Adam Outler · Mar 23, 2014 at 02:00 am

Have You Paid Your Linux Kernel Source License Fee?

256px-License_icon-gpl-4.svgWhen asked for source code, MediaTek asks for money. They literally charge a Licensing Fee to device manufacturers for Linux Kernel source code.

It’s a sad state of affairs when a manufacturer closes off GPL-protected Source Code.  It’s even sadder when they are providing compiled firmware with several severe security vulnerabilities.  It’s sadder even still when they require a license fee.  This is going on right now with MediaTek (MTK), and it’s their standard operating procedure.

2014-03-22

There’s a reason you don’t see many MTK devices in the US and other regions with stricter license enforcement. They are a lawsuit waiting to happen. MTK disrespects not only their users, but every single Linux kernel developer. They do so in the form of a policy requiring a paid “Source Code License,” which is likely the largest load of diarrhea this writer has ever heard of. You see, the Linux Kernel source code is licensed under GPLv2, which absolutely requires that you abide by the terms that include source code release. Failure to abide by the terms legally prevents you from distributing the Linux Kernel at all. Lets take a look at some excerpts:

3.  b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; …………….

4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. ……..

5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works……

As developers, we have the ability to take code, recompile it, add features, and fix the security incompetence of manufacturers. Some of MTK’s devices are loaded with broken features such as Bluetooth PAN buffers, and there are dozens of other examples. MTK’s policy is in direct violation of all three of the above points, and its disheartening when you realize that they think they are providing a service to any customer by way of locked down and vulnerable chipsets. The reality of the situation is that MTK owes a copy of the full, buildable source code to each individual who purchases a device with the Linux Kernel, and obliging would only help them fix their broken source.

When source is available, issues are identified, troubleshooted, and patched. Those who are security conscious can get a jump on patching their devices, and those who aren’t can simply wait for the patch to be sent to them. When source is not available, security issues can only be exploited, and patches never make it upstream.


_________
Want something on the XDA Portal? Send us a tip!

Adam Outler

AdamOutler is an editor on XDA-Developers, the largest community for Android users. Electronics Tech/ Developer View AdamOutler's posts and articles here.
Mario Tomás Serrafero · Jul 3, 2015 at 11:10 am · 3 comments

New Snapdragons: Some Context & Contrast

It hasn’t been a good year for Qualcomm so far. Every device featuring the Snapdragon 810 has had a less-than-stellar fate, be it because of overheating complaints or actual decreased sales. HTC is in a particularly worrisome situation, and Sony’s Z4 is slipping down Japanese charts just over a week after its release. The G Flex 2, Mi Note Pro and Z3+ all saw complaints as well. Even MediaTek is seemingly getting an advantage over this.   But a particularly...

XDA NEWS
Aamir Siddiqui · Jul 3, 2015 at 10:12 am · 1 comment

Google To Launch Next Gen Android One On July 14

The first gen of Android One devices to be launched in India in September 2014 were decent starter smartphones, featuring budget specs and a promise of fast updates. However, the phones did not pick up as big a response as Google hoped. Now, as per a report by The Economic Times, it appears that Google is rethinking their strategy towards Android One in India. The first gen Android One devices focused on first time smartphone users, but were flawed in...

XDA NEWS
Jimmy McGee · Jul 3, 2015 at 06:00 am · 2 comments

Droid Turbo Lollipop OTA, 2015 Moto G Leaked – XDA TV

Android Lollipop for the Droid Turbo has been released. That and much more news is covered by Jordan when he reviews all the important stories from this week. Included in this week's news is the announcement of the 2015 edition of the Moto G and be sure to check out the article talking about Android Lollipop for the Huawei Ascend Mate 2. That's not all that's covered in today's video! Jordan talks about the other videos released this week on...

XDA NEWS
Share This