The Grsecurity Lawsuit

Today the Ninth Circuit Court of Appeals rendered its decision in the defamation matter of Open Source Security (OSS) v. Perens. As you may be aware, I represented OSS, the maker of the grsecurity Linux security patches.

While we review the panel’s decision and assess our legal options, the court’s holding makes one thing very clear:  Mr. Perens’s statements are not facts, but mere opinion—that is, statements whose assertion cannot be proven or disproven—according to the court’s previous ruling in Coastal Abstract Serv., Inc. v. First Am. Title Ins. Co., 173 F.3d 725, 730-31 (9th Cir. 1999).

I feel compelled to remind the public that a nonlawyer, that is, one who does not practice law professionally—no matter how qualified—should never be considered as a viable alternative to a licensed attorney.  As far as it relates to matters of law, personally, I am unaware of any US jurisdiction that recognizes a nonlawyer to be qualified as a ‘specialist’ or ‘advisor’ to attorneys.

Those who start a legal commentary with the disclaimer “IANAL,” might find it interesting to note that the Merriam-Webster  dictionary, while defining nonlawyer, states:

It asserts that a nonlawyer doing his own legal problem-solving has a fool for a client.

— Martin S. Harris, Jr.

Note: these are not my words.

But I digress.

Nonetheless, take this from a real lawyer: I find no legal issue, whatsoever, in OSS’s condition to provide access to future versions from their servers only if users do not exercise their GPL rights (related to redistribution). It is disappointing that the court refused to make a determination about something that can easily and objectively be verified. Particularly, as I discuss in another post,  OSS has an absolute right to deny future services.

In public interest, I am willing to discuss this further, free of cost, with the legal counsel of any business entity that is considering to replicate OSS’s business model, or those who would like to be OSS’s customers and enhance the security of their Linux based servers by utilizing the grsecurity patch.

Rohit Chhabra