Besides, even if that were true, the other party specifically says that anybody who wants one can take a copy without paying any fee for it
Without paying any fee, YES. Without agreeing to the contract, NO.
The problem arises when you say after the fact,
But since the GPL is presented to you before the fact, you're writing another irrelevancy. (Yes, it is possible that some people might not see the GPL notification with the software, but in that case, they should have no expectation that it is legal for them to redistribute the software)
Right. "TCPA will kill Linux" is overbroad and not quite right. But "TCPA will kill desktop Linux" is true, because for all practical purposes, if it can't play DVDs or music files, a desktop environment is never going to maintain popularity. (Nevermind that someday individual web pages will be protected with DRM also)
Oh, sure. Linux is perfectly secure, right? Keep on dreaming, it must be nice.
Oh, sure. TCPA can protect against OS bugs? Keep on dreaming, must be nice.
TCPA means that signed software can run with full permission. It only stops intentional exploits (programs specifically designed to infringe copyright), not accidental ones (buffer overflows or cross-site scripting).
To block such things, there are many well known techniques that can be applied- priviledge separation, data-tainting, external-error trapping, etc. But all of those can be implemented in sofware alone, without help from TCPA or any other hardware. Conversely, TCPA without those signficiant software changes gives zero benefit.
The only people TCPA might protect is those who put themselves at risk by running slapdash amateur software like Linux and OpenBSD, instead of staying with known quality brands like Microsoft, where security is job N!
PS. Incidently, the flaws in your argument are directly analogous to those in George W. Bush's social security plan. In both cases, to prevent a vague danger, he suggests doing 2 different activities, when really only one of them goes towards solving the difficulty at all- the other just serves his ideological agenda (and is more elaborate and expensive, to boot).
I've gotten a lot of negative replies to my admittedly hyperbolic post. Anyone else who's doubting the threat TCPA imposes on GPLed software such as Linux, please read this message from the author of the GPL himself. Selected highlight:
"Trusted computing" would make it pervasive. "Treacherous computing" is a more appropriate name, because the plan is designed to make sure your computer will systematically disobey you. In fact, it is designed to stop your computer from functioning as a general-purpose computer. Every operation may require explicit permission.
That's the core of what I'm complaining about there- the development of Linux depends on commodity PCs functioning as general purpose computers, able to do anything the end-user knows how to program. TCPA is meant to restrict certain illegal actions by making them technically impossible, and along the way it renders many more fully legal alterations (including Fair Use of copyrighted works) impossible.
There's a story about the engineers who built killing machines for Nazi Germany... it turns out they were only interested in the techincal issues. (Good for them! That makes it all A-OK)
Anybody who's taken contract law can tell you that, at best, the Gnu license is right on the bubble. In order for a contract to be binding, there has to be an overt act of acceptance.
They will be heavily in favor, at least for the narrowly-defined needs of their own professions.
Today, an end-user who happens to be the subject of a criminal investigation can encrypt his hard drive with an unguessable code. Only by directly interrogating him (or by spying as he types it, etc) can you get access to the files when you seize the PC for evidence.
But in a future with TCPA, the investigator's job is much easier. How easy it gets depending on how Orwellian we go: 1. The end-user does not have full control of his PC. Yes, he can install software to encrypt files on his disk, but the ultimate OS is owned by Microsoft. Presenting Microsoft with a court-order for the suspect's files will make them insert a backdoor into an update automatically forced onto his PC. (Users will be accumstomed to forced updated whenever an accidental exploit is found in their OS, so he won't be suspicious)
2. In a more extreme case, effective encryption software is completely outlawed, and PCs won't run amateur software that wasn't published by an official corporation. Although the suspect may have purchased encryption software, it will be weak enough for the police to easily break if they seize his PC at any time.
Either way, TCPA is good for the police, bad for the people.
Anybody who's taken contract law can tell you that, at best, the Gnu license is right on the bubble. In order for a contract to be binding, there has to be an overt act of acceptance.
Performing any action that would be illegal without the other party's specific permission consitutes overt acceptance. In this case, infringing on their copyright would be a felony unless you had agreed to the GPL.
It is your own decision to buy from companies who inherently do not trust you.
Barely, and getting less so each day. To ignore this, to think that consumer sheeple will care enough to engage in effective boycotts is foolhardy.
Once TCPA DRM gets going, it won't stop with the RIAA and MPAA. Web publishers and ebook sellers will use it too- soon enough, the only web pages that don't have DRM will be niche sites targeted to readers with a philosophical objection, or underground sites dedicated to copyright infringement or other crminality.
When that happens, the "Conservative" Attorney General may just decide to criminalize non-DRM traffic, having observed that the main reason it's still used is "piracy". And who cares that Free Software development will be dead outside of major corporations? Microsoft's quality products are good enough for everyone!
Then a system like TCPA can remain in place for situations where both ends of the link like to have trust. Like in secure transactions, or when checking if a system has been hacked or infected.
Technically, TCPA is ineffective for those situations. Those goals can be achieved more cheaply with different systems that don't block end-users from willingly modifying their own machines. The suggestion that TCPA is beneficial in those fields is a red herring.
Ok, so they can run software which lies. Because that's definitely a part of "anything".
All they can't do is lie to someone else about what they are running.
What? So they can't run lying software, so they can't do "anything"? Oh, I'm so confused!!
Please, stop spreading falsehoods and learn more about how the technology actually works.
The fundamental truth is that if TCPA becomes mainstrean, the ability of amateur programmers to modify the software running on their desktop computers will be greatly reduced. If I modify X.org to display windows in a translucent sphere, my web browsers will no longer run because my display system isn't "Trusted" anymore.
Have you ever read the spec? I have, and I can find nothing like what you're saying in it.
The spec doesn't spell it out- they wouldn't be so blatant. This is a legal/economic issue, not a technical one. It's understandable that engineering-minded readers might focus only on the technical details and miss out on what they imply for the larger environment.
Looking at the big picture, there can be only 1 or 2 real motivations for technology companies to roll out TCPA: 1: to prevent people from infringing copyright, which means preventing them from modifying their desktop OS software. 2: to prevent Linux from competing with Microsoft/Apple/Sun, which (again) means preventing them from modifying their desktop OS software.
Factor 1 is surely the driving force behind the technology, and 2 is just a pleasant side-effect for a few of the promoting companies. Sometimes they claim that it will have other benefits for end-users, like fewer hackers or virus protection or something, but those are false (meaning they could be achieved equally or better with other technical schemes)
Your objection to trusted computing all centers around the fact that "many end-users" (i.e., you) want to steal content and traffic in stolen content.
No. I want do be able to reprogram my computer to do new and creative things from my own imagination.
The Entertainment Technology Complex, however, wants to stop me from infringing their content. And to achieve that, they are willing to destroy my ability to hack on Linux in my spare time. (Indeed, they'll consider that a useful side-effect!)
Um, no. Any trusted client system relies on keeping the client from tinkering with the TCP chip, and while this might be sufficiently complicated to keep people from copying your precious MP3s, it is not nearly secure enough for an election
Wrong. The fact is, almost anything is secure enough for elections- because they're not very important.
Ask yourself how much money it would take to convince you to skip voting in one election? $50? $500? Probably not to much if you're rational, because the chance of your vote making a difference is so tiny.
But even today, people trust web servers to transfer far greater amounts of money. (I've shifted thousands already this morning). So rationally, if you don't trust a PC for voting, you shouldn't trust it for shopping or banking either- but millions of people already do.
PS. This isn't to say that voting and shopping are identical- in particular, many voting systems have an obsession with withholding paper trails from the end users, which removes an important mechanism to detect fraud.
That technique would work fine if you had an emulator. However, by the principles of cryptography, it would take thousands of years to develope such an emulator unless you already had access to the secret keys used to sign binaries. (In which case you could use the hardware directly and wouldn't need to emulate)
AC: It doesn't require that end-users be able to create modified binaries. If you disagree, please quote the GPL.
Fine:
6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein.
Get it? "You may not impose any further restrictions" means you cannot build the hardware so it blocks users from doing what the GPL obligates you to permit them to do. Otherwise, you are breaking the GPL and have no right to give out the software at all.
I'm sure there are many end-users who want to encode broadcast-flagged TV episodes and upload them to friends across the internet. Can they do this too? If so, the whole TCPA is meaningless and I withdraw my objections.
If you plug in a new keyboard (or, for that matter, any new hardware) the system should recognize the TCPA chip on the new component and ask for some sort of verification (
My keylogger is completely passive. It plugs between your PC and keyboard, and forwards along the verification provider by the keyboard.
Only if the system actually encrypts the keystrokes coming out of the keyboard are you protected. And in that case, I have a small videocamera to install in the ceiling tile looking down on your desk.
Wrong. Actually reading the article you linked demonstrates that I am right, and that EULAs are invalid. The difficulty is that the word "EULA" is now being applied to some different kinds of contracts which are valid, even though EULAs in general are not. As Don Shkeley from Buchanon Ingersoll explains, Blizzard's WoW agreement is valid because it is a contract for use of their servers, not merely to run the software unconnected on your own computer. (As I already said in my post above)
Sorry if I condensed the content a little too much here, it's oversimplified, but has the gist.
You're wrong, both here and in all the other comments, including the one about wedding rings, etc. You claim that somehow the fact that "You must accept the EULA to use this product" is written on the outside of the box carries any legal weight. It does not.
I could easily write: "By responding to this comment, you agree to mail me $5000". Or "By reading this comment, you agree to give me $400". Or I could even go to your house and spraypaint "By opening this door, you agree to give me $30"
None of those things are legally binding just because I say so. It's not valid to claim that someone's action constitutes agreement to a contract unless the action was one that he wouldn't have been allowed to do without your permission, or (alternatively) an action she would have done for no other reason accept to communicate acceptance to you.
Valid: "If you agree to give me $50, clap your hands 10 times" Valid: "If you agree to give me $50, come into my private home" Invalid: "If you agree to give me $50, walk down the sidewalk away from me"
So, this means that your wedding-ring example falls under something (taking his expensive property) that would be illegal for her to do without his permission. Thus it does basically constitute a contract.
So, when applied to computer software, the problem becomes: Does the publisher of the software have any right to prohibit me from running it? If the software is a single player game like WarCraft3, then the answer is no. One they've taken your money, given the discs, and you're back in your own home, the publisher has no right to (for example) phone you and command you never to run the program, and that a reimbursment check will be coming in the mail. (That's exactly like how the seller of a car cannot demand his vehicle back in exchange for a refund. You sold it, the deal is done, tough)
But, if the game is something that can't be used without access to the publishers' servers, then the do have a legal way to stop you from playing. They can decide to get out of the MMORPG business and unplug those servers at any time (which may obligate them to return some monthly fees).
PS. I'm talking about USA law here. In Britain things are different, and you're actually not allowed to run a program you've bought without the authors specific permission. So on the Isle, normal Click-Thru EULAs are binding.
PPS. In the USA, if EULAs were really binding, then it would be completely illegal for Computer City to sell software to anyone who is under 18.
The TCPA means that publishers of data can decide that they do not hand over their data to applications that *they* don't trust.
Meaning that end-users cannot modify the media player or OS software that runs on the hardware they own, which is counter to the intent of the GPL.
That means it can be used for DRM, but it also means it can be used for secure transactions, etc.
Ha! "Secure transactions". Allow the person on each end of the transaction to select his own software. The bank shouldn't be able to dictate which web-browser I access my account with. If you don't trust the remote user, don't allow him into your system at all... trusting people, but not trusting their choice of software is a stupid band-aid on security.
So, when a music publisher sends out files that can only play on a TCPA DRM platform, stop buying from him. When other consumers do the same, the publisher will go bankrupt and others will step in.
That's a polyanna attitude, and is not consistent with your other statements. You seem to be hoping that somehow the main driving incentive for TCPA will not come to pass. Maybe you've been fooled by their propaganda that it somehow increases security for the end user?
If consumers do seriously boycott publishers from using TCPA DRM, then TCPA will completely die out, and this whole discussion will be meaningless. I'd be happy to see that happen, but don't percieve any rational justification for that optimism.
Presumably the owner of the machine, if he chooses to compile the program from source, will be able to sign the resulting binary with his own private key.
Completely wrong. The owners of machines don't get the keys needed to sign things for their own hardware. Only the builders of the hardware have those keys, and they are contractually obligated by agreements to the MPAA and RIAA not to divulge those keys to anyone (except employees in the course of their work).
If the owners of the hardware were going to be the ones having the keys needed to run on that hardware, then I wouldn't have any problem with it. (But in that case, industry wouldn't promote it, because it doesn't serve their greed)
We're not talking about the Xbox mentality here - where there is only one key for signing apps and it is owned by a platform monopolist.
If you really believe that, then you've fallen for the obfuscation (or misinformation, or FUD, or whatever synonym for "lying" is in vogue today) of the the Entertainment Technology Complex.
The intent for the future is that PCs as general-purpose computers are a dying breed. The X-Box / cable-box / cellphone mentality is the way forward. Microsoft intends that the market will split into $500 end-user machines and $50,000 developer boxes. Where the high cost for the dev systems comes not from the hw or sw costs (although those are higher than they are today, because economy-of-scale has been eliminated), but from the licenses, including your personal "Software Authorship Licenses". To get that license means promising never to implement commands like "cp" and "printscreen" that users might infringe copyright with.
That barrier-to-entry will kill the open source/free software movements, and cement Microsoft's place as the planet's only real OS developer.
All features of your modified executable will work.
Wrong. Suppose one feature of the executable is playing blue-laser discs of Star Wars VII: Return of the Binks. That functionality will NOT WORK if the OS is flagged untrusted.
At it's core, returning true from the is_trusted() system call is the single critical feature that will be removed, crippling dozens of important programs running on that OS.
won't be able to lie to them
Lying is still, technically, a feature. I never said you had a right to do it- but yet, the GPL doesn't allow you to restrict what a recipient can do with the software you give him.
Then, anyone who trusts you, can trust your binaries just as they trust binaries signed by Microsoft.
The "anyone" who matters in this case is hardware vendors like Intel, AMD, Apple, NVidia, and Hauppage. Obviously, Fortune 500 corps aren't going to trust a hobbyist like me.
You paint a false picture by implying that it's end-users who need to trust me... that I can put my modified software up on the web, convince them to trust me (by exchanging money or contracts or whatever means), and then they will be able to run my software.
No! That's not how it works! End-users cannot decide who they want to trust. Only the MPAA and RIAA decide which hardware companies they want to trust, and then those hardware vendors decide which software vendors they want to trust (mainly Microsoft and Apple), and then those are the only ones who can sign software to make it run (with the full feature set enabled by being "Trusted")
It's really ironic that yesterday I was taking flak for arguing that anime fansubs hurt legal sales, because fansubbing is something that TCPA is meant to kill (along with all other handling of copyrighted work, both infringing and Fair Use)
AC: Can't you even read the blurb? "Published open standards"
I can read. I can also tell when press releases are obviously lying.
The standard is partially open, but not the most important part: the secret key that allows you to sign binaries so the OS appears trusted. Unless the hardware companies actually publish that key, they're not providing the full "standard" (specification of exactly what their hardware does), and not allowing open implementation of compatible software.
The trouble is not between TCG and Linux, but TCG and GPL (and Linux is one of many GPL programs).
Later, a program wil want to attest the software you are running,
The whole idea of that "attesting to the software you are running" is restricting who can modified the software. In particular, TCG wants to forbid amateurs and especially end-users from modifying the software. That is completely against the open-development spirit of Linux and all GPL projects.
Slashdot Mirror
Besides, even if that were true, the other party specifically says that anybody who wants one can take a copy without paying any fee for it
Without paying any fee, YES. Without agreeing to the contract, NO.
The problem arises when you say after the fact,
But since the GPL is presented to you before the fact, you're writing another irrelevancy. (Yes, it is possible that some people might not see the GPL notification with the software, but in that case, they should have no expectation that it is legal for them to redistribute the software)
TCPA by itself will not kill Linux.
Right. "TCPA will kill Linux" is overbroad and not quite right. But "TCPA will kill desktop Linux" is true, because for all practical purposes, if it can't play DVDs or music files, a desktop environment is never going to maintain popularity. (Nevermind that someday individual web pages will be protected with DRM also)
Oh, sure. Linux is perfectly secure, right? Keep on dreaming, it must be nice.
Oh, sure. TCPA can protect against OS bugs? Keep on dreaming, must be nice.
TCPA means that signed software can run with full permission. It only stops intentional exploits (programs specifically designed to infringe copyright), not accidental ones (buffer overflows or cross-site scripting).
To block such things, there are many well known techniques that can be applied- priviledge separation, data-tainting, external-error trapping, etc. But all of those can be implemented in sofware alone, without help from TCPA or any other hardware. Conversely, TCPA without those signficiant software changes gives zero benefit.
The only people TCPA might protect is those who put themselves at risk by running slapdash amateur software like Linux and OpenBSD, instead of staying with known quality brands like Microsoft, where security is job N!
PS. Incidently, the flaws in your argument are directly analogous to those in George W. Bush's social security plan. In both cases, to prevent a vague danger, he suggests doing 2 different activities, when really only one of them goes towards solving the difficulty at all- the other just serves his ideological agenda (and is more elaborate and expensive, to boot).
That's the core of what I'm complaining about there- the development of Linux depends on commodity PCs functioning as general purpose computers, able to do anything the end-user knows how to program. TCPA is meant to restrict certain illegal actions by making them technically impossible, and along the way it renders many more fully legal alterations (including Fair Use of copyrighted works) impossible.
"I'll stay with the technical issues".
There's a story about the engineers who built killing machines for Nazi Germany... it turns out they were only interested in the techincal issues. (Good for them! That makes it all A-OK)
Anybody who's taken contract law can tell you that, at best, the Gnu license is right on the bubble. In order for a contract to be binding, there has to be an overt act of acceptance.
They will be heavily in favor, at least for the narrowly-defined needs of their own professions.
Today, an end-user who happens to be the subject of a criminal investigation can encrypt his hard drive with an unguessable code. Only by directly interrogating him (or by spying as he types it, etc) can you get access to the files when you seize the PC for evidence.
But in a future with TCPA, the investigator's job is much easier. How easy it gets depending on how Orwellian we go:
1. The end-user does not have full control of his PC. Yes, he can install software to encrypt files on his disk, but the ultimate OS is owned by Microsoft. Presenting Microsoft with a court-order for the suspect's files will make them insert a backdoor into an update automatically forced onto his PC. (Users will be accumstomed to forced updated whenever an accidental exploit is found in their OS, so he won't be suspicious)
2. In a more extreme case, effective encryption software is completely outlawed, and PCs won't run amateur software that wasn't published by an official corporation. Although the suspect may have purchased encryption software, it will be weak enough for the police to easily break if they seize his PC at any time.
Either way, TCPA is good for the police, bad for the people.
Anybody who's taken contract law can tell you that, at best, the Gnu license is right on the bubble. In order for a contract to be binding, there has to be an overt act of acceptance.
Performing any action that would be illegal without the other party's specific permission consitutes overt acceptance. In this case, infringing on their copyright would be a felony unless you had agreed to the GPL.
It is your own decision to buy from companies who inherently do not trust you.
Barely, and getting less so each day. To ignore this, to think that consumer sheeple will care enough to engage in effective boycotts is foolhardy.
Once TCPA DRM gets going, it won't stop with the RIAA and MPAA. Web publishers and ebook sellers will use it too- soon enough, the only web pages that don't have DRM will be niche sites targeted to readers with a philosophical objection, or underground sites dedicated to copyright infringement or other crminality.
When that happens, the "Conservative" Attorney General may just decide to criminalize non-DRM traffic, having observed that the main reason it's still used is "piracy". And who cares that Free Software development will be dead outside of major corporations? Microsoft's quality products are good enough for everyone!
Then a system like TCPA can remain in place for situations where both ends of the link like to have trust. Like in secure transactions, or when checking if a system has been hacked or infected.
Technically, TCPA is ineffective for those situations. Those goals can be achieved more cheaply with different systems that don't block end-users from willingly modifying their own machines. The suggestion that TCPA is beneficial in those fields is a red herring.
Let's watch SiliconEntity argue with herself:
Anyone can run anything they want.
Ok, so they can run software which lies. Because that's definitely a part of "anything".
All they can't do is lie to someone else about what they are running.
What? So they can't run lying software, so they can't do "anything"? Oh, I'm so confused!!
Please, stop spreading falsehoods and learn more about how the technology actually works.
The fundamental truth is that if TCPA becomes mainstrean, the ability of amateur programmers to modify the software running on their desktop computers will be greatly reduced. If I modify X.org to display windows in a translucent sphere, my web browsers will no longer run because my display system isn't "Trusted" anymore.
Have you ever read the spec? I have, and I can find nothing like what you're saying in it.
The spec doesn't spell it out- they wouldn't be so blatant. This is a legal/economic issue, not a technical one. It's understandable that engineering-minded readers might focus only on the technical details and miss out on what they imply for the larger environment.
Looking at the big picture, there can be only 1 or 2 real motivations for technology companies to roll out TCPA:
1: to prevent people from infringing copyright, which means preventing them from modifying their desktop OS software.
2: to prevent Linux from competing with Microsoft/Apple/Sun, which (again) means preventing them from modifying their desktop OS software.
Factor 1 is surely the driving force behind the technology, and 2 is just a pleasant side-effect for a few of the promoting companies. Sometimes they claim that it will have other benefits for end-users, like fewer hackers or virus protection or something, but those are false (meaning they could be achieved equally or better with other technical schemes)
Your objection to trusted computing all centers around the fact that "many end-users" (i.e., you) want to steal content and traffic in stolen content.
No. I want do be able to reprogram my computer to do new and creative things from my own imagination.
The Entertainment Technology Complex, however, wants to stop me from infringing their content. And to achieve that, they are willing to destroy my ability to hack on Linux in my spare time. (Indeed, they'll consider that a useful side-effect!)
Um, no. Any trusted client system relies on keeping the client from tinkering with the TCP chip, and while this might be sufficiently complicated to keep people from copying your precious MP3s, it is not nearly secure enough for an election
Wrong. The fact is, almost anything is secure enough for elections- because they're not very important.
Ask yourself how much money it would take to convince you to skip voting in one election? $50? $500? Probably not to much if you're rational, because the chance of your vote making a difference is so tiny.
But even today, people trust web servers to transfer far greater amounts of money. (I've shifted thousands already this morning). So rationally, if you don't trust a PC for voting, you shouldn't trust it for shopping or banking either- but millions of people already do.
PS. This isn't to say that voting and shopping are identical- in particular, many voting systems have an obsession with withholding paper trails from the end users, which removes an important mechanism to detect fraud.
Use an x86 emulator and two copies of Linux,
That technique would work fine if you had an emulator. However, by the principles of cryptography, it would take thousands of years to develope such an emulator unless you already had access to the secret keys used to sign binaries. (In which case you could use the hardware directly and wouldn't need to emulate)
Fine:
Get it? "You may not impose any further restrictions" means you cannot build the hardware so it blocks users from doing what the GPL obligates you to permit them to do. Otherwise, you are breaking the GPL and have no right to give out the software at all.
And end users can do whatever they want.
Really? They can do WHATEVER they want?
I'm sure there are many end-users who want to encode broadcast-flagged TV episodes and upload them to friends across the internet. Can they do this too? If so, the whole TCPA is meaningless and I withdraw my objections.
If you plug in a new keyboard (or, for that matter, any new hardware) the system should recognize the TCPA chip on the new component and ask for some sort of verification (
My keylogger is completely passive. It plugs between your PC and keyboard, and forwards along the verification provider by the keyboard.
Only if the system actually encrypts the keystrokes coming out of the keyboard are you protected. And in that case, I have a small videocamera to install in the ceiling tile looking down on your desk.
Short version, EULAs are just fine.
Wrong. Actually reading the article you linked demonstrates that I am right, and that EULAs are invalid. The difficulty is that the word "EULA" is now being applied to some different kinds of contracts which are valid, even though EULAs in general are not. As Don Shkeley from Buchanon Ingersoll explains, Blizzard's WoW agreement is valid because it is a contract for use of their servers, not merely to run the software unconnected on your own computer. (As I already said in my post above)
Sorry if I condensed the content a little too much here, it's oversimplified, but has the gist.
You're wrong, both here and in all the other comments, including the one about wedding rings, etc. You claim that somehow the fact that "You must accept the EULA to use this product" is written on the outside of the box carries any legal weight. It does not.
I could easily write: "By responding to this comment, you agree to mail me $5000". Or "By reading this comment, you agree to give me $400". Or I could even go to your house and spraypaint "By opening this door, you agree to give me $30"
None of those things are legally binding just because I say so. It's not valid to claim that someone's action constitutes agreement to a contract unless the action was one that he wouldn't have been allowed to do without your permission, or (alternatively) an action she would have done for no other reason accept to communicate acceptance to you.
Valid: "If you agree to give me $50, clap your hands 10 times"
Valid: "If you agree to give me $50, come into my private home"
Invalid: "If you agree to give me $50, walk down the sidewalk away from me"
So, this means that your wedding-ring example falls under something (taking his expensive property) that would be illegal for her to do without his permission. Thus it does basically constitute a contract.
So, when applied to computer software, the problem becomes: Does the publisher of the software have any right to prohibit me from running it?
If the software is a single player game like WarCraft3, then the answer is no. One they've taken your money, given the discs, and you're back in your own home, the publisher has no right to (for example) phone you and command you never to run the program, and that a reimbursment check will be coming in the mail. (That's exactly like how the seller of a car cannot demand his vehicle back in exchange for a refund. You sold it, the deal is done, tough)
But, if the game is something that can't be used without access to the publishers' servers, then the do have a legal way to stop you from playing. They can decide to get out of the MMORPG business and unplug those servers at any time (which may obligate them to return some monthly fees).
PS. I'm talking about USA law here. In Britain things are different, and you're actually not allowed to run a program you've bought without the authors specific permission. So on the Isle, normal Click-Thru EULAs are binding.
PPS. In the USA, if EULAs were really binding, then it would be completely illegal for Computer City to sell software to anyone who is under 18.
AC: If you can't read the entire thread and get the context of his comment
I did read the whole thread, which is why I know that "ShuttleOne" wasn't just a typo or something, but a persistent mistake.
The TCPA means that publishers of data can decide that they do not hand over their data to applications that *they* don't trust.
Meaning that end-users cannot modify the media player or OS software that runs on the hardware they own, which is counter to the intent of the GPL.
That means it can be used for DRM, but it also means it can be used for secure transactions, etc.
Ha! "Secure transactions". Allow the person on each end of the transaction to select his own software. The bank shouldn't be able to dictate which web-browser I access my account with. If you don't trust the remote user, don't allow him into your system at all... trusting people, but not trusting their choice of software is a stupid band-aid on security.
So, when a music publisher sends out files that can only play on a TCPA DRM platform, stop buying from him. When other consumers do the same, the publisher will go bankrupt and others will step in.
That's a polyanna attitude, and is not consistent with your other statements. You seem to be hoping that somehow the main driving incentive for TCPA will not come to pass. Maybe you've been fooled by their propaganda that it somehow increases security for the end user?
If consumers do seriously boycott publishers from using TCPA DRM, then TCPA will completely die out, and this whole discussion will be meaningless. I'd be happy to see that happen, but don't percieve any rational justification for that optimism.
Presumably the owner of the machine, if he chooses to compile the program from source, will be able to sign the resulting binary with his own private key.
Completely wrong. The owners of machines don't get the keys needed to sign things for their own hardware. Only the builders of the hardware have those keys, and they are contractually obligated by agreements to the MPAA and RIAA not to divulge those keys to anyone (except employees in the course of their work).
If the owners of the hardware were going to be the ones having the keys needed to run on that hardware, then I wouldn't have any problem with it. (But in that case, industry wouldn't promote it, because it doesn't serve their greed)
We're not talking about the Xbox mentality here - where there is only one key for signing apps and it is owned by a platform monopolist.
If you really believe that, then you've fallen for the obfuscation (or misinformation, or FUD, or whatever synonym for "lying" is in vogue today) of the the Entertainment Technology Complex.
The intent for the future is that PCs as general-purpose computers are a dying breed. The X-Box / cable-box / cellphone mentality is the way forward. Microsoft intends that the market will split into $500 end-user machines and $50,000 developer boxes. Where the high cost for the dev systems comes not from the hw or sw costs (although those are higher than they are today, because economy-of-scale has been eliminated), but from the licenses, including your personal "Software Authorship Licenses". To get that license means promising never to implement commands like "cp" and "printscreen" that users might infringe copyright with.
That barrier-to-entry will kill the open source/free software movements, and cement Microsoft's place as the planet's only real OS developer.
All features of your modified executable will work.
Wrong. Suppose one feature of the executable is playing blue-laser discs of Star Wars VII: Return of the Binks. That functionality will NOT WORK if the OS is flagged untrusted.
At it's core, returning true from the is_trusted() system call is the single critical feature that will be removed, crippling dozens of important programs running on that OS.
won't be able to lie to them
Lying is still, technically, a feature. I never said you had a right to do it- but yet, the GPL doesn't allow you to restrict what a recipient can do with the software you give him.
Even so, if the key is on my system I've also likely password protected it. In fact I know I have. :)
If I have access to your computer, I can put a keylogger on it, and have access to whatever passwords (and even removable media) protect your key.
0wnage = 0wnage.
Then, anyone who trusts you, can trust your binaries just as they trust binaries signed by Microsoft.
The "anyone" who matters in this case is hardware vendors like Intel, AMD, Apple, NVidia, and Hauppage. Obviously, Fortune 500 corps aren't going to trust a hobbyist like me.
You paint a false picture by implying that it's end-users who need to trust me... that I can put my modified software up on the web, convince them to trust me (by exchanging money or contracts or whatever means), and then they will be able to run my software.
No! That's not how it works! End-users cannot decide who they want to trust. Only the MPAA and RIAA decide which hardware companies they want to trust, and then those hardware vendors decide which software vendors they want to trust (mainly Microsoft and Apple), and then those are the only ones who can sign software to make it run (with the full feature set enabled by being "Trusted")
It's really ironic that yesterday I was taking flak for arguing that anime fansubs hurt legal sales, because fansubbing is something that TCPA is meant to kill (along with all other handling of copyrighted work, both infringing and Fair Use)
AC: Can't you even read the blurb? "Published open standards"
I can read. I can also tell when press releases are obviously lying.
The standard is partially open, but not the most important part: the secret key that allows you to sign binaries so the OS appears trusted. Unless the hardware companies actually publish that key, they're not providing the full "standard" (specification of exactly what their hardware does), and not allowing open implementation of compatible software.
dont see any trouble with this and linux.
The trouble is not between TCG and Linux, but TCG and GPL (and Linux is one of many GPL programs).
Later, a program wil want to attest the software you are running,
The whole idea of that "attesting to the software you are running" is restricting who can modified the software. In particular, TCG wants to forbid amateurs and especially end-users from modifying the software. That is completely against the open-development spirit of Linux and all GPL projects.