Hypervisors Can Defeat GPLv3's Anti-Tivoization

DeviceGuru writes "A hypervisor can be used to isolate from each other software works released under incompatible licenses, while allowing them to run simultaneously on the same hardware. For example, Linux and Windows CE can run on separate virtual machines on one device, without violating either OS's license. Due to the isolation between multiple VMs running atop a hypervisor, it seems like this architecture could allow companies to build Linux-based devices, such as mobile phones or set-top boxes (think TiVo), that can't be upgraded by their users without authorization, thereby circumventing the GPLv3's 'anti-tivoization' clauses." Here's a white paper with more details from a commercial hypervisor company.

Bogus!

[MMC+Monster]

Frankly, I'm not sure what the article is trying to state.

If the code is released under GPLv3, then modifications of the code must be able to run on the same hardware. It doesn't matter if the key to run the code is a checksum or a password to give the hypervisor. Either way, if modification of the client cannot be dropped into the place of the original client (either to run on the same hardware or the same hypervisor), it's in abuse of the GPLv3.

Re:Bogus!

[Orange+Crush]

I get the same impression. If TIVO for instance wishes to use the method to satisfy both their (eventual) GPLv3 obligations *and* content-owner obligations at the same time, then I don't see it violating either the letter or the spirit of GPLv3. An end-user is free to modify the Linux client as they see fit, or to replace the hypervisor alltogether with a bare-metal Linux installation.

Re:Bogus!

[mmacdona86]

Note that the hypervisor doesn't prevent you from updating the GPL code (the Linux kernel, for example)--
it just prevents you from getting extra access to the machine by updating the code. Thus it allows "tivoization" without violating the letter (or arguably the spirit) of GPL v3. The GPL code you can hack and modify to your heart's content; the hypervisor just makes sure that said hacking doesn't compromise the machine.

Re:Bogus!

[cp.tar]

Ah-HA! So that's what it's all about!

Ah, well... then it'll just be cracked - like any other copy protection.

Re:Bogus!

[Kazoo+the+Clown]

Somehow, I don't think the GPL 3 was so poorly written that it could be circumvented so easily.

Why not? It's just another form of DRM-- and we all know how easy that is to crack...

Re:Bogus!

[everphilski]

Hardware | hypervisor | GPLv3 code

GPLv3 code can do whatever it wants, but the hypervisor can feel free to say "I'm sorry, there is no spiffy network card", "I'm sorry, there is no TV channel like that" ... think of the hypervisor as a virtual machine if you must. Programs can work fine in the virtual machine, but that doesn't mean the virtual machine will look precisely like the actual hardware. Check and mate, RMS!

Re:Bogus!

[WilliamSChips]

It's like Death Note. Of course, that begs the question: is Light the FSF or Tivo?

Re:Bogus!

[Knuckles]

Check and mate, RMS!

You must have a huge stake in proprietary software to cheer about this. Note that if this is the way of the future, it's not only "Check and mate, RMS!", but also "Check and mate, general-purpose personal computer!". Well, I guess you will still be able to import one from China, provided you won't get caught. Hurray indeed.

Re:Bogus!

[Knuckles]

If the general purpose computer in the future no longer serves a market need then why should it not perish?

"If the notion of human rights in the future no longer serves a market need then why should it not perish?"

That being said even if open source software did not exist I don't see the general purpose computer going anywhere.

You misunderstood me. The very same hypervisor tech that is described to circumvent the GPL3 can be used to deny you all unsupervised access to your computer whatsoever. Thus the OP shortsightedly cheers RMS's defeat, when at the same time the general-purpose computer is under threat, and he should rather worry about that (unless, as I suggested, his stake in proprietary software beats his interest in the availability of general-purpose computers).

Re:Bogus!

[shaitand]

'The question is, does this new system violate the leter or the spirit of GPL3? (I'm asking honestly here--I can't quite wrap my head around it.)'

It depends on how broadly you interpret the spirit of the GPL. Under this scheme you'd run Linux in a VM. Therefore, you could modify the GPL'd code and update it in the VM. Now, if you believe that is the whole of the SPIRIT of the GPL then there is no problem.

However, this is being done for the sole purpose of bypassing a clause in the GPLv3 that would require the manufacturer to essentially open the specifications of the device. The primary reason manufacturers don't want you to have the specs is that they like to take a device and disable functions in software then sell the exact same device at a higher price without the artificial limitations. If they provide the specs then 'modified' firmware that turns on all the device functions will appear, like that for Tivo, Linksys devices, etc.

I personally believe the idea behind the free software movement and the GPL is about more than just opening source. I believe that opening the source is just a mechanism for achieving a higher aim that empowers the user to be able to fully control their own system (provided they have the skill and abilities to do so). Whether it be a playstation, an xbox, a tivo, a wireless router, a cablebox, a general purpose computer, or a fancy wristwatch; a computer is a computer is a computer and the GPL was just a tool created by a group aiming to create a fully open system that empowered to program and control their own computer. After all, it isn't Sony's playstation, Microsoft's XBox, or Linksys's router; when you bought it, they lost all right to any say in how that device is used or modified.

Re:Bogus!

[goldspider]

The motives are utterly irrelevant. They both restrict how a person can use software.

Re:Bogus!

[everphilski]

No stake whatsoever, except opposing anti-tivoization and GPLv3. I still don't believe 'freedom' can be obtained by imposing restrictions in a software license. If you want free, make it free!

Check and mate, general-purpose personal computer!". Well, I guess you will still be able to import one from China, provided you won't get caught.

Homebrew it. Engineers shall rule the world :) They did it 20 years ago, why not today? Plenty of people build their own (amateur) radios, many from scratch and approaching the complexity of a modern computer. It might bring about a new renaissance ... go with the flow man, RMS is no Jesus, and the FSF is no means of salvation. They have their own ambitions and agendas, just like any other organization.

Re:Bogus!

[cp.tar]

Bull.

The GPL does not restrict usage. It restricts distribution - and in a manner completely opposite to DRM.

Re:Bogus!

[ajs]

> I think it's a good analogy

Nope. [DRM] tries to maximize revenue of corporations by intrusive means discussed at length here on /. while the [GPLv3] establishes a legal framework for public use of material.

Nope.

DRM has nothing to do with revenue. Of course, it's a tool which is most often used with respect to increasing revenue, but there is no fundamental connection between the two. I might, for example, use DRM to release a movie which I wish to re-release occasionally in order to switch which of two characters shoots the other first (not mentioning any names, here). I might charge nothing for these releases, I just want to make sure that everyone is forced to watch the version that I've decided is "current". DRM can do that.

The GPL is a tool which allows me to restrict the use of my source code such that only people willing to grant other people my pet set of rights can distribute it. Everyone else must ask for my permission first, or they get nothing (and likely will get nothing, even if they ask).

Now, I'm a fan of the GPL. I'm a fan of the clever hack which it embodies for using copyright law to control the distribution of additional, non-copyright rights. Very cool. I'm also a fan of the basic idea of offering users who want to share the right to do so.

However, it's completely unreasonable to draw an imaginary line in the sand between one set of restrictions (you can share, but only if you play by my rules) and another (you can use, but only if you play by my rules) on the basis that one doesn't comprise a restriction because the intent is different.

Re:Bogus!

[homer_ca]

There's just one problem with the closed source application running in its own VM. The VM is a virtual machine not a virtual application environment. That means the closed source software has to include a kernel with scheduler, memory management and device drivers for the hypervisor's virtual devices, in other words an entire OS. If you wrote an entire OS to run in the non-Free VM, why even bother having a Linux VM?

Re:Bogus!

[secolactico]

They may very well just stick with their current kernel. This is actually what I see happening, a lot of the world will be stuck on old GPL v2 modules, while some will choose to make "clean room" implementations of GPL v3 code and release it under v2

Or maybe they will simply port their apps to BSD and use that on the tivo boxes. Or maybe they will license some other OS that will allow them to keep everything closed source.

Or do they have a specific reason for sticking with Linux?

Re:Bogus!

[Knuckles]

Anyone who works in the software industry, other than those who get to work on FOSS thanks to charity handouts, has a stake in proprietary software.

Um, no, you just fell for MS's propaganda. First of all, more than 80% of software is written for other purposes than shrink-wrapped sale. People who write this stuff have less need for restrictive licenses in any case.

Second, it may be hard to live off free software right now, in a proprietary software world. I have no doubt whatsoever that it would work just as well or better in a free software world. Sure it would be different, but it would work. YMMV

Third, not that many people work in the software industry, and those who don't do not generally have big stakes in software property.

agreeing with RMS and agreeing with the freedom to do whatever you want with your computer are NOT the same thing

In the tivoization question, it is.

Re:Bogus!

[gowen]

Actually, in the US at lease, case law has already ruled that this won't cut it. In interpretations on Magnusson-Moss "Consumer product" is not a label that can be designated at manufacture, but one that is determined by common use. If Dell sold any of its "business" machines to householders, it would become a consumer product.

Re:Bogus!

[orzetto]

Or maybe they will simply port their apps to BSD and use that on the tivo boxes. Or maybe they will license some other OS that will allow them to keep everything closed source.

Or maybe they could start playing by the rules of the community they took Linux from, saving millions in development cost and time-to-market. Or maybe the could purchase a closed-source license for another OS. Or maybe they could write their own code instead of taking someone else's, so they can do what they want with it.

Can it really?

[realdodgeman]

GPLv3 states that you have to be able to use modified versions of the code on consumer devices. How can you circumvent that? Even if it runs in a hypervisor, you are still violating the license.

Re:Can it really?

[iburrell]

The GPLv3 states that you have to be able to use modified versions of the GPLv3 code. It doesn't say that the proprietary code has to work with modified versions of the GPLv3 program. Think of a Tivo which has an open-source kernel, userspace, and proprietary video program. If the video program refuses to work with anything other than a Tivo-provided kernel, then you may be able to upgrade the kernel but it won't be a Tivo just a hackable DVR.

This can't be achieved when the kernel is running on the bare metal. Any trusted code in the kernel (which must have source code) can be hacked. But the hypervisor can be proprietary and provide trusted verification to the proprietary code. This is the Trusted Computing model. The GPLv3 requires that the GPLv3 code be able to work so there is no locking down the system to only run signed binaries. But it doesn't, and can't, require that other proprietary code work.

Backfire in responce.

[jellomizer]

the Anti-Tivoization clause is one the sore points in my book about the GPL 3. Because of the hippocraticy worded in it,
For TiVo being a consumer product is Bad, IBM Being corporate product it is good.
Free Software has a lot of advantages but if you try to get too academic with it it gets to a point where adoption of such products are impractical.
Take the TiVo, what GPLv3 wanted to do was force TiVo to release their DRM so the community has access to their product. What actually happends is TiVo
finds a backdoor to the license and uses it, or drops using open source and any stop to any shared contributions from TiVo and a move to a different
platform.
The License for free software is the cost of using the software. (Except for trading money (and rules) for rights to use, you agree to follow these rules for
rights to use) as more rules you add to the license the more expensive the free software becomes. So if you make FreeSoftware to strict on its use
people won't use it. Academically Free as in speech software sounds like a good plan but real life realizes there is information that you want to keep
private.

Re:Backfire in responce.

[QuoteMstr]

The goal of the GPL is to keep software free; the goal of BSD-style licenses is to ensure that high-quality software is used as widely as possible. They're conflicting goals, to an extent, though there's a big overlap.

The GPLv3's anti-tivoization clause is true to the GPL's goal. When putting software under the GPL license, one accepts that it might not get as much use as BSD-licensed (or, as an intermediate, GPLv2-licensed) software, and that's the price for the code itself remaining free.

Re:Backfire in responce.

[morgan_greywolf]

hippocraticy? If big words give you problems, use a dictionary to learn how to spell hypocrisy. I mean, you're barely in the ball-park, the first and last letters match, and there's a "p" in the middle somewhere. No, no. I think he really meant hippocraticy -- a government for, of and by the hippos.

Re:Backfire in responce.

[Mr.+Slippery]

The fanboys forget that GPL is not end-all of software, and that it's really only practical in certain situations.

Free software advocates beleive that freedom is always practical, indeed is the only practical choice in the long run. I'm sorry if you don't value freedom.

There's not any "circumvention" going on, any more than it's circumvention that I can processes running both GPL and non-GPL applications on my PC. Just some hypervisor hype from - surprise! - a hypervisor vendor.

Re:Backfire in responce.

[ivan256]

Is distribution no longer a form of use?

Since they love to use Tivo as an example, let's run with that. Isn't Tivo's (the company, not the device) use of Linux simply distributing single-purpose boxes that are run by it?

Preventing a company like Tivo from distributing GPLv3 software on a closed device doesn't increase the freedom of the software. It doesn't even have anything to do with the freedom of the software. It's an attempt to impose openness on the hardware irregardless of whether the code itself is free. So not only is it a restriction on what you can do with the code, it's not even intended as a way to keep the code itself free, but to impose restrictions on others in exchange for a limited license.

There are many other reasons that such a clause is counterproductive as well as making the license less free. Companies will either get around the clause by allowing the installation of modified versions of the GPLd portion of the product without allowing the closed portion to continue functioning if the user performs such an "upgrade" (section 6 specifically allows this), or they'll switch to either a more-free or proprietary solution.

Re:Backfire in responce.

[Jackmn]

Preventing a company like Tivo from distributing GPLv3 software on a closed device doesn't increase the freedom of the software. It doesn't even have anything to do with the freedom of the software

Software doesn't have freedom - users do. In this case the GPL is ensuring that the end users of GPLed software retain the freedom to modify it. The GPL only restricts your ability to restrict the freedoms of others.

Re:Backfire in responce.

[CopaceticOpus]

Sigh... I was so enamored with my fanciful formations that I didn't notice I wrote the wrong write. Ah well.

No, they can't.

[strredwolf]

Simply put, if any part of the firmware is GPL 3'ed, even if it's running under a VM, it still requires the ability to replace it by the user w/o authorization from the factory. If I remember the license and discussion about it, it's "if it's in there, it's there for all."

Tivoization (n)

[the_skywise]

To help slashdotters not have to RTFA!
(from the whitepaper link)
"Device vendors are also required to provide access to the source code of the GPL programs (see PLv2 ï½3, GPLv3 ï½6), including "the scripts used to control compilation and installation of the executable" [Footnotes 4, 6]. However, the GPLv2 does not require that installed executables must work, which enables a mechanism the Free Software Foundation calls "Tivoization."

"Tivoization," according to LinuxInfo.org, "refers to the configuring (by the manufacturer or vendor) of a digital electronic product that uses free software, so that the product will operate only with a specific version of such software." Technically, this means that a vendor of a product that uses GPL v2 programs could provide access to the source code, thus being compliant with the software license, but the product would be prevented from working if a modified version is installed, through the checking of the software image's signature."

Re:Tivoization (n)

[Todd+Knarr]

Not quite. It means a vendor doing that and allowing itself the ability to update and change the software while at the same time preventing the user from doing the same. If the vendor simply made it impossible to change the software, for either the user or the vendor, then that'd be acceptable under the GPL. The GPLv3 is explicit about this: it's not a violation to put the software in ROM or the like that can't be changed, but if the software can be changed then the recipient must be able to change it. TiVo's issue is that they want the right to change GPL'd software themselves but not permit the people they distribute it to to do what TiVo does.

Re:Don't you love it when

[JeremyGNJ]

Yes. When people use legalese to try to lock down software into "freedom" (GPL 3), then people use legalese to get around it.

Going the other way...

[JeremyGNJ]

Seems like the whole GPL 3 thing is "going the other way" if you step back and look at it.

It used to be that the restrictions on proprietary code caused people to want other options, and jump through hoops to get around the restrictions.

Now people will be doing the same to deal with the restrictions of GPL 3.

Seems that the "spirit" of open software is being compromised by people trying to nail it down in legal terms.

Re:Going the other way...

Everyone seems to forget just exactly what the GPL is, and what a License is. It is a restriction that the PROGRAMMER decided to put on the product, not RMS. All RMS does is write the license, there are hundreds of licenses out there. It just happens that programmers liked the GPL because the like the idea that someone else wouldn't make money off of their work. Later on corporations latched onto the same idea. By rolling out a GPL and a closed source version of code they could essentially acheive the equivelent of a very loose non-compete clause. People could learn from their code, and people could repair their code, but any improvements they madethe corporation could gain from, and use it to imnprove the solution that they sold to people who needed it unencumbered by those restrictions. It's perfect, they give us code, and in exchange we give them improvements, but their competitors can't gain from it.

The key is that people use a license because they like the restrictions, or the lack thereof. Companies love the BSD license when we write code in it, but they don't want to release it that way because their competitors can use it too. Companies love to release GPL'd code because the limitations are sufficient to keep down competition, but still make us happy and allow us to fix their crappy software. It's a good deal for all really. The GPLv3 is just a new version of that, it's a few more restrictions. Any programmer could have written that license, the GPLv3 just codofied it into one fairly solid legal document so that we don't have to each screw it up seperately. Think of the open source licenses as libraries, you could do it yourself if you don't like them, but it's generally easier to pick one that matches fairly well with your goals and run with it. That way there are less likely to be bugs. If someone writes a crappy library I don't use it in my code, and that's that. No reason to hate that programmer for all eternity, or have big flamewars over the code, just inform other programmers of what you feel the defficiencies are, hope that they can make an intelligent decision, and let it be.

So, if you want to keep people from making money on your code without having to release their improvements, license GPLv3. If you want to encourage more people to use the code, including a few edge cases where they might make money on it without releasing it, use GPLv2. If you want everyone to be able to use it and you just don't want someone else to claim that they wrote it use BSD. If you really just want it used and don't care at all, release it into the free domain without any license attached. It's your call, do what you want. I want my code to be used, but I also want it to CONTINUE being used. Code is a living thing which changes over time and needs to be modified, otherwise it will die. I feel that to keep my code alive and in use it's important that changes make it back to the public, thus I would choose a GPL license over a BSD license for most software. The important thing here though is that licensing my code this way is my choice. RMS didn't make me do it. Stop blamming the wrong people. If your mad about licensing, be mad at the people who chose the license, not the ones who wrote it.

I'm not intending to flame the parent. It's just a context to bring up this point. More licenses are just more choices, the essense of freedom is choice. Don't complain about having more of it.

Not a defeat, a different way of doing things

[romiz]

The resulting product is fundamentally different from a TiVo.

While on TiVo, there is no way to change any part of the code without the signing key, in the proposed solution it is possible for the user to change the whole open-source system with an other one, as required by the GPLv3 license. As such, there is much more freedom for the user to tinker with its own system.

But for the manufacturer, it has the distinct advantages that some parts of the system can be isolated from the open subsystem, in a much more stable way, both legally and technically, than in a closed-source driver. Thus, it is possible to implement DRM, software subject to type conformance, or safety-critical tasks without risking corruption from the open system, whatever this system does. And contrary to the current solution, this does not require additional hardware.

Re:Why are we Doing This?

[fotbr]

Because "good for the user" isn't always the same as "good for the company".

Surprise, surprise, companies are in business to make money.

Seems fair to me

[marcosdumay]

Really, your new version of the kernel will have the same privileges as the old version. I see no problem with that.

I only fail to understand why they plan to put a kernel above that hypervisor. For it to be of any use, the hypervisor must controll all I/O operations anyway, what they get from Linux?

Re:Seems fair to me

[Sique]

Moreso: What the Hypervisor is thought to achieve in an attempt to circumvent the GPL is actually something that was designed into the GPL from the very beginning: It was never forbidden to run proprietary code and GPLed code on the same machine. It was only forbidden to make a derivative work from GPLed code and distribute this with a license that is incompatible with the GPL. The FSF stated from the very beginning: If the proprietary code and the GPLed code don't share GPLed libraries or run in the same segment, everything is fine.
(See http://www.gnu.org/licenses/gpl-faq.html#GPLAndNon freeOnSameMachine)

The hypervisor is just another method to achieve exactly this behaviour that was built into the GPL from the very beginning: Make a clear distinction where the proprietary code runs, and where the GPLed code resides. So no: The hypervisor is not a "circumvention device against the GPL3".

Re:A pretty obvious workaround

[QuoteMstr]

You can't do that. Where would you draw the line?

"This software cannot run on the same CPU as software that implements DRM"

The DRMer will just use a separate coprocessor.

"This software cannot be distributed with software that implements DRM"

Oops. You can't distribute a Windows machine with a GPLed program on it.

"This software cannot communicate with software that implements DRM"

It can't connect to the internet?

You're asking for the legal equivalent of an evil bit.

Re:Then the Installation Information is insufficie

[tepples]

That's not quite what I am saying. Basically the hypervisor could limit resources to unsigned code, such that the code will still install and "run", but have such limited resources that it will not function properly. From the GPLv3: "The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made." So if I add a tiny "hello world" style modification and break the digital signature, it had better run and not just "run", or the distributor is in violation of copyright on the GPLv3 covered software he distributes.

Circumventing?

[11223]

I may be confused, but isn't this actually a way of complying with the GPL3? Using a hypervisor allows users to upgrade the kernel of their device without running into the (theoretical) security problems that companies who lock down their devices are afraid of.

Re:Circumventing?

[Chandon+Seldon]

Sure, but it violates what the FSF was working towards...

The single and only purpose of the anti-tivoizaton clause is to allow every user to modify any GPLv3 software they receive and then actually use their modification. It isn't intended to do anything else. Anti-DRM text was considered for GPLv3 and later dropped.

Re:The more you tighten your grip, RMS,

[DaleGlass]

No, it works just fine as far as anti-tivoization is concerned.

The important thing here is that the GPL3 is a license that dicates terms only about the thing to which is applied. By that I mean, Samba is now under the GPL3, which means you can't tivoize Samba, but that doesn't say anything about whatever else you happen to include in the box.

GPL2: You can take Samba, modify it, release the patches, but make the hardware refuse to load any other version. So for instance if those patches were needed to run on that specific device, you've effectively closed that branch of the source. Sure your patches are there, but since they're for that specific hardware and you control it, it's absolutely useless for everybody else, and goes against the intention of the GPL.

GPL3: Under the GPL3 you MUST make Samba replaceable, VM or not.

You seem to understand the anti-tivoization as that the whole device must be open if GPL3 software is used. This is incorrect. The GPL3 on Samba only applies to Samba, and that's the only thing that must be replaceable. The GPL intends to keep the software which it applies to "free" (according to the FSF's definition). The hardware only needs to cooperate to comply with the license on the specific code it's applied to. Anything else isn't included.

Re:Why are we Doing This?

[fsmunoz]

"We" aren't doing this. Some companies are probably eager to do it, and then there are those around here whose major joy is bitching about the GPL, the FSF, RMS and his dog. For them everything that is unsavory to the FSF is a great joy, even if it affects everyone else - even free software developers using other licenses. They generally describe themselves as "open source" advocates but in reality they are the mirror image of the "anti-M$" crowd.

An attempt at an explanation

[bitspotter]

Start with two machines: a "Tivo" with proprietary firmware, connected via LAN to a PC with a Trusted Computing TPM and a GPLv3 OS image signed by the "Tivo"'s vendor.

The OS can be altered and recompiled on the PC at will, staying well within the provisions of the hardware/software definitions as used in the GPLv3 license.

But when streaming video from the PC to the Tivo, remote attestation is used to verify the signature of the OS image booted on the PC. If the bootstrap signature is not provided, or doesn't match, the Tivo refuses to play the provided stream.

Got it? Good. Now all you need to do is re-imagine the PC in this model as a virtual machine run inside the Tivo itself, and you get the idea.

There might be a problem with this end-run, however. It all depends on whether the GPLv3 has to say specifically about what functionality is locked out without a bootstrap signature from the VM. If there's some language about insuring "complete", "full", or "all" functionality to modified versions, then it may not matter whether there's a hypervisor in the way or not (although the original network example I gave above is still legit).

I'm intersted to hear what the lawyers have to say.

Re:This FUD makes no sense.

[runderwo]

At this rate, I'm not sure what they want GPL'd software for

They want it because the price is unbeatable.

It's just that it has an annoying license that they have to work around, in order to be able to sufficiently hamstring their users.

Whine, whine whine.

[SanityInAnarchy]

Do they really think software these days isn't slow and bloated enough without the additional burden of context-switching, just to circumvent the licensing problems?

Y'know, you could just choose not to circumvent the licensing problems. You could just use code which you can get under a license that lets you do what you want with it. Or you could *gasp* write your own code! What a concept!

And at the risk of sounding petty, they started it. The root of this problem is not the GPLv3, it's DRM and Tivoization. I run a Linux machine, and I use it to view plenty of media which is either un-DRM'd or easily cracked (DVDs) -- and I require absolutely no VMs to do this.

To be perfectly honest, the legalese does not have to dictate the engineering choice here. You could simply make an engineering choice to use an open platform. No engineer in their right mind would use DRM as an engineering choice -- we all know it doesn't work, doesn't even slow the real pirates down much. If you're forced to implement something like this, realize that it is, in fact, a legal choice that someone made to force DRM on you.

Re:So what's the point?

[SanityInAnarchy]

FOr example, "Yes, there is a spiffy network card. It is an alias for the Loopback Adapter!"
or
"There is a TV channel like that. Oops it is all static."

...So what?

Once again, I don't think it defeats the purpose here, which is to prevent them from distributing a GPL'd binary in such a way that I can't upload my own, nearly-identical GPL'd binary and expect it to work.

To be GPLv3 compliant, I expect they'd have to have that channel exist, and provide exactly the same data to the GPL'd program, no matter what code is actually running inside that program. In other words, the API should be consistent/modular -- if I call 'get_chunk_of_data_from_channel(3, *buffer)' from within any program running on that system, I should get the same result, no matter what the program.

You're not allowed to take a checksum of the running program, and use that as a basis for deciding if I get static or not. However, if you really want to deliver static to everyone, including your own GPL'd software, go right ahead.

Or how about hiding specific tools behind or inside the hypervisor so that the code can run unaltered but the code doesn't do as much that is interesting. So instead of storing tv shows, it can only essentially script the storage of the tv show, the rest is handled underneath through encrypted connections, drm, etc. In short, the software is simply not trusted any more than a router on the internet is trusted with your credit card number. No analog hole.

That is true. It also means they gain less by using GPL'd code -- they now can't use it to handle IO, which Linux is very good at. They also can't use GPL'd decoders, meaning they have to license a proprietary one. And they can't use a GPL'd network stack, they need a BSD one.

Eventually, it means that they can only use GPL'd code for the UI; they have to implement the equivalent of a kernel underneath it. At this point, I don't think there's really any point to doing the hypervisor -- just do some BSD-derived kernel and run your GPL code under that.

Re:This FUD makes no sense.

[Ian+Alexander]

They want it because the price is unbeatable. It's just that it has an annoying license that they have to work around, in order to be able to sufficiently hamstring their users.

See, that's never made much sense to me. Why don't they just pick up a gratis operating system with a more permissive license, like one of the BSD's, and stop worrying about tivoizing GPL'ed code?

Or are they actually just evil and want to lock down GPL'ed code because it fills their weekly evil quota or something?

The dumbest topic on /.

[7-Vodka]

I am amazed that the ratio of junk idiotic posts vs. informed posts in this discussion is astronomical.

1. GPL3 is not designed to stop encryption of data (DRM - Digital Restrictions Management).
2. GPL3 is designed to stop preventing a user of GPL3 software from using it to the full extent (right to modify and still use the device).
3. What this white paper proposes is a way to implement DRM and comply with the GPL3.

So where's the beef?
The GPL3 doesn't stop DRM. Woot stop the presses! I could have told you that months ago during the drafting process because it's not designed to stop DRM.