Linus on DRM

Linus Torvalds weighed in on the DRM debate on the linux-kernel mailing list last night. No, don't click through, his email is reproduced below. Worth reading and thinking about.

Thread on LKML:

Date: Wed, 23 Apr 2003 20:59:45 -0700 (PDT)
From: Linus Torvalds
To: Kernel Mailing List
Subject: Flame Linus to a crisp!

Ok,
there's no way to do this gracefully, so I won't even try. I'm going to
just hunker down for some really impressive extended flaming, and my
asbestos underwear is firmly in place, and extremely uncomfortable.

I want to make it clear that DRM is perfectly ok with Linux!

There, I've said it. I'm out of the closet. So bring it on...

I've had some private discussions with various people about this already,
and I do realize that a lot of people want to use the kernel in some way
to just make DRM go away, at least as far as Linux is concerned. Either by
some policy decision or by extending the GPL to just not allow it.

In some ways the discussion was very similar to some of the software
patent related GPL-NG discussions from a year or so ago: "we don't like
it, and we should change the license to make it not work somehow".

And like the software patent issue, I also don't necessarily like DRM
myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I
refuse to play politics with Linux, and I think you can use Linux for
whatever you want to - which very much includes things I don't necessarily
personally approve of.

The GPL requires you to give out sources to the kernel, but it doesn't
limit what you can _do_ with the kernel. On the whole, this is just
another example of why rms calls me "just an engineer" and thinks I have
no ideals.

[ Personally, I see it as a virtue - trying to make the world a slightly
better place _without_ trying to impose your moral values on other
people. You do whatever the h*ll rings your bell, I'm just an engineer
who wants to make the best OS possible. ]

In short, it's perfectly ok to sign a kernel image - I do it myself
indirectly every day through the kernel.org, as kernel.org will sign the
tar-balls I upload to make sure people can at least verify that they came
that way. Doing the same thing on the binary is no different: signing a
binary is a perfectly fine way to show the world that you're the one
behind it, and that _you_ trust it.

And since I can imaging signing binaries myself, I don't feel that I can
disallow anybody else doing so.

Another part of the DRM discussion is the fact that signing is only the
first step: _acting_ on the fact whether a binary is signed or not (by
refusing to load it, for example, or by refusing to give it a secret key)
is required too.

But since the signature is pointless unless you _use_ it for something,
and since the decision how to use the signature is clearly outside of the
scope of the kernel itself (and thus not a "derived work" or anything like
that), I have to convince myself that not only is it clearly ok to act on
the knowledge of whather the kernel is signed or not, it's also outside of
the scope of what the GPL talks about, and thus irrelevant to the license.

That's the short and sweet of it. I wanted to bring this out in the open,
because I know there are people who think that signed binaries are an act
of "subversion" (or "perversion") of the GPL, and I wanted to make sure
that people don't live under mis-apprehension that it can't be done.

I think there are many quite valid reasons to sign (and verify) your
kernel images, and while some of the uses of signing are odious, I don't
see any sane way to distinguish between "good" signers and "bad" signers.

Comments? I'd love to get some real discussion about this, but in the end
I'm personally convinced that we have to allow it.

Btw, one thing that is clearly _not_ allowed by the GPL is hiding private
keys in the binary. You can sign the binary that is a result of the build
process, but you can _not_ make a binary that is aware of certain keys
without making those keys public - because those keys will obviously have
been part of the kernel build itself.

So don't get these two things confused - one is an external key that is
applied _to_ the kernel (ok, and outside the license), and the other one
is embedding a key _into_ the kernel (still ok, but the GPL requires that
such a key has to be made available as "source" to the kernel).

Linus

h*ll

[Graspee_Leemoor]

What is this "h*ll" ?

Is it where all the naughty puntuation marks go when they die?

graspee

Re:h*ll

[$rtbl_this]

Personally I think that it's recognition of the fact that eternal torment can take place in either Hell or Hull. The only problem I can see is that the scope hasn't been extended to include Dundee.

Re:h*ll

[pnot]

ROFL! Where's a modpoint when I need one?

Ahem. Anyway, you forgot Luton, or (to use the canonical form) Fucking Luton.

Props to Linus

[dtolton]

What Linus is saying makes complete sense to me. I think the
Kernel level of Linux is the wrong place to make a political
stand like that. What has made Linux successful, and what will
make it ultimately *the* OS is it's an
Evolvable System

The fact that people can use Linux for whatever they need to is
what makes it such a compelling system. The fact that you can
tinker with it, change the source, in short make it work for you
is what makes Linux successful.

He also makes a good point, there is a difference between
allowing DRM and forcing everyone that uses the OS to use DRM
(as M$ want). There are some times when DRM is very legitimate
(Goverment Top Secret Docs, Litigation Confidential information
etc), and there are the times when I consider it to be
un-ethical (most other situations I can think of).

I have to say way to go Linus. Keep the system evolvable.
Ultimately isn't it a catch 22 anyway? If he prohibits DRM,
isn't that sort of like saying "this is my software and you
can't do XX with it".

Re:Props to Linus

[FortKnox]

Linus is great in these situations. He takes rabid open source zealots and brings them back to reality before they go too far off.

He simply shows that you don't have to be political (mp3 sharer, privacy guru, etc...) to enjoy Linux. And offshoots will always be there for you rabid-types.

Who's loss? None.

Re:Props to Linus

[RLiegh]

Political??

The only political class most MP3 sharers belong to is the lumpen-proletariat. There are very few exceptions.

[flame][sarcasm]...and the less of those scummy poor people we have, the better!!![/sarcasm]

Zappa's "we're only in it for the money" is written about and from the POV of the lumpen proletariat (who happened to be the members of the creative and political 'freak' movement--which the media later morphed into 'hippies'); Old punk (dead kennedys, mc5) were lumpen proletariat...and highly political as well.

The reason that liberalism lost it's relevency [sp?] is because the liberals became too academic and pendantic...allowing the christian right to come in and take over as the voice of the 'lumpen proletariat'.

So now, we have DRM, the DMCA and John Ashcroft using the constitution as his own personal toilet paper...yay yay yay![/flame]

Re:Props to Linus

[RLiegh]

That's the difference between liberals and the people they're fighting for.

We don't have the option of "going home" (cf zappa: "..I'll stay a week and get the crabs and take a bus back home/I'm really just a phony/ but forgive me 'cos I'm stoned"; cf Dead Kennedys: "Harder-core than thou for a year or two/ then it's time to get a real job")

If growing out of it was an option, you didn't really belong in the first place, and should have simply stayed in your frathouse, IMO.

Re:Props to Linus

[MrFredBloggs]

You're talking about freaks,hippies,liberals, proletariat etc as if they actually exist, rather than just sloppy shorthand media creations that mean nothing. Some `people` are creative, and some aren't. Some make good albums. Some don't. I wouldn't get too hung up on labelling things (maaan - quick, allocate me a label!) - they're no use, and end up making it harder and harder to deal with reality as you frantically try and bend and twist it to fit into your neat little boxes.

Still, 1 out of 10 for mentioning a great album!

Re:Props to Linus

[renehollan]

He simply shows that you don't have to be political (mp3 sharer, privacy guru, etc...) to enjoy Linux

You don't have to be political to enjoy a nice pair of new running shoes (made, possibly, with child labour), medical advances (made possible to some degree due to research done via unanesthesized vivisection of Jews by Nazis during WWII), or "free" health care (paid by tax dollars taken from those who now can't pay for their medical needs not covered by the "free" program).

You don't have to, certainly, but you should.

Politics, at its core, is the study of the philosophy of ethics. Ideally, the concern should be arriving at a means to determine whether actions are "right" or "wrong" without personal or group bias. Of course, "politics", as practiced, has nothing to do with ethics, and everything to do with special interests. And, no doubt, different people have different views of "right" and "wrong". It behooves them, to take part in the ethical debate.

With regard to Linux, particularly these days, that debate extends to whether it should be "permitted" to exist at all, supposedly being a "hackers'" and "terrorists'" tool. Surely, anyone who enjoys Linux should have an interest in the ethics surrounding it.

Now, should is not must, and people are free to live their lives in apolitical oblivion. However, the old mantra "evil prevails when good people do nothing", does nag at one's conscience, and such apathy in an individual is not a characteristic I particularly like to see.

In this regard, RMS is right to deride Linus Torvalds as merely an "engineer". Linus' pet operating system would not even exist, and have a strong ethical footing supporting the "goodness" of that existance, were it not for RMS' philosophical views. While this does not represent a "debt", per se., decent people generally respond to kindness (yes, the GPL is an act of kindness), by reciprocating.

Re:Props to Linus

[frost22]

Linus is discussing the kernel not the OS. Linux is the kernel not the OS.

No. Linux discusses Politics here. Something his understanding of is obviously lacking.

Let me quote Bruce Schneier:

"... it is poor civic hygiene to install technologies that could someday facilitate a police state."
-- Secrets & Lies: Digital Security in a Networked World, 2000

Re:Props to Linus

[Catbeller]

"Too academic and pedantic" is American for "too smart." Smartness is not a virtue in the U.S. Read Tom Sawyer sometime: the smart kid was in for a hell of a rough time.

Bush and his ideonauts ride high on the idea that liberals think they're too smart for real Americans. Bush expresses ideas that are dumbed-down, patronizingly so, for people with faulty education in history, economics, politics, etc. He's the President Who Says What's True, even tho what he says is demonstrably false to fact on almost every level. He's a Know-Nothing for Know-Nothings, for the people who think that Saddam bombed New York, that foreign aid eats up 25% of the Federal budget, that public education is destroying America, that tax cuts boost income.

Liberals too smart? I guess so. But not smart enough to hire advertising agencies and take over radio and television networks. You can be as smart as you like, but if your microphone is retracted into the floor, you are helpless agaisnt those who own thousands of transmitters and millions of microphones.

I don't see a way out, other than over the border.

Re:Props to Linus

[kscguru]

Until RMS starts deriding Linus with the business end of a firearm or other form of force, he's free to air his views as he wishes.

RMS is like the anti-abortion protestor who sets up camp on the doctor's lawn. It's a perversion of the point of protesting. It stinks of a rules mechanic, and it's disgusting. It follows the letter of the law, but tramples all over the spirit.

RMS isn't the type that accepts that people disagree with him. If you disagree, he sees you as somehow misinformed, and it's his moral obligation to change that. Look at the "GNU/Linux" vs. "Linux" debate - Linus claimed that in his opinion "Linux" refers only to the kernel, and anything else is none of his business. Yet RMS seems to blame Linus for the lack of credit GNU gets. Linus doesn't want to fight that fight; RMS, smelling blood, wades in swinging.

Yes, Linus is an Engineer. With a capital E. Among people in the know, I would guess he is one of the most highly respected engineer around - certainly more respected than, say, RMS. RMS is really a salesman, pushing his philosophy along with his software. He also happens to be one of the best salesmen around. But, as a computer geek, I despise salesmen as manipulative, and have the utmost respect for good, honest, engineers.

Re:Props to Linus

[Catbeller]

"Is it then poor civil hygiene to install technologies that could someday be used to circumvent laws?
"

What laws? You mean, laws that we have to assume will someday exist because the MPAA and RIAA want them to exist? Or Homeland Security?

And, install what technology? Stallman wants Linus to NOT install technology. It has nothing to do with creating technology to "circumvent laws".

BTW, when was it anyone's responsibilty to make the world safe for copyright owners -- who now own the copyrights for all eternity?

Bad laws, especially ones that don't even exist yet, should not be accomodated. "The Law is the Law" is a crackpot notion used by prosecutors who play fast and loose with logic. A person who is convicted of sharing music files will go to prison to get his regular once-a-day rape with white bread and bologna, but Ken Lay, who engineered the theft of BILLIONS, will be on late-night talk shows and never see the wrong side of a police car's door.

Laws can be bad, and disobeyed. Lay and Cheney apparently think this is so, with a vengeance.

But creating hooks in an OS (not really the subject here, as Linus is tralking about signed binaries not part of the OS) to facilitate the enforcement of laws not yet created?

Re:Props to Linus

[cpeterso]

In America the last presidential election was about 50/50 republican/democrat; so I don't see why you think liberalism has lost its relevancy.

but you are assuming that "New Democrat" == Liberal. And it just ain't so..

Re:Props to Linus

[osu-neko]

In America the last presidential election was about 50/50 republican/democrat; so I don't see why you think liberalism has lost its relevancy.

Uh... that doesn't make any sense.

Oh wait! I see. You think one of those two parties still represents liberalism... You want to know how relevant liberalism is in America today, look at how many votes were cast for Ralph Nader...

In related news...

[pi+radians]

Slashdotters are very confused. What to hate? Who to love?

Re:In related news...

[IWantMoreSpamPlease]

Simple:

Gates: VERY BAD!
Ellison: BAD!
McNealy: BAD!
Carly (HP): VERY BAD!
IBM CEO: What day is it?
Linus: See above
JLG: Still my hero.

In summary...

[sporty]

Technology, encryption, reverse engineering, mp3's, drm, sniffers.. they arne't inherently evil. It's the usage and if they go against your morals, ethics and general desires, if they are good or not.

Laws which put their use at all, as forbidden or not, is what should not be put into law. It's how they are used.

Context

[Xenex]

"There, I've said it. I'm out of the closet. So bring it on... " -- Linus Torvalds

Things are so much more interesting out of context...

Re:Context

[Sabalon]

Tove was in tears and very confused.

Re:Context

[jasontheking]

I guess you weren't at one of the later sessions when linus was out the front :-)

his kids were madly running around the lecture theatre, I guess they were bored out of their minds.

I was going to ask linus in the Q&A session about how he handles runaway spawned processes...but I never got picked to ask a question.

Linus Not God, Says God

[ih8apple]

Linus Not God, Says God

In a shocking announcement cast down from the Heavens today, it was announced that Linus Torvalds was not, in fact, God.

Anthony Macewell was chosen to receive this information, as he worked on his PC:

"It was kinda freaky", Anthony said, "Linux booted, and just when I was expecting it to fsck everything, my computer burst into flames and I was surrounded by a host of angels. I don't remember that ever being a feature of Red Hat."

The angels, their appearance accompanied by a flawless four-part harmony, left Anthony a delicate manuscript, explaining that he should make sure that it was delivered to the Linux community.

The manuscript reads:

"For the attention of the Linux Community: Linus Torvalds is not God. God is currently very busy in creating various new planets and overseeing the forthcoming apocalypse on Earth. He has not had the time to develop any mortal Operating Systems, and is not likely to do so in the near future. He will continue only to endorse white robes and comfortable sandals."

The reaction from the Linux community has been varied. The slashdot.org community has reacted by having a circular discussion, with any idea other than "Linus is God, and Linux is the best thing ever for anything", being slammed down by angry, frothing, Linux advocates. A crusade to burn all the non-Linus believing heretics has been launched, in the form of a new website with a flashy domain name, which will predictably close within two weeks due to a lack of interest.

A spokesperson for Microsoft commented, "Well, we never believed that Linus existed anyway. It takes more than a couple of sightings near burning bushes to convince us, you know. We'll continue to worship Windows as we always have done. Lots of people have faith in Windows, no matter how much it lets them down, so it must be right."

Re:Linus Not God, Says God

[tomhudson]

And in related news, God != Linus, says Linus.

But, based on the available evidence, there's more objective proof of Linus' existence than Gods, so I'll continue to believe in Linus.

Re:Linus Not God, Says God

[DeltaSigma]

Pah, you Linetians and your Linus Torvalds.

Why don't you wake up? Clearly Carmack is the superior force on this planet. Death Match is the only true way to salvation...

Voltaire

[egoff]

Sounds like the quote by Voltaire that embodies free speech:

'I may disagree with what you say, but I will defend to the death your right to say it.'

Still cool

[ike6116]

Once again Linus leaves it up to the one thing that makes linux beautiful: Choice.

Huh?

[Theodore+Logan]

I'm an "Oppenheimer", and I refuse to play politics with Linux

Is that "Oppenheimer" as in the head of the most politically motivated science program of all time?

Re:Huh?

[October_30th]

von Neumann

Uh... no. You must have been thinking about the father of the hydrogen bomb, Edward Teller.

Re:Huh?

[Frater+219]

Is that "Oppenheimer" as in the head of the most politically motivated science program of all time?

Perhaps a better analogy would have been Wernher von Braun, as commemorated in Tom Lehrer's song:

Don't say that he's hypocritical
Say rather that he's "apolitical"!
"Vonce ze rockets go up, who cares vhere zey come down?
"Zat's not my depaartment," says Wernher von Braun.

The intended contrast is between the "apolitical" engineer who does not really care to what purpose his invention is used -- or by whom, as von Braun (purportedly) worked equally willingly for the Nazis as for the United States -- and the type (like Albert Einstein) who considers and possibly regrets its social consequences.

just an engineer

[dAzED1]

I don't find myself agreeing with him "politically" generally, but like he himself, and as he poitns out RMS as well, says...he's just an engineer.

Seems reasonable to me though. You don't have to compile it in to the kernel you use if you don't want it. He's just offering a choice. For this one, I will accept that he is in fact remaining neutral politically.

Re:just an engineer

[Theodore+Logan]

But there is no way to stay out of politics when you're the head of a project of this size and importance. Indeed there is no way to ever stay out of politics, regardless of the reality of your everyday life. All our lives is about politics, albeit for most on a much smaller scale. Whatever decision we make is to some extent a political one. Take, for example, that homeless bum you passed on your way to the office. Either you gave him money or you didn't. Not caring about it at all, or refusing to even contemplate the issue, must have resulted in the latter choice, which is also a political move. There is no way to be "neutral" here. Not making a choice is also a choice. As is, returning to the topic, offering people a choice. This is obvious in every other area of life, why isn't it here? Nobody would say that one is being neutral on the topic of gun control if one thinks everybody should be able to choose whether they want to have a gun or not, just to take one example.

This is what Linus seems to not be able to understand. Not caring about politics when your actions and choices have political consequences is also politics - the politics of "I don't care." If he says "I'll give you the choice of compling this into your kernel" that is in no way a neutral stand on anything.

I'm not blaming Linus for this. In fact, I think his attitude is refreshing. But it is dangerous to think that just because he considers himself neutral, that is what he is. I like him, but sometimes I wish he would just keep his mouth shut instead of opening it and proving how shallow he is.

This is what has made Linux successful,

[Viperion]

It's Linus' optimism. See, RMS insists that if you don't tell people what they can't do with software, that they'll do the worst. Linus assumes that people will do whatever they feel like, and the more they can do, the better, because you can't easily stop a movement. You can stop a man.

Go Linus. I'm not a DRM fan, but I am a fan of you ideology.

I looked behind the magic curtain...

[Dutchmaan]

This was all a practical joke..!!

It was Bill Gates snickering with a Linus puppet on his hand!

I said "Hey Bill! Whatchya doin'?" ..and he said... "Watch them all support DRM now!..and he snickered again.."

Misconceptions

[lpret]

I think it's interesting that it takes the "leader" of the OSS movement to put the brakes on some overboard reactions by slashdotters and many others. Too often we relate some issue as being a Microsoft invention and thus evil when all along it's been incorporated in a different form in our favourite OS. Perhaps we can learn a lesson about this and start applying it to other organisations (RIAA, MPAA, etc.)?

Re:Misconceptions

[quantum+bit]

crazy-go-nuts RMS style

Is RMS a graduate of Crazy Go Nuts University?

GO CGNU!

Re:Misconceptions

[dh003i]

*Note:There is also no point in continuing this threat if we have fundamentally different underlying ideologies as to what the ideal is for the end-goal of software. Any time two individuals have fundamentally different underlying values, it will be impossible for them to reach an agreement on any issue upon which they happen to disagree,

So I will state flat out that regarding software, I agree with the FSF on the most important end-goals of software (see the four essential freedom's mentioned below...skim to them). If you disagree with me that these four freedom's are essential, then all we have to talk about is the basis for that disagreement. This is not a way to close down meaningful debate on my part, but simply a way to place the debate in meaningful area.

The use of proprietary software for the end-user is no different then that of use of GPL software, yet you describe it as clubbing them over the head.

You obviously refused to read the text of the GPL I provided, and the link describing MS' latest EULA I provided. I cannot generalize between all EULA's, because they are extremely variable; however, the common feature is to deny the end-user various rights. Most of them specifically prevent multiple copies of the same program from being run on different computers, or multiple instances of it from running. They also tend to give MS or the respective copyright holder the right to termiante the user's license to use for any reason at any time.

Could you name maybe one project that "couldn't compete" becuase it was BSD?

I believe *BSD comes to mind, in that I believe WinNT/2k/XP has more server market share than it, despite being an inferior product. I'm not sure about this, however, but I seem to remember Windows having the largest server-share of any OS. Even if there isn't an example right now, the point is it *could* happen: that's bad enough.

I will admit that I was full of shit on guild-socialism being something you made up. However, I from it's definition -- industrial self-government through national worker-controlled guilds -- I fail to see how it relates much to socialism in general (which in practice had nothing to do with slf-government). It most certainly has nothing to do with the FSF or any other Free Software organization. Well at least you admitted it when you said "The FSF specifically chose not to enumerate end-user rights"

Are you trying to purposefully mis the point? Consider all of the user-rights that would have to be enumerated for the list to be considered full. Your talking about hundreds -- possibly thousands -- of rights. And then if one right isn't enumerated, everone will panic and assume that that the user doesn't have that right. Consequently, the GPL specifically states that it places no restrictions on the use of the software by the user -- both for practical and ideological reasons.

Practically, it is impossible to fully enumerate all of the user's rights, partially because we can't even think of them all. Ideologically, if those rights were enumerated in the GPL, that would effectively be implying that any rights not enumerated are specifically denied, something which the FSF does not want to state. The FSF wants to make it clear that the GPL is *not* a EULA, and that they feel *no restrictions* should be placed on the user's use of the program. Thus, because the GPL places no restrictions on the user's use of the program (your example of the output only applies when the output is GPL'ed code, which only applies if redistributing).

You have either chosen not to read the references I gave you, or have patently lied in your response. I specifically referenced an article mentioning many restrictions which EULA's place on you. Since you obviously refused to RTFR, I will quote some relevant points regarding MS' WinXP EULA. For your convenience -- since you appear to have trouble distinguishing between things important to developers and things important to users -- I will enum

i don't quite follow...

[DrWhizBang]

why does allowing binaries to be signed make DRM "ok". maybe i don't understand DRM (which is likely...)

Re:i don't quite follow...

[Kourino]

Try rereading the message. What Linus is, in fact, saying, is that DRM of the Linux kernel is okay. So, for example, you can digitally sign a kernel binary and have your platform refuse to boot if there isn't a valid signature if it floats your boat. He's also making the case that this is a valid action under the GPL. He never said "I like DRM in most fashions"; in fact, he said something rather the opposite of that at least once in this morning's message:

And like the software patent issue, I also don't necessarily like DRM myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I refuse to play politics with Linux, and I think you can use Linux for whatever you want to - which very much includes things I don't necessarily personally approve of.

Re:i don't quite follow...

[slide-rule]

By everyone's favorite analogy, it sounds like a housing contractor installing locks on houses he makes, which allows each homeowner to have the choice to decide to lock their door or not. (This in counterpoint to some hypothetical "popular" opinion that locks are inherently evil.) The presence of the lock doesn't mean the homeowner *has* to use it. (I didn't say it was a terribly great analogy.)

Right tool for the job

[October_30th]

On the whole, this is just another example of why rms calls me "just an engineer" and thinks I have no ideals.

This is exactly why I like Linus. Unlike certain nutjobs, he's rational enought to know that one should always use the right tool for the job.

When ideals get in the way of actually achieving your goals they are doing more harm than good for the cause.

That comment made me wonder if RMS actually holds a grudge against Linus for not conforming to his standards of "purity".

Re:Right tool for the job

[IamTheRealMike]

Slow down there.

RMS thinks in a different way to most of us. When he chooses a tool, he wants one that conforms to his ideals because he isn't just thinking about the next 5 minutes, he isn't interested in just solving this problem and moving on. He thinks a long way ahead.

So when you offer him a proprietary piece of software, he won't use it, even if it's more convenient than what he already has. He believes that in the long term, it's the wrong tool for the job, because he takes into account things that to most people are entirely ethereal - things like what kind of society he wants to live in, the long term maintainability of the software, lack of vendor lock in and so on.

I see way too many people slamming RMS for not being pragmatic enough. I think in reality he is very pragmatic, but with a different timeframe for his concerns to most people, leading them to view him as a "nutjob" or having "alien" thinking.

source to the key in the kernel?

[zogger]

--if you are going to do that, why would you even put the key in there? What am I missing?

Seems to me that drm violates the spirit of gpl, but I most likely still don't understand it. If some company wants to make a drm enabled kernel,and deploy it, then it can be cracked shortly if they follow the gpl? Or what? I don't get it obviously. This is like missiles, anti missiles, anti-anti missiles, ad absurdium.

new distro, the yossarian distro

Re:source to the key in the kernel?

[Kourino]

What you're missing is the point.

Say I have a machine that has uber-top-secret data or whatever on it. I want to make sure that all the code that runs on it comes from "trusted" source. (I do this because I know the code may have mistakes or exploits in it, and this doesn't protect me from that, but it makes it less likely that I run code with trojans in it if I at least have proof of where it comes from.)

So, my machine has a cryptographic check in its firmware: instead of taking a kernel image and just booting it, it takes the kernel image and an accompanying signature tacked to the end of it and checks the signature against Linus' public key. If it matches, it boots. If not, it provides some sort of warning (flashing alerts on screen, sirens, whatever).

Linus, in his message, is saying that it's perfectly okay for me to do all of that. Not in so many words, but that's a valid example of "rights" management by digital signature, which he's saying the GPL can't prevent you from doing.

Remember, DRM is not just "digital copyright protection" as so many people on Slashdot seem to enjoy thinking.

what ?

[frodo+from+middle+ea]

Btw, one thing that is clearly _not_ allowed by the GPL is hiding private keys in the binary
Can someone explain what's he talking about here ?
AFAIK, You sign someting with your private key and ppl. can use your public key to verify the integrety of the message.
Also if you want encryption, then u encrypt with the receivers public key so that only he can decrypt it with his private key
No where in this process is the private key required to be disclosed.
So what am i missing here ? or is he talking of some totally different keys ?

Re:what ?

[Kevinv]

if you put the private key in the kernel itself it then becomes part of the source code and must be relvealed via the GPL license (if you distribute the kernel at least)

External keys are fine.

Re:what ?

[Todd+Knarr]

I think he's talking about a situation such as DVD-CSS, where content is encrypted with a product key and the product key is protected by being encrypted with a master key which is embedded in the OS itself. Then only the OS can obtain the product keys needed to decrypt the contents, and the OS can enforce any access controls it wants on the content because the user can't get at the content except by going through the OS. What he's saying is that doing that is perfectly OK under the Linux license, as long as you release the master key, in the clear, as part of the OS source just as the license requires.

Yes, that does make the master key useless for it's intended purpose. :)

Re:what ?

[Large+Green+Mallard]

When I suspect he means is including the decryption keys in the library or libraries and not distributing the key in the source form of the libraries.. so you need to "hide" it in a configuration file, or a non GPL library.

Since if the key is part of the library, and the library is GPL, the key must be in the source. Not a huge hurdle to get around, but it would stop someone distributing a set top box with a modified version of "cp" that has keys hidden in it.. they would need to modify "cp" to call another binary to do secret stuff, and then provide the source for the modification of cp, which shows how the secret binary is called, but not actuall yhte secret binary.

Re:what ?

[Nicolai+Haehnle]

Some inherently flawed "security" mechanisms, such as DVD encryption, use private keys that are hidden in binaries. This security through obscurity thing obviously didn't work as we all know.

In fact, even the TCPA-style security uses hidden private keys and could be considered flawed. The difference is that with the TCPA, the private key is stored in a hardware device and not in the software, so it is much more difficult to retrieve.

Re:what ?

[RickHunter]

What he actually seems to be supporting is the stated (note stated, not actual) purpose of Palladium/TCPA. Signing code and verification of signed code to ensure that programs are who/what they say they are. The nature of GPL'd software makes "DRM" impossible - if your GPL'd program does X to verify that its allowed to access a file, I can write a program that does X, accesses the file, and then writes the file in a form that I can access without doing X.

DRM relies on secrets buried in the binary and removing elements of the system from the user's control. (As if the user had control over the verification bits, the system would be useless) The GPL is designed to place all elements of the system in the user's control.

Re:what ?

[Entrope]

Saying "external keys are fine" is debatable -- the GPL limits what you can do with derivative works of GPLed software, not what you can do with software's executable form. A signature permitting execution of a kernel binary is not useful in any connection other than trying to use the kernel. It is reasonable to say that this makes the signature a derivative work, and therefore subject to the GPL's "preferred format for modification" clause.

This is a good basis for distinguishing between the "good" and "bad" uses of software: If the signature is a way of identifying and asserting your trust in the software to other humans, it is a form of speech rather than a derivative work. If the signature is a way of telling a device how to operate, it is not speech -- merely a derivative work.

I'm going to have to agree with him on this one

[Hunts]

There is nothing horrible about the idea of DRM, its mearly what people are going to do with it. And before any blows my head, just remeber this is that same argument put forth to defend openbsd only yesterday( was it yesterday, I'm loosing track of time at the moment.)

I like that I can trust software to be what it says it is, I think its a step in the right direction to protecting againt trojans etc..

I dont want to be forced to do it though for every little thing that somebody thinks I need permission to run. If certain DRM can be applied to the linux kernal that make computing safer (and by that I mean actually safer, not MS safer or somebody else thinking their making me safer by imposing rules on me), then go right ahead.

Just make sure I can remove it should I wish.

I'm glad linus did this

[scorp1us]

I've taken this position from day 1 (as soon as I was able to comprehend it)

Linux needs some DRM infrastructure, though it's use is to be discouraged. It is not tech's place to play politics. Linux will need DRM to be used everywhere, as it can today as soon as MS makes it availible for the studios to use.

I stand behind Linus here.

I saw this coming

[mao+che+minh]

What our Finnish friend is saying: Linux should be able to utilize all computing options, including DRM. It shouldn't be forced on you, nor should it be denied to you. Linux shouldn't be guided by the ethics or philosophy of either the majortiy or the minority (he got rms there).

It's hard to argue with that logic, especially when you step back and take a look at why Linux was so wildly successful over the past three years.

Sounds good to me

[Dacmot]

If the GPL is all about freedom, it's also about freedom of what you can do with it (ok you can't include it in close source software without releasing that source, but that's to protect it from being non-free).

If some third party wants to take the kernel source and add DRM to it, they are free to do so. I'm also free to not use their kernel and keep compiling my own from Linus' tree.

Linus does have a point.

WHAT?

[david_g]

After reading such blasphemous utterings, I propose we de-canonize St. Linus, the Farseer, and henceforth refer to him as "Linus, that puny piece of RIAA excrement".

Misquote

[overshoot]

Actually, he never said that but the woman who did insisted that it was the kind of thing he would have said.

My favorite kind of story: it may not be true, but it should be.

Re:Misquote

[egoff]

Hmm, you learn something every day. Beatrice Hall actually said it in her book The Friends of Voltaire that she wrote under the pseudonym S.G. Tallentyre.

The page linked above had another good quote:

I may disagree with what you say, but I will defend to the death your right to mis-attribute this quote to Voltaire.

---- Avram Grumer, rec.arts.sf.written, May 2000

Re:Misquote

[SN74S181]

And the irony is that the kind of people who quote that line are usually so deeply embedded in their armchair that 'defend to the death' would simply mean a heart attack during their struggle to get out of their 'armchair of rhetoric.'

Plus, many people who make claims like that shout down people they disagree with when they come to campus to give speeches.

DRM will be *needed* by linux

[James+McP]

Maybe not now, but later.

Look, you put out a set-top media box running embedded Linux. Assuming it is the multimedia grail (online video/audio playback & capture) it will do more than GPL/opensource codecs. It will NEED to handle WMAs and other proprietary formats that may include a time-locked DRM.

Do I like blanket DRM? No, I want to be able to make backups of my DVDs, CDs, and other purchased materials.

What I don't have a problem with is a box that will D/L the movie I want to watch and store it for a max of 48 hours in a "digital Blockbuster" scenario. And that will eventually happen as digital cable set-top boxes will include hard drives for local caching and they will require DRM on that hardware.

Same thing goes for more and more Point of Sale stations. Signed binary data will be more and more necessary. I'm waiting for the day software compares my signature with the one stored on the credit card's chip. And I'm all for it.

I'll be honest; I want them to be able to choose linux. The other option is that everything becomes Windows. Do you really want every credit card terminal, ATM and terminal to be Windows because it is the only thing that supports DRM?

Re:DRM will be *needed* by linux

[RickHunter]

Sorry, you haven't convinced me DRM is inevitable. Saying Linux must support DRM because DRM is inevitable because in order to support their current business plans, companies will require it doesn't work. Business plans change, attitudes change. Especially in response to customer feedback. You give Joe Average a set-top box that he can record his favorite shows on, but only play them back for 48 hours after recording, and Joe will flip you off and go back to using his VCR. Which doesn't try to tell him how he's allowed to use it.

I'd argue the opposite. That the eventual elimination of DRM is inevitable, as customers refuse technology that employs it, and companies see the technology they purchased for billions from some "security company" defeated in 15 seconds by a grad student. Read Bruce Schnieder sometime - "encryption" and "signing" are not the answer.

I think Linus Missed the Point....

[haplo21112]

Signing the Kernel sources or even the Binary...No problem....

Making the Kernel Compliant so that it will refuse to let certain media types run because the OS/System doesn't have the secret key to that media type...NOT OK...

The Preblem is in the furture inorder for some media types to run in the future to run public/private key stuff is going to hace to happen...however how can that happen in an OS kernel whose source code is public...the private key is then exposed to the world, which the media people who want this crap will never stand for...it could be wrapped up in a shared lib...but that violates everything OSS stands for...

DRM for the kernel to run on hardware which requires a signed binary is OK, I suppose although how do you control that since if I complie up my own kernel I need to sign it somehow to get it to run on my protected hardware, which means I have the ability to sign any binary to make it run on protected hardware...including a virus...and also I don't see myself spending 100's to 1000's of dollars to aquire the right to make binaries that run on my own computer....which is really where this discussion ultimately heads...

Re:I think Linus Missed the Point....

[Kourino]

In Soviet Russia, the point misses YOU!

Nowhere in this message does Linus even begin to talk about RIAA-driven media protection schemes. Why are you even bringing it up in this post? "Digital copyright protection" IS NOT the be-all and end-all of DRM.

Try reading the message again. Linus brings up the exact same point you did: "hiding" a private key in GPLed source is obviously not okay because it exposes the private key. And how does "wrapping it up in a shared lib" "violate everything OSS stands for"? Or are you conveniently overlooking the entire point behind the LGPL? Nevermind that shared libs don't even make sense at the kernel level.

Linus' message has nothing to do with Winputers or the RIAA or forcing you to run/not run whatever because some guy in a suit in Hollywood doesn't trust you with things that aren't his anyway. There's nothing to see here. Move along.

Re:I think Linus Missed the Point....

[sl3xd]

Making the Kernel Compliant so that it will refuse to let certain media types run because the OS/System doesn't have the secret key to that media type...NOT OK...

But you have to remember that this is a two-edged sword. Just because the ??AA uses it in an attempt to reduce copyright infringement doesn't make it evil. It can be used to protect corporate documents, reducing corporate espionage, or to protect your bank account's information so it can't be transferred to another computer.

Frankly, while I find the ??AA's use of DRM distasteful and choice-limiting (I can't play leagally-downloaded and purchased songs from Pressplay or some other 100% above the table downloading service onto my iPod-- yet), the fact of the matter is that there is rather widespread copyright infringement, and they feel it necessary to protect their revenue stream. Whether this is the right decision isn't the point; the point is that it gives them a choice on how they wish to distribute their product, which is something they do have every right to control, whether you like it or not.

With few exceptions, you still go to the supermarket to buy groceries; this does not mean that they are trying to control the distribution of their product. Buying a bottle that is labeled as 'Coca-Cola' is a good indication that you are in fact buying the product on the label, and that it comes from a 'real' source; that the laborers from the Coca-Cola company are getting paid for their work as a result of your purchase. While the ??AA is large, and its revenue probably isn't distributed properly, there still are a large number of 'little people' from recording/mixing engineers to assembly-line workers whom actually create the CD's and DVD's that depend on the revenue of record sales to make a living. The music industry isn't just about the artists and their executive workmasters; there are other extremely talented people who get little or no credit for their work.

..and also I don't see myself spending 100's to 1000's of dollars to aquire the right to make binaries that run on my own computer....which is really where this discussion ultimately heads...

Proving that you apparently are more interested in gratis software than libre software. This is already the case; even on Linux. Ever hear of Maya or Shake? They cost a few thousand each. Matlab, Mathmatica, Maple? Quite expensive. The programmers that made these products still need to eat and feed their families. They are already heavily DRM'd, although I'm not sure if they require a hardware dongle at this point in time.

Before the internet became as widespread and common as it is today, if you wanted a copy of the GNU utilities, you had to plunk down a few hundred to get a copy, directly from the FSF. As Stallman is widely noted as saying -- there's a difference between libre and gratis. He has no qualms making money selling people free/libre software; this is how the FSF stayed afloat during the 80's and early-90's, where you typically had to pay a few hundred for Free Software.

What this is about

[amcguinn]

No-one commenting so far seems to have a clue what this is all about, so here goes.

Imagine someone builds hardware that will only run binaries signed by the manufacturer (current example: X-box, future examples: who knows)

Now imagine someone makes a version of Linux with functionality limited in some way -- think DRM, and gets that version signed by the hardware manufacturer so that it will run on the controlled hardware.

Now, as a user of that version of Linux, you have all your GPL rights to obtain, modify, and redistribute the source. But, since only the exact original signed binary will actually run on the hardware, those rights are (arguably) worthless.

Linus is saying that this is permissible, or at least that it is not his job to try to prevent it.

Now at least the flames can be on-topic...

Re:What this is about

[WindBourne]

It is an interesting thought and you are correct in that you will not be able to modify the binary on the system. But the GPL does not give you the guarentee of being able to run the software anywhere on anything. It simple gives you the right to own the source code and to use it as you see fit.
If the hardware company elects to forbid you, well, you may wish to not buy it.

Re:What this is about

[spitzak]

I'm pretty certain Palladium adds machine instructions that a program can use to check if Palladium is still on and that the OS is trusted. It can refuse to run if Palladium is turned off and there is nothing any patched kernel or debugger can do about it. They can't patch around it because the test involves decrypting code with the private key buried in the palladium hardware.

The OS is responsible for making sure that everything loaded is "trusted" and turning off Palladium for the untrusted ones. If it didn't do this (or if there is a mistake, which is why "security" of Palladium will be absolutely zero) then the user can load some program that can examine the trusted program after it has been decrypted by Palladium and thus break the DRM.

Voltaire also said...

[DrWhizBang]

A witty saying proves nothing.

Re:Corn crops to Linus

[Zathrus]

You don't want morals? You don't want politics?

Don't use the GPL

Ah... I see. Apparantly the only way you can have morals is to use the GPL. Righto.

And, apparantly, Linus's refusal to go off the deep end on zealotry means that he's "wimped out". Got it.

It must be nice to view the world in black and white... so easy, so simple... so naive and foolish.

Linus is making the right call here... there are valid reasons for DRM-like policies. There are lots of invalid ones too. But if you want it to be free, then it needs to be free. Trying to contort the GPL or other free license to fit your world view is bullshit, and it undermines the entire point of the license.

"No, don't click through"

[consumer]

That just makes me want to click it more!

"Just an engineer", eh?

[Graabein]

Linus wrote:

> On the whole, this is just another example of why rms calls me "just an engineer" and thinks I have no ideals.

Perhaps what the world needs is more engineers and artists, and less flaming zealots. I think Linus has been, and still is, getting it just right. In fact, I think his statements above and the way he views this issue is 100% in the spirit of the GPL. The code is supposed to be free, remember? This includes free to be used in unspeakable ways, so long as the source is always included and freely redistributable. You can't claim freedom for only the ideals you like, that's tyranny.

Then again, IANAL.

Comment removed

[account_deleted]

Comment removed based on user account deletion

linux and DRM pros/cons

[dermond]

i think linus has a good point on this issue. there is nothing wrong that linux supports signing binaries etc.. it could be of good use for firewalls and security critical applications... etc..after all as long as i have the source i can compile a different cernel that does no restrict what i do not want to have resctrictec..

the other thing is the other DRM that the alliance of music, media and software industry wants to produce.. where every content is digitally signed.. where you can not change the operating system on your hardware anymore etc... this are extremly bad things for linux and free software... we have to stop this whereever we can.. or else in a few years we will not be able to do anything useful on linux anymore...

mond

Slashdot Mirror system

[Minna+Kirai]

Is this some kind of new precedent?

"Don't click through, it's reproduced below"

Apparently the Slashdot editors have changed their position on caching pages to prevent overload (the "Slashdot effect")

Will this be a permanent change, I wonder? And how did Michael get around those pesky US copyright laws? Did he actually wait for Linus's permission before duplicating his email?

Anti-Virus software checks binaries' integrity..

[wfberg]

Norton anti-virus on the win32 platform will 'innoculate' binaries (ThunderByte antivirus did this best I believe, alas, they're a gonner). Cf. tripwire.

If the checksum doesn't match, the binary changed, and the app won't run. Seems pretty sane.

Also, windows XP comes with "Driver Signing" which is basically an extortion bid to squeeze money from hardware suppliers (and perhaps to divert some of their cash from development of drivers for other OSes). Though fundamentally, it is not a bad idea to have some sort of check that the driver you just downloaded is in fact "blessed" by the manufacturer, if only for warranty purposes.

Checking checksums or signatures even does NOT equal DRM. As Linus said, this is something you can choose to use. Root gets a say in it (though in corporate environments it might still suck if you're not root).

DRM is not meant to be optional, it is meant to enforce license conditions ('rights'). Not security. Not integrity. Not trust. Making the possible impossible based not on security or convenience, but on a shrink-wrap license.

Checksums GOOD.

Signatures GOOD.

Digital Rights Management BAD.

It's NOT the same thing, folks.

Good point Linus

[sfitzjava]

I would agree with Linus' statement that there is nothing wrong with DRM. From a non-political point it makes since. Java allows signed applets, and webstart clients. This just provides the user with a way to determine if the code is okay or not. However I feel that if DRM is allowed to be implemented that M$ will skew us all forcing the hardware developers to only allow their signature. The idea is fine, and actually good, but the implementation will be like the US government. A good idea, but when money gets involved the jerks come out of the woodwork to skew everything. my $.02 -Shawn

Good vs. bad signers

[Davorama]

I don't see any sane way to distinguish between "good" signers and "bad" signers.

Well, duh... you check to see if the evil bit is set. I thought we had that all figured out now.

Re:Code is not exactly speech

[egoff]

DRM doesn't have to be evil, its just that many of the proposals for its implementation don't always have the user/consumer in mind. However, the basic idea of protecting copyrighted works is such an integral part of the American system that its written into the Constitution, Article I, Section 8:

The Congress shall have Power . . . To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.

Granted, abuse of copyrights is a huge issue right now, but the basic concept of securing them in a digital age isn't the devil incarnate.

Some people seem to miss the point.

[st0rmcold]

While Linus dosen't want to take a political stand on the issue (completly understandable, he's mearly protecting the sole reason for the existence of OSS) I think the GPL will clearly protect itself.

If you are required to publish the source of your work, even if you use DRM with linux, the source of that DRM must be released, which kinda cancels it out dosen't it? Making it pointless.

I'm not 100% sure on this, but putting DRM on anything GPL'd is a waste of time, cuz a DRM is only good if it's closed source.

Re:Some people seem to miss the point.

[Eponymous+Coward]

You're not advocating security through obscurity, are you?

Certainly putting the keys inside the kernel sources would be a waste of time because you have to make that source code available when you distribute your modified kernel product.

There is no reason why a well designed DRM system cannot be open source.

Re:Some people seem to miss the point.

[Minna+Kirai]

You're missing some important cases. Yes, the OpenSource-ness of Linux makes several imaginable DRM scenarios less viable. But there are plenty of alternatives that can still work fine.

The most probable one in my opinion (and what Linus alluded to by "providing a signed kernel") is that computer hardware will be sold which looks for a particular key/checksum on the kernel before agreeing to load it up. (Similar to how the Microsoft X-Box works today)

That kernel can then go on to enforce DRM policies on software you run- either by directly blocking copy-commands, or by restricting the list of userspace applications that can be executed to an approved list. (It may very well let you run a non-approved application. But DRM-protected files will be inaccessible to those programs.)

Note that this scenario won't work if 3rd party hardware vendors are allowed to sell modchips to override which kernels the computer accepts. But laws like the DMCA make trafficing in such circumvention devices illegal.

Two (of many) potential dangers if personal computer technology goes down this path:

1. The GPL will be perverted, to a partial extent. Many people don't care about the GPL, so this won't bother them much (at least not initially). The perversion is that consumers will recieve source-code from hardware vendors that they can read, but can't usefully change. Sure, they can recompile it on an (increasingly rare) desktop workstation, but they can never execute their modifications on the hardware they bought. For practical purposes, it's as if they got the code under a Microsoft-like Shared Source license, instead of an Open Source one.
   
2. The "General Purpose" computer will fade away. So too might the concept of widespread software development. Computer programming will not be accessible to everyone, only those wealthy enough to build their own hardware. Everyone else will be legally barred. Open-Source development depends on re-purposing commodity hardware by writing your own software, but that could become illegal. A condition like this would take a while to fully take root- but the spread of hardware verifying signed kernels is a firm step in that direction.
   

Re:Corn crops to Linus

You don't want morals? You don't want politics?

Don't use the GPL

Ah... I see. Apparantly the only way you can have morals is to use the GPL. Righto.

Er...no. This is saying "if you use the GPL, lots of morals and politics come along with it". It doesn't say "the GPL is the only moral license". It say "the GPL is a moral license".

Re:Same with X-box?

[Abcd1234]

No, this isn't the same thing at all (as has been said over, and over, and over, and over...). The X-Box contains a public key which it uses to verify the signature on code before it loads. This signature is generated using Microsoft's private key, which it keeps locked up safe somewhere. Here's how it works:

1. Microsoft takes code, generates a secure hash, and encrypts that hash using it's private key, generating a digital signature.
2. The digital signature is embedded in the work.
3. When the work is loaded by the X-Box, it decrypts the digital signature using MS's public key. Then, it generates its own hash and compares it to the one it got by decrypting the signature. If they are the same, the code is legit, otherwise, abort!

So, you see, there is no private information embedded in the X-Box. It's all public keys.

IT'S THE LAW, STUPID

[MS_leases_my_soul]

OK, I agree with what Linus is saying here - he is just a codehead and is not going to tell you what you can or can not put in your build. Cool, but we are still just talking about the technology.

The problem today is not the technology -- "IT IS THE LAW, STUPID!"

If Microsoft puts some crazy stupid DRM in the next version of Windows, it might be the final straw to get something else to the desktop (be it Mac OS X, FreeBSD, Linux, or something else). As long as people have the freedom of choice, M$ can only go so far before they loose the customer base.

The problem is the DCMA and the baby-DCMAs popping up at the state level. If the government makes DRM *MANDATORY*, you loose your choice. I can very easily see the RIAA and MPAA requiring that all OS's require DRM in the very near future. Think about it.

Hmm

[pclminion]

You can sign the binary that is a result of the build process, but you can _not_ make a binary that is aware of certain keys without making those keys public - because those keys will obviously have been part of the kernel build itself.

Ah, but do they really? I don't think there's anything in the GPL stipulating that an end user cannot modify a compiled binary. Why couldn't you just put a big static array of zeros in the code, and supply a secondary (closed source) program which overwrites those zeros with an actual key? You couldn't distribute pre-keyed binaries (since they wouldn't correspond to the source) but you can allow the end user to run a quick command to insert the keys into the binary him/herself.

You'd just make it a part of the installation process, like installing the boot loader. 1) Install kernel 2) Twiddle some bits in kernel 3) Install bootloader.

It seems like there would be no GPL violation since the binary you distributed was directly compiled from the source you distributed; the user just happened to run a command which overwrote a portion of that binary.

Get out the kindling!

[Visceral+Monkey]

Burn him!!! Burn the witch!!!!

But seriously. Options, even the sometimes-unpleasant ones, are always GOOD.

Hmm...

[BFaucet]

Well I don't see why anyone shouldn't be allowed to do this. I also don't see why anyone would want to use this under the GPL. One would think if someone didn't want people to tinker with something they made they would release it under a different liscense.

If used in any OSS projects I'm quite sure it would kill the popularity/success of said project very effectively.

What this actually means

[Kourino]

Since I've already replied to three messages this way, and a lot of people seem to be missing the point ...

Okay. First of all, DRM is NOT synonymous with "digital copyright protection", okay?

Second. Linus is NOT saying "DRM is good" or "copyright protection is the shiznit". He in fact says in the message that a lot of uses for DRM he doesn't like.

Third. An example of what this article is actually talking about is cryptographically signing a regular, run of the mill built-by-Linus kernel image, somehow providing the signature along with the image at boot, and refusing to load it if the signature doesn't match. Since you don't modify the kernel itself, the GPL has no scope here, so it's obviously not prohibited under the terms of the GPL.

Fourth. This does NOT allow magically modifying the kernel image, nor does it allow magically allow copyright protection in the kernel, nor does it allow hiding private keys in the kernel, etc.

READ THE ARTICLE. Turn off your Slashdot "omg wtf it says drm so it's bad, lol" meme. Linus is not selling your souls to Jack Valenti here.

DirectTivo already does this.

[dunham]

The kernel and initrd on the DirectTivo are signed, and the boot ROM will only load a signed kernel. (The initrd checks the root partition for modifications.)

They do this because you can get DirectTV without paying by tweaking the software. (They currently do not do this in their standalone units.)

It's more complicated than that.

[DdJ]

Imagine the following:

1) Someone makes a BIOS that will only boot a signed kernel, where the person with the BIOS password gets to pick which signatures are valid.

2) My company buys a bunch of workstations with this BIOS.

3) Our IT guys build a kernel that's tweaked for our company. They sign the kernel, and set the BIOS to only boot kernels with their signature.

This is wonderful. It means folks can deploy Linux within an organization without having to worry about umpteen zillion different kernels being installed by the workers. It means you can deploy at a university in such a way that students can't make their own boot floppies to get by the access controls on your public machines. It's a Good Thing.

Now, imagine this:

4) A set-top box designer uses this BIOS.

5) They set the BIOS to only boot kernels with their own signature, and don't give the BIOS password to people who buy the set-top boxes.

6) They refuse to sign any kernels that anyone else makes, and refuse to sign any kernels with dynamic module loading turned on.

This, I think, actually violates the GPL. They're distributing a Linux binary, and they're not giving you any way at all to modify it. You can't tweak the kernel you run on your own hardware that you bought with your own money. I think this would only comply with the GPL if you could boot your own signed kernels that the system would use. The fixed signature ends up being an important part of the running binary, and you're not given the "source code" you need to compile that part of the binary.

So, I think some uses of signature do not fall outside the scope of the GPL.

Re:It's more complicated than that.

[amcguinn]

You've defined the issue very well, but I don't think either scenario can be prohibited.

Imagine this: Company A makes a set-top box as you describe. Company B develops and publishes a linux binary for it, with source, etc. Company A then signs the binary and distributes the detached signature. The box will now run the special signed version of Linux.

Who has broken the GPL? Company B hasn't done anything wrong at all. Company A has not used, distributed, or created a derived work of any GPL'd software. They are not a GPL licensee, unless you can claim that the MD5 sum of a program is a derived work, which is ludicrous.

No, it's difficult, but Linus is correct. The GPL protects the software only. The remedy to this problem lies elsewhere: people should choose not to buy crippled hardware, and governments should not make laws prohibiting people from modifying their own hardware.

Re:It's more complicated than that.

[DdJ]

To elaborate on my own point, since a few people have missed the implications of the GPL, here is how the GPL explicitly defines source code:

The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.

Think that through.

If you give me an executable, and you do not give me everything I need to not only recompile but to actually install that executable (with the exception, listed a little later, of the stuff that always comes with the system you're installing on), then you have not in fact given me the source code, by the very definition contained within the GPL.

Re:It's more complicated than that.

[iabervon]

It's possible that the second situation might be construed as linking the kernel and the BIOS into a single derived work, since the kernel is now essentially an irreplacable part of the BIOS. That would require the BIOS to be GPL.

On the other hand, it's easily possible to build a device which includes a Linux kernel which can't be replaced by the end user: just put it in ROM. The way to install a replacement would be with a soldering iron and a ROM fab, which would be beyond the means of most users, but there's no requirement in the GPL to only use techniques which everyone could replicate.

This isn't really that different from the Red Hat release process where the final steps include "send the ISO to the CD plant" and "shrink-wrap the box". The end user will have an extremely hard time producing a labelled, pressed Red Hat CD that boots a different kernel, but that's not Red Hat's fault, nor does it prevent them from selling such a thing. Red Hat can even sell to people who don't have a CD burner, although these people couldn't produce a CD from source.

The GPL only requires that I give you all of the information required to rebuild from source, not that I give you all of the other resources required to produce exactly what I am distributing, when the other resources are not information.

What I don't understand is...

[ChrisPaget]

...how DRM ever actually *CAN* be integrated into Linux in a useful and reliable way. Any kind of code-signing / authentication mechanism will ultimately depend on a signed kernel, and since you have the kernel source you can do whatever you like with it, including spoofing the "Yes, we're running DRM" responses. Even if it comes down to a hardware chip, the kernel will still be perfectly capable of intercepting calls to this chip and spoofing a "Yes, we're running DRM" reply. If the DRM-protected content is dependant upon mechanisms implemented on the client in order to restrict usage, then having total, source-level control over those mechanisms completely negates the security they provide.

Maybe I've missed something here, but client-side security never works in the end. And in the case of DRM-on-linux, I don't see how it can even get off the ground....

Re:What I don't understand is...

[SmartGamer]

I'm pretty sure Linus is aware of that. I would not be surprised if he is fully aware of the fact that any security or DRM features in any open-source system can and will be circumvented.

Think, if you were in Linus' position: Would you rather raise a stink about DRM and try to ban it from the Linux kernel, probably getting arrested in the process, or just let it happen and not fight when people develop ways around it?

Hrm...

[autopr0n]

Well, there's a big difference between allowing people to digitally sign binary builds of the kernel, and actually supporting DRM directly.

Personally, it seems almost irrational to want to keep people from signing copies of the kernel. It's almost a free speech issue, people should be able to sign whatever the hell they want.

I think the real issue is restrictions people place on others, the TCPA/Pallidum DRM systems of which code signing is only a small part. I think I would hate to see Pallidum style 'locks' on the runtime environment in the 'official' version of the Linux kernel. If that does happen, I'm sure it will fork like mad, though.

I guess what Linus is saying is that if some companies want to make locked up, DRM'd systems using the Linux kernel, it's OK with him.

KDE has DRM

You may not know this, but in kde 3.1 the kde developers added a beta DRM system to stop you from doing certain things like launching unauthorized programs, reading certain programs or changing certain settings.

In the 3.2 release the DRM framework will be complete, and will be a tool released so the restrictions can be easily mandated by the administrator.

So if you want freedom, run twm @ 640x480!

Here is how it's going to go down

[RexRuther]

It will start innocently enough with one of the major PC manufacturers coming out with an extremely inexpensive PC. This PC will be bear three things. The first will be that this PC will have superior performance to any machine currently available. The second will be that it will have a DRM enable operating system that is much better than its predecessor (both performance and stability). The final item will be that the hardware will be DRM enabled and will be more advanced than anything currently available.

The hordes will eat this machine up and it will become the most popular system out there. They will love it and see nothing wrong with it. It will run just like their old machine only faster and more stable. It will run their old software and new DRM enable software transparently. The difference is that the DRM software will be copy protected and the users will be almost guaranteed to pay for it. The majority of people will not notice since most people pay for their software anyway. The hordes will drive the market to a DRM enabled system, the ultimate lock-in.

On the other side of the fence, the 'free alternatives' will be not be able to get the new hardware to work with their 'Free alternative'. They will boycott the manufacturers, but their boycott will not change things. They will not see the market for non-DRM enabled hardware and will, most likely, be locked into DRM for fear of being excluded from the much larger DRM market. Eventually, the 'free alternative' will only work on older hardware with older software. The 'free alternative' will not be able to run the latest and greatest DRM enabled software or media.

The free alternative will eventually die off due to the fact that it can't run the latest and greatest hardware and software.

It's coming to a neighborhood near you...sooner than you think.

Misunderstanding

[awol]

I think a lot of people here are reading too much into Linus's statement "On the whole, this is just another example of why rms calls me "just an engineer" and thinks I have no ideals." I do not believe that Linus is (a) making any reference to RMS position on DRM; or (b) suggesting that this is an issue over which they have a difference of opinion, just that he is saying he is infavour of _not_ letting ideals get in the way of his engineering.

Further, RMS must support rights management, since the GPL is a rights (or lefts) based device. That the management of rights over the digital domain should be excluded from the principle seems counterintuitive to me. Even when one acknowledges that Digital Right Managment is such a misleading name for the idea, Digitial Freedom Restrictions would be much better, RMS still has to be in favour (perhaps not, because I am sure he would recognise the pain of the implementation) since the GPL effectively restricts ones freedom to use GPLed stuff as one pleases.

This is why I disagree with him (RMS). Copyleft still relies on the existence of property in ideas (or the manifestation of those ideas, the "output of intellect" as I like to call it) and it is the existence of property in these things that is broken (IMHO) where there is no property the vendor of the thing is perfectly entitled to do what they like to DRM their thing, but they are subject to the normal vagaries of competition law and that will become an increasingly powerful (despite the recent microsoft case) avenue as industry consolidations increase. But by the same token the punter is entitled to do what they like with what they are given when they make the purchase and no amount of fannying about with "license" based restrictions will do any good (when there is no propoerty that is).

From my perspective there is only one valid

Torvalds muddying discussion with PERSONAL stuff

[crush]

On the whole, this is just another example of why rms calls me "just an engineer" and thinks I have no ideals.

Nice one Linus, drag in the hated figure of RMS to rally the troops around to support your position and make sure that this becomes a personality grudge-fest instead of a discussion about the principles involved.

Easy steps to win an argument in the GNU/Linux community:

1. State position
2. Point out that RMS doesn't like you or the position.
3. Profit!

Who gives a rat's ass what RMS says about your ideals. The question is what are your ideals? The continued existence of GNU/Linux above all other things?

And like the software patent issue, I also don't necessarily like DRM myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I refuse to play politics with Linux, and I think you can use Linux for whatever you want to - which very much includes things I don't necessarily personally approve of.

OK, so how do you justify that? Just stating your position doesn't justify it.

[ Personally, I see it as a virtue - trying to make the world a slightly better place _without_ trying to impose your moral values on other people.

That's a dishonest position: when you do anything you impose your moral values on other people. The decision to not "impose your moral values" is in itself an imposition of your moral values on me. Everything we do and don't do has an effect on everyone around us. Specifically allowing the spread of DRM into GNU/Linux allows the propagation of content which has none of the fair use rights that content has had in the past in other media. Your decision not to oppose this (which it is your right to make blah blah etc) is a decision to allow something which you "don't agree with" to occur. You've made a choice with concrete effects in the real world.

You do whatever the h*ll rings your bell, I'm just an engineer who wants to make the best OS possible. ]

Then don't make political pronouncements on political matters and pretend that you're not doing that.

Reply to oncoming flames: no, I can't code to a hundredth fraction of Linus.

Signed binaries subvert the GPL

[Sloppy]

Binaries that "don't work right" if they have the wrong signature, effectively subvert the intent of the GPL. The GPL exists to empower users by making them not be hostages to any other party. When you have the power to rebuild and maintain the software you use, then you can

• Stop doing business with a programmer who works against your interest.
• Shop around for whatever programmers you want, based on price, quality, or whatever.
• Recover from a programmer getting run over a bus or going out of business or "reprioritizing their corporate strategies" or something like that. When you run GPLed software, you don't have to worry about being "orphaned" anymore, as long as you are willing to put in the time and effort and expense to do something about it. (I have to say that as an ex-Amiga user and a former OS/2 user, I am very sensitive to and grateful for how the GPL solves this problem. Think about what happens to the user of "dead" products. It really, really sucks, and you don't want it to happen to you.)

This gives users a strong incentive to choose GPLed software. GPLed software is worth more than software that can't be maintained or supported. I am not speaking as an ivory-tower theoretical religeous "zealot" -- I'm speaking from real-life experience directly derived from has happened to me when software that I used, rotted. This is real and it matters.

But binaries that can't be loaded without the right signature, take all that away. The main advantages of Free Software -- from a user's point of view -- are nullified by it. If your computer's BIOS won't load your OS because the signature is wrong, it's no different than not being able to build the software at all, due to it being linked against a proprietary library or due to you not having the include file that contains the define for a secret key, or due to you not having the source to anything. You can't maintain the software that you use. It might as well be proprietary software -- it's no different to you.

Linus isn't thinking in these terms, and Linux is his baby, so while it may make sense for me to talk about the purpose of the GPL in general, it is of course wrong for me to talk about the purpose of Linux's license specifically (even though that license happens to be the GPL). Apparently Linus didn't choose the GPL because he thought it was perfect, but because he thought it was best, or good enough or something. And as a developer he still gets the advantages of "open source" even though the users of his work are apparently destined to lose the advantages of "free software." (I guess this paragraph isn't saying anything that everyone doesn't already know; I'm just acknowledging the difference between Linus' values and many Linux users' values.) It makes me wonder: why didn't Linus choose the BSD license instead? It seems that it would serve his interests just as well.

(Well, I'm off to vacation. No more arrogant noise outta me for about a week -- well, at least not here on Slashdot. See ya.)

Re:Signed binaries subvert the GPL

[alange+lurk]

It's been mentioned elsewhere in the thread, but there is a difference between the hardware and the software. GPL applies to software, not to hardware.

The DRM "features" that most posters are complaining about would have to be implemented in hardware (if they are in GPL'd software it would be possible to modify your copy of the source and compile a new version). As such, it is the hardware manufacturers who need to be persuaded that DRM is bad, not Linus.

Further Discussion

[SomeOtherGuy]

DRM is like the discussion on gun control. (Guns don't kill people, people kill people.) And putting a nice fat elk on the dinner table is always a good thing for us meat eaters. DRM is the same way -- Linus is talking (in my opinion) about a useful purpose for something (that in the wrong hands) can cause a lot of damage.

I wonder ...

[$0.02]

... if one of the leaders of OS community admits to be Oppenheimer should Bill Gates admit being a Cllosedheimer.

You're forgetting one thing...

[Ghengis]

At least in the U.S., the cable-company owns the set-top box, so they don't have to give the source to any customers, because they're not __giving__ the kernel in the first place. They're just letting someone use their computer.

Private key != source

[karlandtanya]

Assumptions--Just to keep the discussion non-trivial: Binary programs outside the kernel can be "fooled" into thinking they are "trustworthy", and a binary kernel can't. Fritz and all that...

Let's say I want to operate karlandtanya's streaming radion station. You can play music but you can't copy it. I believe this is possible becasue I don't believe in the existence of analog recorders. Hardware is cheap, but commercial OSs are not. So I choose to use GNU/Linux for the OS.

I want to prevent you from copying the digital stream I send you. How do control functionality and still respect the fact that you have the right to hack GPL software?

I sell a subscription to my service. I give you the OS and software. The box (and its Fritz chip) remain mine, but you are allowed to use it as long as you are a subscriber. I threaten to sue you if I find out you've changed my hardware in any way.

The OS I give you is "karlandtanya's Orwellian GNU/Linux". The distro comes with a binary kernel that I've signed. I also give you sources for everything, including a key-response program (which is compiled into the kernel) and (just to show I'm sincere) the source for the server side of the system. But I don't give you my secret key.

You immediately untar the sources, recompile the kernel and install. You don't make any changes to the source or any configuration.

You boot the box I loaned you. The Fritz chip won't let it boot. My hardware can only be used to do what I want it to you. "That's fair.", you say. "I paid for the subscription, not the box."

Because you are very clever, you have another very similar box, but without the Fritz chip. You build and install all the packages in karlandtanya's Orwellian GNU/Linux on your hardware and boot it up.

Next, you log onto my site. The site initiates a secure handshake with the key-response program built into your kernel. But when you built your kernel, you did not use my secret key. So the binaries cannot verify against my server. The site denies you access.

Now comes the interesting part:

Now, you and 10,000 of your friends take me to court for GPL violation.

Plaintiff: "Since I cannot compile a working binary from the source you sent me, you did not release the source code. You are in violation of GPL. You must release the source, replace the OS with a non-GPL OS, or refund our money."

Defendant: "Yes, I did release the source code. And it works. I just didn't give you my secret key."

Plaintiff: "No, you did not release the source. Since I cannot build exactly the same binary that you sent me, part of the source must be missing."

Defendant: "Yes, I did release the source. The binaries you generated function exactly the same as the ones I gave you. Part of their function is to verify that they were created using the same secret key as the server they are trying to connect to."

Judge:...

Mandatory DRM not GPL compatible

[gr8_phk]

Once you make it illegal to use an unsigned OS, Linux under the GPL is screwed. As a legal mandate someone will be put "in charge" of signing binarys. Not Linus nor anyone else outside the appointed (not elected) inner circle will be able to sign an OS. Since GPL requires source to be available, this will make the big commercial Linux distros better than Windows, but rest assured that the intent of the GPL to allow people to modify and redistribute will most certainly be compromised. Sure you can mod and distribute the source, you just wont be able to boot it.

Just taking the other side to promote discussion.

Okaaaaay

[0x0d0a]

Linus' pet operating system would not even exist, and have a strong ethical footing supporting the "goodness" of that existance, were it not for RMS' philosophical views. While this does not represent a "debt", per se., decent people generally respond to kindness (yes, the GPL is an act of kindness), by reciprocating.

Uh...Linus does. Stallman and Co. handed him lots of code to use. In return, he did the same, and now "GNU/Linux" has the best kernel around.

OTOH, I don't think that Stallman should be trying to push his ideology on Linus any more than Linus should be trying to do so to Stallman. The difference is that Stallman tries to do exactly that with Linus, and Linus doesn't do so to Stallman.

Re:Okaaaaay

[renehollan]

OTOH, I don't think that Stallman should be trying to push his ideology on Linus any more than Linus should be trying to do so to Stallman. The difference is that Stallman tries to do exactly that with Linus, and Linus doesn't do so to Stallman.

I suppose that one shouldn't push the "ideology" that treating others worse than one would ever want to be treated one's self, either? Do we let others pursue their chosen "ideology" of murder? If not, then why not, and what makes us "right" and others "wrong"? These are the (hard) questions to ask.

A very strong argument can be made that non-free software is so harmful that it ought to be outlawed. I don't particularly agree that that's the case, but neither do I see Stallman's "pushing" of his ideology as particularly forceful: he's not putting a gun to Linus' head to "comply", is he?

Stallman's "force" is nothing more than strength of conviction.

Torvalds' political apathy, on the other hand is irritating, in the same way that Canada's wishy-washy stance on the war in Iraq is irritating: trying to please all by doing nothing.

Guess what: driven people have strong opinions, and are willing to risk unpopularity (and often, much worse things), to stand by them. Such people make good friends and allies, though they do have enemies as well. When push comes to shove ("Linux is for terrorists"), will Linus be a "fair weather" friend to the Linux community, quietly disappearing into obscurity? I hope not, but, sadly, I'm not sure.

Re:Okaaaaay

[fucksl4shd0t]

I suppose that one shouldn't push the "ideology" that treating others worse than one would ever want to be treated one's self, either? Do we let others pursue their chosen "ideology" of murder? If not, then why not, and what makes us "right" and others "wrong"? These are the (hard) questions to ask.

Not that hard, if you actually put your brain to the task. :) There is a core set of behavior that is damaging to society as a whole, whether the behavior is practiced by politicians or criminals (the same class!) or whatever. Murder is in this class of behavior. This behavior, when let run wild (as in the favorite cite of Nazism) isn't just damaging to the world we live in, it can potentially destroy the whole world and all of human existence. Therefore, for pragmatic reasons, this behavior shouldn't be allowed by the forces that be, and if they practice this behavior, they should be thrown out and new powers installed.

Guess what: driven people have strong opinions, and are willing to risk unpopularity (and often, much worse things), to stand by them. Such people make good friends and allies, though they do have enemies as well.

How's that song go? "I don't wanna hear how you're so driven" some more stuff, then "If you say it, mean it, if you mean it, do it. You can't live your live through me, if you do it, live it, if you live it, say it, action is the air you breathe." Yeah, that's right, take your packaged rebellion. :)

Re:Okaaaaay

[renehollan]

Not that hard, if you actually put your brain to the task. :) There is a core set of behavior that is damaging to society as a whole, whether the behavior is practiced by politicians or criminals (the same class!) or whatever. Murder is in this class of behavior. This behavior, when let run wild (as in the favorite cite of Nazism) isn't just damaging to the world we live in, it can potentially destroy the whole world and all of human existence. Therefore, for pragmatic reasons, this behavior shouldn't be allowed by the forces that be, and if they practice this behavior, they should be thrown out and new powers installed.

That's a circular argument: Murder is illegal killing, and should therefore be considered "wrong".

Well, ..., okaaaaaay.

The hard part is not arguing that murder is wrong: that's axiomatic. The hard part is determining when killing another is murder and when it isn't.

Now, even there, we've got a pretty good set of rules to guide us, but murder and killing, are extreme actions -- irreversable, given modern technology and medical skill (and, one could argue, by definition, since, if someone can be "brought back", then, perhaps, they weren't dead to begin with. Not really.).

The really hard questions are along the lines of "Should activity X be prohibited because it may lead to bad thing Y?".

May is not will, but increasing the mere liklihood of bad things is not acceptable, is it?

Think "Gun control" for a hard problem. (Philosophically, increased accountability for firearm use may render it a simple problem, but such rational approaches have not been socially accepted on a wide scale, so the problem remains "hard").

Re:Okaaaaay

[twofidyKidd]

All that "rhetoric" on how they can be used to stop a tyrannical government could've flown back in 1776 when the people were the government and there wasn't such a thing as a "defense budget." In good ol' 1776, the farmer and the president had the same shit at their disposal. Now if you come within a mile of the White House with so much as a .22 handgun, the prez's SS (I really meant secret service) makes the phone call to the man on the roof about the "terrorist" en route, and he takes your ass out with a high-powered rifle right between the eyes at a range in excess of a few hundred yards. To hell with breaking a sweat in an Apache...

I completely understand your argument, but at least I hope you see the "Tyrannical" underpinnings of the foundation from which our president, and most of our government, acts from. If you don't like what they're doing, you may have a right to say it, but at this point you have to assume that a public declaration of your opinion will result in your name appearing on an Ashcroft sactioned terrorism watchdog list with a silent, but rather large barrel pointed at your back. Wish you had some defense now...

Re:Okaaaaay

[Eivind]

Reminds me, DRM in concept, in my opinion, does not benefit the world and should be fought. Linus was talking about (I think, it's been a few hours since I read the post) how the technology itself wasn't inherently evil and presented at least one case where it might actually be good.

No he wasn't. He was only saying that a) he thinks it is allowed by the current licensing, and b) he thinks it should remain legal.

And since most proposed DRM schemes involve letting some 3rd party corporation manage your digital rights without your consent, then there's yet to be a good reason to have it.

DRM is not intended to protect (or manage) your rigths. It is intended to protect and manage the rigths of the creators of various forms of copyrigthed material. The protection it offers is protection from you. It does so by running only programs trusted by the copyrigth-holders. If *you* trust the programs or not is irrelevant. (you already have the choise not to run untrusted programs today: Simply don't install them.)

Ofcourse along the way DRM also "protects" many non-rigths. That is, it makes many perfectly legal activities impossible or impractical. For example, in none of the systems I have seen is there a provision for allowing unfettered access once copyrigth expires. Many schemes also impose additional restrictions like only being able to play the media in one region of the world, or not being able to resell the media should you get tired of it.

Yes.

He then founded Be Inc, made the BeOS, then sent that down the toilet.

"Internet Appliances". Ha.

One question...

[aardvarkjoe]

I'm curious ... Linus says that you can't put private keys in the binary ... but what about loadable modules? After all, non-open-source kernel modules are allowed anyway, so it seems like you can essentially get anything you want into the kernel already.

Or is there some reason why that's not relevant? (I admit, I don't really know exactly how DRM's supposed to work.)

My revisions, with justification

[0x0d0a]

Gates: VERY BAD!

Gates is the worst of the worst. He's bad, and competently so.

Ellison: BAD!

I think Ellison is fine. Yes, he's arrogant, immature, and runs a big company with tight licenses...but he also spends his days having fun taking swipes at Gates. He wins because he's a lesser of two evils. If Gates weren't around, he'd probably be a bad guy.

McNealy: BAD!

Doesn't seem to be particularly bad or good, in my book. Some good things, some bad things.

Carly (HP): VERY BAD!

She's bad, but incompetently so. Reminds me of AOL execs -- sure, they fall into the bad category, but they're far less dangerous than their MS competitors, so I'll root for them just as the underdog.

IBM CEO: What day is it?

IBM's happening to be nice ATM, but...

Linus: See above

Linus is great.

ESR is great too...sorta like Linus. The emphasis is on engineering.

RMS is a jerk, but I suppose that you have to have an extremist to lead a movement.

Why signed binaries are not allowed by the GPL

[Tom7]

Under a strict interpretation of the GPL, signed binaries would be illegal to distribute, unless you distribute the private key that you use to sign them (making the signatures worthless, obviously). Here's my reasoning.

Let's assume you're using a standard signing algorithm like RSA, which signs a hash of the message (the binary).

Such a hash is a derivative work -- it's created directly from the binary through a hash function. (This is the biggest stretch of the argument, but at least in a mathematical sense this is very accurate. Note that it is not simply a re-expression of the work, but really reassembly of the bits in the original copyrighted expression).
A signed hash is a derivative work of the hash of the binary, for the same reason.

Therefore, the signature has to be distributed under the terms of the GPL as well. That means that if you give it out, you need to give the source to it as well. The source code is defined in the GPL: "The source code for a work means the preferred form of the work for making modifications to it. ... However, as a special exception, the source code distributed need not include anything that is normally distributed..." The source for this hash is the program that does the hashing and the signing (probably exempt by the second sentence) and of course the private key used to sign it.

Of course, this is a little tongue-in-cheek. But I think it's important to remember the clause in the GPL that requires you to provide not just source code but all of your build tools. Imagine if you created a new wacky language extension to C, (like a new primitive called do_my_secret_stuff) then used that to compile a program and gave out only the source code in C_with_secret_stuff? Those clauses are in the GPL for a reason, so don't forget what "source" means!

Re:Why signed binaries are not allowed by the GPL

[jms]

[a signature hash] is a qualitative statement made about the work in question, but the statement is its own creative work.

This is completely untrue. A signature hash is a quantitative statement about the work. That's the entire point of a hash. There can be a thousand english-language reviews of a movie, all of which will be different. There is only one possible hash of a kernel in any given hashing language/algorithm. There is no room for "creativity" in the computation of a signature hash.

However, I doubt that a copyright infringement case would get very far. Consider the criteria for fair use:

Criteria 1: What is the purpose and character of the use?

The purpose of a hash is completely different from the purpose of a kernel. The hash also has completely different characteristics than the kernel. Both favor fair use.

Criteria 2: What is the nature of the work?

The nature of a hash is a single factual, mechanical observation about a published work, favoring fair use.

Criteria 3: What is the amount and quality of the work being use?

The amount of the work included in the hash is a vanishingly small amount of the original work. Less then 100 bytes derived from a several megabyte program. It is impossible to reconstruct a kernel from a kernel hash. Both observations favor fair use.

Criteria 4: What effect does the use have on the market for the original work?

None, thus strongly favoring fair use.

DRM vs. signing

[dh003i]

Digital rights management is just that -- digital rights management. It is designed to prevent me from making fair use of MY software, music, DVDs, whatever.

I think what Linus is talking about is an entirely different applications of essentially the same technology. He's talking about signing as being a good thing, so that we -- the users -- can verify, for example, that the latest kernel release was actually released by Linus, and not some poser. This is good and fine. If we want to be able to verify such things, we simply install the appropriate verifying software, with internalized or modularized support in the kernel; alternatively, we can add/remove that verifying feature from the source.

In other words, *we* have the option to have these things, which would allow us to verify that the latest kernel release was actually signed by Linus (doesn't GPG do this?)

However, DRM and digital signing can never work in a GPL'ed system unless the person controlling the computer wants them. You're welcome to put a DRM-scheme in any GPL'ed (say) CD-player, referring to an external closed key. I, however, if I don't like that, can remove that from the source, thus have the program not even request such a key. Likewise with signing. This does not mean that DRM and signing are useless on GNU/Linux. It just means that they can't* be imposed against the administrator's will. The administrator of the computer can still use them -- if (s)he wants -- to verify that updates are signed by individual's they trust. And they can still use them to ensure that ordinary users on those machines (if said machines are corporate) can't use them to violate copyright laws, which would create liability for the corporation. However, the administrator can also choose *not* to use them.

I also don't see how RMS is the counter-point in this case. RMS has had ample opportunities to include anti-commercial, antiÐadvertising, and patent-fighting terms into the GPL. He has refused. I e-mailed him asking about the Open Software License, which has a clause in it that would terminate the right of anyone to use that software if they brought a patent lawsuite against any other under an OSI-approved license with the same clause in it. I suggested he put such into the GPL to ward off patent lawsuites. He refused, stating that there was already something in the GPL preventing stealth patents from infecting GPL'ed programs.

I don't think it's enough, but his worry is that such a clause would make the GPL a EULA, regulating the user's actual *use* of the software. I also don't see anywhere where RMS or anyone else in the FSF has said that the GPL bans DRM and signing, nor that it should be modified to do so. As it happens, I think that such a clause should be included in the GPL, because patents are a major problem for ALL software developers. If developers had to do exhaustive patent searches before writing code, nothing would EVER be produced. I think, however, that anyone who wants such a clause can simply add it to the GPL in their own modified version of it.

* The worrysome case, however, is with things like requiring DRM by law, or by hardware code. There are nazi ideas floating around to make it legally required for all software to use DRM. This may not directly affect any FS/OSS projects, as they can simply move abroad. However, one should not understimate the power of multinational corporations to get the WTO to penalize nations that don't agree to the US' draconian IP laws. Furthermore, hardware initiatives like Palladium would prevent GNU/Linux from running on hardware at all.

I don't agree fully

[I_redwolf]

As i'm not one to just jump into the foray of "yes yes, praise the almighty Linus" there is only one valid reason I see use for DRM and that's the binary signing but as it was pointed out it depends on who's doing the signing. The functionality which makes most sense for DRM already exist in the application arena with checksums/md5sums/etcsums and I just don't see how having DRM in the kernel is really going to change much. Maybe, for local networks, private industry inhouse situations where security is end all, be all it'll allow for tighter integration (ie: with hardware) and one less security issue but I mean this is such a small niche that it becomes retarded, again it can be done with software, ids programs etc and it's not like you can't write a module to monitor file checksums etc. Really the same problem exist, who's signing what.

It seems a little redundant to me really and whenever Microsoft talks about DRM they are talking about media as in video, music etc. 90% of people don't check checksums now all of a sudden they are going to start checking who signs their binaries? So here are a couple of questions that remain.

Is DRM really protecting the consumer?
Who's going to sign my binaries? ie: Project maintainer? Microsoft? Redhat?
If Joe Q Hacker signs my binary what's to stop it from running? I mean in all reality Joe Q User isn't going to check that it's safe or even care.
Is this protecting me as the computer user?

Feel free to answer the questions or point me in the direction of some documentation but as of now I think DRM is pretty retarded and is just going to be more stuff I don't waste time compiling, all it does is add another level of exploitation that already exist, this is just spelling it out and making it easier to exploit platforms that use DRM. Also, correct me if i'm wrong.

Will DRM even work in Linux?

[Skapare]

What the media content providers want to ensure is that you, the human being, can hear/see the content, without there being a way for you to actually copy it to allow others to hear/see that content, or even for you to hear/see it at some later time frame or more than a specified (e.g. paid for) number of times. Whether we agree with their right to do that or not, that is a general description of their goal (or at least for many of them).

No protection will be perfect, of course. If you can hear it, you can record it from a microphone. If you can see it, you can record it from a camera. But as we know from past articles on Slashdot and elsewhere, even these techniques of copying are targets of efforts to prevent recordability. If you succeed at such recording, perhaps at least these methods will have forced a degradation of quality in that recording (e.g. while working to strip out any watermarking, you also damage the quality).

What the content providers particularly loath, however, is the ability to have direct access to the content digitally. If you have that, you can copy that as is, and play it back at a different time or place or in front of a different audience or multiple times. The primary means of preventing this is encryption. But at some point it has to be decrypted. At that point you then find the content in the clear. One aspect of DRM is to deploy a "sealed box" wherein the decryption can take place, yet the user cannot get access to the clear content. Windows can potentially do this due to its closed and proprietary nature. It won't be perfect, but most people will not have any idea how to bypass DRM. There is the potential to distribute software to do it that anyone can use, but certainly we can expect DRM in cooperation with Windows itself to make it hard for unsigned (by Microsoft) software to have access at the level needed to get at the clear content. For example, Windows with DRM will probably refuse to allow you to install your own sound card driver since that is one place where the clear content will be going through.

Linux could certainly have DRM code integrated into it. But because it is open source, and you can build your own kernel, this is a much harder black box to implement. From the point of view of content providers, Linux is a hazardous environment (so is BSD).

Linux supports loading modules which might be available only in object form. There are such modules already available commercially, such as for certain video cards. Some of us love them (because the cards are awesome) or hate them (because the modules are buggy, perhaps with new kernel versions, and cause crashes that would otherwise not be the norm in Linux). But when it comes right down to it, we can add new code to the kernel to work around all the interfaces the module is using. For a device driver, the hard aspect will be seeing what it actually does with the device at the register level. But a DRM black box would be something quite different, since it would need to be able to use existing sound card or video/TV card drivers. That opens the potential to wedge a tap in between DRM and the drivers (or even replace the driver with your own), which Linux would allow and Windows would not so easily. And don't think the media content providers don't know this (they have been getting a lot of hard technical lessons the past few years).

But it can still be possible to have DRM with Linux. One approach is to put the DRM directly in the device driver. That would help, but wouldn't be perfect since other code can be present in the kernel to get cozy with what the DRM is doing. The big problem is getting all the device manufacturers to make a Linux driver.

Perhaps the best (from a practical perspective, were the content providers ever to realize this) way is to put DRM directly in the hardware. That's about as sealed up as you can get. I'll explain how this can work in terms of music in an encrypted MP3 format, but you can extrapolate it in terms of other media or

I would LOVE signed kernel support in bios!!!

This whole "debate" is like saying you can't sell hammers because we think someone will use them as a deadly weapon. BIOS support for signed boot images would be a good, useful thing - don't confuse this "hammer" with the malicious intent with which it may be used.

Imagine being able to tell your bios not to load a kernel (actually, boot loader is probably more accurate), unless it was signed by you. Then you've just guaranteed that even after a system break-in, you can at least start from a known clean kernel.

Doing this in hardware, designed so that there is no way for the running OS to overwrite the BIOS' copy of the key, is the only way to make it safe.

And, yes, I would personally USE it. I would LOVE to be able to tell the bios not to load a version of grub I didn't install, and I'd love to then also be able to tell grub not to load a kernel that was modified without my knowledge. While we're at it, I'd like to be able to extend that to all of my kernel modules, and from there even to certain key system binaries used during run-time.

In other words, allowing the bios to offer security checking really DOES allow for the possibility of ENDING the requirement that you wipe and re-install an OS (or even an application) after a successful break-in. It provides a very much needed "guaranteed safe starting point" for building additional security.

Should bios makers embed a microsoft key in every bios - absolutely not. Should bios makers provide a straight-forward way of letting system owners install their own keys? YES, PLEASE, YES!!!

So what APIs should the bios offer to the OS? Certainly nothing that allows the key to be read or overwritten, but it would be nice if it would provide a "check and approve or reject" API so running applications could determine whether other files are clean before loading them. As long as this all starts from a single trusted source (system reboot checks boot loader, which checks everything it loads (including the files used to make future checks)), this is THE CURE for lots of current security problems.

Read 'im his rights!

[stienman]

The new Linus's Rights:

1. You have the right to sign your binaries.
2. Anything you sign can and will be used against you in a public forum.
3. If you are under the age of 18, anything you sign can be used against you in a juvenile flame war for a juvenile offense and can also be used against you in an adult flame war if the forum admin decides that you are to be flamed as an adult.
4. You have the right to talk to an attorney before signing any binaries.
5. You have the right to have your attorney present during the signing.
6. If you cannot afford PGP, OpenPGP will be provided to you without cost, before or during signing, if you desire.
7. Do you understand these rights?

-Adam

No shit

[Mr.+Underbridge]

You've obviously never read anything that Richard Stallman has ever written about free software.

What, like one of his usual windy manifestos? I can assure you I've not, and am rather happy with the fact. One time I was about to when I realized there was some paint drying, and that immediately stole my attention. That guy gives new meaning to "Quixotic."

That said, which part of what I said was wrong? He fits the zealot part, that's for sure. And he has, in the past, received money for writing code. So he doesn't seem to have a problem with the code for $ thing.

Re:terrorist

[ReelOddeeo]

Can you name one person who is actually on record arguing that open source software should not be permitted to exist?

They are not on record. And I won't actually name one of my co-workers. But Yes.

There are others who have been far more public however. There was one Jim Allchin a couple years ago. He didn't come right out and say it, but he dances around it and implies it quite well.

From a cnet article here.

Microsoft Corp.'s Windows operating-system chief, Jim Allchin, says that freely distributed software code such as rival Linux could stifle innovation and that legislators need to understand the threat.

....

That, as well as programs such as music-sharing software from Napster Inc., means the world's largest software maker has to do a better job of talking to policymakers, he said.

....

''Open source is an intellectual-property destroyer,'' Allchin said. ''I can't imagine something that could be worse than this for the software business and the intellectual-property business.''

....

''I'm an American, I believe in the American Way,'' he said. ''I worry if the government encourages open source, and I don't think we've done enough education of policy makers to understand the threat.''

Linux is wrong

[bwt]

I disagree with Linus. Although my belief doesn't really matter because I am not a kernel hacker, I do expect that many Linux contributors may disagree as well. Unless all the contributors agree with his position, the potential is there for one of them to make the legal claim that distributing a DRM-signed GPL'd work for use in a DRM machine without providing the private key as part of the source code is a violation of their copyrights (traditional and/or DMCA). In this case, unless Linus is willing to play politics and fight his way through a lawsuit to prove his position, then regardless of his beliefs or the legal correctness of those beliefs, there will be no DRM-signed Linux. I also predict that he would lose, if he chose to fight in court.

An "external" DRM-signature that allows verification of the origin of a particular piece of code is perfectly fine UNTIL that signature's presence is enforced by the hardware as a condition for exectuion. At that point, the signature becomes functionally part of the instructions to the machine that enable the whole to be executed, and I believe that because the DRM machine is requiring the presense of both in order to execute that they are a combined work in the context of use on that machine.

This signature, when enforced by hardware, also becomes part of an overall technological protection measure within the meaning of the DMCA. The DMCA requires the "authority of the copyright holder" to get access to a work protected by a technological protection measure (TPM). Nothing in the GPL authorizes the removal of a TPM, so if Linus unilaterally places a TPM on his copy of Linux (which the DRM-signature is) then he needs the authority of all the copyright holders to access the protected copy, which would include running it on a machine that enforces DRM. No text in the DMCA supports the position that if unprotected copies exist means that access to a TPM protected version is allowed.

Putting TPMs on other people's work without their approval results in a TPM protected work that no one can use. The GPL does NOT provide DMCA access rights either (it provides copying and modification rights but not TPM-access rights).

Re:Free as in Freedom? WTF?

[Per+Wigren]

He says that Open Source "cite only short-term practical benefits as the reasons for what they do." while Free Software "embodies the firm philosophy of the free software movement" which means ensuring that the software, including future versions, forks and derives will remain free.
All Free Software licenses are Open Source licenses, but far from all Open Source licenses are Free Software licenses.

Moot Points and Using the GPL Immorally

[JohnDenver]

Er...no. This is saying "if you use the GPL, lots of morals and politics come along with it". It doesn't say "the GPL is the only moral license". It say "the GPL is a moral license".

So what.

The author of the license (RMS) is making a claim that his license is a moral one. I disagree. He's entitled to his opinions, as I am entitled to my opinions.

IMO, The license simply establishes the rules of a contract for community software. The way I see it, it's a moral less system, which just happens to be less vulnerable to commercial exploitation than other systems.

I like the GPL. I think it's an extremely empowering tool for building standards and charity.

...but the GPL is just a tool. A legal tool.

"Tools and technology are neither good or evil. People are good and evil."

GPL has anti-DRM built in?

[mboedick]

If someone creates a version of the Linux kernel that only runs signed binaries, and the GPL forces them to release their source, couldn't someone simply hack their kernel to run unsigned binaries? It wouldn't even require any reverse engineering.

It seems to me that the GPL is inherently at odds with DRM, as DRM depends heavily on being proprietary and obfuscated (and this still doesn't stop people).

Re:I'm sorry, I can't let that one past!

[renehollan]

are you equating state funded healthcare with child labour and the holocaust?! If you are then... well it's just incredible. I'm speechless.

No, of course not. I'm simply using extreme examples to illustrate that there are ethical issues worth considering. Because of the disruptive effects of open/free software, it should be examined from an ethical context.

For the record, if you have state funded healthcare, the rich, not the poor, pay for it disproportionately. So you're never going to be in a position where your taxes take enough money to leave you vulnerable to 'medical needs not covered by the "free" program'

Funny. That's exactly how my father died: he paid so much in taxes he could not afford essential surgery (about US$25,000 to US$50,000 with a 30% mortality rate -- his situation was grave), nor even the insurance that would cover it. Canada, of course, had the excuse that there were no qualified Canadian doctors to perform it, so, "Sorry, you die.".

I'm told they do send some people to the U.S. for care, now, but many still die that could be saved if they had bought real insurance and not the government bogus crap that was shoved down their throats as part of their taxes.

Avoid state healthcare like the plague!

In Finnish

[Pseudonymus+Bosch]

I think it's Finnish for [GNU/]Hurd.

For the record

[einhverfr]

RMS is a superb engineer too. And if he used that as the centerpiece of his work, he would have a level of respect far beyond what he has today. He is to the GCC what Linus is to Linux.

The problem is I think that Linus sees himself as a software engineer while Stallman wants to engineer a society (not to be confused with the security term of social engineering). I think that Stallman sees himself more as a role model and teacher while Linus sees the centerpiece of his work being the software he helps to build.

I agree-- RMS is the one picking the GNU/Linux debate for *stupid* reasons. And that detracts from the images of his real software accomplishes.

unsurprising.

[Eivind]

Yes, you can make hardware that will only run signed binaries, and thus close that hardware to tinkering. Infact, making such hardware has already been attempted, it's called a console.

In essence, the bootloader of such hardware does the equivalent of:

if (valid_signature(kernel))
boot(kernel)
else
com plain_and_stop();

This is nasty, if you are running on such hardware, than the ability to change the kernel in any way you like brings you nothing: if you change anything, even something completely trivial, the signature will no longer be valid, and your new changed kernel will not boot.

Linus is rigth though, this is clearly allowed under the GPL. And furthermore, it very likely CANNOT be forbidden even if we would want to.

A Signature is (or atleast it can be) a separate document saying the equivalent of: "I, Bill Gates, testify to the fact that the kernel with sha1sum=b7a7bf03dcafd4d48001d6a2a6fd2ceaefa4cc1e is trustworthy and can be booted. signed(bill_g)"

There is no way for the GPL, or any other legal document to forbid the above document from existing. The signature above is clearly not a derived work of the kernel, but rather a commentary upon it. (namely a commentary on the trustworthiness) The only info derived from the kernel is the sha1sum, but the only function of this is to make it clear which kernel you are talking about. (much like mentioning the ISBN-number of a book you are reviewing)

Furthermore, there is also no way you would be able to forbid hardware from acting on the existence (or absence) of such a signature. Afterall there is no law saying that "hardware *must* boot all code."

Now, what *would* be nasty would be new laws *requiring* hardware to implement signature-checking. Such laws would essentially make it forbidden to make user-modifiable computers. The way the US is moving at the moment, I would not be too surprised if such a law is introduced and passed in the next few years.

Good to see Linus take a stand.

[theLOUDroom]

Am I the only one that see it or didn't Linus just take a stand on DRM?

What he said was that you can't hide encryption keys in the binary, but it's perfectly okay to have DRM as long as the key are published as part of the source.

What this means is: "You can't distrubte a (Hollywood) DRM'ed Linux kernel"

Yes, he says DRM is allowed, but only good DRM. The kind of DRM I'd like to have on my computer, so that I'm in control.

Typical Hollywood, pipe-dream DRM relies on me not having access to the keys. Linus has just said that this isn't allowed. The only type of DRM you can have is the type of "DRM" that SSH already enforces for me. People with the right keys can get stuff and those without it can't, and I can change the keys.

I wouldn't mind at all, having bullet-proof DRM that I had the keys for. (And knew they couldn't be changed on me.) It would actually be a bit reassuring. Say you keep your journal on your PC. It would be nice to have some DRM on your system to keep someone from just posting it to the net.

The DRM he's saying is allowed is very simlar to the "DRM" we already have on our systems: Unix file permissions.

The whole point of Hollywood DRM is to take root access away from the person sitting in front of the computer. He's just said that any keys compiled into the kernel would have to be published, and since the only way to have tough to crack DRM is at the kernel level (or below), that can't be done.

Yay Linus for satisfying the both the idealists, and those who just want to bitch about OSS zealots, and that god Linus isn't one of them. :)