https://social.kernel.org/notice/B1aR6QFuzksLVSyBZQ
Linus rants that the SFC is wrong and argues that the GPLv2 which the kernel is licensed under does NOT force you to open your hardware. The spirit of the GPLv2 was about contributing software improvements back to the community.
Which brings us to the question: what is this guy going to do with (presumably) the kernel source? Force the Chinese to contribute back their improvements to the kernel? Of which there are likely none. Try and run custom software on his medical device which can likely kill him? More than likely.
The judge's comments on the Vizio case are such that should this guy get his hands on the code, he has no right to modify/reinstall it AND expect it will continue to operate as an insulin pump.
This is about as ridiculous as buying a ticket on an airplane and thinking you are entitled to the source code of the Linux in-seat entertainment system.
One interesting link:
https://www.drugtopics.com/view/hacking-diabetes-the-diy-bio...
I would trust the people that hack on these systems to be even more motivated than the manufacturers to make sure they don't fuck up, it's the equivalent of flying a plane you built yourself.
A great analogy because people die that way. I personally would never push code to another person’s insulin pump (or advertise code as being used for an insulin pump) because I couldn’t live with the guilt if my bug got someone else killed.
And to the best of my knowledge none of the closed-loop people have died as a result of their work and they are very good at peer reviewing each others work to make sure it stays that way. And I'd trust my life to open source in such a setting long before I'd do it to closed source. At least I'd have a chance to see what the quality of the code is, which in the embedded space ranges from 'wow' all the way to 'no way they did that'.
Advertising that code, IMHO would be as showing of you doing extreme sports, for example. I do not think is any bad. A good disclaimer should be enough to take away any guilt.
So the question really becomes - Are these people working on their own pumps with open source more or less invested than the random programmers hired by a company that pretty clearly can't get details right around licensing, and is operating with a profit motive?
More reckless as well? Perhaps. But at least motivated by the correct incentives.
I would think it's the opposite. People that hack on this only risk their own life. Companies risk many people's lives and will get sued. Of course the person doing the hacking doesn't want to die but they're also willing to take the risk.
The baseline worst-case scenario of messing this up on yourself is that you die.
Yeah, only their own life, yknow, something not particularly valuable or motivating to conserve for them, as opposed to the companies financials!
Provided they do not risk anyone elses, that is entirely their right.
- people try to wingsuit through narrow obstacles and miss
- people try to build their own planes and helicopters and die
- people try to build submersible vehicles to go see the titanic and, uh, don't have a 100% success rate
- people try to build steam-powered rockets and die
"It's their life, they won't fuck it up" doesn't exactly cover a lot of behaviors.
I'd argue home-rolling your own medical device firmware is closer to daredevil/"hold my beer" behavior than normal.
It may be the case that when all is settled, the courts determine that the letter of the license means others' obligations are limited to what the judge in the Vizio case wrote. And Linus can speak authoritatively about his intent when he agreed to license kernel under GPL.
But I think that it's pretty clear—including and especially the very wordy Preamble—not to mention the motivating circumstances that led to the establishment of GNU and the FSF, the type of advocacy they engage in that led up to the drafting/publication of the license, and everything since, that the spirit of the GPL is very much in line with exactly the sort of activism the SFC has undertaken against vendors restricting the owners of their devices from using them how they want.
You were right up to this point. Medical devices requiring a prescription must be obtained via specialized suppliers, like a pharmacy for hardware. These appliances are not sold directly to end users because they can be dangerous if misused. This includes even CPAP machines.
In theory, that written offer only needs to go to the device suppliers. Who almost universally have no interest in source code. When the device is transferred or resold to you, it need not be accompanied by the offer of source.
If that was true, anyone reselling an Android phone could open themselves up to legal liability. Imagine your average eBayer forgetting to include an Open Source Software Notice along with some fingerprint-encrusted phone.
For the same reason you can't find an airplane entertainment system in the trash and call up the company and demand source code.
"The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable."
As the original Reddit comment explains, Insulet is an American company.
Broken take. You are entitled to the source code.
That’s about as ridiculous as buying a plane and knowing you’re entitled to the gpl sources used.
It's not like the OEM software also won't kill you: https://sfconservancy.org/blog/2025/dec/23/seven-abbott-free...
Linus is arguing against a strawman that Conservancy never actually argued. See https://sfconservancy.org/news/2025/dec/24/vizio-msa-irrelev... for details.
> Which brings us to the question: what is this guy going to do with (presumably) the kernel source?
Yes, of course. It is abhorrent that people have devices implanted into their bodies and are in any way prevented from obtaining every last detail about how those devices operate.
> Separately, do you think it's remotely a good idea?
In rare circumstances, yes. See, by way of example, Karen Sandler's talk on her implanted pacemaker and its bugs, for specific details on why one might want to do so.
Where your interpretation means someone else needs to follow your whim for their own problem, despite the legalese stating otherwise.
I think that is an absurd position and I am sorry to feel the need to have to be blunt about it.
it doesn't bring us to the question, but the answer to the question is, run a diff between the software that has this guys life in its hands, and the version it was derived from, to see if they inserted back doors, stray pointers, etc.
I think this sentence is very sad. Not only this is a hard accusation, it is also the primary argument of the anti right to repair movement. An argument that I think is extremely bogus and ill intentioned, and I particularly (like Mr. Rossman) viscerally dislike.
Maybe the primary motivation is a) curiosity, and b) just for kicks to know if they honor the license.
That happens every Tuesday, hardly newsworthy.