digg

Facebook Connect Join Digg About
See the original image at theinquirer.net

McAfee throws some FUD at the GPL

theinquirer.net In its annual report, Windows security software vendor McAfee told its investors that open source software licence terms it vaguely characterised as " ambiguous" might "result in unanticipated obligations regarding our products."

Who dugg this? Made popular Jan 7, 2008

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

74 Comments

show profanity settings
expand all
  • StanStutter, on 01/07/2008, -4/+35The Inquirer gives McAfee as some good advice:
    "McAfee ought to consult with the Free Software Foundation if its management and attorneys are not well versed in the accepted methods for keeping proprietary and open source software separate while still allowing them to work together. The FSF will be glad to help them out."
  • baalzebub, on 01/07/2008, -5/+28i hope some of the top GNU/gurus of code look over McAfee's code with a fine toothed comb and if this be true notify the Software Freedom Law center on them...
  • str3ama, on 01/07/2008, -5/+27Don't put up with that nonsense, McAfee and Norton spend lots of money on PR and promotions to make sure there names are the most recognizable when it comes to virus/spyware protection - and being recognizable doesn't mean it's better. I highly recommend Nod32 for those that aren't already aware of it - smaller memory footprint (uses less resources) and more adept at detecting real suspicious programs as opposed to the false positives that North and McAffee find.

    Also McAfee is known to blacklist other competing software like AVG / Clamshell, not to mention that there are strong allegations that they whitelist products affiliated with them regardless of the dangers involved in that program.
  • badassninja, on 01/07/2008, -2/+18Hope it goes open so I can port it to Ubunt..... never mind.
  • maybeway36, on 01/07/2008, -2/+18Cause they didn't bother to read it, maybe.
  • BrainInAJar, on 01/07/2008, -1/+17While there are terms of the GPL that may be ambiguous ( can you link against a GPL library? it's unclear if that constitutes a derivative work or not ), but from the sounds of it, McAfee is just violating the GPL and knows they're close to getting caught for it.
  • BillyGoatMagoo, on 01/07/2008, -0/+10i like the duck
    quack quack
  • vwvan, on 01/07/2008, -5/+15AVG rules. It is free and doesn't rape your machine.
    McAfee and Symantec are just pirates of a different flag.
  • greyfade, on 01/07/2008, -0/+6Can you link to a GPL binary? No. That constitutes a derivative work. The wording is a little unclear, but that's the gist. This is why the Library GPL exists: to allow linking to binaries. The LGPL makes an explicit exception for dynamic linking - though I'm unclear whether it applies specifically to dynamic linking or includes static linking.
  • MasteRR, on 01/07/2008, -0/+7"result in unanticipated obligations regarding our products."

    *****. I hate when companies say this. The GPL is a software license. Don't like what it requires? Then don't use GPL code. It is that simple.
  • PhireN, on 01/07/2008, -2/+8the gpl doesn't virally attach its self to source code, it just sticks to its own code, and any modifications you might make to the gpled code.
  • JusticeAK, on 01/07/2008, -8/+14McAffe writes viruses.
  • known, on 01/07/2008, -3/+9Open source companies promote Competition.
    Closed source companies promote Collusion.
    Choice is yours.
  • milkbone98, on 01/07/2008, -1/+6I doubt that any Digg users use McAfee, it's gotta be the biggest piece of crap on the market today.
  • cawpin, on 01/07/2008, -2/+7Well, he's right, so yeah.
  • MasteRR, on 01/07/2008, -0/+5What? Programmers are humans? I thought a programmer was a machine that turned coffee into code.
  • geminitojanus, on 01/07/2008, -0/+5"are you certain of that, did your lawyer advise you to that effect?"
    His might not have. Mine did. YMMV.

    "also, are things like the nVidia hack legal?"
    Probably not. But it's pretty hard to call them on it, as the coders who would sue would have to band together and sue together, which is pretty ridiculous too (seeing as some of them have died which means their companies/estates now have to control their "vote" and all the other BS associated with the issue).

    The "GPL's areas of uncertainty" have all been cleared up; it's the continual reading and misinterpreting of it which has caused these "uncertainties" to resurface and likewise be resquashed. There have been attempts at writing FAQs (http://www.gnu.org/licenses/old-licenses/gpl-2.0-f ... ) to clear up these "uncertainties", some of which are even (in)famous for doing so, but sadly, the layman isn't a lawyer so it's hard for that knowledge to remain in people's minds for very long.

    So please, no more FUD needs to be thrown at this issue.
  • trogdoor, on 01/07/2008, -0/+5What constitutes a derived work is not ( and cannot be ) an ambiguity of the GPL because that is defined by copyright law, not the GPL.
  • GMorgan, on 01/07/2008, -1/+6If they read the license and refrained from using it because of certain obligations then obviously those were not unforeseen.

    I personally go for the later argument. FOSS is devastating to companies like McAfee who depend entirely on a security through obscurity mindset. By putting things out in the open, malware becomes far less likely and while a popular Linux desktop would need anti-virus it would not nearly be the malware whore that Windows is.
  • Stalks, on 01/07/2008, -1/+6Every software is programmed by humans, and humans make mistakes.
  • baalzebub, on 01/07/2008, -0/+5thats a good reason to use open source software, and a good reason to NOT accept the default generic kernels that come with most distros, build your own kernel and leave out networking options you dont use like nfs (would not ever allow that crap on any of my PCs) i have a better way to browse the LAN, build your own xfree86 or xorg (whichever you prefer), the more control over how your system is built the more control you have over securing the system...
    gnome & mono is another complete piece of garbage i would nevever allow on my PCs...
  • geddon, on 01/07/2008, -1/+6McAfee also practices the Corporate version of R&D by researching fledgling software companies and buying them outright. The majority of in-house developers are only temporary after they lose control of their software product and watch them crumble under the weight of "marketing requirements."

    I imagine that one of their acquisitions came with some open source code which their contracts couldn't claim to own.
  • init100, on 01/08/2008, -0/+4"And, SAMBA probably becomes a derivative work of MS Windows as well."

    By using the same communication protocol? Using the same line of reasoning, Internet Explorer is probably a derivative work of the Apache web server.
  • BrainInAJar, on 01/07/2008, -4/+8are you certain of that, did your lawyer advise you to that effect?

    also, are things like the nVidia hack legal?

    The GPL has some areas of uncertainty. You can't realistically deny that
  • stargatesteve, on 01/07/2008, -1/+5Translation: "Oh, sh*t! We didn't do our homework and read the fine print, we're f*cked. Curse the GPL!"
  • jm9206755, on 01/07/2008, -0/+4What!? That doesn't even make sense...
  • baalzebub, on 01/07/2008, -4/+8you want to know what the best anti-virus is? an operating system that is built from the ground up to be secure in the first place, any operating system that needs an anti-virus or a third party firewall because the one built in to the kernel is inadequate is not worth using in the first place...
  • balazsbela, on 01/07/2008, -1/+5"Use of GPL software could subject certain portions of our proprietary software to the GPL requirements, which may have adverse effects on our sales of the products incorporating any such software."
    That is so horribly wrong.They need to open up only if they used GPL *code* in *their* products.
    So they are saying that their problem is that GPL != BSD.
    If they don't want to open source their products they shouldn't use GPL code in them.

    Linux has had proprietary drivers for a long time.Take Nvidia as an example, they took their Windows driver and wrote a GPLed library to make it work under Linux.
    Ndiswrapper similarly allows wireless drivers written for Windows to run under Linux.

    Read this:
    http://yro.slashdot.org/article.pl?sid=08/01/05/02 ...
  • snotrokit, on 01/07/2008, -1/+4irrelevant. I haven't used McAfee products of any kind since 2001. They sucked then, they suck now.
  • mliving, on 01/07/2008, -0/+3Agree McAfee sucks... Norton sucks (HUGE overhead and cludgeware)

    I use NOD32 (lightweight fast) and Avast Personal (Free)

    I've also found that trojans, viruses, etc. are a lot more common to MS products, namely Internet Explorer, Outlook and Outlook Express and Office. Switching to Firefox, Thunderbird and OpenOffice has greatly reduced my potential exposure to the point where I might get one notice of malware interception by NOD or Avast every few months.

    See there are every more reasons to switch to open source software!

    Suck it McAfee! They're just trying to find some wiggle room for not disclosing their use or abuse of open source code!
  • localzuk, on 01/07/2008, -0/+3Huh? The point they were trying to make was that they have misappropriated open source code in their products - which are distributed, as binaries.
  • esc27, on 01/07/2008, -0/+2Quite a long rant based on nothing but speculation over what McAfee meant.
    Useless.
  • Phocion55, on 01/07/2008, -1/+3Dugg for a wonderful thought-provoking analysis.
  • inactive, on 01/07/2008, -1/+3They read the part about having to place all code under GPL if the code uses any GPL code.
  • invinciblechunk, on 01/07/2008, -0/+2I've seen McAfee's software, preinstalled on a laptop, regularly pop up notices like "Register now to win a FREE PLASMA TV!"

    McAfee = the fox guarding the henhouse.
  • inactive, on 01/07/2008, -0/+2Which is probably what they were talking about.
  • inactive, on 01/07/2008, -0/+2/really bad sarcasm
  • MasteRR, on 01/07/2008, -1/+3Do you understand what Open Source means? AVG and Trend Micro are not Open Source. Free (as in beer) does not equal open source.

    As for a truly open source anti-virus: Clamscan/Clamwin. Unfortunately it is not memory-resident, so you should still keep one of the others around.

    As for open source firewall: No idea if you are on Windows.
  • init100, on 01/08/2008, -0/+1Given that McAfee's core business is selling packaged software, if they used free software in a way where the license might affect them in a negative fasion, they probably incorporated it into their packaged software offerings.
  • habbofresh, on 01/07/2008, -0/+1ZOMG DUCKROLL
  • jdrsantos, on 01/07/2008, -1/+2I agree with you. And this is the REAL problem here. Ever if the GPL was the better designed law-document of the world, this would be the same situation again: it's all about the money.
  • geddon, on 01/07/2008, -0/+1That's the rub. There isn't any industry in which this problem exists; where the mom and pop start-ups can never hope to compete -- merely entice the 900 lbs gorilla to consume them for a quick shot of cash which will be immediately invested back into the 900 lbs gorilla market.
  • init100, on 01/08/2008, -0/+1I've heard that Norton is worse. :)
  • motters, on 01/07/2008, -0/+1I'm not a big fan of the antivirus companies, since I've seen too many ordinary computer users labouring under the dead weight of their products. Some modern antivirus systems seem truly onerous, slowing the users machine down dramatically and frequently coming up with spurious warnings. Fortunately since I use Linux most of the time I don't have to contend with this.
  • init100, on 01/08/2008, -0/+1"As for a truly open source anti-virus: Clamscan/Clamwin. Unfortunately it is not memory-resident"

    That's probably because (IIRC) ClamAv was initially developed for *nix file and mail servers to scan files for Windows malware, so that the insecure Windows clients wouldn't get infected.
  • init100, on 01/08/2008, -0/+1I agree that Avast is very good. I switched McAfee to Avast on my Windows installations a few months ago, and I haven't looked back. No more does explorer randomly lock up when accessing large files, or randomly claim that a file cannot be deleted because it is in use (unless it actually is).
  • sadilak, on 01/07/2008, -0/+1AVAST is very good too. It is free and is the least resource hogging yet efficient Virus scanner out there. It does detect a few false positives, but then that is not really a bad thing.
  • MasteRR, on 01/08/2008, -0/+1Exactly. Although I'm still hoping someone will write a plugin for Thunderbird that will scan emails with ClamAV at least. Any coders reading this that want to try it?
  • BrainInAJar, on 01/08/2008, -0/+1incorrect. The GPL isn't /all/ uncertain. Most of it is quite clear and I've not denied that at all. The times it's been tested in court all fell under the bits that nobody quabbles about. What I'm getting at is that /some/ parts of it are uncertain.
  • inactive, on 01/07/2008, -0/+1 So true..I like the duck...BTW,that can't be a laying duck cause he is a drake.
  • Fetching more discussions...
    Show 51 - 74 of 74 discussions

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...


© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.