Forgot your password?
typodupeerror
Linux Software Your Rights Online

Could Linux Still Go GPL3? 449

Posted by ScuttleMonkey
from the drm-on-everyone's-back dept.
turnitover writes "Even though Linus has said 'The Linux kernel has always been under the GPL v2. Nothing else has ever been valid,' LinuxWatch is reporting that Richard Stallman has said it's ultimately up to the developers. And those on the LKML (Linux Kernel Mailing List) are going back and forth about whether to move to GPL3. The sticking point, not surprisingly, is the issue of DRM." In response to the DRM issue Linus wrote: "I personally think that the anti-DRM clause is much more sensible in the context of the Creative Commons licenses, than in software licenses. If you create valuable and useful content that other people want to be able to use (catchy tunes, funny animation, good icons), I would suggest you protect that _content_ by saying that it cannot be used in any content-protection schemes."
This discussion has been archived. No new comments can be posted.

Could Linux Still Go GPL3?

Comments Filter:
  • Ummm... (Score:4, Interesting)

    by MightyMartian (840721) on Wednesday February 08, 2006 @05:44PM (#14672990) Journal
    I don't know what the f*** Stallman is talking about. As Linus pretty much still rules the roost as to what officially goes into the kernel, how is it precisely, if he's so against GPL3, that GPL3 could make it into the kernel?
    • Re:Ummm... (Score:5, Funny)

      by shawn(at)fsu (447153) on Wednesday February 08, 2006 @05:52PM (#14673054) Homepage
      Speaking of RMS, is it just me or does the GNU /. [slashdot.org] topic icon look like it is sucking it's thumb and holding a blanket. If it is, was this a stab at RMS?
      • Peanuts (Score:3, Funny)

        Isn't it Linus who should be sucking his thumb and holding a blanket?
      • Re:Ummm... (Score:3, Interesting)

        by nathanh (1214)
        Speaking of RMS, is it just me or does the GNU /. [slashdot.org] topic icon look like it is sucking it's thumb and holding a blanket. If it is, was this a stab at RMS?

        It's a very unsubtle stab at the GNU/Linux debate. The figure depicted is a GNU acting as the character Linus from the comic strip Peanuts.

    • Re:Ummm... (Score:5, Insightful)

      by jerpyro (926071) on Wednesday February 08, 2006 @06:02PM (#14673134)
      You can't just take code already under GPL2 and move it to GPL3 without the authors' permissions. That's CHANGING THE LICENSE, and that's exactly what Linus is getting so fired up about. Everyone that contributed something under GPL2 would have to be contacted and would have to give consent to have their code moved over to GPL3. You can't just make a broad sweeping change to the license. If you could, then you could easily fork and close-source your branch. If that were the case, we'd have IBM, Novell, Sun, and RedHat proprietary Linux. It would also be a management NIGHTMARE to have pieces of code under each license.

      The main issue isn't DRM or not-DRM, it's YOU CAN'T CHANGE THE LICENSE!
      • But are all contributions to the kernel "GPL v.2 only?" Because otherwise, at least the "v2 or later" patches could be moved.
      • by Anonymous Coward
        This has been discussed before. Yes, you CAN change the license. Here's how.

        1. Make a public announcement that the kernel is moving to GPL3. This announcement would undoubtedly be picked up by all the relevant news organizations, and be common knowledge among developers (heh - there's no way it could possibly be kept quiet).

        2. Schedule a transition period for the conversion. Say, 1 year.

        3. During the transition period. all files start off being GPL2. And the end, all files still included in the kernel

      • You can't change licenses, but you can mix code with compatible licenses. Like BSD and GPL. The BSD stuff stays BSD, and the GPL stuff stays GPL. It could be that half the code in the kernel is GPL3 and half of it is GPL2. In that case, you would need to abide by the restrictions on both licenses in order to distribute it.
        • It could be that half the code in the kernel is GPL3 and half of it is GPL2. In that case, you would need to abide by the restrictions on both licenses in order to distribute it.

          Wrong, it can't be that way. GPL3 _adds_ restrictions (eg. the DRM stuff) over and above GPL2. GPL2 _forbids_ adding restrictions. The two are fundamentally incompatible - all the code has to be under one or the other. [ note that that doesn't preclude some code being under _either_ (eg. "GPLv2 or later"), but it does mean that

      • Thousands of people who have contributed to Linux have done so on the basis that it is released under the Linux licence (which btw is not GPL2, but a derrivative of GPL2). To **legally** change the licence you've have to track down all those contributors and get their permission. Same deal with selling the source or any other act of ownership of the source.
    • Actually I think we could see the GPLv2 work exactly as RMS wants - and a GPLv3 fork of Linux (minus the DRM stuff) could be created. If enough people want it (or more likely enough people reject DRM in Linux).

      Putting DRM support into Linux seems to run against the wishes of a lot of the people who created it. RMS has an important point on this - DRM is all about who controls my computer - me, or some corp? These are the same suits that wanted to stop DVDs from playing on Linux - I don't think we owe them a
  • Alan Cox's View (Score:5, Informative)

    by TheRaven64 (641858) on Wednesday February 08, 2006 @05:46PM (#14673000) Journal
    Ping Wales is carrying Alan Cox's views on GPLv3 and DRM [pingwales.co.uk].
    • by Nahor (41537)
      Nope, Alan only answered to the question about being in favor of GPL v3 for Linux. The other questions were answered by Anonymous Cowards.
    • Re:Alan Cox's View (Score:4, Interesting)

      by blakestah (91866) <blakestah@gmail.com> on Wednesday February 08, 2006 @06:55PM (#14673534) Homepage
      Alan doesn't really address the issue at ALL. He says he doesn't like DRM, that is all.

      The issue here as I understand it is that under GPLV3, if you use DRM, you have to provide the keys. Which sorta ruins the whole thing. It says something like is cryptography is used to control function, then the source must be provided so that a recipient can recompile and have a functional binary ie: if function requires a digital key, the recipient must have the private key.

      An example. The linux kernel team releases a kernel. Bluehat, the newest kernel distro, teams up with Mactel. Mactel provides a motherboard and CPU that will only run Bluehat signed binaries.

      Under GPLV3, Bluehat needs to provide their private key with the kernel so that anyone can recompile an appropriately signed binary.

      Yet the whole point of signing the binary is exclusively identifying it as coming from Bluehat.

      So GPLV3 effectively prevents digital signatures from being used to determine if a binary may be from a source the user trusts!

      • Re:Alan Cox's View (Score:5, Insightful)

        by tolan-b (230077) on Wednesday February 08, 2006 @07:28PM (#14673750)
        So GPLV3 effectively prevents digital signatures from being used to determine if a binary may be from a source the user trusts!

        No it doesn't. You can provide a digital signature that verifies that binary is from 'Bluehat' without the signature being required to run the binary.

        The key difference here is that the former informs the user who is then free to make a decision about whether they want to trust a non-'Bluehat' binary, and the latter tells the consumeruser he isn't allowed to run a binary that's not from 'Bluehat'.
      • Re:Alan Cox's View (Score:3, Insightful)

        by iabervon (1971)
        First of all, nobody knows what the GPLv3 will say about DRM. What's been released is only a draft, and the purpose of releasing a draft was to get feedback on it. Enough people are unhappy with exactly what the draft says about DRM and how it is phrased that the final version will almost certainly be different in some way (or the GPLv3 will be seen as not having taken into account community needs, and quickly become irrelevant).

        As far as I can tell, nothing in the GPLv3 would prevent Bluehat from releasing
      • Re:Alan Cox's View (Score:5, Insightful)

        by nathanh (1214) on Wednesday February 08, 2006 @10:01PM (#14674519) Homepage
        Under GPLV3, Bluehat needs to provide their private key with the kernel so that anyone can recompile an appropriately signed binary.

        Yet the whole point of signing the binary is exclusively identifying it as coming from Bluehat.

        You've got it wrong. Bluehat can still provide signed binaries and not provide the signing key for those binaries. However the hardware must allow the user to run unsigned binaries. That way you get the best of both worlds: you can use Bluehat's signed binaries if you so choose, or you can opt-out and run unsigned binaries, or Bluehat can provide the signing key and you can sign your own binaries. Everybody gets what they want (except maybe Bluehat).

        All the GPL3 is trying to stop is the case where Bluehat produces hardware that only runs Bluehat binaries.

  • by Vellmont (569020) on Wednesday February 08, 2006 @05:46PM (#14673001)
    It's what every software project does when there's fundamental differences of opinion on which direction to go. If Linus and the other Linux software devs don't like GPL3, just fork the thing and take out the parts you don't like and use that license. After all, the text of the GPL 3 license should be able to be modified just like source code, right? You wouldn't be able to call it GPL 3, as it's just confusing. But GPL 2.99 might work nicely as a name.
    • If Linus and the other Linux software devs don't like GPL3, just fork the thing and take out the parts you don't like and use that license.

      You are missing a very important point. A large part of the Linux kernel is covered only by GPL v2 and explicitly not by GPL v2 or any later version. So, nobody can create a GPL v3 fork, unless all contributors whose source is covered by GPL-v2-only agree to change their license. That can never happen since Linus, being one of the major contributors, has said that he

      • I never meant to imply that at all. I'm only talking about potential conversion to a new licence. Sorry for any confusion.
      • I think the parent was suggesting that the license be forked, not the kernel. The idea being that if Torvalds doesn't want to switch to the new license because of a particular piece of it he could conceivably simply remove that piece of the license, rename it, and use his new version. The parent wasn't suggesting that the kernel be forked.

        Of course, as far as I know Mr. Torvalds is content with the current license the linux kernel is released under, so it seems doubtful that he would do this (why fix it i
  • by ToasterofDOOM (878240) <d.murphy.davis@gmail.com> on Wednesday February 08, 2006 @05:47PM (#14673013)
    All of the controversy over the GPL3 isnt so much caused by the details, but by the underlying mentalities. RMS is more of the belief that freedom is a necessity and everyone should do everything in an open, free manner, and that people can't be trusted. Torvalds sees freedom as more of a tool, a bonus, and people/businesses are generally trustworthy. I like to think of it that way, and that is why I prefer BSD/MIT style over other licences. Businesses will always make proprietary software, that won't change. Proprietary isn't bad, and prohibiting it only restricts what the user/developer can do.
    • Torvalds sees freedom as more of a tool

      Torvalds built DRM into the kernel so that it could be used in commercial applications requiring DRM. RMS doesn't want DRM to be there at all.

    • Please use BSD for that.
      Linux is GPL'd for a reason, even if Linus does not know it. There is allmost no comercial backing of the more commercial-frendly BSD licences. Why is it? Because more enforced freedom to all users is the most effective way in the long term and businesses know that.
      • Re: pfft... (Score:4, Insightful)

        by Cryptnotic (154382) * on Wednesday February 08, 2006 @06:50PM (#14673487) Homepage
        It has nothing to do with users' freedoms, but rather with restrictions on competitors. Businesses support Linux because they know that if they add things (drivers, performance enhancements, et cetera) to Linux, their competitors WON'T be able to use it without also making their changes public. There is no incentive for a business to contribute to a BSD-style licenced project, since competitors can then use their code without restriction (except for the "advertisting" clause).

      • There is allmost no comercial backing of the more commercial-frendly BSD licences. Why is it? Because more enforced freedom to all users is the most effective way in the long term and businesses know that.

        Both Microsoft and Apple use BSD code. OSX is a BSD derivitave. So I'd have to say you're completely wrong about there not being any commercial backing.

        Also, it's laughable to imagine this conversation in a board room:
        "If we enforce the users freedom we will be more effective for our business"
        "Right on!"

      • If you read what Linus' has said on the subject he knows _exactly_ why he chose to move the kernel to GPL (it didn't start out that way). It has nothing to do with "freedom" and everything to do with "fairness" and "reciprocity" - which GPL also happens to do quite well.
    • by hummassa (157160) on Wednesday February 08, 2006 @07:46PM (#14673857) Homepage Journal
      1. it is my technical (as a paralegal) opinion that, if Linus don't change his mind, the kernel can NEVER be relicensed GPLv3. This is because I consider that the GPL restricts the distributions of derivative works under the terms of the GPL (as per section 0) or under more liberal terms (as per section 6) and the GPLv3, at least as currently drafted, is more restrictive than the GPLv2.

      2. as a corollary -- and another justification -- to (1) above, it is my technical opinion that most (at least 80%, but probably more than 90%) of the "official Linus Penguin-pee blessed" kernel source lines are, as a matter of fact, a derivative work on the continuous works of Linus Torvalds, since 1991.

      3. just as RMS, I think proprietary software is bad. I think proprietary software is bad because proprietary software -- especially the kind you normally buy in a box -- is basically a scam. What is the scam? When you buy some medicine, you are paying for (P) the cost of production [normally the dominant cost factor, but at least au pair with the other cfs] + (R) the cost of research + (F) the amortization of some future research + ($) some profit to pay for the invested money. In the case of proprietary software, we have P ~~ 0. MS invested ten million dollars on MSWord (insert some version number here) and was rewarded a billion dollars by it in less than (number less than ten) years because they use their "bait and switch" tactics, their "first use for free" tactics, their "hook the kids" tactics, and their "leverage any semi-monopoly we have" tactics. Tell me, what other business uses those exact four tactics? (just like some illicit business, their profit margin is incredible)

      4. in this respect, I think Free Software (and copyleft licenses) is not only more fair, but more "right", too. When you have an itch, you pay a programmer to scratch it. No strings attached other than "others must play fair too". People that PRODUCE software continue being paid to produce software, ie, to churn out LOCs. But people that just exploit the general public by sitting on a product (yeah, a nice one by a number of accounts, and this "nice" I'm saying even applies -- or applied some day -- to Windows 95) that they have done once. Imagine a perfect world, where instead of lining up MS's stockholder pockets, all the profits of MS had being used to hire more programmers!! And send them to churn out more -- and better -- code!! Get it?

      5. yes, I love numbered lists.

  • by Syberghost (10557) <syberghost@sybe[ ]ost.com ['rgh' in gap]> on Wednesday February 08, 2006 @05:49PM (#14673024) Homepage
    Well, I guess they could GPL3 all the portions of the kernel that aren't derivative works of Linus' parts. Which would be what, exactly? The build scripts?
    • You realize that he's not [linuxjournal.com] the [namesys.com] only [intel.com] contributor [wikipedia.org], don't you? I'm not even sure if he's the plurality author these days.

      That's not saying that Linus hasn't been the main driving force all these years, but he's in no way the only one. Now, the jury's still out as to whether GPLv3 is a good thing - I haven't made up my own mind yet either - but I'll bet large chunks of the Linux kernel could be relicensed immediately if the will was there.

  • by Real World Stuff (561780) <real_world_stuff ... m ['l.c' in gap]> on Wednesday February 08, 2006 @05:49PM (#14673026) Journal
    The way I look at it, it is a matter of Apples and Oranges. Both men are correct in the spirit of the argument. I would just like to see a bit more cohesion regarding the Free/Oss community because I know this will get picked up and spun as "there Go Those In-Fighting Zealots". A case for each is made by Rick and Linus, with relevent information below.

    From Linux Devices: Stallman notes that the discussion draft of GPLv3 includes language aimed at preventing free software from being "twisted" into service by companies attempting to deprive people of freedoms provided by the copyright system. Those using free software to build DRM-encumbered systems would be obliged, under the proposed license, to share enough "signatures," or keys, so that users of the software retain "full control," he says.

    Another primary aim of the discussion draft of GPLv3 is to increase compatibility with other free software licenses that have appeared since the license was last revised 15 years ago, the interview suggests. This was done by making the license more tolerant of trademark clauses and patent retaliation clauses, such as those found in the Apache license. However, Stallman states that permissible retaliation clauses are limited to those addressing clear wrongdoing, adding that he hopes other license drafters will "decide to make their patent retaliations compatible." Empahsis mine

    Linus stated in his mail that "And quite frankly, I don't see that changing. I think it's insane to require people to make their private signing keys available, for example. I wouldn't do it. So I don't think the GPL v3 conversion is going to happen for the kernel, since I personally don't want to convert any of my code." Again, emphasis mine.

    In the end, the contributing developers AND the rights holders will determine what the outcome is.
    • by mrchaotica (681592) on Wednesday February 08, 2006 @06:37PM (#14673389)
      The trouble with Linus's argument, though, is that he doesn't seem to understand which keys RMS is talking about. GPL v.3 is not about disallowing developers from cryptographically signing the code they write, it's about disallowing the machine from rejecting unsigned code. In other words, RMS wants to make sure that code containing the user's (or third-party) changes can still run.

      This issue is irrelevant to Linus or any other developer who uses an open system. It's just designed to keep linux-based devices (like TiVos and cellphones and Linksys routers) from getting DRM designed to stop users from exercising their rights to modify the code running on their machines.
      • The real problem, then, is that GPL3 as drafted needs a lot of work wrt the DRM language because there seems to be no clear consensus about what those sections actually mean. I mean, I personally dislike DRM and Treacherous Computing as much as any good Slashbot out there, but even still I'm not sure I like these DRM clauses in the GPL3 because they seem overly vague on a lot of points.
  • by Aspirator (862748)
    Of course it's up to the developers what license they will
    release their code under.

    It's still up to Linus what gets into the kernel.
  • er, wha?? (Score:2, Redundant)

    by corbettw (214229)
    Nothing else has ever been valid,' LinuxWatch is reporting that Richard Stallman has said it's ultimately up to the developers.

    Stallman couldn't be more wrong if he said whether Linux goes to GPLv3 is ultimately up to him (which might be his next press release, I don't know). Linus Torvalds holds the trademark for Linux, he's the one in charge of the project, in what way, shape, or form could anyone else force the project to go to a new license? Maybe his corporate masters could, but last I checked OSDL doe
  • by SeanTobin (138474) <byrdhuntr@ h o t mail.com> on Wednesday February 08, 2006 @06:05PM (#14673150)
    Ever.*

    The kernel is GPL2 without the "or a later version" wording. All the contributions are GPL2. In order to convert the kernel to GPL(!2), you need to get approval from every single contributor to the kernel whose code is in any way in the kernel. Now, let's say you manage to do this, including approval from the executors of the estates of contributors who have passed on, you still need approval from Linus himself. Linus has already stated that he has no intentions of converting to GPL(!2).

    Now, you could of course pseudo-fork the kernel by managing to get approval for all contributors, living and dead, aside from Linus. You could then re-write any code worked on by Linus (which, still, is a very substantial amount) and have a Linux-like system under the GPL(!2). Now, you just have to get approval to use the Linux trademark. Somehow, I doubt that will happen.

    *For finite values of 'ever.' Restricted to this universe.
    • Well, if the GPL3 stays as it is right now, I'd agree with you. But you'll notice that Linus said if the encryption key part is taken out he'd allow his code to be converted to GPL3. The GPL3 final version hasn't been released yet, so don't start saying never until we actually know what the GPL3 will actually be.
  • Not exactly (Score:2, Troll)

    by winkydink (650484) *
    It might be "up to the developers" to make a GPL3 operating system that is forked from the current Linux kernel, but it won't be called Linux as Linus owns that trademark and Linus says no to GPL3. Perhaps this is what Stallman is ultimately after. He can finally have a GNU operating system without hyphens or slashes.

    Stallman: a shrill voice in the wilderness.
  • Stallman is repeating his behaviour with Ulrich Drepper and Glibc, here. Ergo, if the leader of a project refuses to go the way he wants them to, he will attempt to turn other people associated with the project against said project leader.

    I have found myself wondering what it is going to take before people will acknowledge the type of man that Richard Stallman truly is. He is seeking division here, and he is doing so purely for the sake of his own ego; because he cannot stand to be in any position other tha
    • I have found myself wondering what it is going to take before people will acknowledge the type of man that Richard Stallman truly is.

      I've been wondering the same thing. The man preaches "Freedom! Freedom!", yet people are quick to judge him as some sort of a control freak.

      To people who would continue to maintain such a view of the man, I ask you to look at what he is doing here.

      That's excellent advice. I did exactly that and become convinced that, once again, RMS is campaigning for your freedom to


    • People try and claim that the real threat to the future of F/OSS is on the other side of the ideological/economic divide...that Stallman is a hero. To people who would continue to maintain such a view of the man, I ask you to look at what he is doing here.


      Bah. Stallman lost the ideology war long ago with most of the people in open source. I honestly don't think he has that many "followers". Anyway, I really think you're making quite a bit out of an offhanded comment made by Stallman. It's not as if he's
    • by sjvn (11568) <sjvn@@@vna1...com> on Wednesday February 08, 2006 @06:42PM (#14673432) Homepage
      While RMS and I have had our share of disagreements, I really don't see him following that trail of tears that was the glibc fuss. I really think that he's leaving it up to the kernel developers. And, yes, that's primarily, but, far, far from exclusively Linus. I'm sure he'd be happier if the kernel went GPL 3, but I don't see him trying to make some kind of power play here.

      Yes, I know some of you will find that impossible to believe, but I think that RMS is really not looking for a fight here.

      Steven

    • Pro: He founded a software movement that revolutionized the computer industry.

      Con: Having done so, he immediately hitched a ride on the short bus and drove it to Fruitcake City.

      I have a solution: Let's declare the new Stallman 2.0, and say we only support the Stallman 1.0. Stallman 1.0 was the guy who was going to give us the whole, working GNU system - the most complete version of which (HURD kernel plus GNU tools with as little of anything else as possible) I got to download [superunprivileged.org] and review [blogspot.com] as a live CD.

    • Is that honestly what freedom means?

      Of course not! RMS is a master of redefining words to make them mean what he wants them to mean. Unfortunately he has managed to convince a significant number of people into using his redefinitions. In his worldview, freedom cannot exist without restriction, and common goods cannot exist without controlling ownership. It is an Orwellian "GNUspeak".
  • by H4x0r Jim Duggan (757476) on Wednesday February 08, 2006 @06:09PM (#14673181) Homepage Journal

    There is a good article on LWN.net, but it's subscriber-only until Feb 9th: http://lwn.net/Articles/169797/ [lwn.net]

    Here's an excerpt:

    ==BEGIN EXCERPT===

    Another thing to keep in mind is that Linus can change his mind, even after seemingly painting himself into a corner with an absolute statement. One of your editor's favorite Linus pronouncements was issued almost exactly seven years ago. In response to a query on how to set up an i386 box with 4GB of memory, Linus stated:

    Oh, the answer is very simple: it's not going to happen.

    EVER.

    You need more that 32 bits of address space to handle that kind of memory. This is not something I'm going to discuss further... This is not negotiable.

    Less than one year later, Ingo Molnar's high memory patch was merged for 2.3.23.

    ===END EXCERPT---

    There are a few things to keep in mind about DRM that have not been explained in a lot of the articles.

    1. GPLv3 allows DRM that is controlled by the user, it only negates non-user-controlled-DRM.
    2. non-user-controlled-DRM can take away the freedoms that the GPL is there to protect. GPL would not be doing it's job if it didn't prohibit non-user-controlled-DRM.

    This was debated on ILUG yesterday. Here's the mail that started it: http://www.linux.ie/lists/pipermail/ilug/2006-Febr uary/086087.html [linux.ie]

    So it's worth keeping in mind that what Linus calls the GPLv3 is actually only the first discussion draft - but also, due to point #2 above, while changes may be made, I'd be pretty sure there will be DRM-combatting provisions in GPLv3.

  • Sure, but when (Score:5, Insightful)

    by AigariusDebian (721386) <aigariusNO@SPAMdebian.org> on Wednesday February 08, 2006 @06:09PM (#14673182) Homepage
    I am sure that Linux will be switched over to GPLv3 less then 6 months after GPLv3 is actually released in its final form. The issues that Linux and some others are bringing up are mostly their misunderstanding of what is acually said in GPLv3 and how it corelates with the DMCA and case law of USA and with laws in other countries.
    NOTHING in GPLv3 disallows implementing DRM with GPLv3 code. However there are some extra provisions that insure that if such implementations are made, the right to change that code (which is one of the most protected rights in the context of the GPL) can not be taken away from the users by a means of a DMCA-based lawsuits.
    Oh, and if you make hardware and sell it to the users, please do not restrict what code users can use on that hardware, or if you do, please do it without using our (GPLv3'd) code. That is the TiVo scenario - the TiVo has sold a person a computer, but it uses a technical provision to deny thoses people an ability to execude their programms on the hardware. They might not be able to give us some services if our software does not work like theirs does or they would surely not support software problems in our software, but it is not right to use our code and then lock it from us in a box that we paid for.

    I think that once the GPLv3 is polished a bit more and once someone explains all the provision of the GPLv3 and corresponding laws to the LKML people in ways that they will understand, the move to GPLv3 will be unobstructed (maybe except for by a few people who wish they would be writing code for BSD anyway).

    At that point opening a Linux 3.0 branch with GPLv3 clean code only would be most reasonable thing to do.
    • Re:Sure, but when (Score:3, Interesting)

      by MichaelSmith (789609)
      NOTHING in GPLv3 disallows implementing DRM with GPLv3 code. However there are some extra provisions that insure that if such implementations are made, the right to change that code (which is one of the most protected rights in the context of the GPL) can not be taken away from the users by a means of a DMCA-based lawsuits.

      Isn't this just a roundabout way of saying that you can build DRM into GPLv3 code but you must provide a backdoor for anybody to use to get around it?

      A bit like saying yes you can build

  • by file-exists-p (681756) on Wednesday February 08, 2006 @06:14PM (#14673214)

    Linus said [newsforge.com]

    "Notice how the current GPLv3 draft pretty clearly says that Red Hat would have to distribute their private keys so that anybody sign their own versions of the modules they recompile,"

    when the (draft of the) GPLv3 says [fsf.org]

    "3. Digital Restrictions Management. [...] no permission is given [...] for modes of distribution that deny users that run covered works the full exercise of the legal rights granted by this License."

    As far as I understand, what the GPLv3 says is that as long as RedHat gives you a way to recompile the OS with your own signing keys (or without authentication at all) then they are allowed to distribute GPL software with whatever signature they want.

    Where did I miss something ?

    --
    Go Debian!
    • Yes, something was missed. Linus wasn't referring to that section of the draft. According to the article, he objects to a part of section 1:

      "Complete Corresponding Source Code also includes any encryption or authorization codes necessary to install and/or execute the source code of the work, perhaps modified by you, in the recommended or principal context of use, such that its functioning in all circumstances is identical to that of the work, except as altered by your modifications. ..."

      Torvald says

      • by SETIGuy (33768) on Wednesday February 08, 2006 @09:54PM (#14674488) Homepage
        Yes, something was missed. Linus wasn't referring to that section of the draft. According to the article, he objects to a part of section 1:
        "Complete Corresponding Source Code also includes any encryption or authorization codes necessary to install and/or execute the source code of the work, perhaps modified by you, in the recommended or principal context of use, such that its functioning in all circumstances is identical to that of the work, except as altered by your modifications. ..."
        Torvald says this "is the one that seems to disallow digitally signed binaries (or rather: you can sign the binaries any way you want, but you have to make your private keys available)."

        I don't know if English is Linus's second or third language. Maybe we need a Sweedish translation? It doesn't seem that complex to me.

        Nothing in the draft GPL version 3 prevents signed binaries provided that unsigned binaries can be created and run.

        What it does prevent is any mechanism by which the binary cannot be run without being decrypted with a specific key. It also prevents distribution of encrypted source as a means of avoiding the source distribution requirements of the GPL.

        As far as I can tell in the current GPL prevents Linus from getting up tomorrow and deciding that linux kernel binaries and the source will be delivered in encrypted form. Decryption keys that will function for 10 days will be available for the reasonable sum of $250. You can still have your kernel binaries and a source tarball for free. You just can't use them without the keys.

        Now, I'm not claiming that Linus has alterior motives. This tale above is a far-fetched scenario. But think about the number of device manufacturers that have attempted to keep their kernel changes to themselves.

        I think it's likely that he misinterpreted the draft, made some public statements based upon that misinterpretation, and is now reluctant to admit he made a mistake. It happens to a lot of people.

  • by Chris_Jefferson (581445) on Wednesday February 08, 2006 @06:19PM (#14673251) Homepage
    It isn't going to be possible to move the kernel from v2 to v3 without the following happening:

    1) Find the contributor of every piece of code in the kernel and pursade them to change to v3
    2) Get all the code where either the contributor won't accept that, or you can't find them, and re-write it.

    Seeing as a large proportion of the kernel has been written by Linus, by the time all code he wrote, and all the code derived from code he wrote was re-written by someone else, there wouldn't be much of the original kernel left.
    • Actually, there's an option 3, which is slowly leak developers to L4 HURD which has a few advantages from a developer standpoint:
      1. It will be GPLv3. (Note: If you don't like GPLv3, this counts as a disadvantage).
      2. It's a relatively young kernel, which means there are lots of interesting, but relatively simple, bits left to write (good for novice kernel hackers).
      3. It is a more interesting (and more scalable) design than Linux, which is based on 30-year-old OS design concepts.

      Somehow, I wouldn't be surprise

  • by k12linux (627320) on Wednesday February 08, 2006 @06:20PM (#14673259)
    What if this happened?

    A major network equipment manufacturer takes linux, adds some functionality and starts using it as their primary/only operating system for all of the equipment. They sell it as Linux-based to the masses. Because of the vendor's market position and the new "Linux Based" advertising campaign, most customers readily buy ths stuff up.

    We soon find that the hardware will only work with firmware which has been digitally signed by the vendor. Also, although the source code is available (as required by GPL2) it is useless when run on hardware that doesn't have the right keys embeded in it.

    The result is hardware that can't be updated except by the vendor and modifications to the software that are not usable by the very developers responsible for Linux in the first place.

    So, is this a reason to be concerned about GPL2 vs GPL3? Is the vendor's actions compatible with the spirit/intent of GPL2? Perhaps more importantly, would the fact that something like this *could* happen cause developers who would have improved Linux to stay away?
    • would the fact that something like this *could* happen cause developers who would have improved Linux to stay away?

      Linus Torvalds doesn't seem to be concerned about that. I think he expects to get all the developer resources he needs from "A major network equipment manufacturer"

    • Also, although the source code is available (as required by GPL2) it is useless when run on hardware that doesn't have the right keys embeded in it.

      I'm not sure how this could happen. If I have the source, couldn't I (well maybe not me, but some genius) just disable the checks for the keys? Might not be that straight forward, but at worst it would be obfuscated and with enough work could be extracted.
      • If I have the source, couldn't I (well maybe not me, but some genius) just disable the checks for the keys?

        You will need a very small soldering iron to do that.

      • I was thinking the same thing while writing the post. What if the code that does most of the extra work needs to process the data in some way and the keys are required to do it correctly? Or it needs to decrypt some routine first, etc. Not sure if the latter would violate GPL2 though. I'd be more concerned that it needed to use some binary module which would only accept data which had been encrypted or would only return encrypted data which needed to be decrypted before use.... or a circuit in the hardw
    • A major network equipment manufacturer takes linux, adds some functionality and starts using it as their primary/only operating system for all of the equipment. They sell it as Linux-based to the masses. Because of the vendor's market position and the new "Linux Based" advertising campaign, most customers readily buy ths stuff up. We soon find that the hardware will only work with firmware which has been digitally signed by the vendor. Also, although the source code is available (as required by GPL2) it is
  • Err, that's an odd logic - we'll put DRM in to the kernel, then opt out when we create content?! I don't get it - Linux as attracted the following of (firstly) people attracted to "free" (as in "freedom") so why should Linux have tools to restrict this freedom? Makes no sense.

    Am I missing the point?

    So all of a sudden Linux wants to stop me playing that tune/movie/application/whatever on my laptop unless I buy two copies. Is Linux going to go the way of Unix & Minix for similar reasons? Am I missing some
  • As I have said in other forums, dealing with DRM is beyond the scope of a software license such as the GPL. To my mind, it would be the same as saying "No program may be written under the GPL that operates a nuclear power plant". Whether you are for or against nuclear power is irrelevant. The point is: what is the purpose of the GPL? The GPL is intended to guarantee the four freedoms, as those freedoms apply to the specific software being licensed.

    DRM is a hotbutton issue, and it does relate to freedom, but
  • Fork Themselves (Score:2, Interesting)

    by Doc Ruby (173196)
    No, it's up to Linus. Developers can submit code under GPL3, or any other license. But it's up to Linus whether to include that code in his kernel source - if he accepts that incoming license, and abides by it, including the requirement that he release his new code with the inclusions under the new license. If Linus doesn't want to release a new kernel under GPL3, he can't include GPL3 code, and doesn't have to.

    However, if the contributors insist on submitting code with GPL3, and Linus declines to accept it
  • by XMilkProject (935232) on Wednesday February 08, 2006 @06:36PM (#14673382) Homepage
    Stallman and his various comments have long been a subject of very akward feeling and conversation.

    Virtually everyone here has a massive respect for the man's technical genius, but at the same time virtually everyone realizes he's a bit of a lunatic.

    I think it would be alot easier on all of us if we just killed him.

    We're meeting at the flagpole in an hour. Bring your knives, bats, and decompilers.
  • by smash (1351)
    Linus disagrees with stallman and won't release the kernel under RMS's shiny new license.

    Perhaps now at last RMS will stop insisting on the "GNU/Linux" crap.

    Linux vs FreeBSD? Yet another nail in the coffin for Linux for me on this one :)

    smash(have run Linux for 10 years and FreeBSD for 6).

  • Scenarios (Score:5, Interesting)

    by Michael Woodhams (112247) on Wednesday February 08, 2006 @06:36PM (#14673387) Journal
    Scenario A:
    Alan signs a Linux binary with his private key "A". He makes available public key "a". Many Linux installations are set to refuse to run binarys which are not signed to match one of the public keys they have in their "trusted keys" file, which typically include Alan's key "a". I can run a modified binary as follows: Create my own key pair "C" and "c". Add public key "c" to my trusted keys file. Modify, compile the program, sign the binary with "C". The program now runs.

    Scenario B:
    BadCorp's box has DRM-like hardware which refuses to run any code not signed by BadCorp's private key B. They use a modified, signed copy of Linux as the OS. They make available the source of their modifications (which are pretty much specific to their hardware) but nobody else can modify the kernel running on a BadCorp box because they don't have key B.

    I think scenario B is what the GPL v3 language is trying to forbid, and scenario A is why GPL v3 doesn't require Alan's private key to be released. However, I'm not sure what happens in

    Scenario C:
    BadCorp produce a box which won't run unsigned code, and which only they can add keys to the trusted keys file. DastardlyCorp produce modified GPL programs for the BadCorp box, sign the binaries with key "D" and pay BadCorp to add key "d" to the trusted keys file. DastardlyCorp won't release key "D" - "It's our private key. Get BadCorp to add your key to the box if you want to modify stuff. It is their fault, not ours, that you can't run on their box." BadCorp says "Only if you pay us money. We aren't bound by the the GPL - we don't release any GPLed software." (And BadCorp and DastardlyCorp just happen to be owned by the same people.)

    Scenario D:
    As above, but BadCorp unilaterally add Alan's key "a" to the trusted keys list. Now Alan can recompile for the BadCorp box, but other people can't - but Alan did not want this situation to be.

    How can the license force DastardlyCorp to release their key in scenario C, but not force Alan to release in scenario D?

    Disclaimer - I am not a lawyer, I have not followed this controversy closely. Better informed comment is invited.
    • Re:Scenarios (Score:3, Informative)

      by Rich0 (548339)
      Simple - the GPL is a license. You only need a license to do something that would otherwise be illegal - like distributing the copyrighted linux kernel.

      Alan hasn't distributed any hardware that requires his signature to a kernel. So, he hasn't violated the GPL.

      BadCorp has - they released a version of the kernel which can only be run with Alan's signature. They can only do so if they supply Alan's private key. Note that Alan is under no obligation to provide his key - only BadCorp is. So, unless Alan co
    • Re:Scenarios (Score:3, Interesting)

      I've thought of another interesting twist.

      You can't create a signature for a binary without reading and manipulating the contents of the binary - so a signature is a derivative work of the binary. The binary is of course derivative of the source. The source is under the GPL. So, if you release the signature, you must release the "source" of that signature, i.e. the private key.

      Under this theory, you can't release the signature for a binary of GPLed code without releasing the private key, even under GPLv2.

      I
    • Re:Scenarios (Score:3, Interesting)

      by asuffield (111848)
      Nearly right, but people have pointed out some of the gaps in your examples. Here's the slight variation that doesn't have them:

      Scenario P:

      BadCorp produce a box which won't run unsigned code, and which only they can add keys to the trusted keys file. ApostleCorp produce modified GPL programs for the BadCorp box, and publish the full source of their modified program on the internet. BadCorp produces only proprietary programs for the BadCorp box, with no GPLed code in them, but they do (for a fee) sign progra
  • The fact that this topic is still under discussion shows how rediculous the FSF folks are to be pushing for a major fork in the open source community right as open source is starting to see some significant success.

    Linus deserves tremendous credit for not backing down and for telling it like it is.

    If you have any doubt about Linus' statement about RedHat's private keys, or if you disagree with him on that point, it's just further proof that V3 is a poorly worded, confusing mess.

    Why segment the Open Source c
    • Why segment the Open Source community like this?

      The Linux community has been fragmented since its' inception. Linus might use the GPL, but as he says, the FSF's zealotry only holds Linux back. The divide between the FSF/GNU crowd and the more sane perspective that Linus represents has been an issue for a long time, and this is as good a time as any to drag it out of the closet and settle it once and for all.

      The people who initially got involved with Linux should IMHO have written their own userland rather t
    • V3 is a poorly worded, confusing mess.

      Its a draft.

  • by dtfinch (661405) * on Wednesday February 08, 2006 @06:43PM (#14673441) Journal
    If someone adds a DRM to a product, it becomes illegal in the United States (DMCA) and many other countries to take it out. Because of this, by clause 7 of the GPL version 2, it seems that it's already illegal to implement a law-enforced DRM into existing GPL'd code in many countries, and distribute that program. Without that clause, for example, Microsoft could make a DRM'd Microsoft Linux that is legally protected from modification by anyone besides Microsoft. You wouldn't be sued for violating their license terms, because it'd still be under the GPL. Instead they'd sue your for breaking their DRM. Instead of them violating the GPL, the law would be violating the GPL on their behalf, and clause 7 of the GPL 2 protects against this by revoking their right to redistribute if this happens. The GPL3 just makes this more clear by saying that DRM is incompatible with the GPL.
  • Can it be both? (Score:3, Interesting)

    by Spazmania (174582) on Wednesday February 08, 2006 @06:44PM (#14673448) Homepage
    Is it possible for parts of the Linux kernel to be GPL2 and parts to be GPL3? Its seems to me like GPL2's provisions would prevent coexistance with GPL3 -- GPL2 doesn't allow such ideological restrictions to be added to a derivative of a GPL2 work.

    If so then moving the kernel to GPL3 is likely impractical. Too much code has been contributed in the form of modules and patches and while the pedigree is well documented its far from perfect, particularly on the little patches. They can be presumed to have been offered under the general terms of Linux's distribution -- GPL2. Anything else would require an explicit statement from those individual authors.

    Under the circumstances, I wonder if Linus could legally release Linux under anything incompatible with the terms of GPL2 even if he wanted to.

  • The GPLv3 is a draft document. It is a document up for discussion and debate, after which it will may well be revised and then issued in final form.

    What I find shocking is that attempts to treat this draft as a draft are promptly shouted down. Linus Torvalds is free to say whatever he wants about it, and he has already hinted that if some things were changed in the draft then most likely he wouldn't have a problem with a GPLv3.

    A lot of this attempt to choke off debate in favour of take it or leave it
  • Precedent (Score:4, Insightful)

    by Geoffreyerffoeg (729040) on Wednesday February 08, 2006 @06:53PM (#14673509)
    Don't tell me you can't use Linux for DRM software if you can use Linux in a child porn video lab.

    This is not a straw man. GNU has in the past rejected all moral embargos on the use of free software. See their condemnation of the Hacktivismo license [gnu.org], which prevents the software being used by authoritarian governments and spyware makers:

    Because it restricts what jobs people can use the software for, and restricts in substantive ways what jobs modified versions of the program can do, it is not a free software license.

    If we were ever going to make an exception to our principles of free software, here would be the place to do it.

    As for restricting the use of the software by governments that violate human rights, this is likely to be ineffective. There are many other programs they can use. Also, at least under US law, a copyright-based source license can't restrict use of the program; such a restriction is not enforcible anyway. Meanwhile, they can simply decide they are exempt from the restrictions.


    So why is DRM a greater crime than the rest of these? Is not DRM a "use of the program"? Won't companies that make DRM be unwilling to use open-source modules anyway - or at least not re-release the source?

    I really think that here is an example of the GNU's political fight (DRM and software patents are evil) outweighing their moral fight (restrictions on software are evil).
  • by drwho (4190) on Wednesday February 08, 2006 @08:59PM (#14674223) Homepage Journal
    Linux is under GPLv2 license. But it's not *owned* by Linus. Linus holds the trademarks, and owns a large portion of the code because he wrote it. But there has never been a requirement for anyone submitting changes to Linux to sign over their rights to said patch. Therefore, each and every submitter would have to approve any change of license. I can tell you now, that will NEVER happen.

To err is human -- to blame it on a computer is even more so.

Working...