Slashdot Mirror
New RedHat Kernel Patch Illegal to Explain to U.S. Users
Russellkhan writes "The Register is running a story about a new RedHat kernel patch that cannot be explained to U.S. citizens or others in the U.S. because of DMCA restrictions. The illegal explanation is hosted at Thefreeworld.net, a site created specifically to deal with these DMCA issues."
Does this mean that when MS decides to release a "security patch" for one of its releases, and explains why this patch is necessary and how it might be exploited, that they are in breach of the DMCA? Could someone sue MS for releasing details that are then used to build a worm? (CodeRed comes to mind...)
Just my $.02
I'm a little tea pot.
It really looks that the DMCA induce so much fear that people start to censure themself.
The media corporation must be really happy yo see this.
I doubt very much that the DMCA would apply to a description of a patch WITHOUT applying to the patch itself. If the patch is supposed to be legal under the DMCA, why would it's description would be illegal.
I believe that these guys try the wrong way to persuade others that the DMCA is bad.
We need a website that shows all the people that voted yes for the DMCA. So it will be easy to vote this November.
atto
I didn't use the preview button, so get over it!!!!
Mike
Q. Which kernel hacker does Red Hat employ, outside of the US?
A. Alan Cox.
Q. Why won't Alan Cox visit the US because "the chances of his arrest are none zero"?
A. Use of the DMCA to indict Sklyarov.
It seems much more likely that Alan Cox is, with Red Hat's full support, taking a very good swipe at some of the more ludicrous aspects of the DMCA. Basically, what they are implying that this could lead to is the situation where a major security flaw can be disclosed to the entire world, except for the US, because of the DMCA. The obvious upshot of that is that every man and his dog outside of the US could have access to the knowledge required to shaft servers in the US, and the sysadmins in the US can't do a thing about it because of the DMCA.
The words "hoist", "own" and "petard" spring to mind. ;)
UNIX? They're not even circumcised! Savages!
yes, it did happen once. IIRC, he found (or was told of) a bug in filesystem permissions that allowed someone outside a uid/gid to gain access to a file.
Cox didnt publish details (ie - what the bug was or how to exploit it) because he believed it violated DMCA - as somewhere out there someone could be using UNIX file permissions as a "copy protection device," and the details to exploit it would be "circumventing a copy protection scheme." IIRC, Cox is not a US citizen, but he has to travel to the US a lot, and didnt want to lose that ability by publishing the exploit.
These stories (Cox's above and this current issue) are perfect examples of things to send over to that committee collecting comments on the DMCA. Here are software authors who are scared to publish vulnerability details about their own products!
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
Don't you know how the U.S. legal system works? Let me explain:
If I spank my kid in public, the DA (District Attorney) will go back to my H.S. classmates and former employers and show that I generally disrespect authority, maybe was a bully, have a short temper, and that the incident was the latest in a string of inhumane behavior and child abuse that dates back at least 10 years.
My defense attorney, will argue that I was never disciplined for any such actions, never in a fight that is on record, and never visited by the local Social Worker (Except for our first child, which came before we were married - and is std procedure). I currently am active in my childrens lives, have defied 'conventional wisdom' by marrying my 'HS swetheart', having a kid before we were married, and staying married 8 years and having 2 more kids. S/He would also pull in a shrink to counter any past 'anger' issues due to the fact that my mom wasn't "all there".
All for what really was a spanking. (No, this didn't happen to me, but WI has tried to jail teen fathers - who try to do the right thing and be a father - for rape. So it's not impossible.)
The DMCA exists because lawmakers were convinced that the economy was going to fall because of piracy and free-flowing information. The only way to combat this in the U.S. is NOT by being rational - it's by meeting and exceeding the original irrational ideas, in an opposite way, that brought this beast into existance in the first place.
"I can't give you a brain, so I'll give you a diploma" - The Great Oz (blatently stolen sig)
Chapter 12, section 1201 of the DMCA. "(c) Other Rights, Etc., Not Affected. - (4) Nothing in this section shall enlarge or diminish any rights of free speech or the press for activities using consumer electronics, telecommunications, or computing products. " You can talk about it. You can read it. You can even post it. Bob & Tom can read the Redhat patch description over the radio. This looks to be in direct conflict with b1, also in section 1201: "No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that - " U.S. congress is prohibited from passing the latter into law, it being in direct conflict with the first amendment. Remove the word 'technology' and it's probably okay. If 'technology' means descriptions as well as boxes with pretty lights and buttons. First amendment of the American constitution includes: "Congress shall make no law ... abridging the freedom of speech, or of the press ... "
A Google search for "DMCA first amendment" and "bill of rights" will get you where you need to go if you think I've taken something out of context.
Apologies for the length; brevity is not the soul of law. Legal experts, I'll be interested to hear why I've incorrectly interpreted this rare clear use of English in legislation.
Among the prisoners being held in Guantanamo are a dozen Kuwaitis. While some are likely to be bad guys, at least five appear to be there by mistake, apparently humanitarian workers trying to help with the Afgan refugee problem who got swept up in the dragnet.
Now it's possible that they aren't telling the truth, but they are just sitting there rotting with no chance to make a case, not even to a military tribunal. The scariest quote in the article I link to above is
There are supposed to be two categories of people that can be captured in war: a POW, or an illegal combatant. The former is entitled to the protections of the Geneva Convention, and the latter, as an accused criminal, is entitled to the rights of an accused criminal. Instead, a third category has been invented, or rather, copied from the South American generals of the 1970s: suspected "enemies of the state" who simply disappear.
Despite the +5 Insightful rating, this post is completely wrong. The problem, as it was acturately described originally in the story, is that the patch fixes a problem that could be used to bypass "digital security - i.e. computer security".
The DMCA made it illegal to discuss techniques that allowed users to bypass digital security, and because of the broad wording of the bill, it may be illegal to discuss such vulnerabilities at all. In this case, it is not because the author in question says you can't read the description of the problem; the DMCA says that he can't tell you what the problem is because you might then use that information to bypass security restrictions.