| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Jun 2007 15:53:22 -0300 From: Alexandre Oliva <aoliva@...hat.com> To: Ingo Molnar <mingo@...e.hu> Cc: Rob Landley <rob@...dley.net>, Alan Cox <alan@...rguk.ukuu.org.uk>, Daniel Hazelton <dhazelton@...er.net>, Linus Torvalds <torvalds@...ux-foundation.org>, Greg KH <greg@...ah.com>, debian developer <debiandev@...il.com>, david@...g.hm, Tarkan Erimer <tarkan@...one.net.tr>, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3 On Jun 17, 2007, Jan Harkes <jaharkes@...cmu.edu> wrote: > On Sun, Jun 17, 2007 at 05:17:57AM -0300, Alexandre Oliva wrote: >> Just make the tivoization machinery require two keys: one that the >> vendor keeps, one that the vendor gives to the user (maybe without >> ever knowing it). Neither one can install modifications alone, but >> the user can approve modifications by the vendor, and the vendor can >> approve modifications by the user. This is still not ideal, but it at >> least doesn't permit the vendor to remove features from under the >> user. > So what features has Tivo removed (or threatened to remove) from the GPL > licensed parts? Why does it matter? The point is that a tivoizer *could* do that. > So Google is using Linux right. What if they remove some feature? Are you claiming Google is tivoizing something in their internal infrastructure? They're not distributing or conveying that software, so, nothing wrong with that. Or are you talking about their search appliance, which I know nearly nothing about? > So if Tivo would allow you to boot your own kernel, but keeps the > harddisk encrypted if the booted kernel does not have the right > signature? The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made. > And how is that any different from taking an off-the-shelf PC and > booting your own kernel with Tivo's modifications? TiVo did not sell me that off-the-shelf PC with the Free Software in it. It (hypothetically) sold me a computer with technical measures meant to restrict my ability to adapt the software it shipped to my own needs and to run it for any purpose, while it can still do that. That's a difference. >> this requirement does not apply if neither you nor any third >> party retains the ability to install modified object code on the >> User Product > So they keep the system locked down, but include perl/python/emacs and > distribute updates in the form of scripts/source code which are either > interpreted or compiled to a ramfs filesystem at boot. Time to add > another exception? Intent behind this?: weasel out of the obligations of the license. Anyone, probably even a US court, might very well see it that way. They retain the ability to modify the software, so they ought to pass it on to the user. -- Alexandre Oliva http://www.lsd.ic.unicamp.br/~oliva/ FSF Latin America Board Member http://www.fsfla.org/ Red Hat Compiler Engineer aoliva@...dhat.com, gcc.gnu.org} Free Software Evangelist oliva@...d.ic.unicamp.br, gnu.org} - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists