summaryrefslogtreecommitdiff
path: root/2009/gpl-compliance-kr2009/gpl-compliance.mgp
blob: 8b6bf025f1195b6fe5e52fbde3520bb9492cb915 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
%include "default.mgp"
%default 1 bgrad
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
%nodefault
%back "blue"

%center
%size 7


GPL Workshop
How to (not?) use Free Software


%center
%size 4
by

Harald Welte <laforge@gpl-violations.org>



%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Contents

	About the speaker
	Ideas / Goals of the GPL
	How to (not) use GPL Software
	Complete Source Code
	Derivative Works
	Collective Works
	GPL and Embedded Systems
	The biggest GPL Myths
	Thanks

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to (not) use GPL Software
Introduction


Who is speaking to you?

		an independent Free Software developer
		who earns his living off Free Software since 1997
		who is one of the authors of the Linux kernel firewall system called netfilter/iptables
		who has started gpl-violations.org to enforce license compliance
		who IS NOT A LAWYER

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Disclaimer

Legal Disclaimer

		All information presented here is provided on an as-is basis
		There is no warranty for correctness of legal information
		The author is not a lawyer
		This does not comprise legal advise
		The authors' experience is limited to German copyright law

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Ideas and Goals of the GNU GPL

	Free Software
		Software that has fundamental freedoms:
			to use it for any purpose
			to "help your neighbour" (i.e. make copies)
			to study it's functionality (reading source code)
			to fix it myself (make modifications and run them)

	Copyleft
		Is the legal idea to 
			exercising copyright to grant the above freedoms
			assure that nobody can take away the freedom

	The GNU General Public License
		Is a legal instrument to apply they copyleft idea on software


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
The GNU GPL revisited

Revisiting the GNU General Public License
	Regulates distribution of copyrighted code, not usage
	Allows distribution of source code and modified source code
		The license itself is mentioned
		A copy of the license accompanies every copy
	Allows distribution of binaries or modified binaries, if
		The license itself is mentioned
		A copy of the license accompanies every copy
		The complete source code is either included with the copy (alternatively a written offer to send the source code on request to any 3rd party)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Complete Source Code

%size 3
"... complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable."

	For standard C-language programs, this means:
		Source Code
		Makefiles
		compile-time Configuration (such as kernel .config)

	General Rule:
		Intent of License is to enable user to run modified versions of the program.  They need to be enabled to do so.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Derivative Works

	What is a derivative work?
		Not dependent on any particular kind of technology (static/dynamic linking, dlopen, whatever)
		Even while the modification can itself be a copyrightable work, the combination with GPL-licensed code is subject to GPL.
		As soon as code is written for a specific non-standard API (such as the iptables plugin API), there is significant indication for a derivative work
		This position has been successfully enforced out-of-court with two Vendors so far (iptables modules/plugins).

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Derivative Works

	Binary-only kernel modules
		In-kernel proprietary code (binary kernel modules) are hard to claim GPL compliant
		Case-by-case analysis required, as the level of integration into the GPL licensed kernel code depends on particular case
		IBM is in the process of getting rid of all binary-only kernel modules.  There are exceptions, but they are very clear ones (such as a filesystem port to linux, where the filesystem code already existed under another OS)
		There is no general acceptance or tolerance to binary-only kernel modules in the Linux (development) community.  Not even Linus himself has ever granted an exception for such modules!


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Derivative Works

	Glue Code
		Acts as glue layer between GPL licensed code and proprietary code
		Some Vendors think they can avoid the GPL by doing so
		Is definitely not a bullet-proof legal solution, especially when it is clearly visible that the only purpose of this glue code is to "get rid" of the GPL.

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Derivative Works

	Moral Issues
		Apart from what is legally possible, there are moral issues
		Even if in a particular case there is no legal way to claim a binary-only kernel module is a derivative work, you might still be acting against the authors' wishes
		By shipping binary-only kernel modules, you violate the "moral code of conduct" of the Free Software community
		But it is the work of this very community that enables you to build your product based on Free Software
		Such action might have long-term detrimental effects on the motivation of FOSS developers (dissatisfaction, demotivation, ...)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Collective Works

%size 3
"... it is not the intent .. to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works ..."

	GPL controls "collective works"

%size 3
"... mere aggregation of another work ... with the program on a volume of a storage or distribution medium does not bring the other work und the scope of this license"

	GPL allows "mere aggregation"
		like a general-porpose GNU/Linux distribution (SuSE, Red Hat, ...)


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
GPL And Embedded Systems

	Historical background:
		The GPL was written for userspace programs running on existing operating systems
		Covering a whole OS (and even userspace programs) is not an ideal match, but if you read it carefully it still makes sense

	Toolchain:
%size 3
"... the source code distributed need not include anything that is normally
distributed (in either source or binary form) with the major components
(compiler, kernel, and so on) of the operating system on which the executable
runs, unless that component itself accompanies the executable."
		Practical case:
			You've modified gcc for a specific embedded platform
			Therefore, this gcc is not "normally distributed with the operating system" and you have to distribute it together with the source code
			gcc itself is covered under GPL, so you need to provide binaries and source code(!)


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
GPL And Embedded Systems

	The "Scripts"
		(scripts to control compilation and installation, see earlier slide)
		In case of embedded hardware, the "scripts" include:
			Tools for generating the firmware binary from the source (even if they are technically no 'scripts')


	Embedded DRM
		Intent of License is to enable user to run modified versions of the program.  They need to be enabled to do so.
		Result: Signing binaries and only accepting signed versions from the bootloader (without providing the signature key or a possibility to set a new key in the bootloader) is not acceptable!


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Practical Source Code Offer

	Some Rules
		The "complete corresponding source code" has to be made available 
		It has to be made available for each and every object-code version that was distributed
		If you strip down the source code offer (e.g. remove proprietary source code), try to see whether the result actually compiles
		If the product is mixed free / proprietary software, consider including the proprietary parts (as object code) in the "source code package", so the full firmware image can be rebuilt without having to tear apart an existing image and ripping out those proprietary programs from there.


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
The biggest myths about the GPL

The biggest myths about the GPL
	The GPL is not enforcible
	Software licensed under GPL has no copyright
	Unmodified distribution does not require source code availability
	The vendor can wait for a source code request (without offering it)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
The most common mistakes

The most common mistakes
		not even once reading the GPL text and/or the FAQ from the FSF
		not including the GPL license text with the product
		not including a written offer with the product
		not considering that the GPL also applies to software updates
		only providing original source code (e.g. vanilla kernel.org kernel)
		not including the "scripts to control installation"
		only providing off-site hyperlinks to license and/ore source code
		not responding to support requests for source code
		charging rediculously high fees for physical shipping of source code

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
License Compatibility

	There's lots of Free Software available
		Different Software uses different Licenses:
			Linux: GPL
			glibc: LGPL
			apache: Apache Software License
			Perl: Artistic
			ucd-snmp: BSD
		If you combine (i.e. link) differently-licensed software,
			check license compatibility
			in case of doubt, ask legal person and/or contact software authors
			authors might give you an exception or consider making licenses compatible


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
How to (not) use GPL Software
Dual Licensing

	The copyright holder (often the original author) can provide alternative licensing
	Some projects do this as a business model (reiserfs, MySQL)
	In some projects it's impossible due to the extremely distributed copyright (e.g. Linux kernel)
	However, in smaller projects it never hurts to ask whether there would be interest in providing an alternative (non-copyleft) licensing

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
The GNU GPL Revisited
GPL Violations

	When do I violate the license
		when one ore more of the obligations are not fulfilled

	What risk do I take if I violate the license?
		the GPL automatically revokes any usage right
		any copyright holder can obtain a preliminary injunction banning distribution of the infringing product

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Past GPL enforcement

Past GPL enforcement

		GPL violations are nothing new, as GPL licensed software is nothing new.
		However, the recent GNU/Linux hype made GPL licensed software used more often
		The FSF enforces GPL violations of code on which they hold the copyright
			silently, without public notice
			in lengthy negotiations

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
The Linksys case


	During 2003 the "Linksys" case drew a lot of attention
		Linksys was selling 802.11 WLAN Acces Ponts / Routers
		Lots of GPL licensed software embedded in the device (included Linux, uClibc, busybox, iptables, ...)
		FSF led alliance took the usual "quiet" approach 
		Linksys bought itself a lot of time
		Some source code was released two months later
		About four months later, full GPL compliance was achieved

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
The Linksys case

	Some developers didn't agree with this approach
		not enough publicity
		violators don't loose anything by first not complying and wait for the FSF
		four months delay is too much for low product lifecycles in WLAN world
	The netfilter/iptables project started to do their own enforcement in more cases that were coming up

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Enforcement case timeline

	In chronological order
		some user sends us a note he found our code somewhere
		reverse engineering of firmware images
		test purchase to verify device ships gpl-incompliant
		sending the infringing organization a warning notice
		wait for them to sign a statement to cease and desist
		if no statement is signed
			contract technical expert to do a study
			apply for a preliminary injunction
		if statement was signed
			try to work out the details 
			grace period for boxes in stock possible
			try to indicate that a donation would be good PR

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Sucess so far

	Success so far
		amicable agreements with a number (35+) of companies
			some of which made significant donations to charitable organizations of the free software community
		preliminary injunction against Sitecom, Sitecom also lost appeals case 
		court decision of munich district court in Sitecom appeals case
		three more preliminary injunctions 
		more settled cases (not public yet)
		negotiating in more cases
		public awareness 

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Cases so far (1/3)


		Allnet GmbH
		Siemens AG
		Fujitsu-Siemens Computers GmbH
		Axis A.B.
		Securepoint GmbH
		U.S.Robotics Germany GmbH
		Netgear GmbH
		Belkin Compnents GmbH
		Asus GmbH
		Gateprotect GmbH
		Sitecom GmbH / B.V.
		TomTom B.V.
		Gigabyte Technologies GmbH

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Cases so far (2/3)


		Sun Deutschland GmbH
		Open-E GmbH
		Siemens AG (second case)
		Deutsche Telekom AG
		Hitachi Inc.
		Tecom Inc.
		ARP Datacon GmbH
		Conceptronic B.V.
		D-Link GmbH
		Adaptec Deutschland GmbH
		Belkin Compnents GmbH (second case)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Cases so far (3/3)


		Siemens AG (third case)
		TARGA GmbH
		Medion AG
		naviflash GmbH
		Maxtor Inc.
		Cisco Deutschland GmbH
		Fortinet
		naviflash GmbH
		iRiver Europe GmbH
		Cisco Deutschland GmbH (second case)
		Acer Deutschland GmbH
		SMC Networks GmbH

		>= 100 more not public


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
What we've learned


	Copyleft-style licenses can be enforced!
	A lot of companies don't take Free Software licenses seriously
		Even corporations with large legal departments who should know
		Reasons unclear, probably the financial risk of infringement was considered less than the expected gains
	The FUD spread about "GPL not holding up in court" has disappeared



%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Future GPL Enforcement


	GPL Enforcement
		remains an important issue for Free Software
		will start to happen within the court more often
		has to be made public in order to raise awareness
		will probably happen within some form of organization
		talks have started with the FSF Europe

	What about Copylefted Content (Creative Commons)
		probably just a matter of time until CC-licensed works of art are infringed

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Problems of GPL Enforcement

	Problems
		distributed copyright
			is an important safeguard
			can make enforcement difficult, since copyright traditionally doesn't know cases with thousands of copyright holders
			distribution of damages extremely difficult
		the legal issue of having to do reverse engineering in order to prove copyright infringement(!)
		only the copyright holder (in most cases the author) can do it
		users discovering GPL'd software need to communicate those issues to all entitled parties (copyright holders)
		infringers obfuscating and/or encrypting fres software as disguise

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
gpl-violations.org

	The http://www.gpl-violations.org/ project was started ~ 3 year ago
		as a platform wher users can report alleged violations
		to verify those violations and inform all copyright holders
		to inform the public about ongoing enforcement efforts
	
	At the moment, project is only backed by the author
		more volunteers needed to investigate all cases
		something like 270 reported (alleged) violations backlog

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
Make later enforcement easy

	Practical rules for proof by reverse engineering
		Don't fix typos in error messages and symbol names
		Leave obscure error messages like 'Rusty needs more caffeine'
		Make binary contain string of copyright message, not only source
	Practical rules for potential damages claims
		Use revision control system
		Document source of each copyrightable contribution
			Name+Email address in CVS commit message
		Consider something like FSFE FLA (Fiduciary License Agreement)
		Make sure that employers are fine with contributions of their employees
	If you find out about violation
		Don't make it public (has to be new/urgent for injunctive relief)
		Contact lawyer immediately to send wanrning notice

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Finding GPL violations

Finding GPL violations in embedded systems
	Software based reverse engineering techniques
		Analyze firmware update files
		Exploit security bugs in firmware
		Use existing "backdoors"
	Hardware based reverse engineering techniques
		Take actual board apart, note major components
		Find + use JTAG testpads
		Find + use serial console

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Finding GPL violations

Software based reverse enigneering
	Analyzing firmware update files
		Typically very easy, you don't even need the device to start with
		Firmware updates available on the internet
		Start with hex-editor, 'strings' and some pattern-matching
		Find magic numbers of kernel image, cramfs/jffs2 rootfs image
		extract kernel and/or rootfs by very easy means (dd, gzip/bzip2, ...)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Finding GPL violations

Software based reverse enigneering
	Exploit security bugs in firmware
		Typical embedded system vendor has 
			zero clue about Linux
			zero clue about Security
			ages old software versions
		Therefore, very easy to exploit years-old security problems
			buffer overflows, stack smashing
			HTTP UI scripting problems (quoting problems)
		Goal
			to get a [root] shell on the affected device

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Finding GPL violations

Software based reverse enigneering
	Use existing "backdoors"
		Sometimes, devices have existing backdoors from R&D
		e.g. special undocumented command in telnet or SSH UI for getting a shell
		very device-specific, no generic rule how to find it

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Hardware based reverse engineering

Hardware based reverse engineering
	almost always successful
	amount of work differs from device to device
	see the next slides for an example
	BTW: the device in question is NOT a GPL violation

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Take hardware apart

Opening the case and void your warranty
%image "x800_backside_nobat_nocover.jpg"
Note the convenient test pads beneath the battery 

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Take hardware apart

Opening the case
%image "x800_opening_the_case.jpg" 800x600
If you have a bit of experience in taking apart devices, you can do that without any damage...

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Take hardware apart

The Mainboard with all its shielding covers
%image "x800_mainboard_with_shielding.jpg" 800x600
Obvoiusly, the shielding needs to go

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Take hardware apart

The application processor section
%image "x800_application_processor.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Take hardware apart

The HSDPA modem section
%image "x800_hsdpa_modem.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Take hardware apart

The backside
%image "x800_backside_with_lcm.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins


	JTAG is a very useful interface
		boundary scan (EXTEST + INTEST)
		ARM Integrated Debug Macrocell
	Find + use JTAG testpads
		look for suspicious testpads on PCB
		tracing PCB traces impossible at 8-layer PCB
		trial + error
		sometimes you might find schematics ;)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins

Find + use JTAG testpads
%image "e680_jtag.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins

	Find + use JTAG testpads
		JTAG is basically a long shift register
		Input, Output, Clock (TDI, TDO, TCK)
		Therefore, you can try to shift data in and check if/where it comes out
		Automatized JTAG search by project "jtagfinder" by Hunz (German CCC member)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins

Find + use JTAG testpads
%image "x800_dbgconn_closeup.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins

Find + use JTAG testpads
%image "x800_debcon_pcb.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins

Find + use JTAG testpads
%image "x800_jtagfinder_probes.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins

Find + use JTAG testpads
%image "x800_jtagfinder.jpg"

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
JTAG pins


Found JTAG pins
	Chain 1
		Samsung S3C2442 Application Processor
		Has standard ARM JTAG ICE
	Chain 2
		CPLD programming interface
	Remaining work
		find the nTRST and nSRST pins

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page 
How to find GPL violations
Serial console


How to find the serial console
	Just run some code that you think writes to it
	Use a Scope to find typical patterns of a serial port
	I haven't actually done (or needed) this on the glofiish yet, but on many other devices
	RxD pin is harder to find, just trial+error usually works as soon as you have some interactive prompt that echo's the characters you write
	Don't forget to add level shifter from 3.3/5V to RS232 levels


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
%page
GNU GPL - Copyright helps Copyleft
The End


%size 4
	Further reading:
%size 4
	The http://gpl-violations.org/ project
%size 4
	The Free Software Foundation http://www.fsf.org/, http://www.fsf-europe.org/
%size 4
	The GNU Project http://www.gnu.org/
%size 4
	The netfilter homepage http://www.netfilter.org/
%%	http://management.itmanagersjournal.com/management/04/05/31/1733229.shtml?tid=85&tid=4


personal git repositories of Harald Welte. Your mileage may vary