Professor Tanenbaum is one of the most respected computer scientists alive, and for Intel to include Minix in their chip and not let him know is kind of unprofessional and not very nice to say the least. That is his only (and quite fair) point.
I guess Minix' license, which allows this kind of behaviour, is the very reason Intel chose Minix in the first place. I imagine it would be very complicated to get management approval for informing Dr. Tannenbaum about the usage in Intel's ME.
IMHO if he has a problem with the way things worked out, he should have chosen a different license. For example the MIT license requires the copyright and license to be included in distributions.
This is a classic conflation of legalese and ethics/decorum/professional courtesy. Just because something is legal doesn't make it good, and just because something is good doesn't make it legal.
For example, I abhor those who take credit for other peoples' work. But I use a license on software I write that permits folks to do just that.
* Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
One of my libraries with BSD 3-clause license was used in a U.S. government project. It did require particular hardware and couldn't really be deployed by any random user but they honored the mention clause without any prodding on my part.
My Bosch kitchen appliances came with a whole bunch of software licenses for embedded subsystems, even GPL ones. So it seems actual lawyers in a huge international corporation decided it constitutes distribution.
I mean, they could also just assume that shipping three sheets of paper with each washer is just cheaper than finding out.
For example, the software-as-a-service loophole that GPLv3 (and AGPL) closes. We actually had an exploitation of said loophole for the open source Space Station 13 game. People were making changes to the game (each server runs their own modifications, and, the game is pure client/server so the entire 'game' is server-side binary only with dumb clients connecting) and some people were making important modifications and not sharing them with the community AND it was intentional because their mods made them the most popular server to play on (because nobody else had the features). It was a big stink, and eventually someone "leaked" the code, but then nobody could tell if that was legal to use or look at and it became a big, confusing legal grey area. All because they didn't start with AGPL or GPLv3 (or some other SaaS-aware license). The original authors probably didn't think anything of it and just thought "GPL is 'good'. So GPL it is." and that was the extent of it.
I suppose you could make the argument that the OEMs are the ones distributing the binaries, but they are out there.
you can read:
"What is the MINIX 3 license?
The MINIX 3 license is a clone of the Berkeley (BSD) license. In plain English, it says you can do whatever you like with the system provided that (1) you agree not to sue us under any conditions, and (2) you keep the credit lines in the source, documentation, and publicity unless other arrangements have been made. Specifically, you are free to modify the source code, redistribute it, incorporate it into commercial products with only the above restrictions."
Note the passage "unless other arrangements have been made". I am pretty sure Intel made such an agreement with the MINIX 3 developers for this reason.
Also, my guess is this is part "security through obscurity", part Intel not wanting everyone to know that they used someone else's code for its chips' firmware.
Beyond the valid complaint of this being a personal insult, that is.
I have no idea what copyright law says about damages in a case where the infringing party tries to keep their large-scale infringement secret.
> I guess Minix' license, which allows this kind of behaviour, is the very reason Intel chose Minix in the first place. I imagine it would be very complicated to get management approval for informing Dr. Tannenbaum about the usage in Intel's ME.
Tanenbaum: Some people have pointed out online that if MINIX had a GPL license, Intel might not have used it since then it would have had to publish the modifications to the code. Maybe yes, maybe no, but the modifications were no doubt technical issues involving which mode processes run in, etc. My understanding, however, is that the small size and modular microkernel structure were the primary attractions.
> MHO if he has a problem with the way things worked out, he should have chosen a different license.
Tanenbaum: I don't mind, of course, and was not expecting any kind of payment since that is not required. There isn't even any suggestion in the license that it would be appreciated.
Tanenbaum: The only thing that would have been nice is that after the project had been finished and the chip deployed, that someone from Intel would have told me, just as a courtesy, that MINIX 3 was now probably the most widely used operating system in the world on x86 computers. That certainly wasn't required in any way, but I think it would have been polite to give me a heads up, that's all.
All in all, I think Tanenbaum's open letter is partly an exercise in self promotion and partly venting a little frustration that his work has gone uncredited given the scale of its deployment. I might be reading between the lines a little here but I also wonder if he's venting little because he dislikes nature of this particular deployment:
Tanenbaum: Many people (including me) don't like the idea of an all-powerful management engine in there at all (since it is a possible security hole and a dangerous idea in the first place), but that is Intel's business decision and a separate issue from the code it runs.
if so i don't begrudge that, as it's not like intel was saying much about it. :P
Companies using such projects should be more courteous, if only to encourage more of such licenses...
> The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
This is weaker than what is in a BSD license:
> Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
That is, BSD license explicitly requires copyright attribution for binaries, while MIT does not.
I wrote in
that the MINIX 3 developers openly say in their FAQ that different agreements with them are possible. I would bet such an agreement exists - I don't believe Intel's lawyers would have tolerated such a legal liability.
> I don't mind, of course, and was not expecting any kind of payment since that is not required. There isn't even any suggestion in the license that it would be appreciated.
> The only thing that would have been nice is that after the project had been finished and the chip deployed, that someone from Intel would have told me, just as a courtesy, that MINIX 3 was now probably the most widely used operating system in the world on x86 computers. That certainly wasn't required in any way, but I think it would have been polite to give me a heads up, that's all.
> If nothing else, this bit of news reaffirms my view that the Berkeley license provides the maximum amount of freedom to potential users. If they want to publicize what they have done, fine. By all means, do so. If there are good reasons not to release the modfied code, that's fine with me, too.
His letter point is clearly about widely(1) known debate(2) between him and Linus Torvalds, and ego massage.
I think the reason he posts this is that, just like everybody else, he's not happy about Intel secretly introducing a massive security hole in their processors. Telling him they were using Minix on such a massive scale would have been polite, but it would also have informed Tanenbaum that Intel was running a secret OS on their processors.
What Intel did was not only foolish and harmful, it was also impolite. Plenty of people are addressing the foolish and harmful parts already, but the impolite part can only really be addressed by AST.
Forgive me for interjecting politics into this debate, but we all know at this point that there is at least one highly successful egotist in this world who still needs to have his ego stroked on a regular (daily) basis. I admire Tanenbaum and doubt that he fits into this category, but the category does exist.
"I would like to close by clearing up a few misconceptions and also correcting a couple of errors. First, I REALLY am not angry with Linus. HONEST. He's not angry with me either. I am not some kind of "sore loser" who feels he has been eclipsed by Linus. MINIX was only a kind of fun hobby for me. I am a professor. I teach and do research and write books and go to conferences and do things professors do. I like my job and my students and my university. [...] I wrote MINIX because I wanted my students to have hands-on experience playing with an operating system. After AT&T forbade teaching from John Lions' book, I decided to write a UNIX-like system for my students to play with. [...] I was not trying to replace GNU/HURD or Berkeley UNIX. Heaven knows, I have said this enough times. I just wanted to show my students and other students how you could write a UNIX-like system using modern technology. A lot of other people wanted a free production UNIX with lots of bells and whistles and wanted to convert MINIX into that. I was dragged along in the maelstrom for a while, but when Linux came along, I was actually relieved that I could go back to professoring. [...] Linus seems to be doing excellent work and I wish him much success in the future.
While writing MINIX was fun, I don't really regard it as the most important thing I have ever done. It was more of a distraction than anything else. The most important thing I have done is produce a number of incredibly good students, especially Ph.D. students. See my home page for the list. They have done great things. I am as proud as a mother hen. To the extent that Linus can be counted as my student, I'm proud of him, too. Professors like it when their students go on to greater glory."
Why is this necessary?
[this comment was written in Lynx]
I'm sure A.Tannenbaum is flattered (and duly so, Minix 3 is very interesting) but I'm feeling he's patting himself on the back here.
You have a legal and ethical responsibility to the creator of the work, not to whomever put it in your feed.
Of course, we should credit our grade school teachers each time we do arithmetic - Thanks, Mrs. Ashliman!
The courtesy they owe is to Andrew S. Tanenbaum, the /creator/ of the work they are using, not to some individual who happened to blog about it.
I'm sorry, but I don't feel free because of that.
What I see is that I have proprietary code I never saw, never vetted and which I don't (and shouldn't) trust that's running on all my computers (not all, but you can get it) and that I don't have the freedom to remove, examine, modify or replace. There are already a lot of blobs that aren't audited by anyone outside their manufacturers running a lot of basic functionality on my computers. I don't need another blob running on god mode on my CPUs.
So, no. The use of the BSD license here is harming everyone but Intel. Hopefully, we can make it harm Intel if we make it clear (with our purchasing power) it is not cool to force us to run software we don't trust. It only serves to show that the BSD license preserves the freedom of the developers and packagers AT THE EXPENSE of the users.
That Intel uses this software for a purpose you disagree with is immaterial to this discussion. Had MINIX not been available under a permissive license, Intel would have found some other (but presumably more expensive) way to largely achieve the same thing. They did not come up with and implement the management engine because MINIX was BSD licensed.
We are not a first party in that transaction, but feel very much the consequences. Therefore it does involves others. Most actions have an influence on others and therefore there are responsibilities for the consequences.
If you sell lower quality concrete to a building company which builds a dam that break and kills many people, then you have blood on your hands and should be treated as such, even though you were not a first party in the dam construction.
> That Intel uses this software for a purpose you disagree with is immaterial to this discussion.
It is very much not immaterial. It _might_ be legally irrelevant, but it is not without importance.
> Had MINIX not been available under a permissive license, Intel would have found some other (but presumably more expensive) way to largely achieve the same thing. They did not come up with and implement the management engine because MINIX was BSD licensed.
I hope they need to spend a lot of money and energy and effort for taking others freedom away. The cheaper it is for them, the more likely they do it.
It may feel good to have a target to direct anger at, but it's not the right target and it's counterproductive. Free software, including that under the BSD license, has made computing vastly safer.
You have to at least stop and wonder whether that's true, though.
Your point of view and their point of view are both valid.
Unfortunately, both of you can be right, and we all have to live with that ambiguity.
"not party to that transaction" and "immaterial to this discussion" have no place here, we're discussing an open letter and we're free to evaluate his position however we feel. If the author wanted to have a private conversation with Intel he was free to do so.
You are trusting the CPU to do what you ask it to do. If intel were to do something shady, they wouldn't need a un-vetted blob of code to do it, they could do it directy in the CPU itself.
I guess my point is that you have to trust the CPU manufacturer, whether they have this code or not.
I certainly trust Intel way less than before some of the more fishy details about the Intel ME got out.
That little Quark core has access to pretty much everything.
BTW, I'd love to use it to collect very low level performance data on the main CPU.
If even one component is v2 rather than "v2 or later", then (I'd assume) the whole project is v2-only, majority or no. It's also not clear if it's permissible to make contributions under "v2 or later" licensing terms, since those contributions are derivative works of Linux itself (which is v2-only).
This will almost certainly always be the case, since changing Linux's license to "GPLv2 or later" (let alone GPLv3) would require unanimous consent from every contributor (and seeing as how - IIRC - one or more said contributors are dead, that consent is thus impossible to achieve unanimously).
And convincing Linus the rewritten versions are objectively better than the old ones.
For a hardware company, the GPL just isn't that much of a competitive disadvantage, since most of the software is written to work with their hardware.
Which they did and if there was no alternative, they would develop 100% of it in secret. I think this is the opposite of great.
By calling them "users" and saying "users have freedom" you are conflating things needlessly.
We are the users here. We severely lack freedom. (Thanks BSD!)
You seem like a troll or a bittered person.
Because if this is earnest I'm quite seriously baffled. I don't mind BSD at all and I won't comment on the political side of things but why on earth would you rejoice that you worked for free (I assume?) for Intel only to have your work end up in some user-hostile module forced on the users? Is Tanenbaum egotistical enough that merely having his work be "the most widely used computer operating system in the world" justifies everything? And then he uses that to argue that BSD is superior to GPL because this way big companies can use the code without giving anything back? Great success.
I think the Hacker News crowd is just a little baffled because there are some conflicting emotions on display from Dr. T here. Conflicting emotions are a very human thing to have, and are guaranteed to confuse the engineer crowd.
1. He's glad Minix is useful to others
2. He's slightly hurt that Intel repeatedly asked him for help (which he provided) but never bothered to thank him or even let him know the purpose of their inquiries. ("That certainly wasn't required in any way, but I think it would have been polite to give me a heads up, that's all.")
3. He admits that his choice of license permits this behavior, so he (slightly grudgingly) accepts their choice ("If nothing else, this bit of news reaffirms my view that the Berkeley license provides the maximum amount of freedom to potential users")
#3. It does offer the maximum freedom to some potential users, but no responsibilities to extend those freedoms to others. In my opinion this is why the GPL truly extends the maximum amount of freedom to everyone, users, lusers, abusers, and just plain old hackers.
The BSD license used by MINIX 3 requires attribution:
"The MINIX 3 license is a clone of the Berkeley (BSD) license. In plain English, it says you can do whatever you like with the system provided that (1) you agree not to sue us under any conditions, and (2) you keep the credit lines in the source, documentation, and publicity unless other arrangements have been made. Specifically, you are free to modify the source code, redistribute it, incorporate it into commercial products with only the above restrictions."
I am not aware that Intel gave any credit that is visible to the end-users of their processors (otherwise I would surely have seen it, since my laptop has a Skylake processor - so it uses MINIX 3). I am also not aware that my laptop included a leaflet that mentioned MINIX 3 somewhere.
So my assumption rather is that Intel's lawyers reached an agreement with the license holders of MINIX 3 that they don't have to give credit (which is perfectly fine - even the quote in my parent post mentions this possibility). But if they did such an agreement they said that it is perfectly fine to them (in particular for Andrew S. Tanenbaum) that Intel does not credit them publicly. I thus consider it as rather unfair to complain when such an agreement exists, because one typically does not demand such an agreement if one plans to credit them nevertheless.
So I rather believe what happened is this: Intel came to the MINIX 3 developers to get them to sign such an agreement, which allows Intel not to give attribution. Andrew S. Tanenbaum signed it, because it sounded too good to be true and gave MINIX 3 some very renowned key customer. But he did not consider that this might put MINIX 3 into very common use without any users being aware of it. So he "suddenly" realized the loophole of this agreement and now considers himself treated unfairly.
They should throw a donation of $1M his way. Even at that rate, it is a massive steal.
As to Prof Tanenbaum's style, if I'm feeling a teeny bit uncharitable, I'd say this is perfectly in keeping.
Since the infamous exchange between Linus and him where he came off as being a bit condescending, a lot of his writing on that subject has given the strong impression that he grudgingly accepts that Linux "won" but that it's somewhat of a travesty. And that winning means that it's the OS of choice in billions of devices.
What I read from this statement is that he now feels like it's not so clear cut and he's somewhat vindicated. He's just a bit miffed that no-one told him earlier.
> Is Tanenbaum egotistical enough
I don't think this is ego so much as professional pride. Linux is the architectural antithesis of Minix and that definite rankles. But more positively, he and his students worked hard (and took quite a lot of money) to make Minix 3. He wants it to be used.
I have no idea whether or not he's privately concerned about the way this has been used. But it wouldn't surprise me that he's hopeful that it will raise the profile of Minix and get folk to consider it more seriously.
You already hint at this, but I would expect that it is more about what that quantity represents (obviously you cannot really untangle these things).
For example, it speaks for itself that number of users has a direct influence on to the number of developers and computer scientists working on the system and improving it. Or from Tanenbaum's point of view, fix issues that shouldn't have been there in the first place.
I read this as, for want of a better word, snarky.
I'd bet if it wasn't Minix, L4 would have been on the cards. That's another microkernel that runs in coprocessors like your phone's radios that probably nobody will ever mention out loud.
The only thing that works from the celeb side is to power through and intently turn the conversation back onto the fan. But that requires genuine interest that you may not have the energy for, and it may not be what _they_ are there for either. There is a reason comic con actors charge for autographs: it's a very light weight form of prostitution.
Fans are genuinely annoying. They break every social rule, and come with a one way sense of familiarity only possible through modern technology, which our primate brain is poorly equipped for.
Still I do see as important to actually get to know the people behind the words.
He's talking about publishing code. The BSD license explicitly requires including the license somewhere (anywhere, really).
At the same time, I'm sure he's totally aware that Intel wouldn't have told him anyway, because they meant to keep this secret, and AST is rubbing it in that their secrecy is not only deceptive to their customers, but also making them impolite to the creator of the OS they use. Presenting that impoliteness as the bigger problem is probably a joke.
He does make it clear at the bottom that he's not at all happy with how Minix has been used here. He's also aware that it's not illegal, but that doesn't mean it's not impolite. Towards him, certainly, but of course also to the end user.
He's probably serious about about the Berkeley license being superior, even if it means people use his work for things he doesn't approve of. His comment about Minix being the biggest OS in the world is a bit of ironic vindication, I think. I don't think it's actually true, considering how much Linux runs on ARM chips, and indeed many PCs use AMD chips, but it's a good joke, and nobody is going to take that opportunity away from him.
He's definitely serious about microkernels being superior. I don't doubt he wants to see that as the real reason why Intel chose Minix.
I have no idea how accurate my assessment is, though. It's been about 20 years since I followed his lectures, and never had any kind of personal talk with him.
It is completely earnest in the sense that he is not expecting any money from it. Likewise he has never expected anything from Linus Torvald when MINIX was used as the primary source of inspiration for the Linux kernel when he started out with it. Although they did have some pretty serious discussions about it, but nothing more than that.
He wrote an open letter just to tell everyone his OS is the most widely used in the world - even though he didn't need to, because 20 news outlets already did that job for him - and that he wants recognition. Of course it's ego. But he may not need to 'justify' it because he may not give a crap either way.
BSD is my go-to license for my own code so I have no prejudice against it. That being said if some company contacted me about some of my code, asked me to do some modifications for free then used it to power a module that many people consider user-hostile and probable backdoor while not giving anything back, be it code, money or credit I don't think I'd write a blog post saying how happy I am that my code is so successful and how it proves that BSD is so much better than GPL.
It's one thing to say "the code is BSD, there's nothing wrong about what they did", it's an other thing to say "thank you Mr Intel for using my code without giving anything back, I just wish you had told me earlier so that I could have thanked you before!" which is frankly what this open letter sounds like to me.
are you arguing that we aren't all poorer with an unmodifiable black box running in our CPUs ?
I think you missed the point, or I didn't convey it correctly.
I am not talking from the point of view of a third party, but rather that of the author of the original software.
If somebody uses my software and improves it, then it’s only fair that I get to see the changes.
That’s why AGPL 3 is the license of choice for my code.
Some piece of code that also cost time (and possibly someone's else money) to develop, and that they got for free?
Also note that many of that time, energy and money to modify GPL code is not just programming time, but also a lot of legal advice time. With BSD-like license it should be immediately clear what you can do with the code (i.e. almost everything).
We spent thousands of dollars on legal advice when deploying GPL. In the end it was largely as we expected it to be: No significant action was needed beyond releasing the code to the components that we already got for free, with the minor modifications we had made. But we had to be sure before we committed to using GPL code.
Today, we have a blanket "yes you can" policy for BSD code while GPL is still on a case by case basis.
Yes, that may not hold up in court if it is a tiny non-essential fragment or, if you revert to old code soon, etc. but that’s not the point; if you end up in court, you already lost.
With BSD-licensed code, that risk is way smaller. The worst you have to do is add a few (or quite a few thousand. Go check Setting/General/About/Legal for an example) attribution lines to the versions of your code that use the BSD-licensed code.
(Also, even if you choose to license your code under the GPL, you have to track licensing, as it isn’t legally possible to combine GPL2 and GPLv3 or APGL and GPLv3 licenses or any GPL with ApAchexlicensed code in a single binary. See https://www.gnu.org/licenses/license-list.en.html. If you want to troll GPL aficionados, license your code under GPLv1)
1: A single-bit is not copyrightable. True and false is not copyrightable. No one in history have ever been sued for a single bit. No one has ended up in court for a one-bit GPL code.
2: If it get "outside" accidentally, there is a direct remedy that do not include releasing anything. You stop redistributing the program. Practically all GPL related lawsuits started with the words "please stop infringing my work", and when that did't work, "Judge, please stop them from infringing my work". The only companies that have ever been "forced" to do anything is when the option is between a full stop in production and sale, or releasing source code. One such company chose to not cut revenue, not stop production, and instead gave us the code which the OpenWrt project was created on. I wouldn't call that "forced".
3: Code do not transform from being non-GPL to GPL. That is not how copyright work. Code is only under GPL if you explicitly release a piece of code under GPL. If you put MIT code and gpl code together, the MIT will still be MIT. The combined work must explicitly be under GPL to be compliant, but you can still use the MIT code in isolation under MIT. The MIT code do not transform into different licenses just because you combine it with other code. Only explicit action counts, and the worst thing that can happen from code getting ‘outside’ in untended ways is copyright infringement where you legally have to stop distributing code.
> With BSD-licensed code, that risk is way smaller. The worst you have to do is add a few (or quite a few thousand. Go check Setting/General/About/Legal for an example) attribution lines to the versions of your code that use the BSD-licensed code.
Accidentally copying GPL-licensed code into non-GPL-licensed code puts you in exactly the same legal position as accidentally copying BSD-licensed code without attribution: you are now, technically, violating copyright, and in theory liable for statutory damages of $150,000. You're never forced to release your code under GPL; the GPL copyright holder might insist that you either release your code under GPL or pay the $150,000, but equally the BSD copyright holder might insist that you pay the $150,000 - they're within their rights to do that.
In practice the author will most likely be willing to work with you to sort it out in either case.
> Worse, the source code of all versions from _before_ that checkin automatically become GPL-licensed (because they contain code that, transitively, becomes GPL because it later was linked with GPL-licensed software)
This is simply false.
I would disagree that the situation is the same. The way to remedy the BSD situation is simple attribution. The way to remedy the GPL situation is release of the entire source code.
>> Worse, the source code of all versions from _before_ that checkin automatically become GPL-licensed (because they contain code that, transitively, becomes GPL because it later was linked with GPL-licensed software)
>This is simply false.
Is it? If you are forced to release all your source under GPL any new release of that software will contain software released under GPL, even if the GPL specific changes are rolled back.
My interpretation is this: If you have two functions, A() and B() where A() is released under GPL. If you then release software where B() is defined as :
You now have a product which is a work derived from GPL code so you must release the source code for B(). Now you release B() under GPL. So you go back to the commit right before including A() and make a new branch with a new commit:
BUT! B() is now source code released under GPL so any changes to it must also be released under GPL.
How have I misunderstood?
Years of conversation about this kind of stuff, I don't remember specifically. Looking it up wikipedia says $150,000 is the upper limit for wilful infringement, accidental infringement is lower, but that doesn't affect the argument.
> The way to remedy the BSD situation is simple attribution. The way to remedy the GPL situation is release of the entire source code.
The damages are statutory plus actual damages (almost certainly $0 for someone who doesn't make money off their software directly), not "what you would have done". You have the same options in either case: reach agreement with the person whose copyright you infringed, or go to court and pay the damages. So your worst-case liability is the same either way.
> BUT! B() is now source code released under GPL so any changes to it must also be released under GPL.
As you acknowledged in your reply, you still hold all the copyrights on B and can still release B under any terms you please.
My logic was incorrect. I assumed that the exact same source code for now GPL licensed B from earlier revision revisions would have to be GPL licensed, too (and because of it, anything linked with that, linked with code linked with that, etc.).
However, licensing (unlike copyright) doesn’t work that way. Copyright owners can even release the exact same set of source code 7nder multiple licenses.
My conclusion still stands, though. Companies are right to worry about using GPL-licensed software.
Or if it's GPL v3 you have additional rights, fix it in 60 days etc.
http://www.softwarefreedom.org/resources/2008/compliance-gui... section 5.2
My personal opinion is that it's because the term 'a work' which is used liberally in GPL is a legal term and can potentially be interpreted quite broadly. This means that we have to ensure - every time - that what we do does not constitute 'a work' which derives from GPL code - in the legal sense - if we do not want to distribute the source code that we create.
With BSD we don't have to go through that process because it will not result in us losing control over our own software. We just need to stick a disclaimer in a license file and we're done.
Well, a random developer can't simply assert it - you need lawyers to make sure you really are conforming to the GPL. With BSD, you don't. This is simply the ground reality.
What are you basing this on? Personal experience? Speculation? Other?
>If a company does not follow the GPL and is called out, they can simply do what the GPL tells them to do and the case is done.
Ask Cisco if the lawsuit from the FSF was fictional.
I was involved with the GPL license a few years back when I was consulting on an embedded hardware device product. We wrote to the developer and requested them to re-license the software in exchange for a payment. They refused and we decided to use a differently licensed product in the end, based on legal advice.
>> That is not true.
> What are you basing this on? Personal experience? Speculation? Other?
The FSF and SFLC use litigation as a _last resort_, when the offender does not cooperate to alleviate the breach of the GPL [See below]. The Linux community is also largely against litigation [https://lwn.net/Articles/698452/].
>> If a company does not follow the GPL and is called out, they can simply do what the GPL tells them to do and the case is done.
> Ask Cisco if the lawsuit from the FSF was fictional.
The FSF tried before to work with Cisco to comply with the GPL:
“In the fifteen years we’ve spent enforcing our licenses, we’ve never gone to court before. While litigation is a last resort, we’re prepared to take the legal action necessary to defend users’ freedoms. With SFLC’s help, the FSF is able to take effective action,” said Peter Brown, executive director of FSF.
> I was involved with the GPL license a few years back when I was consulting on an embedded hardware device product. We wrote to the developer and requested them to re-license the software in exchange for a payment. They refused and we decided to use a differently licensed product in the end, based on legal advice.
I don't know your situation so I can't comment on it. Maybe your business model depended on your users not having control about the software they use. Because in that case the GPL is a problem.
> the developer couldn't be swayed by money,
Incorrect. We made the request on the basis of legal advice to avoid licensing trouble. These are real things that happened on a real project. The idea that lawyers are never involved when using GPL'd code is a fantasy.
In any case, the reason the developer refused is because there were multiple contributors on the project, and it would have created a headache for them.
>so now you are bitter about it?
>Talk about entitlement.
So rude. Wow..
Deploying GPL code is only a legal process if you make it one.
If you're using it to write or deploy other GPL software, it's pretty much a straight forward affair. And if you're not using a GPL license, well, that's your problem: there's nothing stopping you from using the GPL to make all the hassle go away.
That part is often significantly simpler with BSD which is why it's significantly easier to just allow BSD and have a case-by-case basis for GPL.
Well, that's a peculiar desire. If a programmer wants to state "I do not want my code to be used in closed-source proprietary software" there's little more they can do than release under the GPL.
There might be some good faith legal consultancy in seeing how, for example, the CDDL and the GPL interact, but for using GPL code in closed source products, the only excuse really is "What can I get away with?"
The GPL does require some extra work, but it's on the technical side, to make sure you're shipping all the source that you need to ship.
The reason for consulting with a lawyer was to ensure that we didn't do anything wrong which would later require us to open up source code that we didn't want to open up.
To take a example, I often see LGPLv3 in big AAA games. I also see licenses that say "we asked the developer in a email and received special permission". Game studies seems to happy spend legal advice time if it saves them developer time, and from where I stand it seems to be a clear competitive advantage to do so. The only licenses they don't use is those that conflict with their core business model.
Finally MINIX is more popular that Linux! Never mind that it's being used as a backdoor.
You're thanking someone because you relicensed your hard work so they can use it for free (BSD) and you complied?
All for the stated reason that they don't have to relicense their work to other people so they could use it for free?
It's like some version of the Stockholm syndrome, deserves a name.
The freedom debate is unending. Personally I am very skeptical of all forms of economic freedom, as frequently they have the result of pidgeonholing people and their freedom is restricted.
And he formulated this after he had some hard earned experiences with suppliers at MIT.
Why should they? That is up to the software author.
Listen, I understand why that ideology is appealing, particularly if you haven't seen it play out before. How many "successful" open source projects have you seen whinge and struggle and eventually be abandoned and collapse, due to their lack of sustainability? All the while scrambling to offer the most permissive license possible? Even projects that shoulder entire ecosystems!
It's better when the costs and assumptions are above board: better for the project, better for the users.
I'm not familiar with the MINIX project, they've clearly found a way to stay sustainable if they've been around for 17 years. Just that paragraph quoted by OP struck me as very odd as well.
Just pay your dues rather than see your favourite project die. Businesses understand this. "From each according to his ability, to each according to his needs" offers some initial thrill but is not long-term sustainable.
Yes, I do have a problem understanding why people work for free.
I don't see cops working for free, or bankers, or chip designers, or the guy who served my dinner working for free. Even Andrew doesn't work for free.
I can understand licensing software that was built or purchased using [socialist] tax dollars under the GPL for moral reasons, but I don't understand why I have to pay Andrew to help Intel maintain their competitive (size) advantage.
I guess whether people in general "work for free" depends on how you define "work" and "free". I work on many different things purely for their utility to my friends and me personally, or just for the fun of creating something. I work and I gain something from it, so the time spent on it is paid for. Call it hobbies or normal social courtesy, it's still work by any reasonable definition. It's also not free; I expect it to benefit me in some way, whether it's by having a great time doing it or the satisfaction of seeing someone else enjoy the product or helping my friends have a good time.
Then allow me to be clear:
If you want to do something, and you get some kind of psychic reward for it; like volunteering in a soup kitchen, then that's great. But if you're only doing that because you're afraid of going to hell, then someone has convinced you to work for free.
If you make some software, and someone tells you how great it would be if it did different things, and then gets offended when you send them your day-rate, so you do it anyway, then someone has convinced you to work for free.
If you've got a more useful definition of "working for free" then I'm happy to hear it, and entertain it, but understand this kind of anathematic servitude is what I'm pointing to:
I think these guys who go around trying to convince people that releasing "open source" is somehow "more free" and that "freedom is good" is a little bit like we've always been at war with Eastasia. It doesn't make sense to me: In a twisted sort of way, a slaveowner is more free than a non-slaveowner because they don't have obligations (like to work), but it doesn't make this sort of thing right. Being a slaveowner isn't right even if being free is.
> A copy of your software doesn't (necessarily) entail additional work.
The nth copy of my software cost 1/n of my time. One way to consider this is as n gets large, the cost goes to zero, but another way to consider it is as n gets large, the value of my time goes to infinity.
I'm in the latter category, and perhaps this is confusing becauseI contribute to, and release a fair amount of Free Software. However if the only thing that can approach being worth my time is your time, then you'll see why I can't consider any "open source" license for my own software: I don't work for free.
Rather than cite two confused examples of 'work for free', can you please just define 'work'?
Then, perhaps, 'free'.
The reason a lot of people eschew the phrase 'open source' is because it leads to the kind of confusion manifesting in your last paragraph.
Similarly with open source work. It brings a value in forms of contacts and experience.
Then I'd work for the comfort of not believing that I would go to hell. The basis of that belief may be an act of deceit, though, which I am not sure is relevant for open source software. The licenses are clear, and no one is promising anything magically wonderful or terrible to happen depending on my engagement in it. If they do and I bite, maybe I am dumb.
> If you make some software, and someone tells you how great it would be if it did different things, and then gets offended when you send them your day-rate, so you do it anyway, then someone has convinced you to work for free.
No, they have freed themselves from the responsibility of paying me for the work, clearly making it my problem. I then decide myself whether to do it based on what I gain from it. Maybe they convinced me to do it, but whether I'd do it for free is ultimately a matter of how I personally value the work.
> If you've got a more useful definition of "working for free" then I'm happy to hear it, and entertain it
Making an effort to achieve a result without gaining something from it? The only reason I could see myself working for free in this sense is if someone forces me to do it.
> I think these guys who go around trying to convince people that releasing "open source" is somehow "more free" and that "freedom is good" is a little bit like we've always been at war with Eastasia. It doesn't make sense to me: In a twisted sort of way, a slaveowner is more free than a non-slaveowner because they don't have obligations (like to work), but it doesn't make this sort of thing right. Being a slaveowner isn't right even if being free is.
"Open source" is not "more free" in any general sense. It just means that the source is available for free use and distribution. It doesn't necessarily make you more free, nor does it make anyone that is subject to whatever malicious purpose the software might serve more free. It frees the user of the software from a tiny set of specific obligations normally associated with licensing a copyright protected work. Those other things may be important but not at all what the BSD license concerns. Let the Intel-MINIX debacle be a lesson in the total orthogonality of freedom in general and free use of a piece of software.
> The nth copy of my software cost 1/n of my time.
No, it comes at no cost to you if you. Developing the software costs you time. That you reimburse yourself for the time it takes you to develop the software by charging for copies of it is an arbitrary choice, not an inherent relationship between the time spent and the number of copies made. If you were chopping wood, it might be a different matter, but with software, the time is spent on producing it, and selling a copy of piece of software doesn't mean you can't sell it again. The money you receive for a copy of a piece of software is rent.
Tanenbaum makes a great example of this. He is being paid for his work, yet the software is open source. He is not being paid for copies. Another good example is that of a simple employee. I get paid a monthly salary for performing a day job. Like Tanenbaum, I might get much less value out of it than the users of the software (or whoever is selling it) do, but I certainly don't work for free. I get paid for my effort and time, not for copies.
And yet, this is the point that Mr. Tenenbaum has tried to make in TFA:
"this bit of news reaffirms my view that the Berkeley license provides the maximum amount of freedom to potential users"
So let's make a point of disagreeing with him, at least.
But anyway, that BSD is more permissive than GPL is a very obvious point. Why would Mr. Tenenbaum need to write about that? Why would he need some news to "reaffirm" it?
That's strictly speaking, but what does being a user entail, by a commonly understood definition? I certainly can't operate the MINIX derivative running on a different CPU than the software I actually do use. I never made a conscious effort to start or stop it, in fact I didn't know about it until the other day. It is unclear what it does, but it's clear to me that I am not personally using it. Maybe its use benefits me somehow, in the same way a break pedal might benefit me while I'm riding the bus. Maybe it's used for surveillance.
> But anyway, that BSD is more permissive than GPL is a very obvious point. Why would Mr. Tenenbaum need to write about that? Why would he need some news to "reaffirm" it?
Not too keen on sitting here guessing what purpose Tanenbaum's letter had, but maybe to provoke a discussion? Maybe he's sincerely proud that his software is now so widely deployed? It seems beside the points I am making.
But for the GPL, the notion of a user almost always includes you and me. Or at least it would, it this particular case.
So how can one compare the licenses on the amount of "freedom" conveyed to "potential users" if they don't want to use the same meaning of the word "user" as the GPL does? And does purposefully, with the end goal of serving said users.
> You can at best call me a user in the sense that I may be using nginx or apache when I access a website.
Not sure about "at best", but I can. And there are licenses (such as AGPL) that limit what one can do with software accessed over a network as well.
> I certainly can't operate the MINIX derivative running on a different CPU than the software I actually do use. I never made a conscious effort to start or stop it, in fact I didn't know about it until the other day.
You never "start or stop" an operating system, you just push a button. You don't interact with it directly either: you communicate with hardware devices and user-facing software.
Most users don't even know what operating system they are running, they just spend their day in their web browser. And they don't know the difference between the two.
And yet, that doesn't matter to the GPL.
> Maybe he's sincerely proud that his software is now so widely deployed?
Sure, but that was a separate statement. And then: "... this bit of news reaffirms my view...".
> It seems beside the points I am making.
I am discussing the Open Letter, and not your opinion in a vacuum.
I agree that free software would have been the better option, but the fact remains that MINIX is BSD licensed, not what the FSF considers "free software" and I am merely describing what user freedom could possibly mean in terms of the BSD license. Maybe you feel like discussing the merits of different licenses, which leads me to believe that you are confusing this with me somehow sharing an opinion on which is better.
The BSD license doesn't really express the notion of a user. You and I are free to distribute, modify and use the software under the same terms that Intel does. Compared to GPL, there's no fundamentally conflicting idea of what a user is. The difference is in what obligations the licensee has.
> So how can one compare the licenses on the amount of "freedom" conveyed to "potential users" if they don't want to use the same meaning of the word "user" as the GPL does? And does purposefully, with the end goal of serving said users.
Tanenbaum considers Intel to be a user of his software and that they benefit from the freedom granted to them by the license. If you want better information than my take on what exactly he means you should ask him, not me.
Also, you – a potential user – are free to do whatever you want with MINIX.
> Not sure about "at best", but I can. And there are licenses (such as AGPL) that limit what one can do with software accessed over a network as well.
OK, so we agree that you can. For all I care there can be licenses that limit at what times a week I can pick my nose based on the proprietor's notion of what a user is.
> You never "start or stop" an operating system, you just push a button. You don't interact with it directly either: you communicate with hardware devices and user-facing software.
There is a very wide span in which you could place the definition of a "user" if you are willing to reduce the concept to this level of absurdity. Maybe it was a bad idea to bring the subjective notion of a user up at all, since the BSD license is after all very clear on what it permits and under what circumstances.
> I am discussing the Open Letter, and not your opinion in a vacuum.
Explain your point rather than ask me what I think that he means. You can discuss whatever you feel like, of course, but don't expect me to be your soapbox for ranting about how superior GPL is. I don't have the energy to engage in some sort of socratic exchange where you slowly try to pull your point out of me. There is a reasonable interpretation of "free" for which the BSD license may be considered to offer more freedom to users than the GPL. Most importantly, it comes with less obligations. There is also a very reasonable interpretation of "free" for which the tables are reversed. Tanenbaum obviously favors the former.
And yet, despite your inability to understand it, it continues to happen. A lot.
I suspect part of the challenge is your misuse (or just misapplication) of the word 'work'.
I have a problem with Tanenbaum claiming that having Intel ask him to work for free then taking his work to implement a hardware backdoor without giving anything back (not even credit) is somehow a great thing and a proof that BSD is superior to the GPL. And that only because it means that he can say that MINIX is somehow "most widely used operating system in the world on x86 computers", which, I guess, is kind of technically right. Somebody should send him a t-shirt or something.
I license my code with BSD because "I don't care what you do with it", mostly. I won't write a thank you note if some of my code ends up in some closed source product, especially something as shady as Intel's ME. And I definitely wouldn't knowingly do custom work for a company as big as Intel for free.
> [...]your engineering teams contacted me about some secret internal project and asked a large number of technical questions[...].
> [...]your engineers began asking me to make a number of changes[...]
Those are two cases where Intel asked Tanenbaum to work for free. First as consultant and then implementing custom code modifications.
Yes, not many people will charge for answering questions and maybe he thought that the changes requested by the Intel engineers were appropriate and useful for the project itself, but the fact remains that this work was valuable to Intel and required Tanenbaum to spend time on it.
...and create backbox systems with backdoors that no user has the freedom to inspect, change or disable :-)
In practise, seeing ME as a competitive advantage is something that's at least questionable.
I'm surprised how much difficulty some people have in understanding that others might make different licensing choices. If I license software under a BSD/MIT-like license, it's not an accident – it's specifically done so that there are as few restrictions on that software as possible.
Don't get me wrong – the GPL is important and making the choice to license under it is a totally legitimate personal choice with various pros and cons versus a BSD license. But it's not the only rational choice to make, and I wish you'd be a bit more open-minded about that.
Well, maybe only if you think 17 is "several years":
> several years ago when one of your engineering teams contacted me
> we put MINIX 3 out under the Berkeley license in 2000
It makes absolutely no difference whether the "you cost, me profit" corporation was Intel, Nvidia, Acme Inc or all above.
> You're thanking someone because they asked you to relicense your hard work so they can use it for free (BSD) and you complied?
Nowhere in the letter does it imply that the entity being thanked (Intel) is the same entity that motivated the author to change the license.
Intel used open source software according to the license they found it with. The author is pleased his software is powering global infrastructure, and is likely pleased he's contributed to human progress, but is slightly peeved he received no personal thank you as a matter of politeness/etiquette. I'm struggling to understand what criticism you have for this process. No-one has been dicked.
As such wider acceptance is something to celebrate. It might also be a (partial) vindication that an alternative design you absolutely hate and tried to kill is a huge success and is everywhere from supercomputers to cell phones.
That sounds like an argument against open sharing of source code and ideas.
Interesting conclusion, considering one of the "features" of the Intel ME is precisely to limit what the final user can do with their computer.
The BSD license advocates have always considered other developers to be the "users" and even offer the freedom to deny the same freedom to those who run their software. GPL considers all those who run the software to be the users and tries to maximize their freedom. In the case of Intel ME it's not clear who the code is serving, but it's definitely not the person using the computer.
And perhaps they have no interest in doing good in the world. In that case, they can all go to hell.
I wonder how Tanenbaum feels about all that.
When googling, I only found this:
"If A wouldn't, then B would" is a weird argument imho. It's basically equivalent to saying "If we can't destroy C in one blow, there's no point in attacking them".
And security and many other things. Surely you aren't arguing that an even more closed environment is ideal just because of a minor budget spend for a large company.
Although in this case, his opinion of ME seems pretty neutral.
I've never seen a source on the net where anybody claimed that ME limits their work with the computer they own. Any references? ME offers some additional management features at enterprise level, but where does it block things ?
The backdoor aspect is true, either from three-letter agencies or for corporate locked-down machines
"Many people (including me) don't like the idea of an all-powerful management engine in there at all (since it is a possible security hole and a dangerous idea in the first place), but that is Intel's business decision and a separate issue from the code it runs."
I’m sure nobody would agree to paying for that, so why on earth does this man feel entitled to give away the product of “our” taxes without any restriction
Ideally, bugging computers is a legislative issue, and the contract between the vendor of the particular technology employed to do it (in this case not even particularly built for that purpose) and its user is irrelevant.
Particularly if it’s potentially used against us, citizens.
I specifically did not suggest "looking the other way" either, I just don't think the problem is open source operating system software that anyone can benefit from, it's involuntary surveillance, and I think that should be addressed legislatively rather than inhibiting publicly available research on very broadly applicable subjects.
Conversely, you could look at other research like the microchip, GPS and the Internet, all publicly funded to fulfill some defense purpose, and all having more than occasionally been used for indiscriminate surveillance. Would we be better off without these things? I don't necessarily assume a "no" to that, but it is fair to say that there are plenty of uses of these technologies that have had positive effects on society.