Feeds

Linus: read-up on your GPL 3.0

When is a derivative not a derivative?

Remote control for virtualized desktops

Linus may have it wrong on digital rights management (DRM), but it's the vague wording and confusing concepts - like what is meant by a "derivative work" - that is causing the real headaches over the next General Public License (GPL).

A representative of the Free Software Foundation (FSF), leading the effort around GPL 3.0, said that Linux creator Linus Torvalds had "misread" the license's provisional terms.

He said GPL 3.0 is intended to stop developers using GPL code to build DRM products, services or protected content. That means not allowing developers to build code that requires a DRM key to be unlocked and certainly not allowing developers to prosecute others for unlocking their code without the use of specially provided DRM keys - or, in other words, "hacking".

"We want to discourage use of GPL to further DRM efforts," Freedom Software Law Centre counsel Richard Fontana said at the Open Source Business Conference (OSBC) in San Francisco on Tuesday. The Freedom Law Centre represents the FSF.

Torvalds last month ruled out putting the Linux kernel under GPL 3.0 because he believed it required contributors to make their private signing keys available. The draft GPL 3.0 states DRM is "fundamentally incompatible with the purpose of the license".

Fontana said: "Linus Torvalds has misread it... We require disclosure of the codes if it's necessary to make the software run."

So that's clear, then. All that remains are a handful of unclear definitions in other parts of the license that require clarification.

Open Source Institute (OSI) general counsel Lawrence Rosen, appearing with Fontana on an OSBC panel discussing GPL 3.0, pointed to statements in the proposed license that lack legal clout. These included the sentence: "The sole purpose of this section is protection of the integrity of the free software distribution system.

"I'm trying to identify what sections of paragraphs or words are trying to express some kind of philosophy, and which have legal effect and require or prohibit you from doing things," Rosen said.

There is still further confusion over what should happen to a piece of software that is created when GPL code is linked to non-GPL code. Does that count as a "derivative" work or a "collaborative" work? And in either case, which license will apply to the new code? "This license [GPL 3.0] doesn't resolve that," Rosen said. ®

Internet Security Threat Report 2014

More from The Register

next story
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.