OpenBSD Journal

Could Hard GPL Terms Be An Opportunity for OpenBSD and pf?

Contributed by jacek on from the dept.

Ordinary customers are often accused of not reading licenses and breaking law without thinking. But what about companies that have resources to pay the lawyers? The Sitecom case suggests that somebody either ignored the GPL licensing terms or did not understand them properly.

To be fair, GPL-licensed software is hideously difficult to use in embedded applications, because of the requirement to release changes to the original code, which businesses do not what to do.

Sitecom and others would have much less headaches, if they used BSD-licensed software, such as pf. Hmm... could this be a good time to lobby hardware firewall manufactures to use OpenBSD/pf in their products?

(Comments are closed)

  1. By Anonymous Coward ( on

    With features like authpf, I don't see why it isn't used more often. Even some diehard Linux users like Pf.

    1. By ImpTech ( on

      PF is great... its pretty much the sole reason I use OpenBSD versus, say, Debian on my internet-facing box. As for why its not used more often? My suspicion is that firstly not as many people have heard of OpenBSD, much less tried it, so they don't realize how good PF is. Secondly, Linux is already ported to a few more architectures than OpenBSD (ARM for one). As a general question though, I have to ask, why does anybody care whether embedded developers use OpenBSD or not? I don't see how the project is likely to benefit from this.

      1. By Anonymous Coward ( on

        No ARM huh? What is ?

      2. By Michael ( on

        It's good for embedded developers to use OpenBSD because the more people that are looking at the code intently, the better. They may not necesarily find all sorts of bugs that affect other people, but it's a nice feeling when someone finds your product usefull.

        So...why do we care? Warm fuzzy feelings.


  2. By MotleyFool ( on

    Here's another one for you to think about, what about large gov't defence research facilities. Do you think they always release back modifications they've done to GPL code? There's a lot of gov't funded R&D that gets spun off into commercial systems. Or you've just used a RT linux kernel in some military hardware and now you're going to sell it to other country, sure sounds like a commercial product to me. Oh, but I'm sure no defence contractor would ever do that.

    1. By mk ( on

      with projects like hopping landmines, terrorism futures, lifelog, or total information awareness, not to mention the attempted funding "sabotage" of last year's obsd hackathon, I for one hope mil R&D stays as far away from BSD code as possible, what they do with GPL'd code is the GPL lawyers' business, but it sure would be fun to see them get a few cease&desists for critical system code sometime in the future...

    2. By Krunch ( on

      IANAL but AFAIK the GPL require you to release the source only to the people to whom you give/sell the software. If some government want to modify and use a GPL software, they don't need to give away the source if they don't give away the software.

      1. By MotleyFool ( on

        Lots of Gov't funded work gets spun out to commercial entities. You don't think big defence contractors do initial R&D without Gov't input do you? One of the largest exports of goods from the US is defence equipment.

      2. By josh ( on

        Sort of. If you distribute the source with the binaries, you don't have to give the code to anyone else. If you give out the binaries with a notice that source is available upon request, you have to give it to anyone who asks. (for 3 years)

  3. By Michael van der Westhuizen ( on

    While the nature of the GPL could provide OpenBSD with an opportunity in these sorts of scenarios, I'd prefer to think that a technical evaluation of pf vs. whatever else is out there would be a win for pf. Yes, the GPL is a scary beast, but I believe pf is a better solution than any GPL alternative I'm aware of. It may seem a bit low-key, but I'm sure I'm not the only one who finds that OpenBSD's network layer and the associated technologies are its killer-app.

    1. By Jacek Artymiak ( on

      Sure, we all know that pf is an excellent piece of software, but being technically superior does not always help convince people to abandon lesser software.

      1. By Anonymous ( on

        In this case, I don't know if it's wise to propose pf to this company, Sitecom, which breaks a license, GPL. What if they don't comply to the BSD license? My point is if they don't comply to the BSD license, then it's probably not worth "lobbying" them. Other than that, it's fair game and the developers should decide.

        1. By Daniel Hartmeier ( on

          I wonder how they could possibly violate the BSD license. Read it here (without the advertisement clause), then consider the case of a binary-only distribution. Basically, the only requirement is

          - Redistributions in binary form must reproduce the above copyright
            notice, this list of conditions and the following disclaimer in the
            documentation and/or other materials provided with the distribution.
          Now, consider other materials provided with the distribution, imagine an embedded appliance. It doesn't say printed materials or the like. They could just put the notice and conditions in a file (or firmware ROM) on the device, like a static string inside the binary. I don't think reproduce implies that the end-user must see it displayed, which could be difficult if there's no user interface of any kind.

          The worst they could do besides not giving any credit would be claiming they wrote it all themselves. But even that wouldn't violate the license (but possibly a law about plagiarism or fraud), assuming the copyright notice and conditions are reproduced and provided in some form invisible to almost all users. If it's reproduced and provided, someone can extract it and disprove their claims of authorship convincingly with that. Bottom line, the restrictions are so unobstrusive to commercial business practices, that there's no incentive to violate them, really.

          All of this is perfectly fine with me, of course. :)

          1. By Anonymous ( on

            I am not a Linux/GPL zealot, and I understand the BSD license, since it's easy to read. However, the issue still stand that BSD is still a license that's copyright violable - take code, omit copyright; and the ease of compliance doesn't negate its violability.

            My concern is if a company doesn't respect Open Source, be it the GPL, they don't deserve Open Source software, especially the BSDs.

            I imagine if there's a violation, you guys most likely will make it an awareness issue not involving court injunctions. I am basing this on Dale Rahn's unpaid work with Pegasos. My sympathies to Dale Rahn.

  4. By Simon ( on

    Honestly, these companies should have used something like OpenBSD to begin with. The GPL is a long and complicated license, but the message is clear. These companies had no buiness stealing GPL code to begin with. Just because you don't like the license don't allow you to break it.

    That companies who produces wireless equipment and firewalls uses Linux code seems a bit weird, I guess they just got caught in the Linux hype.

  5. By Anonymous Coward ( on

    I still can't understand why the embedded space is so high on the Linux bandwagon? And I work at one of those places.. Using OpenBSD would resolve all licensing issues instantly.

    1. By Anonymous Coward ( on

      And introduce performances issues at the same time. Linux scales well, Linux performs well, Linux rocks.

      1. By Adam ( on

        Yeah, embedded applications are all about scalability. OpenBSD's lack of SMP support is probably the biggest factor holding it back in the embedded space. Seriously though, linux offers nothing openbsd doesn't for the embedded crowd, but it has a better license and better docs. Doesn't seem like such a tough choice to me.

        1. By Anonymous Coward ( on

          SMP for embedded? I work in the video on demand and cable modem business, I've yet to see SMP used in any of the embedded solutions.. Linux is of use mainly cause we can purchase a working reference implementation and a toolchain that works.

  6. By James Holmes ( on

    I think there is a place for both BSD and GPL licenses. BSD is good for code that you want published widely and used without any strings attached. On the other hand GPL is good for things like compilers because your goal might be to produce something that must remain under the control of the public at large (if you want it to be portable across systems).

    However I think that it is truly unfortunate that the BSD licence isn't used more, because I've occasionally been disappointed when things like a better implementation of math function xxx was written in the GPL and I've been forced to write my own implimentation. This is a very counter productive way of working and programmers should be aware of this consequence of using the GPL.


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]