| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jun 2007 22:13:13 -0400 From: Michael Poole <mdpoole@...ilus.org> To: Daniel Hazelton <dhazelton@...er.net> Cc: Alexandre Oliva <aoliva@...hat.com>, Linus Torvalds <torvalds@...ux-foundation.org>, Lennart Sorensen <lsorense@...lub.uwaterloo.ca>, Greg KH <greg@...ah.com>, debian developer <debiandev@...il.com>, "david\@lang.hm" <david@...g.hm>, Tarkan Erimer <tarkan@...one.net.tr>, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, mingo@...e.hu Subject: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3 Daniel Hazelton writes: > What rights did they give to "downstream" recipients of the "object code" > version? *EXACTLY* those they received from the GPLv2. Doing the e-mail equivalent of yelling about this will not change the fact that people who think Tivo did something wrong -- legally and/or morally -- consider DRM locks on a piece of software to be part of the "work based on the Program" that is governed by the GPL. The fundamental reason for this is that neither the executable code nor the digital signature serves the desired function alone. The user received a copy of the executable for a particular purpose: to run the program on a particular platform. With DRM signatures, only the combination of program and signature will perform that function, and separating the two based on strictly read legal definitions is risky. The question of whether DRM signatures are covered by the license must be resolved before one can determine whether Tivo gave "*EXACTLY*" the same rights to object-code recipients as Tivo received. GPLv2 is worded such that the answer to this does not depend on whether one is in file A and the other in file B, or whether one is on hard drive C and the other is in flash device D, as long as they are delivered as part of one unit; it *might* matter if, say, one is received on physical media and the other is downloaded on demand. (Linus likes to say that FSF counsel thinks that Tivo did not violate GPLv2. I suspect the actual situation is that FSF counsel believes that there is no case law on point, and that it could go either way, making it improper to publicly claim that Tivo violated any copyright. Until a court rules on a close-enough case, the question of whether GPLv2 covers DRM signatures remains open. In the mean time, it makes more sense for the FSF to issue a new license that squarely addresses this -- such as the GPLv3 -- and persuade as many developers as possible that using it is the best way to protect free software.) Michael Poole - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists