[hmmmmhmm]

How can we trust that the SF Conservancy, or its successors, won't do something untoward with the copyright assignment?

Looking at their list of sponsors doesn't exactly assuage any such doubts as to their trustworthiness either.

[walterbell]

Prior instance of principal-agent problem in open-source, https://lunduke.substack.com/p/linux-foundation-spends-just-...

> The Linux Foundation — the organization that effectively controls Linux and employs the creator of Linux — only spends 3.4% [of $177M] on… Linux.

Is the proposed SFC copyright assignment intended to be temporary, e.g. could it be returned to the creator after a legal case is won? Why is it not sufficient for SFC to represent the copyright owner? Would joint/minority ownership be an option?

Leaving aside legal concerns, could code maintainers possibly lose the ability to steward their OSS community and set governance policy, after they surrender copyright?

[swores]

You've linked to an article that is very clearly written in bad faith because it dislikes decisions being taken by the Linux organisation, not because they are actually dumb enough to think that a 3.4% line item for "linux kernel development" means that's all they spend on linux. Urgh.

[mikeyouse]

I’m not sure what that tells you in the best case though.. They could surely break out a line for Kernel, but then does the investment in Automotive Grade Linux count? Or Civil Infrastructure Project? Or whatever that new OpenSSF project is? If they spend $10M on hosting OSSNA, should that count? Does money spent supporting K8s somehow detract from the kernel work?

It’s just such a weird flawed premise of a measure I can’t imagine how it’d be useful in determining anything about their motivations.

[walterbell]

Could you recommend another article with a better breakdown of Linux spending by LF? It's not exactly a popular or risk-free topic for tech journalists, since many tech companies sponsor LF projects.

[throwaway82652]

You can just look up the Linux Foundation's tax statements, they're publicly available.

Bryan Lunduke's recent writings are a bad source, they consist almost entirely of reactionary trolling. No idea why he gets any readership.

[benmanns]

Linux Foundation's 2018 Form 990 (latest available): https://apps.irs.gov/pub/epostcard/cor/460503801_201812_990O...

Accessible via: https://apps.irs.gov/app/eos/detailsPage?ein=460503801&name=...

You can find other non-profits here: https://apps.irs.gov/app/eos/allSearch

[overboard2]

What is reactionary trolling, why is it bad, and why are his articles an example of it?

[throwaway82652]

It's the same kind of unsourced low-information content focused on personal grievances that you would find in an angry twitter or 4chan comment. It's just intellectually lazy and bad writing, this person is smart enough not to do it but does it anyway. If you need me to explain why this is undesirable, then we probably don't have much else to talk about.

[rahimnathwani]

Even if you consider all the information in the linked article, the 3.4% is misleading. There's no indication that 100% of the linux-related work the Linux Foundation does falls into the 'linux kernel support' bucket.

More to the point, the foundation's web site doesn't say that its mission relates to Linux. It talks about software communities, open source etc.

[walterbell]

It would be helpful for LF to provide a summary of Linux-related spending that is distinct from kernel development. Obviously not an easy line to draw, but better that LF draws the line than external observers.

[skrtskrt]

They also run training courses and certificates through that that horrific EdX website… blecch

[MichaelBurge]

"Something untoward" is a bit vague. You have to specify who's being threatened at the very least.

* For project maintainers: The SF Conservancy can't prevent developers from working on their own project, because it is GPL-licensed and copyright holders can't retract GPL licensing once it's been given.

* For end-users: The GPL is a copyright license, not a EULA. So it only affects developers.

* For businesses that distribute software with changes: The risk of being sued by a copyright troll that buys the rights isn't an existential risk, because they can always keep using and fork an old GPL'd version.

[dolni]

> * For project maintainers: The SF Conservancy can't prevent developers from working on their own project, because it is GPL-licensed and copyright holders can't retract GPL licensing once it's been given.

No, they can't retract your permission to use your own software, but they can prevent you from going after infringing parties if SF Conservancy holds the copyright.

And at that point, why assign them copyright at all?

[lakecresva]

Because 99.9% of developers aren't willing to suffer the time and expense of investigating violations and enforcing their copyrights in federal court.

[dolni]

So why can't the SF Conservancy assist by making resources available to developers who are interested?

If pro bono legal representation were provided, I wager a number of developers would take up that offer.

[lakecresva]

I can't speak for them, but I can tell you that would add an enormous amount of overhead and risk for the lawyers involved. If you assign them your copyrights, their job is just to find GPL violations from the pool of projects they have the rights to and then initiate an action in court, which they do for a living. Without assignment, they can no longer proactively investigate with any reasonable chance of success, and they have to find a violation that's in a goldilocks zone; they need a GPL author whose rights have been violated and is willing to make a long term commitment to actively participating in litigation, that they know will communicate with them as needed, and who won't suddenly move to Nepal or be convinced by people online that they need to drop the suit or something.

[robonerd]

If the developer owns the code: The violator may offer to make things right by releasing the code. The developer may choose to accept this offer, leaving the lawyer with little.

If the lawyer owns the code: The violator's offer to simply release the code is refused by the lawyers, who go for the jugular and try to bleed the violating company for as much money as they can.

[charcircuit]

>copyright holders can't retract GPL licensing once it's been given

This is only true for GPLv3, and not GPLv2.

[robocat]

A specialist lawyer paid to investigate the subject and write their legal opinion says GPLv2 can’t be revoked (section 7.4 GPLv2 Irrevocability): https://copyleft.org/guide/comprehensive-gpl-guidech8.html#x...

Of course, many other non-specialists have contrary opinions. If you have a link to a legal opinion to the contrary (by a lawyer skilled in the relevant areas), could you please share it?

[charcircuit]

No, I don't. I was just going off what I have read in the past. I didn't follow it too closely.

[RHSeeger]

Do you have any reliable sources for that being the case? Everything I've read, pretty much ever, about the GPLv2 indicates that the version of code released under the GPLv2 is forever available under the GPLv2. You can change the license, but people are always free to use the last version that was released under GPLv2.

[charcircuit]

I don't know off the top of my head but searching for "rescinding the GPL" should turn some stuff up. It's at least a grey area.

[MichaelBurge]

So any Linux kernel contributor in the last 30 years can pull their license and force an immediate "emergency rewrite" of everything they've contributed? Since other Linux developers would no longer have a license to use it?

That seems unlikely, or somebody would do it just for the laughs. (I certainly would)

[charcircuit]

There were threats of it around the time the CoC was added.

[MichaelBurge]

That sounds like internet drama and not a serious threat. I think they're powerless to do anything.

[astrange]

Your heirs can always get it back in 35 years using copyright termination.