Debian Team Discusses GPLv3

nanday writes to tell us that Newsforge (Owned by VA Software, just like Slashdot) is running an interesting look at the, recently reported on, GPLv3 by the Debian team. From the article: "Initially, Branden Robinson says, he was worried about GPL3. 'The amount of secrecy around the initial draft process had me very nervous,' he says. In addition, after the Debian consensus rejected the GNU Free Documentation License, he was concerned that GPL3 might become equally contentious in Debian. 'I'm glad to say that my fears are assuaged,' Robinson says. 'I was impressed with both the large and small changes. In a nutshell, I like it.'"

I couldn't agree more

[davidstrauss]

Adding DRM and spyware limitations means we cross into judging the user intent. Furthermore, denying things that are already defined "illegal" in the license is redundant. If it's illegal, it's illegal. There's no need to put it in the license to prevent people from doing it.

I'm also against the DRM restrictions because I know the purpose of DRM extends well beyond music and videos. Corporations (and even some individuals) need strict control of their private data. I'm concerned that restricting DRM implmentations means entering grey area with respect to controlling data on corporate and shared computers.

Finally, restricting DRM in the GPL is as pointless as restricting "illegal" things. No media company would implement their DRM under the GPL anyway. If a DRM implementation were GPL'd, someone could modify it so the decrypted data flows elsewhere. The GPL just doesn't offer a means to control information flow in software against the user's wishes.

P.S. What's so "extreme" about a consistent view on civil liberties?

I don't like the GPL v3 draft

[nuggz]

The definition of "illegal" in reference to spyware is potentially messy.

1. Illegal usage will change over time, and vary quite widely across different jurisdictions. For example something as mundane as a web proxy log may be illegal depending on the context and jurisdiction.

2. Restrictions on use in that it can not be an effective copy control mechanism.
the freedom to run the program for any purpose (called "freedom 0")
I understand the intent, however such a restriction IMAO violates a fundamental principal of free software.

Re:I don't like the GPL v3 draft

[kebes]

For example something as mundane as a web proxy log may be illegal depending on the context and jurisdiction.

Not to mention that in some places, bad people will use that as a justification to shut down things they don't like. In a country that is trying to enforce censorship, they may deem that open-source software is violating its own license by allowing citizens to circumvent blockages. They will argue that this software is giving them the ability to "illegally invade privacy" (of whatever), and hence is illegal by its own license. Imagine how awful it would be if such a regime had a way to prevent free/open-source software from being used! The censorship would become that much worse.

Sounds crazy perhaps, but twisting legal wordings to justify their actions is what some people do. That's why I'm always a little worried about the GPL being extended much beyond its original scope.

Re:DRM

[Kjella]

Indeed I expect that the DRM part will be the big "Real kicker" specially when Linux kernel and other key software go to GPL3.

The Linux kernel has been GPLv2 only for a long time and it would be close to impossible to make the thousands of contributors relicense it. From what I've understood though, the FSF wants to relicense all software they have been assigned copyright to as GPLv3 only (you can still fork GPLv2 at that point though, and even create a competing GPLv2 only branch).

Re:DRM

[plover]

What about patents? Think about a box like the NSLU2. Now, I don't know if Linksys holds any patents on it or not, but let's assume for the moment they held both software and hardware patents on it.

Would they be able to continue to run a linux kernel on it? Can you run the linux kernel on a patented platform? Can you run patented software on a linux platform?

If it turns out that you can still run patented software, what about kernel modules? Can you patent them or not?

What if it turns out that you can't? Then what do you do about VMWARE? VMWARE can be used to run a Windows XP virtual machine, which for all we know is encrusted with thousands of patents.

This whole "we enforce the following opinions about these uses of our software" thing is a bad idea, in general. Sure, they've made it plainly obvious that they don't want to be a party to building a TPM-based-machine. But what's next? No military uses? No "dual uses" (civilian and military)? "Sorry, can't write GPS software, it uses data that comes from a military owned satellite." "Can't put Word support in Open Office, it allows cross-platform usage of patented file formats." "Can't write an Asterisk plug-in, you might use that phone line to call Microsoft support."

"Preamble

The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users." [ emphasis mine ]

I think they have to accept the good with the bad. All should mean "all". Freedom should mean "freedom".

Condensed version of Public Licensing arguments:

[clovis]

Stan: It's every man's right to have babies if he wants them.
Reg: But you can't have babies.
Stan: Don't you oppress me.
Reg: I'm not oppressing you, Stan -- you haven't got a womb. Where's the fetus going to gestate? You going to keep it in a box?
[Stan starts crying.]
Judith: Here! I've got an idea. Suppose you agree that he can't actually have babies, not having a womb, which is nobody's fault, not even the Romans', but that he can have the *right* to have babies.
Francis: Good idea, Judith. We shall fight the oppressors for your right to have babies, brother. Sister, sorry.

Re:DRM

[diegocgteleline.es]

And even if it could, it doesn't neccesarily means that GPL v3 would be useful for the kernel. Let me quote a mail from Linus on the matter from a couple of hours ago:


> This means that when the code went GPL v1 -> GPL v2, the transition was
> permissible. Linux v1.0 shipped with the GPL v2. It did not ship with a
> separate clause specifying that "You may only use *this* version of the GPL"
> as it now does. (I haven't done any research to find out when this clause was
> added, but it was after the transition to v2).

Bzzt. Look closer.

The Linux kernel has _always_ been under the GPL v2. Nothing else has ever
been valid.

The "version 2 of the License, or (at your option) any later version"
language in the GPL copying file is not - and has never been - part of the
actual License itself. It's part of the _explanatory_ text that talks
about how to apply the license to your program, and it says that _if_ you
want to accept any later versions of the GPL, you can state so in your
source code.
The Linux kernel has never stated that in general. Some authors have
chosen to use the suggested FSF boilerplate (including the "any later
version" language), but the kernel in general never has.

In other words: the _default_ license strategy is always just the
particular version of the GPL that accompanies a project. If you want to
license a program under _any_ later version of the GPL, you have to state
so explicitly. Linux never did.

So: the extra blurb at the top of the COPYING file in the kernel source
tree was added not to _change_ the license, but to _clarify_ these points
so that there wouldn't be any confusion.

The Linux kernel is under the GPL version 2. Not anything else. Some
individual files are licenceable under v3, but not the kernel in general.

And quite frankly, I don't see that changing. I think it's insane to
require people to make their private signing keys available, for example.
I wouldn't do it. So I don't think the GPL v3 conversion is going to
happen for the kernel, since I personally don't want to convert any of my
code.

> If a migration to v3 were to occur, the only potential hairball I see is if
> someone objected on the grounds that they contributed code to a version of the
> kernel Linus had marked as "GPLv2 Only". IANAL.

No. You think "v2 or later" is the default. It's not. The _default_ is to
not allow conversion.

Conversion isn't going to happen.

                Linus

Re:DRM

[Chris+Burke]

And quite frankly, I don't see that changing. I think it's insane to
require people to make their private signing keys available, for example.
I wouldn't do it.

I don't see anything in the draft that would require Linus to release his private signing keys. That would be insane if it were true, but it isn't.

The clarification on the licensing of the kernel (GPL v2 only and ever) is useful, though.

An Attempt to Clarify the DRM Clause

[Roger_Wilco]

I was at the GPLv3 launch conference, and I think people are misunderstanding what was intended, and what was written (since it's pretty clear).

The DRM restriction is not intended to forbid, e.g. RedHat from signing their packages with a secret key. It's to prevent them from making a system that refuses to use packages that are unsigned or signed by somebody else.

For example, say I made a modified version of that little applet that times when your tea is ready, and put it into a special device for this purpose, and called it "Tea-vo". I then set up the OS on this Tea-vo so that it checks to see if the copy of the program that it run is signed by my company, and refuse to run any other. This means that if someone else (say, Richard) buys my device, I must give them the source code, of course, but if they compile it, my Tea-vo will refuse to run their compiled code. This reduces Richard's freedom. He's free to use the software on other hardware, but not in the intended way (i.e. on my Tea-vo device).

This is my understanding of the purpose of the DRM clause.