On 06/15/2007 02:30 PM, Michael Poole wrote:
Florin Malita writes:
On 06/15/2007 12:18 PM, Michael Poole wrote:
Yes. If I cut a book in half and store the halves separately, does
the second half become an independent work?
Except in this case you're not touching the book at all. If you write
a review for a book (much better analogy methinks), then your review
is obviously not an integral part of the book even though it's based
on its content.
Extremely poor analogy. I do not distribute my review with the book.
But you do (because I say so ; ), and guess what? It makes no
difference: your review is not a derivative work anymore than it was before.
Someone buying the book is able to use the book just fine (for the
purpose for which it was sold) without my review. They need neither
my review nor other modifications before the book becomes readable.
Exactly. So what's your difficulty in downloading the Tivo code, reading
it and re-using it in your own projects, on your other devices? How is
the missing signing key preventing you from doing any of that?
Someone buying the book may be free to read it anywhere but if they
insist on reading it at your table you may sensibly require they bring a
copy of your review with them (to prove their genuine interest ; ).
Failure to comply only means they have to read the book someplace else.
Can they read the book? Sure. Can they read it at your table? Only if
you choose to allow them.
As Ingo said, you need either the digital signature or other changes
before a Tivo kernel image will load.
GPLv2 guarantees that the book remains readable. It does not grant you
(doesn't even try) the right to execute a modified copy on any
particular piece of hardware. Your kernel is perfectly functional on any
platform that supports it - it just so happens that the Tivo device does
not support it.
Being an integral part (as in combined or derived work) has nothing to
do with usability. There are many other bits and pieces your
executable needs in order to function properly (or at all) but that
doesn't make your CPU microcode & electricity provider an integral
part of the program, does it?
No. Those are independent works.
So is a digital signature. Again, are you arguing the digital signature
is a derivative work?
Luckily, it doesn't really matter what you or I think that
"integral-ness" means, all it matters is how copyright law defines a
"derivative work" and whether a cryptographic hash is such a
thing. Now are you seriously arguing that a hash is a derivative work?
No. I explained this before. Try reading the thread and the GPL. I
am not sure where people get the (wrong) idea that the GPL only
concerns itself with "derivative work[s]".
I guess you'll have to explain again because copyright law and its
definition of derivative works are the things that make the GPL work:
"0.This License applies to any program or other work which contains a
notice placed by the copyright holder saying it may be distributed under
the terms of this General Public License. The "Program", below, refers
to any such program or work, and a "work based on the Program" means
either the Program or any derivative work under copyright law".
What I can't find though is any reference to "integral parts" or your
taken-for-granted right to run a modified copy of the program on the
same device used for distribution (or any mention of functionality at
all for that matter). Actually: "Activities other than copying,
distribution and modification are not covered by this License; they are
outside its scope".
On top of this, in the Tivo
case the two are distributed together, and even part of the same file.
It's mere aggregation, but it's totally irrelevant because they could
just as easily change their approach.
If and when they do, I'll consider the rules that might apply. Until
then, it is fairly stupid to try to defend Tivo by saying they *might*
do something they currently don't, and if they did, they *might* have
a defense that they currently don't.
But you're missing the whole point: the rules are the same, nothing
changes! You are drawing an artificial distinction between the two cases
and focusing on aggregation, which is totally irrelevant: either the
digital signature is a derivative work or it isn't, and in either case
its distribution method makes no difference in the world.
The reason I brought up the separate-signature example is to illustrate
just how ridiculous is to think of the signature keys as source files:
you can implement an equivalent DRM system without ever modifying the
kernel blob. Only difference is the channel used for signature
distribution, and I hope you won't argue that mere aggregation changes
its nature.
---
fm
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]