Slashdot Mirror
Hifn Restricts Crypto Docs, OpenBSD Opens Fire
Mhrmnhrm writes "After totally closing off public access to documentation for their chips roughly five years ago, Hifn is again offering them, but with an invasive registration requirement. Needless to say, Theo de Raadt and the rest of the OpenBSD team were not amused, and following a Hifn manager's missive, the gauntlet has been thrown. Either open the docs fully, or be removed from the system. This wouldn't be the first time... the same thing happened to both Adaptec and Intel following similar spats."
How would this violate US Export Licences???
Fine, don't export chips overseas without knowing who you're selling to, but documentation? For driver developers no less?? When Hifn themselves are trying to say that this information is open and free???
This is the key point of Theo's argument, surely: that Hifn are not at all obliged to demand this information, and therefore are going against the principles of open access/source by demanding it. Can someone please explain what I'm missing here.
Meta will eat itself
Documentation on how to interface with the hardware chip is NOT covered by export regulations. Only the actual chip, and its design specifications in regard to implemented algorithms, are covered.
Hence, the docs that OpenBSD folks need (and had access to, until a few years ago) are NOT covered.
The choice is between "giving back access to documentation to allow developers to work with your hardware" or "keep track of developers for marketing purposes".
Export regulations enter the picture only if you don't know them.
-- Let's go Viridian.
"Jason and I spent a lot of time writing that code in the
past, but because your policies are privacy invasive towards us, and
thus completely thankless for the sales that we have given you in the
past -- we will not spend any more time on your crummy products."
Sales?
Unless Theo can give a decent estimate of how much 'sales' OpenBSD has 'given' them, I doubt the upper brass at Hifn cares about Theo's whinging.
If you want drivers for "less mainstream OS'es", please attach your request to a large multi-mega-million part order from <insert vendor here>. If you don't believe me, we'll, the only reason NVIDIA's Linux support is miles ahead of ATI is due to the demand from Hollywood setups to use high-end-5000%-margin professional cards on Linux, not geeks on Slashdot playing Tuxracer.
I really don't see how this is supposed to be a violation of export licences
h y
AFAIK (and IANAL), detailed hardware documentation is considered the same as the product under the export license laws. Cryptographic technology actually falls under an even more restrictive license class - munitions.
http://en.wikipedia.org/wiki/Export_of_cryptograp
Read the "Current Status" section. My point is that Hifn isn't "baiting" anyone. You might disagree with their lawyer or think it's your right to demand that Hifn fight "the man", but that's another issue.
You clearly have no idea what goes on before Theo brings something public.
Repeated contacts are attempted, and vendors ignore them.
More contacts are attempted, and maybe a low-level person says, "I'll check into it"...and then vanishes.
This goes on for some time before things are brought public.
Publicly pointing out the idiocy of a corporate policy is an absolute last step. The potential for dammage is recognized, but by that point, it really doesn't matter. The "nice and quiet" approach has been tried, failed, and produced NOTHING. What's the worst that can happen by bringing things public and nasty? Nothing! What's the best that can happen? Something better than nothing. This is only done after there is NOTHING LEFT TO LOSE!
Vendors like it when you are nice and ask quietly. They can easily ignore you, pretend you don't exist and conduct business as usual.
Meanwhile, the rest of the open source software world sits back, calls Theo a jerk, and benefits from the work he does, and says, "look how nice we are". Lazy bums.