> the DOD’s use of open source code will alter the GPL for said code (they can’t, for obvious reasons, release any code they use and modify back into the wild)
Making changes to a GPLed program, and then keeping them to yourself, is completely within your rights under the license. It's only when you sell or give away the updated product that the GPL's rules start getting triggered.
Mind you, that might be an issue when the DoD sells some technology to another country. Take as an example all the software running a plane such as the F16. If you sell the plane to Brazil, then you'd have to share the source code for the modules with the Brazilian DoD, something that I think is not the current policy.
(I'm mentioning Brazil because, if memory doesn't fail me, one of the requirements they asked of countries/companies bidding to provide them with 4+ generation planes was that they should be able to audit and modify all the software running the planes.)
You can always pack it as a blob and claim it's firmware. Also, I would think twice before annoying someone who sells F-16s and is willing to use them (as well as the newer toys) against those who annoy them.
And yes, being able to audit the complete code for all components was one of the initial conditions and, IIRC, the reason why the Grippen NG was originally selected by the military. But then politicians took over and nobody really knows what will come out of that.
You're not getting it: This isn't some special military privilege. You or I could do the exact same thing. Anyone can take GPL'ed code, modify it, and keep the changes to themselves.
I get it. However, the scenario you are envisioning is not really consistent with how the US DoD operates.
It's not usually some E-4 sitting at a terminal writing the software that runs sophisticated modern weapons systems.
Instead it is a civilian contractor who is writing the code and then selling the software along with the system to the US military, i.e. the software is being distributed for money.
The GPL requires you provide the source code of the modified application to anyone you distribute it to. Most military projects already require source code from their contractors. Thus, most contractors already comply with the terms of the GPL.
Besides, if you're distributing the application to anyone besides the DoD you're going to have bigger problems than GPL license compliance.
If Alice takes a GPL program, modifies it, and sells it to Bob, nobody but Bob can demand Alice share the source. If Bob does nothing, nobody but Alice ever sees the source.
Sure, the GPL allows it, but the GPL doesnt allow Bob to dictate what Alice does with the source once she has it (GPL v2, term #4). If she decides to distribute it, his recourse is to not do further business with Alice. That could be enough, but if Alice sees sufficient short-term benefit, that may be a risk she is willing to take.
And those rights are automatically passed on -- if Alice sells the product to Bob and he resells it to Carol and she compiles it and gives the binary away to Doug, Doug can call Alice and demand the source.
I think he's implying that if there was a question about it being shared with other organizations in the government (or other governments or defense contractors), they would use that to justify not re-releasing the code.
I'm glad someone pointed this out, I was wondering the same thing when I was reading it.
That said, it would be nice if they decided that certain bug fixes and such could be sent back to developers, not at the expense of national security, but I can hardly see how a bug fix being pushed back out could hurt the military though.
You should read the GPL more closely and expose yourself to some of the legal commentary on interpretations of the word "distribution," as used in the GPL.
Your right to keep your changes to yourself end when you distribute your derivative work to a third-third party. The question is: what constitutes distribution? Some have argued that some hosting and outsourced management operations may constitute distribution for the purposes of the GPL.
Your approximation of the implications of the GPL are probably sufficient for most startups, but your understanding is insufficient if you are so eager to insist that your approximation is still applicable for an organization of the scope and complexity of the DoD.
That said, the article doesn't really seem to get it either.
Would the DoD be producing the code, though, or contracting it out? If that latter, that would seem to me to constitute "selling", as the producer would be paid to write the code, then give it to the customer.
That doesn't make sense. If you write code based on GPL-licensed software, then sell that to me, all the GPL says is that I have the right to the source code (not just the executable) and the right to modify/distribute/sell it as well.
However, if the DoD is hiring outside help, I'm not sure the above case is even relevant. When a startup hires an individual to write code, the individual doesn't necessarily maintain the rights to the code he writes, because he's acting on behalf of an organization (so the rights are automatically assigned to the company instead). And a company is free to distribute GPL code internally without releasing its source externally.
A separate question is whether the fact that the DoD is a government agency makes this aspect of corporate law not apply. Most writings of the public government are automatically in the public domain (a law which was pivotal in the Pentagon Papers proceedings), and the fact that the government is comprised "of the people" may make this issue more complicated.
> And even though the DOD’s use of open source code will alter the GPL for said code (they can’t, for obvious reasons, release any code they use and modify back into the wild)
This is what I don't understand. What are they altering about the license? And what are these seemingly 'obvious' reasons? The NSA was fully capable of releasing SE Linux. As for software to control missiles, etc., the real issue is that individuals (and even nations, as we've seen) can't create the physical weapons easily - the software itself is not necessarily the biggest hurdle.
(And, depending on what type of use we're talking about - though we'll probably never know exactly - the GPL may not even need to take effect, just as GPL and proprietary software can both coexist on an underlying GPL operating system, for example).
That would require contractors to give the code back to DoD. As far as I know you have to give source of GPLed code to the users you are distributing binaries to, not necessarily to the general public.
I assume that he is talking about security concerns, not licensing concerns. For example: the specific areas of code that the DOD uses will become public. This may leak more information than the DOD would like.
The more fixes you see them sending upstream in particular area, the more likely they're using that area of code.
If you suddenly see a new project getting contributions from some particular source, you may be able to correlate that with a project they're working on.
As others have said, nothing requires them to do this.
And, as a practical matter, the fact they used Windows seems to indicate they can either maintain a kernel entirely in-house (as essentially no MS developers have security clearance) or that they aren't focused on what the kernel does in the first place and do all of their special software in userspace. My money's on the second of those possibilities.
> the DOD’s use of open source code will alter the GPL for said code (they can’t, for obvious reasons, release any code they use and modify back into the wild)
Making changes to a GPLed program, and then keeping them to yourself, is completely within your rights under the license. It's only when you sell or give away the updated product that the GPL's rules start getting triggered.