[OpenBIOS] [PATCH 0/7] ppc: improve fake copyright message handling

Mark Cave-Ayland mark.cave-ayland at ilande.co.uk
Sat Feb 13 10:54:34 CET 2016


On 13/02/16 00:09, BALATON Zoltan wrote:

> On Fri, 12 Feb 2016, Tarl Neustaedter wrote:
>> The presence of "copyright <company>" in plain text in either sources or
>> binary attracts lawyer's attention. When I was employed by Oracle, had
>> we been interested in picking up OpenBios sources for some reason (a
>> couple of projects suggested it a couple of times), the presence of
>> "copyright apple" (with or without a year, with or without a comment
>> saying "we don't mean it") would have flat completely blocked any such
>> attempt.
> 
> Even if the plain text string says:
> 
> Copyright IS NOT BY Apple Computer, Inc; THIS STRING IS JUST FOR
> COMPATIBILITY WITH MacOS
> 
> or something like that? So it's not a comment with a string that looks
> like a copyright message but actually clearly not a copyright message.
> 
>> You're better off with an obfuscated string which doesn't match blind
>> string comparisons.
> 
> I think we don't agree on this (they will find it anyway once they list
> the device tree from anything they boot with it so I don't think
> obfuscation solves any problem just tries to hide it) but as I've said I
> don't mind it either way just think the obfuscation is ugly and probably
> unnecessary overcautiousness (is that a word in English?) until there's
> some evidence that it's needed. And we could still add that complication
> when there is some evidence in the future.

I would say that my experience more closely matches Tarl's in this
respect in that a written copyright statement in source code does cause
problems during an audit, regardless of the intent behind it.

Remember that most legal people are not software engineers (and
vice-versa too) so if they come across a verbatim copyright notice in
the code then it can cause problems, particularly if the people
examining the source code do not have a software background. In my
experience this comes down to a difference of green-lighting a project
straight away compared with months of legal delay. Having said that I
would expect any competent legal technical firm to eventually find in
favour of OpenBIOS, but IANAL and it takes time.

As I mentioned before, I'm fairly sure that Apple aren't losing too many
sleepless nights over this. It is possible to spend a lot more
engineering time on this (self-destructing properties on read, anyone?)
but I think the proposed patch is currently a good compromise with
respect to an afternoon's coding and being able to remove explicit
references from the source code.


ATB,

Mark.




More information about the OpenBIOS mailing list