På dansk

Rohde vs Viasat on GPL/LGPL

Prologue

I bought the Samsung DSB-H670N satellite receiver which is sold by Viasat as their non-PVR solution for HD channels. I quickly found the box interesting since it included features like ethernet and USB, which were for "future use" according to the manual. I guess we all know that "future use" normally equals "never" and I decided to figure out what was really inside the box, and to see how much work was needed to get this unused hardware running. It came as no surprise to me that the box ran a Broadcom variant of the 2.6.12 Linux kernel and that they had even been so nice as to include busybox. I detailed some of my findings on the internet - including the software, hardware and security parts. At some point this was apparently picked up by the monitoring department at NDS, who designed the security solution and most likely a big part of the software. They decided to put two security investigators on the case and they paid me a visit. I was out shopping at the time of their visit and only saw them leaving the building where I live. The two investigators then thought it was a good idea to go to the place I work and snoop around there. Since this was after hours the gate was closed forcing them to hang out outside the premises. At some point one of my managers, who was working late that day, bumped into them as he was leaving work. Reluctantly they told him that they worked for NDS and wanted to speak with me.

The next day they finally got the brilliant idea that maybe contacting me would be a good idea instead of just trying to track me down. They called me up at work and I invited them to a meeting the same day. They never explicitly told me why they had contacted me, but with my knowledge of NDS I am guessing that the message they tried to convey is: We are watching you and we are not happy about the fact you are publically making details available regarding the software and security found inside the Samsung satellite receiver. Obviously this makes good sense as NDS is selling security solutions to pay-tv providers as part of their software offering. Maybe somebody should have told them that this could be complicated if you decide to base your software on GPL and LGPL parts.

A month later the security investigators decided to invite me out to dinner, and I found it hard to reject that offer. We had some nice discussions and at some point I brought the GPL/LGPL issues to their attention. Like trained professionals or more likely novices in the software field, they apparently had no idea what I was talking about. Statements and questions like "Maybe we bought a license to Linux" or "What is a Linux box?" probably summarizes the situation. They did, however, listen to what I had to say and they agreed to take the case to their legal department.

One month later they had still not contacted me with any updates in the case, and thus I decided to call them. I was told there were still no response from the legal department.

At this point I decided that further steps had to be taken to get this product in compliance with GPL/LGPL and this is where the case starts.

The Problem

The Samsung DSB-H670N is distributed with Linux and busybox, which are both under GPL. When you buy the product they do not mention it makes use of GPL/LGPL software and there is no offer to receive the corresponding source code. To make matters worse they have also statically linked the main binary in the box against uClibc.

The Case

August 3rd, 2009 - Since the Samsung box is actually distributed by Viasat A/S, I decided to send them a letter stating their possible infringements of the GPL/ LGPL and giving them suggestions on how to fix the situation. I owe a big thanks to Ole Tange for actually writing the contents of that letter.

August 11th, 2009 - No word from Viasat A/S and I am beginning to think this case will only be solved by taking legal action. I therefore contacted Martin von Haller Grønbæk, who is known for previously taking part in the legal case involving Kiss making use of parts of the GPL'ed MPlayer code in their products. Martin von Haller Grønbæk works for the legal company named Bender von Haller Dragsted and has a deep interest in Open Source. I have seen him give very interesting talks at Open Source conferences and found him to be the perfect match for this case. Luckily he also finds the case interesting and is most likely willing to take it.

August 14th, 2009 - The legal company BvHD is willing to take the case. We are starting to prepare the case and looking into the financial side of the project.

August 14th, 2009 - I have decided to go public with this case in the hope that it will make companies violating GPL a little more cooperative. In general people writing open source software are nice people that want to solve issues in a civilized manner. However it requires a dialog and this seems impossible to get without drawing lawyers into the game.

August 16th, 2009 - It has been brought to my attention that I do not state which part of the GPL code I am claiming copyright ownership on. I have some patches in the Linux kernel and a direct copyright notice in e.g. therm_adt746x.c. However my patches alone are not going to make a very strong case and it is my hope that big contributors to busybox and uClibc will help out making a bigger group of people who had their copyright violated. I have already contacted several people who have very clear violations of their copyright in the product, and we are looking to sue on their behalf too. But let me please be very clear about the fact that I would rather this case could be settled in a peaceful manner.

August 16th, 2009 - The discussion on slashdot has resulted in the following interesting post:

I work for NDS and I call bullshit on his story of "NDS investigators". What we do, we do well, and what we don't, we stay out of. As far as technical details: no kernel changes were made; the drivers are non-GPLed, using a small GPL'ed wrapper layer. The NDS software, which on these boxes runs entirely in user-space, is linked against the LGPL'ed uClibc. Busybox is used on the STB. All of the "glue" (such as busybox, boot scripts, etc) are provided by the broadcaster, STB manufacturer, and/or chipset vendor. The bootloader is not based on any Linux code.

So let us for a moment assume that the anonymous poster is actually telling the truth and let me comment on this:

  1. It is easy to call the story of the "NDS investigators" bullshit without backing it up. If anybody is interested in receiving a copy of a business card from one of the NDS security investigators then please contact me. I will not provide names or phone numbers to respect their privacy.
  2. NDS is aware of GPL and have even made attempts to work around the intentions of GPL. The module/GPL wrapper that is referred to is probably a file named callisto_gpl.ko. Would you make such a GPL wrapper if you did not understand the consequences of using GPL'ed software? I know that NDS is not the offender in this case, but I am pretty sure they work closely together with Viasat when delivering middleware and the security solution. Thus I can only reach the conclusion that Viasat knows pretty well, that they are distributing a box with GPL software inside
  3. We are told that the bootloader is not based on any Linux code, which is probably correct. But it would be more interesting to know if it contains any GPL code

August 17th, 2009 - The danish news site comon has done a very good article about the case. I am not going to translate it, but in it Viasat confirms they have received a letter stating they possibly violate GPL. Viasat has asked their main office in Sweden to discuss the case with Samsung.

I suggest they also contact Pace and do an internal audit of all the software they are distributing.

August 20th, 2009 - I received an e-mail from Samsung today and was given permission to post it:

Dear Mr. Rohde,

Please accept our deep apologies for the delayed response regarding Samsung DSB-H670N satellite receiver. Hope you understand the reason why our response could have been delayed owing to that Samsung did not received the any notice from Viasat nor NDS until recently, even though you were get in contact with NDS and Viasat to discuss GPL and LGPL matter. We are responding as soon as we can and again please forgive us for frustration you might experience through this incident.

First of all, we would like to emphasize the open source policy of Samsung like it always respects the Open Source Community's rights including individuals copyrights. In order to that, Samsung is doing the best to implement open source compliance procedure within the company so that it can be a good citizen of the free software society as well. we are sure that all of current and future DSB-H670N products are complying under GPL license. Please review the attached document (Open Source Announcement for DSB-H670N) currently distributed with DSB-H670N together. Of course, we are sorry again for Samsung DSB-H670N supplied to Viasat last year not to fully comply with GPL license obligation you pointed out. Samsung is willing to promise that it won't happen again.

If you have any comments or concerns regarding Samsung GPL license practice. please feel free to contact me directly.
Once again, Samsung apologize for any frustration may have caused you.

Included was a link to a Samsung open source web site which contains a tarball for the DSB-H670N. This is really great news and shows that Samsung is actually putting an effort into being compliant with GPL. However the tarball does not cover the complete set of GPL licensed software found in the box and the most striking piece is the Linux kernel. I have asked for this and was told the kernel should be uploaded by next week because the web manager is on vaction now.

August 20th, 2009 - The Danish cable provider yousee issued a new firmware for their non-PVR cable box today, which now includes some GPL statements in the menu. You can also find some firmware for the box, but as I do not own it, I am not able to see if the tarball is complete. Feel free to contact me if you have any knowledge about this.

August 21st, 2009 - Viasat has been very busy updating their homepage with information on the use of GPL licensed software in the Samsung and Pace satellite receivers. Here is the complete list of links for the nordic countries:

Sweden
Samsung DSB-H670N
Pace TDS850

Denmark
Samsung DSB-H670N
Pace TDS850

Norway
Samsung DSB-H670N
Pace TDS850

Finland
Samsung DSB-H670N
Pace TDS850

August 21st, 2009 - I would like to summarize issues, which I think still need to be settled:

  1. Samsung has promised to release the Linux kernel and uClibc next week.
  2. I am in a debate with Samsung regarding the cross-compiler used to build the software. When looking through this article I belive they should deliver a cross-compiler.
  3. The binary main application in the box is statically linked against uClibc, which is licensed under LGPL. If you take a look at the uClibc FAQ then they also need to supply an object file.
  4. Does the proprietary binary kernel module, which is included to make the Broadcom chip features available to user space, automatically get a GPL license attached to it? The box is delivered with a kernel module licensed under GPL and the proprietary module then calls into this module. Pretty clever.

August 22nd, 2009 - I decided to take a peek at SMT-H3106_H3126_opensrc.tar.gz, which is supposed to be the source for the Samsung box used by YouSee.
The tarball contains linux-2.6.17.14_stm22_0039.tar.gz, initrd.tar.gz and busybox-1.2.1.tar.gz. The kernel is fine, but I am not really sure why a binary version of the ramdisk was released. The busybox tarball just unpacks to the kernel and the initial ramdisk, which obviously must be a mistake.

August 23rd, 2009 - Samsung has confirmed that the tarball for the Samsung 3106/3126 does not contain the correct source code. With a little luck we should see a fix for this next week.

August 24th, 2009 - The Danish computer newspaper Computer World asked for a few statements today and should be featuring an article about open source licenses soon.
In the mean time I will have to wait patiently for the webmaster at Samsung to return from vacation.

August 25th, 2009 - Ole Tange has offered his assistance in validating the steps taken by Viasat to fix the GPL/LGPL issues. I am very happy to receive some help from his side as he has very good knowledge in these license issues.
Samsung has also updated the web site with a new file, which should contain the Linux kernel and uClibc. I would still like to see a cross-compiler included, but Samsung wants to discuss this with their legal department.
NDS will also look into the static linking against uClibc and should have an answer ready within a week.

August 26th, 2009 - The source code for the SMT-H3106/H3126 now contains the Linux kernel, busybox, uboot and a couple of extra tools used. I am not able to confirm if anything is missing, but to me it looks ok. Maybe glibc 2.5 is missing?
The tarball for the DSB-H670N also starts to look good to me. I will need some more time to dig through it though.

I am pleased with the way things are going right now.

August 28th, 2009 - I have had a more detailed look through the source code provided for the Samsung DSB-H670N and it looks good. Of course I would still appreciate to see a cross-compiler included and also there are still parts missing from NDS.
According to this article (in Danish) in Computer World, Stofa has also admitted to be violating GPL. They say it should be handled within the next couple of weeks.

September 2nd, 2009 - Unfortunately nothing new has happened in the case. NDS has asked for more time to evaluate their position and Viasat has chosen to be silent.
The Danish FiOS provider Smile Content has admitted in an article from the Danish magazine Computer World that they are also in violation of GPL. According to the article they are using a box from Motorola.

September 3rd, 2009 - I am happy to report that Viasat just sent me an e-mail saying that they plan to publish information in the next issue of Viasat News (sent to all subscribers) on the GPL issue. Hopefully I should receive a plan for this tomorrow.

September 5th, 2009 - NDS has completed their first investigation of my claims that they do static linking against uClibc 0.9.28 and has come to the conclusion, that there is a conflict with my claims and what the internal departments of NDS are saying. Therefore they will need to do a more thorough review of this matter. NDS does not give any hints to what the conflict might be.

The promised plan from Viasat regarding how customers will be informed on the usage of GPL software still seems to be incomplete. I have not received any information on when customers will be informed and how Viasat intends to inform customers in the future. They have promised to provide this information at some point in the future.

September 6th, 2009 - Seems Motorola has made a release of the source code for the vip19x0 series of boxes. It looks like a fine release with cross-compiler and good structure on the source code.
This release is a bit interesting since Stofa in Denmark sells the VIP 1920 for their cable solution.

September 11th, 2009 - A week without any updates from NDS or Viasat. Let us hope they are just hard at work.

September 17th, 2009 - I have begun a dialog with The Software Freedom Law Center in order to discuss GPL and LGPL enforcement. I am starting to lose faith in NDS and with some copyright holders behind me in the uClibc issue, things can hopefully take a turn in the right direction.

September 18th, 2009 - I received some news from Viasat on how they plan to inform the customers on the use of open source software.

Samsung will deliver updated manuals this month, with Open source information.

Pace will print double-sided A5 sheets with licensing information, to include in the current manuals. They will be delivered also during September.

Its Viasat's intention to make sure that our suppliers include licensing information in all future manuals for digital boxes utilising Open source software.

For our subscribers, Open source information about the Pace and Samsung boxes will be included in the next Viasat News, which goes to print on 30 September and will reach the subscribers in October.

September 21st, 2009 - A new firmware has been sent out to the Samsung box, which fixes the static linking issue. The build date is August 28th indicating that NDS has been working on this for some time. I can only wonder why they did not want to disclose this information.
The pace firmware has also been updated and the build date on this one is September 8th.

The project geeks

September 25th, 2009 - Wednesday I had a strategy meeting with the essential helpers in the case. The geeks you see in the picture are myself, Ole Tange, Henrik Brix Andersen and Martin von Haller Grønbæk.

We had very good meeting and decided on a strategy forward in the case. I will not post any specific details on what was actually discussed, but I am pretty sure the outcome should become clear when more work has been done.

September 29th, 2009 - I downloaded the Pace TDS850NV firmware yesterday and it still does static linking to uClibc. The Pace firmware that has a "fix" for this issue is for the TDS830NV.

October 3rd, 2009 - Danish cable provider Stofa has created an open source site for the Zaptor box (Motorola VIP-1920).

October 28th, 2009 - I just received a copy of Viasat News - the monthly magazine for subscribers. It contains a small notice saying that the Samsung STB and a couple of Pace STBs contain software based on open source. Then there is a reference to Viasat's web site related to the STBs and nothing more. I cannot see how this lives up to the GPL, but at least Viasat is trying to fix the violations.

November 4th, 2009 - Two days ago The Software Freedom Law Center joined Henrik Brix Andersen and myself on a tele conference to discuss the road ahead. Unfortunately Martin von Haller was not able to join in and we therefore did not discuss any legal aspects of the case.
The main conclusion from the meeting was that all parties would like to see full compliance, and we will schedule a new meeting soon to discuss the legal actions that may need to be taken.

December 27th, 2009 - Thanks to Bruce Perens I have received a login for ftp.pace.com with access to the following source code bundles: DS830NV_2.6.18-5.0, TDS850NV_2.6.12-4.0 and TDS855NV_2.6.12-4.0. Please drop me an e-mail if you would like a copy.

Present day - I think it is safe to say that this case is closed from my side. Let me start by summing up the positive outcome of this case:

On the negative side I have a couple of issues, which I am not too happy about:

Getting The Firmware

It is pretty easy to get hold of the firmware for the Samsung DSB-H670N if you have a satellite receiver capable of running dvbsnoop. Just follow these simple steps:

  1. Tune to transponder B18, 4.8e
  2. Download the firmware with dvbsnoop. At the moment it is sent on PID 1187 so you would do: dvbsnoop -b 1187 >samsung-raw.bin. The firmware size is around 10 MB.
  3. Stitch the firmware together with fw-stitch.c. This is a very basic program putting the blocks together and I have not added any sanity checks or CRC on the received blocks. This is left as an exercise to the reader. Compile it with gcc -o fw-switch fw-switch.c and run it with fw-switch < samsung-raw.bin > samsung-fw.bin
  4. So here are a few hints on extracting data from the firmware

If you have the Pace TDS830NV or Pace TDS855NV the approach is very similar. Download the firmware, stitch it together and look for the hex sequence 1f 8b 08 00 and unpack.

Contact

Should you have any questions please feel free to contact me. Most e-mails sent to this domain will reach me, but I suggest you use ihategplviolations@... I will not answer questions like "how do I get root access to my box" while the case is running. Also if you are a representative of Viasat I will also be very happy to discuss matters with you.

Possible infringements from Yousee and Stofa

Viasat A/S is not the only Danish company that is likely to infringe on GPL. Stofa also distributes a Motorola box in Denmark named "Zaptor", which is loaded with software like Linux and Mozilla Firefox. When I bought the Zaptor box I never received any GPL notices with it nor an offer to receive the source code.
With the latest release from Samsung done on August 26th, 2009 it seems YouSee are in pretty good shape with respect to following GPL/LGPL.

Links

Article from Wired in case you want to know more on how NDS operates.

BvHD is the legal company handling this case.

The Software Freedom Law Center