We can have both freedom and safety by requiring re-certification after modification. Like when you heavily physically modify a car then you can still drive it after the authorities decide it is safe.
You shouldn't have to hack it, you should have the right to repair the software on your device. Hopefully the Vizio lawsuit will help with that for Linux based devices, signs are looking good though.
You're right, but until the laws change we should be telling everyone how and make these tools better. If we can't change the laws we can make the cat and mouse game too expensive for them to continue.
Plus, I'm pretty confident they are already doing illegal things. On my Samsung TV it wants to force update. There is no decline option, there is no option to turn off updates, only to take it completely offline. There's no way in hell these kinds of contracts would be legal in any other setting. There's no meaningful choice and contracts that strongarm one party are almost always illegal. You can't sign a contract where the bank can arbitrary change the loan on you (they can change interest but they can't arbitrarily charge how that interest is determined. Such as going from 1% to 1000% without some crazy impossible economic situation).
Someone needs to start a class action. Someone needs to push that as far as the courts will go
Agreed. Its not that useful, but I have been collecting exploits here when I see any that could potentially be useful for replacing firmware on devices.
This is just about GPL compliance though (afaik LG TVs are already GPL compliant, or at least, I haven't noticed any noncompliance).
The bigger problem here is tivoization. You can build a fresh kernel from source but you have no way to install it because the bootloader is locked down.
We should really be happy that Torvalds decided to license Linux as GPL software. If it was BSD these discussions would simply not exist, and corporate power over software would be even greater. I would dare to say we would probably not even have an open source scene at all...
In the email you have linked to, he does not support tivoization. He simply says that he finds the term offensive (which is really funny coming from him).
Torvalds has also publicly stated that he doesn't think that tivoization benefits users, but it's not his battle to fight. More info on that topic can be found in the linked YT (linked at the precise time he is answering the question about tivoization, but the whole video is about GPL v2 vs GPL v3).
Because anti-tivoization doesn’t make sense in a software license.
Imagine you make a smart toaster, and you make it entirely out of open source software. You release all the changes you made too, complying fully with the spirit of open source. People could take your software, buy some parts and make their own OSS toasters, everything’s great.
But for safety reasons, since the software controls when the toaster pops, you decide to check at boot time that the software hasn’t been modified. You could take the engineering effort to split the software into parts so that only the “pop on this heat level” part is locked down, but maybe you’re lazy, so you just check the signature of the whole thing.
This would be a gpl3 tivoization violation even though the whole thing is open source. You did everything right on the software end, it just so happens that the hardware you made doesn’t support modifying the software. Why is that a violation of a software license?
This is what makes no sense to Linus, and TBH it makes no sense to me either. Would the toaster be a better product if you could change the software? Of course. But it seems to be an extreme overreach for the FSF to use their license (and that “or any later version” backdoor clause) to start pushing their views on the hardware world.
It makes sense in the context of GPL specifically when you remember that the GPL itself and the entire GNU stack and movement started from frustration with a printer, not a program.
> But it seems to be an extreme overreach for the FSF to use their license (and that “or any later version” backdoor clause) to start pushing their views on the hardware world.
Nothing is stopping the "hardware world" from developing their own operating system. But as long as they choose to come as guests to the FSF/GPL party, partake of the snacks and fill their glasses at the free-refills fountain, they're expected to abide by the rules. The doors not locked, they can leave any time.
I have a toaster oven in my kitchen. It's a dumb thing with a bimetallic thermostatic switch, a simple mechanical timer (with a clockspring and a bell), and a switch to select different configurations of heating elements. The power-on indicator is a simple neon lamp. (It also certainly has some thermal fuses buried inside; hopefully, in the right places.)
And, you know, it works great. It's simple to operate and (so far!) has been completely reliable.
I can hack on it in any way that I want to. There's no aspect of it that seeks to prevent that kind of activity at all.
What would I hack it to do instead? Who knows, but I can think of a couple of things. Maybe instead of having some modes where the elements are in series, I want them in parallel instead so the combination operates at higher power. Maybe I want to bypass the thermostat with an SSR and use my own control logic so I can ramp the temperature on my own accord and finally achieve the holy grail of a perfect slice of toast, and make that a repeatable task.
Whatever it is, it won't stand in my way of doing it -- regardless of how potentially safe or unsafe that hack may be.
There are countless examples of similar toaster ovens in the world that anyone else can hack on if they're motivated to do so, and very similar 3-knob Black & Decker toaster ovens are still sold in stores today.
And yet despite the profoundly-accessible hackability of these potentially-dangerous cooking devices (they didn't even bother to weld the cover on or use pentalobular screws, much less utilize one-way cryptographic coding!), they seem fine. They're accepted in the marketplace and by safety testing facilities like Underwriters Laboratories, who seem satisfied with where the bar for safety is placed.
Why would a toaster oven (or indeed, just a pop-up toaster) that instead used electronic controls need the bar for safety to be placed at a different height?
> Why would a toaster oven (or indeed, just a pop-up toaster) that instead used electronic controls need the bar for safety to be placed at a different height?
It wouldn't. It's a thought experiment. I even said:
> Would the toaster be a better product if you could change the software? Of course.
The point is, nobody should be compelling you to make your products hackable. If you don't want to, that's your prerogative.
The problem is, before GPLv3 existed, the authors that picked GPLv2 never expressed that they wanted their software to be part of some anti-locked-bootloader manifesto... they picked it because GPLv2 represents a pretty straightforward "you can have the source so long as you keep it open for any changes you make" license. That's what the GPL was. But this whole "Or any future version" clause gave FSF carte blanche to just alter the deal and suddenly make it so anyone can fork a project and make it GPLv3. I can perfectly understand why this would make people (including Linus) very mad.
You used the thought experiment as the foundation for the anti-anti-tivoization sentiment expressed. If the thought experiment is false, then the sentiment which might rest upon it is without basis.
> The point is, nobody should be compelling you to make your products hackable. If you don't want to, that's your prerogative.
I agree.
Nobody is compelled to use GPLv3 code in the appliances that they want locked-down for whatever reasons (whether good or bad) they may wish to do that. There's other routes (including writing it themselves).
They may see a sea of beautiful GPLv3 code and wish they could use it in any way they desire, like a child may walk into a candy store and wish to have all of it for free, but the world isn't like that.
We're all free to wish for whatever we want, but that doesn't mean that we're going to get it.
> But this whole "Or any future version" clause gave FSF carte blanche to just alter the deal and suddenly make it so anyone can fork a project and make it GPLv3.
This "Or any future version" part isn't part of the GPL -- of any version.
> Each version is given a distinguishing version number. If the Program
specifies a version number of the license which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
the license, you may choose any version ever published by the Free Software
Foundation.
The GPL itself does not in any way mandate licensing any code under future versions. An author can elect to allow it -- or not.
If they specify GPL 2, then they get GPL 2. Not 3. Not 4. Only 2.
Other versions of the GPL are ~the same in this way. (You know where to find them, right? They're easy reads.)
If an author wants, they can leave out the "or any future version" verbiage. If the author does not, then they are explicitly saying that they want their software to be part of whatever future manifesto the FSF puts forth, including the anti-locked-bootloader manifesto present in the GPLv3.
And that's why Torvalds left out "or any future version" when licensing Linux. So I'm not sure why he's "very mad" (I doubt he actually is?); his software remains on GPLv2 like he wanted.
> The point is, nobody should be compelling you to make your products hackable.
If you want to use my GPLv3 software on your product, then yes, I am requiring that you make it hackable. If you don't want to do that, tough shit. Either do so, or freeload off someone else's software.
> But for safety reasons, since the software controls when the toaster pops, you decide to check at boot time that the software hasn’t been modified.
"For safety reasons" is every single claim. For safety reasons, I want to block the manufacturer's software from doing what it wants. Why do the manufacturer's safety reasons overrule my safety reasons?
> This would be a gpl3 tivoization violation even though the whole thing is open source.
Copyleft has nothing to do with open source. You haven't done everything right on the software end, because the GPL isn't about helping developers. To do things right on the software end, you should keep GPL software out of your locked down device that you are using to restrict the freedom of its users.
> Would the toaster be a better product if you could change the software? Of course.
You just said that it would be an unsafe product if you could change the software. Now you're using the "don't let the perfect be the enemy of the good" trope to pretend that you would of course support software freedom in an ideal, magical, childish, naïve dream world.
> it seems to be an extreme overreach for the FSF to use their license
People can license their software how they want. Is it an extreme overreach for Microsoft to not let you take their Windows code and do whatever they want with it? Why are you even thinking about GPL code when there's so much overreach coming from Adobe? They don't let you use their code under any circumstances!
All of your reasoning is motivated, and I would recommend that people not buy your toaster.
The lawsuit is indeed about the GPL, but the right to repair (or at least replace) software really it needs to be expanded to all software. The right to repair movement is often about software-based lockdowns. Hopefully it will eventually result in those being banned.
reply