| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 Jun 2007 21:14:45 -0300 From: "Tomas Neme" <lacrymology@...il.com> To: "Dave Neuer" <mr.fred.smoothie@...ox.com> Cc: "Alexandre Oliva" <aoliva@...hat.com>, "Andrew McKay" <amckay@...rs.ca>, "Alan Cox" <alan@...rguk.ukuu.org.uk>, "Linus Torvalds" <torvalds@...ux-foundation.org>, "Al Viro" <viro@....linux.org.uk>, "Bernd Schmidt" <bernds_cb1@...nline.de>, "Ingo Molnar" <mingo@...e.hu>, "Daniel Hazelton" <dhazelton@...er.net>, "Greg KH" <greg@...ah.com>, "debian developer" <debiandev@...il.com>, david@...g.hm, "Tarkan Erimer" <tarkan@...one.net.tr>, linux-kernel@...r.kernel.org, "Andrew Morton" <akpm@...ux-foundation.org> Subject: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3 On 6/20/07, Dave Neuer <mr.fred.smoothie@...ox.com> wrote: > On 6/20/07, Tomas Neme <lacrymology@...il.com> wrote: > > > > I'm about this far to Linus'izing my wording and calling you stupid, > > hypocrite, or bullshitter > > Knock yourself out, it will no doubt lend much moral and logic weight > to your rhetoric. I might not have the best rhetoric, but I still hold my point about the credit card. Ask yourself: are you going to complain about Firefox (GPL'ed) not passing information unencrypted because it stops potential users (crackers ARE users) from doing what they want to with it? What's a security issue and what's not is a matter of legality and it's each part's duty to enforce legality in every way they can (I'm not saying that I agree, I'm an anarchist, but it's just how it goes). The content providers do it by not allowing DVRs to work if they're not secure, and DVRs are secure by doing whatever is legally possible to avoid crackers from bypassing security measures. On the other hand is legal for you to bypass those security measures as long as you don't make illegal use of those bypasses. The kernel TiVo distributes works on TiVo boxes, The kernel modified by you, is no longer the kernel TiVo distributes, and therefore the key that the original kernel had no longer applies to it. Try running your TiVo kernel on a PC, I think you won't be able to without a lot of modification.. and then again, once you do the proper modifying, you will be able to use it on your multimedia computer, and use all of the wonderful things you DIE to be able to modify the TiVo kernel for.. If you modify your TiVo kernel and say make it so it doesn't have an IDE controller module anymore, you won't be able to run it on your TiVo either.. at least not in any useful way, and would you be complaining? And someone said this already, if the signature is created via a known algorithm, and only the key isn't provided, saying that that's not GPLv2 compliant is like saying that I can't publish investigation work that was produced sharing via a secured network unless I also publish the SSH key I used through investigation, or the original value of the srand() if the investigation relied on random number generation, because the exact same results won't be reproducible. T -- |_|0|_| |_|_|0| |0|0|0| - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists