Re: TG3 firmware report...
Matthew Garrett wrote:
> Florian Weimer <firstname.lastname@example.org> wrote:
>> * Nathanael Nerode:
>>> Until they do one of these two things, the firmware is not safe to
>> Of course it is safe to distribute. What do you fear? That Broadcom
>> might sue you for distributing something that they have written and
>> released under the GPL, and actually have a case?
Yes. They would have an excellent case. They didn't grant explicit
permission to distribute without source. I don't have source, so I'd
better not distribute. If I were defending myself, I'd have to claim that
they'd granted implicit permission, and I don't think I'd have better than
a 50-50 chance of winning; see below.
>> They might as well
>> sue Debian because the toolchain supports the SB-1 architecture.
> Indeed. It's obviously the intention of the licensor to provide code
> that can be distributed.
Maybe it's obvious to you. It's certainly not obvious to me.
In actual fact, Broadcom released the firmware code under a license which
does not grant permission to redistribute. (It requires source but the
source is not provided; see Thomas Bushnell's message which summarizes the
situation at http://lists.debian.org/debian-devel/2004/10/msg00705.html .)
To me, this means that Broadcom didn't know what the hell it was doing. I
cannot divine Broadcom's actual intentions from that, and Broadcom can
easily and convincingly claim that it intended something different from
what you assume.
If Broadcom (or some irresponsible successor company; think SCO) decided to
sue for copyright infringement, they could claim that they had never
intended to allow people in general to redistribute the firmware without
source -- that it was just for them to distribute, and perhaps for
kernel.org as well -- that any further distribution was inadvertent -- and
they would actually have a pretty good case, as far as I can tell.
(Of course, if you get an actual legal opinion from a copyright lawyer
saying differently, I will of course concede, since IANAL.)
Now, if Broadcom could be contacted, and they said, "Oh, we meant to allow
anyone to redistribute the hex/binary blobs without further source code,"
that would be different. Then it would be safe to distribute with a copy
of that statement.
I have not been able to get such a clarification from Broadcom, and I have
tried. If you can get such a clarification, more power to you.
This space intentionally left blank.