ASUS eeePC: First impressions and GPL violations

Most recent edit (2007-11-30): please see my more recent post for updates. ASUS has released the sources for some of the applications and drivers on the eee. I can't say whether it's complete and accurate yet, but it's a great sign from ASUS.


Edit: This post has gotten wider circulation than I was expecting (I rarely get readers, much less comments!). I've been clarifying some points in the comments, but people don't seem to be reading them before posting (and some of the posts have been hostile in tone). So:

• Yes, I've downloaded and poked around in the 1.8GB archive ASUS insists is the source, from both the US and Taiwan sites. It does not contain the sources in question, or at least did not when I retrieved it. I tend to assume incompetence before malice, and I really do believe they just messed up. (Even the asus_acpi stripping seems more like a botched search-replace job by some overworked driver author than a malicious act. Doesn't make it legit, of course.)


• I realize that blogging about a GPL violation doesn't fix it. My purpose in writing this article was to document the violation; I have neither the inclination nor the time to press a complaint or (god forbid) file a lawsuit! If others want to do that in response to this post, I'm happy to serve as an expert witness and provide the evidence I've collected, but for now, I'm enjoying my laptop and a cup of coffee.


• I either suck at using ndiswrapper (I freely admit this) or it's my Airport base station causing the problems there. More on wireless drivers in a followup post.

Now on to the original post:

For my birthday, I bought myself an ASUS eeePC. Now, I've been lusting after very-small-form-factor laptops for some time (ever since I saw the Zaurus C series), and this is quite the small one. It also ships with Linux, which (I thought) was a good indication that the hardware is well supported by Linux. (Not so; read on.)

I'm very pleased with the hardware with a few exceptions, which I'll detail in the latter two thirds of this post. The screen is bright and clear, the keyboard is surprisingly usable (even with my giant hands), etc. I'm really happy with it, now that I've bent it to my will. Obligatory laptop porn below.

The eee on a sheet of 8.5x11 paper:


The eee next to a coffee mug:


The eee atop my 15" MacBook Pro:


Now then.

Proprietary Hardware Woes

ASUS ships the eee with a variant of Xandros Linux, which in turn is a variant of Debian. It also ships with binary modules for much of the hardware, and some of the hardware won't work without 'em. Specifically,

• The wireless works with the madwifi version that ships on the machine, but not with HEAD or 9.3.3, and


• The ACPI does not work with the Linux kernel's asus_acpi module, but does with ASUS's variant of it.

Several folks have gotten the wifi working with ndiswrapper, but this just tells me that those folks don't run WEP. (I need to figure out where they live.) I've gotten both wifi and ACPI working in Ubuntu, but only by loading ASUS's binary modules. Instructions in a subsequent post, once I'm done ranting.

(Edit (2007-11-23): Folks have posted saying they got ndiswrapper working with WPA. They're clearly 1337er than I am; turning on any encryption at all would spike it to 50%+ CPU. Lame!)

Proprietary Software Woes

The system is set to update itself and add packages from a repository at ASUS's site (specifically this one), where the little machine can fetch new kernels, Linux userland, KDE updates, and optional packages.

What you won't find on that site are sources. ASUS is bound by the GPL to make the sources for the software they're distributing available, even if they have not modified them. (Check the license if you don't believe me.) ASUS has posted a 1.8GB ZIP file on their website that they claim is the sources, but it's not -- it contains a few .debs (not even the versions that ship on the machine) and some kernel headers. (Perhaps they figured nobody would pull 1.8GB from their slow-as-molasses site and find out.)

Through disassembly (I can do that, the software is GPL'd), it appears that ASUS has extensively modified the asus_acpi kernel module from Linux 2.6.21.4, so that it now works with the eee's hardware. This would be good except that

• They appear to have stripped out all attribution. (Kernel modules contain information about the module name, version, and author. This has been removed.)


• They appear to have attempted to hide what they were doing. (All references to "asus_acpi" have been removed, but other identifying features remain.)


• They are not distributing their modified sources, or even a patch.

I have not contacted the author of asus_acpi, and it's possible that he has worked out a copyright licensing deal with ASUS -- but I was under the impression that the copyright of contributions to the Linux kernel were assigned to Linus or an agent thereof, which would not leave him with this right.

The madwifi drivers that ship on the machine are also a version never before seen in the wild, but as madwifi is dual-licensed GPL/BSD, modifying it is within ASUS's rights.

It's worth noting, from a legal perspective, that ASUS is also distributing BusyBox inside the system's initramfs image. (They do not appear, at first glance, to have stripped the attribution out of this one.) This is interesting because someone else distributing BusyBox without complying with the GPL is currently getting themselves sued in the first US civil suit over GPL violations.

Also worth noting: this is not the first time that ASUS has stolen from the community in this way. They were caught in 2004 stealing code from iptables/netfilter. They're also trying to cover their ass: they include the GPL in the box with the product, and state

This product includes copyrighted third-party software licensed under the terms of the GNU General Public License. ... ASUSTeK COMPUTER Inc. has exposed the full source code of the GPL licensed software, including any scripts to control compilation and installation the object code ... For more information how you can obtain our open source code, visit our website (http://support.asus.com.tw/download/).

...that website, for reference, is Home of the Giant Zip File I mentioned above.

Sigh.

(Edit (2007-11-23): To be fair, as commenters have pointed out, this may very well be simple negligence on ASUS's part. Yes, I and others have contacted ASUS about this with no response yet. Let's hope they just say "Whoops!" and fix the ZIP.)

Warranty Void If Removed

The last annoyance about the eee PC is the bright yellow "Warranty void if seal is broken or removed" sticker over the RAM upgrade slot.

Yes, you read that right: a computer manufacturer has decided that it voids your warranty to replace a DIMM.

The door in question also hides an available mini-PCI-Express slot, so needless to say, people would like to open it. For me, until I get out of the front of the bathtub curve and verify that the hardware works with Ubuntu, that sticker stays intact.

However, since I'm already pretending to be a lawyer in this post, allow me to discuss the Magnuson-Moss Act, what it says about tie-ins, and what exactly ASUS is doing here.

The Magnuson-Moss Act is a 1975 Federal law that lays down some rules for how consumer warranties work. One of the specific things it prohibits are "tie-ins," additional items or services you must buy from the manufacturer to make your warranty work. (This is why for-pay warranties these days are euphemistically termed 'service contracts.')

Examples of tie-ins are provided on the FTC's site. There's the unacceptable tie-in:

In order to keep your new Plenum Brand Vacuum Cleaner warranty in effect, you must use genuine Plenum Brand Filter Bags. Failure to have scheduled maintenance performed, at your expense, by the Great American Maintenance Company, Inc., voids this warranty.

...and the acceptable one:

While necessary maintenance or repairs on your AudioMundo Stereo System can be performed by any company, we recommend that you use only authorized AudioMundo dealers. Improper or incorrectly performed maintenance or repair voids this warranty.

Specifically, it's acceptable to void someone's warranty if maintenance is screwed up. (I'm paraphrasing the FTC's page, which was clearly paid by the word.)

Here are snippets from ASUS's warranty:

The warranty only covers failures or malfunctions occurred during the warranty period and in normal use conditions as will as for any material or workmanship defect. The warranty will not apply if: (a) the product has been tampered, repaired, or modified by non-authorized personnel; ... (c) the warranty seals have been broken or altered; ...

(Yes, those typos were in the original.)

Clause (a) above is clearly unenforceable under Magnuson-Moss -- it's one of the specific cases that the FTC cites as illegal.

Clause (c) follows as unenforceable: repairs (even normal upgrades) of the system cannot be performed without breaking the warranty seal. I'm not a lawyer, but I trust the judgment of judges; I doubt that a warranty stating "You can get this repaired by any qualified person but they can't look at it!" would be upheld. This is no different.

Edit (2007-11-23): One more note on my tie-in point: ASUS will be selling a "higher model" of the eee in the US, with more RAM and 8GB of Flash, starting at the end of this month. Someone will open this model up and post pictures. If the model is simply the original with a different DIMM and, say, a PCIe SSD dropped in, then what ASUS is saying is "These socketed, consumer-upgradeable parts will void your warranty if you touch them -- but if you pay us another $150 we'll change them for you." That's a bit more blatant than what I'd cited above.