Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 29 Jul 2017 12:40:20 +0000
From: nisus@...chan.it
To: kernel-hardening@...ts.openwall.com
Subject: Yes you have standing to sue GRSecurity.

It has come to my attention that some entities are claiming that you, 
dear Linux Hackers, (1)need to go through some foundation or get some 
permission from upon high in-order to sue the progenitors of GRSecurity 
for their violation of section 6 of the terms underwhich the linux 
kernel is distributed (version 2 of the GPL). And, furthermore, that 
(2)this foundation has no intention of bringing such a suit.

(1) is false.
(2) may very well be true.

You do have standing to sue GRSecurity for their blatant continuing 
copyright violation if GRSecurity has made a derivative work of your 
code contribution to the Linux Kernel as-long as (a)you have not 
assigned your copyrights, and (b)you are not a work-for-hire.

How do you know if you are a work for hire or if you have signed away 
your copyrights?
If you are working for a company and as your job duties you are 
programming the linux kernel, there is a good chance that you are a work 
for hire and thus the company owns said copyrights.

How do you know if you signed away your copyrights? Well if you singed a 
document transferring ownership of your copyrights for the code you 
produced at some point.

If you are not working for a company while hacking linux and you haven't 
assigned your copyrights away then YOU OWN YOUR CONTRIBUTIONS.

This means most of you hobby hackers, if GRSecurity has modified your 
code, YES YOU HAVE STANDING TO SUE.

Yes your "betters" are lying to you.
You have individual separate standing to sue.

Yes you SHOULD consult a lawyer of your own.
Yes you SHOULD consider a joint filing with other individual 
rights-holders willing to bring suit against GRSecurity for their 
blatant violation of your terms, and yes you should consider starting 
CLASS ACTION since the number of Linux Kernel Contributors seemingly 
numbers in the multitudes upon multitudes upon multitudes.

And yes, I am an attorney.
But no, I'm not looking for clients. Just correcting some false 
information that has been spreading.

And yes, GRSecurity will try to claim that the linux-kernel is a work of 
Joint ownership (so as to shield themselves via procedural law) and yes 
they will try to claim fair use (probably de minimus), and yes your 
Lawyer will have to respond to these claims. The Joint ownership claim 
will go down quickly but it will have to be responded to. De minimus 
Fair Use depends on how much code is modified and how signifigant the 
modifications are. Don't let anyone but your own legal council dissuade 
you from bringing suit: Remember the statute of limitations is only a 
few years, so the clock is ticking on the CURRENT violation.

Also make sure you register your copyright of the version of the 
linux-kernel that GRSecurity is using in its violation prior to bringing 
suit. The registration must be for the specific version. Yes you can 
register after the violation has occurred, however if you have 
registered before the violation then you can also pursue recovery of 
legal fees, pursue statutory damages, etc.


( NOTE: If you would like to read on how your copyright is being 
violated by GRSecurity, Bruce Perens posted a good write-up on his 
web-page )
( 
perens.com/blog/2017/06/28/warning-grsecurity-potential-contributory-infringement-risk-for-customers/ 
   )
( There was also a discussion on the linux section of slashdot, and on 
the debian user mailing list, and on the dng devuan mailing list and on 
the openwall mailing list and the fedora legal mailing list )

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.