[aur-general] Notification of GPL violation

Fri May 21 18:34:34 UTC 2021

On 5/21/21 1:10 PM, ente via aur-general wrote:
> On Fri, 2021-05-21 at 18:27 +0200, Ralf Mardorf via aur-general wrote:
>> Hi Manhong,
>>
>> it's squishy to form an opinion related to violation of a
>> license and toleration of sensible modifications and sometimes even to
>> distinguish between theft and fortuitousness.
>>
>> If you wrote a song named "love song" composed of holding the note c
>> for
>> 1000 beats and after that holding the note c# for another 1000 beats at
>> 120 beats per minute and a year later I write two songs and name both
>> "love song", too, one composed of holding the note c for 1000 beats at
>> 120 beats per minute and the other one holding the note c# for 1000
>> beats at 120 beats per minute. Would it make sense to argue related
>> author's rights?
>>
>> Sometimes disputes make no sense. Several factors must be taken into
>> account and often common sense can be used to rate, if it's worth to
>> argue.
>>
>> Regards,
>> Ralf
> 
> Hi Ralf,
> 
> 
> You example is clearly missing the point. Let's unwrap. 
> 
> Scenario 1: You did not know of the other song. You coincidently create
> the same song as someone else, no copyright will be applied. You simply
> did not copy anything. This example is not related to GPL at all.
> 
> Scenario 2: You did know about the song. You heard it in the radio. You
> liked the song, but you never actually did focus on the song trying to
> count how often each tone occured, you did not exactly measure the
> beats per minute, you did not search the internet for the exact details
> of the song. You rather got inspired by the song. You set down, you got
> creative and wrote down a brand new song which coincidently is the same
> song as published a year ago. You simply did not copy anything, GPL is
> not related at all.
> 
> In - broadly speaking - any other situation, you are copying. Copying
> is protected by the copyright. GPL grants you rights under certain
> conditions. If you don't fully comply with the restriction, you loose
> the rights.
> 
> There may be a fair use policy applying in certain situations. I am not
> aware, GPL grants any. As such: a patch file only containing 3 lines of
> the original is already copying. Writing those 3 lines "coincidently"
> is bullshit. Your purpose was never to be creative, your purpose was to
> write exactly those three lines. If I could "coincidently" write the
> same 3 lines in a patch file, then I could also "coincidently" type all
> the bits and bytes of the latest Star Wars movie in mp4 format by
> coincident and all copyright laws are dead the same second. So no, you
> did not write coincidently the same lines. You did copy.

This is all moot -- the letter "c" repeated endlessly is not a creative
work and is ineligible for copyright protection.

If this is intended to be a good comparison to an AUR "violation of
copyright" (I have not looked at Manhong's claim) then there's no issue,
the disputed patches were never under any copyright to violate.

Determining whether there is a copyright to violate might require more
time than one is interested in spending to analyze whether some change
is the kind of change e.g. best described as "only one obvious way to
accomplish it".

e.g. this C function is not copyrightable:

int add(int a, int b) {
    return a + b;
}

Neither is this function:

int add(a, b) {
    return a + b;
}

... even though it's both silly and bad. More importantly, a patch to
add the int types and make it compile without warnings, is not a
copyrightable patch either.

> Me personally I don't like the fact that big companies (unfortunately
> mine included) are earning a big pile of money using software they
> download for free from the internet without ever giving anything back
> to the community.
> 
> Now in this thread I got the feeling, many feel like "We are open
> source. We should not be monitored too close.". Arguments came up like
> "We do not distribute the software. We only distribute an installation
> script.". The latter one sounds very much like PirateBay, doesn't it?

In fact, the distinction is very important. IANAL, but my understanding is:

Licenses for works which you legally receive, and then modify in ways
that violate the license, are generally binding only when you distribute
the results. Such terms would therefore prohibit packaging noisetorch
for the [community] repository, but be permitted in the AUR.

... furthermore with your Pirate Bay <-> AUR comparison, the common
point is "not distributing anything, only linking to it". But in the
case of the AUR, the links are linking to legal content, while in the
case of the Pirate Bay, the links are linking to illegal content.

If the AUR does not:

- distribute illegal content
- link to illegal content
- teach you how to do something illegal

then what, precisely, is it doing that is getting y'all so hot and bothered?

It is *legal* to:
- download the completely legal noisetorch source code
- locally patch it in any way you like
- run it on your personal laptop in violation of the terms demanding it
  be renamed
- publish a guide to teach other people how to do the same thing

Even if it weren't legal, the noisetorch program was not being modified
in any practical sense. The only patch applied was a patch to the build
system, so that a script used to dynamically generate a source file
using git was replaced by a saved copy of the generated source file
processed directly.

By the very loosest meaning of the word "modify", it was being modified.
But running the go compiler also modifies it (turns it from text into
machine code). Adding a backported patch from upstream git master
modifies it. Running gofmt modifies it.

The program logic didn't get modified in any way, not even in a
"different algorithm, same result" way. In all probability, the
resulting compiled binary was byte-identical to the version without the
patch.

Comparing the AUR to the Pirate Bay is simply arguing in extremely bad
faith, for multiple reasons.

-- 
Eli Schwartz
Bug Wrangler and Trusted User

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20210521/3f9128ba/attachment-0001.sig>