Jono Bacon, Jeremy Garcia, and Stuart Langridge bring you Bad Voltage, in which Bryan was sadly caught in traffic, Jeremy was caught by Motorola, litigators are caught offside, and:
00:22:40 Our own Jeremy purchased a Motorola 360 Sport runners' smartwatch, and was quite happy with it. Until it went wrong, and he had to descend into the hell that is customer support. A tale of bravery and derring-do fighting the evil monsters of Lying, Misrepresenting, and Incompetence. Plus a review of the device itself.
00:01:54 Google+, the big G's attempt to unseat Facebook, failed to unseat Facebook despite being wedged by leadership fiat into every Google property. Given their history of killing less-than-dominant products, should we expect G+ to go away? If it does... what replaces it? Where do we go from here?
00:41:17 When's the right time to litigate over software freedom? A recent brouhaha between Brad Kuhn and Linus Torvalds (and others) on the Linux kernel mailing list throws into sharp relief the distinction between litigation and diplomacy: everyone claims that suing is a last resort, but is this borne out by the facts? And if we don't sue, what do we do? And who's "we", here?
I really enjoyed the show, the conversation/segment about Google+ and its differences to Facebook has thoroughly destroyed my entire interest in ever going back onto my Facebook account.
The fact is that there is too much noise on Facebook and nothing seems to actually come from the people Iām friends with, everything comes from a page that they ālikeā and itās infuriating as they must assume as thatās the content I want to see. I personally hope we can keep G+ the way it is.
So yeah, great episode and Jeremyās tech support story has turned me off Motorola more than Iād care to admit!
Interesting extra thought here. Most of the time, if a company decides theyāre going to kill a product, there are cries from our community that the thing should be open sourced rather than just killed. It almost never works, but the cries are always there; companies almost always refuse, but they donāt have to. With Google, though, thereās very little point, because a Google codebase is pointless to open source ā it wonāt run anywhere but the Google infrastructure. This seems different to everyone else. Not sure I have a point here, but itās interestingā¦
When I saw the last two sentences of the show notes:
ā¦ And if we donāt sue, what do we do? And whoās āweā, here?
I was really hoping you discuss the points I raised in my previous thread about developers vs end users.
You framed the question as a quarrel between those who value Linux above GPL (Linus et. al.), and those who do the opposite (Bradly et. al.). But I think a deeper discussion should involve a third group: those who donāt care about either, but want to have more control over their devices. This third group will indirectly benefit from a litigation, although they are not involved in the process whatsoever.
To me, it is more developers vs end-users than developers vs lawyers.
So, a balanced discussion should assess the harm we make by alienating companies from using/contributing to Linux, and the harm we make by depriving the public (the millions and billions of end users) of the freedoms GPL grants them.
The āGPL ethicsā that Stuart was talking about is not designed to benefit the lawyers who file GPL violation lawsuits, but to benefit the end users who run GPL licensed software on their devices.
Even for Linusās perspective that cares about more contribution to the kernel, SFCās argument has a point: Those end-user who enjoy hacking their devices (should the source code is available) will be the next wave of people who contribute to Linux. Yes, it may take longer for those people to contribute than for the companies who may contribute to the kernel tomorrow, but it is a long-term investment on the viability of Linux. And by the way, it also ensures that users have freedom, in the way GPL entitles in the first place.
What that discussion needs to take into account, in my opinion, is: what should be done about it? That is: I agree with you that at the moment a whole bunch of companies, primarily Chinese manufacturers with short-shelf-life products, flagrantly violate the GPL, and I agree with you that this harms users who donāt see any benefit from those devices making their way back into Linux. The point is: theyāre doing this. The discussion on lkml was: do we resolve this by suing them, or by threatening to sue them, or by attempting to work with them without suing them? While end-users are a beneficiary of this process, I donāt see how we the end users can contribute to that process. The Linux kernel developers can work with companies; they can sue. All we end users can do is cheer on one side or another, I think. Am I missing something?
The only concrete example where any of you said you would find it acceptable to sue was a case similar to the SCO. But as far as I know, SCO case had nothing to do with the kind of GPL violation that we are talking about here (i.e., locking down the modified kernel source code). It was about copyright ownership.
So, I am yet to find a concrete example where the Linus et. al. camp find it acceptable to litigate. I have the feeling that this camp basically says: We never sue you. If you are small, you donāt make any substantial change to Linux, and we get nothing if you open up your code. If you are big, then you might some day give us a substantial chunk of your code, so why should we make you upset and give up to that hope?
Sure, we end users can do nothing but to āOrganize and Educate.ā But by bringing the end users into the discussion, the litigation side becomes more tenable. It will justify, to some extent, why making some companies upset might actually do some good to the end users in the short run and even to the Linux itself in the long run.
Ya, but that assumes that the end goal is to do litigation. Linusās argument (and mine, and to some extent the other chaps although I donāt speak for them) is that litigation is a thing to be avoided because it doesnāt work, not a thing to be pushed for. Youāve basically assumed as the axiom for your argument that litigation helps end users, and I personally donāt think it does. Can you explain how you think litigation helps? We made a number of arguments against this in the show; for example, if you legally strong-arm a company into releasing source then they will do so but next time they make a device they wonāt use Linux for it to avoid a bunch of lawyers, and so weāve permanently removed one potential contributor from the ecosystem.
This is how Matthew Garrett puts it, and I canāt say it any better:
Matthew Garrett
mjg59 at coreos.com
Fri Aug 26 04:48:23 UTC 2016
On Fri, Aug 26, 2016 at 12:25 AM, Linus Torvalds
wrote:
On Thu, Aug 25, 2016 at 8:07 PM, Matthew Garrett wrote:
No, weāre not. I mean, sure, if what you care about is corporate
support, weāre doing fine.
What I care about is getting code contributions back. Thatās kind of
the whole point of the GPLv2. Not the legalese. Growing the source
code base by having participation in the project.
Thatās what you care about. Thatās not what your users care about.
They care about code availability, not contribution. They donāt care
whether their vendor participates upstream. They just care about being
able to fix their shitty broken piece of hardware when the vendor
wonāt ship updates.
But that corporate support is exactly what you then on the other hand
claim to be trying to force with the enforcement actions.
And the thing is, there really are lots of very good reasons to
believe that weāre getting more code willing code contributions back
thanks to friendly terms with corporations, compared to any enforced
action and being difficult.
Butā¦ there isnāt. There just really isnāt. Of the things Iāve bought
running Linux in the past year, maybe 25% have been able to provide
source, and in one case that involved me having to call them, tell
them I was a copyright holder, threaten to sue and then also tell them
that Iād found several security vulnerabilities in their product. And
this was a brand name vendor! Theyāre never going to directly work
with upstream because they donāt have long product cycles and they
gain nothing from it, but the users who get hold of their source are
benefiting hugely.
It turns out that corporations actually want to be compliant for the
most part. At least as long as they see you as a friend, not a foe.
And lawsuits tend to turn friends into foes.
See what the BusyBox maintainer who actually went down the lawsuit
path says in [1].
Robās always missed the point here. Sure, the Busybox cases didnāt
result in more code in upstream Busybox. But they did result in
several vendors shipping source, and other vendors in the same space
doing so out of fear of having the same thing happen to them. And
users took that code, and they fixed it and they made something
better. And they shared that better version with other people, and
they realised that code availability made their life better and some
of these people are kids who are going to be amongst the next
generation of people who are going to show up here and start sending
you patches, and others are going to be people living on the street
who donāt get their phones hacked by their former partner because they
were able to obtain an updated OS without having to buy a new phone,
and others are people building projects like the Freedom Box which
exists only because AP vendors are afraid enough of lawsuits that they
released enough source to let others build new things on top of that.
Stop pretending that there have been no benefits from this. Itās
clearly untrue. If you want to argue that the corporate involvement
has been worth more than the community benefit that results from
lawsuits, fine. Iāll disagree, but itās a consistent position. But
right now youāre on the Fox News side of the truth/lies line, and itās
not a good look. Users benefit from code availability, even if it
isnāt contributed upstream.
We have been very successful exactly because we didnāt have the insane
antagonism.
And again, youāre using a definition of āsuccessfulā that doesnāt
match āweā. Whereās your sense of wonder? How can you look at this
amazing thing youāve created and not realise that so much of its
beauty is down to people doing things youāve never thought of? So much
of what Linux has achieved in the world has had nothing to do with
upstream contribution, and we should care about that as much as we
care about the number of vendor git commits.
Well, thanks can be given to the gents for taking the step of at least acknowledging we exist (how many times have you read "end users donāt care, they just want conveniences, to be marketed to , etc. etc.?) As well,the show is is Badvoltage, not FaiF( http://faif.us/ ), so I expect they tried to cater their show to their audiences perspective. Honestly though, I donāt get that perspective. I did get the same uncomfortable vibe listening to it Iāve also gotten on past occasions listening to a friends lament about having to walk around on eggshells in a bad relationship, but Iām an end user interested in only my software Freedoms so Iāll acknowledge I just donāt understand that perspective. Now however, thanks to feedback such as yours, I think the point is being made that their audience is bigger than they thought with other perspectives too. Thanks
I agree with your comments except one:
Sure, we end users can do nothing but to āOrganize and Educate.ā
Nope, there is much more to that story and Iāve found in my experience it has actually has come down to developers v. users This is why Iāve started to write horrible, horrible code with no other purpose than to GPL it (whatever, I canāt sing either but I still go out to karaoke). You can too if you want to! There are a gadzillion python tutorials, vids, blogposts, etc. etc. out there to help you āgear upā. It may not be good code (though, I canāt see how it could possibly be worse than mine) but if it will āmake goā and furthers the proliferation of the GPLā¦then it will help.
Although I donāt agree with many of the things they say, I donāt think BadVoltage hosts try to cater their show to their audience. I think they are just making their honest opinion. And that is why BadVoltage sounds so original and entertaining.
This is cute! I also do the same, trying to GPLv3+ my stuff as much as possible, although, there is not much of stuff to be honest .
Well, that is when I am wearing my end user hat. When I am coding, sure, letās make copyleft rule the world .
(a) the number of projects that got their source released because they were sued
plus
(b) the number of projects that got their source released because they saw other people being sued and didnāt want the same thing to happen to them
is greater than
(c) the number of projects that didnāt happen at all, or didnāt happen with a Linux core, because there might be lawsuits and getting involved in that is too much hassle and so weāll do something else
I went looking before the show for some credible figures on this and was totally unable to find any. I have therefore generalised from a field I do know about: desktop and web dev, in which I have frequently (although anecdotally) heard people refuse to use GPL libraries because they just donāt want the hassle of having to think about all this licencing stuff.
Now, that sort of generalisation is extremely dubious. In particular, Linux is quite a lot more dominant in the IoT business than any GPLed thing is on web or desktop. The GNU projectās goal in GPLing (rather than LGPLing) stuff like libreadline was always that libreadline was so good that people would decide to use it because it did everything so well, and would therefore be prepared to GPL the rest of their codebase just so that they could get access to readline. Thatās obviously no longer the case, and itās pretty much not the case for web and desktop dev generally: there is little to nothing out there which is GPL and which everyone finds so compelling that theyāll GPL all the rest of their source to get it. (Moreover, in the web field, this doesnāt apply anyway: it would apply to AGPL stuff and thatās why the AGPL was created, but thereās hardly anything AGPLed.)
Itās possible to make the case that Linux is indeed so good that people will use it even though it brings licencing hassles. And your argument then becomes: therefore we should give them licencing hassle because they will eventually cave in, because the alternative is not having access to Linux for products and they want Linux more than they donāt want source freedom. Basically, then, the question is as above: does suing people work? It certainly works sometimes. I canāt quantify the chilling effect it has on the industry as a whole, though (and it might be zero).
I donāt think that āend usersā are actually involved in that decision. They, we, are consumers of it, not actions within it.
i too am interested in my software freedoms. (Less than I used to be, I admit.) What Iām trying to work out is: does litigation actually provide me with more software freedom than discussion does? It feels to me like youāve both started from a point of view of ālitigation definitely gets us more freedom than discussion doesā, and I donāt agree with that. Thatās what Brad Kuhn thinks (from the lkml conversation, although I may be misrepresenting him), and itās not what Linus and Greg KH think (again, I may be misrepresenting them). Linus isnāt saying āwe shouldnāt sue because we donāt care about software freedomā, heās saying āwe shouldnāt sue because discussion and working with companies actually persuades them to open their code more successfully than litigation doesā. This is the distinction I tried to draw in the show between litigation and diplomacy. Linus is defending software freedom, not opposing it. Now, Iām happy to suggest that he (and I) may be wrong on this point (mjg59 clearly thinks so, given the above quotation), but I donāt like it when itās assumed that someone making that argument is doing so because they donāt want freedom, rather than because they do want it and think they see a better way to get it than reaching for lawyers.
Oh, oops, I didnāt mean to imply unfair bias. Iāve been lurking on and off since LUG radio. Iām well aware of, and many times have found gigiliciously hilarious, the honesty I meant it more as in catering to what would be of interest to their, this, audience. Same, FaiF tailors their show to ālaw geeksā(not my term and not meant as derogatory).
I do agree with you that the framing is somewhat limited. The framing doesnāt seem to address that turning a blind eye to GPL infractions indiscriminately is a form of capitulation. The GPL is a license, a legal manoeuvre on copyright if you will. Thatās what it is and I do believe the conversation was started in regards to enforcement. Well, enforcement is one of the main reasons itās there. Thatās how the GPL functions; deter and protect. Now do I sound biased? Sure, most likely at this point in the greater conversation. The point in the conversation we appear to all be in at this time is of one side offering an elaboration of the ages old malcommunication ābut the GPL takes away my freedom to chooseā¦ā, and the view that Free software is nothing without ensuring software Freedoms for all users. It can safely be assumed which view I subscribe to but please do not assume the outcome I wish to see at the end of the conversation.
There are guides and tools in regards to enforcement (albeit a very different form of enforcement) that have been in use for years similar to this one :
(The general rule in applying it is force plus one. Iām not a cop, btw - not that thereās anything wrong with that).
What Iād like to see is the conversation result in a definitive model of response for GPL infractions and resulting GPL enforcement (much like the one above yet specifically catering to our concerns). I donāt see any infraction as being an all or nothing situation.
Also, awesome! I like Free software and the more of it the better whoever makes it; Be that generous programmers or just random people who write down code
I agree that failing to enforce infractions is capitulation. Iām just not sure that capitulation is necessarily bad here. Capitulating is bad if doing more explicit legal GPL enforcement leads to more code, but I donāt think thatās been established. (Itās been asserted, and since Matt Garrett thinks it Iām at least a bit inclined to believe itās true because he knows more about this stuff than I do, but Iām still not wholly convinced.)
It feels like, sometimes, some people want to see high-profile GPL lawsuits because itās somehow not real unless the licence is tested in court and emerges victorious. (To be clear, Iām not suggesting thatās you, @Sarah_Scarlett!) To me thatās more fuelled by pride than by an actual good plan. Greg KH and Linus do seem pretty convinced that diplomacy ends up with more free code than litigation does.
I think thatās almost whatās at issue here. It would certainly be nice and very very convenient if there were a flowchart to follow, or pseudocode: if (company releases Linux product without source) then try_diplomacy; if (diplomacy_time > 6 months OR emails_sent > 5) then threaten_lawsuit; if (time_since_threat > 6 months) then initiate_lawsuit;, but the argument against is exactly that it isnāt that regimented a process. Encouraging product creators to do the right thing and free their software is not like interacting with an API; itās like persuading Iran to give up nuclear weapons, or like dating, or like managing a team. Hard-edged rules donāt always work all that well in that situation, in my opinion at least. Perhaps things would be better if they did, and perhaps Iām part of the problem by not striving to achieve that.
I agree wholeheartedly with that. It isnāt right now and conservancy, foundations, that guy in Germany (sorry, getting ready for work and no time to respectfully look him up now), etc. etc. currently doing the enforcement find themselves with their actions being called into question in places theyāre not even aware. A response model to act as a guide followed in cases of infraction and enforcement would serve to assure others of what those actions are. It would also serve as a warning to those considering infraction and what actions to expect if they do. Law is incredibly regimented (take it from a disillusioned paralegal graduate here) and a model would be fairly easy to implement once agreed upon. As to whether or not trading code for exemption/privilege is acceptableā¦like I said further up ITT I donāt even understand that or how the resulting software could possibly be Free (as in Freedom, from a social perspective.
Having heard the GPL section, there are two points I thought were missing. One is Matt Garrettās excellent point that the interests of users and the interests of kernel hackers are not aligned. Users want source for their devices even if none of the code ever makes it upstream. Lack of consideration of the user perspective made the segment less good that it could have been.
The second thing missing was an acknowledgement that SFC has filed like two lawsuits ever, or is it one, so to suggest that they are always reaching for the lawyers doesnāt match reality. They filed against VMware after 4 years of diplomacy failed. If you think they are ātoo quickā, how long would you have waited? Better surely to say you donāt believe in lawsuits ever, but then you are also saying your license is equivalent to BSD. Itās OK not to want copyleft, but to do that and still use the GPL is deeply confusing, and really unhelpful precedent-wise for people who do want copyleft.
This is, as youāll have seen, what the above discussion has largely centred on. Iām still of the opinion that end users canāt do anything about this, though. In theory a whole bunch of users could contact a vendor and request the source and then get it, and thatās what weāre always asked to do, but I donāt think I know of a single occasion where this āpublic pressureā approach actually worked. So itās up to either the kernel dev team (to work with the vendor, which is their preferred method), or someone like SFLC to credibly threaten legal action (which is different from doing it of course, and SFLC do also attempt to work with a vendor first). What end users can do isā¦ give their opinions on which method they prefer and think will be most successfulā¦ which is what the segment and this discussion have centred on. Itās possible you disagree with me and think that having everyone email the vendor and ask for source does actually work, though.
I think end users are more likely to get source when writing and asking, if there have been lawsuits in the past caused by a failure to provide source. I say ālawsuitsā, because what I mean is āinconvenience to the requestee greater than the inconvenience of having to provide sourceā, and the only way such inconvenience can really be created is through a lawsuit. I guess you could also try public shaming, but thatās hard for a number of reasons.
mjgās point is that the kernel dev team have no interest whatsoever in working with FooBar Shenzhen Fly-By-Night Corp to get the kernel source released for the FooBarBox router which has a shelf life of nine months and whose code was written by the lowest bidder. So that just doesnāt happen. The SFC ācreibly threaten a lawsuitā route is the only way users have of putting pressure on such companies. The kernel team might work with someone like VMware who have interesting technology - but hey, that didnāt work out so well either, did it?
What end users can do isā¦ give their opinions on which method they prefer and think will be most successfulā¦ which is what the segment and this discussion have centred on.
Many users on that list are simply defending the idea that it should be at least allowed to be talked about at kernel summit. Thatās all. This is why Iām very thankful to you and your fellow presenters for providing a venue to discuss
Iām still of the opinion that end users canāt do anything about this, though.
Hold Julia Redaās (member of European parliament) beer.