GPLv3 not going far enough?
Posted Sep 24, 2006 2:44 UTC (Sun) by ibukanov
In reply to: GPLv3 not going far enough?
Parent article: Kernel developers' position on GPLv3
> The clauses that are in draft 2 of GPLv3 are judged to be the minimum required in order to prevent large scale abuse of GPL'd software.
My problem with the clause is that it would not prevent anything in the embedded world. I.e. it is possible to defeat it completely AFAICS with simple tricks that would not add any cost to the hardware. As such the clause is dangerous as it give people an illusion of anti-DRM provisions for their free software while adding extra legal complexity for already non-trivial text with unclear consequences.
Here is one detailed possibility of abusing GPLv3. A company can make a device that can run either a signed or unsigned kernel. For unsigned kernel the device would require to enter a private key, which it would then use to sign the kernel and make the kernel available for access so it can be extracted and distributed if necessary. Now the trick is that to enter the key, you would have to use an extra hardware that the company would not sell. So you would get the source, the complete build system and all the encryption keys, but still you would not be able to change the software.
to post comments)