Re: GPL V3 and Linux - Dead Copyright Holders

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Thu, 2 Feb 2006, Pierre Ossman wrote:
> 
> The point is not only getting access to the source code, but also being able
> to change it. Being able to freely study the code is only half of the beauty
> of the GPL. The other half, being able to change it, can be very effectively
> stopped using DRM.

No it cannot.

Sure, DRM may mean that you can not _install_ or _run_ your changes on 
somebody elses hardware. But it in no way changes the fact that you got 
all the source code, and you can make changes (and use their changes) to 
it. That requirement has always been there, even with plain GPLv2. You 
have the source.

The difference? The hardware may only run signed kernels. The fact that 
the hardware is closed is a _hardware_ license issue. Not a software 
license issue. I'd suggest you take it up with your hardware vendor, and 
quite possibly just decide to not buy the hardware. Vote with your feet. 
Join the OpenCores groups. Make your own FPGA's.

And it's important to realize that signed kernels that you can't run in 
modified form under certain circumstances is not at all a bad idea in many 
cases.

For example, distributions signing the kernel modules (that are 
distributed under the GPL) that _they_ have compiled, and having their 
kernels either refuse to load them entirely (under a "secure policy") or 
marking the resulting kernel as "Tainted" (under a "less secure" policy) 
is a GOOD THING.

Notice how the current GPLv3 draft pretty clearly says that Red Hat would 
have to distribute their private keys so that anybody sign their own 
versions of the modules they recompile, in order to re-create their own 
versions of the signed binaries that Red Hat creates. That's INSANE.

Btw, what about signed RPM archives? How well do you think a secure 
auto-updater would work if it cannot trust digital signatures?

I think a lot of people may find that the GPLv3 "anti-DRM" measures aren't 
all that wonderful after all.

Because digital signatures and cryptography aren't just "bad DRM". They 
very much are "good security" too.

Babies and bathwater..

		Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux