

Transcend violates GPL - dmitrygr
http://dmitry.gr/index.php?r=05.Projects&proj=15.%20Transcend%20WiFiSD#GPL

======
josephlord
This seems a clear GPL violation to me and Transcend deserve an expensive
legal education.

"GPL also makes anything linked with a GPL sourced component a derivative work
- requiring it too to be licenced under GPL."

This isn't correct. The result of linking a GPL work with another work is
itself a derived work. To distribute that derived work you are required to
make the all sources available under the GPL [or strictly more permissive
license - read the GPL yourself if it matters] so you have a choice between:

1 not distributing the derived work (the binary) OR

2 ensuring appropriate release of source code OR

3 coming to a private arrangement to receive a (non-GPL) license from the
copyright holders of the GPLed work (not practical or possible with Linux) OR

4 (not recommended) committing copyright infringement by distributing the
binary without permission.

The GPL is not viral and does not automatically cause licenses to be granted
to linked work. It sounds as if Transcend have gone for option 4 which would
make them commercial copyright infringers and liable for penalties in most
countries of the world (Berne Convention etc).

~~~
dmitrygr
none of 1...3 applies here, though.

just #4

~~~
josephlord
Agreed (as I say at the beginning and end of my post) and that is why I hope
this company receives an expensive legal education

------
oakwhiz
That's too bad, because those little Wifi SD cards are actually pretty awesome
for microcontroller projects, since you can talk to them over a standard SPI
bus, and they're fairly inexpensive for what they do. Hopefully Transcend
opens the source. If they did, then there would be more reason to actually buy
these cards as embedded Linux systems, meaning more sales for them.

EDIT: I wonder why hardware manufacturers are so insistent on keeping the
source closed for products such as this. From what I've heard, the software
onboard the card is quite buggy and contains numerous exploits. If they just
let the community help improve it, I'm sure we would be seeing better
alternative distributions for this card (kind of like Cyanogenmod with
Android)

~~~
dmitrygr
Well, I did get the card to fully work using my own kernel and ramdisk and
filesystem, even bringing up ubuntu. Just had to do some dirty things to the
kernel. If you're curious, the linked article described how to do this.

------
AaronFriel
Is this true, that kernel modules that are independently compiled are also
"infected" by the GPL?

I do not think this is the case, and the recent Oracle v. Google case seems to
suggest that APIs themselves are not copyrightable. So the kernel module API
used by a non-OSS licensed module doesn't seem like it should infect the
entire module. That is, importing kernel headers in a binary doesn't
constitute a derivative work.

CAVEAT EMPTOR: I am not a lawyer. I wasn't a lawyer when I started writing
this comment and, alas, I will not be when I have finished it.

~~~
tzs
What do you mean by "modules that are independently compiled"?

If I were to write a kernel module, which I only distribute in source form,
there is nothing that would require me to make my module GPL unless I have
copied into my module source copyrightable elements from Linux (or some other
GPL-licensed code). Let's assume I use a license for my module source that is
not compatible with GPLv2.

If you take my module, and compile it into a Linux kernel, and want to
distribute the resulting binary, then YOU have a problem in that the resulting
binary that includes the kernel and my module is probably a derivative work of
the Linux kernel, and the license of the kernel doesn't let you distribute
derivative works of the kernel unless they are licensed under GPLv2. (You
might try to argue that my module and the kernel together are a compilation,
not a derivative work, but I don't think that would work).

I've seen it argued that since my module is intended to be built into kernels
and doesn't have much use if not built into kernels, than I am effectively
building it into kernels and distributing it even though others do the actual
building, and so I do have to license my code under GPL.

Copyright law (at least in the US) does actually recognize a couple of
circumstances under which I could be liable for someone else's infringement.
There is "contributory infringement" and "induced infringement". If either of
these could be applied, I could be held responsible for the infringement that
occurs when others build infringing kernels using my module source. For
induced infringement, the person actually doing the infringement basically has
to be an agent of mine, so that would not apply. For contributory
infringement, I just have to be doing something that enables their
infringement.

Alas for those who want to hold me liable, there is a major problem with the
contributory infringement approach. There CANNOT be contributory infringement
without there being a direct infringement for me to have been contributory
toward, and there must no substantial non-infringing use for my work. As even
Stallman concedes, the GPL allows a person to take GPL source code and combine
it with code that is licensed incompatibly with GPL and build binaries for
their own private use. These people are not infringing, and so do not provide
a foundation for contributory infringement, and they provide an example of a
substantial non-infringing use for my work.

The above hypothetical (module distributed in source form only) is what I
think of when I hear the phrase "independently compiled".

One thing often overlooked when these discussions come up is that the Linux
kernel is not the first program that outsiders have wanted to write code for
without following the rules set forth by the program's owners. People have
been figuring out non-public internal interfaces and data structures of word
processors, spreadsheets, video games, embedded systems, proprietary operating
systems, and so on, and then releasing things that patch in and do
unauthorized things long before Linux came along. All that's different with
Linux is that (1) they can look at the Linux code so it is a lot easier to
figure out non-public internal interfaces and data structures, and (2) GPL
saves them from contributory infringement (with unauthorized modifications to
proprietary programs, the end user might be violating a EULA if they use your
work, which puts you on less firm ground).

~~~
AaronFriel
> If you take my module, and compile it into a Linux kernel, and want to
> distribute the resulting binary

Binaries. Separate. That is, a kernel module containing or as an independently
compiled binary component from the kernel. Does that get infected by the GPL
by virtue of its ultimate use, even though it can be distributed separately?

------
chatman
It is important to cut these evil companies to size by boycotting them.

~~~
dmitrygr
Wonder if FSF will care about this? Or if they can help.

~~~
aylons
They don't hold rights for the kernel, so they can't.

Linux Foundation can, as do anyone who contributed to the kernel they are
using.

~~~
dmitrygr
Do you think it would be worthwhile to try? I really would love to see the
proper and complete source released for this card - it is a cute and capable
device, and having to hack module.c to make use of it seems wrong.

~~~
jlgaddis
Find anyone who has a.) contributed code to the kernel (and, thus, holds
copyright on it) and b.) wants to pursue a claim of copyright infringement.
_Any_ kernel contributor should have standing, AIUI.

 _(standard "IANAL" and "I speak only for myself" disclaimers apply)_

------
cjensen
Linux modules have _always_ been exempt from the GPL.

[http://www.xml.com/ldd/chapter/book/ch01.html#t6](http://www.xml.com/ldd/chapter/book/ch01.html#t6)

~~~
dmitrygr
Not quite. any part that links with kernel must be GPL. other parts may not
be. See how NVIDIA/ATI do it for examples

