Monday, June 04, 2007

Slashdot | GPLv2 Vs. GPLv3

Stallman is touting the purpose of the GPL 3.0 changes as being to prevent the 'Tivoization' of software, to ensure that people have the ability to change code on appliances they buy.

Freedom to tinker is a justifiable goal, the problem is that the GPL3.0 changes go much further, in particular they prohibit the implementation of any form of trustworthy computing controls.

This is at best short sighted. Freedom to tinker means that I get to tinker with my machines, not the authors of spyware, keyboard loggers and other malware. Freedom to tinker does not mean freedom to bypass copyright protection controls.

We need to take a deeper look at how the technology works here to understand that the issue is not the ability to run code, it is the ability to access particular decryption keys. All trustworthy computing does is provide a hardware subsystem that gates access to particular pieces of information to code running in a particular operating system partition that has software protections to control the executables that can run.

What the open source community should be asking for is not what Stallman is demanding: a complete prohibition on trustworthy computing technologies. That demand has far more to do with Stallman's own peculiar political views.

Instead the open source community should demand that open source systems allow other code to be run, albeit not necessarily have access to the encryption keys. So someone could take the Tivo code, recompile it, add features and run it on the Tivo box. But the modified code would not then be able to access the keys used to control access to protected content.

No comments: