The FSF, GPLv3 and DRM 388
whats-life-without-gpl writes "FSF has a thing against DRM. This article tries to explain why RMS isn't a DRM (Note that NewsForge is also owned by OSTG) fan and how GPLv3 is gearing up to protect against it. "
The problem with signing (Score:5, Interesting)
GPLv3 says that if any GPLed software carries an embedded key, this key should me made available to the users, but it makes no demands on the first kind of key. Linus has said that he would never distribute his signing keys, but the GPLv3 does not require him to release them. The key he talks about only describe the trustworthiness of the kernel. It in no way affects the freedoms of copyleft. It's only the embedded keys, which can be used to nullify the freedoms offered by copyleft, that need to be released.
DRM isn't the problem (Score:3, Interesting)
Linus needs to join the party (Score:3, Interesting)
I hope that Tivo get's taken to court. It would be a triumph for open source efforts.
Re:Of course RMS is not a DRM! (Score:5, Interesting)
Re:What's wrong with TiVo? (Score:5, Interesting)
GPL 2 vs. GPL 3 (Score:3, Interesting)
Doesn't this mean that - since GPL 3 is more restrictive - that already GPL'ed software cannot be distributed under GPL 3?
Re:The problem with signing (Score:4, Interesting)
The difference is that the same entity is both the one releasing the code and enforcing the key. Linus doesn't have to release his key because he is not requiring it to run the code on anything (therefore, he isn't violating the license). Some company can create hardware that will only accept kernels signed with some particular key only if it doesn't actually distribute a modified and signed kernel itself (because it wouldn't be bound by the license in the first place).
This does bring up a flaw in the idea, though: what stops a company like TiVo from creating "unrelated" shell organizations so as to separate the kernel development and hardware development in order to get around this?
(note: I used the kernel merely as an example; there's no need to inform me about issues related to the lack of the "or any later version" clause)
Can I buy a vowel? (Score:2, Interesting)
Re:Why does everyone keep quoting Linus? (Score:2, Interesting)
Unless he wanted to write a brand new kernel from scratch, which would be a kick-ass idea. I wouldn't miss linux' monolithic dinkerishisness.
Re:The problem with signing (Score:1, Interesting)
That's the problem here -- if the GPL can affect this at all, it can only really affect the actual signing of the code, not how it is enforced, and that's the concern Linus has as well.
Re:Preaching to the choir? (Score:4, Interesting)
OSS is properly a development model, not a philosophy.
Calling a spade a spade. (Score:2, Interesting)
He is a very smart guy, and knows that his argument doesn't hold water which is why he is declining to speak about it further. The truth is that Linus is buddying up with lots of companies, he's part of the corporate side of open source now not the community side. The relationship between money and open source has been great until now, when the needs of freedom are now coming in opposition to some of the buisness needs of open source money.
Linus didn't build the entire Linux kernel, a community did. If he is unwilling, or the companies supporting him are unwilling, to move the license forward in the interest and popular support of the linux community then we can branch the code now and start extending and reworking the linux kernel under the GPLv3. They know that, and they don't want to loose the communities support so they are trying to make it sound like the FSF is imposing their will on the community, rather than Linus and a hand full of companies imposing their will on the community that builds their product.
The provision in GPLv3 that Linus opposes refernces "Tivoization" in it's text, and if you look back Linus and others he's worked for and with have never viewed Tivo's products as a negative imposition on the rights of software and software developers.
What's wrong with that? (Score:3, Interesting)
I'm with Linus, I don't think the license should be used as a "crowbar" into the hardware too. The GPL3 sounds like it places even MORE restrictions on what the user and/or developer and/or companies may do, not less... I'm against how they went about it too... it doesn't sound like the FSF even took anyone's opinions into account, RS and the rest just created an even more onerous license than the original. I don't see too many companies adopting it....
Take for instance, the following possible situation.... As a developer and small business man, this type of situation entirely possible, I've run up against this using GPL code. Company X developes a brand new, extra-cool heart monitor and defibulator widget based upon embedded linux. The product has been carefully tested at the factory, with good records kept, etc. The product uses a signed image to verify that it's the same image that went through tests and hasn't been modified. Product is FDA accepted and on the market, the company that developed the product feels fine taking the responsibility for the code. I know the license doesn't confer responsibility to the other developers, but the company has tested this particular image and they assume liability.
Now, some fool at the calibration outlet decides he's going to load some updated packages into the image, without telling anyone and without proper testing. He's creating a dangerous situation by running software that wasn't tested for it's particular use. According to the GPL3, he can resign the binaries and create a potentially injurious product, exposing company X to VERY SERIOUS liability that they had no part in.... Remember that company X did NOT want to release the signing keys, did NOT load the untested software on, but they will be held liable for any injury that results from it's being ABLE to be loaded. Company X here also may become the "deep pockets" defendant in this case, with the repair guy skating away....
No, this is totally wrong.... GPL3 should NOT be able to force this situation.
I don't like what TIVO is doing, and I sure don't like DRM, but I like what the FSF is doing even less. How about an open comment period. How about querying the free software developer as to what they want. I didn't receive any survey, I didn't find any place where I could provide feedback or vote either. They propose to speak for me, but I have not found any way to tell them what I want. People using stuff that I write will find the "either version 2, or (at your option)any later version" missing from any of my new works.
@*&% the GPL3!
Re:I fear a repeat of the Bison fiasco... (Score:4, Interesting)
Microsoft, the RIAA and the MPAA have wanted to be able to do this for a long time.
We will then need a blessed versions of Linux that has been signed by a major financial backer like IBM who could give kickbacks to the right cartels just to be able to access the content we can currenly use and to read files sent to us from Microsoft machines.
I don't know if Richard Stallman stands much chance against the tide of monopolies and cartels that want to use DRM to restrict our rights(RIAA/MPAA) and kill competition (Microsoft).
But I'm glad someones trying.
Re:The problem with signing (Score:4, Interesting)
The manufacturer building that computer is perfectly legal. Linus continuing to develop Linux and sign his copies of it afterwards is perfectly legal.
The illegal act -- and the signifier of the "fundamental distinction" you're after -- is when the manufacturer copies Linux in order to sell it to someone on his special computer. He may only make that copy if he's complying with the terms of the GPL, the same as it ever was, and in order to comply with the GPL, he must ensure that the people receiving software from him receive the same rights he had when he received it -- the rights to modify it for any purpose that suits them. Since he want to deny his customers that right (at least when running on the computer he sold them), the GPL v3 will (correctly IMHO) deny him the right to sell Linus's software along with his shiny new computer.
If he made that computer, and required that his end users download a kernel.org kernel signed by Linus in order for his computer to operate, he would be in the clear, as would his end users (since they aren't copying any GPLed work, the provisions don't have to apply). This situation would make RMS slightly unhappy, since the end user isn't free to modify his computer's software, but it's perfectly legal according to the terms of the GPL v3.
Of course, the DRM provisions aren't designed to attack that farfetched example; they're designed to counter the much more plausible example of Tivo-style DRMization of GPLed works, letting Tivo profit from hundreds of millions of dollars [dwheeler.com] worth of community research without compensating the community in kind.