lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 21 Dec 2006 16:12:57 -0600
From:	"Scott Preece" <sepreece@...il.com>
To:	davids@...master.com
Cc:	"Linux-Kernel@...r. Kernel. Org" <linux-kernel@...r.kernel.org>
Subject: Re: Binary Drivers

On 12/21/06, David Schwartz <davids@...master.com> wrote:
>
> > You say "It's rude to not play by our rules". They say "It's rude of
> > you to expect us to change our business model to support your niche
> > market differently from the way we support everyone else." Neither is
> > wrong...
>
> Honestly, I think it *is* wrong to sell someone a physical product and then
> not tell them how to make it work. If you're not actually selling them the
> physical product but selling them a way to get a particular thing done, then
> don't represent that you're selling them physical product because that would
> presumably include the right to use it any way they wanted provided it was
> lawful.
>
> How would you feel if you bought a car and then discovered that the
> manufacturer had welded the hood shut? How many people still do their own
> oil changes anyway?
---

But there is no legal or moral obligation for the carmake to sell you
the service manual for the vehicle or provide you with their periodic
service bulletins...

---
>
> If you sell a physical product, you should also include the information
> necessary to make that physical product *work*. If you don't, you aren't
> actually selling the physical product, that is, the person is buying a right
> to use that physical product some particular way and not the product itself.
---

The information needed to make it work does not necessarily include
any information about how it works. A closed driver is a perfectly
valid part of the product.

Try this thought experiment: suppose the "driver" were actually
implemented by firmware loaded into the device in the factory and not
field replaceable. Do you consider that to be immoral? Why should the
technological accident of the driver being plugged into the OS change
the appropriateness?

---
>
> The law may come around on this issue. It has definitely done so on
> companies that claim to be selling you cellphones but then later claim that
> you need to pay them additional money if you want the access code to unlock
> it and make it work with another carrier. If you own a physical phone, it
> should come with the right to use it with any carrier it can be made to work
> with, and a company with no ownership interest in the phone has no right to
> withhold the information needed to make it do that so as to force you to use
> their service.
---

No such change has occurred. There was a very limited legal change to
say that it did not violate copyright to attempt to circumvent the
protection of the lock. There is no legal requirement that the carrier
unlock the device (at least in the US). [I personally believe that
they should be required to, but I'm only responding to your assertion
that there has been a major change on this point.]

---
> The same applies when you buy a graphics card and don't want to use it with
> the manufacturer's drivers. If it's *your* graphics card, the manufacturer
> has no legitimate interest in forcing you to use their drivers by
> withholding information about what *you* bought.
---

I disagree. The manufacturer has a right to choose to sell its devices
under any legal business model. Part of that model is deciding what
level of support to provide and what systems to support in selling it.
It's not a question of whether they "have a legitimate interest in "
doing anything - they have the complete right to choose where to spend
their development dollars. Choosing not to write technical manuals for
the public is a completely valid choice. It's your option whether to
buy or not, knowing the manufacturer's choice.

scott
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ