01.10.08
McAfee Receives Warning After Spreading GPL FUD
As you may recall, McAfee recently contributed to Linux and GPL FUD and later tried to mitigate the damage (without retraction of its claims). Someone whom I know has independently decided to challenge McAfee for its alleged GPL violations. I helped in drafting a response, which is appended below.
Contact was first made, but the issue at hand was escaped.
Dear Jerry,
Thank you for contacting McAfee Customer Service.
I sincerely apologize for the inconvenience but I am unable to understand your message. Please rephrase and resend your issue in detail so that I can assist you more efficiently.
I would like to inform you that McAfee Customer Service can only answer issues related to McAfee.
Please include your previous correspondence when you reply to this e-mail.
Your reference number for this contact is 81456567.
Sincerely,
Venj V.
McAfee CS-Tier 1
Here is the second message, with responses yet to come.
Dear Sir,
The company that you work for, McAfee, develops and sells software. Apparently, included in your software are third party contributions protected under the General Public License, otherwise known as the GPL. The GPL license stipulates that your company can indeed use GPL-licensed software to develop the products which McAfee sells, provided that you make modification to the GPL-licensed source code available and freely accessible for public use. If GPL code that you added to software was changed by you, then under those provisions of the GPL I request access to the source code of parts of your products that make use of the GPL-licensed source code.
To help you understand what is being requested, here are some relevant URLs that support my request for relevant McAfee source code. A copy of the licence is typically accompanied with to source code that you download for use and the language is clear enough to ensure understanding of use (there are no ‘hidden’ expectations and surprising obligations).
The General Public License 2.0 can be found at:
http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
There is an excellent FAQ that explains the terms of the GPL at:
http://www.gnu.org/licenses/gpl-faq.html
One of the relevant points leading to my request for your source code being:
http://www.gnu.org/licenses/gpl-faq.html#LinkingWithGPL
The URL’s where your company, McAfee, admits to using GPL’d source code in your products may be found at:
http://www.theinquirer.net/gb/inquirer/news/2008/01/05/mcafee-throws-fud-gpl
Additionally see:
http://www.crn.com/security/205600714
I await your next message containing the location on the McAfee website where I can freely access the sources. If GPL-licensed code was never modified and the articles above are incorrect, then I apologize in advance.
Thank you very much for accepting my query.
Perhaps Jerry will get to the bottom of this. This hasn’t anything to do with BoycottNovell, but permission was given to post this as an open letter for greater exposure and increased public scrutiny. █
Highlight: Novell was the first to acknowledge that Microsoft FUD tactics had substance. Novell then used anti-Linux FUD to market itself. 
Highlight: Xandros let Microsoft make patent claims and brag about (paid-for) OOXML support. 
Highlight: Linspire's CEO not only fell into Microsoft arms, but he also assisted the company's attack on GNU/Linux. 
Highlight: Microsoft craves pseudo (proprietary) standards and gets its way using proxies and influence which it buys. 
Highlight: The invasion into the open source world is intended to leave Linux companies neglected, due to financial incentives from Microsoft. 
Analysis: Xen, an open source hypervisor, possibly fell victim to Microsoft's aggressive (and stealthy) acquisition-by-proxy strategy.