I'd like to congratulate Rafael Rivera on his successful GPL compliance work regarding the Microsoft WUDT software, which is apparently used to make ISOs from stuff you downloaded from Microsoft software.
I'm of course against the idea of using Microsoft Windows, and why
you'd ever want to make an ISO out of some Microsoft Windows stuff is
beyond my comprehension. However, Rafael identified that the WUDT was
based on some GPL'd software, and as such he was quite correct in
demanding that Microsoft comply with the terms of the GPL (as it has
done before, for example, with
its Windows
Services for Unix). Rafael was first to discover and point out this
violation. More importantly, he also did what we in the GPL enforcement
world call the “compliance engineering work”, which includes
confirming the violation exists by technical measures, and checking that
the complete and corresponding source code
actually builds and
installs the binary as expected.
That importance of that latter part of the work is unfortunately not often identified. GPL is designed to hook up the legal requirements of a copyright license with certain technical requirements needed to allow downstream users to modify and improve the software. This is the true innovation of the GPL: to make copyright law into a tool that gives users the actual means to improve and redistribute modified versions of software.
When we check to see if someone is in compliance, it's not merely about
seeing if they dumped a big pile of source onto the world. We also have
to check carefully that the source builds and that the process produces
a working binary that can be installed by the user. That's why GPLv2
requires scripts to control compilation and installation of the
executable
and what GPLv3 clarifies that requirement even further
into the formally defined Installation Information
.
Thanks again to Rafael for doing this work. While everyone knows how often I fault Microsoft, I have to say they did a timely job in this particular case. A little under a month is actually the best one can hope for from initial identification to a violator about a problem to having in our hands complete and corresponding source code (or “C&CS”, as we GPL enforcement geeks call it). Microsoft should have known better than to screw this up after years of working with the GPL, but everyone makes mistakes, and the real measure of a company is how quickly they redress a mistake.
Now if we could just get Microsoft to stop the more harmful mistake of attacking FLOSS with patents, but that's a tougher problem to solve…