LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

LWN.net Weekly Edition for January 26, 2012

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Distinguish development workstations from Aunt Tillie's iMac

Distinguish development workstations from Aunt Tillie's iMac

Posted May 2, 2003 9:31 UTC (Fri) by bgilbert (subscriber, #4738)
In reply to: news at 11. by Wol
Parent article: Linus on digital rights management

Not necessarily. Consider professional media production houses and copy protection mechanisms like MacroVision. Professional equipment can trivially defeat MacroVision, and anyone who wants to buy an N-thousand-dollar professional deck and TBC can do it. The point of MacroVision is to discourage casual copiers, not professional pirates.

So, require standard home and business computers to execute only signed code. Sell a separate class of hardware -- "development machines" -- which costs $50k/box and will run anything you throw at it. Combine that with a TCPA-like system in which most signed software won't trust a system that can run unsigned code. Then, vigorously prosecute people who "misuse" their code-signing keys* -- and since companies with deep pockets are more likely to have code-signing keys in the first place, this will be effective. The end result is that you've concentrated development on a relatively small number of dedicated, single-purpose, trackable and auditable machines, and motivated everyone with a key to protect it from use by others.

Will this shut down open-source development entirely? Of course not. But it raises the bar; if the average user's workstation can't run the output of its own compiler, it's much harder for people to casually tinker with the code. The trick is to raise the bar too high for Joe Programmer, while still letting small software houses get through.

* What happens if code must meet certain requirements in order to be legally signed (either through outright legislation, federal regulation, or contract with the provider of the signing key)? Through the miracle of selective enforcement, this can leave free software developers with legitimately-obtained signing keys open to fairly significant legal action. That'll be a deterrent as well.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds