This doesn't affect individual users, BTW.
Posted on 01/18/2006 2:35:39 PM PST by ShadowAce
...According to Attorneys
Wasabi Systems Releases a New Study Analyzing Sarbanes-Oxley Risks Associated with Linux
NORFOLK, Va.--Jan. 18, 2006--Many companies using Linux for embedded applications may be unwittingly violating the Linux license and even breaking federal securities laws, according to a white paper released today by Wasabi Systems, a leading embedded operating systems provider. The white paper, When GPL Violations are Sarbanes-Oxley Violations, is the first in a series of legal studies analyzing the common misperceptions and risks associated with Linux and its license, the GNU General Public License (GPL). Future white papers will look at the GPL implications of Loadable Kernel Modules (LKM) and how upstream GPL violations impact VARs and end users.
“Linux is a powerful operating system,” says Jay Michaelson, an author of the white paper and Wasabi Systems’ General Counsel. “But if companies violate the license, the consequences can be more severe than they think.” He notes that Wasabi uses open source software in its products, including very careful use of software governed by the GPL.
According to Michaelson, the problem lies with the requirement of the Sarbanes-Oxley Act, passed in 2002, that companies disclose ownership of intellectual property to their shareholders. Michaelson says that dozens of companies are discovered each year to have violated the terms of the GPL, and if they are public companies, they are violating Sarbanes-Oxley. “If companies are violating the GPL, they don’t have the right to use that software,” asserts Michaelson. “And if they don’t have the right to use the software, they’re violating federal law if they claim that they do.”
The extent of this problem remains unclear. The Free Software Foundation, which is the primary enforcer of the GPL, reports that it pursues “several dozen” enforcement actions each year. In the past, such violators were merely required to release their code to the public. Now, Michaelson says, “Sarbanes changes the picture completely. For public companies, violating the Linux license is now a matter of federal securities law.”
The white paper can be found today at www.WasabiSystems.com/gpl . As part of an educational campaign focused on the GPL, additional white papers, presentations and seminars will be made available.
This doesn't affect individual users, BTW.
Ah, the beauty of a free, open sourced operating system, instead of an evil empire spawned one. Oops, I guess at least with Windoze you know what you get for your license fee.
LOL! Several people around here would say that it is Linux that was spawned by an evil empire...
If I read this right the headline is misleading at best.
Joe Home Linux User is not violating S-B - it's more the case that company XYZ that puts Linux in an embedded app would be.
You could argue that company XYZ is a "linux user" but that is not the usually understood sense of "linux user".
Am I wrong here?
I really wish they hadn't passed that stupid law even through I am in information security.
Actually, you know what you get with the GPL license, too--if you read it, just the same as if you know what you get if you read the MS EULA.
The headline is misleading. If you follow the link and even glance at the white paper this becomes clear. It's not Linux users, it's Linux developers, and companies that have them in-house that could be running afoul of the GPL. The problem is, if you change a GNU GPL program, you're supposed to release the changed program free under the same licensing terms.
No worries for those of us with Linux on our desktop, no worries if you just write programs to run in a Linux environment. But if you integrate your app into Linux, you'd better be prepared to release it as freeware.
Still beats the heck out of MS's licenses. (And it won't run malicious code when you render a picture.)
Any claim could be made moot by releasing source code, even in obfuscated form, as SI Labs did with their CP2101 linux "driver".
I just did a SSH into my Linksys WIFI box. Yep. Linux.
/johnny
You read it in exactly the same way I did. :)
You mean AT&T???
Not quite. You only have to release the changes if you distribute your changes. If you change the code only for in-house usage, then you do not have to release your code.
heh--no. Some people on FR claim that Linux is a tool of commies and others who just want to steal your code.
You're not wrong as far as you go: you can violate the GNU GPL if you modify Linux and don't release the modified version as freeware under the same terms.
As I understand it, using Linux in an embedded system is fine--if you release the software for the embedded system as freeware under the GNU GPL--but you can run afoul of the GPL (and with it S-B) even if you modify Linux to integrate an app and don't comply with the terms.
That'll teach you to buy software from people named Bill Gates or Linus Torvalds
This is not about Linux users this is about companies that sell or distribute a GPL (not just Linux) product and do not (a) Relase the GPL code they are using and modifications or (b) Improperly report for SOX
Quite right. Though in the original context--embedded systems--unless the device with the embedded system is only used in-house, the changes are distributed, so the code needs to be released.
Actually if someone violated a license with MS (say buy having too many seats on an exchange server) they would be in the exact same place with SOX.
The thing to take from this understand the license of the software youre using... BTW this would not apply to companies that *do not distribute* their customizations of GPL code so that is I use GPL libraries in the construction of an inhouse billing system I am under no obligation from the GPL to release it and would be correct in reporting to SOX..
OK so the headline is really quite misleading. Joe Linux User is not at risk here, even theoretically. Company XYZ that sells embedded linux may be if you believe the survey.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.