Learn about Linux
Download Linux
Get Linux helpSpecial Offers
Feature: Free Software
How to risk your project and your livelihood with sloppy licensing
Share
Print
CommentsRecently the makers of the free-as-in-cost iPhone jailbreaking utility PwnageTool discovered that someone was reselling their creation -- without permission, under a new name, and for profit. That's a situation no software developer wants to be in, but the PwnageTool team was in an even tougher position because of the license under which it released its code. It didn't have one.
What the reseller did is flat-out illegal, of course; PwnageTool is protected by its creators' copyright, period. No one who downloads it has any right to modify or redistribute it without permission.
But a free software project could have called on a group like the Software Freedom Law Center (SFLC) for legal help. The SFLC provides pro bono legal representation and consulting to free and open source software projects, such as the recent high-profile copyright infringement lawsuits brought on behalf of the Busybox project.
In contrast, by never applying a license to its work, the only recourse left to PwnageTool team was to take matters into its own hands.
If the developers had put their licensing ducks in a row, they would have been in a far stronger position to combat the abuse. They would have had the SFLC available to help, and they would have had the entire FOSS community and its legal history on their side, instead of being alone.
Talk is expensive
Just to be clear, I am not bringing up the PwnageTool story to comment on the evils on non-free software licenses. The problem in this case is that the PwnageTool team never attached any license to its code, despite talking about it.
The April 2008 release notes for PwnageTool 1.1 say that portions of the code "will be released under the GPL," and to look for source code on a Google Code project page "within 48 hours of this release." It is now July, and there is still no license on any code in either location.
We can all think of examples of proprietary software companies that promised to open the source code to a particular product "soon" -- only to have "soon" never arrive. If they are smart, the public relations teams that craft such empty promises avoid precise language, restricting their comments to "expressing interest" in and "willingness" toward opening the source code, or "exploring" and "pursuing" the possibilities.
The FOSS community can generally smell a con like that a mile away, so there is little real harm done.
On the other hand, a FOSS developer or project that gets careless or forgetful with licensing can harm itself or other projects -- as in the 2007 debacle over Broadcom Wi-Fi driver code copied from Linux to OpenBSD.
What the PwnageTool incident reminds us is that putting off licensing decisions altogether can hurt, too. Sure, the smaller the project, the smaller the chances that leaving off the license will come back to haunt you -- but the bigger the headache for each individual member of the team.
It isn't clear yet how the PwnageTool problem will be resolved. Someone claiming to be the party behind the resale chimed in with blog comments defending and explaining the activity. But slapping a GPL "COPYING" file onto the download server today won't help matters. Developers who have been putting off applying a license to your source code: take heed.
Comments
on How to risk your project and your livelihood with sloppy licensingNote: Comments are owned by the poster. We are not responsible for their content.
How to risk your project and your livelihood with sloppy licensing
Posted by: Anonymous [ip: 208.58.75.2] on July 09, 2008 08:48 PMUm, actually lots of software developers choose to release BSD-licensed code, which gives anyone the right to resale, modify, profit, whatever.
Re: How to risk your project and your livelihood with sloppy licensing
Posted by: Anonymous [ip: 74.94.3.145] on July 09, 2008 09:45 PMTrue, but that doesn't appear to be the case here. It seems there was a stated interest in using the GPL. If they had expressed a stated interest in using BSD but then never got around to it I'd say it would have been a non-issue. I won't try to promote one license over the other but if their intent was to go GPL I can't help but feel some sympathy for them losing control over their code. It's their fault, clearly, but I do sympathize.
Re: How to risk your project and your livelihood with sloppy licensing
Posted by: Nathan Willis on July 10, 2008 04:27 AMUm, actually lots of software developers choose to release BSD-licensed code, which gives anyone the right to resale, modify, profit, whatever.
That would be with permission.
Nate
How to risk your project and your livelihood with sloppy licensing
Posted by: Anonymous [ip: 91.84.13.8] on July 09, 2008 11:36 PMHow to risk your project and your livelihood with sloppy licensing
Posted by: Anonymous [ip: 24.84.196.212] on July 10, 2008 12:20 AMIf they were not going to release as free software they would be exactly where they are now, using copyright law which has a long history and many precedents. Nothing weak about that position.
As the previous poster points out the offending company could do legally under the GPL what they are now doing illegally. The only advantage they have is that likely no one else will compete with their illegal business.
The real lesson here is to 3rd parties who must ensure they don't use unlicensed software in their projects. That would hurt. As for the makers of Pwnage Tool, they still have all their licensing options on the table and the possibility to negotiate licensing with a company already profiting illegally from their work. Of course posting the source code on the net was foolish. Someone could make a case that they were laying a honey trap, I suppose.
Re: How to risk your project and your livelihood with sloppy licensing
Posted by: Nathan Willis on July 10, 2008 06:43 PMIf they wanted to release it under the GPL there is nothing stopping them from doing so now and bringing the SFLC into the picture. AFAIK.
No, it would not become a GPL violation case if the PwnageTool developers changed to the GPL after the fact.
Nate
Re(1): How to risk your project and your livelihood with sloppy licensing
Posted by: Anonymous [ip: 24.84.196.212] on July 13, 2008 05:52 PMIt would not have to be prosecuted as a GPL violation. It could be prosecuted for what it is, a copyright violation. No reason the SFLC could not participate if they felt it worthwhile. Would they feel it worthwhile after the fact? Well there's the rub.
Re(2): How to risk your project and your livelihood with sloppy licensing
Posted by: Nathan Willis on July 14, 2008 08:37 PM.... if they felt it worthwhile.
Exactly; slim chance you will convince the attorneys that volunteer their time at SFLC to pursue a case that does not meet the organization's chartered purpose, when they do have legit GPL/open source cases. They're no more likely to do to take an unrelated case on a pro bono basis than is any other randomly selected law firm. In fact, SFLC set up a for-profit firm (http://www.softwarefreedom.org/news/2008/mar/26/moglen-ravicher/) to handle other types of cases.
The rub is that you should take care of your licensing now, even though you can't image that you will ever have to take somebody to court to enforce it. The PwnageTool project didn't get their licensing act together, and now an unexpected legal problem has caught them unprepared. If you don't want that to happen to you, make your licensing clear today.
Nate
How to risk your project and your livelihood with sloppy licensing
Posted by: Anonymous [ip: 72.19.171.102] on July 09, 2008 08:20 PM#