Feeds

RIP Andre Hedrick: The engineer who kept the PC open

Kernel expert stood up to mandatory hard disk DRM

Top 5 reasons to deploy VMware with Tegile

Obituary Andre Hedrick, a principal engineer and operating system architect at Cisco Systems and a Linux kernel contributor, has died. He leaves behind a wife, four young children and many friends.

Andre made a significant contribution to personal computing history in a way few people fully realise.

In 2000, Andre was working for SuSE in Oakland and was looking after the Linux ATA subsystem, the operating system's interface with industry-standard hard disks. He was also a member of the ANSI sub-committee, T13, which defined the standard for ATA disks.

The committee was presented with proposals to incorporate a sophisticated piracy-thwarting system called CPRM, or Content Protection for Recordable Media, devised at IBM's Almaden Lab. The proposal was tabled by Intel and a group of three hard drive manufacturers: Toshiba, Matsushita (aka Panasonic) and IBM. The cryptographic system proposed was vastly more ambitious than the SDMI watermarking initiative for music, which by then had floundered.

The CPRM layer permitted the host ATA disk to fully control the copying, movement and deletion of files, making it ideal for set-top boxes and other consumer electronics appliances built using industry-standard parts. But when implemented on a PC, it gave an application complete control of data, bypassing user control via the operating system.

This troubled Andre, who could see the implications. Industry standard CPRM on ATA devices posed immediate problems for enterprise backup and RAID systems and disk integrity software, and more importantly, augured a future in which the PC may no longer be the "open" device it historically had been. He blew the whistle.

After the details emerged here, the initiative caused a furore - spilling onto the front pages (after the influential San Jose Mercury followed up our reports), and into mainstream publications such as Scientific American.

What happened next is not well known, but encapsulates the subtlety of his thinking, and a deep seam of fair mindedness.

The fight to keep personal computers open

Andre had little time for the American motion picture industry, which was pushing CPRM: he called it the "Hollywood sewer", and fulminated against "the greedy little !@#$%^&*() that are going to violate the ownership rights of products and the use of those products". Yet he set about creating a workable compromise - one his opponents couldn't reasonably destroy.

What Andre knew, and what outraged digital rights campaigners didn't understand, was that the rejection of CPRM as an official industry technical standard would result in the worst possible outcome for users and software authors. Most of the commands obeyed by the world's hard drives were not part of any standard, and were proprietary to the disk vendors - the very same disk vendors who had agreed to advance CPRM.

Rogue applications could bypass the operating system and turn CPRM back on. Andre's alternative proposal involved supplying a PIN so the PC owner could prevent the content protection from being activated in their machine.

This would allow new generations of closed playback devices to be built using off-the-shelf ATA disks while handing control of the open PC to the user.

"Control over a technology is more important than it existing," he told me. "If you know it's there, you're empowered."

The counter proposals and arguments Andre made ensured that CPRM was not implemented through the backdoor, and was used in closed devices and removable media without compromising the user's control of the PC.

And now look where we are today

CPRM is widely used today as the encryption scheme for SD cards. But by the summer of 2001, and thanks largely to Andre's unsung efforts that spring, it was never implemented as a standard, official or otherwise.

This would be the last time the entertainment industry would attempt to define standards for the technology industry. Today, millions of people use digital restriction management systems that lock down books, songs and music - the Amazon Kindle, the BBC iPlayer and Spotify are examples - but consumers enter into the private commercial agreement knowingly. It isn't set by default in the factory, as it might have been. The PC remains open rather than becoming an appliance.

Andre Hedrick

Andre Hedrick

Andre was never comfortable taking the credit he really deserved for this achievement.

Driving me back from our first meeting in Oakland in the summer of 2000, he described how he had deciphered the control protocol for APS power supplies - the dominant manufacturer at the time - to allow Linux to work with them.

He had to decipher the commands on the wire, which took all of an obsessive engineer's determination. He was also one of America's leading forensic experts, and was called upon to advise on retrieving data from damaged disks. In each of these cases, he preferred to take quiet satisfaction rather than public acclaim.

But it was his human ability to pursue a workable compromise that most impressed me, and really ensured that the personal computer remains an open system - a marked contrast to today's dogmatic and self-aggrandising copyfighters, who shun consensus and rational settlements, preferring both the limelight and the dubious glory of defeat. If Andre had adopted such a strategy, personal computing history would probably be very different.

He joined Cisco in January 2007 where he worked on several embedded projects, and helped define the current Cisco architecture IOS-XE.

On the Linux kernel mailing list, his friend Nate Lawson recalls Andre saying: "To work on disk drivers, you have to be a special kind of bastard." File systems are the world's most reliable databases for a reason, and built by engineers with the fierce integrity of Andre Hedrick.

Andre took his own life on Friday, 13 July. He will be greatly missed and our thoughts are with his family. His wife has set up a condolence weblog with details of a memorial service to be held in Berkeley, California, this Friday. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
DEATH by COMMENTS: WordPress XSS vuln is BIGGEST for YEARS
Trio of XSS turns attackers into admins
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.