Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Mon, 2 Apr 2001 16:12:36 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Mon, 2 Apr 2001 16:12:17 -0400 Received: from vitelus.com ([64.81.36.147]:26378 "EHLO vitelus.com") by vger.kernel.org with ESMTP id convert rfc822-to-8bit; Mon, 2 Apr 2001 16:12:10 -0400 Date: Mon, 2 Apr 2001 13:11:27 -0700 From: Aaron Lehmann To: linux-kernel@vger.kernel.org Subject: [WARNING] Please don't send kernel patches through Hotmail Message-ID: <20010402131127.C842@vitelus.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: 8BIT User-Agent: Mutt/1.3.15i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org ----- Forwarded message from Bryan-TheBS-Smith ----- From: Bryan-TheBS-Smith Subject: [Copyright/Licensing] "Dual-copyright/licensing" of your IP withOUT your permission Date: 2001 April 02 [Copyright/Licensing] "Dual-copyright/licensing" of your IP withOUT your permission USING A PASSPORT.COM-ENABLED SERVICE WILL DUAL-COPYRIGHT/LICENSE YOUR ORIGINAL WORK I just want to throw this out for *OFF-LIST* discussion. I am currently writing an article on the new licensing agreement at Microsoft's Passport.COM. What most people don't realize is that if you use MSN, Hotmail, Expedia and, in some cases, just MS IE/Outlook, you have _already_agreed_ to this license. Why? In the case of MSN, Hotmail and Expedia, your passwords are stored on Passport.COM (remember when Microsoft went down in late 1999 because of their expiration of Passport.COM?). I am still researching the depth of Passport.COM's interaction with MS IE itself (seperate from these services), and other Microsoft and non-Microsoft, Internet-enabled software. The problem? In a nutshell, any outgoing information, software and/or services of your original copyright/license/IP are "dual copyrighted/licensed" to Microsoft c/o this new agreement. This can be _very_dangerous_ from the standpoint of free software development. Worse yet is the fact that no one currently knows to what extent the Passport.COM licensing agreement applies, but it seems all MSN, Hotmail and Expedia users are subject to it, possibly all users of MS IE as well. GPL DOES NOT OVERRIDE YOUR COPYRIGHTS (NOR YOUR ABILITY TO ASSIGN THEM TO OTHERS) Now you may think the GPL (and/or other GNU licensed works like the LGPL, FDL, etc...) protects your work. What you may not realize is that Copyright Law is the _ultimate_ law. The software that cracked the encryption (really "uglification") and revealed the follies of popular "Internet Filtering" software were perfect examples. The software was released GPL, but then revoked later. How? Because the creators ultimately have "all rights reserved" to their copyright, and can revoke any license at any time (like they did when the popular filtering software vendors bought the rights). When you post, upload or otherwise transmit through a Passport.COM-enabled service, you are effectively giving Microsoft a non-exclusive, "blank 'copyright' check" to use your work. Now one way you can "protect" your free software/works from being submissive to this "hole" in Copyright Law is to assign all rights to the Free Software Foundation. In fact, this is exactly what the FSF recommends you do with any GNU licensed work. If you have not done so already, consider doing this with any GPL, LGPL, FDL or other GNU-licensed work that you do not plan to "dual-license" yourself or other entity. IS THIS AN "ANAL" STANCE? MICROSOFT "REALITY CHECK": Now before you think I'm going off an being "anal" on this, or screaming "the sky is falling," realize the following: 1. Many companies are looking for new avenues of revenue and the "total forfeit" or "dual-copyright/licensure" of your copyright/licenses/IP is nothing new. 2. Microsoft (among others, even non-Windows vendors) have been shown time and time again to be all for #1, and abusing the rights of others in the name of profits. 3. *BIG ONE*: Anyone who has interviewed with Microsoft, or visited the Microsoft campus knows that Microsoft's future goals _include_ the revenue stream of _charging_you_ to even see your own data! 4. *ANOTHER*: Microsoft has identified "dual-copyright/licensure" as a key method to "bypassing" the "GPL virus." 5. *MOST IMPORTANTLY*: Microsoft is currently the biggest lobbyist of the US government, and expends the most in legal costs of any American company. Lawyers are difference between something just being just "unethical and not legally binding" and "unethical but quite legal binding and quite enforcable." #5 is what makes the Passport.COM licensing agreement the most scary, even though it is nothing new in some circles. WHAT SHOULD THE FREE SOFTWARE COMMUNITY DO TO COMBAT THIS? Other than avoiding these services and any other that use Passport.COM (which will only get harder and harder as .NET makes it presence), there are some _real_issues_ to doing _anything_ on the Internet that will require our action. At least two key issues need to be addressed (with possible solutions): 1. "Identify" users who are using these services when they contact your web site, archive, CVS repository, etc... They need not only be informed of these issues -- but they need to "sign" a "counter agreement" that they agree to the policies of our site, archive, repository, etc... which either "prohibit" uploading from services where there is such an agreement and/or somehow put the responsibility on the consumer and/or service to NOT allow such "dual-copyright/licensure" rights to be applicable to those original works. "Identification" is where the difficulty may come in, but searching for a cookie or other known "resource" on the client system should provide us with a good indicator that the client is using these services. Our service then will "redirect" them to the proper page with the agreement (and kick them off if they do not). 2. Draft new licenses, or create "addendeum" to existing licenses that explicitly target these other agreements and render them either null and void, or somehow limit their application to our projects. This will be most difficult as the creators of these "agreements" have been smart enough to make their copyright/licensure "non-exclusive" -- which allows the creation of a "dual-copyrighted/licensed" version they can use (whereas an "exclusive" agreement would not hold up in court). Again, these are serious issues that need to be addressed ASAP. I hope the free software community pulls together and does its due dillengence to combatting this serious violation of our IP and our ability to control who, what and how it is copyrighted and/or licensed. LINKS TO MORE INFORMATION: As a follow-up, please take the time to read the following URLs: Microsoft Passport.COM terms of use: http://www.passport.com/Consumer/TermsOfUse.asp The Register.COM article: http://www.theregister.co.uk/content/4/18002.html Troubleshooters.COM new copyright and other articles: http://www.troubleshooters.com/cpyright.htm http://www.troubleshooters.com/tpromag/200104/200104.htm#_new_copyright http://www.troubleshooters.com/tpromag/200104/200104.htm#_three_articles LEAP Thread (first article in thread): http://lists.leap-cf.org/pipermail/leaplist/2001-April/011248.html -- Bryan "TheBS" Smith OSS/GNU/Linux Participant, Advocate, Packager and Developer P.S. Feel free to forward this to others, provided you are courteous enough to not cross-post a single message among several lists (i.e. please send one message per list or two). -- Bryan "TheBS" Smith chat:thebs413 @AOL/MSN/Yahoo Engineer mailto:b.j.smith@ieee.org,thebs@theseus.com ********************************************************* "Never apply a Star Trek solution to a Babylon 5 problem" -- Nicholas C. Weaver ----- End forwarded message ----- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/