Most Read Technology Reporter For More Than Two Decades

Maureen O'Gara

Subscribe to Maureen O'Gara: eMailAlertsEmail Alerts
Get Maureen O'Gara: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Article

"Free Speech in a Technological Society Means Technological Free Speech," Says Moglen

"Free Speech in a Technological Society Means Technological Free Speech," Says Moglen

[All quotes are courtesy the transcript being hosted currently at groklaw.net.] 

 

The goal of the FSF

"The goal of the Free Software Movement is to enable people to understand, to learn from, to improve, to adapt, and to share the technology that increasingly runs every human life. ... This idea lay behind my dear friend and colleague, Richard Stallman's, intense desire, beginning in the early 1980's, to bring about a world in which all the computer software needed by anybody to do anything would be available on terms which permitted free access to the knowledge that that software contained and a free opportunity to make more knowledge and to improve on the existing technology by modification and sharing."


"Free software...is the single greatest technical reference library on Planet Earth"

"Free software, of which the operating system kernel called Linux is one very important example among thousands, free software is the single greatest technical reference library on Planet Earth, as of now. The reason I say that is that free software is the only corpus of information fixed in a tangible form, through which anyone, anywhere, can go from naivete to the state of the art in a great technical subject - what computers can be made to do - solely by consulting material that is freely available for adaptation and reuse, in any way that she or he may want."

 

"I wish Mr McBride luck"

"Mr McBride's claim is that he is going out of business because somebody has taken what belongs to him. That's a lawsuit. As it turns out, however, the people he believes have taken what don't belong to him aren't us. His theory is that various people promised AT&T at various times that they would do or refrain from doing various things, that some of the people who promised AT&T in the old days to do or refrain from doing various things broke those promises, and that out of the breaking of those promises, Linux, a computer program distributed under free terms, benefitted.

Mr McBride may be right about that or he may be wrong. We do not know what the contents of those contracts are in general terms, and we do not even know, as Mr. McBride pointed out to you when he was here, that he is the beneficiary of those contracts. He is presently in litigation trying to prove that he has what he claims to have -- certain contract rights which he claims were conveyed to him by Novell. I have no opinion about whose rights those are, and I wish Mr. McBride luck in his litigation over that question."

 

"I was perfectly happy to roll any time."

"To those who like to say there has never been a court test of the GPL, I have one simple thing to say: Don't blame me. I was perfectly happy to roll any time. It was the defendants who didn't want to do it. And when for ten solid years, people have turned down an opportunity to make a legal argument, guess what? It isn't any good.

The GPL has succeeded for the last decade, while I have been tending it, because it worked, not because it failed or was in doubt. Mr McBride and his colleagues now face that very same difficulty, and the fellow on the other side is IBM. A big, rich, powerful company that has no intention of letting go."

 

"trusted computing...means computers that users can’t trust"

"It is precisely because software is free, that the owners of culture have to occupy the hardware of the Net in order to make good their business model. Free software, like, for example, Ian Clark’s Freenet or other forms of free software that engages in peer-to-peer sharing of data, or for that matter just free software like TCP/IP which is meant for sharing data, presents overwhelming obstacles to people who want every single bitstream to bear requirements of ownership and distribution inside it and to go only to the places that have paid to receive it.

The result is an increasing movement to create what is in truly Orwellian fashion referred to as trusted computing, which means computers that users can’t trust. In order to continue to move for the freedom of knowledge in 21st century society, we have to prevent trusted computing and its various ancillary details from constituting the occupation of the hardware of the Net, to prevent the hardware from running free software that shares information freely with people who want to share. Beating the trusted computing challenge is a difficult legal problem, more difficult for the lawyer in dealing with licensing and the putting together of software products than the original problem presented by freeing free software in the first place. This, more than the improvement of the free software distribution structure as we currently know it, is the problem most before my mind these days."

More Stories By Linux News Desk

SYS-CON's Linux News Desk gathers stories, analysis, and information from around the Linux world and synthesizes them into an easy to digest format for IT/IS managers and other business decision-makers.

Comments (11) View Comments

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


Most Recent Comments
Alsee 04/11/04 06:05:40 PM EDT

>ed2d2 commented: But can the "trusted computing" scenario not be used to protect GNU works?

Trusted Computing defeats the GPL, in many cases the source code becomes essentially useless. If you change a single line then the software can no longer access it's data files and it can no longer connect to other programs locally or over the internet. The data files and communications can be encypted. Any change at all causes the software to fail to work. Trusted Computing's fundamental function is to deny you access to your own encryption keys.

>aridhol commented> Trusted computing requires that the binaries be signed by a trusted signer.

That is a common missunderstanding. Trusted Computing can certainly make use of such signatures to be even MORE oppressive, but Trusted Computing works even without any signatures at all. The program is hashed and that hash is used as a sort of signature. That hash is used to generate an encryption key that you are forbidden to see. If you change the program in any way then the hash changes. If the hash changes you can no longer use the correct encryption key. Without the correct encryption key it is impossible for the progeam to read it's own files or to talk to other people running the same software. So even with no signature at all the Trust System imposes a total lock-down against you.

>D*ckBreath commented: The "trust" in trusted computing means that (1)the user and (2)the software provider can both be assured that the software and hardware are not tampered with.

It s possible get (1) owner protection and assurance without imosing (2) total and abusing software provider over the owner of the computer. You can do it with hardware identical to Trusted Computing (thus with identical ability to protect the ower) where the owner is given a printed copy of his master key that is locked inside the Trust chip. If the owner knows his master key then he has full control of his computer, he gains the ability to override any atempt to abuse the system against his wishes.

>D*ckBreath continues: this does mean that, yes the software is (1)not compromised by a spy, or spy agency, or some enemy, or by some virus; it also means that (2)the software is not compromised by the end user.

Again, you can get all of the protections of (1) and none of the abuses against the owner (2) simply by lettign the owner konw his master key. If he knows his key then he can "compromise" his own machine if he likes. However it is impossible for an owner to "attack" himself ot "compromise" himself. Any change he chooses to make to his own system is perfectly legitimate.

>D*ckBreath continues: A software package that does something good, such as securely handling classified data, can be trusted to do its job properly.

Yes. And if the owner is allowed to know his own master key then such security is fully enforced so long as they is what the owner wants. Letting him know his key cannot in any way reduce his security.

>* VPC commented: The only thing taken away from a user

The central design factor of Trusted Computing is that the owner is forbidden to know his key. There is NO POSSIBLE legitimate justification for that. Any benefit for the owner can be had by the same system here he knows his key. The sole purpose for that design factor is to hijack his machine as a weapon against him

If the owner knows his key then the entire Trust system falls apart. That therefor implies that the owner is forbidden to rip owne his own machine and read out his key with a microscope. Currently they merely make that inconvient to do, and thus the system is pointless. I could simply go into business reading out people's keys for them and the Trust system falls apart, turning into the beneficial system I described where every owner is given a copy of his key in the first place. In order to then 'protect' the Trust system there will be an overwhelming call to make it CRIMINAL to open up your own property and look at it under a microscope. So the Trust system actually implies revoking basic property rights. And that's on top of all of the abuses of the system that I won't bother to even begin listing.

I will finnish off with the ultimate danger - Cisco is produced a new router. It is a Trusted Computing Router. It is being hailed as "blocking viruses". It does not actually block viruses. What it does is (1) require that you be running Trusted Computing, (2) use Trusted Computing to verify that you are running "approved" software such as a mandated operating system version and an approved firewall (thus the anti virus claims), and (3) if you are not "compliant" it denies you an internet connection. The President's Cyber Security advisor gave a speech at a computer conference calling on ISP's to install these routers and make Trusted Computing compliance a MANDATORY part of their Terms Of Service for internet access once most of the public has replaced their old non-Trusted machines with new Trusted ones. If you don't have a Trusted machine you are banned from the internet. If you swicth off Trusted Computing then you are banned from the internet. If you alter your BIOS, or alter your OS, or decline to run the software they mandate, or you choose to run any software they forbid, then you are denied internet acces.

At that point it's Game Over. You must "voluntarily" and totall submit or your computer is a worthless lump of slag. You no longer own your machine. You have no control over what it will do or what it will refuse to do.

Indulis 03/01/04 10:45:05 PM EST

The problem with "trusted" computing is that if you decide to load a piece of software that is not "trusted" (i.e. does not have a certificate based on the executable code). It may not load, or the other software you are running will stop working.

For example, you decide to compile the source for OpenOffice yourself, and load it. Nope- the "trusted" components on your computer will refuse to load it.

Basically, anything you can compile yourself is not "trusted". The only thing "trusted" are binaries with certificates.

You can kiss goodbye to running anything that is open source and is distributed in source form for you to compile. And even if open source projects do get trusted certificates for their code, you can say goodbye to rapid releases of new versions with new features or bugfixes.

See the threat to open source now?

I think that you are completely wrong in thinking only thieves and people who don't understand trusted computing are the only people who get upset. Anyone who actually understands the implications to Linux and Open Source should be getting upset (do you think the "trusted" platform will let you run Linux? Do you think that you'll be able to run legit imately purchased software like MS Office under Wine?).

VPC 03/01/04 01:25:32 PM EST

The only people I can understand getting upset about this technology is:

1) Thieves and malicious computing personalities
2) Honest PC-users who don't understand trusted computing

The only thing taken away from a user is the right to state that they are to be trusted, without someone actually checking up on it. Other than that, what's the problem?

daniel wallace 02/29/04 07:31:34 PM EST

> The GPL has succeeded for the last decade, while I have
> been tending it, because it worked, not because it failed
> or was in doubt.

Eben Moglen confuses the superior moral and ethical
imperative of the GPL with its legal inferiority. The GPL
has succeeded because no one has tested its legal validity
in a serious court challenge.

Moglen's theory of:

"Licenses are not contracts: the work's user is obliged to
remain within the bounds of the license not because she
voluntarily promised, but because she doesn't have any right
to act at all except as the license permits."

http://www.gnu.org/philosophy/enforcing-gpl.html

is legal gibberish.

******
Here's an email exchange with RMS:

"I assume, however, that at least some people want the GPL
to be binding--nothing can make it binding except a claim of
contract."

http://lists.essential.org/upd-discuss/msg00131.html

-- the respondent's email address resolves to:
MICHAEL H. DAVIS, (Professor of Law) Cleveland State
University. Education: Occidental College (B.A.,1967);
Hofstra Law School (J.D., 1975); Harvard Law School (LL.M.,
1979).

******
Perhaps further consideration should be given to:

"(A``non-contractual copyright permission'' would be some
sort of license that does not involve a contract I
suppose, but that is not a well defined term.)"

http://lists.softwarelibero.it/pipermail/diritto/2002-Februa
ry/000641.html

-- the respondent's email address resolves to:
PETER D. JUNGER
Professor of Law Emeritus
Case Western Reserve University
College: Harvard College, A.B. 1955
Law School: Harvard Law School, LL.B. (magna cum laude)
1958

******
How about this:

"The GPL IS a contract. Calling it a license
simply describes the type of contract it is."

http://www.mail-archive.com/license-discuss@openso
urce.org/msg01522.html

-- the respondent's email address resolves to:
ROD DIXON J.D. LL.M.
Visiting Assistant Professor of Law, Rutgers University
School of Law, Camden, New Jersey, Fall 1999 to present.
EDUCATION: LL.M. (with Distinction), Georgetown
University Law Center, 1998. J.D., George Washington
University Law School, 1992. M.A., University of
Pittsburgh, Faculty of Arts and Sciences, 1986. B.A.,
University of Pittsburgh, College of Arts and Sciences,
1984.

Doesn't anyone outside the academic legal community harbor
any suspicion that the GPL is fatally flawed?

duckbreath 02/29/04 06:45:48 PM EST

Obviously the "broken window fallacy" refers to a limited circle of benefit when the window is broken. Microsoft and other proprietary software companies benefit when Windows break by being able to offer a replacement or upgrade for a fee. The free software (OS) is valuable and allows the cost of the software to be applied in other areas of the economy rather than into the pockets of the proprietary software companies.

bnenning 02/29/04 12:14:53 PM EST

>What it really does is it undercuts the value of
>commercial software, which destroys jobs in the software
>industry.

Google for "broken window fallacy". When a formerly scarce good becomes abundant, the economy benefits.

Voice-of-Dissent 02/29/04 12:13:24 PM EST

How does giving away "free" software protect free speech? It may be a role model for free speech, but I don't see how it protects free speech.

What it really does is it undercuts the value of commercial software, which destroys jobs in the software industry.

D*ckBreath 02/29/04 12:10:07 PM EST

The "trust" in trusted computing means that the user and the software provider can both be assured that the software and hardware are not tampered with. The software intregity is assured.

While this does mean that, yes the software is not compromised by a spy, or spy agency, or some enemy, or by some virus; it also means that the software is not compromised by the end user.

A software package that does something good, such as securely handling classified data, can be trusted to do its job properly.

But also, a software package that

  • limits your rights
  • sends your private data to some corporation
  • pops up ads in your face
  • tampers with search results to cause their own links to come to the top
  • aridhol 02/29/04 12:08:20 PM EST

    Trusted computing requires that the binaries be signed by a trusted signer. For example, Company A is a trusted signer, and Product B is GPL. Company A can take Product B, modify it to their heart's content, and publish it as their own. As long as they sign it, the computer will run it. The computer has no notion of license, just signed or unsigned.

    ed2d2 02/29/04 12:07:36 PM EST

    But can the "trusted computing" scenario not be used to protect GNU works? Can we make sure that others are not infringing on the GPL using this, or am I grasping at straws here? Is there anything in this initiative that could be used to promote our freedoms?

    TopShelf 02/29/04 12:06:15 PM EST

    >The result is an increasing movement to create what is in
    >truly Orwellian fashion referred to as trusted computing,
    >which means computers that users can’t trust.

    Great quote! "Trusted computing" is a perfect example of Doublespeak, for which you could also say that the built-in presumption is that the user cannot be trusted.