BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Govt Source Code Policy
- Subject: [Discuss] Govt Source Code Policy
- From: richard.pieri at gmail.com (Rich Pieri)
- Date: Mon, 4 Apr 2016 21:06:24 -0400
- In-reply-to: <chx7fgdklth.fsf@iceland.freeshell.org>
- References: <chx7fgdklth.fsf@iceland.freeshell.org>
On 4/4/2016 7:15 PM, Mike Small wrote: > There's no irony here. I like the idea of a GPL with provisions not > granting equal rights to scumbags who spy on environmental orgs and > black lives matter activists or to people who manufacture weapons. But > it's easy to see the mess that would result if everyone had their pet > restriction added in. They struck the right balance, as usual IMO. So to > the degree the FBI exercises their right to mess with software they come > into possession of it's cool they're granted such rights. That's not how the GPL works: https://www.gnu.org/licenses/gpl-faq.en.html#NoMilitary Q: I'd like to license my code under the GPL, but I'd also like to make it clear that it can't be used for military and/or commercial uses. Can I do this? (#NoMilitary) A: No, because those two goals contradict each other. The GNU GPL is designed specifically to prevent the addition of further restrictions. GPLv3 allows a very limited set of them, in section 7, but any other added restriction can be removed by the user. So you could add a restriction that ISIS members can't use your GPL code -- and ISIS members would be within the terms of the GPL to remove that restriction and use it anyway. > And obviously the GPL wasn't "carefully crafted" to permit someone to > take your device and get at your data. I mean, maybe in the 80s rms had > said something that seems funny now about passwords, but today the FSF > is promoting use of encryption. GPLv3 was designed to be a bullet-proof license that prevents TiVo and other companies from restricting your use of their devices. This applies equally to the FBI per the #NoMilitary question. That the FBI's purpose is to compromise a user's data is irrelevant to the GPL. On to some of your other questions: > Not sure I'm understanding you. First off, the FBI as a criminal > enforcement agency is themself excempt from the DMCA: > https://www.law.cornell.edu/uscode/text/17/1201 It's a matter of getting the information necessary for circumventing the DRM. With the GPL the jailbreak information is readily available to everyone. Without the GPL the FBI have to search for vulnerabilities and work out how to exploit them on their own. Or, you know, go to some pirate jailbreak site and download a jailbreak tool -- but I'll shortly address why they didn't do this first. > Remember also again that Apple would not need to fear being out of > compliance with the GPL on software they're the sole copyright owner > of. You'd need some other copyright holder up the chain of what they're > distributing for that to matter when they violated that clause with a > DMCA suit. Incorrect. Apple would still be in violation of the GPL. Whether or not the FSF would call them on it is an interesting question. They ignore Allwinner's and Rockchip's repeated willful violations but Apple are big enough that the publicity might be worth it. > Then how much effect are DMCA civil suits really going to have on > dissemination of exploits? About as much as copyright law has had on > the availability of movies with the copy protections stripped off I > should think. There can be no DMCA takedown notices or lawsuits if the User Product contains GPLv3 works "protected" by DMCA provisions. Section 3 sees to that. > And besides, as was puzzling all along in this case, the FBI is no > doubt perfectly capable of coming up with their own exploits or > hiring someone to quietly do so. Even though the FBI are exempt from the DMCA they still must follow procedures. Which means a formal request to Apple to assist. Which Apple turned into an advertisement for Apple. Also, having the vendor do the work is safer. Fewer risks of irreversible damage that might compromise data recovery efforts. -- Rich P.
- References:
- [Discuss] Govt Source Code Policy
- From: smallm at sdf.org (Mike Small)
- [Discuss] Govt Source Code Policy
- Prev by Date: [Discuss] Govt Source Code Policy
- Next by Date: [Discuss] Govt Source Code Policy
- Previous by thread: [Discuss] Govt Source Code Policy
- Next by thread: [Discuss] Govt Source Code Policy
- Index(es):