lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200706192348.12733.hjk@linutronix.de>
Date:	Tue, 19 Jun 2007 23:48:12 +0200
From:	Hans-Jürgen Koch <hjk@...utronix.de>
To:	Michael Poole <mdpoole@...ilus.org>
Cc:	Alexandre Oliva <aoliva@...hat.com>,
	Alan Cox <alan@...rguk.ukuu.org.uk>,
	Ingo Molnar <mingo@...e.hu>,
	Daniel Hazelton <dhazelton@...er.net>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Greg KH <greg@...ah.com>,
	debian developer <debiandev@...il.com>, david@...g.hm,
	Tarkan Erimer <tarkan@...one.net.tr>,
	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Chris Friesen <cfriesen@...tel.com>,
	Bernd Schmidt <bernds_cb1@...nline.de>,
	Robin Getz <rgetz@...ckfin.uclinux.org>,
	Rob Landley <rob@...dley.net>,
	Bron Gondwana <brong@...tmail.fm>,
	Al Viro <viro@....linux.org.uk>
Subject: Re: mea culpa on the meaning of Tivoization

Am Dienstag 19 Juni 2007 13:50 schrieb Michael Poole:
> Hans-Jürgen Koch writes:
> 
> > No. Credible licenses should be simple like physical laws. Newton's law
> > is expressed in terms of a single mathematical equation. That's why it's
> > still valid, and you still learn it at school although meanwhile people
> > know that there are limitations to it.
> >
> > If you come up with a new version of a license every year, you will only
> > weaken it. Please note that quantum mechanics is _not_ such a hole-plugging
> > addition to Newton's law. It's a new simple physical law, expressed in terms
> > of a single simple mathematical equation that contains the old law as a
> > border case. If that were not the case, it would have never been accepted.
> 
> This is an excellent example of how engineers tend to mis-analyze
> legal issues.  In law, neither simple wording nor interpretation is so
> simple or so mechanical as the things engineers prefer to work with.

Don't make fast assumptions about how _I_ think. I intentionally chose
examples from science, not from engineering. There are grey areas in
Newton's Law and in quantum mechanics as well.

> 
> Take an example: "Thou shalt not kill".  Very clear, but also very
> problematic in that it does not address military conquests (which were
> apparently approved by that law's drafter), self-defense, or a number
> of other cases.

Pretty clear. I accepted that about thirty years ago.

> 
> There are always grey areas between what is explicitly addressed and
> what is not.  

Yes, you named it: _always_ !! We have to accept these grey areas.
Tivoization (to come back to our real topic) is one of those.
Alexandre Oliva sees grey areas as holes he needs to plug. That's
wrong, and that's what I'm criticizing. You cannot get rid of grey
areas by modifying licenses. Maybe you can temporarily shift the grey 
areas to some other place. But at the same time, you get negative
side effects because your license becomes more and more complicated
and confusing. I consider this worse than some grey areas.

> Courts interpret laws and precedent in ways that make 
> life (and license or contract writing) more unpredictable.  Wishing
> otherwise will not make a simple license unambiguous.  If those areas
> of ambiguity are exploited enough, the perceived cost of having a hole
> will exceed the perceived cost of plugging it.

I completely disagree. A very important factor for the success of a license
is that people are familiar with it. Only then can they start obeying it.
Have you ever been out there in industry, trying to tell programmers what
Linux, Free Software, and the GPL is? You'd notice that they hardly know
what the GPLv2 is all about. And now, after I explained it to them, should
I tell them that there's a much more complicated license about to come, and
that it's going to be changed whenever some FSF people find a new hole?

All this hole-plugging just leads to a license that is so far away from
being useful in industrial reality that nobody will voluntarily obey it.
This Tivoization stuff is a good example. I was a hardware developer for
more than a decade. When I developed _hardware_, I made my design decisions
without having to read the licenses of the _software_ I want to run on
that hardware. And if you go today and tell a hardware developer that there
are some people in the world who want to achieve exactly that, he will
probably laugh at you and think you're joking.

Hans

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ