lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 18 Jun 2007 23:21:55 -0400
From:	Daniel Drake <dsd@...too.org>
To:	Alexandre Oliva <aoliva@...hat.com>
CC:	Bron Gondwana <brong@...tmail.fm>, Ingo Molnar <mingo@...e.hu>,
	Alan Cox <alan@...rguk.ukuu.org.uk>,
	Daniel Hazelton <dhazelton@...er.net>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Greg KH <greg@...ah.com>,
	debian developer <debiandev@...il.com>, david@...g.hm,
	Tarkan Erimer <tarkan@...one.net.tr>,
	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3

Let's take a certain class of medical devices into account: ones that 
are absolutely definitely for medical treatment, but are not life 
threatening if they fail.

Say, a dental treatment device -- if the device produces a crown or 
bridge that doesn't fit properly, the dentist says "nope" and throws it 
away. No harm done.

Alexandre Oliva wrote:
> There may be business models that require the ability to make changes.

I'd say that its sensible for the manufacturer to attempt to retain this 
ability in every case. You never know what's going to go wrong, so it's 
a plus to have this option so that you can roll out some types of fixes 
without going bankrupt.

Now, for medical devices, this is tricky stuff: medical devices require 
all sorts of certifications, so modifying your product after you have 
certified it has it's complications. However, despite all the 
regulations it's realistic to be able to do this, and it does happen. 
Hell, windows-based devices in this field download new antivirus 
definitions and run windows update every few days.

> Then it's fair to enable the user to make changes as well, such that
> they don't become dependent on the vendor

Now this is where the regulations get really heavy. If the user is 
offered the ability to modify the device, theres *no way* it would get 
certified. Your business is dead - you do not have a product you can 
sell. In such case, the license has completely excluded free software 
from the market and everyone is forced to use completely closed systems.


I realise that the latest GPLv3 draft would not pose restrictions here, 
as such devices would not be classified as consumer products. That said, 
talking purely in terms of business models and fairness: there ARE 
decent reasons for manufacturer lockdown in some industries.

Daniel
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ