Linus on DRM 969
Thread on LKML:
Date: Wed, 23 Apr 2003 20:59:45 -0700 (PDT)
From: Linus Torvalds
To: Kernel Mailing List
Subject: Flame Linus to a crisp!
Ok,
there's no way to do this gracefully, so I won't even try. I'm going to
just hunker down for some really impressive extended flaming, and my
asbestos underwear is firmly in place, and extremely uncomfortable.
I want to make it clear that DRM is perfectly ok with Linux!
There, I've said it. I'm out of the closet. So bring it on...
I've had some private discussions with various people about this already,
and I do realize that a lot of people want to use the kernel in some way
to just make DRM go away, at least as far as Linux is concerned. Either by
some policy decision or by extending the GPL to just not allow it.
In some ways the discussion was very similar to some of the software
patent related GPL-NG discussions from a year or so ago: "we don't like
it, and we should change the license to make it not work somehow".
And like the software patent issue, I also don't necessarily like DRM
myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I
refuse to play politics with Linux, and I think you can use Linux for
whatever you want to - which very much includes things I don't necessarily
personally approve of.
The GPL requires you to give out sources to the kernel, but it doesn't
limit what you can _do_ with the kernel. On the whole, this is just
another example of why rms calls me "just an engineer" and thinks I have
no ideals.
[ Personally, I see it as a virtue - trying to make the world a slightly
better place _without_ trying to impose your moral values on other
people. You do whatever the h*ll rings your bell, I'm just an engineer
who wants to make the best OS possible. ]
In short, it's perfectly ok to sign a kernel image - I do it myself
indirectly every day through the kernel.org, as kernel.org will sign the
tar-balls I upload to make sure people can at least verify that they came
that way. Doing the same thing on the binary is no different: signing a
binary is a perfectly fine way to show the world that you're the one
behind it, and that _you_ trust it.
And since I can imaging signing binaries myself, I don't feel that I can
disallow anybody else doing so.
Another part of the DRM discussion is the fact that signing is only the
first step: _acting_ on the fact whether a binary is signed or not (by
refusing to load it, for example, or by refusing to give it a secret key)
is required too.
But since the signature is pointless unless you _use_ it for something,
and since the decision how to use the signature is clearly outside of the
scope of the kernel itself (and thus not a "derived work" or anything like
that), I have to convince myself that not only is it clearly ok to act on
the knowledge of whather the kernel is signed or not, it's also outside of
the scope of what the GPL talks about, and thus irrelevant to the license.
That's the short and sweet of it. I wanted to bring this out in the open,
because I know there are people who think that signed binaries are an act
of "subversion" (or "perversion") of the GPL, and I wanted to make sure
that people don't live under mis-apprehension that it can't be done.
I think there are many quite valid reasons to sign (and verify) your
kernel images, and while some of the uses of signing are odious, I don't
see any sane way to distinguish between "good" signers and "bad" signers.
Comments? I'd love to get some real discussion about this, but in the end
I'm personally convinced that we have to allow it.
Btw, one thing that is clearly _not_ allowed by the GPL is hiding private
keys in the binary. You can sign the binary that is a result of the build
process, but you can _not_ make a binary that is aware of certain keys
without making those keys public - because those keys will obviously have
been part of the kernel build itself.
So don't get these two things confused - one is an external key that is
applied _to_ the kernel (ok, and outside the license), and the other one
is embedding a key _into_ the kernel (still ok, but the GPL requires that
such a key has to be made available as "source" to the kernel).
Linus
h*ll (Score:4, Funny)
Is it where all the naughty puntuation marks go when they die?
graspee
In related news... (Score:4, Funny)
Context (Score:5, Funny)
Things are so much more interesting out of context...
Linus Not God, Says God (Score:5, Funny)
In a shocking announcement cast down from the Heavens today, it was announced that Linus Torvalds was not, in fact, God.
Anthony Macewell was chosen to receive this information, as he worked on his PC:
"It was kinda freaky", Anthony said, "Linux booted, and just when I was expecting it to fsck everything, my computer burst into flames and I was surrounded by a host of angels. I don't remember that ever being a feature of Red Hat."
The angels, their appearance accompanied by a flawless four-part harmony, left Anthony a delicate manuscript, explaining that he should make sure that it was delivered to the Linux community.
The manuscript reads:
"For the attention of the Linux Community: Linus Torvalds is not God. God is currently very busy in creating various new planets and overseeing the forthcoming apocalypse on Earth. He has not had the time to develop any mortal Operating Systems, and is not likely to do so in the near future. He will continue only to endorse white robes and comfortable sandals."
The reaction from the Linux community has been varied. The slashdot.org community has reacted by having a circular discussion, with any idea other than "Linus is God, and Linux is the best thing ever for anything", being slammed down by angry, frothing, Linux advocates. A crusade to burn all the non-Linus believing heretics has been launched, in the form of a new website with a flashy domain name, which will predictably close within two weeks due to a lack of interest.
A spokesperson for Microsoft commented, "Well, we never believed that Linus existed anyway. It takes more than a couple of sightings near burning bushes to convince us, you know. We'll continue to worship Windows as we always have done. Lots of people have faith in Windows, no matter how much it lets them down, so it must be right."
I looked behind the magic curtain... (Score:5, Funny)
It was Bill Gates snickering with a Linus puppet on his hand!
I said "Hey Bill! Whatchya doin'?"
WHAT? (Score:2, Funny)
Re:In related news... (Score:3, Funny)
Gates: VERY BAD!
Ellison: BAD!
McNealy: BAD!
Carly (HP): VERY BAD!
IBM CEO: What day is it?
Linus: See above
JLG: Still my hero.
Re:Context (Score:5, Funny)
Re:Linus Not God, Says God (Score:0, Funny)
Flawless four-part harmony? Did they also gave him a dynamite haircut before they left? Or say anything about whether membership in SPEBSQSA was a prerequisite for joining the choir?
Voltaire also said... (Score:3, Funny)
"No, don't click through" (Score:4, Funny)
Re:Linus Not God, Says God (Score:5, Funny)
But, based on the available evidence, there's more objective proof of Linus' existence than Gods, so I'll continue to believe in Linus.
Good vs. bad signers (Score:3, Funny)
Well, duh... you check to see if the evil bit is set. I thought we had that all figured out now.
Re:Props to Linus (Score:1, Funny)
But I grew out of it.
My condolances to those who are incapable of doing so.
Re:Misconceptions (Score:2, Funny)
Is RMS a graduate of Crazy Go Nuts University?
GO CGNU!
Re:Linus Not God, Says God (Score:2, Funny)
Why don't you wake up? Clearly Carmack is the superior force on this planet. Death Match is the only true way to salvation...
Yeah right (Score:1, Funny)
That's worked super with Stallman.
Re:h*ll (Score:5, Funny)
Personally I think that it's recognition of the fact that eternal torment can take place in either Hell or Hull. The only problem I can see is that the scope hasn't been extended to include Dundee.
Re:i don't quite follow... (Score:1, Funny)
Wow! Your compiler can play MP3s! I'm really jealous.
Mine only makes binary files, or tells me that I suck at coding.
Re:Props to Linus (Score:5, Funny)
If Linus swung one way or the other, he would appear to have a political agenda...
So are you implying that he swings both ways? I'm not sure that's what he meant when he said, "I'm out of the closet."
Re:h*ll (Score:2, Funny)
Ahem. Anyway, you forgot Luton, or (to use the canonical form) Fucking Luton.
I wonder ... (Score:4, Funny)
Yes. (Score:2, Funny)
"Internet Appliances". Ha.
Re:Context (Score:2, Funny)
his kids were madly running around the lecture theatre, I guess they were bored out of their minds.
I was going to ask linus in the Q&A session about how he handles runaway spawned processes...but I never got picked to ask a question.
Read 'im his rights! (Score:3, Funny)
- You have the right to sign your binaries.
-
Anything you sign can and will be used against you in a public forum.
- If you are under the age of 18, anything you sign can be used against you in a juvenile flame war for a juvenile offense and can also be used against you in an adult flame war if the forum admin decides that you are to be flamed as an adult.
- You have the right to talk to an attorney before signing any binaries.
- You have the right to have your attorney present during the signing.
- If you cannot afford PGP, OpenPGP will be provided to you without cost, before or during signing, if you desire.
- Do you understand these rights?
-AdamIn Finnish (Score:3, Funny)