summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBradley M. Kuhn <bkuhn@sfconservancy.org>2013-01-23 07:57:52 (GMT)
committer Denys Vlasenko <vda.linux@googlemail.com>2013-01-23 07:57:52 (GMT)
commit09ea33fdd63acbf5160090e8563c0a9a35ff7f6f (patch)
treea7330a96db2251df3d4177c932c01b4579f06a14
parentf08a3d2d2f96b0810786ea0f4519792d4d2ff835 (diff)
downloadbusybox-website-09ea33fdd63acbf5160090e8563c0a9a35ff7f6f.tar.gz
busybox-website-09ea33fdd63acbf5160090e8563c0a9a35ff7f6f.tar.bz2
Rewrite of license.html to reflect enforcement policies and general wording improvements.
This document was a bit stream-of-consciousness and was clearly written some time ago. It seems Denys has made minor improvements to this document in recent years, but it actually needs a complete overhaul. This commit isn't designed to be a complete overhaul at this time. The goal herein is just to remove some of the latent inaccuracies (such as out-of-date references to SFLC), and remove some of the more confusing parts of the advice that are probably off-point. Perhaps BusyBox might want to develop a comprehensive GPL FAQ of its own at some point. I don't think anyone has the time to invest in that currently, so these changes herein just seek to make the document up-to-date with current practices and procedures, but do not attempt a full rewrite at this time. Signed-off-by: Bradley M. Kuhn <bkuhn@sfconservancy.org> Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--license.html308
-rw-r--r--shame.html87
2 files changed, 129 insertions, 266 deletions
diff --git a/license.html b/license.html
index b806e25..d92088b 100644
--- a/license.html
+++ b/license.html
@@ -18,7 +18,8 @@ also read the <a href="http://www.gnu.org/licenses/gpl-faq.html">Frequently
Asked Questions about the GPL</a>.</p>
<p>If you distribute GPL-licensed software the license requires that you also
-distribute the source code to that GPL-licensed software. If you distribute
+distribute the complete, corresponding source code (as defined by GPL) to
+that GPL-licensed software. If you distribute
BusyBox without making the source code to the version you distribute available,
you violate the license terms, and thus infringe on the copyrights of BusyBox.
This requirement applies whether or not you modified BusyBox; either way the
@@ -26,24 +27,28 @@ license terms still apply to you.</p>
<h3><a name="enforce">License enforcement</a></h3>
-<p>BusyBox's copyrights are enforced by the <a href="http://sfconservancy.org">
-Software Freedom Conservancy</a> (you can contact them at gpl@busybox.net),
-which "accepts primary responsibility for enforcement of US copyrights on the
-software... and coordinates international copyright enforcement efforts for
-such works as necessary." If you distribute BusyBox in a way that doesn't
-comply with the terms of the license BusyBox is distributed under, expect to
-hear from these guys. Their entire reason for existing is to do pro-bono
-legal work for free/open source software projects. We used to list people who
-violate the BusyBox license in <a href="shame.html">The Hall of Shame</a>,
-but these days we find it much more effective to hand them over to the
-lawyers.</p>
-
-<p>Our enforcement efforts are aimed at bringing people into compliance with
-the BusyBox license. Open source software is under a different license from
-proprietary software, but if you violate that license you're still a software
-pirate and the law gives the vendor (us) some big sticks to play with. We
-don't want monetary awards, injunctions, or to generate bad PR for a company,
-unless that's the only way to get somebody that repeatedly ignores us to comply
+<p>BusyBox's copyrights are enforced
+by <a href="http://sfconservancy.org">Software Freedom Conservancy</a>
+(you can contact them
+at <a href="mailto:gpl@busybox.net">&lt;gpl@busybox.net&gt;</a>), which
+"accepts primary responsibility for enforcement of US copyrights on the
+software... and coordinates international copyright enforcement efforts
+for such works as necessary." If you distribute BusyBox in a way that
+doesn't comply with the terms of the license BusyBox is distributed under,
+expect to hear from Conservancy. Their entire reason for existing is to
+advance the public's access to Free and Open Source Software projects,
+which includes ensuring that the GPL is upheld for projects that pick GPL
+as its license. We used to list people who violate the BusyBox license
+in <a href="shame.html">The Hall of Shame</a>, but these days we find it
+much more effective to hand them over to our enforcement agent.</p>
+
+<p>Our enforcement efforts are aimed at bringing people into compliance
+with the BusyBox license. Open source software is under a different
+license from proprietary software, but if you violate that license you're
+still infringing copyright and the law gives the copyright holder the
+right to enforce our copyrights. We don't seek monetary awards,
+injunctions, or to generate bad PR for a company, <strong>unless</strong>
+that's the only way to get somebody that repeatedly ignores us to comply
with the license on our code.</p>
@@ -51,237 +56,154 @@ with the license on our code.</p>
What do we need to do in order to comply with BusyBox's license?</h3>
<p>First: DON'T PANIC. Complying with BusyBox's license is easy.
-Complying with BusyBox's license doesn't cost any money.
-If, after reading the license and this document something is not clear
-to you, please send emails with your questions to the BusyBox mailing lists.
-We will expand this document to cover them.
+Complying with BusyBox's license doesn't cost any money. If, after
+reading the license and this document something is not clear to you,
+please send emails with your questions
+to <a href="mailto:gpl@busybox.net">&lt;gpl@busybox.net&gt;</a> We will
+try to expand this document to cover them.
<p>If you are distributing the BusyBox binary, you also have to distribute
-the corresponding source code. If you modified the source, you have to
+the complete, corresponding source code. If you modified the source, you have to
distribute the modified source.
<p>The text of the license obliges you to provide source code for binaries you
distribute, and gives you exactly three options for providing source code.
These options are spelled out in section 3 of the LICENSE file in the BusyBox
source tarball:
+<ul>
+<li>3(a) bundle the complete, corresponding source with the binary.</li>
-<p>3A) bundle the complete corresponding source with the binary.
+<li>3(b) bundle a written offer good for three years to provide that
+source upon request. (These days this is often a URL).</li>
-<p>3B) bundle a written offer good for three years to provide source upon request
-(these days this is often a URL).
+<li>3(c) pass along somebody else's 3(b) offer.</li>
+</ul></p>
-<p>3C) point you users at the upstream source (i.e. pass along somebody else's 3B
-offer).
+<p>Using option 3(a), that is, putting exact BusyBox source and .config file
+you used to build the binary on the same medium which you use to ship the
+binary, plus <q>the scripts used to control compilation and installation
+of the executable</q> is the most bullet-proof approach to license
+compliance. If you do that, you can stop reading, your license
+obligations have likely been satisfied.
-<p>Using option 3A, that is, putting exact BusyBox source and .config file
-you used to build the binary on the same medium which you use to ship
-the binary, is the most bullet-proof approach to license compliance.
-If you do that, you can stop reading, your license obligations
-have been satisfied.
-
-<p>Option 3B makes sense if you do not distribute BusyBox binaries on a medium
+<p>Option 3(b) makes sense if you do not distribute BusyBox binaries on a medium
like CD-ROM, but instead ship them in a device's firmware.
Storing the source there might be an unacceptable waste of space.
In this case, add a note to the device's documentation that it uses
-open-source components and that their source can be downloaded
-from the company's website. Give exact URL to the page where it can be downloaded.
+open-source components and that you'll provide sources upon request.
+Ideally, we like it when you offer the source for downloaded
+from the company's website, with an exact URL to the page where it can be
+downloaded</p>
-<p>Regardless of whether you use option 3A or 3B, please make sure
+<p>Regardless of whether you use option 3(a) or 3(b), please make sure
you distribute the <em>exact</em> same source tree you used to build the binary.
It doesn't have to be a single archive. Indeed, most people distribute modified
sources in the form of unmodified busybox-N.N.N.tar.bz2 archive
-and a set of patches which add features or fix problems.
+and a set of patches which add features or fix problems.</p>
<p>If you added an applet, or an option to one of the applets in BusyBox,
or fixed a bug, and the source tree lacks this addition or fix,
-then you are not fulfilling GPLv2 requirements.
-
-<p>You can avoid having to distribute source by taking option 3C.
-However, option 3C has some restrictions, and if your company wants to be
-paranoid and be 100% sure everything is crystal clear about complying with
-the license, perhaps it should use options 3A or 3B.
+then you are not fulfilling GPLv2 requirements.</p>
+<p>You can avoid having to distribute source by taking option 3(c).
+However, option 3(c) has some restrictions, and can't be used if you
+distribute the software commercially. We recommend 3(c) only if you're an
+individual sharing your software with friends (something we encourage,
+BTW!)</p>
-<h3>Option 3C: using unmodified source</h3>
+<h3>Option 3(c): using unmodified source</h3>
-<p>Option 3C is what most open source people use, and it's so lenient lots of
-developers don't even think about it. Technically 3C is also full of
-restrictions (it's "allowed only for noncommercial distribution", and it only
-applies if you're redistributing a binary you didn't build yourself) intended
-to push people to use 3A or 3B, but the BusyBox project has generally let
+<p>Option 3(c) is what most open source people use, and it's so lenient lots of
+developers don't even think about it. Technically 3(c) is also full of
+restrictions (it's <q>allowed only for noncommercial distribution</q>, and it only
+applies if you're redistributing a binary you didn't build yourself), intended
+to push people to use 3(a) or 3(b), but the BusyBox project has generally let
those restrictions slide (as has most of the rest of the open source world)
-when dealing with people who are acting in good faith.
-
-<p>Using option 3C means identifying the specific version of the public source
-you used, where to get it from, and confirming that your binary was built from
-unmodified "vanilla" sources.
-
-<p>So if you built an unmodified BusyBox release and you point people at the URL
-to the SPECIFIC source tarball on busybox.net you built it from and truthfully
-say "that's it, no patches", we've accepted that as compliance even from
-commercial companies. (We're not really interested in forcing random strangers
-to mirror stuff we've already got. OSUOSL provides very nice high bandwidth
-hosting for us, and if they didn't there's always sourceforge and savannah and
-ibiblio and kernel.org and...)
-
-<p>Note that you must do all three parts: what version did you use, where can we
-get it from, and explicitly state that you did not modify it. Don't skip
-steps.
-
-<p>If you don't specify your version, we can't tell if you used some random git
-snapshot out of the development branch that was close to a release version but
-not quite.
-
-<p>If you don't explicitly say you didn't modify it, we could spend weeks combing
-through an assembly dump of your binary, or trying to find the exact cross-compiler
-version you used to produce a byte-for-byte identical file, but the
-license says we shouldn't have to. Proving a negative is a lot of work, and
-making us do this work would be shirking your obligations under GPLv2.
-
-<p>Even if you just backported changes out of the development branch, that's not
-a vanilla unmodified release. The component parts may already be public, but
-you have to give us enough information to understand what you did, and the
-opportunity to produce an equivalent binary from that source, or you're not
-complying with 3C.
-
-<p>The above is a fairly lenient interpretation of GPLv2 that works a bit like
-the BSD license's "advertising clause": that one required you to thank the
-University of California, this one requires you to identify the specific source
-code of the GPL binaries you distributed. The GPL actually allows us to be
-more draconian than this (for starters, clause 3C doesn't have to apply to
-commercial companies at all), but as long as everybody's acting in good faith
-most projects seem happy with just identifying the specific source for binaries
-built from an unmodified upstream version.
+when dealing with people who are acting non-commercially and are acting in good faith.</p>
<p>Most open source developers are lenient in this way because we actually prefer
-a good 3C compliance to a bad 3A compliance. We've all received tarballs of
-who knows what old version, with who knows what changes, and wasted an
-afternoon proving that "this is basically source control commit number BLAH,
-plus backports of commits blah, blah, blah, blah, and blah, plus they
-commented out these five lines, changed two default values that they could have
-overridden from the command line anyway, and added some debug statements."
-I.E. we just wasted three hours confirming there's nothing remotely interesting
-here that we didn't already know.
+a good 3(c) compliance to a bad 3(a) compliance.</p>
<p>Obviously if you did modify the source to the binary you distributed, and you
don't think you need to at least provide us a <em>patch</em>, you've missed the point
-of GPLv2 entirely. This is another incentive to get your patch merged, so you
-can ship a vanilla upstream version and not have to host your patch on your
-own website for 3 years after you stop distributing your product.
-
-<p>The next paragraph right after 3C essentially says you're supposed to give us
-your .config file as well, and sometimes we've asked for that as long as we're
-contacting people anyway. But to be honest, if we don't need to contact you to
-get the other stuff anyway, we seldom bother. (We can generally figure that one
-out for ourselves. I note that Linux kernel .configs are harder to reverse
-engineer, for that you'll probably need to provide a .config for to make the
-developers happy, but they put in a /proc/config.gz option to make it easy. :)
-
+of GPLv2 entirely.</p>
<h3>My company was distributing BusyBox binary without the source.
We are contacted by users asking for the source, and we don't have it.
Are we in trouble?</h3>
-<p>Not yet. But please stop doing that, and start distributing the source.
+<p>Not yet. But please stop doing that, and start distributing the source.</p>
-<p>The above is what happens when people are acting in good faith. I note
+<p>The above is what happens when people are acting in good faith. Note
that the GPL imposes upon you the obligation to provide source code
-<em>when you distribute</em>. Whether you're using 3A, 3B, or 3C, they all
-start "Accompany it with", meaning source goes with binary at time of
+<em>when you distribute</em>. Whether you're using 3(a), 3(b), or 3(c), they all
+start <q>Accompany it with</q> &mdash; meaning source goes with binary at time of
distribution. So if we get the binary from you and there's no <em>mention</em> of
source code, your distribution of that binary didn't comply with the terms of
the license. At that point, you're already in breach of the license terms,
and it's now about <em>fixing</em> it. So if we have to approach you after the fact
-to get this information, we have the option to be really nasty about it.
+to get this information, we have the option to be really nasty about it.</p>
<p>We're not <em>required</em> to be nasty, and we prefer not to. An honest mistake
-that a company is willing to fix is understandable, and as far as I know
-we've always started out with "excuse me, could you fix this please" and not
-made a fuss. Most of the time, it doesn't go beyond that, we get back an
-email "oh, sorry, it's version blah, and here's the three line patch we used
-to change a default value", and we're happy.
-
-<p>And some companies are disorganized but honest about it, and go "um, we lost
-track of this information and the guy who did it left the company, can you
-give us some time to dig it out of the archives?" And if they're making an
-honest effort, we're polite about that too.
-
+that a company is willing to fix is understandable, and we seek to work
+with you collaboratively to fix the problem.</p>
<h3>My company was distributing BusyBox binary without the source.
We are contacted by <em>your lawyers</em>. Are we in trouble?</h3>
<p>Yes, but it is not too bad yet. Stop being disorganized and fix
your licensing situation before it gets really nasty.
-As I already mentioned, DON'T PANIC. Complying with BusyBox's license is easy.
+As already mentioned, DON'T PANIC. Complying with BusyBox's license is easy.
Get your act together, fight with internal inertia inside your company
and it will be okay.
If you do not understand something, please send emails with your
-questions to the BusyBox mailing lists, or privately to maintainers
-if you want to keep it private. We will expand this document to cover them.
+questions to the BusyBox mailing lists, or privately to maintainers and
+Conservancy if you want to keep it private. We will expand this document to cover them.</p>
<p>However, you really cannot afford to be careless about complying with
-the license anymore.
-
-<p>Some companies ignore the polite requests entirely, and go all deer in the
-headlights on us, or maybe hope that if they ignore us long enough we'll go
-away. Those are the ones that the SFLC sends <em>impolite</em> requests to, asking
-for far more than the original request did back when they were being nice.
-
-<p>For starters, if the SFLC has to actually sue someone to get their attention,
-they bill them for expenses. (They have an office in New York City, you
-<em>really</em> don't want to go there). Also, they usually make the company appoint
-an "open source compliance officer" and deliver quarterly reports. And make
-them try to contact the old customers they shipped product to without source
-and let them know where the source is. All this is the lawyerly equivalent
-of "raising your voice to be heard". I've only seem them take the gloves off
-once. They've only <em>needed</em> to once.
+the license anymore.</p>
+
+<p>Some companies ignore the polite requests entirely, maybe hoping that if they ignore us long enough we'll go
+away. Those are the ones that Conservancy sends <em>impolite</em> requests to, asking
+for far more than the original request did back when they were being nice.</p>
+
+<p>For starters, if the Conservancy has to actually open an enforcement action to get
+their attention, the demands will increase.
+Conservancy will usually require the company appoint
+an &ldquo;open source compliance officer&rdquo; and deliver quarterly
+reports. And require contact to the old customers who received the product without source
+and let them know where the source is.</p>
<p>Some companies get in trouble because although they use an upstream
vanilla source tarball, they don't say what version it was, or they don't
-explicitly say it wasn't modified. Then when we approach them for more
-information, they don't understand what we could possibly want, and panic.
-(Panicing bad. Please don't panic, this is actually pretty easy to get
-right. Ignoring repeated polite requests is not going to end well. Please
-be polite <em>back</em>. Ask for clarification if you don't understand something,
-it's not an admission of weakness. If you ignore us until we stop knocking,
-these days it may mean we're getting the battering ram. This is not an
-improvement for anyone concerned.)
+explicitly say it wasn't modified, and they don't include &ldquo;the
+scripts used to control compilation and installation of the
+executable&rdquo;. Then when we approach them for more information, they
+don't understand what we could possibly want, and panic. Please don't
+panic; just work with us.</p>
<p>Another common failure mode is companies that redistribute some vendor board
support package they bought, and when we ask them they brush us off with "we
got it from a vendor, go bug our vendor, not our problem". Dude, you're
copying and distributing GPL code too. If the license is the only thing that
gives you permission to do that, then that license applies to you too.
-Really. If your vendor complied with the license terms but you didn't,
-you're not off the hook. This is not a scavenger hunt, nor is it the episode
-of M*A*S*H about getting tomato juice to Colonel Potter. We asked <em>you</em>, and
+If your vendor complied with the license terms but you didn't,
+you're not off the hook. We asked <em>you</em>, and
you have an obligation to provide this information. If you don't even know
-what it <em>is</em> when we ask, something is <em>wrong</em>. If you'd reprinted somebody
-else's documentation and stripped out BSD advertising clause notices, do you
-think you could then say "but the original PDF we got from our vendor had the
-notice in it, so we're ok, don't bother us"? Or would going "oops, here's
-one with the right data" be <em>your</em> responsibility? Fixing this is not <em>our</em>
+what it <em>is</em> when we ask, something is <em>wrong</em>. Fixing this is not <em>our</em>
job. "We ask, you answer" is us being <em>lenient</em>, the license technically
says we shouldn't have had to ask in the first place, you were supposed to
provide this info when you shipped. And even if we're letting you delegate
-the implementation, you can't delegate the <em>responsibility</em>. Don't make me
-look up how to spell "fiduciary". (And delegating it to <em>nobody</em> really
-isn't a solution. Asking us to track down an ex-employee of a defunct
-Taiwanese company where nobody spoke English just <em>doesn't go over well</em>...)
-
-<p>Sorry about that. Scars from the "hall of shame" days. We have lawyers now.
-They're very nice. Where was I?
+the implementation, you can't delegate the <em>responsibility</em>.</p>
<p>A company that wants to be legally paranoid will make a source CD for the GPL
portions of their entire product (build scripts, cross compiler toolchains,
-and all), and either include the CD in the box with the product (clause 3A)
+and all), and either include the CD in the box with the product (clause 3(a))
or put the ISO up on the web and mention the URL to it in their product's
-documentation (clause 3B). They don't need our say-so to be satisfied with
+documentation (clause 3(b)). They don't need our say-so to be satisfied with
that, even a strict reading of GPLv2 says that complies with the license
-terms. (You can probably even email the SFLC guys about what exactly should
-go on the CD, gpl@busybox.net) This is the "make it go away" preemptive
-nuclear strike approach, and probably a good idea for Fortune 500 companies
-that have their own legal department to do <em>anyway</em>.
+terms. (You can probably even email the Conservancy guys about what exactly should
+go on the CD via <a href="mailto:gpl@busybox.net">&lt;gpl@busybox.net&gt;</a>.)</p>
<h3><a name="good">A Good Example</a></h3>
@@ -304,40 +226,42 @@ product which uses BusyBox to our Products page. In order to be added there,
post a message to the BusyBox mailing list when the product ships.
While at it, the following information would cover the GPL licensing questions
about the product:
+<ul>
+<li>A) a description of the product (including the build environment: processor
+type, libc version, kernel version).</li>
-<p>A) a description of the product (including the build environment: processor
-type, libc version, kernel version).
-
-<p>B) identify the specific version of BusyBox it uses.
+<li>B) identify the specific version of BusyBox it uses.</li>
-<p>C) identify any modifications made to that version (either by linking to a
+<li>>C) identify any modifications made to that version (either by linking to a
nicely broken up series of "diff -u" patches on the web, or attaching the
-patches to the message, or explicitly saying it isn't modified).
+patches to the message, or explicitly saying it isn't modified).</li>
-<p>D) attach (or give URL to) the .config file you used to build the BusyBox binary.
+<li>>D) attach (or give URL to) the .config file you used to build the BusyBox binary.</li>
-<p>E) A link to your website.
+<li>E) A link to your website.</li>
-<p>This is the "being nice to the developers" approach, which acts as a sort of
-free advertising within the developer community.
+<li>This is the "being nice to the developers" approach, which acts as a sort of
+free advertising within the developer community.</li>
+</ul>
<p>You really can't go wrong with either approach: you can obey the letter of the
license according to a strict reading, or you can make the developers as
happy as possible so they not only have no reason to make trouble, but
-actually like you. (Heck, we won't complain if you do both. :)
+actually like you. (Heck, we won't complain if you do both. :)</p>
<h3><a name="version">Developer's note: GPL versions</a></h3>
<p>Version 2 of the GPL is the only version of the GPL which current versions
-of BusyBox may be distributed under. New code added to the tree is licensed
-GPL version 2, and the project's license is GPL version 2.</p>
+of BusyBox may be distributed under. New code added to the tree is
+usually licensed GPL version 2, and the project's license is GPL version 2.</p>
<p>If you are a developer and you want to use a small part of BusyBox
-source code in your project, please check the header comments of the source file(s)
+source code in your project, please check both the header comments and git logs
+of the source file(s)
you are taking code from. Even though BusyBox code, as a whole, can only be used
under GPL version 2, some individual files may have more permissive licenses:
-"GPL version 2 or later" - meaning that you can also reuse the code from this source file
+"GPL version 2 or later" &mdash; meaning that you can also reuse the code from this source file
for a project which is distributed under GPLv3, and "Public domain" -
the code in these files have no licensing restrictions whatsoever.</p>
diff --git a/shame.html b/shame.html
index d9da44b..34d4084 100644
--- a/shame.html
+++ b/shame.html
@@ -3,80 +3,19 @@
<h3>Hall of Shame!!!</h3>
-<p>This page is no longer updated, these days we forward this sort of
-thing to the <a href="http://www.softwarefreedom.org">Software Freedom Law
-Center</a> instead.</p>
-
-<p>The following products and/or projects appear to use BusyBox, but do not
-appear to release source code as required by the <a
-href="/license.html">BusyBox license</a>. This is a violation of the law!
-The distributors of these products are invited to contact <a href=
-"mailto:andersen@codepoet.org">Erik Andersen</a> if they have any confusion
-as to what is needed to bring their products into compliance, or if they have
-already brought their product into compliance and wish to be removed from the
-Hall of Shame.
-
-<p>
-
-Here are the details of <a href="/license.html">exactly how to comply
-with the BusyBox license</a>, so there should be no question as to
-exactly what is expected.
-Complying with the Busybox license is easy and completely free, so the
-companies listed below should be ashamed of themselves. Furthermore, each
-product listed here is subject to being legally ordered to cease and desist
-distribution for violation of copyright law, and the distributor of each
-product is subject to being sued for statutory copyright infringement damages
-of up to $150,000 per work plus legal fees. Nobody wants to be sued, and <a
-href="mailto:andersen@codepoet.org">Erik</a> certainly would prefer to spend
-his time doing better things than sue people. But he will sue if forced to
-do so to maintain compliance.
-
-<p>
-
-Do everyone a favor and don't break the law -- if you use busybox, comply with
-the busybox license by releasing the source code with your product.
-
-<p>
-
-<ul>
-
- <li><a href="http://www.trittontechnologies.com/products.html">Tritton Technologies NAS120</a>
- <br>see <a href="http://www.ussg.iu.edu/hypermail/linux/kernel/0404.0/1611.html">here for details</a>
- <li><a href="http://www.macsense.com/product/homepod/">Macsense HomePod</a>
- <br>with details
- <a href="http://developer.gloolabs.com/modules.php?op=modload&amp;name=Forums&amp;file=viewtopic&amp;topic=123&amp;forum=7">here</a>
- <li><a href="http://www.cpx.com/products.asp?c=Wireless+Products">Compex Wireless Products</a>
- <br>appears to be running v0.60.5 with Linux version 2.4.20-uc0 on ColdFire,
- but no source code is mentioned or offered.
- <li><a href="http://www.inventel.com/en/product/datasheet/10/">Inventel DW 200 wireless/ADSL router</a>
- <li><a href="http://www.sweex.com/product.asp">Sweex DSL router</a>
- <br>appears to be running BusyBox v1.00-pre2 and udhcpd, but no source
- code is mentioned or offered.
- <li><a href="http://www.trendware.com/products/TEW-410APB.htm">TRENDnet TEW-410APB</a>
- </li><li><a href="http://www.hauppauge.com/Pages/products/data_mediamvp.html">Hauppauge Media MVP</a>
- <br>Hauppauge contacted me on 16 Dec 2003, and claims to be working on resolving this problem.
- </li><li><a href="http://www.hitex.com/download/adescom/data/">TriCore</a>
- </li><li><a href="http://www.allnet.de/">ALLNET 0186 wireless router</a>
- </li><li><a href="http://www.dmmtv.com/">Dreambox DM7000S DVB Satellite Receiver</a>
- <br> Dream Multimedia contacted me on 22 Dec 2003 and is working on resolving this problem.
- <br> Source _may_ be here: http://cvs.tuxbox.org/cgi-bin/viewcvs.cgi/tuxbox/cdk/
- </li><li><a href="http://testing.lkml.org/slashdot.php?mid=331690">Sigma Designs EM8500 based DVD players</a>
- <br>Source for the Sigma Designs reference platform is found here<br>
- <a href="http://www.uclinux.org/pub/uClinux/ports/arm/EM8500/uClinux-2.4-sigma.tar.gz">uClinux-2.4-sigma.tar.gz</a>, so while Sigma Designs itself appears to be in compliance, as far as I can tell,
- no vendors of Sigma Designs EM8500 based devices actually comply with the GPL....
- </li><li><a href="http://testing.lkml.org/slashdot.php?mid=433790">Liteon LVD2001 DVD player using the Sigma Designs EM8500</a>
- </li><li><a href="http://www.rimax.net/">Rimax DVD players using the Sigma Designs EM8500</a>
- </li><li><a href="http://www.vinc.us/">Bravo DVD players using the Sigma Designs EM8500</a>
- </li><li><a href="http://www.hb-direct.com/">H&amp;B DX3110 Divx player based on Sigma Designs EM8500</a>
- </li><li><a href="http://www.recospa.it/mdpro1/index.php">United *DVX4066 mpeg4 capable DVD players</a>
- </li><li><a href="http://www.a-link.com/RR64AP.html">Avaks alink Roadrunner 64</a>
- <br> Partial source available, based on source distributed under NDA from <a href="http://www.lsilogic.com/products/dsl_platform_solutions/hb_linuxr2_2.html"> LSILogic</a>. Why the NDA LSILogic, what are you hiding ?
- <br>To verify the Avaks infrigment see my slashdot <a href="http://slashdot.org/~bug1/journal/">journal</a>.
- <br>The ZipIt wireless IM device appears to be using Busybox-1.00-pre1 in the ramdisk, however no source has been made available.
- </li><li>Undoubtedly there are others... Please report them so we can shame them (or if necessary sue them) into compliance.
-
-</ul>
-
+<p>This page is no longer updated, these days, BusyBox handles enforcement
+ of our license via our fiscal sponsor, thing to
+ the <a href="http://sfconservancy.org"> Software Freedom Conservancy</a>
+ instead. Please
+ email <a href="mailto:gpl@busybox.net">&lt;gpl@busybox.net&gt; if you
+ believe you've found a violation of <a href="/license.html">BusyBox's
+ license</a>, the GPLv2.</p>
+
+<p>Previously, this page listed products that included BusyBox but
+ included neither source code nor offer for one. The BusyBox project
+ has decided to not publicly shame companies until Conservancy has an
+ opportunity to talk privately with companies who violate the GPL to
+ convince them to comply with BusyBox's license.</p>
<!--#include file="footer.html" -->