Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

RMS on Proposed GPLv3 changes 222

Posted by CmdrTaco
from the this-will-be-good dept.
H4x0r Jim Duggan writes "Last Saturday - the first day of FOSDEM, Richard Stallman gave what seems to have been his first public talk about the draft GPLv3. Ciaran O'Riordan of Free Software Foundation Europe was there and, after recording with his digital camera, has published a transcript of RMS's GPLv3 talk. O'Riordan previously made a transcript of the January 16th first presentation on the GPLv3 which consists of 70 minutes of Eben Moglen, with 20 minutes worth of interruptions from Stallman."
This discussion has been archived. No new comments can be posted.

RMS on Proposed GPLv3 changes

Comments Filter:
  • For those of us who don't feel like wading a 100 page discussion transcript in legalese, can someone link to a concise summary of the changes being made?
    • TFA is only the Stallman excerpts. It shouldn't take more than a few minutes to read.
      • Still, the summary should at least give you some idea whether he's "fer it" or "agin it." Sheesh!
      • Re:A request (Score:3, Informative)

        We recorded all the speeches this year and the movies can be found here [belnet.be]. Not everything is up yet, and they're still working on ogg/theora versions, and the filenames may not be too descriptive if you weren't there, but whatever... I already sent some feedback and those issues will probably be fixed soon.

        Disclaimer: I was but a humble volunteer; don't spam me with any questions 'coz this is about all I know about the movies. ;)

    • by Tackhead (54550) on Tuesday February 28, 2006 @11:47AM (#14817548)
      > For those of us who don't feel like wading a 100 page discussion transcript in legalese, can someone link to a concise summary of the changes being made?

      "Please stop calling it the GPLv3. It's GNU/PLv3!"

      /sorry RMS, I couldn't resist.

      • Actually, it's not. GPL stands for General Public License, not GNU Public License. But GNU/GPLv3 would be fine. :)
        • by hawk (1151)
          no, you ingrates, that's *not* enough. It's not "3", but "GNU/3". And don't even get me started on the letters . . .

          hawk
    • Re:A request (Score:3, Informative)

      by squiggleslash (241428)
      There's a few updates. Other than clarifications (for example, over GPLing something you have an exclusive or semi-exclusive patent license for that you can't transfer to licencees), the major changes I saw are:

      1. A manufacturer who takes GPL'd code, signs it, and then sells hardware that only runs code signed with their key, which they don't redistribute, is in violation of the license. This is relatively narrowly defined, despite Torvalds throwing a hissy fit about this part of the license a few weeks a

      • Re:A request (Score:3, Interesting)

        by AeroIllini (726211)
        To make it more compatable with similar licenses, there's a whole bunch of optional terms and conditions that can be added. For example, you can say "If you sue us for patent infringement, you can't use any patents our code relies upon that we own, effectively ending your ability to use our software." The notable feature is that this is an optional condition.

        Wait, what?

        Didn't RMS blow a gasket a few weeks ago, talking about how Creative Commons sucks eggs because it includes optional clauses [slashdot.org]?

        How is this dif
        • Didn't RMS blow a gasket a few weeks ago, talking about how Creative Commons sucks eggs because it includes optional clauses?

          No he did not.

          His complaint had nothing to do with "optional clauses."
          It was all about entirely different licenses being grouped under a single name.

      • 1. A manufacturer who takes GPL'd code, signs it, and then sells hardware that only runs code signed with their key, which they don't redistribute, is in violation of the license. This is relatively narrowly defined, despite Torvalds throwing a hissy fit about this part of the license a few weeks ago, thinking it outlawed all forms of DRM (it doesn't.)


        Perhaps, for those who haven't read it, you could quote the clause which refers to "hardware", or "manufacturer" or that the software distributer also has to
        • Rather than attack my summary without giving relevent reasons, perhaps you'd like to give an example of a situation that's outlawed by the license that my summary would have outrageously mislead people into thinking was valid.

          Summaries don't always include exactly the same wording as what they summarize, otherwise they wouldn't be summaries. Go boil your head.

          • I attacked your summary because it was misleading and gave the reasons why. You claimed that the clause was "narrowly defined" and that its effect was to ban a manufacturer that sells hardware and ships signed gpl software [...etc...]. Both statements may be accurate on their own, but taken together they are an entirely misleading, because the remit of the GPL clause is much wider than hardware mfr. that also ships software.

            Example:

            The drink drive laws are narrowly defined.
            It
    • For those of us who don't feel like wading a 100 page discussion transcript in legalese, can someone link to a concise summary of the changes being made?

      We're talking RMS here. I believe 100 pages is considered a concise summary.
  • O'Riordan previously made a transcript of the January 16th first presentation on the GPLv3 which consists of 70 minutes of Eben Moglen, with 20 minutes worth of interruptions from Stallman.

    Is that meant to sound like a bad thing? I hope not, if you're touching the GPL, I'd hope it's progenitor would interrupt you if you make a potential error ;-)
  • Is it just me or does it seem like RMS created a new verion of the GPL because people stopped listening to him about the old one.
    It seems to me that RMS views are no longer connected with where Open Source should go, and will just lead Open Source to be too socially libral for wide use.

    I disagree with RMS so my Mod points will negitivly reflect it.
    • I'm sorry, but saying that RMS is no longer connected with Open Source is like saying that Hillary Clinton is no longer a Republican.
      • I'm sorry, but saying that RMS is no longer connected with Open Source is like saying

        He never was. He was always against it. RMS is connected to Free Software, not to Open Source.
      • In the same sense, it's much like saying that RMS is no longer connected with reality.

        Is something to the effect of "If you use my software, you have to prepend GNU/ to the name of your product" in the license yet?
        • The GNU/ isn't prefix.. it's the name of another thing.

          When you run the Linux kernel, you're typically running the GNU operating system with it. GNU and Linux. GNU with Linux. GNU plus Linux... It's not 'GNU' or 'Linux' or 'GNU Linux' :)
    • RMS is still pushing forward, and there are a lot of people who are happy with the state of open source now. The thing is, with the competition (from a legal standpoint) of DRM, trusted computing, and etc, the GPL must make changes to counter these new ideas.

      Some people are afraid that the changes in gpl3 will keep people from embracing open source, but it is essential to have a licence that will be of use in the years to come.

      RMS has liberal views, but at this point he's the only one addressing the proble
      • Classically, liberals have great respect for property rights. I think it would be far more accurate to describe RMS' positions as socialist or communitarian, with a fair amout of anarchism thrown in. Not that that makes his views necessarily wrong, it only describes them more accurately.
        • Copyrights arent property rights. They are state protected monopoly rights and are in their essense incompatible with a liberal market view. Calling it 'intellectual property' is simply a misnomer intented to cause exactly the kind of confusion you've fallen victim to.

          Intellectual monopoly rights restrict what the owner of a piece of property is allowed to do with that property. The GPL essentially restores those rights to the owner of any copy, and prevents further re-restriction. That fundamentally suppor
      • The thing is, with the competition (from a legal standpoint) of DRM, trusted computing, and etc, the GPL must make changes to counter these new ideas.
        Some people are afraid that the changes in gpl3 will keep people from embracing open source, but it is essential to have a licence that will be of use in the years to come.
        RMS has liberal views, but at this point he's the only one addressing the problem.

        True. Binary drivers are a huge problem, as well, most acutely in the wireless and video subsystems. U

    • Well, first RMS was never associated with "Open Source", but "Free Software" (which, as I'm sure you know, have different aims, but similar outcomes).

      As far as GPL v3 being too socially liberal, if people do not like the license they will not use it. Furthermore, most people can still use GPL v2. Its not like RMS will somehow revoke the GPL v2 license. There is nothing to stop you from releasing the Jellomizer Public License and creating terms exactly as you'd want them. Many people might not like your
    • Bill? Is that you? (Score:2, Informative)

      by PetriBORG (518266)
      Is it just me or does it seem like RMS created a new verion of the GPL because people stopped listening to him about the old one. It seems to me that RMS views are no longer connected with where Open Source should go, and will just lead Open Source to be too socially libral for wide use. OSS socially libral? We're all a bunch of commies is that it?

      The GPL3 is trying to address a great number of current problems with the GPL2 including things like use of web-scripts, patents, and other holes. It has nothi

    • Is it just me or does it seem like RMS created a new verion of the GPL because people stopped listening to him about the old one.

      I don't think so. I'm a more BSD fan than anyone else, but I can see where he is coming from. He is simply trying to make it so GPL can't be used to restrict the rights of others.

      People don't have to use it if they don't want to for things they want to write from scratch, but he is giving the option for authors who want to use a GPL license but don't want their works to be used do
    • "It seems to me that RMS views are no longer connected with where Open Source should go..."

      And where, pray tell, is that? Last time I checked, freedom meant letting people make their own decisions about where to go. By that estimation, "where OS should go" isn't one direction - it's the myriad directions that individuals resolve to go, given their freedom.

      I don't know what you've been reading, but I sure do see a lot of people (eg, Slashdot, and... well YOU) listening to what RMS has to say. How that qualif
  • by H4x0r Jim Duggan (757476) on Tuesday February 28, 2006 @11:38AM (#14817427) Homepage Journal

    These transcripts, and other such documents, are collected at the official GPLv3 wiki [fsf.org], on the Reusable texts page [fsf.org]. And there's more info about the draft and how to participate in the public consultation at gplv3.fsf.org [fsf.org].


    • Summaries of the transcripts, including explanations of the terms and the implications of the ideas, are for sale fo me. This is in accordance with terms of the old and new GPL, although I offer no indemnity against a SCO subpoena. Sorry! ;)
    • Right now the draft's webservices portion is effectively useless. You can wrap your GPLed webservice with another webservice which passes every function call except the one which requests the source. If they fix it by being even more strict, they could easily requiring exposure to DDoS attacks.
  • by morgan_greywolf (835522) on Tuesday February 28, 2006 @11:44AM (#14817512) Homepage Journal
    What about Man-in-the-Middle attacks? That is, MonopolySoft builds a machine that will only run binaries signed by Red Hat. Red Hat is not required under GPLv3 to give its signature key, but the machine maker is, except, he's decided to verify only against Red Hat's key and he doesn't have Red Hat's private key (just the public key, which is used to validate that the binary came from Red Hat, which is all he needs). So I can still be prevented from modifying my GPL software and running it on my box, right? And no one's violated GPLv3, right? GPLv3 doesn't cover this type of attack at all.
    • Then you don't buy MonopolySoft's machine.

      If it is not possible for other machines that run Red Hat code to exist, then it's clear that Red Hat is designing the code for a specific architecture that requires signing, and therefore is required to distribute the key so that you can sign modified binaries yourself.
      • The point of the key is to guarentee the that the code came from Red Hat, and giving away that key is idiotic. Giving away that key will let any wanker say that his code has been signed and certifies by Redhat.

        If you choose to run a machine that only runs signed binaries, that's your problem, not the GPL.

        In trying to protect itself, the FSF is going to shoot itself in the foot and remove the leg.

    • Wrong.

      The key is a signature. All it does is verify that the file came from somewhere. If Redhat distributes to a third party and the third party wants to modify the software and distribute it they are free to. And you are free to take the modified version and modify it further. No where though are you given the rights to impersonate Redhat. All they need to do is release the source code.
    • This question was asked in the Q&A session after Richard's presentation. Richard answered that he will consult a lawyer, and he will do everything possible to fix this, and if you have suggestions they are welcome - and in the end he might fail to find a solution within the GPLv3 to this problem.
      • by 0xABADC0DA (867955) on Tuesday February 28, 2006 @12:31PM (#14818043)
        Summary:

        1) Red Hat creates a binary linux distro based on GPLv3.
        2) Dell makes hardware that only runs *specific, known binaries*.
        3) You buy machine and compile linux from source, but it won't run.

        How does GPL v3 help?

        Dell can't distribute RH linux without making it possible for you to run your compiled version (whether the actual hardware that only loads the signed binaries is theirs or not), since they also have to accept GPLv3 in order to distribute software that is licensed with GPLv3.

        What's the loophole?

        Dell could just ship blank machines that you have to load yourself, that only run Red Hat. Dell may not even have agreed to GPLv3 for anything (by running completely commercial , bsd-like, or GPL-2 software).

        What's the solution?

        The GPLv3 can include a clause that if you accept the license you cannot distribute *any* product that prevents a user from using any of their own modified GPL-covered software. This means for Dell to ship a computer that only runs Red Hat Linux, they have to use *no* GPL3 software of any kind in their entire company. That's about the best you could do, legally, and even still it may not be enforceable.

        Personally I don't care how far-reaching the GPLv3 is. The idea that Dell could take my work and actively use it to take away people's rights is so wrong that there's pretty much nothing the license could do that would be worse. I'll be releasing my code as GPLv3 as soon as it comes out.
      • This question was asked in the Q&A session after Richard's presentation. Richard answered that he will consult a lawyer, and he will do everything possible to fix this, and if you have suggestions they are welcome - and in the end he might fail to find a solution within the GPLv3 to this problem.

        This is the primary issue preventing Linus from accepting GPL3. Linus writes:

        Notice how the current GPLv3 draft pretty clearly says that Red Hat would have to distribute their private keys so that anybody si

        • No, in the situation you describe, RedHat (who probably wouldn't do this anyway - I add this in case anyone reads this thinking "My god! RedHat's going to try to violate the GPL!") has to rethink the situation more clearly.

          If RedHat (or whomsever) is signing its binaries purely so they will run on specific machines that have been locked to those distributions (the only case in which the keys are relevant, remember the wording "in the recommended or principal context of use"), in such a way that users of t

          • If RedHat (or whomsever) is signing its binaries purely so they will run on specific machines that have been locked to those distributions (the only case in which the keys are relevant, remember the wording "in the recommended or principal context of use"), in such a way that users of those machines cannot compile their own versions, then RedHat is violating the principle (and probably the letter) of GPLv2 and definitely the letter of GPLv3. It is absolutely right that under those circumstances, RedHat eith

          • If Redhat is signing their code so that it can be identified as originating from them, I can design my own "DRM" hardware that will only run binaries that have that signature. Now you cannot build your own versions and run them without Redhat's private key. Who is responsible for ensuring that you can build your own version? Redhat was not knowingly involved in this "DRM" implementation at all so it's unreasonable to ask them for their private key. I am not distributing GPL software at all, so its requi

        • If DRM'd hardware is the "recommended or principal context of use", then you apparently do have to distribute your private key.


          It is worse than that, context of use says nothing about limiting to hardware - ie. it could be software - and nothing about DRM - it could be (say) a trusted software update application.

          In fact, in general terms, the "recommended or principal context of use" for a signed binary can only be a context in which a signed (with the right key) binary will behave differently to an unsigne
    • Since 4 out of 5 replies don't understand what you're trying to say, let me try to make it clearer.

      Bromskloss (750445) didn't understand it at all.
      Qzukk (229616) doesn't understand that the software could run on other hardware, but the hardware can not run other software.
      phoenix.bam! (642635) doesn't understand that the modified binary won't run.
      i23098 (723616)
      ainst GPL (Score:1)
      by i23098 (723616) doesn't understand that "MonopolySoft" doesn't *have* the key, nor to they distribute software.

      Basicly, you cre
      • You got almost all right. But the WebShop can't sell both the hardware and software, because it must distribute the SoftCorp's keys.

        That means that it is hard to get a sucessfull lock-in this way. Lots of companies won't be able to do so. But this protection against DRM isn't absolute, the same way that DRM isn't also absolute (even in hardware).

        • Why not? Webshop can just sell them as two separate products. The GPLv3 isn't violated until the customer actually installs the software onto the computer, at which point the its still legal since its personal use. Its not up to Webshop to try to guess what softawre the customer will install on his hardware.

          Its no different from selling DVD burners and blank DVDs. it could be used for illegal things (and often is), but its not up to Webshop to prevent people from doing illegal things with the stuff they b

          • GPL triger on the moment that you pass some GPLed software to another person. That means that if WebStore sells the program, it must agree to the GPL, so it can't sell the piece of hardware.

            The only way to put the two (hardware and software) toghether without violating the GPL is by the end user doing so.

      • That way neither company falls under the GPLv3, yet you sell a hardware/software combo that is locked by DRM

        I don't really think this situation is even a minor threat. The thing is that "you" can't legally sell the hardware/software combo- no one can. Just because SoftCorp doesn't make the keys available, doesn't mean that anyone else who gets the source from them is relieved of that responsibility. If you distribute SoftCorp's software, you are under all of the same obligations they are. If you were to
    • This is not an attack.

      MonopolySoft is not violating the GPL. They are not preventing you from building the software, they are not preventing you from distributing the software. They are restricting which software you are allowed to run on the machine, which is etirely different.

      In short you're SOL, and should have not purchased that box.

      RMS is subverting the spirit of his own GPL, by not just placing restrictions on distribution, but restrictions on usage and modification of GPL software.

  • by doomy (7461) on Tuesday February 28, 2006 @11:47AM (#14817550) Homepage Journal
    Richard Stallman: By the way, I don't think we were using any chalk. We were using computers to write things down.

    Eben Moglen: Yes, I was using the chalk after you went home at night. Sometimes I had ...chew it.

    Richard Stallman: Did you eat it?

    Eben Moglen: You see how it is. There was chalk involved, he just wasn't around for it. Yeh, it was curing my indigestion actually.
  • I like RMS, his ideas, and his work on GNU, but when he starts spouting off about "Treacherous Computing" and "Digital Restrictions Management" instead of using the traditonally accepted names (trusted computing and digital rights management, respectively), he just marginalizes himself and his positions.

    Yes, I agree that TP and DRM are more apropriately called what Stallman calls them, but your average Joe who wants to learn more about FOSS, GNU, etc. hears this and thinks the guy is just some conspiracy lo
    • But he who controls the terms of discussion, often controls the discussion. RMS is using his alternative acronym expansions to de-construct the euphemisms the big media cartels are planting in everyone's minds.

      Just like how the government wants to call anyone who's a dissident 'unpatriotic', etc. Think about it.
      • Yeah, I know why he's doing it. I just think he should be a bit more diplomatic about it. Something along the lines of "I don't like X, which I like to call Y, because what it really is about is ..." would be fine.
      • But he who controls the terms of discussion, often controls the discussion.

        The problem is, the Geek isn't in control. In the larger world, I have yet to see coinages like "copyleft" and "treacherous computing" gain any traction whatever.

    • "...That's why I'd rather hear your name than see your face"
      --Laurie Anderson, respect to Wm. Burroughs

      He may alienate people on the topic in question, but if he succeeds in waking them up to the importance of recognizing this kind of language, he's succeeded in something, IMHO, far more important.
    • Re:Come on, man (Score:3, Insightful)

      by aug24 (38229)
      Fuck that - why should the bad guys (biased statement, I know) get to name things?

      Why should any of us accept the phrase "Trusted Computing"? It's intended to be doublespeak, we should applaud RMS him for pointing it out.

      J.

      • Amen.

        Raise your hand if you think the USA PATRIOT ACT is patriotic (for those that live in the USA). I sure don't think it is. Controlling language comes close to controlling individuals. Just look at religion. With out incessant repitition of what is "truth" since childhood most people would never have bought into almost any religion. Yes, there are exceptions to every rule of course. As it applies to this, well if you give something a nice and good and SAFE sounding name and only talk about all of the won
    • As others are pointing out, George Orwell made it very clear in "1984" how the power of language can be misused to exercise control over the minds of the population. It is important to call things with their real names, so that there is no doubt about the purpose of DRM and TP.
      • "As others are pointing out, George Orwell made it very clear in "1984" how the power of language can be misused to exercise control over the minds of the population. It is important to call things with their real names, so that there is no doubt about the purpose of DRM and TP."

        Yes, Like RMS calling his software "free software". If it's free software, why are there all the restrictions?
        • They call this a free contry yet I am not allowed to run around killing people. If it's a free contry why am I not free to restrict others freedom?

          The restrictions on free software are there to keep it free.
    • I like RMS, his ideas, and his work on GNU, but when he starts spouting off about "Treacherous Computing" and "Digital Restrictions Management" instead of using the traditonally accepted names (trusted computing and digital rights management, respectively), he just marginalizes himself and his positions.

      Traditionally accepted names? What is this tradition you speak of?

      I don't think we were talking about DRM back in the 1800's. Heck I didn't hear about DRM until the late 1990's and then I don't think society
      • What's worse is that assholes refer to just about everything as DRM. It's a catch all term. Product Activation? DRM. CD Check? DRM. Gotta download a codec to play a movie? DRM. Hell, I've heard people refer to the restrictions on what you can do with objects in a MMORPG as DRM. It's as non-specific as Intellectual Property, and worse than IP it presupposes that creator of the file to which the "rights" are attached actually has any right to have those "rights" enforced on my machine.
    • All of these terms are new. There is no more "tradition" behind the monopolist's nomenclature than there is behind RMS' user-centric nomenclature. Nor should "tradition" define what is right and proper for a society. Did it ever occur to you that an "average Joe who wants to learn more about FOSS, GNU, etc." might want the ethical take on the matter that RMS presents and that it is the dog-eat-dog business-speak which alienates people? Since when did the business language become unquestioningly correct

    • Yes, I agree that TP and DRM are more apropriately called what Stallman calls them

      Then use them. Let them be the first definitions that people ever hear, so that when they hear the *AA-coined versions they'll recognize them as doublespeak.

    • Stallman is a far left liberal. Like other far left liberals, he cannot stop himself from renaming things. For example, if you read his blog, you'll see that he cannot say the words "President Bush", but has to say "The Shrub", or "the unelected president", or something like that. He thinks he is being clever, but he ends up looking at stupid as the comment crowd at Democrat Underground.

      If you don't like the names, prefix them with "so-called", or something like that, so that you distance yourself from them
    • he just marginalizes himself and his positions

      He's always been there - for instance his opinion that we shouldn't have to use any sort of authentication to use computers, go to conferences etc. I disagree with him and use passwords on computers, but agree with him that a good licence such as the GPL is a good thing, but once again disagree that there can be no licence but his. Listen to him once on each issue (not worth hearing the repeats), consider what he says, and then decide what you think. We don't

  • The fundamental flaw in his statements comes early on, and the flaw in the GPL and the rest of his thoughts on it follow. Here it is:

    "DRM is an example of a malicious feature"

    DRM is not a malicious feature any more than CD writers are a malicious feature (though the RIAA might claim they are in much the same way Stallman wants to claim that DRM is). The reality is that DRM is a tool, and it's not the tool that's malicious, but some of its potential uses. We should be pushing hard, as a community that comm

    • I honestly don't care if Windows won't let you play a song without putting a quarter in your floppy drive. What I care about is that there are valid alternatives; that shipping a general purpose box that only allows one OS to be run

      Do you care that you won't be able to use your box for media at all? That you won't be able to read any website using TCPA to "secure their copyrights" (which may mean the literal text on the webpage)? That you might not be able to connect to the Internet wuth a residential conne
  • IBM doesn't ship personal computers any more, just like it doesn't ship typewriters, or card punches. It moves on, to shipping supercomputers-on-a-chip for Microsoft, Sony, and Nintendo to put in their games consoles. However, the IBMers need to use personal computers, to get on with IBM's business ('Support the commercial clients in their businesses'); and the IBMers need a huge amount of freedom to be able to do that effectively. So the IBMers are likely to need the 'free' computers, just the way RMS woul

I have never seen anything fill up a vacuum so fast and still suck. -- Rob Pike, on X.

Working...