Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Hifn Restricts Crypto Docs, OpenBSD Opens Fire 304

Mhrmnhrm writes "After totally closing off public access to documentation for their chips roughly five years ago, Hifn is again offering them, but with an invasive registration requirement. Needless to say, Theo de Raadt and the rest of the OpenBSD team were not amused, and following a Hifn manager's missive, the gauntlet has been thrown. Either open the docs fully, or be removed from the system. This wouldn't be the first time... the same thing happened to both Adaptec and Intel following similar spats."
This discussion has been archived. No new comments can be posted.

Hifn Restricts Crypto Docs, OpenBSD Opens Fire

Comments Filter:
  • By my math... (Score:3, Insightful)

    by Enderandrew ( 866215 ) <.moc.liamg. .ta. .werdnaredne.> on Wednesday June 14, 2006 @07:52AM (#15531100) Homepage Journal
    ...I count 12 required fields where you have to enter data.

    Is this worth throwing a hissy fit over? Once one person downloads the docs, they can distribute them.

  • Theo (Score:5, Insightful)

    by dirtyhippie ( 259852 ) on Wednesday June 14, 2006 @07:56AM (#15531113) Homepage

    Oi, Theo! I agree with you 100%, but please, tone down the virtiol just a smidge! From TFA:

    Jason and I spent a lot of time writing that code in the past, but because your policies are privacy invasive towards us, and thus completely thankless for the sales that we have given you in the past -- we will not spend any more time on your crummy products.

    And if you continue baiting me, I will delete the driver from our source tree.

    Calling their products "crummy" and threatening them with driver deletion if they don't stop "baiting" you is not a way to get what you want. Now it means some egomaniacal manager has to eat crow for the driver to go public. I was in 100% agreement with your post until I got to this point.

    Sometimes, I wish someone would just slip some sort of tranquilizer in the water supply near Alberta...

  • Re:By my math... (Score:3, Insightful)

    by tygerstripes ( 832644 ) on Wednesday June 14, 2006 @08:02AM (#15531130)
    Registration at our extranet is required along with an email address that can be confirmed. We cannot support anonymous FTP or http downloads. The reason for this is that we are required by the conditions of our US export licenses to know who and where our customers are. If anyone objects to registration then we could not sell them chips anyway so it does not seem an unreasonable restriction to us.

    Implication: they are collecting the data in case they're asked to provide it. To the US Govt. Yeah, that's pretty hissy-worthy when you're trying to claim that you're opening up access. I have little doubt that registration will lead to some non-disclosure agreement or other, though I'm not prepared to try it myself.

    Incidentally, how does the supplying information without charging for it constitute "export"? And by comparison, if I want to download a manual for something I bought second-hand, why can't I? Just a thought.

  • Re:By my math... (Score:5, Insightful)

    by Deliberate_Bastard ( 735608 ) <doslund.cs@ucr@edu> on Wednesday June 14, 2006 @08:02AM (#15531131)
    >I count 12 required fields where you have to enter data.

    >Is this worth throwing a hissy fit over?

    And I count one (1) principle at stake.

    Which is *always* worth throwing a fit over.
  • by gowen ( 141411 ) <gwowen@gmail.com> on Wednesday June 14, 2006 @08:02AM (#15531132) Homepage Journal
    That's a typical OpenBSD discussion, in which Theo DeRaadt
    i) is basically right
    ii) still manages to sound like spoiled whiny tosser in the process.
  • Re:Theo (Score:5, Insightful)

    by flumps ( 240328 ) <matt,corby&gmail,com> on Wednesday June 14, 2006 @08:06AM (#15531145) Homepage
    In fairness you do not know what has gone before. Theo mentions "personal emails" and "previous discussions".

    Some people just do not listen unless you threaten them like this. It must've been the last straw..
  • by nonmaskable ( 452595 ) on Wednesday June 14, 2006 @08:07AM (#15531154)
    I didn't see any useful discussion of the key point in Cohen's email:

    Registration at our extranet is required along with an email address
    that can be confirmed. We cannot support anonymous FTP or http
    downloads. The reason for this is that we are required by the
    conditions of our US export licenses to know who and where our customers
    are. If anyone objects to registration then we could not sell them
    chips anyway so it does not seem an unreasonable restriction to us.

    With a choice between "make Theo happy" and "violate export regulations" it doesn't seem like Hifn is exactly trying to "bait" Theo or OpenBSD.
  • Re:Theo (Score:3, Insightful)

    by Bin_jammin ( 684517 ) <Binjammin@gmail.com> on Wednesday June 14, 2006 @08:16AM (#15531200)
    Theo must be the only person you have to deal with ever. Seems most everyone I meet these days is like that.
  • by rsidd ( 6328 ) on Wednesday June 14, 2006 @08:18AM (#15531205)
    Theo repeatedly claims that the site wants "approximately 50 personal questions". I looked, and there are only 11 questions with required answers, of which I can only construe two (office phone number, and office address) as invasive of Theo's privacy. (I assume everyone knows Theo's name and email address, from the mailing lists.)

    If he objects to providing that information, he can say so, but this sort of easily-refuted hyperbole doesn't help.

  • Re:By my math... (Score:5, Insightful)

    by bhima ( 46039 ) <Bhima.Pandava@NOsPaM.gmail.com> on Wednesday June 14, 2006 @08:22AM (#15531228) Journal

    You have to sign an NDA to get the documents. So you would be violating the NDA to redistribute them.

    There isn't a business advantage to this sort of secrecy because your competitors can easily obtain this same information through a blind. So it comes down to policy motivated by irrational fear & greed. Who needs to really deal with company with these qualities?

    This topic is of primary interest to me because I am shopping for a crypto accelerator card right now, for use in the fall. Given the success and ease I have had using OpenBSD, and given the great support I have from the mailing lists, this is a reasonable criterion to use when purchasing hardware. In fact at some point of the decision making process for all of my hardware I have done a search on the OpenBSD mailing lists. This sort of information makes installation and maintenance a simple thing.

    So it really does boil down to unless the OpenBSD group recommends a certain piece of hardware I won't buy it...
  • by giorgiofr ( 887762 ) on Wednesday June 14, 2006 @08:28AM (#15531261)
    OF COURSE we should. That's the best way to show the gov't we don't like market regulation in any shape or form. When the big industries take their ball, go play somewhere else with sensible laws and the economy suffers utter and complete collapse, maybe they'll get the message.
  • Abusive much? (Score:4, Insightful)

    by thePowerOfGrayskull ( 905905 ) <marc,paradise&gmail,com> on Wednesday June 14, 2006 @08:31AM (#15531274) Homepage Journal
    While I whole-heartedly agree with the point Theo was making in his article, I can't help but think that engaging in hyperbole (50 questions? ~25 is accurate) and verbally abusing and threatening the vendor is going to help in any way.
  • by Ritchie70 ( 860516 ) on Wednesday June 14, 2006 @08:34AM (#15531292) Journal
    OK, great. This info was freely available on their web site 8 years ago. So?

    You know what, if you'd wanted this 15 years ago, you would have phoned them up, given them the EXACT SAME INFO THEY'RE ASKING FOR on their web site, and they would have mailed it to you.

    And a sales-person might have called to see if you wanted to buy some chips.

    Theo's "50 questions" is email, name, company name, title, address, phone number, and "what is your project? What is your role? When do you want to buy some chips?" How about a little reality here. Theo does some great stuff, but that doesn't mean he gets to bend how the world works to his will.

    Just like the "I don't get any donations" rant from him a bit ago, he just doesn't seem to be well grounded in business realities. If you want donations, you need a tax-exempt foundation, not "make checks out to Theo." If you want data sheets, you might have to tell the company who you are and why you want them.

  • Re:Theo (Score:1, Insightful)

    by Anonymous Coward on Wednesday June 14, 2006 @08:35AM (#15531302)
    Theo does earn a modest living from working on OpenBSD. The 'petulant child' is sat on boards and councils all around the world, just because they use polite formal language, it doesn't make them any less childish. Theo isn't really being childish, he's under no obligation to support this companies chips. Had it been me, I would have pulled Hifn drivers from the kernel tree instantly, permanently and with no further debate.
  • by m874t232 ( 973431 ) on Wednesday June 14, 2006 @08:39AM (#15531326)
    When companies impose weird intellectual property restrictions on their data sheets, then I'm all for making the process of getting the data sheets as cumbersome as possible--that way, FOSS developers will at least become aware that there is something funny going on.

    Some other vendors hide a restrictive license ("if you look at this, we own stuff you do with it") somewhere in the documentation or behind a "Read This License" link, but people who look at the documentation never notice.
  • Theo is right (Score:1, Insightful)

    by Anonymous Coward on Wednesday June 14, 2006 @08:40AM (#15531329)
    OpenBSD could really care less about Hifn in the long run. Someone stated that Theo thinks his personal information is like currency. It is. The US government would love nothing more than to learn who uses crypto devices and they have no right to that information. Thankfully, OpenBSD is based in Canada and not in the US. The US has long been opposed to crypto among the masses but cannot really do anything about it. This president is doing his damndest to crack down on anyone and anything that even remotely smacks of anti-US sentiment, policy, etc.

    OpenBSD should delete the driver and move on. It would not take that much capital to devise you own crypto chip sets, write the drivers and then have the Chinese or Koreans build them for you. OpenBSD could sell the chips and the drivers and fund itself in the process.

    Go OpenBSD!
  • Re:Theo (Score:2, Insightful)

    by Anonymous Coward on Wednesday June 14, 2006 @08:44AM (#15531349)
    I have to disagree there. The chap may look like a fool to certain people,
    but he is only further alienating people who are outside the project already.
    There needs to be more of this kind of plain talk. I have great respect for
    these types of character who speak straight and openly mock officious business
    and legal nonsense. I have the greatest respect for the PirateBay practice
    of posting the laughable legal notices they receive along with scathing
    responses. We need more of this open hostility to bullshit.

    You say that Hifn made no insult, but that is for Theo to infer not for you
    to deduce. Perhaps he takes an authoratarian expectation to comply with arbitary
    hoop jumping as an insult, I can see that too.

    Your definition of professionalism is quite personal. For example, someone who
    bases their choice of software on the personality of the coders rather than
    the quality of the product could be taken as churlish and unprofessional too.
  • by 91degrees ( 207121 ) on Wednesday June 14, 2006 @08:48AM (#15531374) Journal
    Unless Theo can give a decent estimate of how much 'sales' OpenBSD has 'given' them, I doubt the upper brass at Hifn cares about Theo's whinging.

    I wouldn't be surprised if a lot of their customers were BSD users. It's quite a common OS in the sort of application this chip is designed for.

    If you don't believe me, we'll, the only reason NVIDIA's Linux support is miles ahead of ATI is due to the demand from Hollywood setups to use high-end-5000%-margin professional cards on Linux, not geeks on Slashdot playing Tuxracer.

    PowerVR released a linux driver for the Kyro 2. The only people who would have had any interest in that were the geeks playing TuxRacer.

    What makes you think the Linux geek market is so small? A lot of Linux nerds are early adopters, and are quite likely to choose one high end graphics card over another simply because it will run on their Linux partition. Half a million slashdot readers may not be the bulk of their market, but it's probably worth something.
  • Re:Theo (Score:1, Insightful)

    by Anonymous Coward on Wednesday June 14, 2006 @08:54AM (#15531407)
    Exactly - Theo the petulant child. People like him are exactly why I don't bother looking into open source further.

    You do realize your behavior is equivalent? "I don't like the way one person who does open source acts, so I won't bother with any open source. I'll just take my marbles and go home!"

    So long, open source won't miss ya!
  • by TripMaster Monkey ( 862126 ) * on Wednesday June 14, 2006 @08:56AM (#15531416)

    Well, it would appear that a condition of obtaining an export licence for their products is that they be able to identify their customers.

    This is entirely beside the point. The driver writers are not customers.

    Documentation of a product is not restricted by export licenses pertaining to that product...only the product itself is restricted.
  • by mytec ( 686565 ) * on Wednesday June 14, 2006 @09:03AM (#15531457) Journal

    Theo isn't asking for a product. He is asking for documentation (data sheets). Further, as the email points out, he isn't looking for documentation regarding unreleased products, etc. but for documentation that was *freely* available eight years ago. Additionally he points out that other *crypto* companies provide information that is more available. What is unclear to me though is whether or not those companies he vaguely mentions are US companies.

  • Sign up (Score:2, Insightful)

    by webmistressrachel ( 903577 ) on Wednesday June 14, 2006 @09:07AM (#15531472) Journal
    It seems from the general tone of comments that nobody has actually signed and looked at this site. First, an earlier poster was correct in saying that there are much fewer questions than 50; and your email is verified (no different from many other companies and sites).

    I have signed up, the confirmation arrived within seconds and on the welcome is a message it may take several hours for a sysadmin to allow access - but no, I'm downloading PDF's straight away so it must be automated.

    It's just marketing; but Theo is right about that not being completely free, as in free speech.

    The article mentions "liberalisation", it seems that they're leaning to the left, but they're not actually left in their ideas and business model. Dump the driver.

  • by TripMaster Monkey ( 862126 ) * on Wednesday June 14, 2006 @09:09AM (#15531482)

    AFAIK (and IANAL), detailed hardware documentation is considered the same as the product under the export license laws.

    Please post links supporting this contention, or withdraw it.

    Cryptographic technology actually falls under an even more restrictive license class - munitions.

    Whle this is true, the source code can still be legally exported in written format, since it falls under Free Speech.

    From this article [goingware.com]:

    And interestingly, you can't ban the export of a book, because a book is a form of free speech, and free speech is protected by the first amendment to the United States Constitution. So when a new version of PGP becomes available in the United States, it's source code is simply published in book form and mailed overseas, where the source can be retrieved by scanning it and using inexpensive optical character recognition software to convert the printed pages back to machine-readable program text files.
    Given that, as you stated, crypto falls under the even more restrictive license class of 'munitions', if you can export PGP source code without violating U.S. export restrictions, I'm betting you can export data sheets too.

    My point is that the HIFN's explanation of their requirement for personal info to satisfy their U.S. export license is pure codswallop, your nonsensical comments about HIFN 'fighting the man' notwithstanding.
  • Re:Theo (Score:3, Insightful)

    by Casualposter ( 572489 ) on Wednesday June 14, 2006 @09:09AM (#15531488) Journal
    And Microsoft's Ballmer throws chairs, so do you not use Microsoft products because a chief executive acts like a five year old throwing a temper tantrum because something didn't go his/her way?

    Adults are children with breeding rights.
  • Re:By my math... (Score:2, Insightful)

    by gowen ( 141411 ) <gwowen@gmail.com> on Wednesday June 14, 2006 @09:14AM (#15531505) Homepage Journal
    And I count one (1) principle at stake.

    Which is *always* worth throwing a fit over.
    The ability to compromise is not a sign of weakness.
  • by mwvdlee ( 775178 ) on Wednesday June 14, 2006 @09:23AM (#15531561) Homepage
    Everybody seems to be sidestepping the main issue.

    The real question that should be answered is whether hifn are indeed required by law to ask personal information of the people downloading documentation, as hifn claims they are.

    If they are, than hifn simply cannot comply with OpenBSD's demands without breaking U.S. law.
  • by herodiade42 ( 974875 ) on Wednesday June 14, 2006 @09:27AM (#15531590)
    Such kernels developers feedback are very precious and insightful for us, customers. It's not only a matter of freedom an principles, it's about quality.

    Be sure that - whatever the OS you use, being Linux, OpenBSD or FreeBSD -, when a vendor behaves that bad and is so reluctant in providing open access to documentation, you won't have a good driver nor a good support.

    Those vendors behaviours are usually symptoms of a "closed" attitude, secrecy centerd, so even when we accept NDA, we can't expect them to disclose the whole needed informations (like, say, all firmwares versions bugs that needs a workaround in drivers level, know bad behaviour of their chipsets etc). This attitude will also discourage some knowledgeable developers to help to improve the driver, to fix bugs etc. Requiring NDA will prevent OSS kernel developers to share sensitive informations regarding their experience with the device (between OS, and even sometime inside the same kernel dev team).

    So for now, if you need a stable encryption accelerator device, consider choosing an other vendor. Look out for Via C3, or SafeNet (and even some Broadcom) chipsets: those vendors plays the game well, don't seat on their customers (we) and the developers needs. They don't even hide behind a "U.S. export laws restrictions" argument, and didn't faced trials, proving the hypocrisy of HiFn assertions.
  • Re:Theo (Score:3, Insightful)

    by freshman_a ( 136603 ) on Wednesday June 14, 2006 @09:47AM (#15531697) Homepage Journal
    You complained about Theo's name calling by calling him names. That's called being a hypocrite. If you need to used some twisted logic about it being ok for you and not for Theo, then you do that and make yourself feel better.

    That's far more acceptable than being rude to someone who was being extremely patient.

    Please. You have no idea what was said in private emails and such. If you read the mailing list post, you'd see the message posted by the Hifn employee talks about keeping the source code proprietary. That has nothing to do with the issue at hand. Theo doesn't want code, he wants specs. The whole message completely dodges the issues Theo is having. I'd be pretty frustrated too, if I were him.

    We all get it. It's pretty obvious from your other 5 posts on this article that you don't like Theo. Good for you. However, some people do admire him and the work that he's done.
  • by Pig Hogger ( 10379 ) <`moc.liamg' `ta' `reggoh.gip'> on Wednesday June 14, 2006 @10:14AM (#15531875) Journal

    Just give bogus information.

    Everybody does! [brandrepublic.com]

  • by TripMaster Monkey ( 862126 ) * on Wednesday June 14, 2006 @10:19AM (#15531900)

    The applicable categories are obvious.

    If they're so obvious, why didn't you post links to those categories, or better yet, applicable excerpts?

    Don't forget to read interpretations

    Fair enough...I read through Part 770 - Interpretations [gpo.gov], but strangely enough, the word 'documentation' is only used once in the entire document. I've posted the relevant passage for clarity:

    (2) Export documentation requirement.

              (i) When preparing a license application for a
    numerical control system, the machine tool and
    the control unit are classified separately. If either
    the machine tool or the control unit requires a
    license, then the entire unit requires a license. If
    either a machine tool or a control unit is exported
    separately from the system, the exported
    component is classified on the license application
    without regard to the other parts of a possible

                      (ii) When preparing the Shipper's Export
    Declaration (SED) or Automated Export System
    (AES) record, a system being shipped complete
    (i.e., machine and control unit), should be
    reported under the Schedule B number for each
    machine. When either a control unit or a machine
    is shipped separately, it should be reported under
    the Schedule B number appropriate for the
    individual item being exported.

    Please explain how the above supports your contention that 'detailed hardware documentation is considered the same as the product under the export license laws'.

    and supplement 2.

    Which supplement 2? The Supplement No. 2 to Part 764 - Denied Persons List [gpo.gov], or the Supplement No. 2 to Part 774 - General Technology and Software Notes [gpo.gov]? (HINT: Neither supplement contains anything to support your contention that 'detailed hardware documentation is considered the same as the product under the export license laws'.)

    In short, it looks like you thought you could try to justify your argument by pointing me to a ridiculously large government document, and then hoping I wouldn't bother to actually read it. You thought wrong.

    I'm not going to respond to the rest of your rant,

    Translation: I can't refute it, so I'll shut my eyes and pretend it's not there.

    other than to suggest you get legal advice somewhere other than mailing lists and agitprop web sites.

    And this from the person who qualified their original contention with 'AFAIK' and "IANAL'. Pot, meet kettle.
  • by Tweekster ( 949766 ) on Wednesday June 14, 2006 @10:38AM (#15532069)
    in a form that will be made public. They need a PR person.

    He is right in principal in many cases, however he has absolutely no talent when it comes to voicing that principal. OpenBSD seriously need a PR person that knows how to deal with actual people, you know with a hint of tact, cause he doesnt have any whatsoever.
  • Thanks, but no. (Score:5, Insightful)

    by Just Some Guy ( 3352 ) <kirk+slashdot@strauser.com> on Wednesday June 14, 2006 @10:46AM (#15532120) Homepage Journal
    From the email:
    Hifn reserves the right to keep our source code proprietary.

    Fair enough, Hank. But I reserve the right to not use proprietary crypto code in sensitive applications - which are the only ones that I'd actually buy hardware acceleration for in the first place.

    Let's get this straight: there's a world of difference between closed video card drivers and closed crypto drivers. Many of us are squeamish about about the former, so why would you think we'd cheerfully accept the latter? A closed source video driver could potentially crash my non-networked game machine. A closed source encryption accelerator cold potentially open my VPN server to the whole world.

    I hope you can appreciate the community's position here, but whether you agree with it or not is immaterial. Should you change your opinion to better mesh with that of your would-be customers, please let us know. Many of us would like to buy your products if they become usable for our applications.

  • by shis-ka-bob ( 595298 ) on Wednesday June 14, 2006 @10:49AM (#15532138)
    Each time I install OpenBSD, it just works. They support a wide range of hardware, but they insist on coding it correctly. You cannot be sure that you are coding 'by the spec' if you have to reverse engineer. You might be pretty sure you have it right, but you can't be certain. The OpenBSD team is limited in size and they don't have the resources to fool around with hardware becuase some prick in management doesn't see that giving the data freely to the OpenBSD team will only lead to better support for their hardware. The 'worst case' for the manager would be if the OpenBSD folks find that the hardware doesn't meet its own specifications. In the long run, finding this is a good thing - nobody stopped buying Intel becuase of the Pentium division error. Finding and fixing it improves the hardware but it is costly in the short run, so it will harm the manager's bonus this quarter. Theo seems to be taking the long view and sticking to principle, not convenience.

    If I have the choice, I run OpenBSD on servers because when it fits, it fits like a glove. If Theo acts like everyone else and just rolls over when a suit tells him no, OpenBSD would be just like every other Linux/BSD distro. This sort of attention to details (in both software and licenses) makes OpenBSD distictive. In marketing-speak, this is called 'developing a niche'. Within its niche, OpenBSD has no equal. If it looses its niche, then it will loose its market share. So I think the best thing Theo can do is to be Theo.

  • Kudos to theo (Score:2, Insightful)

    by wardk ( 3037 ) on Wednesday June 14, 2006 @11:14AM (#15532357) Journal
    While I agree his language may not make friends, it's his system, his drivers, his sweat., if he wants to call a bunch of weasels with crap products weasels with crap products, who are we to judge?

    I say to Theo: "kick **more** ass"

    and to hell with detractors, most of whom surely have never installed OpenBSD, let alone taken the extra step to purchase it.
  • by Svartalf ( 2997 ) on Wednesday June 14, 2006 @11:20AM (#15532405) Homepage
    Context is everything in this sort of thing.

    You missed one IMPORTANT detail in this- the documentation to drive the chip is NOT covered under Export Regulations.
    Only the drivers their OEMS bundle WITH the cards, any technical documentation talking to algos, AND the chip itself
    are covered by Export Regulations. They don't have a need to restrict the SDK info for that reason.

    Once you understand that, this becomes more of a businessman trying to "protect" purported IP type thing.
  • by Savage650 ( 654684 ) on Wednesday June 14, 2006 @11:25AM (#15532453)
    A few messages down in the thread, we find this gem: http://marc.theaimsgroup.com/?l=openbsd-misc&m=115 021494129899&w=2 [theaimsgroup.com]

    As soon as one submits one's private information to Hifn, the submitted data indeed no longer could be considered private. Look at Hifn's HTML on the registration page:

    <form action="http://extranet.hifn.com/home/anonymous/De fault.asp" method="post" name="userEdit" onSubmit="return validate(this);">

    Is Hifn running low on supplies of cryptography hardware accelerators? Or do these accelerators no longer work in recent operating systems due to the lack of documentation?

    Oh the Irony ;-)
  • by Bryan_Casto ( 68979 ) on Wednesday June 14, 2006 @11:51AM (#15532688)
    Here's the crucial difference. The plans for the W80 nuclear warhead are classified information [wikipedia.org]. The source code for PGP is not. Now, it may be encumbered by things such as copyright or intellectual property rights, but that doesn't stop the rights holder from using those rights. Likewise, the crypto boards themselves may be considered munitions, but the documentation describing the capabilities and interfaces are intellectual property covered by copyright at best.
  • Re:Abusive much? (Score:3, Insightful)

    by chazwurth ( 664949 ) <<ude.hcimu> <ta> <trautsdc>> on Wednesday June 14, 2006 @11:52AM (#15532702)
    Do you have much experience working with vendors?

    I don't mean this as a joke. Often the *only* way to get vendors to do what you want is -- minimally -- to verbally abuse them, and often to threaten them. And if they're real wankers, to threaten them with bad publicity. And if they're super-wankers (which so many of them are), to actually start talking about them publically.

    Sure, doing it this way is a gamble -- he may piss them off so much that they stop communicating. Some vendors (the rational ones) deal better with public humiliation than others. But it seems from his message that he'd been in communication with them for some time. This was probably a last resort. I say more power to him.
  • by Anonymous Coward on Wednesday June 14, 2006 @12:00PM (#15532790)
    He is right in principal in many cases, however he has absolutely no talent when it comes to voicing that principal. OpenBSD seriously need a PR person that knows how to deal with actual people, you know with a hint of tact, cause he doesnt have any whatsoever.

    Tact in this case is for PHB and Lie-through-their-teeth marketing droids.

    The people that really matter (the ones who would actually pick and buy crypto hardware) appreciate Theo and his in-your-face attitude in defending his principles,

    It's refreshing compared to the double plus good, imitation-naugahyde, mission accomplished banter we get from people that know and use tact.

  • Re:Theo (Score:4, Insightful)

    by vertinox ( 846076 ) on Wednesday June 14, 2006 @12:05PM (#15532831)
    One can stick to one's principles without being a whiny little shit about it.

    "If you don't ask, you don't get." -Mahatma Gandhi [wikiquote.org]
  • by dstone ( 191334 ) on Wednesday June 14, 2006 @12:21PM (#15532961) Homepage
    How about a little reality here. Theo does some great stuff, but that doesn't mean he gets to bend how the world works to his will.

    "The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man." -George Bernard Shaw.
  • by jbn-o ( 555068 ) <mail@digitalcitizen.info> on Wednesday June 14, 2006 @12:42PM (#15533159) Homepage

    [...] in which Theo DeRaadt [...] still manages to sound like spoiled whiny tosser in the process.

    No, he doesn't. /. readers probably have so little practice speaking truth to power that they don't recognize what it looks like when it's laid out before them. The only non-surprise here is that another /. poster is finding a way to criticize those who defend our freedom to share and modify by speaking up and acting out. It's much like the overrated comments on the recent RMS in France thread [slashdot.org] where RMS was denied an audience with Prime Minister Dominique de Villepin; some posters in that thread chose to focus on RMS' dress, even implicltly supporting RMS' lack of a suit as a valid reason for dismissal rather than point out far more salient (possibly financial) relationships between de Villepin and Bill Gates (or other heads of state who do business with Microsoft and Bill Gates). de Raadt's strident message [theaimsgroup.com] in this OpenBSD thread is on-topic, on-target, clearly written, precise, and perfectly appropriate. We need more such language in the pursuit of software freedom. I would have hoped that /. readers, being overwhelmingly computer users who probably receive very little respect in their own work regardless of how they dress, would be more inclined to weigh someone's message, not their appearance.

  • Re:By my math... (Score:3, Insightful)

    by blueskies ( 525815 ) on Wednesday June 14, 2006 @01:38PM (#15533604) Journal
    A company is required by law not to export this data outside of the US. You fill out a form and say that you live in the US and you get the data you're requesting. If you're really paranoid, you do what any smart person does and use a spam-email account and a fake address.
    A company lies about being required by law not to export this data outside of the US...and then lies that it is completely open...

    Pray tell why Theo says he can get the same information from other us crypto chip makers without this same problem?

    He called them on it and they don't want to admit that the only reason they have registrations is for marketing purposes. Everything else is a smokescreen.
  • by vertinox ( 846076 ) on Wednesday June 14, 2006 @02:10PM (#15533850)
    Do you honestly believe personal achievement gives a person license to be petty and immature, or are you just baiting me?

    I'm not baiting you. I'm just stating that if someone does more than the average person is willing or able to do he can go crow about it a bit.

    As in... If a scientist cured AIDs or cancer tomorrow, he can kick a puppy or two and we should be able to look past that.

    This is of course relative to your position on absolute and relative morality, but if someone does something for me out of his own free will and effor (and it benefits me greatly), he can be as a big of an immature ass as he wants and I'll gladly ignore it and enjoy his product.

    However, if you haven't done anything to improve our well being and just complain about others being improper and immature brats... I'm sort of hard pressed to agree with you if that immature brat has done work that has helped many of us as a whole.

    Personally, I would like mature, polite, and altruistic people making software for me (and does it out of the kindness of their heart and not a bullshit sales talk to take my money) over an immature one, but sometimes we have to deal with the fact those people don't exist as often as we would like...

    I'd like to be proven wrong because that would we live in a better world than I think we do.
  • What's actually funny, is how many people in security sensitive environments rely on those closed-source video drivers.

    Well, we all have our limits. Some people worry, and justifiably so, that their BIOS isn't open. I'm somewhere in the middle in that I use the proprietary NVidia drivers, even though I don't like it. I'd think that everyone, though, would agree that the crypto engine is the absolute last thing you want to cede control of.

  • by jd ( 1658 ) <imipak AT yahoo DOT com> on Wednesday June 14, 2006 @03:04PM (#15534314) Homepage Journal
    The vendor is clearly in the wrong. The EU, for example, has made it clear that interfaces are not copyrightable and that reverse-engineering interfaces is legit. Furthermore, interfaces are generally NOT protected by NDAs, no matter what Hifn claims. I was able to download data sheets, APIs and bleep knows what else from Motorola's old chip unit (I think it's now called Freescale) without signing anything, without answering any questions and without agreeing to a damn thing. If NDAs were normal, you'd think a company like Motorola would have heard about it by now.

    I do agree with Theo that if the information is not free, then vendors should not expect OS writers to bend their principles to include it. On the flip-side, I don't want OpenBSD (or any other free OS) to be impacted by stupidity on the part of vendors if there's anything I can do to help.

    My only question of Theo and the OpenBSD folks is: Is there anything that those of us who reject Hifn's arguments as absurd and contrary to accepted practices can do to help? (Well, besides not supporting Hifn in any way.)

    This is clearly a case where differences in any other opinion should be irrelevent. Theo deserves support on this. Open Source in general deserves support on this.

  • by Nimrangul ( 599578 ) on Wednesday June 14, 2006 @06:15PM (#15535688) Journal
    And if you had read the threads here you'd notice a lot of people care if OpenBSD supports something, people who don't even use OpenBSD check to see if it supports a particular device prior to purchase, since OpenBSD has a very strong stance on free and open , one significantly stronger than the likes of your average Linux project and decidedly stronger than the other BSDs.

    You may also have noticed how many people point out that when you are dealing with cryptography or security, you deal with OpenBSD. Hifn's cards are used in several places, but notably in the security field, where OpenBSD lives. OpenBSD users are the target demographic for crypto acceleration cards.

    Theo isn't the idiot here, as Hifn obviously cares, they cared enough to talk to the misc@ mailing list and try to get people on their side.

    I admit I would rather someone of Theo's importance use a little more diplomatic speach, but I don't bother myself, so why should I hold him to a higher standard than I hold myself?
  • Time... (Score:3, Insightful)

    by Svartalf ( 2997 ) on Wednesday June 14, 2006 @08:46PM (#15536648) Homepage
    One resource that ATI doesn't have enough of is time. They don't have a lot of manpower dedicated to the Linux drivers so there's less effort put into fixing things like this- they're worrying more about piling new exposed features (which is also desired as well...). If there were open source drivers, there'd be a good chance someone like myself would fix the problem in question (I can do this sort of thing, I used to work on the FIRST set of open source Accelerated Drivers (Utah-GLX), which is why I've got a G3 Mac given me by John Carmack (Still in my possession), I've loads of acquaintances from out of Loki Games, and I'm doing work for Linux Game Publishing.)- because I've the skills and I have the time and desire to see it fixed- and the only reason why I've time is that it's a blocker for me to use this laptop I'm posting with as a development machine.
  • by faedle ( 114018 ) on Thursday June 15, 2006 @12:15PM (#15540746) Homepage Journal
    Is Hifn's hardware supported in Linux?

    Not in the kernel tree, but there is a third-party driver available. My understanding from associates who work with the Linux version is it isn't as feature-rich as the OpenBSD driver, and those who develop on it are also frustrated by Hifn's new policies.

    What percentage of their customers rely on OpenBSD support? Who are they more loyal to, Hifn for the hardware or OpenBSD for the OS?

    As someone who works for a place that uses crypto cards, I can tell you: we are more bound to the OS than the crypto hardware. There's a lot of different crypto hardware on the market, but if you want to do any kind of hardcore embedded systems development using a POSIX API, there aren't a lot of choices out there.
  • You know... (Score:2, Insightful)

    by Azuma Hazuki ( 955769 ) on Monday June 19, 2006 @01:40PM (#15562738)
    For all that people accuse Theo de Raadt of being abrasive, singleminded, and ideological, we NEED people like him. It's the de Raadts and the Stallmans, the ones who refuse to back down in the face of corporate and (soon) government pressure, who make the open source movement possible. I think this very same bloody-minded stubbornness is one of the most important things he brings to the table. I admire his convictions and worry about his blood pressure. Theo, if you're reading this: don't give up!

Fear is the greatest salesman. -- Robert Klein