Re: Linux 2.2.20pre10

D. Stimits (stimits@idcomm.com)
Mon, 22 Oct 2001 17:49:01 -0600


Tom Sightler wrote:
>
> > > Not forgotten, just trying to understand relevance. How do these cases,
> > > which all revolve around breaking commercial products and cause damage
> to
> > > the corporations that push them, apply to security in the open source
> Linux
> > > kernel to which the public is given all rights.
> >
> > For me, DeCSS is an application that has a purpose for watching DVD:s
> > when I boot my G4 into Linux instead of MacOS.
>
> For me too, but in other people's opinion it's a tool for pirates (I don't
> share this opinion, however, I can see how some people, who don't understand
> the difference, might have this opinion). However, I don't think that a
> security exploit in an open sourced OS is likely to be a "curcumvention
> device" to even clueless people.
>
> > And even those that actually use DeCSS only to gain their "copyright"
> > (that is, provide you with your right to copy what you have purchased,
> > for backup-purposes, for instance) or indeed those that illegaly copy
> > DVDs, seldom do so to break commercial products and cause damage to the
> > corporations that push them.
>
> Agreed, but's that's how these corporations (or coporate representatives)
> managed to get these cases to court. However, I fail to see who is going to
> be the prosecutor in the case of a security exploit against the open source
> Linux kernel. In every one of these cases, DeCSS, SDI, and eBook, the
> encryption that was hacked was put in place by the companies specifically to
> protect the copyrighted work. The Linux kernel provides general access
> controls and does not meet the following DMCA requirement to be a copyright
> protection system:
>
> "(B) a technological measure "effectively controls access to a work" if the
> measure, in the ordinary course of its operation, requires the application
> of information, or a process or a treatment, with the authority of the
> copyright owner, to gain access to the work."
>
> The part that is missing is the "authority of the copyright owner" portion.
> In the case of CSS, SDI, and eBook, the copyright owners all specifically
> allow access to the information only when using authorized means of viewing
> the work. Last I checked no copyright owner has said that ACL's are an
> authorized means.

SSSCA grants all this. SSSCA would have enormous impact here. If SSSCA
passes, look out.
http://www.newsforge.com/article.pl?sid=01/10/19/1546246&mode=thread

D. Stimits, stimits@idcomm.com

>
> This is my main argument why I think Alan is safe to post security related
> information in changelogs. I just don't think there is any way for someone
> to interpret this law to mean that posting that information is illegal. Of
> course, if he still doesn't want to I respect that opinion as well, but I'm
> sure willing to do it.
>
> > As for the Sklyarov-case, I'm pretty sure he'd been arrested even if his
> > program had been an open source program under the GPL, freely
> > distributed etc.
>
> I would tend to agree, because Adobe initially filed the complaint for
> damages he could have been arrested under the civil action. However, once
> Adobe agreed to drop the issue (I'm not sure they did, but it is my
> understanding that they have) it didn't matter much, because they are not
> required to pursue the criminal portion, the government alone can pursue it
> from there.
>
> BTW, I'm not trying to argue that the cases which use the DMCA are valid in
> any way, I'm totally againts all of them as they definately impose on my
> fair use rights, which is why I have never purchased an eBook, don't own a
> DVD player (actually not 100% true, I have a DVD player in my laptop and
> have used it for loading software and playing around with DVD playback under
> Linux using some borrowed DVD's), and don't own music with any SDI
> watermarks (that I know of). If companies don't want to grant me fair use,
> I don't want their products.
>
> Later,
> Tom
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/