Re: GPL V3 and Linux - Dead Copyright Holders

From: Linus Torvalds
Date: Thu Feb 02 2006 - 03:59:35 EST

On Thu, 2 Feb 2006, Pierre Ossman wrote:
> The point is not only getting access to the source code, but also being able
> to change it. Being able to freely study the code is only half of the beauty
> of the GPL. The other half, being able to change it, can be very effectively
> stopped using DRM.

No it cannot.

Sure, DRM may mean that you can not _install_ or _run_ your changes on
somebody elses hardware. But it in no way changes the fact that you got
all the source code, and you can make changes (and use their changes) to
it. That requirement has always been there, even with plain GPLv2. You
have the source.

The difference? The hardware may only run signed kernels. The fact that
the hardware is closed is a _hardware_ license issue. Not a software
license issue. I'd suggest you take it up with your hardware vendor, and
quite possibly just decide to not buy the hardware. Vote with your feet.
Join the OpenCores groups. Make your own FPGA's.

And it's important to realize that signed kernels that you can't run in
modified form under certain circumstances is not at all a bad idea in many

For example, distributions signing the kernel modules (that are
distributed under the GPL) that _they_ have compiled, and having their
kernels either refuse to load them entirely (under a "secure policy") or
marking the resulting kernel as "Tainted" (under a "less secure" policy)

Notice how the current GPLv3 draft pretty clearly says that Red Hat would
have to distribute their private keys so that anybody sign their own
versions of the modules they recompile, in order to re-create their own
versions of the signed binaries that Red Hat creates. That's INSANE.

Btw, what about signed RPM archives? How well do you think a secure
auto-updater would work if it cannot trust digital signatures?

I think a lot of people may find that the GPLv3 "anti-DRM" measures aren't
all that wonderful after all.

Because digital signatures and cryptography aren't just "bad DRM". They
very much are "good security" too.

Babies and bathwater..

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at