Feeds

Google's 'clean' Linux headers: Are they really that dirty?

When lawyers and Linus collide

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

A function of copyright

Basically, Google's scripts remove programmer commentary from the files. The company is operating under the principle that the meat of the header files is so simple and unoriginal that it can't be copyrighted. The files define an API, and they're similar to what's used with UNIX OSes. Copyright law covers "original expression", not mere ideas or methods, and Google believes once you strip out the comments, the headers contain no original expression.

But Naughton disagrees. He says that he's found static inline functions in the headers and that these, as well as macros, may be problematic. "A header file that is merely a list of declarations of variables or names of functions might not be copyrightable," he says in the lengthy legal analysis that he points to from his Huffington Post story, "but one that includes macros and inline functions probably is, because writing those macros and functions demands creativity and originality, and they can be written in different ways." And he cites a handful of Bionic files that he believes exhibit such expression.

Plus, he argues that the overall structure of the files – which number around 750 – is copyrightable. "Even if not all of the 750 header files that comprise Bionic contain as much copyrightable expression as the two discussed above, the overall structure, organization, and combination of noncopyrightable elements can still be copyrightable. This isn’t a revolutionary idea: it’s commonly understood that even if individual words and facts can’t be protected by copyright, the creative selection and organization of those individual words and facts – into a novel, or a movie – is entitled to copyright protection."

Raymond Nimmer, whose blog post Naughton drew on, says that there's no definite line between what's copyrightable and what's not, as is the case with any piece of software. "If you look at any program or any complicated thing, there are going to be some things that if you take them as a whole, they'e going to be copyrighted. You can start peeling things away to avoid copyright. But if you start peeling things away, there's still a strong argument that you are violating my copyright, because you're not affecting the structure."

For what it's worth. we asked Nimmer if he has any affiliation with Microsoft or any other Google competitor. He said that although his Houston Intellectual Property and Information Law Institute has received a grant from Microsoft, this had nothing to do with his blog post. When we first spoke to Edward Naughton, we asked him if he worked for anyone "involved" in the situation, and he said "no". But when we pointed out the changes to his online bio, he acknowledged working for Microsoft in the past.

"I'm a software lawyer," he said, "and I've worked with a lot of software companies, both proprietary and open source. I've represented some in litigation, Microsoft among them, and in those cases my representation is a matter of public record. I think the last time I represented Microsoft in litigation was five years ago or more ... while I was at my prior firm.

"I also advise software companies in non-litigation matters, and I have advised many, again both open source and proprietary, on open source strategy and licensing issues, and a number of them are interested in issues surrounding Android. I have a professional responsibility to keep these client relationships confidential, but I can tell you that I represent companies with differing perspectives on the issue."

Eben Moglen, of the Software Freedom Law Center, declined to speak with us on the record, saying he wanted to speak with Naughton first. It's unclear whether the two have spoken. But in an interview with ZDNet, Moglen indicated that he believes Naughton is overplaying the situation. "The facts are not quite as simple and therefore the narrative not quite as compelling as one might be led to believe,” he said.

It's worth remembering that you can't really use a header file to make some sort of proprietary enhancement to the Linux kernel. By definition, it, well, defines how you interact with the kernel. The GPL is meant to make sure that free code isn't enhanced in a proprietary way without the enhancements being open sourced as well. You really have to wonder if those who built the kernel – the only ones who could sue over Bionic – would see the library as a problem. And Linus Torvalds bore this out when he called Naughton's claims "totally bogus".

Google employs people who work on the Linux kernel, and odds are that the company had a good idea of how the community would react to an OS that cleaned the original Linux header files rather than use glibc. We get the feeling this is a case where the opinions of the world's Linux hackers are in stark contrast to those of an intellectual property lawyer at a big-name international law firm. Linux hackers aren't generally lawyers. And vice versa.

When we spoke to Raymond Nimmer – where this whole thing began – he reiterated that he believes "there is a risk" with Google's use of the header files. "If I was developing an Android app of any significance, I would tell the CEO, 'we have a judgment to make'," he told us. But then he added: "Of course, I'm not a coder. Someone else would have to look at the code and make that judgment." ®

Update: This story has been updated to better explain the GNU C library.

Combat fraud and increase customer satisfaction

More from The Register

next story
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
OpenBSD founder wants to bin buggy OpenSSL library, launches fork
One Heartbleed vuln was too many for Theo de Raadt
Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
Leaker claims big release due this fall as Microsoft herds us into the CLOUD
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Apple inaugurates free OS X beta program for world+dog
Prerelease software now open to anyone, not just developers – as long as you keep quiet
prev story

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.