[blm]

I want to add something. I am sure that it will get obliterated by other people. I am not with anyone that uses grsecurity.

On the one hand I can imagine nothing more bitter than other people making money on your hard work.

However, isnt this how the whole thing goes? I mean there wouldn't be a linux kernel without the work of a whole bunch of companies. Did they get sponsorship money from you? grsecurity wouldn't exist without the work of a bunch of other people. Did grsecurity pass on money to other vendors that they rely on? What about people that wrote the drivers that grsecurity use when they did development.

Open source only works because people contribute to a shared base. In return for their contributions they get to use what others already contributed.

[halosghost]

It seems like you've missed the point. The problem isn't that companies are using the work without paying. The problem is that the unnamed companies are essentially lying in their marketing and violating the grsec trademark in the process.

This is not how FLOSS is supposed to go.

[blm]

Why do you think they are lying? Did the companies use not apply the grsecurity patches but claim they did?

If they did apply the patches AND used the grsecurity trademark in their brochures what is the problem? They arent misrepresenting grsecurity. They arent being derogatory in any way. Why can't you say that you have the kernel and you applied grsecurity patches?

It seems so funny when people are all about GPL code and "freedom" and yet act so precious about a "trademark" just like proprietary enterprises.

[teraflop]

The whole point of trademark law is that the owner of the trademark gets to control how it's used in commerce. If the mark is being used to advertise a company's product, grsecurity has the right to prohibit it; the company doesn't get to make the call.

This isn't a free-speech issue -- it's just a simple acknowledgement of the fact that consumers treat names, logos, branding etc. as indicators of a product's origin, and that there's a public interest in making those indicators accurate. You can refer to the trademark as long as you don't do so in a way that misrepresents your product. In this case, unless there are specific disclaimers to the contrary, a reasonable person would think "grsecurity" means "code released and approved by the grsecurity team", instead of a version that a third party has modified.

[bigiain]

From the post: "The aforementioned company has been using the grsecurity name all over its marketing material and blog posts to describe their backported, unsupported, unmaintained version in a version of Linux with other code modifications that haven't been evaluated by us for security impact. Simply put, it is NOT grsecurity"

There _are_ no "grsecurity patches" to apply for the system they're using the grsecurity trademark on.

Seems pretty clear cut from here.