Slashdot Mirror
New RedHat Kernel Patch Illegal to Explain to U.S. Users
Russellkhan writes "The Register is running a story about a new RedHat kernel patch that cannot be explained to U.S. citizens or others in the U.S. because of DMCA restrictions. The illegal explanation is hosted at Thefreeworld.net, a site created specifically to deal with these DMCA issues."
Um, whose name is at the bottom of the DMCA? I'm pretty sure it's not Bush's. Want a high comment score on Slashdot? Bash Bush.
Yes, ofcourse, but you may not be able to fathom out what the patch does from the source. A security fix which prevents a buffer overflow could be as simple as adding or removing a typecast, which, if the kernel coders themselves didnt realise could be a security issue - Most Joe User's wont notice either... :(
Still, as a principal, it is a bit silly to disallow a text describing the change but allow the source which IS the change. Stupid law.
loply.com
Anything you say can and will be held against you in a court of law.
Land of the free ride to jail.
What the fuck has happened to our country? It's time to get rid of all the unenforceable bullshit laws. Copyright holders do not have the right to have their business models enforced by the police. And as for prohibition let's get the fuck over it.
I'd agree. I'd really like to know what the problem is. And where the DMCA has any damn right to tell me I can't read it. I cannot fathom what could be in that stupid text that would violate the DMCA. Anyway. Since this is an explination of the changes made to the software that I run, that I risk my data on, I think I have the right to that text. And if the goverment disagrees, then I'll take my ass and my money, and my vote over seas.
Can all fish swim?
They are posting information about ways to break the security of Linux. That sounds an awful lot like a DMCA violation under the same parts that were used to threaten Professor Felten, and indict Skylarov. The only difference is that Linux is not an asset of the entertainment industries....
7 November 2006: The day Americans realized corruption and incompetence weren't addressing 11 September 2001
Sounds to me like this is a stunt. Clearly they will get media attention (thanks Register) and hopefully get picked up by major media in the states. This is especially possible if there is a nice long stream of indignation from folks on Slashdot (including mine). That said, what a great stunt, and for what a great cause. Some one at RedHat is smart enough to be motivated not by legal paranoia (however recently justified) but by political savvy.
...begins in wonder
So, is your point that there is only one stupid/bent judge in the system or that there is no one who would have a vested interest in having RedHat slapped for breaking a stupid law? In either case, you're wrong.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
You're right. The signature at the bottom of the DMCA is:
(signed) All American Citizens
In a democracy, you are responsible for the actions of those you elect.
There is still time. Your elected representatives will pay attention to you, the American voters, only for the next 3 weeks or so. Mobilize if you can; otherwise suffer 2 more years of the same but please don't complain!.
That patch was released on 2002-08-20, nearly two months ago, and was available through RH's up2date system so many US users will have updated to it. It's only now being reported as news about the DCMA restrictions?
I've got a fever and the only prescription is more COBOL.
No, it makes sense. Teaching people about security holes is illegal. Patching them isn't.
Describing what you patched, though, would entail describing the security holes on an unpatched system. Ding! Go to Jail...
-- IANAEG - I am not an elder god.
'Furthermore, they are members of an enemy force'
Considering that they are being held with no reason, trial or lawyer present, the fact that nothing has been proven then unfortunantly this statement is terribly inaccurate (like my spelling) Simply becuase they are not given POW status means that they are being held for no reason other than paranoia. It woiuld be like putting you in a lock up for 2 years in case you had something to do with drinking and looking at a car.
Remember you are supposidly a free country with 'apparent' freedom of speech, religion or beleif, becuase it is suddenly a bad thing to be against 'mainstream America' those rights are consistanly forgotten.
Akira
Kingdom of Loathing (www.kingdomofloathing.com) Addicted is me
Posting this in the US would not be a violation of the DMCA except if you used some ludicrously tortured logic.
Tell that to Skylarov, who wrote a program that was mandatory in Russia under Russian law, and who found himself in jail in the US under the DMCA. It doesn't matter if he wins in the end, or isn't even allowed back in or whatever. He's totally innocent, has nothing to do with the US and shouldn't have been treated like that.
You can make up any BS laws you want for yourselves over there, but totally innocent people who have nothing to do with the US end up in jail because of them. I think the thefreeworld.net site is a brilliant idea.
If there's even the tiniest chance that some information posted could be illegal under some strange law of a country you have nothing to do with (and this security info certainly could be), and they're known to get (innocent, foreign, never been to the US) people jailed over this stupid law, then the prudent thing to do is post that info only on sites like this.
Unfortunately, given how few people in the US even know their own laws, it's practically impossible for people in Russia, Norway etc to be aware of all the weird quirks in US law, and they don't even know they should be aware of them. And people from those countries were still jailed for doing something perfectly legal. The US is a threat.
I'm sorry for ranting, mod me a troll or something, I can get real angry over stuff like this.
I believe posters are recognized by their sig. So I made one.
Ok, this looks to me to be the same as any other patch documentation. My impression is that the reasons it's illegal are the same sections and logic used to indight Skylarov. If I'm not mistaken in those two things, isn't all patch documentation illegal under the DMCA?
Quick word of commentary, it wouldn't surprise me at all if this were true by the letter of the law. This is exactly why we have been complaining for so long, because the law is overly broad, and restricts things that it obviously shouldn't. On the other hand, I didn't think it was so broad as to cover all security documentation.
Science may someday discover what faith has always known.
There is no way a kernel patch can violate the DMCA for the simple fact that the Linux kernel doesn't enforce any type of copy protection.
Doing it like this is just prudent. Why should someone from Europe have to know all the details of US law, weigh the chances of it being a violation, when non-US people have already gone to jail over it and there's the option of not distributing it to Americans in the first place?
I believe posters are recognized by their sig. So I made one.
To me providing a patch in source form is exactly the same as providing a description. Source code is readable. People who can program in the language that the patch was made in, can understand (with a little bit of effort) what is going on there. So to me this patch is a description. It is only given in another language then plain english.
:-)
I leave aside what this implies for the DMCA though
Greetings,
Project Manager of Crystal Space (http://www.crystalspace3d.org). Support CS at http://tinyurl.com/cb3x4
Ding! This is the correct answer. Yes, telling people about security holes is a DMCA violation under every interpretation of the law that I've seen (other than the cursory, "it only covers copying mp3s d00d!")
Please mod up the parent.
Indeed it is.
What is your point again?
Your point was that no absurd things ever happened in the USA and never, never will, right?
Go figure. :)
BD Phone Home!
Shameless plug. Like you weren't expecting it.
Sticking feathers up your butt does not make you a chicken - Tyler Durden
I believe that these guys try the wrong way to persuade others that the DMCA is bad.
What? This is one of the most effective anti-DMCA bits, uh, ever. "You, over there. In the US. You can't read this. Shoo." Telling people 'no' is a sure way to invoke thier interest.
Maybe the state's highest function is to grind out insoluble problems. (Zelazny, Hall of Mirrors)
Somehow I seem to have missed a Declaration of War by the U.S. Congress. Therefore the U.S. can not hold someone as an enemy combatant under the laws of war, because the U.S. is officially not at war.
Since according to international treaties and the U.S. Constitution the U.S. government has no other way to hold someone prisoner without a specific accusation of a crime, the U.S. is violating fundamental human rights at the moment.
Therefore the people imprisoned at Guantanamo Bay are imprisoned illegally, all according to international human rights treaties, the Geneva Conventions and the U.S. Constitution.
Mart
"I know I will be modded down for this": where's the option '-1, Asking for it'?
Pardon me, but how the fuck would you know? Even lawyers representing these people can't get the government to tell them why they're being held. And many of them aren't even being acknowledged for "national security" reasons. If the military shot a few dozen, who would ever know?
Keep your nationalist ferver to yourself; this is a thinking man's board.
Have you really thought about what your saying for more than 5 seconds ?
Suppose the USA goes to war with Iraq. Suppose americans are taken prisoner on their way to Iraq, and imprisoned somewhere in the middle east, without any legal representation, or hope of release.
1) Will it be OK if the internation red crescent (yes there is such a thing - it's a muslim organisation) says they're being treated OK ?
2) Is it OK if those americans have no rights under the Iraqi system, as they are housed on foreign soil, and have never touched its shores ?
3) Is it OK if Iraqi troops are exempt from war crimes during the US/Iraqi war, because they're trying to defend their country against a foreign aggressor ? After all, Saddam Hussein takes it very seriously when his soldiers don't follow his rules.
The issues discussed in the patch notice are pretty mundane, and it took me quite some time to figure out what the hell the problem with the DMCA might be. I'm still not sure.
The reasoning, apparently, is that by documenting the security weaknesses that were fixed, they reveal ways to hack unpatched versions of the kernel. And that would be circumvention, and hence violations of the DMCA. All of the holes were found in code audits, and there are no known exploits, so this announcement documents these problems for the first time. (Maybe it's less of an issue if you announce fixes to holes that someone else already found.)
But if that is really taken as a violation of the DMCA, then almost all public notices of security issues may be illegal, even if the author did not write an exploit, and indeed even if no exploit is known to exist. The entire CERT site is at risk. Bruce Schneier may be one of the rampant criminals on Earth.
I dunno, it certainly would be crazy if the DMCA really has that implication, but are Cox and Co. certain that the law really means that? I'll bet there is no case law suggesting such a thing -- and after all, it's the courts' interpretations that really matter in the end. Has any legal scholar ever suggested that the DMCA can be interpreted this way?
I certainly don't like the DMCA, and I think it's unconstitutional (First Amendment, you know), but I wonder if this stunt will backfire. If it turns out that they're making a big deal out of something that the DMCA doesn't actually forbid, then opponents of the law will end up looking a bit hysterical.
Always keep a sapphire in your mind
Next time, actually read the law. The DMCA is VERY broad. Sounds to me like your extent of reading on it was the name, and not the contents of the act itself.
The DMCA makes it illegal to publish any sort of information that provides data relating to any sort of bug that could be potentially exploited. This was, IMHO, added to prevent people from writing applications that would allow individuals to circumvent applications that where protecting copywrited materials, but it's all in the wording.
-- I'm the root of all that's evil, but you can call me cookie..
Yet still the U.S. did not react with a reciprocal Declaration of War. Therefore under international law the U.S. is not at war.
Any unilateral actions by the U.S. President are just that, unilateral actions not sanctioned by international laws and treaties. That is why the U.S. is resented by the world at large.
My conclusions are only false if you want to use the viewpoints of the current U.S. administration as canon. The same administration that has declared unilateralism as its policy from the election campaign on forward.
Lets recap:
So, notwithstanding the power of the President to deploy troops, the U.S. is not at war, and therefore the defense that normal criminal proceedings are not necessary against anyone the Administration designates an enemy combatant is bogus. Anyone trying to defend that policy knows nothing of international law and is defending an unacceptable breach of human rights.
As an aside, I have nothing to do with Berkeley (sic), as I am not an American. Your ad hominem attacks serve no purpose except to show you as a jingoistic troll.
Wake up and smell the coffee: your own administration has declared that unilateralism is to be the foreign policy. In common English: "Screw the world and what it thinks, screw international law and the treaties we signed, we do whatever we damn well please."
Mart
"I know I will be modded down for this": where's the option '-1, Asking for it'?
¦ ©® ±
Actually, US soldiers have a fairly good reputation in this area. Most of the GIs behave more or less as they would at home.
Some years ago I met an old Chinese soldier who took me into his house, fed me dinner, and gave me gifts, all because I was American. He told me that American soldiers were the best disciplined and most reliable in the world. They followed orders even when no-one was looking! That, apparently, was as un-Chinese as you could get. Thirty years after observing this, he was still astonished.
Of course, this old fellow was comparing regular army soldiers to Chinese bandits (the KMT and the competition had common origins in organized crime). We shouldn't forget about the times that US soldiers have done wrong; My Lai is probably the most famous, and our soldiers have embarrased us on Guam several times recently. This kind of thing makes the news because it isn't normal, and the US military has been very determined about dealing harshly with the evildoers it finds in its ranks. If the Army sends you overseas and you rape a local girl, you're going to wish you had brought her home and done it where the US civilian courts could punish you.
So, you want us to send our soldiers as mercenaries to wipe your behind for you, and then you expect us to turn our soldiers over to whatever butcher is running the world court this year? We are not amused. Don't forget, the UN is filled with nations that want to destroy us (and you, too, if you're in Europe).
You aren't despairing about us, then. Greece was the birthplace of democracy, but democracy is unstable, and never lasts long anywhere. The US has always been a republic. Insofar as we can avoid democracy, we have a chance to keep our freedoms.
Our State Department would do nothing of consequence. If it became a common practice to treat Americans thus in some country, the government would advise us not to travel there. If a US citizen abroad gets involved in a revolutionary group, or some sort of criminal activity, the US government generally turns its back on him. They didn't even take any effective action to deal with Iran during the hostage mess when Carter was president, and those guys were government employees!
See what I've been reading.
The mere thought that knowledge is criminal is patently absurd. This nonsense is further proof that US corporations prefer the American public as dumb as possible.
A preferably dumb American consumer is simply fuel for the machine. Don't ask, just pay us and thank us for providing you with insert good or service here?.
Hopefully, within the Supreme Court, will see that the rights of free speech trump this ridiculous law.
Actually, US soldiers have a fairly good reputation in this area. Most of the GIs behave more or less as they would at home
So then we have nothing to fear from an international court.
If the Army sends you overseas and you rape a local girl, you're going to wish you had brought her home and done it where the US civilian courts could punish you.
There's something about a court run by the army trying the army itself that doesn't sit quite right. Think about it from an outsider perspective. Wars play out internationally, so an international body is required when someone commits a war crime.
Hands in my pocket
This is really stupid and childish. I'll be the first to condemn the DMCA (after my own legal troubles with it), but this is not the way to go about it.
Someone correct me if I'm wrong (I'm not a lawyer though I have studied the DMCA and lawsuits based on it carefully), but the DMCA absolutely does not ban security information. The only related things that it addresses are circumvention (of protection technology in order to access a copyrighted work) and trafficking in circumvention devices. Security information (especially in the form of a vague changelog) is absolutely not either of those. By no stretch of the imagination can I figure out how it's supposed to be a violation of the DMCA.
What's really going on here? Someone (Alan Cox) is trying to make a point about the control that the DMCA gives to copyright holders. He's placed a piece of his copyrighted information that some people want (text of the kernel changelog) behind a click-through license that says you can't access it if you're from the USA. In my opinion this has fuck-all to do with the DMCA (because there is no "technological measure" to circumvent -- please read the definition of technological measure in the DMCA if you disagree with me), just click-through licenses, but, whatever. Then Red Hat decides, well, we can't copy that information because the copyright holder has told us we can't. Assuming that such click-through licenses are legal in the first place, of course, RH would be entirely within its rights for a non-US-citizen to license the document and then summarize it for Red Hat. Either they are too lazy for this, don't understand the issues involved, or are perpetuating this same bizarre notion that the DMCA makes every single thing you'd want to do illegal.
The DMCA only has to do with copyright, and only as far as circumventing technological measures that protect copyrighted material. The court enjoined DeCSS because it found it to be a circumvention device (they did NOT enjoin english descriptions of the algorithm, and especially not security notices about CSS being weak!). I don't agree with the decision, but at least it makes sense in terms of the law. (I also don't agree with the law!!)
The important point I'm trying to make is that to fight dumb laws like the DMCA, we need to understand what they really say and what the actual implications are. There's a tendency for hackers to use logical deduction ("If DeCSS is illegal because it can be used to break DVDs, then hammers must be illegal because they can be used to smash open store windows!") in order to decide the implications of a law. THIS IS NOT HOW COURTS WORK! Law is much more squishy than that. Making these sorts of alarmist claims, as if the DMCA outlaws everything that we'd ever want to do, hurts our cause by spreading misinformation. Instead, we should be educating people about what the DMCA actually addresses (ie, "Did you know it would be illegal for you to create MP3s from SACDs that you bought?" or "Did you know that it's illegal to buy mod chips for your Playstation so that you can play imported games that you also legally purchased?" or "Did you know that it's illegal to use your screen-reader software with the eBook that you legally bought?"). That's how we can convince people that the law is wrong.