Linus Torvalds blesses DRM, and nothing happens

Can we just talk about something else, please?

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Last week Linus Torvalds said share denial technology, or DRM (Digital Rights Management) is OK. He did so on a linux kernel mailing list and so anticipating the reaction, with the Subject line: Flame Linus to a crisp!, he wrote:

"I'm going to just hunker down for some really impressive extended flaming, and my asbestos underwear is firmly in place, and extremely uncomfortable."

Continuing the dramatic costume theme, Linux IDE subsystem guy Andre Hedrick entered, first warning, with a gothic flourish, that:

"Like fire, control DRM/CPRM and you receive benefits. Let it run wild and you will be burned."

Before leaving us with this reminder:

"PS: If this turns into a flame fest, the absolute seriousness of this issue will be lost. I have rented a blowtorch and flamethrower, and [am] prepared to destroy people who attempt to make this messy. One of the last things I will do before stepping to the side, will be to resolve this issue in a constructive way. So if it turns nasty, I am here for the long haul."

So we were in for a reet, really good game of Dungeons and Dragons. An epic battle. Only, it didn't happen.

Linus added:

"The technology itself is pretty neutral, and I'm personally pretty optimistic."

He regretted the demands, but weighed up the responsibilities and concluded:

"Unfortunate? Yes. maybe my moral sense is lacking, but I just can't see myself saying 'no, you can't use Linux for [encoding satellite TV streams]'".

Torvalds reminded us that it isn't the duty of open source software to protect open hardware - ie, the x86 platform, which is where most Linux users are today.

This subsequent bit from Linus is important:

"But such a 'make the machines be something the _users_ can trust' is 100% indistinguishable from a technical standpoint from something where you "make the machine something that Disney Corp can trust". There is _zero_ technical difference. It's only a matter of intent - and even the intent will be a matter of interpretation."

Which is correct, but where this leaves the GPL after all this has eventually been decided someplace else, at some point, is more than collateral damage.

Hedrick didn't throw down any more bolts of lightning, and they all wandered off and starting about strange things like 'how does this affect Quake?', which is a barmy thing to be talking about at such a historic moment.

Before Larry McVoy stepped in again to tell us how great his Bitkeeper software is. Again.

"The rockets go up - who cares where they come down?"

Which does sound like what we heard from the TCPA lot, who were sensitive to echoes of Tom Lehrer's famous disclaimer for the rocket scientist:

"Who cares where they come down, that's not my department, says Werner von Braun."

TCPA folks adopt the argument that it's "technology neutral" and honest guv, don't ask us about the morality of all this, we only work here.

The issue that brought this to the fore has been the embedded Linux contingent, who have been caught playing fast and loose with the GPL before, but who do stand a good chance of working Linux into entertainment playback devices or gateways, such as set top boxes and handhelds. These guys are working for pretty reactionary companies, and with things getting tough, these companies are looking to get something for nothing, as they do in tough times.

So they might want to pull stunts such as "can we use free Linux in our boxes to carry encrypted content and violate the GPL without anyone noticing?"

It's only a couple of months since Transmeta itself incorporated DRM support into its processors, so we were wondering how long it would be before Linus Made A Statement.

And now we have A Statement. Linus says he has faith that the public won't buy crappy DRM services which restrict their rights, such as the service Steve Jobs launched on Monday for his Apple computers. Just as dongles failed, DRM media and systems will fail, he said, because no one will buy them. (We remember hearing the same sort of argument from the EFF at about the time that CPRM on ATA, and copy-protected CDs were being introduced.)

So - why is it so quiet in here, we asked Alan Cox.

Cox told us that one way or another, this was an issue that would be decided in court.

"Really the question is 'can you use GPL'd code in a signed system'. The answer is a legal not a technical one and nobody can change that. It may be that future GPL versions take a clearer line on it (as GPLv2 did with patents) but for current code the situation is simply 'Ask your lawyer'."

Yes, but what happens then?

Andre Hedrick, who has not let us down yet, asks:

"How they do they deal with digital signing a kernel for use in an embedded environment - violating the GPL - without imposing restrictions on the GPL?"

"DRM is a media lock; interfaces aren't copyrightable - so the GPL won't help you there."

And if it comes to a lawsuit, who gets it in the ass?

"Is Linux a sum of its parts, or are its parts separate?"

In other words, who gets sued, and what are the implications? These are pretty big questions, and no one seems to be asking them.

The important thing to remember is that the GPL is a social construct, rather than a legal construct, which has never been tested in court. Its authority derives from consensus, not from the random fancies of a Judge. Throwing the GPL to the legal system now does seem to expose the Movement to an enormous amount of risk. Are we all aware that this is happening, and do we all appreciate the risk involved?

Larry McVoy did have a nice summary which, although he may have been talking about patent implications, resonates here:

Me: Action A is leading to reaction B which you don't want.
You: Action A is perfectly legal, etc., etc.
Me: It's not about whether it is legal or not, it's about reaction B.
You: Action A is perfectly legal, etc., etc.
Me: Reaction B is what you don't want, it's behaviour A which is the cause.
You: Action A is perfectly legal, etc., etc.
Me: You keep missing the point about the reaction B.
You: Action A is perfectly legal, etc., etc.
Me: Err, umm, how many times do I have to tell you it is the reaction that is what you want to avoid?
You: Action A is perfectly legal, etc., etc.
Me: Sigh.

Next in this series: Steve Jobs blesses DRM, and nothing happens. ®

Related Story

Of TCPA, Palladium and Werner von Braun .

Providing a secure and efficient Helpdesk

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Entity Framework goes 'code first' as Microsoft pulls visual design tool
Visual Studio database diagramming's out the window
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
prev story


Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.