register trademarks and copyrights before taking legal action.
False pretenses have much higher standard than you would assume: Unless they write anywhere "we are the sole author of this work", they are probably legally ok.
If this affair upsets you (as it seems it does), you would probably be better off with a GPL license - it's a signal to (ab)users that you care, as opposed to BSD which is a signal that you don't.
I think you are the good guy here, but I'm not sure you have much legal standing after using the BSD -- unless they removed your copyright notices.
IANAL, but reading this:
- Redistributions of Source Code must retain....
Doesn't seem to me to exclude selling the source code without displaying the information up front, as long as the copyright notice is still included with the source code (which we don't know, because we don't know anyone who bought it). And I can't see the third clause being triggered, because neither the name you gave it, or your name are being used.
Edit: fceccon pointed out that the name and logo are being used in the header, so yes that seems to make it much more clear cut, albeit turning on the legal definition of "Derived"
Interesting - I hadn't considered that the BSD licence doesn't seem to require the copyright notice to be displayed before downloading - so it could display the copyright notice in the purchased program, and be compliant?
This case doesn't seem on the surface of it, to be completely clear cut. Is there a case to argue that it is morally wrong for them to charge for something that is free, (apparently) without adding value? Perhaps. Legally, though, the case might be different.
the bsd license says: "Redistributions in binary form must reproduce the above copyright notice, .... in the documentation and/or other materials provided with the distribution."
I'm only interested in the representation of this software as his own, and including it in his "portfolio". If it turns out the BSD doesn't offer me strong enough legal protection against this kind of behavior, I will consider a move to the GPL with an App Store exception.
Incidentally, you mentioned you sent DMCA takedowns, but Chupamobile seems to offer submissions to it's own copyright notice address too on the T&C,
> "If you think your products has been copied or there was some breach of copyright please inform us by sending an email at report@chupamobile com, including:"...
So it might be worth hitting that also. I'd also like to make clear that I completely sympathise with your situation, if my other responses had implied otherwise.
If you go to the plagiarized product page (http://www.chupamobile.com/products/details/600/Secured+Chat...) and click more info under Regular License, the license terms are more restrictive than the BSD, which is a violation. However, the author is in Indonesia, so there's probably not much recourse.
> the license terms are more restrictive than the BSD, which is a violation.
I think you are confused with the GPL.
BSD only requires you to acknowledge original authorship, and declines any suitability or liability. It requires you to preserve the first. (You're welcome to take liability, though ...)
What your "plagiarist" is doing is perfectly legal I think. As long as your name appears in the source code and/or binary, you can't send a DMCA takedown. Also, he is not using your name to endorse his own product, which is what point 3 of the BSD license is all about.
Also, note that the plagiarist's derivative software can be under any license of his choice, be it commercial, non-commercial or personal. He is free to include / modify your source code and sell it under a different license of his choice -- the only restriction being that your name must appear in those parts of his source code you have written. Unless you buy his product and confirm that he has removed your name, you can't do anything.
Remember that BSD license roughly means public domain with copyright notice preservation. That's all. It doesn't restrict anything else.
I think you're missing an important lesson here: Your product is more valuable than you think.
This guy wouldn't have started selling your thing is it wasn't clear that it's something that people will pay for. Your first reaction when you hear that he's making money off of it shouldn't be how to stop him. It should be "Wow. I could be making money off of this.
My advice:
- Don't worry about this guy.
- Put a price on your product
- Stop giving away the source
- Improve it until your "competitor" fades away
There's no rule saying that you have to give your work away as open source. And as you've demonstrated, there's also no rule that if you give your work away for free, somebody else won't notice its value and sell it in your place.
> There's no rule saying that you have to give your work away as open source.
This is insulting to the author and the whole open source community. You seem to think that people release sources of their software because they think it is worthless or don't know they could make the conscious choice not to release the sources.
Releasing your source code involves a lot more reasoning and motivation than not doing it. Building open source software doesn't mean giving your work away for free, nothing keeps the author from selling his open source application on App Store as a convenience (an example of this practice is Growl). Since we are talking about a mobile application, it is especially easier to sell since most of his users won't even consider building it from source.
"This project is 100% free because it is important that all people around the world have unrestricted access to privacy tools. However, developing and supporting this project is hard work and costs real money. Please help support the development of this project!"
Not everyone is sophisticated enough to build a mobile app from source, or wealthy enough to pay Apple $99/yr for the privilege of running your own code.
Amazingly, this (and the root comment up top) are actually getting downvoted. I hadn't realized the sentiment among open source developers against making money from their craft was so strong.
But it shouldn't be. We, as developers, shouldn't harbor any ill will toward the OP should he decide to pull the open source version and sell it for profit. We certainly shouldn't advise him against it or recommend an alternative open source license that better guarantees that nobody can make money off this excellent piece of software.
Geeks like us tend to have a natural aversion to making money by selling our work directly, as though it's somehow dirty or wrong in some way that we can't quite articulate.
But we need to get over that.
We have a guy here (patio11) whose job this normally is, but he seems to have taken the morning off so I'll do this in his place:
On behalf of the Internet, I hereby grant you, the developer, permission to charge money for your software.
I know you (probably) mean well but you're missing the point and come off as fairly condescending.
Did you consider the possibility that the author already has a job that pays him extremely well and that the ROI he gets in spending time providing customer support/marketing for a commercial iOS app is actually losing money for him?
You should save the "you are allowed to make money" talk for people who are actually trying to sell software and doing it badly (Because they undervalue the work they created) instead of directing it at someone producing what looks like a labor of love and is not interested in marketing everything he has ever created.
Did you consider the possibility that the author already has a job that pays him extremely well and that the ROI he gets in spending time providing customer support/marketing for a commercial iOS app is actually losing money for him?
I think that's more a rationalization that developers use to convince themselves not to charge for their stuff than a reality. I've certainly never experienced any support/marketing overload with any of my products.
He already has the app in the app store. His support/marketing is where it is already. All he need do is tick a box marked "allow people to send me money" in his app store control panel and he's done. In short, there's no "down" for the app to go. It's already maxed out on the "losing money" front, and doesn't seem to be overburdening him.
On the customer support side, he might actually see that go down too by charging. Here's yesterday's discussion on exactly that:
Far from it. Yikes, I've never bought into the valley startup idea, where you spend all your time working on your thing. I spend maybe a dozen hours a month maintaining my little software empire and supporting customers.
There's a reason I promote the lifestyle. Having a little pile of software products paying you a full developer salary in exchange for answering a few emails a week is a pretty good place to be.
I think the point that's missed (especially by you) is that proprietary, closed source software is fundamentally more insecure than open source.
As a user of proprietary software, you can't inspect that code for bugs and you can't inspect it for malicious code - you just have to take the vendor's word for it that "it is really secure, honest! And there aren't any backdoors put in by the US government/china/whoever"
I don't know whether chatsecure is any good or would withstand attacks by a nation state, but if I were a security researcher or an aid organisation in the 3rd world, I could look at the source and find out.
It depends on how many copies have been sold, and what the support costs are likely to be. If he's only sold two copies, then it's not going to be worth packaging it up.
Don't forget, it's already packaged up. It's in the app store already.
The author can spend the next ten minutes logging into his apple account and adding a price to it. That's all the effort needed to turn this into a product (besides rewriting the App Store description so that people other than himself can parse what the application actually does).
Well, someone could use your code if it is BSD and charge as much as he wants.
He could use your code with the only requirement to add you to the credits. He also could modify the license, provided that he respects the due credit.
You can't say: "Now my code is GPL!!", the code that this person is using continues being BSD. You gave it away, your DMCA complaint is invalid.
Stop whining and learn about the basics of licensing first. Then focus on your product and not on what other people do. You could also charge for it while giving your code.
I just looked at the license he referenced in the blog post:
https://raw.github.com/chrisballinger/Off-the-Record-iOS/mas...
and it is the GPL, not BSD. So all the discussion about BSD is moot (unless it was really licensed under a BSD style license previously, and was just changed).
Er, that's the exact point of the BSD license. The GPL even allows selling binaries and source code, but not re-licensing.
So the gist of this blog post is that you offered your source code under a license that allows re-licensing provided that your copyright and some notices are included, someone did it, and now you realise you want the GPL. I applaud this person for taking advantage of the very point of BSD and making some business out of it, that chap is smart.
If he's using your logo and you didn't license the logo then that's a copyright claim. But you have no right to whine about the source code. He can say whatever he wants about it, that the "product" is his, etc. (You think Google Chrome doesn't use a hundred libraries written by someone else? But it's Google that made Chrome, right?) And in YOUR LICENSE you wrote “you cannot use my name to advertise”, so the only question is whether your copyright notice and license terms are included in the redistribution.
“… illegally selling licenses to my source code for $13.99-$59.99.”
I would be VERY careful about libeling people by publicly outing them as doing illegal activities. Alexander Moskalev may even have a case against you for defamation or libel. I'd take this blog down if I were you. And then go and read some pages from http://fsf.org/.