lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070618000113.GB4542@v2.random>
Date:	Mon, 18 Jun 2007 02:01:14 +0200
From:	Andrea Arcangeli <andrea@...e.de>
To:	Chris Adams <cmadams@...aay.net>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3

On Sun, Jun 17, 2007 at 04:58:40PM -0500, Chris Adams wrote:
> The reason is that if there ever is a security hole in the routing
> engine software (FreeBSD kernel, OpenSSH, etc.), it would be a really
> bad thing if crackers could load arbitrary software (rootkits, spam
> software, etc.) directly on Internet core routers.  If you think spam
> zombies on cable modems or DSL are bad, imagine them on 100 megabit
> links!

Not sure if it's a good example, keep in mind that at the first
exploitable software bug any hardware DRM breaks apart.

But since you made a BSD-embedded example, this shows how the only
really important thing is that by using linux instead of BSD, they
can't make huge improvements or important security bugfixes to the
routing engine, without us being able to incorporate them in our "home
firewalls", that's the whole difference with BSD and it explains the
spirit of the gpl pretty well and in the end why linux by definition
can receive more contributions and in turn be technically
superior. Whatever the vendor does with the gpl code is generally up
to him, and if it uses the closed approach it'll allow somebody else
to sell a "open" router (potentially at an higher price). Economy
101. The worry that nobody will step in and sell an "open" equivalent
is a red herring. Infact I wouldn't be so certain that openmoko would
exist if the current linux cellphones would be already totally open!
Now I know this all probably sounds boring talk, but I think it's much
closer to reality than the prospect of a trusted computing and/or DRM
apocalypse.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ