Torvalds Explains Dislike For GPLv3

Joe Barr writes "Linus Torvalds explains in three recent posts why he doesn't care for the DRM restrictions in GPLv3, and he has never been one to hold back. From his commentary: 'I _literally_ feel that we do not - as software developers - have the moral right to enforce our rules on hardware manufacturers. We are not crusaders, trying to force people to bow to our superior God. We are trying to show others that co-operation and openness works better.' NewsForge has the complete text of all three posts available." We discussed his initial reaction to GPL3 at the end of last month. NewsForge is a sister site to Slashdot.

There's a diff between leadership & followship

[postbigbang (761081)]

Linus' philosophy doesn't bridge the gap between us vs them (coders vs hardware engineers), but it does help content owners deal with their own cesspool of problems.

I applaud his choice; it's not quite an RMS sort of view, but close: let the idiots deal with their issues. We'll let the software do its job.

Fairly simple, eh?

Well said

[squoozer (730327)]

I thought, when I first heard that Linux wouldn't support GPLv3, that he was simply throwing his teddies out the pram at something that was even written yet. No I hear his reasoning though it sounds like a very good call. GPLv3 sounds like it is loosing sight of what it really set out to achieve. OSS has reached a point where a lot of tech companies are seriously considering using it if not actually already using it. I can't help feeling that the power might have got to RMSs head a little. I'm not a big fan of Linus in particular but he does do a fairly good job of "keeping it real" something that people in powerful of infulental positions seem to lose sight of.

Expediency vs Principle

[gvc (167165)]

It is commonly argued here that RMS and FSF are out-of-touch crusaders to be marginalized when considering how really to get software written. I disagree.

Torvald's kernel and the community that support it are quite remarkable, and I wish to take nothing away from them. However, they would not exist if not for gcc and a host of other tools that themselves would simply not exist were it not for Stallman. He was savvy enough to see the creation of these tools; part of this savvy manifested itself in the GPL which demands quid-quo-pro from users of free software.

Now you can imagine a world in which we all just gave away our efforts, and you can imagine a world in which this benevolency resulted in a societal revolution in which open-source (but not necessarily free) software thrived. I can never prove that such a world might not have evolved, but the world as it actually exists has been heavily shaped by Stallman's efforts.

Stallman is certainly not irrelevant in the history of software. I would hesitate to dismiss him as irrelevant to the future.

Alan's Comments

[TheRaven64 (641858)]

Ping Wales have an interview with Alan Cox on the subject [pingwales.co.uk]. I know of two people who have tried submitting this, but it's been rejected both times.

he doesn't get it

[by Anonymous Coward]

Smart guy, but can't see the big picture outside his own specialist niche. This isn't a dig, it's an observation,and I have seen it many times with brilliant people I know. If the software patents and DRM goons had had their way back before he wanted to build a minix/unix replacement, he wouldn't have been allowed legally to do most of what he did. Heck, we would barely have affordable functioning home computers either.
I really like the idea of a new GPL that goes farther than the last one in making sure freedom and openness becdomes the norm and not the exception. If we can't get rid of software patents, we can use the fact they exist against that concept. It's sad but you can't remove the legal aspects to coding, so might as well use what ammo and tools are available to counter the threat that patents and DRM clearly are.

Anti-DRM provisions

[ajs318 (655362)]

Has anybody here actually read and understood the anti-DRM provisions of GPLv3, or are you all just spouting off?

Section Three -- the anti-DRM provision -- basically says that any work covered by the GPLv3 is not to be construed as a copy-prevention measure. In other words, if some mis-worded legislation makes it onto the statute books -- specifically legislation which apparently makes an act illegal, ignoring that a copyright holder might well have given permission for such an act -- GPLv3 3 is there to make it quite clear that the copying is being carried out with the blessing of the author.

It also ensures that if software subject to GPLv3 is recorded on some medium which attempts to restrict copying, that any user who is forced to bypass anti-copying restrictions in order to perform a legitimate act for which permission had already been granted, has a legal defence for doing so.

Which of the above don't you agree with?

GPL2 not 3 for Linux is quite strategic

[stanwirth (621074)]

If Linux were released under GPL3, then nobody with a DRM box could run Linux on it. But by allowing Linux to run on DRM hardware, if something doesn't work because of DRM, then the HW manufacturers are the bad guys, and DRM at fault -- not those nice OSS people who just want to help everybody.

It also gives us all ongoing opportunities to observe misapplications of DRM technology (spyware, malware attempts) by providing a nice platform. While finding ways of actually thwarting lawful applications of DRM would be wrong, if there's an unlawful misapplication of DRM that's easily observable (because Linux runs on the thing) and possible to thwart...Cool!

So I have to say that Linus has it right, both in spirit and in strategy wrt to the kernel. And there's nothing stopping anyone from writing GPL3 applications that run on it -- but only if you get a non-DRM box. Which is another way of strategically opposing DRM -- allow your OS to run on it, but let it break half the apps, so people have a reason to not buy DRM hardware.

And he says as much, too.

The real question

[s20451 (410424)]

Torvalds sees openness as a tool, not as an end.

The real question is, should software developers impose their value system on end users or hardware manufacturers?

Given that developers and other intelligent people disagree as to what the right value system for software should be, my answer would be "no".

Re:The real question

[Lussarn (105276)]

FSFs arguments aren't really bad either. They just want you to be able to change the code which is under GPL in products. By wrapping GPL code in DRM and use DMCA to protect it there is legaly a whatertight hole to not let users change the GPL code in the products. This was probably not the intent of the author of said GPL code and thats why DRM is added in GPL v3. And why it's probably welcomed by most developers.

Re:The real question

[plover (150551)]

If the code that you wrote under the GPL was digitally signed by a manufacturer and put in a "Trusted Platform" machine (let's say a router), the GPL (v2) clearly states that they must make your code available, along with any modifications to your code.

That's it. The GPL grants you the further rights to take that modified code and change it any way you like. But it does not grant you the right to install that modified software back on that same machine.

This is no different than if that manufacturer took your GPLed code and burned into a ROM or blew it onto an FPGA and then soldered it into the router. Just because you wrote it doesn't mean the manufacturer has to give you provisions to alter it on their machine.

The answer is purely economic -- don't buy a trusted platform based machine. Don't buy an OS that supports trusted platforms (Vista.) Don't allow friends, families or your business to buy trusted platform machines. If you're in a position to purchase hardware, get "no hardware enforcement of digital signatures" written as a requirement into your RFQs.

GPL v3 is not a business friendly license. It will restrict development unnecessarily, and drive manufacturers away from using GPLv3 code. Look at how well Linux has done in embedded devices (the slug as well as many other Linksys appliances.) These restrictions will likely drive those manufacturers to alternate sources of software, or limit them to only GPL v2 versions of the code.

Re:The real question

[by Anonymous Coward]

RMS started Free software because of an incident involving a buggy printer, and not being able to fix the driver.

with DRM'ed hardware that problem reappears:
1) buggy GPL'ed driver
2) you fix the driver
3) oops, you can't actually install your fixed driver

Now do you see the problem?

Re:The real question

[Frank T. Lofaro Jr. (142215)]

The content and control cartels attacked us with the DMCA, making it illegal to exercise our rights to use and modify our hardware and software as we see fit.

We must fight back - if you are in a fight, are being attacked, and don't fight back, you will lose.

The GPL v3 fights back - it is illegal to use GPL code in a product where it would be illegal for one to replace that GPL code with a modification.

The GPL v3 only makes it illegal to have DRM because it is illegal to bypass DRM.

Without the DMCA, these provisions would have never come about in GPL v3. If people could bypass DRM without breaking the law, people would use code to circumvent code. You can't use code to circumvent law (or code protected by law) or you are breaking the law. Therefore we use law to circumvent law - stop them from using the DMCA and our code at the same time - they can't use our code against us and make it illegal for us to use and modify our code as we see fit.

DRM and the GPL v3 may not be incompatible 100%, I believe the language says it can not be part of an "effective protection" system under the DMCA. If the GPL allowed use of DRM, but only on condition that such DRM would not be illegal to circumvent under the DMCA (e.g. the DRM writer automatically gives a license where any circumvention is authorized with respect to the DMCA) there would be no argument one could make against that. Breakig such DRM and infringing copyright would still be a copyright infringement.

Re:DRM is the antithesis of openness

[CoughDropAddict (40792)]

Now, there should be provisions for expiration of DRM concurrent with copyright and whatnot

Yeah, but there never will be. That's the problem of DRM.

DRM lets content producers legislate arbitrary terms. Copyright law becomes pretty much irrelevent, because the software dictates the terms, and DMCA gives those terms the force of law.

DRM completely eliminates the balance of Copyright law, because it gives content producers, who have an incentive to control every possible aspect of how their work is used, a blank check to do so.

Re:DRM is the antithesis of openness

[Hell O'World (88678)]

but in order for the market to work and content to move into the digital age and away from physical media, there has to be DRM

I have always had such a strong reaction against DRM that any future with DRM has always seemed distopian to me. I tend to think that eventually the entire concept will be discredited, because customers will choose with their dollars products that can be played on all their devices, and artist will choose to ally themselves their customers. It is just a matter of people seeing what the geeks already know; that there is power in not getting locked into a single system.
However, there are such strong interests fighting for DRM, that I also admit that it's possible that in the end, that the future will require some sort of DRM. But if I am to concede that possibility, it then becomes clear to me that new laws are needed, protecting the user's rights. If copyright holders are to be allowed to use a technical solution for protecting against unfair use, then they must be prevented from hindering fair use.
 
there should be provisions for expiration of DRM concurrent with copyright and whatnot, but there is nothing wrong with reasonable use of DRM for protecting intellectual property in a manner consistent with appropriate precedents and law.

I agree with this, but there is a lot of hand waving in that "and whatnot." Society has a lot of work to do hammering out exactly where the boundaries between fair and unfair are. It's not even clear to me that a fair technical solution is possible. How would software know your intentions when you copy that file? Are you just making a backup for your own use, or are you going to sell it?

Re:DRM is the antithesis of openness

[Waffle Iron (339739)]

I'm sorry, but in order for the market to work and content to move into the digital age and away from physical media, there has to be DRM.

Not really. A more appropriate action would be to develop a different way to pay content creators than trying to map the analogy of physical items made out of molecules onto abstract concepts made from pure information.

This whole scheme was a kludge when it was invented a couple of centuries ago, but it worked OK so long as there were only a couple of printing presses in each city. It really started getting strained when technologies such as photocopiers and tape recorders became available to the public. It almost broke down totally with the availability of hard drives and the Internet to transmit copies. Now, with the world moving towards the sale of content with no media at all, the concept is becoming absurd. There's no physical media left at all on which to map the physical property analogy.

Trying to simulate the physical object mapping with pure encryption and software algorithms is like trying to hold together jello with rubber bands. It's not going to work unless the government takes away your right to own a general-purpose computing device without encrypted links to your monitor and speakers. I assert that the freedoms that give you the right to own unhindered computer hardware are more important than the economic benefits that content producers would get from unbreakable DRM schemes. I don't care if the amount of content created and the number of producers the economy supports would be significantly decreased. Locking down every information handling tool available to us is just not worth it because the same DRM tools that content creators use to ensure payment will undoubtedly also be used by governments and private parties to monitor, snoop and control all of the information that we use.

Re:DRM is the antithesis of openness

[Jeremi (14640)]

I do not understand people that are totally anti-Rights-management.

Because to the extent that your computer is an extension of your mind, DRM is a "restraining bolt" that determines what you can or cannot say or think about, and its application is almost entirely in the hands of a powerful few. Even if it was never abused (and that's a huge if), the idea of somebody else having the final say over what you are allowed or not allowed to think is a disturbing thought.

(Analogy: imagine someone had invented a pill that kept people from thinking about molesting children, and that they wouldn't let anyone move to their town unless they agreed to take that pill. Would you feel comfortable agreeing to that, even though it was for a good cause? What if you knew the pill could easily be altered in the future to, say, force people to vote for a particular political party? Remember, once you've moved to the new town, you'll have to either accept any additional pills they decide to require in the future, or pack up and move to another town again... which might be very inconvenient for you, especially if there are no longer any "pill-free" towns nearby)

Re:Translation

[Mr. Underbridge (666784)]

Translation: "I feel that we do not have the muscle - as open source software developers - to force hardware manufactures to bow to our DRM demands. They'll just laugh at us."

Don't put words in his mouth. Linus has never been the crusader that RMS is, and as he says in the article, doesn't want to be either. He claims that he doesn't feel like using software licensing and copyright as a weapon to fight political battles. I don't blame him, either. He seems to have meant precisely what he said. Since Linus isn't much prone to doublespeak or pulling punches, I'm tempted to believe him.

GPL3 is a tipping point for the FSF. If they go that route, they will lose all corporate support, which they think they don't need but in fact very much do. GPL3 goes way too far. So if they want to marginalize themselves...go right ahead.

Re:"We"

[RingDev (879105)]

His quotes in TFA sound as if he's not against IP law reform/removall, so much as he is against the way they are doing it.

You don't strong arm the postal carrier when your neighbor puts up a fence. Why should software developers be strong armed over content providers decisions. If you want to fight DRM's, fight the people who are creating them, fight the people who distribute them, don't fight the people who are trying to make your software more effective.

-Rick

Oh yeah, Stallman is a real tyrant...

[Concern (819622)]

Not.

He's thinking about the near future, where most interesting new hardware would have a chain of trust that requires you to have secret keys to get your programs to run on it, and you will never get those secret keys.

You modify that source code to your heart's content, suckers, because it's written against this prison platform (and it's probably not really useful anywhere else) and if you change it, it won't load.

WTF is the point of the GPL then? Where is the freedom?

Leaving aside the fact that DRM itself is nonsense (it is), impossible (it is), and inherently repugnant and evil (it is), DRM is directly incompatible with the purpose of the GPL, that's all.

The GPL itself has a "no secret sauce" provision. You're not really staying free if you can keep to yourself some secret that the code actually needs to work. This is just formally and explicitly extending the same line of reasoning for the most likely way it's being violated.

I really can't understand why people don't get this. The corporate world on a whim thinks it might be more profitable to take away all your freedom to tinker. They're probably not even right about that.

You just all roll over? Sure, I'll help. No, I don't need to get paid.

RMS is saying, look, this is bad shit, and I want no part of building this prison. Anyone who feels like I do, here's a license you can use. Don't be a sucker.

Linus doesn't want to use it, fine. I think he's an idiot for not getting it, but no one is being "pressed." We're all free to do what we want. Stallman can't press anybody. And that's the point. he's fighting so that you can't be "pressed" by others.

"Pressing." LOL! All this hate against RMS and the FSF is so barbarous, and so sadly ironic, frankly...

Re:Speaking of money...

[symbolic (11752)]

Money wins much of the time. I don't see this as an issue of forcing anything, but merely ensuring that the playing field remain somewhat hospitable to open source development. I think Linus' view might be appropriate for the process of development, but I think RMS is focused more on the environment in which that development takes place. In effect, Linus is asking that we place a great deal of trust in the commercial sector, trust which I'm tempted to think is entirely misplaced. There have undoubtedly been some shining stars, but these are the exception, not the rule. In essence, open source needs to protect itself against those who insist on playing in a more non-cooperative environment simply because it offers them greater advantage.

I agree, he is a nice guy. The world isn't

[SmallFurryCreature (593017)]

The biggest difference between Linus Torvald and Richard Stallman is that Linus is an optomist and Richard is a pessimist.

Linus seems to walk in world all his own. Somehow he seems to think that we can vote with our dollars to force the hardware makers to cater for our non-drm needs. Right.

Has he got some other figures on linux use? It is already hard enough to get hardware makers to support linux besides closed source software like windows. But for hardware makers to develop non-drm hardware for just the linux market is insane. Linux is Linux because it runs on cheap easily available hardware. Specialist hardware or worse having to make you own would kill Linux fast.

What he maybe doesn't get that DRM isn't a analog state. It is binary. You either have it or you don't. Oh, and at the moment, we don't. We got a sorta DRM0.1 at the moment. FULL DRM will be a beast few can imagine. Certainly Linus doesn't seem capable. Stallman is capable.

FULL DRM means that ALL hardware and ALL software in your entire computer will be DRM aware. Hardware DRM will not work with NON-DRM software and/or NON-DRM hardware.

For DRM to realize its full potential EVERY piece of your computer must be DRMed. The motherboard, the CPU, the memory, the buses, the cables, the monitor, the speaker, etc etc. It cannot have a single open piece of hardware because the moment you have that the entire DRM chain becomes useless. It is the old argument against DRM that you will always still be capable of capturing the out put of any DRM device. As long as you can hear/see it you can recapture data no matter how it was protected before.

Que the old story of Vista requiring DRM monitors. if you don't then you could simply hookup a DVI cable to the output and put in a video capture device and instantly avoid any DRM measure.

Will Vista really do this? probably not, as I said before we don't have full DRM yet. We probably won't have it in Vista either. But it is coming unless we stop it now.

It is difficult to constantly be paranoid and think that behind every wintel move there must be an evil scheme but can we afford to be wrong?

Then there is Linus defence of DRM namely signing RPM packages. Well yeah, signing them makes it secure but what is that saying again? He who trades his freedom for security soon will have neither? Something like this.

We could have the security of knowing who wrote the software we run OR we can have the freedom to write and run our own software. Not both. Your choice.

Markets ultimately correct these silly drm attempt

[jeffc128ca (449295)]

DRM will come and go. It's not the real threat you think it is. I have now been programming and dealing with hardware for about 20 years now. Just enough time to see the same things happen over and over again. Many makers will use DRM to lock you into bying there stuff. Consumers will get pissed off and stop bying that stuff.

I used to fret and worry about IBM locking down PC hardware so customers would end up locked in an IBM world. Remember that bus that IBM made, microchannel or something, that was suppose to be better than ISA. IBM was going to charge big time for board makers in liscence fees to make cards for these slots. Well along came a small company called Compaq and gave consumers what they wanted. Over the years I have watched this same scenerio play out over and over again with HD interfaces, Video cards, data file formats, you name it. Each time the open market solution natuarly won.

The consumer market wants cheap and hassle free solutions whether they have the DRM label or not. If John Doe can't plug his USB key and save a file in 10 seconds without sacrificing serious money he will go to a providor that will. Linus is right, vote with your dollars. In the ever competitive hardware market, where margins are as thin as tissue paper, some one will be there to cater to what you want.

Computer hardware and software is ultimately a buyers market. Let the market punish dumb hardware and software makers that restrict your use.

Re:No more hacking?

[Znork (31774)]

Yep, that's exactly what the restriction in the GPLv3 is intended to prevent. It's hardly a philosophical change of direction, more like a clarification. The GPL has never been intended to allow freeriders who want to use and benefit from GPL code while at the same time preventing others from doing the same thing.

Re:DRM *can* be good

[coofercat (719737)]

Someone more legally minded than me may shoot me down for this, but I understand that Linus' comments about Redhat are a misunderstanding of the GPL3. From TFA:

Notice how the current GPLv3 draft pretty clearly says that Red Hat would have to distribute their private keys so that anybody sign their own versions of the modules they recompile, in order to re-create their own versions of the signed binaries that Red Hat creates. That's INSANE.

This is not what the GPL3 says at all. It says you must distribute keys IF your code won't work without them. In the Redhat case, that's not true at all - you can download and install unsigned (or third party signed) code all you want. Redhat signs stuff so you can be sure it came from Redhat and not Fred in His Shed - that is ALL.

From TFL:
Complete Corresponding Source Code also includes any encryption or authorization codes necessary to install and/or execute the source code of the work, perhaps modified by you, in the recommended or principal context of use, such that its functioning in all circumstances is identical to that of the work, except as altered by your modifications. It also includes any decryption codes necessary to access or unseal the work's output.

The GPL3 does not try to take code-signing capability away from anyone. It states that you must give away keys if it's impossible to make a working program without them. I'll give an example:

Say there's a crypto program that uses modules, and is not open source. If you write modules, they have to be signed by one of a series of keys before the program will use the module.

If you tried to release a GPL3 module for this product, you would have to also put your keys with it because without the keys, a third party cannot produce a working module.

The GPL3 really says that if you're using DRM, you have to let other people use it too. There's a double-edged sword here: At the moment, you could release your (non-working) module as GPL2. Of course, it's useless, except for anyone else who has the keys. It's unlikely the owner of the crypto program would release keys for anyone to use (and so distribute) as that (as stated by Linus) makes the use of DRM pointless. In short, you're unlikely to be able to use the GPL3 for such situations.

My personal view (as if it matters) is that the GPL3 will fail because (a) people don't understand it and (b) no commercial vendor is likely to use it if they have to give everything away to do it. Using GPL2 + secret keys means you get all the benefits of open source, without giving away your competitive edge.

Of course, GPL3 might gain ground because version 3's got to be better than version 2, right?

Re:If Linus thinks..

[wurp (51446)]

and I can't find a single instance of people standing on each other's shoulders

Uh, say what?!? What about Linux (based on Stallman's work), mplayer (based on libavcodec, which uses X264), and basically every other GPLed software in existence? Looking at popular packages, it's hard to find GPL'd work that *isn't* standing on some other GPL'd product's shoulders!

More examples: CVS (based on VCS), SVN (based on CVS), Gimp (based on tons of image processing libraries, e.g. libpng)

It's possible that there is no CVS code in SVN (although I'd be surprised), but I would be astonished if the SVN developers weren't reading CVS code for ideas.