On GPL Compliance, Android Tablets Get an 'F'
"The big question is whether or not the community wants to make bad business with foreign developers and manufacturers that are really just too lazy/ignorant to realize what they are doing," said Slashdot blogger Eldavojohn. "Of course, nobody gets away with that defense when a business comes knocking about a license violation, but holding your users' feet to the fire never turns out well."
01/10/11 5:00 AM PT
There seems to be no stopping the current avalanche of Android tablets -- just look through the CES announcements for a not-so-small sampling -- and that's undoubtedly a good thing for Linux.
A shadow was recently cast upon that otherwise sunny landscape, however, in the form of a report examining said tablets' GPL compliance.
"The GPL requires that vendors either provide the source code to the GPL components with the device, or alternatively to provide a written offer to provide the source code upon request," explained Red Hat employee and Linux kernel developer Matthew Garrett in an introduction to his analysis of today's Android tablets. "Distributing devices without adhering to the copyright license of the associated software is copyright infringement, and doing so commercially is a criminal act in many countries."
So how do today's tablets fare when it comes to the GPL? Let's just say there are an awful lot of "No's" on Garrett's list.
Overall, the tablets range "from 'utter failure' to 'pretty good,'" Garrett wrote recently in a blog post describing his results. The "vast majority," however, "are shipping without any source being made available, and that includes devices from well-known vendors. It's pretty much a given from the ones you've never heard of."
In other words, the scales are tipping heavily toward the "utter failure" end, it seems. And that's not a good thing.
"Take take take," wrote gilesjuk on Slashdot, where a lively discussion of the problem soon ensued. "That sums up most Android vendors, they develop their own GUIs and improvements and don't give much or anything back to the project. Hardly in the spirit of open source is it?"
'Very Illegal, Like Stealing Code'
Indeed, "even though I have not contributed one line of code, I'm still affected by it as a software developer," opined obarel. "I earn my living by writing software for my company. I do not use GPL because I know it's illegal not to publish the code, and my company cannot afford to publish our code, due to competition.
"This means that my company invests time and money (which directly affects my livelihood due to competition) into software development, while other, larger companies just take GPL'ed code and use it without fear (and without any intention to release their code)," obarel continued. "So they have an unfair advantage over my company. It's unfair, because what they do is illegal.... very illegal, like stealing code from a competitor."
Other opinions in the Linux blogosphere were just as strong, so Linux Girl knew it was time to learn more.
'A Serious Problem'
"From a user's perspective, it is not an immediate issue; from a developer's or legal perspective, it has the potential to be a massive issue," Slashdot blogger Eldavojohn told Linux Girl. "If the developers haven't taken the time to carefully package their code apart from the Android software (or if this is impossible by virtue of their 'improvements') then you're talking about a serious problem, an example of which can be found here."
In such cases, "I think litigation should be considered if the company fails to comply, as we need to treat the GPL with the same respect that we treat copyright with," Eldavojohn added. "The GPL is a license just like the license for Windows 7 -- it's just as serious a violation to not comply with that as it is to download a cracked version of Windows."
For devices using unmodified Android, "I think etiquette needs to be established with their users, because there's different levels of compliance, all seemingly in use in some way today," Eldavojohn said.
Both GBP v2 and v3 stipulate that even if a company did not modify the code, it should acquire the source of the GPL software version and release it to customers with its own product, Eldavojohn pointed out.
"The big question is whether or not the community wants to make bad business with foreign developers and manufacturers that are really just too lazy/ignorant to realize what they are doing," he concluded. "Of course, nobody gets away with that defense when a business comes knocking about a license violation, but holding your users' feet to the fire never turns out well."
'Compliance Follows Eventually'
Blogger Robert Pogson saw less urgency.
"This is as much a concern as the Tivo situation," Pogson began.
"To the extent that OEMs are distributing Android as issued by Google, it may be internally documented that Google or kernel.org has the source on-line; to the extent that OEMs modify GPLed stuff, they should publish the source code," Pogson asserted. "It is not clear to me that GPL is being violated with the information available."
In short, "I doubt this is much of an urgent concern," he concluded. "Experience has been that compliance follows eventually. It's just not the first priority for many -- they are rushing things to market and the source code is probably in flux until a few weeks before release."
Ultimately, "the mobile environment could benefit by the use of distros and packaging technology that could provide updates and access to source code in the same process," Pogson added.
Alternatively: "I suspect that the only way to solve the problem will be for Google to offer a standard set of files that handset makers must include somewhere on their website," Montreal consultant and Slashdot blogger Gerhard Mack suggested.
'Google Is No Friend of FOSS'
Slashdot blogger hairyfeet, however, wasn't so sure Google will be part of the solution.
"Notice how Google ONLY USED GPL V2 software?" he began. "Why is that? One word: TiVo. GPL V2 allows you to 'TiVo' a device, making GPL completely useless. This is a BIG LOSS for the folks that support GPL."
Google, in other words, is "NO friend of FOSS; it is NO DIFFERENT than any other multinational," hairyfeet opined. "Sure they donate some code, but if they turn around and TiVo the most significant chance FOSS has had to gain traction, what is the point?
"Now Google will keep all those embedded apps and kernel firmly GPL V2," he predicted. "Google has more than enough cash to simply update the GPL V2 version, allowing them and their buds to keep TiVoing anything they please."
That, in fact, "is why RMS created GPL V3, and as much as I hate to agree with that man I gotta go with him," hairyfeet concluded. "This is a good lesson to FOSSies: There is NO major multinational corporation that is your friend! If it comes down to your freedom or their profits, YOU WILL LOSE."
'GPL Compatible' Stickers
Barbara Hudson, a blogger on Slashdot who goes by "Tom" on the site, could see a silver lining.
"This sounds like yet another 'good news, bad news' joke," Hudson began. "First, the good news: There are plenty of linux tablets hitting the market. Now the bad news: Many of them are not compliant with the GPL."
The "great" news, however, is that "GPL compliance seems to be a quick and dirty way to weed out the tablets that aren't worth looking at from a quality standpoint," Hudson told Linux Girl. "I would have to say that the GPL, like the Internet, routes around damage."
Next, "all it takes is for manufacturers who ARE compliant to start putting 'GPL compatible' stickers on their packaging," she suggested. "Even someone who doesn't know what the GPL is will start equating the GPL with 'a better quality product.'
"Never underestimate the power of a sticker," Hudson concluded. "Look at all the laptops that were sold because of a 'Vista compatible' sticker."