GPL Compliance Engineering Delves Into the Inner Life of Embedded Devices

Oct 20, 2008

Dutch Linux consultant Armijn Hemel clarifies in his recently issued GPL Compliance Engineering Guide how to check for GPL breaches of electronic devices.

Hemel works for Loohuis Consulting, a company that focuses primarily on licensing violations. The company targets vendors that want to ensure their products' compliance. Hemel is also an honorary participant in the GPL Violations project that represents the rights of software authors in respect to their device vendors. The project has already successfully represented clients in suits against router vendors that violated Linux Kernel licensing provisions.

In the 26-page PDF document Hemel describes the technical part of GPL Compliance Engineering, from portscanning with nmap, bootloader analysis, data systems and firmware, to getting physical access to the device’s serial console. A small section of the document covers devices with a Windows inner life often involving the GPL-licensed Cygwin program.

Hemel includes short words of warning at the outset: "Some things described in this guide might not be legal due to DMCA(like) legislation in your country." Developers in the U.S., for example, might run into conflict with the Digital Millennium Copyright Act (DMCA).

Hemel also contemplates the reasons behind some of these Open Source licensing violations. He cites the fiercely competitive consumer electronics business, where companies can become lax in checking for, and keeping to, license provisions, with many preferring to risk a lawsuit than miss a sale.

Related content

  • GPLv3 Comes to the Rescue of GPL Violators

    Red Hat adopts GPLv3 cure provisions to help companies fix GPL violations.

  • FOSDEM 2007

    On February 24 and 25, around 4,000 geeks gathered in Brussels, Belgium, for the Free and Open source Software Developers European Meeting (FOSDEM).

  • News

    This month in the news: KubeCon concludes in Austin, Texas, Dell to disable Intel’s insecure IME, Linus Torvalds’ advice to security experts, GPLv3 comes to the rescue of GPL violators, and Linux Kernel 4.14 released. 

  • FSF Settles with Cisco over Licensing

    In December 2008, the Free Software Foundation (FSF) filed a lawsuit against network giant Cisco, claiming that its subsidiary Linksys had multiple violations of the GPL. The two parties have now reached an agreement.

  • News

    Honey, I shrunk Ubuntu, Linux Mint 19 released, Red Hat adds GPLv3 cure clause to Its codebase, SUSE Linux Enterprise 15 released, GitLab drops pricing after Microsoft GitHub acquisition, and KDE Plasma 5.13 is here.

Comments

  • A very levelheaded down-to-earth report

    First of all, I was agreeably surprised by the levelheadedness and the level of professionalism displayed by mr. Hemel in his report.

    His testing recommendations, while certainly not shocking or surprising, are irrefutable, show strong commonsense, and absolutely the first steps one should take.

    Good work!
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News