Re: [libreplanet-discuss] GRsecurity is preventing others from employing their rights under version 2 the GPL to redistribute source code

[Zaphod]

To my understanding, this doesn't actually violate the GPL.

This is a sad instance of the bully on the playground (GRsecurity)
throwing a hissy fit when they don't get what they want. This all
started back in August when people were infringing on their Trademark.
Our only hope is that we can, collectively, as a species, stop complying
with their demands. This is about as likely as Microsoft or Netflix
going bust in the near future (read: not very likely).

An alternative recourse would be to create our own security patches for
the Linux Kernel, but that's quite the endeavor. If you want to be the
first person to do a formal security audit of the kernel, be my guest,
but I don't think you'll get very far.

You could create a new version of the GPL that watches out for this, but
the likelihood of the Linux Kernel's license being changed is low, since
Linus didn't GPL it out of freedom concerns. He GPL'd it to get people
to look at it. He GPL'd it for the Open Source reasons, not the Free
Software reasons.


On 05/30/2016 08:16 PM, concernedfossdev@teknik.io wrote:
> GRsecurity is preventing others from employing their rights under version 2 
> the GPL to redistribute
> (by threatening them with a non-renewal of a contract to recive this patch to 
> the linux kernel.)
> (GRsecurity is a derivative work of the linux kernel (it is a patch))
>
> People who have dealt with them have attested to this fact:
> https://www.reddit.com/r/KotakuInAction/comments/4grdtb/censorship_linux_developer_steals_page_from_
> andi
> "You will also lose the access to the patches in the form of grsec not 
> renewing the contract. 
> Also they've asked us (a Russian hosting company) for $17000+ a year for 
> access their stable
> patches. $17k is quite a lot for us. A question about negotiating a lower 
> price was completely
> ignored. Twice." -- fbt2lurker
>
> And it is suggested to be the case here aswell:
> https://www.reddit.com/r/linux/comments/4gxdlh/after_15_years_of_research_grsecuritys_rap_is_here
> "Do you work for some company that pays for Grsecurity? If so then would you 
> kindly excersise the
> rights given to you by GPL and send me a tarball of all the latest patches 
> and releases?" --
> lolidaisuki
> "sadly (for this case) no, i work in a human rights organization where we get 
> the patches by a
> friendly and richer 3rd party of the same field. we made the compromise to 
> that 3rd party to not
> distribute the patches outside and as we deal with some critical situations i 
> cannot afford to
> compromise that even for the sake of gpl :/
> the "dumber" version for unstable patches will make a big problem for several 
> projects, i would
> keep an eye on them. this situation cannot be hold for a long time" -- 
> disturbio
>
> Is this not tortious interference, on grsecurity's (Brad Spengler) part, with 
> the quazi-contractual
> relationship the sublicensee has with the original licensor?
>
> (Also Note: the stable branch now contains features that will never make it 
> to the "testing"
> branch, and are not allowed to be redistributed, per the scheme mentioned 
> above (which has been
> successful: not one version of the stable branch has been released by anyone, 
> even those asked to
> do so, since the scheme has been put in place (they say they cannot as they 
> cannot lose access to
> the patch as that may cost the lives and freedom of activists in latin 
> america)))
> https://twitter.com/marcan42/status/726101158561882112
> @xoreipeip @grsecurity they call it a "demo" version "20:14 < spender> what's 
> in the public version
> is < 1/5th the size of the full version"
> oreipeip @grsecurity "20:21 < spender> also it wouldn't be as fast as the 
> commercial version [...]
> there are missing optimization passes"
>
>

0x638FEC71.asc
Description: application/pgp-keys

signature.asc
Description: OpenPGP digital signature