LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Laser & DRM

Laser & DRM

Posted Oct 6, 2006 7:50 UTC (Fri) by nim-nim (subscriber, #34454)
In reply to: Laser & DRM by sepreece
Parent article: Similar in spirit?

For those rare cases where you need to be tamper resistant it's easy enough to:
1. use ROM
2. use an update jumper located inside the case you've already made tamper-resistent to protect from hardware mods

If you can't afford either, I guess the device is also "protected" with "warranty broken if opened" paper seals or locks with standard keys, so the only reason you're so sold on DRMs is:
1. they feel dirt cheap,
2. your tamper-proof critical device is so buggy you need to update it all the time
3. you have zero respect for the wishes of the people who wrote your free software

(Log in to post comments)

Laser & DRM

Posted Oct 6, 2006 13:46 UTC (Fri) by sepreece (subscriber, #19270) [Link]

There are several scenarios for flash-based software in consumer devices:

- Field upgradeability (adding new features, etc.); this is widely used in music players ["new iPod updater is available"] and set-top boxes. In the former case it's usually the owner doing the update; in the latter case the update is usually pushed by the service provider, more-or-less transparent to the user.

- Field repairs (fixing broken software); this is often included in the kind of upgrades described above; sometimes security updates are done, as for desktop software; again, it's usually either owner-initiated or pushed by the service.

- Customization in distribution; this is very important to the device manufacturers, especially for mobile phones; in this case the phone is flashed with a generic load in the factory and software specific to the carrier and/or market is flashed in distribution or at the point-of-sale; it would be possible to blow an e-fuse at that point to make all or part of the software nonmodifiable after sale, but the user would probably object, since they do sometimes ask for updates after they have the phone. There have been [very] rare phone recalls, but phone upgrades in the field are usually user-initiated.

Note that previous discussions have always centered around "user able to modify" versus "manufacturer able to modify". This ignores the more common real-world case of "user able to have the phone updated" versus "manufacturer able to update phone unilaterally".

Device manufacturers typically have no access to a device in the field [set-top boxes that are updated by a service provider are an obvious exception]. A mobile phone carrier has access, and sometimes uses it to push content updates and service-enablement updates, but generally not to update the base software. In most cases, only the user has the right/ability to initiate a software update. However, their only option is to select another manufacturer/carrier-approved load for their device.

I point this out only because it reshapes the discussion somewhat. The fairness argument has been presented as "pass along the same rights you have". In this case, the situation actually is more like "the end user can choose to upgrade the phone to a newer version of the software", which sounds much less asymmetrical.

Laser & DRM

Posted Oct 6, 2006 14:01 UTC (Fri) by nim-nim (subscriber, #34454) [Link]

However, as long as the recipient of the software binary and code is in control, the GPLv3 is happy. The reason why very improbable and creative scenarii have been presented so far is the GPLv3 absolutely does not forbid sane uses of signing and cryptography (such as your examples)

Laser & DRM

Posted Oct 7, 2006 2:15 UTC (Sat) by mikov (subscriber, #33179) [Link]

Even if you are right and the manufacturer is resorting to DRM only because they are dirt-cheap or the device is buggy, it is certainly not the GPL's place to make manufacturers "not cheap" or to force them to sell a high quality product.

Manufacturing is a much more complex, difficult, risky and expensive process than many people realize. It is absolutely nothing like releasing software and I feel that many people in their understandable zeal for software freedom are ignoring this, probably because they don't have first hand experience with manufacturing physical goods as opposed to software.

Pragmatically speaking, I feel that since GPLv3 cannot fully prevent all restrictions to software modification (as many people pointed out a ROM is an easy option), it should not attempt it all. Further on, even if GPLv3 is ultimately the right thing to do, seeing how it is splitting the community in two before our own eyes, it is very likely to do more harm than benefit (again, as many people have pointed out).

Laser & DRM

Posted Oct 7, 2006 12:46 UTC (Sat) by nim-nim (subscriber, #34454) [Link]

> Pragmatically speaking, I feel that since GPLv3 cannot fully prevent all
> restrictions to software modification (as many people pointed out a ROM is
> an easy option), it should not attempt it all.

Pragmatically speaking, I feel that since DRM cannot fully prevent all modifications (as many people pointed out a ROM is an easy option), it should not attempt it all

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds