On 13/02/16 00:09, BALATON Zoltan wrote:
On Fri, 12 Feb 2016, Tarl Neustaedter wrote:
The presence of "copyright <company>" in plain text in either sources or binary attracts lawyer's attention. When I was employed by Oracle, had we been interested in picking up OpenBios sources for some reason (a couple of projects suggested it a couple of times), the presence of "copyright apple" (with or without a year, with or without a comment saying "we don't mean it") would have flat completely blocked any such attempt.
Even if the plain text string says:
Copyright IS NOT BY Apple Computer, Inc; THIS STRING IS JUST FOR COMPATIBILITY WITH MacOS
or something like that? So it's not a comment with a string that looks like a copyright message but actually clearly not a copyright message.
You're better off with an obfuscated string which doesn't match blind string comparisons.
I think we don't agree on this (they will find it anyway once they list the device tree from anything they boot with it so I don't think obfuscation solves any problem just tries to hide it) but as I've said I don't mind it either way just think the obfuscation is ugly and probably unnecessary overcautiousness (is that a word in English?) until there's some evidence that it's needed. And we could still add that complication when there is some evidence in the future.
I would say that my experience more closely matches Tarl's in this respect in that a written copyright statement in source code does cause problems during an audit, regardless of the intent behind it.
Remember that most legal people are not software engineers (and vice-versa too) so if they come across a verbatim copyright notice in the code then it can cause problems, particularly if the people examining the source code do not have a software background. In my experience this comes down to a difference of green-lighting a project straight away compared with months of legal delay. Having said that I would expect any competent legal technical firm to eventually find in favour of OpenBIOS, but IANAL and it takes time.
As I mentioned before, I'm fairly sure that Apple aren't losing too many sleepless nights over this. It is possible to spend a lot more engineering time on this (self-destructing properties on read, anyone?) but I think the proposed patch is currently a good compromise with respect to an afternoon's coding and being able to remove explicit references from the source code.
ATB,
Mark.