LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Bitfrost: the OLPC security model

Bitfrost: the OLPC security model

Posted Feb 8, 2007 23:56 UTC (Thu) by cjb (guest, #40354)
In reply to: Bitfrost: the OLPC security model by bronson
Parent article: Bitfrost: the OLPC security model

From the article: "in general, the children will not have that functionality available to them."
This doesn't mean that developer keys will be refused to some children, it means that before the child asks for the key, the (BIOS-writing) functionality won't work.
I've read the v3 draft a few times. You'll notice that 6.3b doesn't specify any durations.
The Bitfrost spec (section 8.19) says that the delay between asking for and receiving the key will be fourteen days. That seems entirely consistent with the delay one would expect from replying to a written offer of source code under the GPL that we've been using for the last twenty years.

I'm only really interested in talking about this to the extent of showing that the scheme is entirely in accord with GPLv3 and the spirit of the GPL. If your problem is that the GPL isn't free enough for you, you need to find some other people to talk to. :)

(Log in to post comments)

Bitfrost: the OLPC security model

Posted Feb 9, 2007 2:34 UTC (Fri) by bronson (subscriber, #4806) [Link]

I'm genuinely interested. I still don't understand how the GPLv3 can allow the OLPC to use DRM and at the same time prevent Tivo from abusing it. That's why I was asking about known modes of GPL abuse from the past. There will always be people who want to skirt the rules.

I *like* the GPLv2, and presumably I'll like the v3 when it ships. Ideally I'd like v3 to be able to be the go-to license for most projects. Other than the DRM language, which I'm unsure about, it looks like v3 could be that license.

Of course, I'm happy to let our discussion rest here and leave any further fine slicing to future litigators. :)

Bitfrost: the OLPC security model

Posted Feb 9, 2007 2:49 UTC (Fri) by cjb (guest, #40354) [Link]

I'm genuinely interested. I still don't understand how the GPLv3 can allow the OLPC to use DRM and at the same time prevent Tivo from abusing it.
So, my understanding is that the GPLv3's answer to DRM is to say "Sure, you can build DRM -- after all, you wouldn't have freedom if you couldn't -- but you must give the person who you distribute the code to the freedom to remove the DRM if they wish". That's what Bitfrost tries to do.

How do you think TiVo would claim to be following that, yet abusing it? The methods you mentioned (waiting too long, or charging too much) just aren't ones that we've seen people abuse over the last twenty years; I can't think of a single memorable example of either, so it certainly hasn't been common. If they *do* provide the source+key that gives you full control of the system in a timely manner, then it's Free Software.

Bitfrost: the OLPC security model

Posted Feb 9, 2007 11:56 UTC (Fri) by NAR (subscriber, #1313) [Link]

you must give the person who you distribute the code to the freedom to remove the DRM if they wish

I think I get it - the code is distributed to the child, but not to the thief, so the thief can't ask for the key. However, an other thing occured to me. As far as I know, the children can't sell or give away their laptops, i.e. can't distribute it (I could be wrong here). Can they distribute the software (including the OpenBIOS) on the laptop? GPL (even v2) gives them the right, but will the software work on any other laptop (even if they distribute the key, which is part of the software under GPLv3)?

Bye,NAR

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds