It has come to my attention that some entities are claiming that you,
dear Linux Hackers, (1)need to go through some foundation or get some
permission from upon high in-order to sue the progenitors of GRSecurity
for their violation of section 6 of the terms underwhich the linux
kernel is distributed (version 2 of the GPL). And, furthermore, that
(2)this foundation has no intention of bringing such a suit.
(1) is false.
(2) may very well be true.
You do have standing to sue GRSecurity for their blatant continuing
copyright violation if GRSecurity has made a derivative work of your
code contribution to the Linux Kernel as-long as (a)you have not
assigned your copyrights, and (b)you are not a work-for-hire.
How do you know if you are a work for hire or if you have signed away
If you are working for a company and as your job duties you are
programming the linux kernel, there is a good chance that you are a work
for hire and thus the company owns said copyrights.
How do you know if you signed away your copyrights? Well if you singed a
document transferring ownership of your copyrights for the code you
produced at some point.
If you are not working for a company while hacking linux and you haven't
assigned your copyrights away then YOU OWN YOUR CONTRIBUTIONS.
This means most of you hobby hackers, if GRSecurity has modified your
code, YES YOU HAVE STANDING TO SUE.
Yes your "betters" are lying to you.
You have individual separate standing to sue.
Yes you SHOULD consult a lawyer of your own.
Yes you SHOULD consider a joint filing with other individual
rights-holders willing to bring suit against GRSecurity for their
blatant violation of your terms, and yes you should consider starting
CLASS ACTION since the number of Linux Kernel Contributors seemingly
numbers in the multitudes upon multitudes upon multitudes.
And yes, I am an attorney.
But no, I'm not looking for clients. Just correcting some false
information that has been spreading.
And yes, GRSecurity will try to claim that the linux-kernel is a work of
Joint ownership (so as to shield themselves via procedural law) and yes
they will try to claim fair use (probably de minimus), and yes your
Lawyer will have to respond to these claims. The Joint ownership claim
will go down quickly but it will have to be responded to. De minimus
Fair Use depends on how much code is modified and how signifigant the
modifications are. Don't let anyone but your own legal council dissuade
you from bringing suit: Remember the statute of limitations is only a
few years, so the clock is ticking on the CURRENT violation.
Also make sure you register your copyright of the version of the
linux-kernel that GRSecurity is using in its violation prior to bringing
suit. The registration must be for the specific version. Yes you can
register after the violation has occurred, however if you have
registered before the violation then you can also pursue recovery of
legal fees, pursue statutory damages, etc.
( NOTE: If you would like to read on how your copyright is being
violated by GRSecurity, Bruce Perens posted a good write-up on his
( There was also a discussion on the linux section of slashdot, and on
the debian user mailing list, and on the dng devuan mailing list and on
the openwall mailing list and the fedora legal mailing list )