[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <47A764ED.8030605@weinigel.se>
Date: Mon, 04 Feb 2008 20:18:05 +0100
From: Christer Weinigel <christer@...nigel.se>
To: Diego Zuccato <diego@...llo.alma.unibo.it>
CC: David Newall <davidn@...idnewall.com>, Greg KH <greg@...ah.com>,
linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] USB: mark USB drivers as being GPL only
Diego Zuccato wrote:
> In the cited example it's illegal to go outside certain parameters
> SOMEWHERE (if it was illegal everywhere, the the hardware shouldn't
> allow it and the sw could do nothing... not considering hw mods).
> Another example is WiFi: USA, Europe and Japan allows a different number
> of channels. But every AP I have had simply asks which country the user
> is in, then allows only a limited choice for the channel to use.
> If I'm in Europe but tell my AP that I'm in Japan, it lets me choose
> channel 13 (Europe allows up to ch 11). If the "cops" find it out, they
> prosecute ME, not my AP! It's not a TECHNICAL limit, it's a LEGAL one.
> So there's no point in keeping a driver closed *just* because else
> someone could hack it to make it work outside the allowed parameters:
> even a closed driver is hackable (just reverse engineer it...).
>
> Think about this scenario: a closed source driver contains:
> if(power<100)
> setpower(power);
> else
> setpower(100);
> to limit tx power and make it legal. Then the user finds this 100 and
> replaces it with 255 (inside the binary-only module), actually allowing
> for more than twice (if power is in mW) the legally permitted power.
> Is it legal?
> I don't think so (and I doubt you can find any lawyer that does). But
> it's not THE DRIVER that's doing something illegal. It's THE USER.
> It would be equally illegal if the driver was open source. Simpler to
> do, but equally illegal.
It isn't that easy. The "Tamper-Proof Torx" screws on a vacuum cleaner
or a toaster won't stop anybody from opening up the thing, I mean every
little hardware store stocks those Torx bits. But by using a slightly
odd screw, the company can say "look, we'we done all we can to stop
them, but the user bypassed our security device, and it's not our
fault". Apparently Intel and Atheros are trying to protect themselves
in a similar way, they Open Source everything except for the regulatory
daemon (Intel) or HAL object file (Atheros). Why? Because they belive
that if they give away the sources to those parts they do the software
equivalent of putting a normal Phillips screw in a home appliance.
(Personally I think what they are doing is ridiculous, but apparently
those companies' lawyers dont' agree).
It's of course possible to argue that normal users don't compile their
own drivers, they use a driver from their distribution maker, and
compiling a hacked driver which allows them to override the limits is
just as hard as it is for a Windows user to replace the driver binary
with a hacked binary which overrides the limits, so hiding the source
really doesn't help.
> Another example: how do you detect, from a driver, if the user actually
> got a license/permission from the government (somewhere it's needed, or
> you need to pay an annual fee) to use the device? You can't. Does this
> missing check make the device illegal? Nope. Just its USE.
Welcome to the modern world, companies spend so much money on protecting
themselves against potential lawsuit that it is silly.
/Christer
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists