Slashdot Mirror
RMS on Proposed GPLv3 changes
H4x0r Jim Duggan writes "Last Saturday - the first day of FOSDEM, Richard Stallman gave what seems to have been his first public talk about the draft GPLv3. Ciaran O'Riordan of Free Software Foundation Europe was there and, after recording with his digital camera, has published a transcript of RMS's GPLv3 talk. O'Riordan previously made a transcript of the January 16th first presentation on the GPLv3 which consists of 70 minutes of Eben Moglen, with 20 minutes worth of interruptions from Stallman."
These transcripts, and other such documents, are collected at the official GPLv3 wiki, on the Reusable texts page. And there's more info about the draft and how to participate in the public consultation at gplv3.fsf.org.
Please help publicise swpat.org - the software patents wiki
I'm sorry, but saying that RMS is no longer connected with Open Source is like saying that Hillary Clinton is no longer a Republican.
I have seen the future, and it is inconvenient.
What about Man-in-the-Middle attacks? That is, MonopolySoft builds a machine that will only run binaries signed by Red Hat. Red Hat is not required under GPLv3 to give its signature key, but the machine maker is, except, he's decided to verify only against Red Hat's key and he doesn't have Red Hat's private key (just the public key, which is used to validate that the binary came from Red Hat, which is all he needs). So I can still be prevented from modifying my GPL software and running it on my box, right? And no one's violated GPLv3, right? GPLv3 doesn't cover this type of attack at all.
My blog
"Please stop calling it the GPLv3. It's GNU/PLv3!"
Richard Stallman: By the way, I don't think we were using any chalk. We were using computers to write things down.
...chew it.
Eben Moglen: Yes, I was using the chalk after you went home at night. Sometimes I had
Richard Stallman: Did you eat it?
Eben Moglen: You see how it is. There was chalk involved, he just wasn't around for it. Yeh, it was curing my indigestion actually.
Then you don't buy MonopolySoft's machine.
If it is not possible for other machines that run Red Hat code to exist, then it's clear that Red Hat is designing the code for a specific architecture that requires signing, and therefore is required to distribute the key so that you can sign modified binaries yourself.
If I have been able to see further than others, it is because I bought a pair of binoculars.
Why should any of us accept the phrase "Trusted Computing"? It's intended to be doublespeak, we should applaud RMS him for pointing it out.
J.
You're only jealous cos the little penguins are talking to me.
1. A manufacturer who takes GPL'd code, signs it, and then sells hardware that only runs code signed with their key, which they don't redistribute, is in violation of the license. This is relatively narrowly defined, despite Torvalds throwing a hissy fit about this part of the license a few weeks ago, thinking it outlawed all forms of DRM (it doesn't.)
2. The license isn't automatically revoked upon it being breached. Instead the copyright holders have to give the breacher 30 days notice to allow them back into compliance.
3. To make it more compatable with similar licenses, there's a whole bunch of optional terms and conditions that can be added. For example, you can say "If you sue us for patent infringement, you can't use any patents our code relies upon that we own, effectively ending your ability to use our software." The notable feature is that this is an optional condition.
HTH. Anyone notice anything else that was major (ie not a clarification of something we largely knew anyway?)
You are not alone. This is not normal. None of this is normal.
you have neglected to address Richard M. Stallman with the proper respect. Don't you know you must now say Richard M. Stallman, Peace be upon Him, or, in abbreviated form, RMS(PBUH)
Nonsense. RMS's name has already been mentioned a few times in the summary, and it's thus not necessary to give his full name again. The author might also have concluded that RMS is most likely more well-known than Eben Moglen, and that he could, for that reason, leave out his full name at that point.
Seems to me like you're either very paranoid or just made a really bad joke.
Wrong. Just about every manual of style and usage says that the first time you mention someone's name in a news piece, you use their full name, and after that, their last name only (or use Mr/Mrs/Ms/Dr/etc).
Nothing to see here, move along.
Take off every sig. For great justice.
Summary:
1) Red Hat creates a binary linux distro based on GPLv3.
2) Dell makes hardware that only runs *specific, known binaries*.
3) You buy machine and compile linux from source, but it won't run.
How does GPL v3 help?
Dell can't distribute RH linux without making it possible for you to run your compiled version (whether the actual hardware that only loads the signed binaries is theirs or not), since they also have to accept GPLv3 in order to distribute software that is licensed with GPLv3.
What's the loophole?
Dell could just ship blank machines that you have to load yourself, that only run Red Hat. Dell may not even have agreed to GPLv3 for anything (by running completely commercial , bsd-like, or GPL-2 software).
What's the solution?
The GPLv3 can include a clause that if you accept the license you cannot distribute *any* product that prevents a user from using any of their own modified GPL-covered software. This means for Dell to ship a computer that only runs Red Hat Linux, they have to use *no* GPL3 software of any kind in their entire company. That's about the best you could do, legally, and even still it may not be enforceable.
Personally I don't care how far-reaching the GPLv3 is. The idea that Dell could take my work and actively use it to take away people's rights is so wrong that there's pretty much nothing the license could do that would be worse. I'll be releasing my code as GPLv3 as soon as it comes out.
We recorded all the speeches this year and the movies can be found here. Not everything is up yet, and they're still working on ogg/theora versions, and the filenames may not be too descriptive if you weren't there, but whatever... I already sent some feedback and those issues will probably be fixed soon.
Disclaimer: I was but a humble volunteer; don't spam me with any questions 'coz this is about all I know about the movies. ;)
Install windows on my workstation? You crazy? Got any idea how much I paid for the damn thing?
The GPL3 is trying to address a great number of current problems with the GPL2 including things like use of web-scripts, patents, and other holes. It has nothing to do with th lime-light or some BS like that.
The GPL functions the only possible way it could, by forcing the source code be given away for free. That is the entire goal of the GPL and it does it wonderfully. Patents threaten the GPL because someone could in thoery give away the source code with some patent hiden in and then turn around and try and charge you for making use of that source code.
Pete/Petri "damn, my chainsaw is clogged with 1's and 0's again." --clyde
No, RMS does not force anyone to use GPL. But he has tried to leverage someone else's more successful project to give the GPL3 more steam. Linus didn't like it, so RMS tried to subvert his control by saying Linus can't make other Linux developers not use the GPL3.
But no, he doesn't force anyone.
To make it more compatable with similar licenses, there's a whole bunch of optional terms and conditions that can be added. For example, you can say "If you sue us for patent infringement, you can't use any patents our code relies upon that we own, effectively ending your ability to use our software." The notable feature is that this is an optional condition.
Wait, what?
Didn't RMS blow a gasket a few weeks ago, talking about how Creative Commons sucks eggs because it includes optional clauses?
How is this different? Now, instead of GPLv3, we have GPLv3-with-patent-restrictions, and GPLv3-with-attribution, and GPLv3-with-different-disclaimer-of-liability, and...
Either RMS likes customizing licensing, or he doesn't. He's being a hypocritical here.
For security, the MD5 hash of this message and sig is 09f911029d74e35bd84156c5635688c0.