Kernel developers' position on GPLv3

Posted Sep 25, 2006 1:59 UTC (Mon) by lucychili (guest, #40728)
Parent article: Kernel developers' position on GPLv3

Check out the Lessig keynote from LinuxWorld
http://www.linuxworld.com/events/keynotes/lwsf06-lessig.html

In this speech Lessig explains about the implications of DRM on the stack from network, through computer hardware and software to user. I think it is this big picture issue which is the reason DRM is addressed in the draft of GPLv3.

I have done a customisation of the same model in order to explain to the Australian Attorney General about this issue as they work on a draft of our copyright act. If you want a copy I'll post it somewhere.

The problem is that DRM and TPM technological protection measures may not be interacted with. Developing things which interact with them can be deemed to be a felony at the whim of the owner of the product. All they have to do is 'find' a person to use a technological protection measure to infringe copyright and then the developer of the interfacing tool can be deemed a felon for making a circumvention device. This means people making new inventions and technologies which need to interact with hardware or software which is DRM can only do so with ongoing permission from the TPM company.

It will be important for the GPLv3 to help to clarify that free software is intended to be interacted with, and therefore that hardware which has either a direct or latent threat of felony lurking for people who develop interacting technologies are not a safe part of that technology stack.

At first glance it might be a concern for people who are developing on technologies which include these kinds of interfaces. I feel however that legally separating FLOSS from DRM is the only safe path for developers, who could easily be criminalised if the owner of the DRM technology is encouraged to undermine the foundations or interfaces on which a specific FLOSS resource is based.

While calling it frankly and making that a decision on our part might have initial costs with regard to interaction with existing technologies and hardware, I feel that for the security of FLOSS long term, so that developers can code safely without risk of being deemed a developer of an illegal product, this kind of clarification is the only safe path.
This also means that GPLv3 technologies would be safer for investors.

We will need open hardware at all levels of Lessig's stack, making this a clear decision means that companies can see that the benefits of free and open source software do depend on the ability for hardware and software to be available which is safe to use. Our governments need to understand this. Our communities need to understand the risks.

Some companies are likely to have some products where they leverage DRM
either against customers or competitors. This process will make it increasingly difficult for people to develop safely on proprietory systems.
For small or new independent proprietory businesses as well as for small or large FLOSS based organisations free interactive hardware will be vital. If we have critical mass of software, developers and users who think like this it makes it possible to vote with our feet. If we do not understand the risks and choose to develop code on unsure footing we will be compromised long term.

The LGPL is drafted for interfacing in mixed environments.
The GPL should be able to be trusted and used without risk.

Janet

to post comments

Kernel developers' position on GPLv3

Posted Sep 25, 2006 4:50 UTC (Mon) by bojan (subscriber, #14302) [Link] (3 responses)

> We will need open hardware at all levels of Lessig's stack,

I hope most people understand that a chip making business requires billions of dollars in continuous investments (i.e. no backyard operators here). Intels and AMDs of the world need to sell those chips eventually to get the money back and make a profit. I honestly don't think that any kind of convincing except the one made in the marketplace will work here. And that's not anyone's fault. It's just how things work.

If these guys see that DRM is what is required of them to do in order to sell, then this is what they are going to do. And "open hardware" (i.e. hackable by anyone) will end there, IMHO. Don't get me wrong, I'm not predicting a doomsday - just pointing out that businesses generally act in their best financial interest or go bust. If market decides that DRM enabled hardware is not acceptable, then we'll continue seeing it in the future. It's just that I don't know many business people or home users that care beyond "I just want it to work". And they are the ones that a market (mostly) make.

Also note that software licensed under GPLv2 and distributed by companies like Novell, Red Hat etc. could peacefully coexist with proprietary software in this model. Such distributors could enter into agreements with hardware folks in order for their software to be officially supported (i.e. DRM signed). Small distributors would be taken out, most likely. And, we (i.e. the general public) wouldn't be able to compile our own stuff and run it on any hardware in such a scenario, although we'd have all the source.

> Our governments need to understand this.

I would not be too hopeful there. Remember, we're talking about governments that enabled DRM in the first place, as a favour to big (content providing) business. Changes to Australian copyright law are being made primarily to facilitate that same business and it is clear that DRM provisions will be used to further enforce copyright protections, not to relax them.

The story about expanding "fair use" is just a nice fairy tale for the press. For example, you'll be able to legally record TV programs and watch them later, but only once. If that's not a joke, I don't know what is.

Just pointing out the facts, not trying to assign blame or pass judgement on any one company, individual or licence :-).

Kernel developers' position on GPLv3

Posted Sep 25, 2006 5:00 UTC (Mon) by bojan (subscriber, #14302) [Link] (2 responses)

If market decides that DRM enabled hardware is not acceptable, then we'll continue seeing it in the future.

It, referring to open hardware, obviously.

Kernel developers' position on GPLv3

Posted Sep 25, 2006 22:28 UTC (Mon) by lucychili (guest, #40728) [Link] (1 responses)

IANAL but from my perspective without prejudice and all that.

Any new proprietory inventor will not be safe with DRM.
FOSS people will not be safe with DRM.
As you point out critical mass is needed.
Understanding and commitment by all FLOSS to the value of a vertically coherent open habitat will help.
Small proprietory inventors may not have the cultural background to appreciate the risks until a few people have been burned.
Investors will probably be pretty quick to respond because they are looking at those kinds of things in terms of overall industry risk.
The GPLv3 is responding to an existing threat and not making a division in itself. The division has been developed by those promoting DMCA laws which make felons of developers who interface with DRM technologies.
It isnt the same world we had with GPL2.
An LGPL is appropriate for interfacing with DRM technologies because using the L means youre aware it is a mixed environment with attendant risks.
GPL needs to be something you can identify as a safe set of technologies for developers as well as for adopters and investors in those technologies.

Kernel developers' position on GPLv3

Posted Sep 26, 2006 0:28 UTC (Tue) by bojan (subscriber, #14302) [Link]

> FOSS people will not be safe with DRM.

Actually, it would appear that kernel developers that presented this position paper believe that they can be safe with DRM. I'm guessing that they are probably counting on "they need us now" factor by the hardware companies, with Linux being widespread as it is these days. So, they are probably feeling that it is unlikely that the hardware will go DRM-or-nothing in the foreseeable future (e.g. Linus pointed out a few times that you can always get a regular PC if you want to tinker with Tivo's version of Linux).

If the hardware doesn't go DRM-or-nothing, then there will always be enough folks tinkering with Linux to keep the interest in it on the "enthusiast" side. As for corporate side, I think there is no doubt that with GPLv2 the likes of Red Hat, Novell etc. can continue what they're doing with losing just the enthusiasts that in the DRM-or-nothing world would not be able to tinker at all. Whether the development community formed purely out of corporate programmers would be sufficient to keep pushing FOSS ahead long term is something that doesn't have an easy answer. However, in the DRM-or-nothing world, Linux kernel development and distribution would most likely look more like "shared source" than "open source" - look, but don't touch.

I personally have no idea what long term plans are of hardware making companies. They are the ones that will have to pick sides eventually.

> The GPLv3 is responding to an existing threat and not making a division in itself.

Well, it's a fork in the road, no doubt about that in my mind. FSF will relicense their tools to GPLv3 the moment it is final. Then all the corporate programmers that are contributing (e.g. Red Hat folks building glibc, gcc etc.) may be at a point of picking sides. It is quite clear that the kernel will stay on GPLv2 no matter what, but there is sufficient amount of important GNU software out there that a fork could be warranted if GPLv3 is perceived an insurmountable obstacle by big distros (similar scenarios happened before: think XFree86 - X.org). I'm thinking here primarily in terms of the patent clauses that could grind to a halt all big computer vendors' Linux related activities.

All this IMHO, of course and without passing any judgement to the validity of pro-3 or pro-2 arguments (i.e. I'm still very much undecided - there are good arguments on both sides).

One thing is for sure - Bill and Steve a getting a really good laugh out of all this. DMCA may have been on their mind in their effort to prevent further Linux penetration, but they probably never thought an internal struggle in the FOSS world could help them like this...