This seems a clear GPL violation to me and Transcend deserve an expensive legal education.
"GPL also makes anything linked with a GPL sourced component a derivative work - requiring it too to be licenced under GPL."
This isn't correct. The result of linking a GPL work with another work is itself a derived work. To distribute that derived work you are required to make the all sources available under the GPL [or strictly more permissive license - read the GPL yourself if it matters] so you have a choice between:
1 not distributing the derived work (the binary) OR
2 ensuring appropriate release of source code OR
3 coming to a private arrangement to receive a (non-GPL) license from the copyright holders of the GPLed work (not practical or possible with Linux) OR
4 (not recommended) committing copyright infringement by distributing the binary without permission.
The GPL is not viral and does not automatically cause licenses to be granted to linked work. It sounds as if Transcend have gone for option 4 which would make them commercial copyright infringers and liable for penalties in most countries of the world (Berne Convention etc).
I normally think that people derserve an inexpensive legal eductionat, but in this case I think an exception is needed.
> a rather rude reply telling me that they are uninterested and I am "free to report this to any linux organization."
Ye... They picked the option of intentionally infringe copyright for commercial gain. That is as indefensible as it can get with copyright infringement.
That's too bad, because those little Wifi SD cards are actually pretty awesome for microcontroller projects, since you can talk to them over a standard SPI bus, and they're fairly inexpensive for what they do. Hopefully Transcend opens the source. If they did, then there would be more reason to actually buy these cards as embedded Linux systems, meaning more sales for them.
EDIT: I wonder why hardware manufacturers are so insistent on keeping the source closed for products such as this. From what I've heard, the software onboard the card is quite buggy and contains numerous exploits. If they just let the community help improve it, I'm sure we would be seeing better alternative distributions for this card (kind of like Cyanogenmod with Android)
Well, I did get the card to fully work using my own kernel and ramdisk and filesystem, even bringing up ubuntu. Just had to do some dirty things to the kernel. If you're curious, the linked article described how to do this.
Is this true, that kernel modules that are independently compiled are also "infected" by the GPL?
I do not think this is the case, and the recent Oracle v. Google case seems to suggest that APIs themselves are not copyrightable. So the kernel module API used by a non-OSS licensed module doesn't seem like it should infect the entire module. That is, importing kernel headers in a binary doesn't constitute a derivative work.
CAVEAT EMPTOR: I am not a lawyer. I wasn't a lawyer when I started writing this comment and, alas, I will not be when I have finished it.
Kernel modules don't just access the public API of Linux and are fairly tightly bound to the Kernel. It seems to be the common understanding that they generally do constitute derived works. Certainly shipping them with a kernel is likely to be considered as such.
Having said that see my other comment which I think explains how the GPL isn't viral and also that provided you don't distribute the derived work you are not obligated to distribute the source.
The general opinion is that kernel modules integrate sufficiently tightly that the GPL applies to them, but it is something that has been debated quite a bit, and will probably not be settled until there is a court case that rules on it.
What do you mean by "modules that are independently compiled"?
If I were to write a kernel module, which I only distribute in source form, there is nothing that would require me to make my module GPL unless I have copied into my module source copyrightable elements from Linux (or some other GPL-licensed code). Let's assume I use a license for my module source that is not compatible with GPLv2.
If you take my module, and compile it into a Linux kernel, and want to distribute the resulting binary, then YOU have a problem in that the resulting binary that includes the kernel and my module is probably a derivative work of the Linux kernel, and the license of the kernel doesn't let you distribute derivative works of the kernel unless they are licensed under GPLv2. (You might try to argue that my module and the kernel together are a compilation, not a derivative work, but I don't think that would work).
I've seen it argued that since my module is intended to be built into kernels and doesn't have much use if not built into kernels, than I am effectively building it into kernels and distributing it even though others do the actual building, and so I do have to license my code under GPL.
Copyright law (at least in the US) does actually recognize a couple of circumstances under which I could be liable for someone else's infringement. There is "contributory infringement" and "induced infringement". If either of these could be applied, I could be held responsible for the infringement that occurs when others build infringing kernels using my module source. For induced infringement, the person actually doing the infringement basically has to be an agent of mine, so that would not apply. For contributory infringement, I just have to be doing something that enables their infringement.
Alas for those who want to hold me liable, there is a major problem with the contributory infringement approach. There CANNOT be contributory infringement without there being a direct infringement for me to have been contributory toward, and there must no substantial non-infringing use for my work. As even Stallman concedes, the GPL allows a person to take GPL source code and combine it with code that is licensed incompatibly with GPL and build binaries for their own private use. These people are not infringing, and so do not provide a foundation for contributory infringement, and they provide an example of a substantial non-infringing use for my work.
The above hypothetical (module distributed in source form only) is what I think of when I hear the phrase "independently compiled".
One thing often overlooked when these discussions come up is that the Linux kernel is not the first program that outsiders have wanted to write code for without following the rules set forth by the program's owners. People have been figuring out non-public internal interfaces and data structures of word processors, spreadsheets, video games, embedded systems, proprietary operating systems, and so on, and then releasing things that patch in and do unauthorized things long before Linux came along. All that's different with Linux is that (1) they can look at the Linux code so it is a lot easier to figure out non-public internal interfaces and data structures, and (2) GPL saves them from contributory infringement (with unauthorized modifications to proprietary programs, the end user might be violating a EULA if they use your work, which puts you on less firm ground).
> If you take my module, and compile it into a Linux kernel, and want to distribute the resulting binary
Binaries. Separate. That is, a kernel module containing or as an independently compiled binary component from the kernel. Does that get infected by the GPL by virtue of its ultimate use, even though it can be distributed separately?
Do you think it would be worthwhile to try? I really would love to see the proper and complete source released for this card - it is a cute and capable device, and having to hack module.c to make use of it seems wrong.
Find anyone who has a.) contributed code to the kernel (and, thus, holds copyright on it) and b.) wants to pursue a claim of copyright infringement. Any kernel contributor should have standing, AIUI.
(standard "IANAL" and "I speak only for myself" disclaimers apply)
"GPL also makes anything linked with a GPL sourced component a derivative work - requiring it too to be licenced under GPL."
This isn't correct. The result of linking a GPL work with another work is itself a derived work. To distribute that derived work you are required to make the all sources available under the GPL [or strictly more permissive license - read the GPL yourself if it matters] so you have a choice between:
1 not distributing the derived work (the binary) OR
2 ensuring appropriate release of source code OR
3 coming to a private arrangement to receive a (non-GPL) license from the copyright holders of the GPLed work (not practical or possible with Linux) OR
4 (not recommended) committing copyright infringement by distributing the binary without permission.
The GPL is not viral and does not automatically cause licenses to be granted to linked work. It sounds as if Transcend have gone for option 4 which would make them commercial copyright infringers and liable for penalties in most countries of the world (Berne Convention etc).