Hiawatha usage in commercial embedded system

26 November 2014, 23:29

Hiawatha version: 9.8
Operating System: Linux

I am considering to use Hiawatha in a commercial embedded system. Hiawatha would replace the currently used thttpd for serving the configuration settings and status information of that device. One key advantage would be to provide https security. I know Hiawatha is licensed by GPL but it would be nice to have a set of "do" and "don't" rules for such usage. There should be no changes to the Webserver software besides compilation for the target linux system. I am still trying to figure all the implications of the GPL. Is it e.g. required, that customers of the embedded system are enabled to do their own updates of Hiawatha? (Normally customers are expected to consider the system a black box; there is no real point for them to do such things)

Maybe there could be a FAQ article on that issue?
Hugo Leisink
27 November 2014, 09:05
I don't see any reason for not using Hiawatha for your case. When you didn't change any code, GPL doesn't forbid to send new releases in binary form to your customer's embedded system.

The GNU website already has a very large GPL FAQ [].
30 November 2014, 22:39
Thanks for the Head up and many thanks for the pointer to the GPL FAQ (I should have found that myself in the first place).
The mentioned point, that is slightly worrying me, is the topic
What is tivoization? How does GPLv3 prevent it?
from that FAQ. For me it seems the GPL expects any customer should be able to do updates on any piece of GPL software inside my embedded device. Especially for warranty reasons I would not even like that. Additionally it would be technically more complicated to provide methods for exchanging arbitrary pieces of the embedded software. I would like to only provide complete update packages and these only in rare cases if I consider they are required.

Actually I expect the customers of the that specific embedded device not to consider themselves to be using a computer with "software" which is licensed but they want to buy a device with a very specific purpose as a "black box". Even me providing or offering the source e.G. for Hiawatha as required by GPL seems kind of pointless in practical terms. Anyone who might get seriously interested in Hiawatha after seeing it is used in that device will start by downloading the latest version from the Hiawatha website and not bother ask us to send them sourcecode.
Hugo Leisink
30 November 2014, 23:01
What you could do is offer scripts or anything like that which they can use to compile Hiawatha for the embedded device themselves. Of course, you can mention all kinds of requirements (software and hardware) for that. That way, you make the whole process open (as required) while at the same time discourage people to start messing around with the device themselves. If you specify all the details, you are actually saying: this is complex, don't try this at home, let us do it for you. Which is more or less what you want.

What kind of embedded device are we talking about if I may ask?
This topic has been closed.