×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Linus on DRM

michael posted more than 10 years ago | from the asbestos-underwear dept.

Linux 969

Linus Torvalds weighed in on the DRM debate on the linux-kernel mailing list last night. No, don't click through, his email is reproduced below. Worth reading and thinking about.

Thread on LKML:

Date: Wed, 23 Apr 2003 20:59:45 -0700 (PDT)
From: Linus Torvalds
To: Kernel Mailing List
Subject: Flame Linus to a crisp!

Ok,
there's no way to do this gracefully, so I won't even try. I'm going to
just hunker down for some really impressive extended flaming, and my
asbestos underwear is firmly in place, and extremely uncomfortable.

I want to make it clear that DRM is perfectly ok with Linux!

There, I've said it. I'm out of the closet. So bring it on...

I've had some private discussions with various people about this already,
and I do realize that a lot of people want to use the kernel in some way
to just make DRM go away, at least as far as Linux is concerned. Either by
some policy decision or by extending the GPL to just not allow it.

In some ways the discussion was very similar to some of the software
patent related GPL-NG discussions from a year or so ago: "we don't like
it, and we should change the license to make it not work somehow".

And like the software patent issue, I also don't necessarily like DRM
myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I
refuse to play politics with Linux, and I think you can use Linux for
whatever you want to - which very much includes things I don't necessarily
personally approve of.

The GPL requires you to give out sources to the kernel, but it doesn't
limit what you can _do_ with the kernel. On the whole, this is just
another example of why rms calls me "just an engineer" and thinks I have
no ideals.

[ Personally, I see it as a virtue - trying to make the world a slightly
better place _without_ trying to impose your moral values on other
people. You do whatever the h*ll rings your bell, I'm just an engineer
who wants to make the best OS possible. ]

In short, it's perfectly ok to sign a kernel image - I do it myself
indirectly every day through the kernel.org, as kernel.org will sign the
tar-balls I upload to make sure people can at least verify that they came
that way. Doing the same thing on the binary is no different: signing a
binary is a perfectly fine way to show the world that you're the one
behind it, and that _you_ trust it.

And since I can imaging signing binaries myself, I don't feel that I can
disallow anybody else doing so.

Another part of the DRM discussion is the fact that signing is only the
first step: _acting_ on the fact whether a binary is signed or not (by
refusing to load it, for example, or by refusing to give it a secret key)
is required too.

But since the signature is pointless unless you _use_ it for something,
and since the decision how to use the signature is clearly outside of the
scope of the kernel itself (and thus not a "derived work" or anything like
that), I have to convince myself that not only is it clearly ok to act on
the knowledge of whather the kernel is signed or not, it's also outside of
the scope of what the GPL talks about, and thus irrelevant to the license.

That's the short and sweet of it. I wanted to bring this out in the open,
because I know there are people who think that signed binaries are an act
of "subversion" (or "perversion") of the GPL, and I wanted to make sure
that people don't live under mis-apprehension that it can't be done.

I think there are many quite valid reasons to sign (and verify) your
kernel images, and while some of the uses of signing are odious, I don't
see any sane way to distinguish between "good" signers and "bad" signers.

Comments? I'd love to get some real discussion about this, but in the end
I'm personally convinced that we have to allow it.

Btw, one thing that is clearly _not_ allowed by the GPL is hiding private
keys in the binary. You can sign the binary that is a result of the build
process, but you can _not_ make a binary that is aware of certain keys
without making those keys public - because those keys will obviously have
been part of the kernel build itself.

So don't get these two things confused - one is an external key that is
applied _to_ the kernel (ok, and outside the license), and the other one
is embedding a key _into_ the kernel (still ok, but the GPL requires that
such a key has to be made available as "source" to the kernel).

Linus

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

969 comments

hahahahahaha (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#5799259)

Oh Linus, we love you!

anon anon onan

Bring on the HURD. (-1, Flamebait)

conner_bw (120497) | more than 10 years ago | (#5799274)

Bring on the HURD.

At least those hardline hippies don't sell out when they have to make payments on their Silicon Valley houses.

Oh wait, maybe that's why it's not done. Damn you motivation.

h*ll (4, Funny)

Graspee_Leemoor (302316) | more than 10 years ago | (#5799283)

What is this "h*ll" ?

Is it where all the naughty puntuation marks go when they die?

graspee

Re:h*ll (-1)

Anonymous Coward | more than 10 years ago | (#5799359)

Y*, wh*t is w*th all th*s* d**m st*r. F**k'n *!

Props to Linus (5, Insightful)

dtolton (162216) | more than 10 years ago | (#5799287)

What Linus is saying makes complete sense to me. I think the
Kernel level of Linux is the wrong place to make a political
stand like that. What has made Linux successful, and what will
make it ultimately *the* OS is it's an
Evolvable System [shirky.com]

The fact that people can use Linux for whatever they need to is
what makes it such a compelling system. The fact that you can
tinker with it, change the source, in short make it work for you
is what makes Linux successful.

He also makes a good point, there is a difference between
allowing DRM and forcing everyone that uses the OS to use DRM
(as M$ want). There are some times when DRM is very legitimate
(Goverment Top Secret Docs, Litigation Confidential information
etc), and there are the times when I consider it to be
un-ethical (most other situations I can think of).

I have to say way to go Linus. Keep the system evolvable.
Ultimately isn't it a catch 22 anyway? If he prohibits DRM,
isn't that sort of like saying "this is my software and you
can't do XX with it".

Re:Props to Linus (0, Insightful)

MrMickS (568778) | more than 10 years ago | (#5799362)

Linus is discussing the kernel not the OS. Linux is the kernel not the OS.

Corn crops to Linus (-1, Flamebait)

conner_bw (120497) | more than 10 years ago | (#5799374)

He should have used the BSD license long ago, then. It was around when he was a student / idealist.

You don't want morals? You don't want politics?

Don't use the GPL.

I support the GPL. If i change my mind because i wimp out later on in life, or the flow of the tide changes, too fucking bad for me.

Re:Corn crops to Linus (4, Interesting)

Zathrus (232140) | more than 10 years ago | (#5799489)

You don't want morals? You don't want politics?

Don't use the GPL


Ah... I see. Apparantly the only way you can have morals is to use the GPL. Righto.

And, apparantly, Linus's refusal to go off the deep end on zealotry means that he's "wimped out". Got it.

It must be nice to view the world in black and white... so easy, so simple... so naive and foolish.

Linus is making the right call here... there are valid reasons for DRM-like policies. There are lots of invalid ones too. But if you want it to be free, then it needs to be free. Trying to contort the GPL or other free license to fit your world view is bullshit, and it undermines the entire point of the license.

Re:Props to Linus (5, Insightful)

FortKnox (169099) | more than 10 years ago | (#5799400)

Linus is great in these situations. He takes rabid open source zealots and brings them back to reality before they go too far off.

He simply shows that you don't have to be political (mp3 sharer, privacy guru, etc...) to enjoy Linux. And offshoots will always be there for you rabid-types.

Who's loss? None.

Re:Props to Linus (1)

SN74S181 (581549) | more than 10 years ago | (#5799487)

Political??

The only political class most MP3 sharers belong to is the lumpen-proletariat. There are very few exceptions.

Re:Props to Linus (1)

russellh (547685) | more than 10 years ago | (#5799421)

Trust is what it's all about. If Linus swung one way or the other, he would appear to have a political agenda, which is not compatible with Linux. This is the kind of decision that keeps Linux together and Linus at the top, though that doesn't appear to be his main motivation.

Re:Props to Linus (4, Insightful)

4of12 (97621) | more than 10 years ago | (#5799429)


I agree with Linus, too. It will mean greater flexibility and freedom to do anything with Linux in the future.

While I, too, am personally opposed to DRM policies that have been proposed so far, I don't use every single lever and fulcrum at my disposal to its fullest possible extent to press the my opinion. Letters to your elected representatives, newspapers, donations of money to the EFF, teaching others to use free products are good ways to achieve those goals.

There are those that feel the Linux kernel is an appropriate tool for leveraging the propagation of those ideals. Despite my admiration of those ideals, I'm glad Linus doesn't choose to use his power to fight this battle in this way.

Re:Props to Linus (4, Interesting)

TopShelf (92521) | more than 10 years ago | (#5799446)

To try to impose limits on DRM in Linux (for whatever reason) is an artificial constraint that would reduce Linux's usability. The point here is to provide a flexible tool that can be used in a variety of ways. Imposing one's own opinions on how this tool should and should not be used seems the antithesis of open source development...

Thank goodness... (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#5799293)

because not know what linus thinks about stuff keeps me up at night

In related news... (4, Funny)

pi radians (170660) | more than 10 years ago | (#5799295)

Slashdotters are very confused. What to hate? Who to love?

Re:In related news... (3, Funny)

IWantMoreSpamPlease (571972) | more than 10 years ago | (#5799419)

Simple:

Gates: VERY BAD!
Ellison: BAD!
McNealy: BAD!
Carly (HP): VERY BAD!
IBM CEO: What day is it?
Linus: See above
JLG: Still my hero.

Re:In related news... (0)

Anonymous Coward | more than 10 years ago | (#5799494)

In related news, slashdotters elect to continue hating DRM and continue loving Linus Torvalds for the relatively obvious statement: You can't legally modify the kernel to implement effective DRM. Anything you do to the kernel has to be released to the public.

In other news the RIAA, MPAA and Microsoft have teamed up to declare Linus, his kernel and the GPL in violation of the DMCA, as he just thwarted an attempt to prevent unauthorized copying and distribution of copyrighted software. Linus faces up to life imprisonment, or three weeks watching "Waterworld", "Dungeons n Dragons" and "Solaris" (the new version) back to back.

Re:In related news... (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#5799560)

How to gain Karma like a pro!

In this day and age, whoring Karma on Slashdot is easier than ever. With more moderators and a lower signal to noise ratio (If you don't know what that means, don't worry!) means that Karma can easily be gained by following a few simple rules when you are carefully crafting your Slashdot post.

  • Vaguely mention the DMCA. It doesn't matter what the topic of discussion is, those four magic letters glow like a beacon to any moderator with points.
  • You can get double points if you spell the acronym as DCMA throughout your post. This is especially effective if you're replying to someone who has just used the correct acronym in their post.
  • MPAA and RIAA are another pair of gems. Use the phrase "RIAA/MPAA" in every post you make, and that Karma will flow!
  • Always confuse the two. Complain loudly about the MPAA suing over MP3 downloads, or the RIAA trying to stop you from downloading DeCSS.
  • Don't bother to understand the difference between Patents, Copyrights and Trademarks. If the topic of discussion is about patents, claim that "this wouldn't have happened before the DCMA" (See above)
  • Always remember, It's Microsofts Fault! Try to craft vague conspiracy theories that include Microsoft.
  • Spell it "Micro$oft" or "M$". Moderators will lap it up.
  • If all else fails, blame the Government. Do not at any cost attempt to understand basic politics, as that will make you look opinionated. Just blame the current political leaders.
  • Likewise, blame the French. Double points if you use the phrase "Cheese eating surrender monkeys".
  • If you're loosing the argument, start a flamewar about the war with Iraq. Accuse the other party of being French, or "a pinko commie"(See above).
  • Claim that you only download stuff using P2P to "try before you buy".
  • Start a flamewar by claiming that "Piracy isn't theft". Violently flame anybody who dares to disagree with you.
  • Double points if you attempt to defend your position by stating that you "wouldn't have paid for it anyway, so they haven't lost a sale".
  • The Iraqi Information Minister was funny, wasn't he? Your post should be like one of his speeches. It'll be funny.
  • Ensure your sig has a Karma joke in it. You know the ones, something like "Karma: Bogus!" Ensure you retype your sig every time you post a comment; double sigs look cool and you wouldn't want the people who have sigs disabled to miss out, would you?
  • Remember! Never, ever read the related article or any background information before you state your opinions. You're too busy to do that, and its not like the moderators will notice either!
Good luck! Within no time at all, your Karma will be Excellent!

In summary... (5, Insightful)

sporty (27564) | more than 10 years ago | (#5799301)

Technology, encryption, reverse engineering, mp3's, drm, sniffers.. they arne't inherently evil. It's the usage and if they go against your morals, ethics and general desires, if they are good or not.

Laws which put their use at all, as forbidden or not, is what should not be put into law. It's how they are used.

Re:In summary... (1)

binaryDigit (557647) | more than 10 years ago | (#5799440)

Technology, encryption, reverse engineering, mp3's, drm, sniffers.. they arne't inherently evil. It's the usage and if they go against your morals, ethics and general desires, if they are good or not.

Oh, so you mean: "mp3's don't kill record companies, _people_ kill record companies" ;)

ScottK on Crack (another webchat.org mini-saga) (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#5799305)

KC's crack that is......

Which once again proves the point... (-1, Troll)

Anonymous Coward | more than 10 years ago | (#5799308)

Linus = good head on his shoulders
RMS and GNU hippies = insane

Kinda like Catholicism. The underlying priniciples of Linux are good, but the followers distort them so much that it's frightening and terrible.

Context (5, Funny)

Xenex (97062) | more than 10 years ago | (#5799309)

"There, I've said it. I'm out of the closet. So bring it on... " -- Linus Torvalds

Things are so much more interesting out of context...

Linus Not God, Says God (5, Funny)

ih8apple (607271) | more than 10 years ago | (#5799310)

Linus Not God, Says God

In a shocking announcement cast down from the Heavens today, it was announced that Linus Torvalds was not, in fact, God.

Anthony Macewell was chosen to receive this information, as he worked on his PC:

"It was kinda freaky", Anthony said, "Linux booted, and just when I was expecting it to fsck everything, my computer burst into flames and I was surrounded by a host of angels. I don't remember that ever being a feature of Red Hat."

The angels, their appearance accompanied by a flawless four-part harmony, left Anthony a delicate manuscript, explaining that he should make sure that it was delivered to the Linux community.

The manuscript reads:

"For the attention of the Linux Community: Linus Torvalds is not God. God is currently very busy in creating various new planets and overseeing the forthcoming apocalypse on Earth. He has not had the time to develop any mortal Operating Systems, and is not likely to do so in the near future. He will continue only to endorse white robes and comfortable sandals."

The reaction from the Linux community has been varied. The slashdot.org community has reacted by having a circular discussion, with any idea other than "Linus is God, and Linux is the best thing ever for anything", being slammed down by angry, frothing, Linux advocates. A crusade to burn all the non-Linus believing heretics has been launched, in the form of a new website with a flashy domain name, which will predictably close within two weeks due to a lack of interest.

A spokesperson for Microsoft commented, "Well, we never believed that Linus existed anyway. It takes more than a couple of sightings near burning bushes to convince us, you know. We'll continue to worship Windows as we always have done. Lots of people have faith in Windows, no matter how much it lets them down, so it must be right."

Re:Linus Not God, Says God (0, Funny)

Anonymous Coward | more than 10 years ago | (#5799458)

The angels, their appearance accompanied by a flawless four-part harmony, left Anthony a delicate manuscript, explaining that he should make sure that it was delivered to the Linux community.

Flawless four-part harmony? Did they also gave him a dynamite haircut before they left? Or say anything about whether membership in SPEBSQSA was a prerequisite for joining the choir?

Re:Linus Not God, Says God (0)

Anonymous Coward | more than 10 years ago | (#5799574)

Abdullah Haydar:

It's a joke (moron), huh?

in case of slashdotting.... (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#5799311)

Date: Wed, 23 Apr 2003 20:59:45 -0700 (PDT)
From: Linus Torvalds
To: Kernel Mailing List
Subject: Flame Linus to a crisp!

Ok,
there's no way to do this gracefully, so I won't even try. I'm going to
just hunker down for some really impressive extended flaming, and my
asbestos underwear is firmly in place, and extremely uncomfortable.

I want to make it clear that DRM is perfectly ok with Linux!

There, I've said it. I'm out of the closet. So bring it on...

I've had some private discussions with various people about this already,
and I do realize that a lot of people want to use the kernel in some way
to just make DRM go away, at least as far as Linux is concerned. Either by
some policy decision or by extending the GPL to just not allow it.

In some ways the discussion was very similar to some of the software
patent related GPL-NG discussions from a year or so ago: "we don't like
it, and we should change the license to make it not work somehow".

And like the software patent issue, I also don't necessarily like DRM
myself, but I still ended up feeling the same: I'm an "Oppenheimer", and I
refuse to play politics with Linux, and I think you can use Linux for
whatever you want to - which very much includes things I don't necessarily
personally approve of.

The GPL requires you to give out sources to the kernel, but it doesn't
limit what you can _do_ with the kernel. On the whole, this is just
another example of why rms calls me "just an engineer" and thinks I have
no ideals.

[ Personally, I see it as a virtue - trying to make the world a slightly
better place _without_ trying to impose your moral values on other
people. You do whatever the h*ll rings your bell, I'm just an engineer
who wants to make the best OS possible. ]

In short, it's perfectly ok to sign a kernel image - I do it myself
indirectly every day through the kernel.org, as kernel.org will sign the
tar-balls I upload to make sure people can at least verify that they came
that way. Doing the same thing on the binary is no different: signing a
binary is a perfectly fine way to show the world that you're the one
behind it, and that _you_ trust it.

And since I can imaging signing binaries myself, I don't feel that I can
disallow anybody else doing so.

Another part of the DRM discussion is the fact that signing is only the
first step: _acting_ on the fact whether a binary is signed or not (by
refusing to load it, for example, or by refusing to give it a secret key)
is required too.

But since the signature is pointless unless you _use_ it for something,
and since the decision how to use the signature is clearly outside of the
scope of the kernel itself (and thus not a "derived work" or anything like
that), I have to convince myself that not only is it clearly ok to act on
the knowledge of whather the kernel is signed or not, it's also outside of
the scope of what the GPL talks about, and thus irrelevant to the license.

That's the short and sweet of it. I wanted to bring this out in the open,
because I know there are people who think that signed binaries are an act
of "subversion" (or "perversion") of the GPL, and I wanted to make sure
that people don't live under mis-apprehension that it can't be done.

I think there are many quite valid reasons to sign (and verify) your
kernel images, and while some of the uses of signing are odious, I don't
see any sane way to distinguish between "good" signers and "bad" signers.

Comments? I'd love to get some real discussion about this, but in the end
I'm personally convinced that we have to allow it.

Btw, one thing that is clearly _not_ allowed by the GPL is hiding private
keys in the binary. You can sign the binary that is a result of the build
process, but you can _not_ make a binary that is aware of certain keys
without making those keys public - because those keys will obviously have
been part of the kernel build itself.

So don't get these two things confused - one is an external key that is
applied _to_ the kernel (ok, and outside the license), and the other one
is embedding a key _into_ the kernel (still ok, but the GPL requires that
such a key has to be made available as "source" to the kernel).

Linus

Re:in case of slashdotting.... (-1, Offtopic)

Theodore Logan (139352) | more than 10 years ago | (#5799391)

This is getting ridiculous. I know that everybody doesn't always read the linked stories, or even the whole write ups. But could we at least try to get as far as the second sentence before commenting? And besides, what possible point could there be to karmawhoring as an AC?

that's the joke, fool (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#5799475)

Re:in case of slashdotting.... (0)

yatest5 (455123) | more than 10 years ago | (#5799551)

What a fucking moron. The parent post should be +5 funny, only /. users think 'funny' means 'bitches about MS / Windows'.

Voltaire (4, Insightful)

egoff (636181) | more than 10 years ago | (#5799316)

Sounds like the quote by Voltaire that embodies free speech:
'I may disagree with what you say, but I will defend to the death your right to say it.'

Misquote (3, Informative)

overshoot (39700) | more than 10 years ago | (#5799407)

Actually, he never said that but the woman who did insisted that it was the kind of thing he would have said.

My favorite kind of story: it may not be true, but it should be.

Re:Misquote (4, Informative)

egoff (636181) | more than 10 years ago | (#5799575)

Hmm, you learn something [york.ac.uk] every day. Beatrice Hall actually said it in her book The Friends of Voltaire that she wrote under the pseudonym S.G. Tallentyre.

The page linked above had another good quote:

I may disagree with what you say, but I will defend to the death your right to mis-attribute this quote to Voltaire.
---- Avram Grumer, rec.arts.sf.written, May 2000

Code is not exactly speech (1)

blastedtokyo (540215) | more than 10 years ago | (#5799577)

When Voltaire or whoever said this a few hundred years ago, speech was in the spoken word or the printed page.

Today you can amplify speech so loud to blow out someones eardrums. Or raise the pitch electronically to break glass and cause destruction.

The same is true for DRM. Code written for DRM is like a magic word that can suddenly sew up the mouths and cut off the hands of other people. This prevents them from ever speaking. Code regulates and forces behavior within that system to be a certain way. Spech does not.

Would voltaire protect someone from sewing shut his mouth with a few magic words?

Still cool (4, Insightful)

ike6116 (602143) | more than 10 years ago | (#5799317)

Once again Linus leaves it up to the one thing that makes linux beautiful: Choice.

Huh? (3, Interesting)

Theodore Logan (139352) | more than 10 years ago | (#5799318)

I'm an "Oppenheimer", and I refuse to play politics with Linux

Is that "Oppenheimer" as in the head of the most politically motivated science program of all time?

Re:Huh? (0)

Anonymous Coward | more than 10 years ago | (#5799405)

Oppy was thrown out of the H-bomb program because he wasn't totally rabidly politically ra-ra about the idea of murdering millions of Russians in an unprovoked attack. von Neumann, who was in favour of this sort of genocide, angled to get Oppy thrown out as a "security risk".

Re:Huh? (2, Informative)

October_30th (531777) | more than 10 years ago | (#5799456)

von Neumann

Uh... no. You must have been thinking about the father of the hydrogen bomb, Edward Teller.

Re:Huh? (-1)

Anonymous Coward | more than 10 years ago | (#5799557)

No. You're thinking of the magicians Penn & Teller.

Re:Huh? (0)

Anonymous Coward | more than 10 years ago | (#5799580)

Of course, yes, I was conflating a little. Teller got Oppenheimer removed as a "security risk" because he didn't see the point of the H-bomb. von Neumann still worked on the H-bomb and advocated a "preemptive" strike on the Soviet Union, though.

just an engineer (4, Insightful)

dAzED1 (33635) | more than 10 years ago | (#5799319)

I don't find myself agreeing with him "politically" generally, but like he himself, and as he poitns out RMS as well, says...he's just an engineer.

Seems reasonable to me though. You don't have to compile it in to the kernel you use if you don't want it. He's just offering a choice. For this one, I will accept that he is in fact remaining neutral politically.

RMS playa hatin' (0)

Anonymous Coward | more than 10 years ago | (#5799324)

Damn, I didnt know RMS was playa hatin' Linus.

WWNPNPD? (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#5799327)

What Would Natalie Portman, Naked and Petrified, Do?

What Would Natalie Portman, Napalmed and Perforated, Do?

Idea's in the right place... (1, Offtopic)

itallushrt (148885) | more than 10 years ago | (#5799328)

I'm an "Oppenheimer", and I refuse to play politics with Linux, and I think you can use Linux for whatever you want to - which very much includes things I don't necessarily
personally approve of.


It's nice to see that Linus has his priorities in the right place. Too bad others can't follow his example. *cough* SCO *cough*

This is what has made Linux successful, (5, Insightful)

Viperion (569692) | more than 10 years ago | (#5799330)

It's Linus' optimism. See, RMS insists that if you don't tell people what they can't do with software, that they'll do the worst. Linus assumes that people will do whatever they feel like, and the more they can do, the better, because you can't easily stop a movement. You can stop a man.

Go Linus. I'm not a DRM fan, but I am a fan of you ideology.

I looked behind the magic curtain... (5, Funny)

Dutchmaan (442553) | more than 10 years ago | (#5799331)

This was all a practical joke..!!

It was Bill Gates snickering with a Linus puppet on his hand!

I said "Hey Bill! Whatchya doin'?" ..and he said... "Watch them all support DRM now!..and he snickered again.."

Misconceptions (4, Insightful)

lpret (570480) | more than 10 years ago | (#5799334)

I think it's interesting that it takes the "leader" of the OSS movement to put the brakes on some overboard reactions by slashdotters and many others. Too often we relate some issue as being a Microsoft invention and thus evil when all along it's been incorporated in a different form in our favourite OS. Perhaps we can learn a lesson about this and start applying it to other organisations (RIAA, MPAA, etc.)?

Re:Misconceptions (1)

Skyshadow (508) | more than 10 years ago | (#5799383)

Leader of the OSS movement? Linus? Are we thinking of the same guy here? Short, glasses, funny accent?

I can think of a few guys I'd pick as leader of the OSS movement, but Linus isn't on the list. He's the manager of one of the all-time successful projects in OSS and a lot of people (rightly, IMO) respect what he things, but that's pretty much it.

Re:Misconceptions (0)

Anonymous Coward | more than 10 years ago | (#5799467)

He wasn't saying that there is nothing wrong with DRM, just that Linux shouldn't explicitly try to prevent DRM.

It probably doesn't even need to, because of practical issues.

The signing issue is of course related to the ability to boot Linux on hardware-DRM-enabled (because DRM can't be done in software without being trivial to crack) machines is something that could be done.

However, completely DRM-enabling Linux would require a lot more work than getting a version signed. The signed version would also have to be severely restricted so you can't get certain data out of the kernel. It would be an "encumbered Linux", and inferior to regular versions of Linux.

On a side not, Linus Torvalds is hardly the leader of the OSS movement by any definition. Certainly not in a political sense, and in a technical sense, he is the leader of one of the most important OSS projects.

Re:Misconceptions (1)

TedCheshireAcad (311748) | more than 10 years ago | (#5799570)

I think it's interesting that it takes the "leader" of the OSS movement...

The OSS movement doesn't have a "leader", that's kind of the point of the whole thing. If anything, I would call Linus the "Minister of Reason" the OSS movement, as he's the only one moderate enough not to go crazy-go-nuts RMS style on the community, or go shooting his mouth off deRaadt-style and lose his funding ;)

Re:Misconceptions--No, more like hypocrisy (1)

rhadamanthus (200665) | more than 10 years ago | (#5799585)

If its MS, its bad. If its Linux, well, its ok since its not really linux's fault...

Lets think for a minute here people. Someone else in a lower thread remarked that DRM was aimed at the "95% of windows users on the net". DRM is NOT a MS development effort. MS is just catering to the large amount of business's wanting it (RIAA, MPAA etc.). Linux tends to stay on a more anti-DRM ideal, whereas from MS's point of view, its strictly business. Their customers want it, so they'll provide it. Similarly, even though Linux developers may be ideologically opposed to DRM, they have no say in its implementation on Linux, since the liscense basically says, "do what you want". Don't blame MS for trying to make money in this case (other cases are exempt-DOJ for instance). It's what they do.

--rhad

i don't quite follow... (2, Insightful)

DrWhizBang (5333) | more than 10 years ago | (#5799341)

why does allowing binaries to be signed make DRM "ok". maybe i don't understand DRM (which is likely...)

DRM's not really about Linux, anyhow... (1, Interesting)

Skyshadow (508) | more than 10 years ago | (#5799352)

Really, all of the DRM stuff out there is aimed squarely at the 95% of people sitting on the net running Windows.

If you disable sharing of certain digital information for a vast majority of users, you've effectively plugged up the problem. Obviously, you'll never stop *everybody*, so that's not a realistic goal in the first place. So it doesn't really matter what Linus thinks/does, at least not in this point in time (the GUIs that come with the popular Linux distributions ain't ready to take a serious run at the desktop yet).

Re:DRM's not really about Linux, anyhow... (1)

Majin Bubu (455010) | more than 10 years ago | (#5799505)

KDE3 is not ready? I think it *is* much better than the WinXP GUI. The only reason I still dual boot is I want to play my games.

Right tool for the job (5, Insightful)

October_30th (531777) | more than 10 years ago | (#5799355)

On the whole, this is just another example of why rms calls me "just an engineer" and thinks I have no ideals.

This is exactly why I like Linus. Unlike certain nutjobs, he's rational enought to know that one should always use the right tool for the job.

When ideals get in the way of actually achieving your goals they are doing more harm than good for the cause.

That comment made me wonder if RMS actually holds a grudge against Linus for not conforming to his standards of "purity".

Re:Right tool for the job (0)

Anonymous Coward | more than 10 years ago | (#5799469)

That comment made me wonder if RMS actually holds a grudge against Linus for not conforming to his standards of "purity".
RMS holds a grudge against everyone who doesn't conform to his standards of "purity".

Re:Right tool for the job (1)

Kynde (324134) | more than 10 years ago | (#5799472)

When ideals get in the way of actually achieving your goals they are doing more harm than good for the cause.

When your ideals and goals aren't aligned you're f*cked no matter what you do...

Re:Right tool for the job (1)

Hard_Code (49548) | more than 10 years ago | (#5799547)

"When ideals get in the way of actually achieving your goals they are doing more harm than good for the cause."

Are you sure you meant that?

source to the key in the kernel? (2, Insightful)

zogger (617870) | more than 10 years ago | (#5799361)

--if you are going to do that, why would you even put the key in there? What am I missing?

Seems to me that drm violates the spirit of gpl, but I most likely still don't understand it. If some company wants to make a drm enabled kernel,and deploy it, then it can be cracked shortly if they follow the gpl? Or what? I don't get it obviously. This is like missiles, anti missiles, anti-anti missiles, ad absurdium.

new distro, the yossarian distro

what ? (3, Interesting)

frodo from middle ea (602941) | more than 10 years ago | (#5799365)

Btw, one thing that is clearly _not_ allowed by the GPL is hiding private keys in the binary
Can someone explain what's he talking about here ?
AFAIK, You sign someting with your private key and ppl. can use your public key to verify the integrety of the message.
Also if you want encryption, then u encrypt with the receivers public key so that only he can decrypt it with his private key
No where in this process is the private key required to be disclosed.
So what am i missing here ? or is he talking of some totally different keys ?

Re:what ? (3, Interesting)

Kevinv (21462) | more than 10 years ago | (#5799483)

if you put the private key in the kernel itself it then becomes part of the source code and must be relvealed via the GPL license (if you distribute the kernel at least)

External keys are fine.

Re:what ? (1)

frodo from middle ea (602941) | more than 10 years ago | (#5799544)

but that still doesn't answer my question.
Why the need to put the private key in the kernel/os/application/what-ever in the first place ?
I mean doesn't it defeat the very purpose of asymetric key encryption. what good is it, if i have to start distributing my private key . I thought thats what public keys are for

Re:what ? (4, Interesting)

Todd Knarr (15451) | more than 10 years ago | (#5799532)

I think he's talking about a situation such as DVD-CSS, where content is encrypted with a product key and the product key is protected by being encrypted with a master key which is embedded in the OS itself. Then only the OS can obtain the product keys needed to decrypt the contents, and the OS can enforce any access controls it wants on the content because the user can't get at the content except by going through the OS. What he's saying is that doing that is perfectly OK under the Linux license, as long as you release the master key, in the clear, as part of the OS source just as the license requires.

Yes, that does make the master key useless for it's intended purpose. :)

Re:what ? (4, Interesting)

Large Green Mallard (31462) | more than 10 years ago | (#5799565)

When I suspect he means is including the decryption keys in the library or libraries and not distributing the key in the source form of the libraries.. so you need to "hide" it in a configuration file, or a non GPL library.

Since if the key is part of the library, and the library is GPL, the key must be in the source. Not a huge hurdle to get around, but it would stop someone distributing a set top box with a modified version of "cp" that has keys hidden in it.. they would need to modify "cp" to call another binary to do secret stuff, and then provide the source for the modification of cp, which shows how the secret binary is called, but not actuall yhte secret binary.

Re:what ? (0)

Anonymous Coward | more than 10 years ago | (#5799573)

I believe he's making a jab at the X-Box. It uses signs and hidden keys to sign the binaries in order to be allowed to execute.

Or he could be talking about a gpl'ed game where they use PKI, but they dont disclose the priv key. It's bound somewhere in the binary.

I'm going to have to agree with him on this one (5, Insightful)

Hunts (116340) | more than 10 years ago | (#5799370)

There is nothing horrible about the idea of DRM, its mearly what people are going to do with it. And before any blows my head, just remeber this is that same argument put forth to defend openbsd only yesterday( was it yesterday, I'm loosing track of time at the moment.)

I like that I can trust software to be what it says it is, I think its a step in the right direction to protecting againt trojans etc..

I dont want to be forced to do it though for every little thing that somebody thinks I need permission to run. If certain DRM can be applied to the linux kernal that make computing safer (and by that I mean actually safer, not MS safer or somebody else thinking their making me safer by imposing rules on me), then go right ahead.

Just make sure I can remove it should I wish.

Well.. (1)

Large Green Mallard (31462) | more than 10 years ago | (#5799392)

Saying "you can't develop DRM for linux!" is like saying "you can't use this software in a government that sponsors or is involved with the oppression of human rights" .. it's a free operating system.. what are you going to do? Not sell it to them?

This isn't exactly new either, as I recall, IBM's thinkpads which had linux pre-installed had a macrovision.o kernel module ;)

I'm glad linus did this (2, Interesting)

scorp1us (235526) | more than 10 years ago | (#5799395)

I've taken this position from day 1 (as soon as I was able to comprehend it)

Linux needs some DRM infrastructure, though it's use is to be discouraged. It is not tech's place to play politics. Linux will need DRM to be used everywhere, as it can today as soon as MS makes it availible for the studios to use.

I stand behind Linus here.

I saw this coming (4, Informative)

mao che minh (611166) | more than 10 years ago | (#5799399)

What our Finnish friend is saying: Linux should be able to utilize all computing options, including DRM. It shouldn't be forced on you, nor should it be denied to you. Linux shouldn't be guided by the ethics or philosophy of either the majortiy or the minority (he got rms there).

It's hard to argue with that logic, especially when you step back and take a look at why Linux was so wildly successful over the past three years.

This is the goal of the GPL (1)

nuggz (69912) | more than 10 years ago | (#5799401)

Isn't this the point of the GPL, to give others the same rights?

And since I can imaging signing binaries myself, I don't feel that I can disallow anybody else doing so.

Sounds good to me (2, Insightful)

Dacmot (266348) | more than 10 years ago | (#5799402)

If the GPL is all about freedom, it's also about freedom of what you can do with it (ok you can't include it in close source software without releasing that source, but that's to protect it from being non-free).

If some third party wants to take the kernel source and add DRM to it, they are free to do so. I'm also free to not use their kernel and keep compiling my own from Linus' tree.

Linus does have a point.

WHAT? (2, Funny)

david_g (24196) | more than 10 years ago | (#5799406)

After reading such blasphemous utterings, I propose we de-canonize St. Linus, the Farseer, and henceforth refer to him as "Linus, that puny piece of RIAA excrement".

Re:WHAT? (-1)

Anonymous Coward | more than 10 years ago | (#5799520)

For what it's worth, I thought the comment was funny. +1 for you.

DRM will be *needed* by linux (5, Interesting)

James McP (3700) | more than 10 years ago | (#5799423)

Maybe not now, but later.

Look, you put out a set-top media box running embedded Linux. Assuming it is the multimedia grail (online video/audio playback & capture) it will do more than GPL/opensource codecs. It will NEED to handle WMAs and other proprietary formats that may include a time-locked DRM.

Do I like blanket DRM? No, I want to be able to make backups of my DVDs, CDs, and other purchased materials.

What I don't have a problem with is a box that will D/L the movie I want to watch and store it for a max of 48 hours in a "digital Blockbuster" scenario. And that will eventually happen as digital cable set-top boxes will include hard drives for local caching and they will require DRM on that hardware.

Same thing goes for more and more Point of Sale stations. Signed binary data will be more and more necessary. I'm waiting for the day software compares my signature with the one stored on the credit card's chip. And I'm all for it.

I'll be honest; I want them to be able to choose linux. The other option is that everything becomes Windows. Do you really want every credit card terminal, ATM and terminal to be Windows because it is the only thing that supports DRM?

I think Linus Missed the Point.... (2, Interesting)

haplo21112 (184264) | more than 10 years ago | (#5799441)

Signing the Kernel sources or even the Binary...No problem....

Making the Kernel Compliant so that it will refuse to let certain media types run because the OS/System doesn't have the secret key to that media type...NOT OK...

The Preblem is in the furture inorder for some media types to run in the future to run public/private key stuff is going to hace to happen...however how can that happen in an OS kernel whose source code is public...the private key is then exposed to the world, which the media people who want this crap will never stand for...it could be wrapped up in a shared lib...but that violates everything OSS stands for...

DRM for the kernel to run on hardware which requires a signed binary is OK, I suppose although how do you control that since if I complie up my own kernel I need to sign it somehow to get it to run on my protected hardware, which means I have the ability to sign any binary to make it run on protected hardware...including a virus...and also I don't see myself spending 100's to 1000's of dollars to aquire the right to make binaries that run on my own computer....which is really where this discussion ultimately heads...

allows a bypass of GPL (1)

blastedtokyo (540215) | more than 10 years ago | (#5799442)

Interesting thoughts. So, if I'm IBM I guess this means that I a modify the kernel to put an encrypted blob into the kernel to load into RAM at all times. It's there to help performance of IBM apps also so that it can disable my competitor's software once this is installed. Then I sell Websphere which contains the key to decrypt the kernal code. This activates it.

Then I give away as freeware (but not open sourced or GPLed) some non-trivial app that requires the IBM version of the kernel. Boom...I get lots of users, a perf advantage courtesy of IBM DRM, crush my competitors and finally get a chance to try to fight the OS/2 vs Windows wars.

What this is about (5, Informative)

amcguinn (549297) | more than 10 years ago | (#5799457)

No-one commenting so far seems to have a clue what this is all about, so here goes.

Imagine someone builds hardware that will only run binaries signed by the manufacturer (current example: X-box, future examples: who knows)

Now imagine someone makes a version of Linux with functionality limited in some way -- think DRM, and gets that version signed by the hardware manufacturer so that it will run on the controlled hardware.

Now, as a user of that version of Linux, you have all your GPL rights to obtain, modify, and redistribute the source. But, since only the exact original signed binary will actually run on the hardware, those rights are (arguably) worthless.

Linus is saying that this is permissible, or at least that it is not his job to try to prevent it.

Now at least the flames can be on-topic...

Re:What this is about (1)

hyphz (179185) | more than 10 years ago | (#5799539)


I think what he was saying is: "It's ok if an app wants to check whether or not the kernel is signed, and not run if it isn't."

I don't think he was saying anything about hardware-level protection.

Hmm... (1)

kaltekar (464545) | more than 10 years ago | (#5799464)

I really don't see the point of changing the GPL to disallow DRM. DRM itself is not evil. Only when you use it im properly is it evil. I the community used DRM to load the kernel then the OS would be even more secure.

My name is linus torvalds and I pronounce fascism (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#5799474)

'profit'.

But is GPL compatible DRM possible? (1)

buck68 (40037) | more than 10 years ago | (#5799490)

Linus' post seems all well and good, except that if falls well short of decribing how a full DRM scheme would actuallly work. Perhaps Linus is just saying "let them try", as long as they follow certaing ground rules. However, the inconsistency in his statement is that he seems to imply that thinks that effective DRM is actually possible with his ground rules. I do not. As most readers here, I'm skeptical that effective DRM is possible, period. But DRM with open source, I seriously doubt it.

Re:But is GPL compatible DRM possible? (0)

Anonymous Coward | more than 10 years ago | (#5799546)

Please hack my Series2 Tivo.

PLEASE!

No, you can't change the hardware to do it.

"Just an engineer", eh? (4, Insightful)

Graabein (96715) | more than 10 years ago | (#5799510)

Linus wrote:

> On the whole, this is just another example of why rms calls me "just an engineer" and thinks I have no ideals.

Perhaps what the world needs is more engineers and artists, and less flaming zealots. I think Linus has been, and still is, getting it just right. In fact, I think his statements above and the way he views this issue is 100% in the spirit of the GPL. The code is supposed to be free, remember? This includes free to be used in unspeakable ways, so long as the source is always included and freely redistributable. You can't claim freedom for only the ideals you like, that's tyranny.

Then again, IANAL.

In related news: Linus on Dachau (-1, Flamebait)

Anonymous Coward | more than 10 years ago | (#5799524)

As an engineer I want the best tools available. It just so happens that in this case the best tools come from jewish slave labor.

Well.... (1)

spotlight2k3 (652521) | more than 10 years ago | (#5799527)

----"So don't get these two things confused - one is an external key that is applied _to_ the kernel (ok, and outside the license), and the other one is embedding a key _into_ the kernel (still ok, but the GPL requires that such a key has to be made available as "source" to the kernel)."---- at least if its done, the source will have to be made available, and with the source.. well i imagine that ways to remove it will pop up... and if its external, well then its time to go with an opensource counterpart that falls under the GPL, refuse to use any software otherwise!

Money is what counts now! (1)

BillKaos (657870) | more than 10 years ago | (#5799535)

My feelings about this are that some people at distros or embedded market want to lock their hardware/software (as Microsoft made with Xbox) and has pushed on Linus to explicitely allow them to do this.

Only a thinking.

linux and DRM pros/cons (2, Interesting)

dermond (33903) | more than 10 years ago | (#5799537)

i think linus has a good point on this issue. there is nothing wrong that linux supports signing binaries etc.. it could be of good use for firewalls and security critical applications... etc..after all as long as i have the source i can compile a different cernel that does no restrict what i do not want to have resctrictec..

the other thing is the other DRM that the alliance of music, media and software industry wants to produce.. where every content is digitally signed.. where you can not change the operating system on your hardware anymore etc... this are extremly bad things for linux and free software... we have to stop this whereever we can.. or else in a few years we will not be able to do anything useful on linux anymore...

mond

What a quote... (1)

Drakin (415182) | more than 10 years ago | (#5799541)

You do whatever the h*ll rings your bell, I'm just an engineer who wants to make the best OS possible.
There's too many people who stand up and yell about the ideals that they hold. Sure, Linus is doing it himself, but he's not saying "My way is right" but "This is how I'm going to do it, feel free to follow my lead, or do it your own way".

And the slashdrones respond.... (-1)

Anonymous Coward | more than 10 years ago | (#5799561)

Slashdrones: "DRM is evil, DRM is evil"

Linus: "DRM is not necessarily evil."

Slashdrones: "DRM is good, DRM is good"
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...