lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <47A81514.3040101@otello.alma.unibo.it>
Date:	Tue, 05 Feb 2008 08:49:40 +0100
From:	Diego Zuccato <diego@...llo.alma.unibo.it>
To:	Christer Weinigel <christer@...nigel.se>
Cc:	David Newall <davidn@...idnewall.com>, Greg KH <greg@...ah.com>,
	linux-usb@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] USB: mark USB drivers as being GPL only

Christer Weinigel ha scritto:

> It isn't that easy.  The "Tamper-Proof Torx" screws on a vacuum cleaner 
> or a toaster won't stop anybody from opening up the thing, I mean every 
> little hardware store stocks those Torx bits.  But by using a slightly 
> odd screw, the company can say "look, we'we done all we can to stop 
> them, but the user bypassed our security device, and it's not our 
> fault".
ROFL! Well, since a lot of screwdriver types are easily available, I 
don't think a judge could agree with 'em...

> Apparently Intel and Atheros are trying to protect themselves 
> in a similar way, they Open Source everything except for the regulatory 
> daemon (Intel) or HAL object file (Atheros).  Why?  Because they belive 
> that if they give away the sources to those parts they do the software 
> equivalent of putting a normal Phillips screw in a home appliance. 
> (Personally I think what they are doing is ridiculous, but apparently 
> those companies' lawyers dont' agree).
Well, then why close the driver? Simply place the check in the firmware. 
Much harder to find, since it have to run on proprietary HW. The OS 
driver instead runs on standard (and usualli well-known) HW.
Keeping the screws similitude, closing the driver is more like using a 
Torx, while placing checks in the FW is more like using a lock-only 
screw (already seen some)...

[...]
> so hiding the source really doesn't help.
Well, we all agree on this... Now we just have to make THEM agree, too...


BYtE,
  Diego.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ