Slashdot Mirror
Debian Team Discusses GPLv3
nanday writes to tell us that Newsforge (Owned by VA Software, just like Slashdot) is running an interesting look at the, recently reported on, GPLv3 by the Debian team. From the article: "Initially, Branden Robinson says, he was worried about GPL3. 'The amount of secrecy around the initial draft process had me very nervous,' he says. In addition, after the Debian consensus rejected the GNU Free Documentation License, he was concerned that GPL3 might become equally contentious in Debian. 'I'm glad to say that my fears are assuaged,' Robinson says. 'I was impressed with both the large and small changes. In a nutshell, I like it.'"
Nice to see that Debian is down with GPL3 -- I know that I personally am all for the new license. If Debian's cool with it, that should help a lot of people to accept it since Debian's well known as one of the most politically strict of all linux communities.
Looking at the changes, from what I understand, I don't think it should be much of a problem for the -real- free software people. We'll have to wait and see for the other guys -- but honestly, they can stick with GPL2 and thats ok too. Everyone points to the "or later version at your option", but that part can actually be removed from the GPL2 license IIRC.
From COPYING: "Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation."
Thats form the current GPL2 that ships with the Linux kernel. So the user can specify strictly GPL2 if they choose too, or do not fully comply with GPL3.
Easy as pie.
"Computers will never truly be free until the last windows user is strangled with the entrails of the last mac user."
Go Debian! One of the last strongholds of The True Linux(tm).
do() || do_not();
Will be interesting to see how the fight of freedoms vs. DRM goes.
I'm also against the DRM restrictions because I know the purpose of DRM extends well beyond music and videos. Corporations (and even some individuals) need strict control of their private data. I'm concerned that restricting DRM implmentations means entering grey area with respect to controlling data on corporate and shared computers.
Finally, restricting DRM in the GPL is as pointless as restricting "illegal" things. No media company would implement their DRM under the GPL anyway. If a DRM implementation were GPL'd, someone could modify it so the decrypted data flows elsewhere. The GPL just doesn't offer a means to control information flow in software against the user's wishes.
P.S. What's so "extreme" about a consistent view on civil liberties?
Is this a good thing considering that the Debian Project is many times much more zealous about their definition of "Free" than the FSF? Just wondering about everyone's input.
The definition of "illegal" in reference to spyware is potentially messy.
1. Illegal usage will change over time, and vary quite widely across different jurisdictions. For example something as mundane as a web proxy log may be illegal depending on the context and jurisdiction.
2. Restrictions on use in that it can not be an effective copy control mechanism.
the freedom to run the program for any purpose (called "freedom 0")
I understand the intent, however such a restriction IMAO violates a fundamental principal of free software.
It's all the content producers need to make it official that they will not be supporting Linux. No music, no movies, and what most Slashdotters will notice most, no games. My opinion is that GPL3 is a step back for those that would like to advance the adoption of Open Source by commercial producers and users. Philosophically, it's a step forward, but in practical terms, it's going to create roadblocks.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
Stan: It's every man's right to have babies if he wants them.
Reg: But you can't have babies.
Stan: Don't you oppress me.
Reg: I'm not oppressing you, Stan -- you haven't got a womb. Where's the fetus going to gestate? You going to keep it in a box?
[Stan starts crying.]
Judith: Here! I've got an idea. Suppose you agree that he can't actually have babies, not having a womb, which is nobody's fault, not even the Romans', but that he can have the *right* to have babies.
Francis: Good idea, Judith. We shall fight the oppressors for your right to have babies, brother. Sister, sorry.
In short, invarient clauses, DRM restrictions and a few other things. See http://people.debian.org/~srivasta/Position_Statem ent.html
First, a quick point about GPL v2: You can't make effective DRM software with it. How could you? Since GPL grants users the rights to gain the source code and to modify it, then as soon as you distribute your DRM app you have given the user the right to modify that app so that, after decrypting whatever it is that the program is designed to decrypt it writes it to disk in a non-protected format. They could modify it so that whatever keys it uses to decrypt the media are also written to disk.
The only way you could prevent this is if your country has a law that would trump the permission-to-modify-and-use-for-any-purpose provisions of the GPL v2. Specifically we're talking the DMCA. Since your DRM software is a "protection measure", bypassing it is illegal, and thus modifying the software to write out un-restricted files would be illegal even though the license you got the software under gave you explicit permission to do this and more. This is where GPL v3 comes in:
From http://gplv3.fsf.org/draft: "No covered work constitutes part of an effective technological protection measure: that is to say, distribution of a covered work as part of a system to generate or access certain data constitutes general permission at least for development, distribution and use, under this License, of other software capable of accessing the same data."
I understand that the term "effective technological protection measure" is to specifically address the DMCA, which makes it illegal to bypass said measures. It's basically stating that no GPL v3 software can ever invoke those clauses of the DMCA.
Which is moot for several reasons. First, there will never be DRM software released under any GPL license at all since they'd have to be nuts to give out the source code and rely on DMCA enforcement to protect the content, especially since the DMCA is U.S.-only. Second, because the DMCA is U.S.-only, this clause is only effective in the U.S. to begin with.
The other clause in the same section, which references spyware as "works that illegally invade users' privacy" is similarly useless because "illegal" varies from country to country and if it was illegal then you could get them for that illegal act and don't need to resort to copyright infringement to stop them.
I think the entire Section 3 of the draft license could be removed and not change the resulting impact of the license one iota.
The enemies of Democracy are
I don't agree. The way those restrictions are worded they shouldn't affect legitimate uses of the technology. They just prohibit pulling a Tivo - and Tivo, by the way, is proof this is necessary. They've done exactly what this will prohibit - they've stayed within the boundaries of GPL v.2 technically, while violating the intent completely. Their users can get the source, but they are prevented from using it in any meaningful way. The DRM section of v.3a, as I read it, is rather narrowly aimed at preventing that.
What does bother me in the drafts I've seen so far is the forgiveness clause, however. It looks like it could easily be abused by chronic violators, and I certainly hope that's given some more thought before the final version.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
There are times when DRM is actually a good thing. For example, when restricting distribution of personal information, confidential documents, etc. Also when used sensibly to prevent blatant abuse of reasonably priced copyrighted content, thereby keeping media available and affordable for those of us doing the RightThing[tm]. And then there's non-free software for which there is not (yet) any competitive free equivalent - if it's protected then it's also more likely to be affordable.
Given that there are situations where it can be useful, why should a free software license restrict my freedom to use this technology? So long as we're going to be force fed it anyway, why not *encourage* free software implementations?
On the other hand, the DMCA is pure evil. 'Effective technical prevention measures' I can deal with as I am confident that freedom will prevail. Criminalising the bypassing of 'ineffective technical prevention mechanisms' is insane. However this is something to be solved by lobbying and educating users, not by adding short-lived, jurisdiction-specific terms to a long-lived, globally significant license.
What is most amusing about these clauses is that I'm not convinced they have teeth - who in their right mind is going to write an open source 'technical prevention measure' anyway. In fact they're more likely to bite us - consider issues like the implementation of the broadcast flag in open source software for example. Plus existing software that matters is unlikely to be relicensed anyway (eg Linux).
Anyway, the last version has served us well for 15 years. The new version references specific laws that may very well be repealed in the next few years, and more than likely will end up being a small sample of a large arsenal of consumer-hostile legislation.
I'll be interested to see how the feedback received shapes the license, that's for sure.
I was at the GPLv3 launch conference, and I think people are misunderstanding what was intended, and what was written (since it's pretty clear).
The DRM restriction is not intended to forbid, e.g. RedHat from signing their packages with a secret key. It's to prevent them from making a system that refuses to use packages that are unsigned or signed by somebody else.
For example, say I made a modified version of that little applet that times when your tea is ready, and put it into a special device for this purpose, and called it "Tea-vo". I then set up the OS on this Tea-vo so that it checks to see if the copy of the program that it run is signed by my company, and refuse to run any other. This means that if someone else (say, Richard) buys my device, I must give them the source code, of course, but if they compile it, my Tea-vo will refuse to run their compiled code. This reduces Richard's freedom. He's free to use the software on other hardware, but not in the intended way (i.e. on my Tea-vo device).
This is my understanding of the purpose of the DRM clause.