If I understand correctly, VMWare wouldn't have been in trouble here if they'd have just put a link in their docs to the effect of "ESX distributes Busybox, the source for which can be downloaded here (link)".
This is about more than Busybox. Their 'vmkernel' proprietary code seems to rely heavily on code from the Linux kernel, up to the point where it may be a derived work:
In other words, their hypervisor could violate the GPL.
Of course, that does not change the point. If you want to benefit from GPL-licensed code, you also have to play by the rules. If the rules are never enforced, companies will systematically violate the license, as we've seen with many Android OEMs.
This chain of comments illustrates the reason that companies think the GPL is risky. Even in a highly-technical OSS-friendly community like HN, there are many different interpretations of what the GPL's restrictions actually mean. That uncertainty plus the viral nature of the GPL means that there's no way to know for sure that you won't be forced to open your whole codebase at some point in the future.
Suppose I grabbed a copy of the sources of NT, and then started modifying it and released a product based on that, without getting licensing from Microsoft. Do you think people would be "oh, this is why using Windows is risky .. there are many different interpretations of what the MSFT license means"? Of course not.
There's a difference between "not having a license" (in which case copyright applies, in which case you lose, simple), and having a license who's terms are ambiguous and not fully legally tested.
This is about more than Busybox. Their 'vmkernel' proprietary code seems to rely heavily on code from the Linux kernel, up to the point where it may be a derived work:
http://sfconservancy.org/linux-compliance/linux-vs-vmkernel_...
In other words, their hypervisor could violate the GPL.
Of course, that does not change the point. If you want to benefit from GPL-licensed code, you also have to play by the rules. If the rules are never enforced, companies will systematically violate the license, as we've seen with many Android OEMs.