IANAL, but I'm skeptical that Dmitry's interpretation that Defcon has no license is correct. It sounds like Dmitry sent them firmware images with the mutual expectation that those will be used on badges, and they invited him to the Badge talk which could be considered consideration. That should constitute a contract, either verbal, or through concludent acts. This should give Defcon the right to use Dmitry's on the badges, but not modify it. So legally the whole thing would probably be considered a contract dispute, not use of unlicensed software.
Defcon will probably argue that including the easter egg was some kind breach of duty of Dmitry's part, and gave them the right to remove him from the talk, and modify the firmware to remove the easter egg. My expectation is that courts would decide that Defcon has the right to use the firmware, but will require them to pay some kind of compensation for not living up to their side of the bargain.
IMO the thing that may matter most here is the PR effect on Defcon. It's the badge - every attendee takes this thing home and engages with it. It's a talking point, memento and representation of the spirit of the conference.
That's an unmitigated PR disaster for Defcon. It doesn't matter to this who was right or wrong or what laws were broken, even if somehow all legally ended up in Defcon's favour, the damage to the brand is huge, enduring and set aside from those issues.
To address this, whoever at Defcon ultimately actioned this series of events should be held to account, for this PR aspect, and the matter immediately and publicly handed to someone with an appropriate understanding of Defcon's culture & reputation.
Did Defcon contract with Entropic Engineering for hardware and software? Or did Defcon contract with EE for Hardware and non-contract it from Dmitry?
If it is the former, Defcon could say "you need to work that out with EE and if it turns out that EE wants to revoke the license for the software, we'll have our lawyers talk with your lawyers about what is in the contract."
If its the later, then things get trickier and more difficult in many different directions.
Based on https://old.reddit.com/r/Defcon/comments/1eoe4u7/so_the_guy_... "/u/dmitrygr wrote the firmware for the badges as well at the behest of Entropic" - its the former. And so if anyone is in trouble with the licensing, it's Entropic for not having a contract with Dmitry and providing the software to Defcon." Defcon used it, with the understanding that they had a license to the firmware.
This would depend on the contract that DEFCON has (had) with Entropic Engineering and what the deliverables were.
It may turn out that Entropic would be the one paying the penalty and footing the bill if one of the people they worked with decided to change the license.
Revoking or changing that license afterwards may fall on the vendor rather than the distributor to make things right.
While this isn't likely to be something anyone is going to come out smelling like roses out of... my crystal ball says that Entropic is going to come out the worse for it.
Having a "volunteer" working for a for profit company has hints of FLSA violations ( https://www.reddit.com/r/Defcon/comments/1ep00ln/comment/lhj... ). Having a person that Entropic is working with for embedded software put in easter eggs that went counter to the SOW becomes difficult. Entropic relying on software that has a license of "as long as the software author is ok with it" may complicate future business relationships with other clients.
Isn't it kind of too late at that point? If i understand correctly, this notice came after the badges were already distributed. Like maybe that would work for future uses of the software, but i don't think constructive notice can be retroactive.
Um, removing a person who’s giving a talk is a completely different action from the distribution of (potentially) unlicensed software.
DEFCON may well have many reasons and legal recourses to stop a talk from occurring. But if they do not meet the terms of the contract for the IP, then the author/developer/manufacturer is entirely free to pursue action against them.
Now it’s possible the developers had not watched Mike Monteiro’s “fuck you pay me” talk (https://creativemornings.com/talks/mike-monteiro--2/1), but assuming that the claims in this tweet are remotely accurate you can bet that - assuming they can get someone to do it at all - next years defcon badge will be produce by someone with a contract that has the only sane language: “no transfer of any IP or right to distribute occurs until receipt of full payment”
Minor addendum due to being outside of the edit window.
The “um,” start to this was unnecessarily shitty/passive aggressive and I just noticed it when I was checking for replies, so apologies for that attitude.
The issue I was wanting to address is that the reply was talking about removing the speaker as if that is relevant to the OP’s comment about IP, etc and in hindsight I guess I assumed a bad faith argument and responded to that assumed intent rather than the actual comment.
If including an Easter egg voids the contract, then they should also start a class action against Microsoft for frivolously including a flight simulator in excel.
It would be surprising to me that even if DEFCON could be considered to have a license, that that license would be irrevocable. At the end of the day they have received work product for free which they do not own and the owner is saying they can’t distribute it.
Defcon will probably argue that including the easter egg was some kind breach of duty of Dmitry's part, and gave them the right to remove him from the talk, and modify the firmware to remove the easter egg. My expectation is that courts would decide that Defcon has the right to use the firmware, but will require them to pay some kind of compensation for not living up to their side of the bargain.