Re: Linux 2.2.20pre10

Re: Linux 2.2.20pre10

[Wayne.Brown]

As the person  who first brought Iraq into this thread, I have to say this:  If
you think I was comparing the US to Iraq then you're mistaken.  I was merely
pointing out Iraq (semi-jokingly) as an example of a country that would not care
about enforcing US laws.

Wayne




Alan Cox <alan@lxorguk.ukuu.org.uk> on 10/22/2001 03:28:38 PM

To:   tudorb@pikka.net (Tudor Bosman)
cc:   linux-kernel@vger.kernel.org (linux-kernel@vger.kernel.org) (bcc: Wayne
      Brown/Corporate/Altec)

Subject:  Re: Linux 2.2.20pre10



> 1. A description of a security hole is constitutionally protected
> speech, and as such cannot be construed as violating the sections of the
> DMCA.  If such description fits the definition of "technology, product,
> service, device, component, or part thereof", then we're in big trouble,
> because source code itself is much closer to the definition of a
> "product" than a description of the source code.

I firmly believe that if justice prevails in the existing DMCA cases you
will be shown to be right. I've seen people compare the US to Iraq and
I don't buy that.

However until people stop shooting I'd prefer not to be a potential target.

Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Fabian Svara]

Does all that actually mean that pages on the net which are generally accessible are subject to all the world's laws? That would actually make sense (as the net itself is ubiquitious), but is of course impossible...

Fabian Svara

Re: Linux 2.2.20pre10

[Rik van Riel]

On Fri, 26 Oct 2001, Fabian Svara wrote:

> Does all that actually mean that pages on the net which are
> generally accessible are subject to all the world's laws? That
> would actually make sense (as the net itself is ubiquitious),
> but is of course impossible...

Usually you only get arrested when you travel to the
country in question (eg. Dmitry Skylarov or people
criticising the chinese government), but sometimes a
country manages to get somebody extradited for things
which are put on a website (eg. Germany convicted an
Australian for putting neo-nazi stuff on his website).

Both the laws themselves and the legal precedents are
extremely unpredictable, the most sensible thing seems
to be to just not publish things to the country where
they are outlawed by putting some access control in
front of the goodies ;)

regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Jesse Pollard]

> 
> By the same line of reasoning, using passwd as root on a different user
> would be a possible circumvention of a copyright protection mechanism
> and thus turn passwd into illegal software under the DMCA. Are all *nix
> manufacturers and Linux distributors aware of this? All Linux distros
> and all Unix operating systems are illegal under DMCA...

It also applies to Windows too -- the admin would be cirumventing protection
by just changing the/a password...

-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@navo.hpc.mil

Any opinions expressed are solely my own.

Re: Linux 2.2.20pre10

[Thomas Hood]

In your letter you describe Alan as an "official" maintainer
of the stable kernel, but there isn't such a thing.  Alan
is a volunteer who works his butt off integrating patches
from other volunteers in order to produce a useful series of
Linux kernels.  He has apparently decided, however, to limit
his volunteer contributions to those that aren't liable to
land him in jail sometime in the future.

You seem to think that Alan is just being paranoid or petty,
but you are wrong.  U.S. law makes OSS coding legally risky.
Alan's duties require him to handle a lot of code, which
increases his exposure to the risk.  Furthermore, his
position in the community makes him an attractive target for
any entity that decides to attack the open source software
community with legal weapons.  Remember Sklyarov.

--
Thomas Hood

> Mr. Cox,
> 
> I understand your concern for your own safety, though I disagree with
> your evaluation of the danger in this case.
> 
> However, I think it's fair to say that the production and distribution
> of complete changelogs, such that all users have access to them, is an
> important part of the job of being the official maintainer for a
> project, especially such an important project as the stable branch of
> the Linux kernel.
> 
> So it sounds to me like what you're really saying is that you are
> unwilling to take the risks that, under the current circumstances, you
> perceive as an unavoidable part of the task of maintaining the kernel.
> 
> I don't buy the argument you seem to be implying, that you can fulfil
> your responsibilities as kernel maintainer by making this information
> available in such a way that US residents cannot obtain it. From the
> statistics I've seen in the past, a high percentage of Linux users are
> US residents. It is surely unreasonable to suggest that withholding
> information from all those people is compatible with being the official
> kernel maintainer.
> 
> You are aware, no doubt, that Linus Torvalds is currently resident in
> the US. If you are unable to give him complete changelogs and
> explanations of the patches you submit to him, I can't imagine how you
> could continue to perform effectively as a Linux kernel developer.
> 
> Perhaps you should step down. This would not only be the honest and
> honorable thing to do, if you truly believe that distributing changelogs
> to the US would place you in legal jeopardy, but it would also be a far
> more dramatic act of protest than merely censoring changelogs.
> 
> Respectfully,
> 
> Craig Dickson
-- 
Thomas Hood
(Don't reply to the From: address but to jdthood_AT_mail.com)

Re: Linux 2.2.20pre10

[Patrick Chase]

/> > So, then, just to satisfy my curiosity, how long until users of 
Linux in/
/> > the U.S.A. will no longer be allowed to download new kernels?/

 > Potentially about 12 months after the SSSCA is passed. At which point 
you may
 > well find only a binary only OS with enforced copy management is legal in
 > the USA.

Not even then, unless you can convince each and every contributor to 
relicense their contribution to you under something other than the GPL. 
(My reading of the license is that there is _no_ legality-based 
exception to the pertinent "derivative works" clause, though I could 
easily be wrong). Your change summaries are your original work, so you 
are of course free to withold information there at your discretion ;-)

-- Patrick

Re: Linux 2.2.20pre10

[Carsten Kuckuk]

By the same line of reasoning, using passwd as root on a different user
would be a possible circumvention of a copyright protection mechanism
and thus turn passwd into illegal software under the DMCA. Are all *nix
manufacturers and Linux distributors aware of this? All Linux distros
and all Unix operating systems are illegal under DMCA...

Re: Linux 2.2.20pre10

[D. Stimits]

Carsten Kuckuk wrote:
> 
> By the same line of reasoning, using passwd as root on a different user
> would be a possible circumvention of a copyright protection mechanism
> and thus turn passwd into illegal software under the DMCA. Are all *nix
> manufacturers and Linux distributors aware of this? All Linux distros
> and all Unix operating systems are illegal under DMCA...

Perhaps you missed the part in SSSCA where there was a clause that gave
certain parties back doors into all machines (by law) to test if you
violate copyright rules? I think that part got washed out already, but
what you properly consider via sarcasm, some Senator has at least
proposed as law.

D. Stimits, stimits@idcomm.com

> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Craig Dickson]

There have been a lot of messages from a number of different people
about this "censored changelogs" issue. Rather than reply to various
points separately, I just want to sum up my views in one message.

I simply don't believe that Alan Cox is at any risk of prosecution, and
what's more, I don't believe that he believes it. He's just making a
dramatic political statement that will have no effect on the law, will
never even be noticed by American legislators, and serves only to annoy
US-based Linux users.

The words "Felten" and "Sklyarov" keep coming up in this discussion. The
parallel between Alan Cox's situation and those cases are simply not
valid.

Felten conducted research on how to break DRM systems that were being
considered for commercial use (the proposed SDMI standards).

Sklyarov developed (or helped develop) a product that breaks Adobe's
commercial DRM scheme for PDF files.

Note that both Felten and Skyarov developed and publicized (or announced
an intent to publicize, in Felten's case) ways of compromising
commercial, third-party DRM systems, thus embarrassing and antagonizing
the wealthy corporations that had invested time, money, and prestige in
those DRM systems. This has no real similarity with Alan Cox's kernel
work. All Alan is doing is fixing bugs in a system that he has every
right to work on, and has a long history of contributing to. He is _not_
reverse-engineering someone else's copyright-protection scheme and
publicizing how to circumvent it. And anyone who's ever actually _read_
his changelogs should know that they do not in any way amount to attack
recipes.

What's more, nobody sued or prosecuted Felten. The RIAA made threatening
noises, but backed off the instant they were called on it, insisting
that they had never had any intention of suing anybody, and they fully
supported Felten's rights as an academic researcher, blah blah blah.
(No, I don't really believe them, but the fact is, ultimately, they
didn't sue.) Felten elected not to present his paper mostly because it
gave him and the EFF a stronger case for his suit against the RIAA; he
couldn't very well present the paper and then sue them for preventing
him from doing so, and he obviously wants to be the Constitutional test
case or he wouldn't have bothered suing them at all after they publicly
backed down.

Alan Cox claims to have legal advice, but has said nothing about who
gave it to him, or what their qualifications are regarding US copyright
law and the DMCA, or even exactly what their reasoning was; all we know
is that the end result is that he's decided not to distribute complete
changelogs. I find it hard to take this sort of nebulous claim of "legal
advice" seriously when the advice seems nonsensical on its face.

Craig

Re: Linux 2.2.20pre10

[Luigi Genoni]

On Mon, 22 Oct 2001, Craig Dickson wrote:

> There have been a lot of messages from a number of different people
> about this "censored changelogs" issue. Rather than reply to various
> points separately, I just want to sum up my views in one message.
>
> I simply don't believe that Alan Cox is at any risk of prosecution, and
> what's more, I don't believe that he believes it. He's just making a
> dramatic political statement that will have no effect on the law, will
> never even be noticed by American legislators, and serves only to annoy
> US-based Linux users.
your own opinion
>
> The words "Felten" and "Sklyarov" keep coming up in this discussion. The
> parallel between Alan Cox's situation and those cases are simply not
> valid.
>
> Felten conducted research on how to break DRM systems that were being
> considered for commercial use (the proposed SDMI standards).
>
> Sklyarov developed (or helped develop) a product that breaks Adobe's
> commercial DRM scheme for PDF files.
>
> Note that both Felten and Skyarov developed and publicized (or announced
> an intent to publicize, in Felten's case) ways of compromising
> commercial, third-party DRM systems, thus embarrassing and antagonizing
> the wealthy corporations that had invested time, money, and prestige in
> those DRM systems. This has no real similarity with Alan Cox's kernel
> work.
Ans so, if a company makes a vulnerable product, I am not free
to publish the bug?

ahh, simply nonsense.

> All Alan is doing is fixing bugs in a system that he has every
> right to work on, and has a long history of contributing to. He is _not_
> reverse-engineering someone else's copyright-protection scheme and
> publicizing how to circumvent it. And anyone who's ever actually _read_
> his changelogs should know that they do not in any way amount to attack
> recipes.
>
> What's more, nobody sued or prosecuted Felten. The RIAA made threatening
> noises, but backed off the instant they were called on it, insisting
> that they had never had any intention of suing anybody, and they fully
> supported Felten's rights as an academic researcher, blah blah blah.
Yes, Felten has the right to do what he did, period!
and, by the way, Sklyarov had the right to write its code in Russia, and
to seel it to a russian company. Then the company could do what it wants.
USA has no right to do something against Sklyarov.

Luigi

Re: Linux 2.2.20pre10

[Craig Dickson]

Luigi Genoni wrote:
> On Mon, 22 Oct 2001, Craig Dickson wrote:
> 
> > There have been a lot of messages from a number of different people
> > about this "censored changelogs" issue. Rather than reply to various
> > points separately, I just want to sum up my views in one message.
> >
> > I simply don't believe that Alan Cox is at any risk of prosecution, and
> > what's more, I don't believe that he believes it. He's just making a
> > dramatic political statement that will have no effect on the law, will
> > never even be noticed by American legislators, and serves only to annoy
> > US-based Linux users.
> your own opinion

If you read carefully, I said twice "I don't believe", which pretty
clearly indicates that I am expressing my own opinion. So I'm not at
all sure what you think you're contributing by repeating that fact.

> Ans so, if a company makes a vulnerable product, I am not free
> to publish the bug?
> 
> ahh, simply nonsense.

Yes, it is nonsense. Where did you come up with it? Nothing I wrote
suggested any such thing.

What I was pointing out was that the RIAA and Adobe at least had some
reason to be opposed to what Felten and Sklyarov were doing. It is
unfortunate that the DMCA gave them the appearance of legal backing for
their revoltingly unethical attempts to prevent public discussion of the
technical demerits of their technology, but the real point here is that
there was a plaintiff to initiate DMCA prosecution (in Sklyarov's case)
or to threaten Felten with a civil action. But who is going to do the
same to Alan Cox for fixing kernel bugs? Who could conceivably have a
cause for action?

I hope this clarifies my point for you.

Craig

Re: Linux 2.2.20pre10

[Thomas Hood]

I think that a lot of people would like to know more about
how the DMCA creates the risk that Alan is worried about.

Having said that, the decision about what is required to protect
himself is up to Alan, and if he chooses to be very cautious
then that is more than his right.  Don't like it?  You can
always start maintaining your own -xyz kernel branch.

I would also like to know how this issue affects Canadians,
who often occupy a legal middle ground between the U.S.
and the non-U.S. world when it comes to these issues.
Can Canadian citizens be informed of these changelog items?

-- 
Thomas Hood
(Don't reply to the From: address but to jdthood_AT_mail.com)

Re: Linux 2.2.20pre10

[D. Stimits]

Thomas Hood wrote:
> 
> I think that a lot of people would like to know more about
> how the DMCA creates the risk that Alan is worried about.

I personally think DMCA creates a bad precedence, and in part is a
reason why some idiot senator would sponsor more ridiculous bills like
SSSCA. Killing or neutering DMCA is a good starting point to stopping it
in the future. Check out SSSCA, no doubt influenced by the success of
DMCA:
http://www.newsforge.com/article.pl?sid=01/10/19/1546246&mode=thread

D. Stimits, stimits@idcomm.com

> 
> Having said that, the decision about what is required to protect
> himself is up to Alan, and if he chooses to be very cautious
> then that is more than his right.  Don't like it?  You can
> always start maintaining your own -xyz kernel branch.
> 
> I would also like to know how this issue affects Canadians,
> who often occupy a legal middle ground between the U.S.
> and the non-U.S. world when it comes to these issues.
> Can Canadian citizens be informed of these changelog items?
> 
> --
> Thomas Hood
> (Don't reply to the From: address but to jdthood_AT_mail.com)
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Wayne.Brown]

Even if every Linux user in the US speaks out against it (and I'm sure a lot of
us already have), I doubt it will make any difference at all.  There just aren't
enough of us.  But hey, you and the rest of the world will still have Linux, so
who cares, right?  It's great to see such enthusiastic support for the
principles of free software.

My personal opinion is that no one in this discussion is really concerned about
getting arrested or sued over publishing Linux changelogs.  I think it's all
just a publicity stunt to make a point, at the expense of those who have no
choice in the matter.  In any case, I'm thoroughly disgusted with the whole
subject and don't intend to answer any more posts or emails about it.

Wayne




Rik van Riel <riel@conectiva.com.br> on 10/22/2001 05:04:54 PM

To:   Tony Hoyle <tmh@nothing-on.tv>
cc:   linux-kernel@vger.kernel.org (bcc: Wayne Brown/Corporate/Altec)

Subject:  Re: Linux 2.2.20pre10



On Mon, 22 Oct 2001, Tony Hoyle wrote:

> > If publishing changelogs would be illegal in, say, the USA, should Linux
> > development be stopped ?
>
> If the SSSCA gets passed that's not an impossible scenario...  (more
> likely it'll just become unavailable in the US).

Oh, I'm absolutely certain that Linux development will continue
but Linux just won't be available to people in the US any more.

If people are truly uncomfortable with it, they should prevent
the SSSCA from becoming a law.

regards,

Rik
--
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/       http://distro.conectiva.com/

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[David Weinehall]

On Mon, Oct 22, 2001 at 05:27:06PM -0500, Wayne.Brown@altec.com wrote:
> 
> 
> Even if every Linux user in the US speaks out against it (and I'm sure
> a lot of us already have), I doubt it will make any difference at all.

I'm sure that a couple of tens of thousands of well-informed
Open-Source/Free Speech proponents attending Sklyarovs trial would draw
attention.

Similarly a large manifestion on the day of the hearing on SSSCA,
preferably with known (important!) professors, scientists, authors, etc
giving lectures on why DMCA/SSSCA is so bad for
freedom/economy/whatever, would probably give quite some
column-millimetres.

> There just aren't enough of us.  But hey, you and the rest of the
> world will still have Linux, so who cares, right?  It's great to see
> such enthusiastic support for the principles of free software.

I think few, if anyone, has said anything such.
But I do know, that an Alan at home, co-working with his under-ground
cluster of gnomes, does a hell-of-a-lot more good for free software
than an Alan in a US-prison as yet another victim of "justice".

> My personal opinion is that no one in this discussion is really
> concerned about getting arrested or sued over publishing Linux
> changelogs.  I think it's all just a publicity stunt to make a point,
> at the expense of those who have no choice in the matter.  In any

Ahhhh. So you argue, that this is a publicity-stunt pulled by Alan,
and at the same time complain about the fact that the people fighting
the DMCA/SSSCA don't get enough attention? That is, you complain about
an alleged attempt to pull attention to an idiotic law, yet whine about
the fact that it's hard to get enough attention about this law?

> case, I'm thoroughly disgusted with the whole subject and don't intend
> to answer any more posts or emails about it.

Ok.


/David Weinehall
  _                                                                 _
 // David Weinehall <tao@acc.umu.se> /> Northern lights wander      \\
//  Project MCA Linux hacker        //  Dance across the winter sky //
\>  http://www.acc.umu.se/~tao/    </   Full colour fire           </

Re: Linux 2.2.20pre10

[Chris Gomez]

From: "David Weinehall" <tao@acc.umu.se>
Sent: Monday, October 22, 2001 4:56 PM
> On Mon, Oct 22, 2001 at 05:27:06PM -0500, Wayne.Brown@altec.com wrote:
> > There just aren't enough of us.  But hey, you and the rest of the
> > world will still have Linux, so who cares, right?  It's great to see
> > such enthusiastic support for the principles of free software.
>
> I think few, if anyone, has said anything such.

Comments along the lines of "move somewhere else" certainly seem to imply
such.
Rik van Riel in particular has said many things along those lines; "That's
tough, they're a democratic country, they can change the law if it hurts
them too much." Of course, that statement is completely untrue. We are
neither a democracy, nor do individuals without very much money have the
power to change laws. Which also precludes moving to a different country.

--Chris Gomez

Re: Linux 2.2.20pre10

[Jonathan Amery]

In article <86256AED.007BA960.00@smtpnotes.altec.com> Wayne wrote:
>  It's great to see such enthusiastic support for the
>principles of free software.

 This would be the principles of "I've written this, I hope people find
it useful" or "The author places no restrictions on the distribution
or modification of this work" or likewise?

 Jonathan.

RE: Linux 2.2.20pre10

[Leif Sawyer]

> Rik van Riel responds to:
> On Mon, 22 Oct 2001, Craig Dickson wrote:
> > Rik van Riel wrote:
> >
> > > Maybe Alan will allow publishing of the changelogs on
> > > http://thefreeworld.net/  ?
> >
> > Earlier today he said he wanted to put them online in a way that
> > US citizens couldn't get at them. That's simply not acceptable.
> 
> It's perfectly fine with me ;)
> 
> > Now, if he backs off to simply not including them in email, but
> > publishing them on a non-US website that is freely accessible to
> > Americans, that might be a reasonable compromise.
> 
> We're working on implementing access control for
> thefreeworld.net so the classified content won't
> be available for citizens and inhabitants of the
> USA.
> 
> This is done so we won't be liable for publishing
> things to the USA which would be illegal there.
> 
> > Alan has done a great many wonderful things for the kernel, and
> > it would indeed be very sad if he could not continue to do so.
> > However, if he's unwilling to do the job completely, making
> > changelogs and all other public information available without
> > restrictions, then he is no longer doing a very important part
> > of his job, and someone else should take over.
> 
> So if the SSSCA gets approved and open source is outlawed
> (because only software with 'approved security measures'
> is allowed) Linux should stop entirely ?
> 
> I don't agree that one US law, which hurts US citizens,
> should also hurt the rest of the world. It's your country,
> it's your law, it should only hurt you...

Now i'm completely mystified.  Since I'm a member of BugTraq, 
I get full disclosure of the bugs that make it there.

Including the recent kernel bugs.

Since I'm in the position to see the problem before the solution,
I'd be happy to repost a summary of security-related changes
to vger, provided of course that I'm able to correlate the changes
with the advisories posted on BugTraq.

Of course, if Alan wanted to cc me on the kernel updates with the full
text of the changes, or if I had access to this new website, I'd still
be willing to repost.

Once a security issue is published to the global internet community
(via BugTraq, vger, or any other method) with regards to the open-source
componant of the linux kernel (i can't speak for non-GPL'd stuff of course)
in a manner consistant with full-disclosure, then I see no legal issue
with posting information that informs users of what fixes are made.

--
Leif Sawyer   --  Pi@4398680
leif@gci.net  ||  lsawyer@gci.com  ||  internic: LS2540 
(907) 868 - 0116   ||  ICQ - 3749190  || http://home.gci.net/~leif
Network & Security Engineer -- General Communication Inc.
PGP Fingerprint: 77 C8 34 B8 FD BC C6 32  5F FE 93 4B AE 6C F7 4E
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT d+ s: a C+++(++)$ US++++$ UL++++$ P+++ L++(+++) E---
W+++ N+ o+ K w O- M- V PS+ PE Y+ PGP(+) t+@ 5- X R- tv b++(+++)
DI++++ D++ G+ e(+)* h-- r++ y+ PP++++ HH++++ A19 NT{--}
------END GEEK CODE BLOCK------
Decode it! http://www.ebb.org/ungeek/


 

Re: Linux 2.2.20pre10

[Sam Varshavchik]

On Mon, 22 Oct 2001, PinkFreud wrote:

> Why not take that a step further?  It would seem to me that your
> insane interpretation of that insane law would mean that unix and it's
> derivatives (Linux, anyone?) would be illegal to use as well.

Only partially correct.  Linux will certainly be illegal under SSSCA.  
Read it.  UNIX is not.  And there's nothing insane about it.  That's what
the proposed bill says.

> Please don't tell me you woke up this morning and had a sudden attack of
> conscience that you were violating US law.  You've posted such changes

Perhaps a sudden realization, would be more like it.

-- 
Sam

Re: Linux 2.2.20pre10

[Wayne.Brown]

Thank you.  That's a very kind and generous offer.  You might want to consult a
French attorney, though, just to make certain there's no way they could make
trouble for you under French law.

I really appreciate the fact that you're willing to help, but I wouldn't want
you to risk getting into trouble on our behalf.

Wayne




Kilobug <kilobug@freesurf.fr> on 10/22/2001 04:52:43 PM

To:   linux-kernel@vger.kernel.org
cc:    (bcc: Wayne Brown/Corporate/Altec)

Subject:  Re: Linux 2.2.20pre10



Rik van Riel wrote:

 >>I never said that Alan, or any particular individual, should
 >>risk a lawsuit or jail.  I simply said that I hoped *someone
 >>outside the US* (that is, someone not subject to US laws) would
 >>make the information available.
 >>
 >
 > If you publish to the US, you can be sued under US law.
 >

Ok, so mail me the security-related informations at
kilobug@club-internet.fr, it's in France so you can, and I'll forward them.

I don't plan to go to the US a day or another (I won't go to any country
that use death penalty, for moral and political reasons), and so I don't
fear their DMCA.

--
   ** Gael Le Mignot, Ing3 EPITA, Coder of The Kilobug Team **
Home Mail : kilobug@freesurf.fr          Work Mail : le-mig_g@epita.fr
GSM       : 06.71.47.18.22 (in France)   ICQ UIN   : 7299959
Web       : http://kilobug.freesurf.fr or http://drizzt.dyndns.org

"Software is like sex it's better when it's free.", Linus Torvalds


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Kilobug]

Wayne.Brown@altec.com wrote:

> 
> Thank you.  That's a very kind and generous offer.  You might want to consult a
> French attorney, though, just to make certain there's no way they could make
> trouble for you under French law.


Even if I'm risking troubles, I'm ready to face them. Freedom of speech 
is important enough to take risks to fight for it. Remember: "Beware of 
he who would deny you access to information, for in his heart he dreams 
himself your master"


> 
> I really appreciate the fact that you're willing to help, but I wouldn't want
> you to risk getting into trouble on our behalf.

I'm ready to take the risks...

-- 
  ** Gael Le Mignot, Ing3 EPITA, Coder of The Kilobug Team **
Home Mail : kilobug@freesurf.fr          Work Mail : le-mig_g@epita.fr
GSM       : 06.71.47.18.22 (in France)   ICQ UIN   : 7299959
Web       : http://kilobug.freesurf.fr or http://drizzt.dyndns.org

"Software is like sex it's better when it's free.", Linus Torvalds

RE: Linux 2.2.20pre10

[Craig Dickson]

Alan Cox wrote:

> However until people stop shooting I'd prefer not to be a potential
> target.

Mr. Cox,

I understand your concern for your own safety, though I disagree with
your evaluation of the danger in this case.

However, I think it's fair to say that the production and distribution
of complete changelogs, such that all users have access to them, is an
important part of the job of being the official maintainer for a
project, especially such an important project as the stable branch of
the Linux kernel.

So it sounds to me like what you're really saying is that you are
unwilling to take the risks that, under the current circumstances, you
perceive as an unavoidable part of the task of maintaining the kernel.

I don't buy the argument you seem to be implying, that you can fulfil
your responsibilities as kernel maintainer by making this information
available in such a way that US residents cannot obtain it. From the
statistics I've seen in the past, a high percentage of Linux users are
US residents. It is surely unreasonable to suggest that withholding
information from all those people is compatible with being the official
kernel maintainer.

You are aware, no doubt, that Linus Torvalds is currently resident in
the US. If you are unable to give him complete changelogs and
explanations of the patches you submit to him, I can't imagine how you
could continue to perform effectively as a Linux kernel developer.

Perhaps you should step down. This would not only be the honest and
honorable thing to do, if you truly believe that distributing changelogs
to the US would place you in legal jeopardy, but it would also be a far
more dramatic act of protest than merely censoring changelogs.

Respectfully,

Craig Dickson

RE: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, Craig Dickson wrote:

> However, I think it's fair to say that the production and distribution
> of complete changelogs, such that all users have access to them, is an
> important part of the job of being the official maintainer for a
> project, especially such an important project as the stable branch of
> the Linux kernel.

Maybe Alan will allow publishing of the changelogs on
http://thefreeworld.net/  ?

> From the statistics I've seen in the past, a high percentage of
> Linux users are US residents.

If they're unhappy with the consequences of US law, they
should move.

> Perhaps you should step down.

Alan is doing an absolutely fantastic job of maintaining
the kernel, I see absolutely no reason why he should stop
doing that.

If you want the changelogs for the kernel published in
the US, why don't you publish them, under your name and
your full responsability ?

regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Tom Sightler]

> > From the statistics I've seen in the past, a high percentage of
> > Linux users are US residents.
>
> If they're unhappy with the consequences of US law, they
> should move.

Laws don't get changed by people moving, they get changed working to get
them changed.

> > Perhaps you should step down.
>
> Alan is doing an absolutely fantastic job of maintaining
> the kernel, I see absolutely no reason why he should stop
> doing that.

I agree with that, I wouldn't want to see this happen either.

> If you want the changelogs for the kernel published in
> the US, why don't you publish them, under your name and
> your full responsability ?

I would gladly publish them on my site, however, I'm unsure how I could get
them, and I unfortunately don't have the skill to completely understand them
from only the source.  If someone can help me with this I'll be glad to
provide the space.

Also, shouldn't some company with Linux interest be willing to take on this
risk?  Say, Redhat or IBM.

Later,
Tom

Re: Linux 2.2.20pre10

[Craig Dickson]

Rik van Riel wrote:

> Maybe Alan will allow publishing of the changelogs on
> http://thefreeworld.net/  ?

Earlier today he said he wanted to put them online in a way that US
citizens couldn't get at them. That's simply not acceptable. Now, if he
backs off to simply not including them in email, but publishing them on
a non-US website that is freely accessible to Americans, that might be a
reasonable compromise.

> > From the statistics I've seen in the past, a high percentage of
> > Linux users are US residents.
> 
> If they're unhappy with the consequences of US law, they
> should move.

That sort of remark doesn't merit a response. Particularly since, in
this case, the argument rests on a delusional reading of the DMCA, as
has been argued elsewhere in this thread. I don't defend the DMCA at
all, but let's stick to reality here. It's silly to suggest that Alan
is at any risk of prosecution by publishing a changelog.

> > Perhaps you should step down.
> 
> Alan is doing an absolutely fantastic job of maintaining
> the kernel, I see absolutely no reason why he should stop
> doing that.

Alan has done a great many wonderful things for the kernel, and it would
indeed be very sad if he could not continue to do so. However, if he's
unwilling to do the job completely, making changelogs and all other
public information available without restrictions, then he is no longer
doing a very important part of his job, and someone else should take
over.

Again, remember that Linus himself is living in the US. How can Alan
submit security-related patches to Linus, and explain why they're needed,
without (as Alan sees it) risking prosecution under the DMCA?

> If you want the changelogs for the kernel published in
> the US, why don't you publish them, under your name and
> your full responsability ?

If Alan isn't allowing US residents access to the changelogs, then it's
quite impossible for me to do as you suggest; I can't publish what I
don't have.

Craig

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, Craig Dickson wrote:
> Rik van Riel wrote:
>
> > Maybe Alan will allow publishing of the changelogs on
> > http://thefreeworld.net/  ?
>
> Earlier today he said he wanted to put them online in a way that
> US citizens couldn't get at them. That's simply not acceptable.

It's perfectly fine with me ;)

> Now, if he backs off to simply not including them in email, but
> publishing them on a non-US website that is freely accessible to
> Americans, that might be a reasonable compromise.

We're working on implementing access control for
thefreeworld.net so the classified content won't
be available for citizens and inhabitants of the
USA.

This is done so we won't be liable for publishing
things to the USA which would be illegal there.

> Alan has done a great many wonderful things for the kernel, and
> it would indeed be very sad if he could not continue to do so.
> However, if he's unwilling to do the job completely, making
> changelogs and all other public information available without
> restrictions, then he is no longer doing a very important part
> of his job, and someone else should take over.

So if the SSSCA gets approved and open source is outlawed
(because only software with 'approved security measures'
is allowed) Linux should stop entirely ?

I don't agree that one US law, which hurts US citizens,
should also hurt the rest of the world. It's your country,
it's your law, it should only hurt you...

regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Craig Dickson]

Rik van Riel wrote:

> So if the SSSCA gets approved and open source is outlawed
> (because only software with 'approved security measures'
> is allowed) Linux should stop entirely ?

Nobody's suggesting that. But as long as the source code is available in
the US, changelogs should also be available. I mean, let's be serious
here. Kernel changelogs are NOT cookbooks for security exploits.
Problems generally aren't described in anywhere near enough detail that
anyone less than a kernel wizard could even figure out the exploit based
on the changelog's description of the fix. So it's nonsensical to
suggest that the source code is distributable without fear of
prosecution, but somehow the changelog isn't.

If the source code itself somehow becomes illegal, or if Alan can talk
Linus into placing a geographical restriction on the distribution of
Linux (which, as the trademark and copyright owner, would be within his
rights), then the changelog issue will be moot.

I really would like to see Linus comment on this. As a US resident, as
the owner of the Linux trademark, and as the development-branch leader
of kernel development, he's taking every "risk" Alan is, and more,
because he's here where the FBI could arrest him if it wanted to, while
Alan is thousands of miles away. So far, Linus has shown no indication,
AFAIK, that he intends to censor his changelogs. Why not? Is he truly
heedless of his own safety, or is he just too sensible to freak out
over such an implausible scenario?

Craig

Re: Linux 2.2.20pre10

[Jan Niehusmann]

On Mon, Oct 22, 2001 at 03:13:08PM -0700, Craig Dickson wrote:
> Nobody's suggesting that. But as long as the source code is available in
> the US, changelogs should also be available. I mean, let's be serious

I remember the time when kernel patches (at least for development
versions) where released without any changelogs most of the time.
It took some time to teach Linus that people really like changelogs ;-)

So missing changelogs are not the end of the world, and linux development
does work without them, it is only some wasted effort if every
interested developer has to analyse the code to find and understand the
changes.

Jan

Re: Linux 2.2.20pre10

[Jeff Golds]

Craig Dickson wrote:
> 
> I really would like to see Linus comment on this. As a US resident, as
> the owner of the Linux trademark, and as the development-branch leader
> of kernel development, he's taking every "risk" Alan is, and more,
> because he's here where the FBI could arrest him if it wanted to, while
> Alan is thousands of miles away. So far, Linus has shown no indication,
> AFAIK, that he intends to censor his changelogs. Why not? Is he truly
> heedless of his own safety, or is he just too sensible to freak out
> over such an implausible scenario?
> 

Maybe Linus hasn't responded because he's already headed out of the
country?  Maybe he's hiding in an ambulance headed for the Mexican
border. ;)

-Jeff

P.S. Email me if you don't get joke in the second sentence (or the first
for that matter).

-- 
Jeff Golds
Sr. Software Engineer
jgolds@resilience.com

Re: Linux 2.2.20pre10

[Jeff Garzik]

Craig Dickson wrote:
> I really would like to see Linus comment on this. As a US resident, as
> the owner of the Linux trademark, and as the development-branch leader
> of kernel development, he's taking every "risk" Alan is, and more,
> because he's here where the FBI could arrest him if it wanted to, while
> Alan is thousands of miles away. So far, Linus has shown no indication,
> AFAIK, that he intends to censor his changelogs. Why not? Is he truly
> heedless of his own safety, or is he just too sensible to freak out
> over such an implausible scenario?

Linus' changelogs don't contain information that would need to be
censored AFAICS.  His changelogs are generally pretty terse.

	Jeff


-- 
Jeff Garzik      | Only so many songs can be sung
Building 1024    | with two lips, two lungs, and one tongue.
MandrakeSoft     |         - nomeansno

Re: Linux 2.2.20pre10

[Geert Uytterhoeven]

On Mon, 22 Oct 2001, Craig Dickson wrote:
> If the source code itself somehow becomes illegal, or if Alan can talk
> Linus into placing a geographical restriction on the distribution of
> Linux (which, as the trademark and copyright owner, would be within his
> rights), then the changelog issue will be moot.

Linus cannot do that, since he doesn't own the copyright on the parts written
by others.

Gr{oetje,eeting}s,

						Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@linux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
							    -- Linus Torvalds

Re: Linux 2.2.20pre10

[Aaron Lehmann]

On Mon, Oct 22, 2001 at 07:32:11PM -0200, Rik van Riel wrote:
> We're working on implementing access control for
> thefreeworld.net so the classified content won't
> be available for citizens and inhabitants of the
> USA.

And how are you going to do that? Challenge/response ("How do you say
hello in Dutch?")?

IP-based restrictions will not work. I have shell accounts in Europe
that can serve as SSH tunnels. If I use one of these, you will still
be liable.

Re: Linux 2.2.20pre10

[CaT]

On Mon, Oct 22, 2001 at 06:59:19PM -0700, Aaron Lehmann wrote:
> On Mon, Oct 22, 2001 at 07:32:11PM -0200, Rik van Riel wrote:
> > We're working on implementing access control for
> > thefreeworld.net so the classified content won't
> > be available for citizens and inhabitants of the
> > USA.
> 
> And how are you going to do that? Challenge/response ("How do you say
> hello in Dutch?")?
> 
> IP-based restrictions will not work. I have shell accounts in Europe
> that can serve as SSH tunnels. If I use one of these, you will still
> be liable.

Now, as near as I can tell, he didn't make them available to you and put
up protections against your acquring information you should not have. It
does not matter if they're pissweak as rot13 or not...

As such any getting around them (either by lieing in answer to a
question of 'Are you an American?' or whatever) would be circumvention
of his digital protection mechanisms and as such your actions would be
punishable under the DMCA, would they not?

This means you can go to gaol without the $200...

(Unless I've misunderstood something)

-- 
CaT        "As you can expect it's really affecting my sex life. I can't help
           it. Each time my wife initiates sex, these ejaculating hippos keep
           floating through my mind."
                - Mohd. Binatang bin Goncang, Singapore Zoological Gardens

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, Aaron Lehmann wrote:
> On Mon, Oct 22, 2001 at 07:32:11PM -0200, Rik van Riel wrote:
> > We're working on implementing access control for
> > thefreeworld.net so the classified content won't
> > be available for citizens and inhabitants of the
> > USA.

> IP-based restrictions will not work. I have shell accounts in Europe
> that can serve as SSH tunnels. If I use one of these, you will still
> be liable.

Ummm wait a moment ?   Wasn't the whole point of the DMCA
that circumventing access control was illegal ?

Otherwise there wouldn't be lawsuits over DeCSS, about
prof. Felten's research and Dmitry would be back home
with his family, right ?

regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Paul Jakma]

On Mon, 22 Oct 2001, Aaron Lehmann wrote:

> And how are you going to do that? Challenge/response ("How do you say
> hello in Dutch?")?

ooooh... i know i know! :)

> 
> IP-based restrictions will not work. I have shell accounts in Europe
> that can serve as SSH tunnels. If I use one of these, you will still
> be liable.

no he wouldn't.

you would have circumvented Rik's content-protection system. who
knows, perhaps /you/ might be liable to face punitive measures under
your own DMCA.

to everyone else: see Thomas Hood's rather good post, ie:

A kernel hacker absolutely positively has the right to do what he
wants with his own patches, and esp. is not obliged to users to
do/publish things which carry any risk of possible legal action
relating to his work on his linux. (esp. when you consider that the UK
lies far further to the west politically than it's geographic position
might suggest).

finally: can all the political/legal stuff please go somewhere else?

some of us actually subscribe to this list to read kernel bods discuss
kernel stuff.... :)

--paulj

Re: Linux 2.2.20pre10

[David S. Miller]

This subject line is going to be black holed if people can't take
to heart the request I made yesterday to end these off topic threads.

Just cut the shit already and take these threads elsewhere.

Franks a lot,
David S. Miller
davem@redhat.com

Re: Linux 2.2.20pre10

[Bob Glamm]

> > However, I think it's fair to say that the production and distribution
> > of complete changelogs, such that all users have access to them, is an
> > important part of the job of being the official maintainer for a
> > project, especially such an important project as the stable branch of
> > the Linux kernel.
> 
> Maybe Alan will allow publishing of the changelogs on
> http://thefreeworld.net/  ?
> 
> > From the statistics I've seen in the past, a high percentage of
> > Linux users are US residents.
> 
> If they're unhappy with the consequences of US law, they
> should move.

>From the comments I've seen, there are a number of people considering
just this option should those laws be passed & stand up in the Supreme
Court.  I know I'm one of them.

Perhaps that could be used as a point of pressure against those
proposing these laws: that a significant number of smart people that
generate the intellectual property (and hence revenue) of a variety of
companies will leave the US and generate IP & revenue for foreign
(read: competing) firms ;)

-Bob

Re: Linux 2.2.20pre10

[D. Stimits]

Bob Glamm wrote:
> 
> > > However, I think it's fair to say that the production and distribution
> > > of complete changelogs, such that all users have access to them, is an
> > > important part of the job of being the official maintainer for a
> > > project, especially such an important project as the stable branch of
> > > the Linux kernel.
> >
> > Maybe Alan will allow publishing of the changelogs on
> > http://thefreeworld.net/  ?
> >
> > > From the statistics I've seen in the past, a high percentage of
> > > Linux users are US residents.
> >
> > If they're unhappy with the consequences of US law, they
> > should move.
> 
> >From the comments I've seen, there are a number of people considering
> just this option should those laws be passed & stand up in the Supreme
> Court.  I know I'm one of them.

Too bad the option only applies to people with enough money to relocate.

D. Stimits, stimits@idcomm.com

> 
> Perhaps that could be used as a point of pressure against those
> proposing these laws: that a significant number of smart people that
> generate the intellectual property (and hence revenue) of a variety of
> companies will leave the US and generate IP & revenue for foreign
> (read: competing) firms ;)
> 
> -Bob
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Pedro Corte-Real]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 22 October 2001 23:02, D. Stimits wrote:
>
>
> Too bad the option only applies to people with enough money to relocate.
>

Well, freedom in the US has always been about money. The independence war was 
about getting rid of taxes and modern freedom is bought in the courtrooms 
with expensive lawyers. Why should it change now? 

Greetings,

Pedro.


PS: sorry for fueling offtopic posts into an offtopic thread.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE71JsD2SBo0jBmgGARAvx8AKDFN+CuPqCYZDbBryK9dKRcy+8OGgCfVcPl
gCZ4lh5AQZkzubm+M4qYE7A=
=SK5+
-----END PGP SIGNATURE-----

Re: Linux 2.2.20pre10

[D. Stimits]

Pedro Corte-Real wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Monday 22 October 2001 23:02, D. Stimits wrote:
> >
> >
> > Too bad the option only applies to people with enough money to relocate.
> >
> 
> Well, freedom in the US has always been about money. The independence war was
> about getting rid of taxes and modern freedom is bought in the courtrooms
> with expensive lawyers. Why should it change now?

When talking about why Americans don't go out and magically change
things, this is the key. When talking about who is harmed most by
injustices, the theme of the poorest is true anywhere. Just a point when
criticizing Americans, contrary to popular opinion, not starving is not
the same as having power or influence. When someone without money
complains, it is called "whining"; when someone with money complains, it
is called "free market".

D. Stimits, stimits@idcomm.com

> 
> Greetings,
> 
> Pedro.
> 
> PS: sorry for fueling offtopic posts into an offtopic thread.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iD8DBQE71JsD2SBo0jBmgGARAvx8AKDFN+CuPqCYZDbBryK9dKRcy+8OGgCfVcPl
> gCZ4lh5AQZkzubm+M4qYE7A=
> =SK5+
> -----END PGP SIGNATURE-----
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

RE: Linux 2.2.20pre10

[ogd116]

Blah...

I usually try not to speak unless I have something relevant to say but I
must say I am growing tired of the "United States is the center of the
world" doctrine. Linux is free for you to change so sit down and publish
your own changelogs if you can. Either that or shut up.

Ognen

On Mon, 22 Oct 2001, Craig Dickson wrote:

> Alan Cox wrote:
>
> > However until people stop shooting I'd prefer not to be a potential
> > target.
>
> Mr. Cox,
>
> I understand your concern for your own safety, though I disagree with
> your evaluation of the danger in this case.
>
[a lot of unnecessary crap snipped]

> Respectfully,
>
> Craig Dickson

Re: Linux 2.2.20pre10

[Craig Dickson]

ogd116@mail.usask.ca wrote:

> I usually try not to speak unless I have something relevant to say

Well, nobody's perfect.

> but I
> must say I am growing tired of the "United States is the center of the
> world" doctrine.

Nothing I've said reflects or, to a sensible person, suggests such a
doctrine. The US may not be the center of the world, or the most
important country in it, but it's no less important than any other
nation.

> Linux is free for you to change so sit down and publish
> your own changelogs if you can. Either that or shut up.

I'll try to pretend we're having a rational discussion here, despite
your last sentence.

So are you saying that you don't agree that publishing complete
changelogs should be considered an essential duty of the kernel
maintainer?

Craig

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, Craig Dickson wrote:

> So are you saying that you don't agree that publishing complete
> changelogs should be considered an essential duty of the kernel
> maintainer?

OK, I'll bite.

If publishing changelogs would be illegal in, say, the USA,
should Linux development be stopped ?

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Tony Hoyle]

In the ancient scrolls of Usenet, page
<Pine.LNX.4.33L.0110221943290.22127-100000@duckman.distro.conectiva>, "Rik
van Riel" <riel@conectiva.com.br> spake thus:


> If publishing changelogs would be illegal in, say, the USA, should Linux
> development be stopped ?

If the SSSCA gets passed that's not an impossible scenario...  (more
likely it'll just become unavailable in the US).

Tony

-- 
"Only wimps use tape backup: _real_ men just upload their important stuff on
 ftp, and let the rest of the world mirror it ;)"  -- Linus Torvalds

tmh@nothing-on.tv	http://www.nothing-on.tv

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, Tony Hoyle wrote:

> > If publishing changelogs would be illegal in, say, the USA, should Linux
> > development be stopped ?
>
> If the SSSCA gets passed that's not an impossible scenario...  (more
> likely it'll just become unavailable in the US).

Oh, I'm absolutely certain that Linux development will continue
but Linux just won't be available to people in the US any more.

If people are truly uncomfortable with it, they should prevent
the SSSCA from becoming a law.

regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[ognen]

> Nothing I've said reflects or, to a sensible person, suggests such a
> doctrine. The US may not be the center of the world, or the most
> important country in it, but it's no less important than any other
> nation.

...or all nations except it?

Most of what you said implied exactly that. You even indicated some
statistics.

> So are you saying that you don't agree that publishing complete
> changelogs should be considered an essential duty of the kernel
> maintainer?

I am saying that if the laws of your country are to blame for you not
being able to obtain something, the maintainer cant help it. But he sure
doesnt have to step down especially since he has been doing a great job.

Ognen

Re: Linux 2.2.20pre10

[PinkFreud]

> > > 2.2.20pre11
> > > o Security fixes
> > > | Details censored in accordance with the US DMCA
> > > Care to elaborate?                             
>                       
> On a list that reaches US citizens - no. File permissions and userids may
> constitute and be used for rights management.                            
>                                              
> Alan

Why not take that a step further?  It would seem to me that your
insane interpretation of that insane law would mean that unix and it's
derivatives (Linux, anyone?) would be illegal to use as well.

You're preaching to the choir here.  By withholding these changes from US
citizens, you're not going to pressure any politicians.  I doubt there are
many politicians who count on this issue reading this list.  I think most
of the US citizens reading this list, though, are enlightened enough to
know the harm the DMCA causes.

Please don't tell me you woke up this morning and had a sudden attack of
conscience that you were violating US law.  You've posted such changes
here since the DMCA was put into effect, not to mention that lists like
Bugtraq are still operating in the US - and I think many of us managed to
read about the symlink and ptrace holes in kernels <= 2.2.19.


	Mike Edwards

Brainbench certified Master Linux Administrator
http://www.brainbench.com/transcript.jsp?pid=158188
-----------------------------------
Unsolicited advertisments to this address are not welcome.

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, PinkFreud wrote:

> You're preaching to the choir here.  By withholding these
> changes from US citizens, you're not going to pressure any
> politicians.

Pressuring US politicians is a job for US citizens.

Why are you asking Alan to risk prison _and_ pressure
US politicians?  That's something you, as a resident
of the USA, should be doing yourself.


Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[PinkFreud]

On Mon, 22 Oct 2001, Rik van Riel wrote:

> Date: Mon, 22 Oct 2001 18:30:38 -0200 (BRST)
> From: Rik van Riel <riel@conectiva.com.br>
> To: PinkFreud <pf-kernel@mirkwood.net>
> Cc: linux-kernel@vger.kernel.org
> Subject: Re: Linux 2.2.20pre10
> 
> On Mon, 22 Oct 2001, PinkFreud wrote:
> 
> > You're preaching to the choir here.  By withholding these
> > changes from US citizens, you're not going to pressure any
> > politicians.
> 
> Pressuring US politicians is a job for US citizens.

Yep.  I agree.

> Why are you asking Alan to risk prison _and_ pressure
> US politicians?  That's something you, as a resident
> of the USA, should be doing yourself.

I never said that.  I merely pointed out that most US citizens on this
list know what the DMCA really stands for, and are, in all likelyhood
doing something, no matter how small, about it.  Why pressure us, when
most of us are undoubtedly aware of the problem?

As for risking jail, I point out again that the DMCA has never stopped him
before.  I recognize that the Skylarov case has him scared - and I don't
blame him.  Howver, Alan has already announced his intentions not to enter
the US until the DMCA is repealed.  What do you think is going to happen -
Bush sends the military out to bomb his house?

Sorry, that was in bad taste, I know.  But I am trying to make a point
here.  There's not much the US can do without him entering the country,
and he doesn't plan on doing so.  What annoys me, however, is suppressing
security information from US citizens just because a few moronic
politicians have their heads permanently shoved up their asses.

Seems to me Alan is just adding to the problem.


> Rik
> -- 


	Mike Edwards

Brainbench certified Master Linux Administrator
http://www.brainbench.com/transcript.jsp?pid=158188
-----------------------------------
Unsolicited advertisments to this address are not welcome.

Re: Linux 2.2.20pre10

[Mike Fedyk]

On Mon, Oct 22, 2001 at 04:42:51PM -0400, PinkFreud wrote:
> the US until the DMCA is repealed.  What do you think is going to happen -
> Bush sends the military out to bomb his house?
> 
> Sorry, that was in bad taste, I know.  But I am trying to make a point

This is almost as bad as a Natzi reference...

C'mon people.  I'm sure these security issues have been discussed on bugtraq
or someplace similar, why not just go there to look it up?

Re: Linux 2.2.20pre10

[Jeff Garzik]

Mike Fedyk wrote:
> C'mon people.  I'm sure these security issues have been discussed on bugtraq
> or someplace similar, why not just go there to look it up?

Very true... though I am sure DMCA has a legally chilling effect on
BugTraq as well.  Theoretically foreigners who post analysis and
exploits on BugTraq can be jailed when they enter the US, just like
Dmitry.

	Jeff


-- 
Jeff Garzik      | Only so many songs can be sung
Building 1024    | with two lips, two lungs, and one tongue.
MandrakeSoft     |         - nomeansno

Re: Linux 2.2.20pre10

[D. Stimits]

Rik van Riel wrote:
> 
> On Mon, 22 Oct 2001, PinkFreud wrote:
> 
> > You're preaching to the choir here.  By withholding these
> > changes from US citizens, you're not going to pressure any
> > politicians.
> 
> Pressuring US politicians is a job for US citizens.

NO! US citizens should provide the most pressure, but thinking that
nations which the USA trades with and is partners with have no influence
is plain wrong. To state only citizens of USA can help means that you
truly believe the USA is an island untouched by the world around it. You
can't fight this from jail, but you don't have to be a USA citizen to
bring to light the shear stupidity of some US law. Sometimes a foreign
country has more influence in shouting about the wrong doings than do US
citizens...the political point of information input is different, all
angles are required. You don't have to be responsible for a problem in
order to be able to help solve it.

D. Stimits, stimits@idcomm.com

> 
> Why are you asking Alan to risk prison _and_ pressure
> US politicians?  That's something you, as a resident
> of the USA, should be doing yourself.
> 
> Rik
> --
> DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)
> 
> http://www.surriel.com/         http://distro.conectiva.com/
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Luigi Genoni]

Ohh, our prime minister declared USA the main defensor of liberty.
Of course he was thinking also to this law. You know he has three
television, a couple of newspapers and so on...
His natural attitude brings him to agree in every case with USA
government. He is a good vendor. Apart of this. In Italy we are making a
lot of pressure against a stupid law about copyrights, but
when the prime minister is the owner of the biggest television and most
important newspapers, and when the statal television and newspaper are
a little assentive with the government (oh... just a little),
we are under censure. And anyway we publish articles and public mails
about that, we open web sites. We try to inform, and belive me, italians
are not so interested is a soccer team is not involved.

USA citizens should have less dificoulties to do something similar,
but I am not informed of a real effort from them.

Luigi

p.s.
of course, please, tell me I am wrong

On Mon, 22 Oct 2001, D. Stimits wrote:

>
> NO! US citizens should provide the most pressure, but thinking that
> nations which the USA trades with and is partners with have no influence
> is plain wrong. To state only citizens of USA can help means that you
> truly believe the USA is an island untouched by the world around it. You
> can't fight this from jail, but you don't have to be a USA citizen to
> bring to light the shear stupidity of some US law. Sometimes a foreign
> country has more influence in shouting about the wrong doings than do US
> citizens...the political point of information input is different, all
> angles are required. You don't have to be responsible for a problem in
> order to be able to help solve it.
>
> D. Stimits, stimits@idcomm.com
>
> >
> > Why are you asking Alan to risk prison _and_ pressure
> > US politicians?  That's something you, as a resident
> > of the USA, should be doing yourself.
> >
> > Rik
> > --
> > DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)
> >
> > http://www.surriel.com/         http://distro.conectiva.com/
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > Please read the FAQ at  http://www.tux.org/lkml/
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>

Re: Linux 2.2.20pre10

[Marco Colombo]

On Tue, 23 Oct 2001, Luigi Genoni wrote:

>
> Ohh, our prime minister declared USA the main defensor of liberty.
> Of course he was thinking also to this law. You know he has three
> television, a couple of newspapers and so on...
> His natural attitude brings him to agree in every case with USA
> government. He is a good vendor. Apart of this. In Italy we are making a
> lot of pressure against a stupid law about copyrights, but
> when the prime minister is the owner of the biggest television and most
> important newspapers, and when the statal television and newspaper are
> a little assentive with the government (oh... just a little),
> we are under censure. And anyway we publish articles and public mails
> about that, we open web sites. We try to inform, and belive me, italians
> are not so interested is a soccer team is not involved.
>
> USA citizens should have less dificoulties to do something similar,
> but I am not informed of a real effort from them.
>
> Luigi
>
> p.s.
> of course, please, tell me I am wrong

Of course you are: move this to soc.*, please.

.TM.
-- 
      ____/  ____/   /
     /      /       /			Marco Colombo
    ___/  ___  /   /		      Technical Manager
   /          /   /			 ESI s.r.l.
 _____/ _____/  _/		       Colombo@ESI.it

RE: Linux 2.2.20pre10

[Torrey Hoffman]

Gregory Ade ranted, and I couldn't resist replying:
  
> So, then, just to satisfy my curiosity, how long until users 
> of Linux in
> the U.S.A. will no longer be allowed to download new kernels?

If (hopefully not when!) the SSSCA passes.  Personally, I'm making 
plans to get out of the US if that happens.

> After all, all it would really take for one of us to find out what was
> fixed is to download this patch and go through it line by line, and
> examine the context of the changes.
> Or are we no longer allowed to look at the sources either?

Of course you can look at the sources.  So ** YOU ** can go through 
the patches, figure out exactly what the security flaws were, create
a detailed description, and post it on a web page or on this list.

Then ** YOU ** are the one who might get sued under the DMCA.  
Why should Alan take the risk? 

> I'm really confused by this gesture.  You're talking about 

I don't think it is primarily a gesture.  Obviously Alan is taking
a somewhat extreme position, probably (partly) to make a point, but 
there are REAL issues here.  (IANAL either, of course.)

To spell it out:

1. The security flaws were in userid and other kernel subsystems.

2. These kernel systems could be used to protect copyrighted data - 
   for example, perhaps some on-line music company uses Linux
   servers to store the music.

3. Instructions on how to check for (i.e. exploit) the flaw may
   constitute an illegal copy control circumvention device.
   Why?  Well, perhaps if you know the details, you could use 
   them to hack on-line music servers, and download music for 
   free, or without the DRM locks on it.  It really isn't 
   difficult to come up with a plausible example.

4. Presenting detailed information like this, together with sample
   code, is basically what Dimitri Skylarov was arrested for.

4b.  You are not safe even if you never visit the US.  

5. Dimitry is still awaiting trial and faces (at worst) ~20 years
   in jail and tens of thousands of dollars in fines, merely for
   explaining how lousy the security is on some software intended
   to protect copyrighted content.

6. Therefore, as I see it, Alan wisely is avoiding even coming 
   close to that.

Do you really have a problem with that?  I think it's very prudent.

The source code or patch itself is a FIX, it cannot be construed 
as a circumvention device.  (compare to information about the holes,
which includes shell script for sample exploits, etc.)
 
> I guess I was wrong about the Linux kernel being Open Source 
> and freely available and distributable.

Calm down, you are getting your knickers in a knot over something
that is not Alan's fault.  

Torrey Hoffman

Re: Linux 2.2.20pre10

[Tommy Reynolds]

It was a dark and stormy night.  Suddenly "Torrey Hoffman" <torrey.hoffman@myrio.com> spoke:

> Gregory Ade ranted, and I couldn't resist replying:
>   
> > So, then, just to satisfy my curiosity, how long until users 
> > of Linux in
> > the U.S.A. will no longer be allowed to download new kernels?
> 
> If (hopefully not when!) the SSSCA passes.  Personally, I'm making 
> plans to get out of the US if that happens.

Ah, but would you be allowed to leave if you possess any security knowlege?

---------------------------------------------+-----------------------------
Tommy Reynolds                               | mailto: <reynolds@redhat.com>
Red Hat, Inc., Embedded Development Services | Phone:  +1.256.704.9286
307 Wynn Drive NW, Huntsville, AL 35805 USA  | FAX:    +1.236.837.3839
Senior Software Developer                    | Mobile: +1.919.641.2923

Re: Linux 2.2.20pre10

[Rogier Wolff]

> How about those European sites that made strong encryption available
> to circumvent the US export restrictions on encryption technology?  I
> never heard of the FBI raiding any of them.


There is one important difference there: Publishing ecryption outside
the US was and is completely legal (apart from stupid local rules). 

In the case of the DMCA, it has been shown that someone who publishes
a "circumvention device" outside the US can be arrested once in the
US.

In this case "the bug" could be labelled "circumvention device":
Suppose the bug is a "remote buffer overflow" (*) then if you have
copyrighted info on your server which is programmed so that that
non-paying people can't access the copyrighted material. Someone with
knowledge of the bug will be able to break in an access the
copyrighted material.

Anyone who publishes the bug risks getting arrested if they set foot
in the US.

			Roger. 

(*) It probably isn't. 

-- 
** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
* There are old pilots, and there are bold pilots. 
* There are also old, bald pilots. 

Re: Linux 2.2.20pre10

[Steve Brueggeman]

I love this.  Microsoft is doomed I say, DOOOOOMED!

If the goverment can't get 'em with a frontal attack, then sneak up
from behind when they're not looking.

Has anyone heard if Bill Gates has left the country yet????

Sorry, but if no-one else can stop themselves from posting off topic,
why should I???

Personally, I disagree with Alan's position, but what can I do... I
didn't vote for him.  Maybe a letter or two of protest is in order...
Let's see, how much does it cost to ship a hundred or so letters from
the states to the UK???


On Mon, 22 Oct 2001 21:58:58 +0200 (MEST), you wrote:

>
>
>> How about those European sites that made strong encryption available
>> to circumvent the US export restrictions on encryption technology?  I
>> never heard of the FBI raiding any of them.
>
>
>There is one important difference there: Publishing ecryption outside
>the US was and is completely legal (apart from stupid local rules). 
>
>In the case of the DMCA, it has been shown that someone who publishes
>a "circumvention device" outside the US can be arrested once in the
>US.
>
>In this case "the bug" could be labelled "circumvention device":
>Suppose the bug is a "remote buffer overflow" (*) then if you have
>copyrighted info on your server which is programmed so that that
>non-paying people can't access the copyrighted material. Someone with
>knowledge of the bug will be able to break in an access the
>copyrighted material.
>
>Anyone who publishes the bug risks getting arrested if they set foot
>in the US.
>
>			Roger. 
>
>(*) It probably isn't. 


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Re: Linux 2.2.20pre10

[Wayne.Brown]

I certainly can't argue with your logic.  :-)

Actually, I believe there are some decent, honest, well-meaning people in our
government.  It's just that they seldom have much influence on policy.  :-(

Wayne




Alexander Viro <viro@math.psu.edu> on 10/22/2001 01:40:36 PM

To:   Wayne Brown/Corporate/Altec@Altec
cc:   "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>

Subject:  Re: Linux 2.2.20pre10





On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

> I wonder if there are any Linux hackers in Iraq?  It's doubtful the government
> there would honor any legal action attempted by the US on DMCA issues.  OTOH,
it
> would put me in the rather weird position of agreeing with the Iraqi
government,
> which is something I NEVER would have expected...  :-)

Oh, come on.  Every government is right on some issues.  Proof:

     For every government X there is at least one government Y such that X
would claim that Y is a bunch of corrupt assholes.  Since every government
_is_ a bunch of corrupt assholes, every government is right at least in one
of its claims.

Re: Linux 2.2.20pre10

[bill davidsen]

In article <86256AED.0068A63B.00@smtpnotes.altec.com> Wayne.Brown@altec.com wrote:
| 
| 
| I certainly can't argue with your logic.  :-)
| 
| Actually, I believe there are some decent, honest, well-meaning people in our
| government.  It's just that they seldom have much influence on policy.  :-(

  After watching the VM wars here, how can you doubt that decent,
honest, well-meaning, and at least in the case of VM, competent people
can have very different ideas of how to solve a problem? Do you think
good people don't ever propose very bad solutions to problem? Just look
a release 2.4.11-ohshit.

  Write to your politicians, and try to find out who does NSA secure
linux. How happy can they be not to get security fixes? Do they have to
stop publishing? Are people coming in black helicopters to dismantle
CERT, long our line of defense?

  Stop trying to demonize politicians and start writing letters. State
the FACTS clearly without coming off as a hothead or worse, and you can
convince a staffer, which is the way in. Local elections are this year,
I bet your local candidate will give you a few minutes and if convinced
would would at least try to get you a five minutes on the phone with a
congressman. Then you need to be cool and informative.

  Contact the local VFW and try to get someone interested. Soldiers
know about operating without intelligence information, and they often
have contacts. IBM is spending big bucks on TV ads for Linux, don't
hesitate to mention that trying to get the ear of a politician. Let
them, know this is not a bunch of hackers. 

  Start using the system instead of whining about it. You don't need
money to rock the boat, just the perception that you are a reasonable
person pointing out a problem.

-- 
bill davidsen <davidsen@tmr.com>
  His first management concern is not solving the problem, but covering
his ass. If he lived in the middle ages he'd wear his codpiece backward.

Re: Linux 2.2.20pre10

[Wayne.Brown]

I wonder if there are any Linux hackers in Iraq?  It's doubtful the government
there would honor any legal action attempted by the US on DMCA issues.  OTOH, it
would put me in the rather weird position of agreeing with the Iraqi government,
which is something I NEVER would have expected...  :-)

Wayne




"Per Jessen" <per@computer.org> on 10/22/2001 01:13:42 PM

Please respond to "Per Jessen" <per@computer.org>

To:   "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
cc:    (bcc: Wayne Brown/Corporate/Altec)

Subject:  Re: Linux 2.2.20pre10



On Mon, 22 Oct 2001 12:51:53 -0500, Wayne.Brown@altec.com wrote:
>I never said that Alan, or any particular individual, should risk a lawsuit or
>jail.  I simply said that I hoped *someone outside the US* (that is, someone
not
>subject to US laws) would make the information available.  Surely there are
>places in the world that are beyond the reach of the DMCA.  How about those

Alan Cox, living in the UK, may be *somewhat* subject to US legislation.
Ties between the US and the UK are strong, and it is understandable if a UK-
resident person does not feel entirely out of reach of US law enforcement.

IMHO.


regards,
Per Jessen, Zurich

regards,
Per Jessen, Zurich
http://www.enidan.com - home of the J1 serial console.

Windows 2001: "I'm sorry Dave ...  I'm afraid I can't do that."


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Nick LeRoy]

Wayne..

It's a scary comentary that the Iraqi government may provide more liberties 
that our own US government.  Sigh.

-Nick


On Monday 22 October 2001 13:27, Wayne.Brown@altec.com wrote:
> I wonder if there are any Linux hackers in Iraq?  It's doubtful the
> government there would honor any legal action attempted by the US on DMCA
> issues.  OTOH, it would put me in the rather weird position of agreeing
> with the Iraqi government, which is something I NEVER would have
> expected...  :-)
>
> Wayne

Re: Linux 2.2.20pre10

[Alexander Viro]

On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

> I wonder if there are any Linux hackers in Iraq?  It's doubtful the government
> there would honor any legal action attempted by the US on DMCA issues.  OTOH, it
> would put me in the rather weird position of agreeing with the Iraqi government,
> which is something I NEVER would have expected...  :-)

Oh, come on.  Every government is right on some issues.  Proof:

	For every government X there is at least one government Y such that X
would claim that Y is a bunch of corrupt assholes.  Since every government
_is_ a bunch of corrupt assholes, every government is right at least in one
of its claims.

Re: Linux 2.2.20pre10

[Paul Fulghum]

Alexander "Webster" Viro wrote:

> every government _is_ a bunch of corrupt assholes...

Good definition. Instead of arguing about which one
stinks the most, we should probe ways of wiping out
the DMCA without excess inflamation.

Paul Fulghum, paulkf@microgate.com
Microgate Corporation, www.microgate.com

Re: Linux 2.2.20pre10

[Tudor Bosman]

OK, let's get the disclaimer out of the way.  This post is opinionated,
and IANAL.  Now...


For reference, here is the full text of the DMCA subsection in question:
(1201(2)):

 ``(2) No person shall manufacture, import, offer to the public,
provide, or otherwise traffic in any technology, product, service,
device, component, or part thereof, that-

          ``(A) is primarily designed or produced for the purpose
    of circumventing a technological measure that effectively con-
    trols access to a work protected under this title;
          ``(B) has only limited commercially significant purpose or
    use other than to circumvent a technological measure that
    effectively controls access to a work protected under this title;
    or
          ``(C) is marketed by that person or another acting in concert
    with that person with that person's knowledge for use in cir-
    cumventing a technological measure that effectively controls
    access to a work protected under this title.


I would like to comment on this from two different angles.

1. The subsection mentions "any technology, product, service, device,
component, or part thereof".  While this definition is vague, and we
hackers tend to like splitting hairs (see Dave Touretzky's DeCSS
gallery, http://www-2.cs.cmu.edu/~dst/DeCSS/Gallery/index.html), there
is a clear distinction between (constitutionally-protected) speech (in a
non-machine readable) form, and a software product.  Other forms of
expression (source code, non-machine readable source code, source code
set to music, etc.) lie on the fine line between the two.

For example, exporting PGP on paper and OCR-ing it (because exporting it
in electronic form was illegal) was a legal absurdity.  While this 
hair-splitting might have amused a few lawyers and judges here and
there, I believe that a well-versed attorney could have torn that
defense to pieces, because we tried drawing demarcation lines instead of
concentrating on defeating the spirit of the law.

The above-mentioned paragraphs make no reference to "information" or a
"description" of such a circumvention device.  A high-level description
(in plain English) of a security hole is not a "technology, product,
service, device, component, or part thereof"; and if it can be construed
as such, surely the realization of such description (the source code
itself) is much closer to the notion of a "product".  Is this the end of
full disclosure and open source/free software?  Should BUGTRAQ be banned
from US residents?


2. The arguments for/against publishing the description of the security
hole in the DMCA context are the same as the arguments for/against full
disclosure in the security field in general.  IF the description were
published, then... (paraphrasing the three DMCA paragraphs I cited)

(A) it would NOT be primarily designed for circumventing a technological
measure that effectively controls access to a protected work- it would
be primarily designed for informing system administrators of their risks
and the importance of the patch, and informing developers of pitfalls to
avoid in writing new code;

(B) it would have a LARGE commercially significant purpose other than to
circumvent a technological measure that effectively controls access to a
protected work- the main purpose would be to urge system administrators
and developers to implement a higher degree of protection (at the very
least, apply the patch), and

(C) it would NOT be marketed by Alan Cox or another acting in concert
with him for use in circumventing a technological measure that
effectively controls access to a protected work- this is a no-brainer, I
don't think there are many people on this list who openly advocate
exploiting security holes for gaining unauthorized access.


In conclusion, I tried to make two points in the above rant:

1. A description of a security hole is constitutionally protected
speech, and as such cannot be construed as violating the sections of the
DMCA.  If such description fits the definition of "technology, product,
service, device, component, or part thereof", then we're in big trouble,
because source code itself is much closer to the definition of a
"product" than a description of the source code.

2. A description of a security hole, or unpatched source code, or even
exploit code do not meet the criteria set forward by the DMCA for
illegal circumvention devices.


Best regards,

Tudor.


-- 
"They that can give up essential liberty to obtain a little temporary
 safety deserve neither liberty nor safety."
        - Benjamin Franklin, Historical Review of Pennsylvania, 1759.

Re: Linux 2.2.20pre10

[Mike Fedyk]

On Mon, Oct 22, 2001 at 12:14:47PM -0700, Tudor Bosman wrote:
> 2. A description of a security hole, or unpatched source code, or even
> exploit code do not meet the criteria set forward by the DMCA for
> illegal circumvention devices.
> 

I believe the exploit could be logically considered a "product" whos
use is to destroy.  Even though it can be used to test to see it the problem
is really fixed on a patched system...

Re: Linux 2.2.20pre10

[Tom Sightler]

> In conclusion, I tried to make two points in the above rant:
>
> 1. A description of a security hole is constitutionally protected
> speech, and as such cannot be construed as violating the sections of the
> DMCA.  If such description fits the definition of "technology, product,
> service, device, component, or part thereof", then we're in big trouble,
> because source code itself is much closer to the definition of a
> "product" than a description of the source code.
>
> 2. A description of a security hole, or unpatched source code, or even
> exploit code do not meet the criteria set forward by the DMCA for
> illegal circumvention devices.

Very good point indeed.  I would like for someone, anyone, to explain to me
exactly how disclosing security issues in open code would ever violate the
DMCA.  Alan stated that it comes from a legal opinion, I would like to see
this opinion and know who it was from.  Partially because I am from South
Carolina, the same state as SSSCA co-author Sen Hollings.  I would love to
be able to spell out this "doomsday" can't publish security issues scenario
and hear his response, but I just don't see it in the DMCA.  I would love
for someone to enlighten me on how they came to this conclusion with an
intelligent sentance other than "that what the DMCA says."  Where does it
say that?  How can you interpret that?

Everyone wants to bring up the Sklyarov case, but he didn't just expose the
weakness of the code, his company actively sold a product for financial gain
that circumvented the protection.  While I still don't think the Sklyarov
himself should be the target, it has very little similarity to any open
source products like Linux.

To meet the criteria for criminal prosecution under DMCA you must violate
the rules "willfully and for purposes of commercial advantage or private
financial gain."  This is the only case in which the government can pursue
you without another parties involvement.

Later,
Tom

Re: Linux 2.2.20pre10

[Alan Cox]

> Everyone wants to bring up the Sklyarov case, but he didn't just expose the
> weakness of the code, his company actively sold a product for financial gain
> that circumvented the protection.  While I still don't think the Sklyarov

The Felten case is the more relevant one. 

Re: Linux 2.2.20pre10

[Dan Hollis]

On Mon, 22 Oct 2001, Alan Cox wrote:
> > Everyone wants to bring up the Sklyarov case, but he didn't just expose the
> > weakness of the code, his company actively sold a product for financial gain
> > that circumvented the protection.  While I still don't think the Sklyarov
> The Felten case is the more relevant one.

decss as well -- strange how people forget that one so easily

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]

Re: Linux 2.2.20pre10

[Tom Sightler]

> On Mon, 22 Oct 2001, Alan Cox wrote:
> > > Everyone wants to bring up the Sklyarov case, but he didn't just
expose the
> > > weakness of the code, his company actively sold a product for
financial gain
> > > that circumvented the protection.  While I still don't think the
Sklyarov
> > The Felten case is the more relevant one.
>
> decss as well -- strange how people forget that one so easily

Not forgotten, just trying to understand relevance.  How do these cases,
which all revolve around breaking commercial products and cause damage to
the corporations that push them, apply to security in the open source Linux
kernel to which the public is given all rights.

BTW, I'm not for the DMCA either, I understand the harm it causes, what I
don't understand is how people are twisting it to apply to Linux source code
and security issue.  Is Microsoft also in violation of the DMCA?  In some
cases they release security details on the issues their updates address.  If
so perhaps we should all sue Microsoft for damages and by tomorrow the law
will be repealed.

Later,
Tom

Re: Linux 2.2.20pre10

[Dan Hollis]

On Mon, 22 Oct 2001, Tom Sightler wrote:
> If so perhaps we should all sue Microsoft for damages and by tomorrow the law
> will be repealed.

You cant sue microsoft -- you waive all rights to damages with the
shrinkwrap licenses.

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]

Re: Linux 2.2.20pre10

[David Weinehall]

On Mon, Oct 22, 2001 at 05:12:53PM -0400, Tom Sightler wrote:
> > On Mon, 22 Oct 2001, Alan Cox wrote:
> > > > Everyone wants to bring up the Sklyarov case, but he didn't just
> expose the
> > > > weakness of the code, his company actively sold a product for
> financial gain
> > > > that circumvented the protection.  While I still don't think the
> Sklyarov
> > > The Felten case is the more relevant one.
> >
> > decss as well -- strange how people forget that one so easily
> 
> Not forgotten, just trying to understand relevance.  How do these cases,
> which all revolve around breaking commercial products and cause damage to
> the corporations that push them, apply to security in the open source Linux
> kernel to which the public is given all rights.

For me, DeCSS is an application that has a purpose for watching DVD:s
when I boot my G4 into Linux instead of MacOS.

And even those that actually use DeCSS only to gain their "copyright"
(that is, provide you with your right to copy what you have purchased,
for backup-purposes, for instance) or indeed those that illegaly copy
DVDs, seldom do so to break commercial products and cause damage to the
corporations that push them.

As for the Sklyarov-case, I'm pretty sure he'd been arrested even if his
program had been an open source program under the GPL, freely
distributed etc.

[snip]


/David Weinehall
  _                                                                 _
 // David Weinehall <tao@acc.umu.se> /> Northern lights wander      \\
//  Project MCA Linux hacker        //  Dance across the winter sky //
\>  http://www.acc.umu.se/~tao/    </   Full colour fire           </

Re: Linux 2.2.20pre10

[Tom Sightler]

> > Not forgotten, just trying to understand relevance.  How do these cases,
> > which all revolve around breaking commercial products and cause damage
to
> > the corporations that push them, apply to security in the open source
Linux
> > kernel to which the public is given all rights.
>
> For me, DeCSS is an application that has a purpose for watching DVD:s
> when I boot my G4 into Linux instead of MacOS.

For me too, but in other people's opinion it's a tool for pirates (I don't
share this opinion, however, I can see how some people, who don't understand
the difference, might have this opinion).  However, I don't think that a
security exploit in an open sourced OS is likely to be a "curcumvention
device" to even clueless people.

> And even those that actually use DeCSS only to gain their "copyright"
> (that is, provide you with your right to copy what you have purchased,
> for backup-purposes, for instance) or indeed those that illegaly copy
> DVDs, seldom do so to break commercial products and cause damage to the
> corporations that push them.

Agreed, but's that's how these corporations (or coporate representatives)
managed to get these cases to court.  However, I fail to see who is going to
be the prosecutor in the case of a security exploit against the open source
Linux kernel.  In every one of these cases, DeCSS, SDI, and eBook, the
encryption that was hacked was put in place by the companies specifically to
protect the copyrighted work.  The Linux kernel provides general access
controls and does not meet the following DMCA requirement to be a copyright
protection system:

"(B) a technological measure "effectively controls access to a work" if the
measure, in the ordinary course of its operation, requires the application
of information, or a process or a treatment, with the authority of the
copyright owner, to gain access to the work."

The part that is missing is the "authority of the copyright owner" portion.
In the case of CSS, SDI, and eBook, the copyright owners all specifically
allow access to the information only when using authorized means of viewing
the work.  Last I checked no copyright owner has said that ACL's are an
authorized means.

This is my main argument why I think Alan is safe to post security related
information in changelogs.  I just don't think there is any way for someone
to interpret this law to mean that posting that information is illegal.  Of
course, if he still doesn't want to I respect that opinion as well, but I'm
sure willing to do it.

> As for the Sklyarov-case, I'm pretty sure he'd been arrested even if his
> program had been an open source program under the GPL, freely
> distributed etc.

I would tend to agree, because Adobe initially filed the complaint for
damages he could have been arrested under the civil action.  However, once
Adobe agreed to drop the issue (I'm not sure they did, but it is my
understanding that they have) it didn't matter much, because they are not
required to pursue the criminal portion, the government alone can pursue it
from there.

BTW, I'm not trying to argue that the cases which use the DMCA are valid in
any way, I'm totally againts all of them as they definately impose on my
fair use rights, which is why I have never purchased an eBook, don't own a
DVD player (actually not 100% true, I have a DVD player in my laptop and
have used it for loading software and playing around with DVD playback under
Linux using some borrowed DVD's), and don't own music with any SDI
watermarks (that I know of).  If companies don't want to grant me fair use,
I don't want their products.

Later,
Tom

Re: Linux 2.2.20pre10

[D. Stimits]

Tom Sightler wrote:
> 
> > > Not forgotten, just trying to understand relevance.  How do these cases,
> > > which all revolve around breaking commercial products and cause damage
> to
> > > the corporations that push them, apply to security in the open source
> Linux
> > > kernel to which the public is given all rights.
> >
> > For me, DeCSS is an application that has a purpose for watching DVD:s
> > when I boot my G4 into Linux instead of MacOS.
> 
> For me too, but in other people's opinion it's a tool for pirates (I don't
> share this opinion, however, I can see how some people, who don't understand
> the difference, might have this opinion).  However, I don't think that a
> security exploit in an open sourced OS is likely to be a "curcumvention
> device" to even clueless people.
> 
> > And even those that actually use DeCSS only to gain their "copyright"
> > (that is, provide you with your right to copy what you have purchased,
> > for backup-purposes, for instance) or indeed those that illegaly copy
> > DVDs, seldom do so to break commercial products and cause damage to the
> > corporations that push them.
> 
> Agreed, but's that's how these corporations (or coporate representatives)
> managed to get these cases to court.  However, I fail to see who is going to
> be the prosecutor in the case of a security exploit against the open source
> Linux kernel.  In every one of these cases, DeCSS, SDI, and eBook, the
> encryption that was hacked was put in place by the companies specifically to
> protect the copyrighted work.  The Linux kernel provides general access
> controls and does not meet the following DMCA requirement to be a copyright
> protection system:
> 
> "(B) a technological measure "effectively controls access to a work" if the
> measure, in the ordinary course of its operation, requires the application
> of information, or a process or a treatment, with the authority of the
> copyright owner, to gain access to the work."
> 
> The part that is missing is the "authority of the copyright owner" portion.
> In the case of CSS, SDI, and eBook, the copyright owners all specifically
> allow access to the information only when using authorized means of viewing
> the work.  Last I checked no copyright owner has said that ACL's are an
> authorized means.

SSSCA grants all this. SSSCA would have enormous impact here. If SSSCA
passes, look out.
http://www.newsforge.com/article.pl?sid=01/10/19/1546246&mode=thread

D. Stimits, stimits@idcomm.com

> 
> This is my main argument why I think Alan is safe to post security related
> information in changelogs.  I just don't think there is any way for someone
> to interpret this law to mean that posting that information is illegal.  Of
> course, if he still doesn't want to I respect that opinion as well, but I'm
> sure willing to do it.
> 
> > As for the Sklyarov-case, I'm pretty sure he'd been arrested even if his
> > program had been an open source program under the GPL, freely
> > distributed etc.
> 
> I would tend to agree, because Adobe initially filed the complaint for
> damages he could have been arrested under the civil action.  However, once
> Adobe agreed to drop the issue (I'm not sure they did, but it is my
> understanding that they have) it didn't matter much, because they are not
> required to pursue the criminal portion, the government alone can pursue it
> from there.
> 
> BTW, I'm not trying to argue that the cases which use the DMCA are valid in
> any way, I'm totally againts all of them as they definately impose on my
> fair use rights, which is why I have never purchased an eBook, don't own a
> DVD player (actually not 100% true, I have a DVD player in my laptop and
> have used it for loading software and playing around with DVD playback under
> Linux using some borrowed DVD's), and don't own music with any SDI
> watermarks (that I know of).  If companies don't want to grant me fair use,
> I don't want their products.
> 
> Later,
> Tom
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Tom Sightler]

>
> SSSCA grants all this. SSSCA would have enormous impact here. If SSSCA
> passes, look out.
> http://www.newsforge.com/article.pl?sid=01/10/19/1546246&mode=thread
>
> D. Stimits, stimits@idcomm.com
>

I understand, but the SSSCA is not law now, only the DMCA.

I'm very concerned about the SSSCA, and being from the state of South
Carolina, which Sen. Hollings claims to represent, I'm hoping my letters and
pleadings will have at least some effect (maybe he'll read them).  I've
actually met Sen. Hollings once, and have voted against him on every
possible occassion.  I don't think he has a clue about the negative effects
such legislation would have.

This is partly why I'm so interested in this discussion.  The DMCA was bad
enough, athough I think Alan's interpretation is an extreme one, but the
SSSCA is impossible.  The best thing I could say about it is that I'm almost
sure it would have to be struck down in court.  Anyway, I'm reading up on
it, and working on a new letter to try to elaborate more.

Still, even when the SSSCA becomes law, I'll likely be one of the ones in
jail, because I'm not giving up on Linux, or the US, that easily.  I can
understand why other outside of the US might think otherwise though.

Later,
Tom

Re: Linux 2.2.20pre10

[Tom Sightler]

> > Everyone wants to bring up the Sklyarov case, but he didn't just expose
the
> > weakness of the code, his company actively sold a product for financial
gain
> > that circumvented the protection.  While I still don't think the
Sklyarov
>
> The Felten case is the more relevant one.

OK, I need even more help here.  Isn't it Felten the one doing the suing in
that case.  I need more clarification.  I've tried to read both the EFF
pages as well as other sources and I don't even see where he has been sued
under the DMCA (although it does look like he was theatened with legal
action from the RIAA).  Has there been a recent ruling that I've been too
busy to see lately.

Thanks,
Tom

Re: Linux 2.2.20pre10

[Alan Cox]

> 1. A description of a security hole is constitutionally protected
> speech, and as such cannot be construed as violating the sections of the
> DMCA.  If such description fits the definition of "technology, product,
> service, device, component, or part thereof", then we're in big trouble,
> because source code itself is much closer to the definition of a
> "product" than a description of the source code.

I firmly believe that if justice prevails in the existing DMCA cases you
will be shown to be right. I've seen people compare the US to Iraq and
I don't buy that.

However until people stop shooting I'd prefer not to be a potential target.

Alan

Re: Linux 2.2.20pre10

[Riley Williams]

Hi Tudor.

> For reference, here is the full text of the DMCA subsection in
> question: (1201(2)):

> ``(2) No person shall manufacture, import, offer to the public,
> provide, or otherwise traffic in any technology, product, service,
> device, component, or part thereof, that-

> ``(A) is primarily designed or produced for the purpose of
> circumventing a technological measure that effectively controls
> access to a work protected under this title;

> ``(B) has only limited commercially significant purpose or use other
> than to circumvent a technological measure that effectively controls
> access to a work protected under this title;

> or

> ``(C) is marketed by that person or another acting in concert with
> that person with that person's knowledge for use in circumventing a
> technological measure that effectively controls access to a work
> protected under this title.

So...let me see if I understand this correctly...

When the US President vacates office to make room for his successor, he
can then be prosecuted for "otherwise trafficing" in a "service" that
"has only limited commercial significance or purpose...other than to
circumvent a technological measure..." because AS A PART OF HIS JOB as
President, he received information from his advisors relating to matters
of national security, but is now legally barred from knowing that
information by this act?

That should be fun to watch...

Best wishes from Riley.

Re: Linux 2.2.20pre10

[Luigi Genoni]

I do not know about linux kernel, but I know of a couple of GPLed projects
where nice guys from Iraq sended patches and they were merged (they were
good stuff).

Excuse me if I do not say the name of those projects, but I am
sure you understand.

just to say a paradox.

USA are quite like ancien Athen, it were imposing democracy to other greek
polis (greek polis were also in south Italy, asia and north africa...)
Then this democracy degenerated to a corrupt and tirannic (self proclaming
democratic) system.
Nice guys from Sparta and then from thebe, and of course from
Athen destroyed athenian supremacy.
(just read tucidide's history and then xenofonte's ellenics).


If USA is defending democracy, and USA is not a democracy, then
USA should start a was against itself to defend democracy defeating USA
government.

History shows that happened, so it could happen again.

Luigi

On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

>
>
> I wonder if there are any Linux hackers in Iraq?  It's doubtful the government
> there would honor any legal action attempted by the US on DMCA issues.  OTOH, it
> would put me in the rather weird position of agreeing with the Iraqi government,
> which is something I NEVER would have expected...  :-)
>
> Wayne
>
>
>
>
> "Per Jessen" <per@computer.org> on 10/22/2001 01:13:42 PM
>
> Please respond to "Per Jessen" <per@computer.org>
>
> To:   "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
> cc:    (bcc: Wayne Brown/Corporate/Altec)
>
> Subject:  Re: Linux 2.2.20pre10
>
>
>
> On Mon, 22 Oct 2001 12:51:53 -0500, Wayne.Brown@altec.com wrote:
> >I never said that Alan, or any particular individual, should risk a lawsuit or
> >jail.  I simply said that I hoped *someone outside the US* (that is, someone
> not
> >subject to US laws) would make the information available.  Surely there are
> >places in the world that are beyond the reach of the DMCA.  How about those
>
> Alan Cox, living in the UK, may be *somewhat* subject to US legislation.
> Ties between the US and the UK are strong, and it is understandable if a UK-
> resident person does not feel entirely out of reach of US law enforcement.
>
> IMHO.
>
>
> regards,
> Per Jessen, Zurich
>
> regards,
> Per Jessen, Zurich
> http://www.enidan.com - home of the J1 serial console.
>
> Windows 2001: "I'm sorry Dave ...  I'm afraid I can't do that."
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>
>
>
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>

Re: Linux 2.2.20pre10

[Per Jessen]

On Mon, 22 Oct 2001 12:51:53 -0500, Wayne.Brown@altec.com wrote:
>I never said that Alan, or any particular individual, should risk a lawsuit or
>jail.  I simply said that I hoped *someone outside the US* (that is, someone not
>subject to US laws) would make the information available.  Surely there are
>places in the world that are beyond the reach of the DMCA.  How about those

Alan Cox, living in the UK, may be *somewhat* subject to US legislation.
Ties between the US and the UK are strong, and it is understandable if a UK-
resident person does not feel entirely out of reach of US law enforcement.

IMHO. 


regards,
Per Jessen, Zurich 

regards,
Per Jessen, Zurich
http://www.enidan.com - home of the J1 serial console.

Windows 2001: "I'm sorry Dave ...  I'm afraid I can't do that."

Re: Linux 2.2.20pre10

[Horst von Brand]

"Per Jessen" <per@computer.org> said:

[...]

> Alan Cox, living in the UK, may be *somewhat* subject to US legislation.
> Ties between the US and the UK are strong, and it is understandable if a UK-
> resident person does not feel entirely out of reach of US law
> enforcement.

He works for Red Hat...
-- 
Dr. Horst H. von Brand                Usuario #22616 counter.li.org
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513

Re: Linux 2.2.20pre10

[Wayne.Brown]

I never said that Alan, or any particular individual, should risk a lawsuit or
jail.  I simply said that I hoped *someone outside the US* (that is, someone not
subject to US laws) would make the information available.  Surely there are
places in the world that are beyond the reach of the DMCA.  How about those
European sites that made strong encryption available to circumvent the US export
restrictions on encryption technology?  I never heard of the FBI raiding any of
them.

Wayne




George Garvey <tmwg-linuxknl@inxservices.com> on 10/22/2001 12:35:53 PM

To:   Wayne Brown/Corporate/Altec@Altec
cc:   linux-kernel@vger.kernel.org

Subject:  Re: Linux 2.2.20pre10



   So you want to make the decision for Alan to get into a lawsuit and
possibly go to jail to fight the law? Will you pay his legal bills? Will
you take over his maintenance duties if necessary? Will you give him a
job when he's done if it comes to that?
   That's a personal decision, don't you think? Who can judge another
without knowing their circumstances? Do you understand the situation at
all? Truthfully, I don't.

On Mon, Oct 22, 2001 at 12:21:43PM -0500, Wayne.Brown@altec.com wrote:
> It's highly unlikely that Alan withholding information from a handful
> of US Linux users and developers will have any effect on US laws.

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

> I never said that Alan, or any particular individual, should
> risk a lawsuit or jail.  I simply said that I hoped *someone
> outside the US* (that is, someone not subject to US laws) would
> make the information available.

If you publish to the US, you can be sued under US law.

> Surely there are places in the world that are beyond the reach
> of the DMCA.  How about those European sites that made strong
> encryption available to circumvent the US export restrictions on
> encryption technology?  I never heard of the FBI raiding any of
> them.

There's a german guy named as one of the defendants in
the DVD lawsuit in California. He has never even been
to California, but could end up being convicted for
doing something which is perfectly legal in Germany.

I don't think I want to take the risk of getting charged
with a crime in the US for something perfectly legal here.
I'd rather lock out the US and leave the legal risks to the
people who elected the folks who put these laws in place...

regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Kilobug]

Rik van Riel wrote:

 >>I never said that Alan, or any particular individual, should
 >>risk a lawsuit or jail.  I simply said that I hoped *someone
 >>outside the US* (that is, someone not subject to US laws) would
 >>make the information available.
 >>
 >
 > If you publish to the US, you can be sued under US law.
 >

Ok, so mail me the security-related informations at
kilobug@club-internet.fr, it's in France so you can, and I'll forward them.

I don't plan to go to the US a day or another (I won't go to any country
that use death penalty, for moral and political reasons), and so I don't
fear their DMCA.

-- 
   ** Gael Le Mignot, Ing3 EPITA, Coder of The Kilobug Team **
Home Mail : kilobug@freesurf.fr          Work Mail : le-mig_g@epita.fr
GSM       : 06.71.47.18.22 (in France)   ICQ UIN   : 7299959
Web       : http://kilobug.freesurf.fr or http://drizzt.dyndns.org

"Software is like sex it's better when it's free.", Linus Torvalds

Re: Linux 2.2.20pre10

[Yoann Vandoorselaere]

[-- Attachment #1: Type: text/plain, Size: 918 bytes --]

On Mon, 2001-10-22 at 23:52, Kilobug wrote:
> Rik van Riel wrote:
> 
>  >>I never said that Alan, or any particular individual, should
>  >>risk a lawsuit or jail.  I simply said that I hoped *someone
>  >>outside the US* (that is, someone not subject to US laws) would
>  >>make the information available.
>  >>
>  >
>  > If you publish to the US, you can be sued under US law.
>  >
> 
> Ok, so mail me the security-related informations at
> kilobug@club-internet.fr, it's in France so you can, and I'll forward them.
> 
> I don't plan to go to the US a day or another (I won't go to any country
> that use death penalty, for moral and political reasons), and so I don't
> fear their DMCA.

Did you see recent french law change ? I think there is not a long time
to go before we end up with law like DMCA. Have a look to
www.lsijolie.net

-- 
Yoann Vandoorselaere
http://www.prelude-ids.org

[-- Attachment #2: Type: application/pgp-signature, Size: 232 bytes --]

Re: Linux 2.2.20pre10

[Joel Jaeggli]

On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

>
>
> I never said that Alan, or any particular individual, should risk a lawsuit or
> jail.  I simply said that I hoped *someone outside the US* (that is, someone not
> subject to US laws) would make the information available.

tell that to dimitri skylarov, I'm sure he'd love to here it.

> Surely there are
> places in the world that are beyond the reach of the DMCA.  How about those
> European sites that made strong encryption available to circumvent the US export
> restrictions on encryption technology?  I never heard of the FBI raiding any of
> them.
>
> Wayne
>
>
>
>
> George Garvey <tmwg-linuxknl@inxservices.com> on 10/22/2001 12:35:53 PM
>
> To:   Wayne Brown/Corporate/Altec@Altec
> cc:   linux-kernel@vger.kernel.org
>
> Subject:  Re: Linux 2.2.20pre10
>
>
>
>    So you want to make the decision for Alan to get into a lawsuit and
> possibly go to jail to fight the law? Will you pay his legal bills? Will
> you take over his maintenance duties if necessary? Will you give him a
> job when he's done if it comes to that?
>    That's a personal decision, don't you think? Who can judge another
> without knowing their circumstances? Do you understand the situation at
> all? Truthfully, I don't.
>
> On Mon, Oct 22, 2001 at 12:21:43PM -0500, Wayne.Brown@altec.com wrote:
> > It's highly unlikely that Alan withholding information from a handful
> > of US Linux users and developers will have any effect on US laws.
>
>
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>

-- 
--------------------------------------------------------------------------
Joel Jaeggli				       joelja@darkwing.uoregon.edu
Academic User Services			     consult@gladstone.uoregon.edu
     PGP Key Fingerprint: 1DE9 8FCA 51FB 4195 B42A 9C32 A30D 121E
--------------------------------------------------------------------------
It is clear that the arm of criticism cannot replace the criticism of
arms.  Karl Marx -- Introduction to the critique of Hegel's Philosophy of
the right, 1843.

Re: Linux 2.2.20pre10

[Adrian Bunk]

On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

> I never said that Alan, or any particular individual, should risk a lawsuit or
> jail.  I simply said that I hoped *someone outside the US* (that is, someone not
> subject to US laws) would make the information available.  Surely there are
> places in the world that are beyond the reach of the DMCA.  How about those

Where in the world do you find "someone not subject to US laws"? Someone
who develops a program in Russia gets arrested in the USA. And with the
"Hague Convention on Jurisdiction and Foreign Judgments in Civil and
Commercial Matters" [1] it will become much more easy for US companies for
sue people outside the USA...

> European sites that made strong encryption available to circumvent the US export
> restrictions on encryption technology?  I never heard of the FBI raiding any of
> them.

That's a completely different thing: It is and it was always legal to use
encryption technology inside the USA and to import it into the USA (read:
downloading it from outside the USA is some kind of import). The only
thing that was (and is still under some circumstances) forbidden is the
export it from the USA. That means that in this case there are _no_ legal
risks for you when you offer encryption technology on a server that is
located outside the USA - and this is quite different from the DMCA
problems.

> Wayne

cu
Adrian

[1] An article in German about it that includes a pdf with the English
    text of the proposal is at
      http://www.heise.de/newsticker/data/jk-15.10.01-001/


-- 

Get my GPG key: finger bunk@debian.org | gpg --import

Fingerprint: B29C E71E FE19 6755 5C8A  84D4 99FC EA98 4F12 B400

Re: Linux 2.2.20pre10

[Wayne.Brown]

It's highly unlikely that Alan withholding information from a handful of US
Linux users and developers will have any effect on US laws.  Plenty of us have
complained already to our elected officials, without results.  The number of
people who would care (or even know) about Alan's security boycott -- even if it
includes the entire US readership of linux-kernel -- is vanishingly small
compared to the general population, and no politician is going to pay attention
to such a small and dilute constituency.  All a policy of secrecy will
accomplish is to punish US kernel hackers (who probably disagree with the DMCA
as much as the rest of you) and have no effect on the average citizen who
doesn't have a clue about either the DMCA or Linux.  I'm seeing a disturbing
trend here; with all the talk about this topic and about EXPORT_SYMBOL_GPL here
lately, I'm starting to think linux-kernel is more about restricting information
than disseminating it.

I believe the DCMA should be treated like firearms laws or any other bad laws:
Fight them where possible, and disobey them where fighting them is not possible.

Wayne




Rik van Riel <riel@conectiva.com.br> on 10/22/2001 11:03:53 AM

To:   Wayne Brown/Corporate/Altec@Altec
cc:   linux-kernel@vger.kernel.org

Subject:  Re: Linux 2.2.20pre10



On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

> Speaking as a US citizen, I hope that someone outside the US
> will grab that info as soon as it's available and make it
> accessible to everyone.  (Not that I need it myself -- I have no
> interest in 2.2.20 -- but I like to see crap legislation like
> the DMCA subverted wherever possible.)

Yeah, lets keep up the status quo so bad laws never get
subverted and people like Dmitry Skylarov are the only
people suffering from bad US laws.

NOT.

Rik
--
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/       http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[George Garvey]

   So you want to make the decision for Alan to get into a lawsuit and
possibly go to jail to fight the law? Will you pay his legal bills? Will
you take over his maintenance duties if necessary? Will you give him a
job when he's done if it comes to that?
   That's a personal decision, don't you think? Who can judge another
without knowing their circumstances? Do you understand the situation at
all? Truthfully, I don't.

On Mon, Oct 22, 2001 at 12:21:43PM -0500, Wayne.Brown@altec.com wrote:
> It's highly unlikely that Alan withholding information from a handful
> of US Linux users and developers will have any effect on US laws.

Re: Linux 2.2.20pre10

[Nick LeRoy]

Wayne, everybody..

I hate to belabor this point, but I'm in full agreement.  If I really 
believed that Alan's boycott would have *any* positive affect, I'd fully 
support it, but the reality of the situation is that Wayne is right -- nobody 
with any real power will ever know or be able to a difference.  I think that 
civil disobiediance is the only sensible action.

-Nick

On Monday 22 October 2001 12:21, Wayne.Brown@altec.com wrote:
> It's highly unlikely that Alan withholding information from a handful of US
> Linux users and developers will have any effect on US laws.  Plenty of us
> have complained already to our elected officials, without results.  The
> number of people who would care (or even know) about Alan's security
> boycott -- even if it includes the entire US readership of linux-kernel --
> is vanishingly small compared to the general population, and no politician
> is going to pay attention to such a small and dilute constituency.  All a
> policy of secrecy will accomplish is to punish US kernel hackers (who
> probably disagree with the DMCA as much as the rest of you) and have no
> effect on the average citizen who doesn't have a clue about either the DMCA
> or Linux.  I'm seeing a disturbing trend here; with all the talk about this
> topic and about EXPORT_SYMBOL_GPL here lately, I'm starting to think
> linux-kernel is more about restricting information than disseminating it.
>
> I believe the DCMA should be treated like firearms laws or any other bad
> laws: Fight them where possible, and disobey them where fighting them is
> not possible.

Re: Linux 2.2.20pre10

[Rob Turk]

"Nick LeRoy" <nleroy@cs.wisc.edu> wrote in message
news:cistron.200110221745.f9MHjvF04940@schroeder.cs.wisc.edu...
> Wayne, everybody..
>
> I hate to belabor this point, but I'm in full agreement.  If I really
> believed that Alan's boycott would have *any* positive affect, I'd fully
> support it, but the reality of the situation is that Wayne is right -- nobody
> with any real power will ever know or be able to a difference.  I think that
> civil disobiediance is the only sensible action.
>
> -Nick

Alan might have to travel to the US somewhere in the near future. Do you think
he wants to risk being arrested? Making a point is one thing, serving time is
another. If Alan would disclose the details now, he would knowingly be
disobediant. Dimitry Sklyarov was ' unknowingly disobediant', and look what that
got him...

Rob

Re: Linux 2.2.20pre10

[D. Stimits]

Nick LeRoy wrote:
> 
> Wayne, everybody..
> 
> I hate to belabor this point, but I'm in full agreement.  If I really
> believed that Alan's boycott would have *any* positive affect, I'd fully
> support it, but the reality of the situation is that Wayne is right -- nobody
> with any real power will ever know or be able to a difference.  I think that
> civil disobiediance is the only sensible action.

I wish I had a vote in Senator Hollings jurisdiction, I'd try to have
him impeached or recalled. It would never work, but it might open some
eyes.

D. Stimits, stimits@idcomm.com

> 
> -Nick
> 
> On Monday 22 October 2001 12:21, Wayne.Brown@altec.com wrote:
> > It's highly unlikely that Alan withholding information from a handful of US
> > Linux users and developers will have any effect on US laws.  Plenty of us
> > have complained already to our elected officials, without results.  The
> > number of people who would care (or even know) about Alan's security
> > boycott -- even if it includes the entire US readership of linux-kernel --
> > is vanishingly small compared to the general population, and no politician
> > is going to pay attention to such a small and dilute constituency.  All a
> > policy of secrecy will accomplish is to punish US kernel hackers (who
> > probably disagree with the DMCA as much as the rest of you) and have no
> > effect on the average citizen who doesn't have a clue about either the DMCA
> > or Linux.  I'm seeing a disturbing trend here; with all the talk about this
> > topic and about EXPORT_SYMBOL_GPL here lately, I'm starting to think
> > linux-kernel is more about restricting information than disseminating it.
> >
> > I believe the DCMA should be treated like firearms laws or any other bad
> > laws: Fight them where possible, and disobey them where fighting them is
> > not possible.
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Alan Cox]

> support it, but the reality of the situation is that Wayne is right -- nobody 
> with any real power will ever know or be able to a difference.  I think that 
> civil disobiediance is the only sensible action.

And thats a choice you have - go post the relevant information where you
like at your own risk.

Re: Linux 2.2.20pre10

[Rob Turk]

<Wayne.Brown@altec.com> wrote in message
news:cistron.86256AED.005FB443.00@smtpnotes.altec.com...
>
>
> It's highly unlikely that Alan withholding information from a handful of US
> Linux users and developers will have any effect on US laws.  Plenty of us have
> complained already to our elected officials, without results.

Yup, but if large US-based corporations with economic ties into Linux no longer
have access to clear patch descriptions, *they* might have a better chance to
convince your US lawmakers that these laws are hurting US economy.

Rob

Re: Linux 2.2.20pre10

[Wayne.Brown]

Speaking as a US citizen, I hope that someone outside the US will grab that info
as soon as it's available and make it accessible to everyone.  (Not that I need
it myself -- I have no interest in 2.2.20 -- but I like to see crap legislation
like the DMCA subverted wherever possible.)

Wayne




Alan Cox <alan@lxorguk.ukuu.org.uk> on 10/22/2001 06:55:12 AM

To:   ahu@ds9a.nl (bert hubert)
cc:   linux-kernel@vger.kernel.org (bcc: Wayne Brown/Corporate/Altec)

Subject:  Re: Linux 2.2.20pre10



> Are you saying that we can't divulge security problems in our own software
> anymore for fear of being sued by affected parties?

Not even affected parties - the government can do it too without anyone else
and indeed even if their are contractual agreements between parties
permitting the data to be released..

I hope to have the security stuff up on a non US citizen accessible site in
time for 2.2.20 final
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Tom Sightler]

> Speaking as a US citizen, I hope that someone outside the US will grab
that info
> as soon as it's available and make it accessible to everyone.  (Not that I
need
> it myself -- I have no interest in 2.2.20 -- but I like to see crap
legislation
> like the DMCA subverted wherever possible.)

Agreed, and it's exactly what we need to do.  Laws like these are much
easier to overturn when they start making criminals out of everyday,
ordinary people for just doing their normal jobs.  Suddenly even dumb judges
and, especially, elected officials, get the idea because the pressure gets
put on by everyone.

Of course, I still think this is an extremeist view of the DMCA.  I don't
see were it keeps you from posting information about security fixes to your
own code, just not other peoples products.

Later,
Tom

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001 Wayne.Brown@altec.com wrote:

> Speaking as a US citizen, I hope that someone outside the US
> will grab that info as soon as it's available and make it
> accessible to everyone.  (Not that I need it myself -- I have no
> interest in 2.2.20 -- but I like to see crap legislation like
> the DMCA subverted wherever possible.)

Yeah, lets keep up the status quo so bad laws never get
subverted and people like Dmitry Skylarov are the only
people suffering from bad US laws.

NOT.

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Linux 2.2.20pre10

[Alan Cox]

Things took a bit longer than intended with various security fixes needing to
be done. If this tree tests out ok it will be 2.2.20

2.2.20pre11
o	Security fixes
	| Details censored in accordance with the US DMCA
o	Sparc updates					(Dave Miller)
o	Add escaped usb hot plug config item		(Ryan Maple)
o	Fix eepro10 driver problems			(Aris)
o	Make request_module return match 2.4		(David Woodhouse)
o	Update SiS900 driver				(Hui-Fen Hsu)
o	Update ver_linux to match 2.4			(Steven Cole)
o	Final isdn fixups for 2.2			(Kai Germaschewski)
o	scsi tape fixes from 2.4			(Kai Mäkisara)
o	Update credits entry				(Henrik Storner)
o	Fix scc driver hang case			(Jeroen)
o	Update credits entry				(Dave Jones)
o	Update FAT documentation			(Hirokazu Nomoto)
o	Small net tweaks				(Dave Miller)
o	Fix cs89xx abuse of skb->len			(Kapr Johnik)

2.2.20pre10
o	Update the gdth driver				(Achim Leubner)
o	Fix prelink elf loading in 2.2			(Jakub Jelinek)
o	2.2 lockd fixes when talking to HP/UX		(Trond Myklebust)
o	3ware driver update				(Adam Radford)
o	hysdn driver update				(Kai Germaschewski)
o	Backport via rhine fixes			(Dennis Bjorklund)
o	NFS client fixes		(Trond Myklebust, Ion Badulescu,
					 Jim Castleberry, Crag I Hagan.
					 Adrian Drzewiecki)
o	Blacklist TEAC PD-1 to single lun		(Wojtek Pilorz)
o	Fix null request_mode return 			(David Woodhouse)
o	Update credits entry				(Fernando Fuganti)
o	Fix sparc build with newer binutils		(Andreas Jaeger)
o	Starfire update					(Ion Badulescu)
o	Remove dead USB files				(Greg Kroah-Hartmann)
o	Fix isdn mppp crash case			(Kai Germaschewski)
o	Fix eicon driver				(Kai Germaschewski)
o	More pci idents					(Andreas Tobler)
o	Typo fix					(Eli Carter)
o	Remove ^M's from some data files		(Greg Kroah-Hartmann)
o	64bit cleanups for isdn				(Kai Germaschewski)
o	Update isdn certificates			(Kai Germaschewski)
o	Mac update for sysrq				(Ben Herrenschmidt)

2.2.20pre9
o	Document ip_always_defrag in proc.txt		(Brett Eldrige)
o	Update S/390 asm for newer gcc			(Ulrich Weigand
o	Update S/390 documentation			 Carsten Otte
o	Update s390 dump too				  and co)
o	Update s/390 dasd to match 2.4
o	Backport s/390 tape driver from 2.4
o	FDDI bits for s/390
o	Updates for newer pmac laptops			(Tom Rini)
o	AMD760MP support				(Johannes Erdfelt)
o	Fix PPC oops on media change			(Tom Rini)
o	Fix some weird but valid input combinations	(Tom Rini)
	on PPC
o	Add additional checks to irc dcc masquerade	(Juanjo Ciarlante,
							 Michal Zalewski)
o	Update 2.2 ISDN maintainer			(Kai Germaschewski)
o	Fix 3c505 with > 16Mb of RAM			(Paul)
o	Bring USB into sync with 2.4.7			(Greg Kroah-Hartmann)

2.2.20pre8
o	Merge DRM fixes from 2.4.7 tree			(me)
o	Merge sbpcd fixes from 2.4.7 tree
o	Merge moxa buffer length check
o	Merge bttv clip length check
o	Merge aha2920 shared irq from 2.4.7 tree
o	Merge MTWEOF fix from 2.4.6 tree
o	Merge serverworks AGP from 2.4.6 tree
o	Merge sbc60xxx watchdog fixes from 2.4.6
o	Merge lapbether fixes from 2.4.6
o	Merge bpqether fixes from 2.4.6
o	Merge scc fixes from 2.4.6
o	Merge lmc memory leak fixes from 2.4.6
o	Merge sm_wss fixes from 2.4.6
o	Resync AGP support with 2.4.6
o	Merge epca fixes from 2.4.5
o	Merge riscom8 fixes from 2.4.5
o	Merge softdog fixes from 2.4.5
o	Merge specialix fixes from 2.4.5
o	Merge wdt/wdt_pci fixes from 2.4.5
o	ISDN cisco hdlc fixes				(Kai Germaschewski)
o	ISDN timer fixes				(Kai Germaschewski)
o	isdn minor control change backport		(Kai Germaschewski)
o	Backport ELCR MP 1.1 config/PCI routing stuff	(John William)
o	Backport isdn ppp fixes from 2.4		(Kai Germaschewski)
o	Backport isdn_tty fixes from 2.4		(Kai Germaschewski)
o	eicon cleanups					(Armin Schindler)
	| Armin can you double check the clashes were ok
o	Fix an ntfs oops				(Anton Altaparmakov)
o	Fix arp null neighbour buglet			(Dave Miller)
o	Update sparc version strings, pci fixups	(Dave Miller)
o	Define CONFIG_X86 in 2.2 as well as 2.4		(Herbert Xu)
o	Configure.help cleanups				(Steven Cole)
o	Add MODE_SELECT_10 to qlogic fc table		(Jeff Andre)
o	Remove dead oldproc variable			(Dave Miller)
o	Update starfire driver for 2.2			(Ion Badulescu)
o	8139too driver update				(Jens David)
o	Assorted race fixes for binfmt loaders		(Al Viro)
o	Update Alpha support for older boxes		(Jay Estabrook)
o	ISDN bsdcomp/ppp compression fixes		(Kai Germaschewski)

2.2.20pre7
o	Merge rose buffer management fixes		(Jean-Paul Roubelat)
o	Configure.help updates				(Steven Cole)
o	Add Steven Cole to credits			(Steven Cole)
o	Update kbuild list info				(Michael Chastain)
o	Fix slab.c doc typo				(Piotr Kasprzyk)
o	Lengthen parport probe timeout			(Jean-Luc Coulon)
o	Fix vm86 cleanup				(Stas Sergeev)
o	Fix 8139too build bug				(Jürgen Zimmermann)
o	Fix slow 8139too performance			(Oleg Makarenko)
o	Sparc64 exec fixes				(Solar Designer)

2.2.20pre6
o	Merge all the pending ISDN updates		(Kai Germaschewski)
	| These are sizable changes and want a good testing
o	Fix sg deadlock bug as per 2.4			(Douglas Gilbert)
o	Count socket/pipe in quota inode use		(Paul Menage)
o	Fix some missing configuration help texts	(Steven Cole)
o	Fix Rik van Riel's credits entry		(Rik van Riel)
o	Mark xtime as volatile in extern definition	(various people)
o	Fix open error return checks			(Andries Brouwer)

2.2.20pre5
o	Fix a patch generation error, replaces 2.2.20pre4 which is
	wrong on ad1848

2.2.20pre4
o	Fix small corruption bug in 82596		(Andries Brouwer)
o	Fix usb printer probing				(Pete Zaitcev)
o	Fix swapon/procfs race				(Paul Menage)
o	Handle ide dma bug in the CS5530		(Mark Lord)
o	Backport 2.4 ipv6 neighbour discovery changes	(Dave Miller)
o	FIx sock_wmalloc error handling			(Dave Miller)
o	Enter quickack mode for out of window TCP data	(Andi Kleen)
o	Fix Established v SYN-ACK TCP state error	(Alexey Kuznetsov)
o	Sparc updates, ptrace changes etc		(Dave Miller)
o	Fix wrong printk in vdolive masq		(Keitaro Yosimura)
o	Fix core dump handling bugs in 2.2		(Al Viro)
o	Update hdlc and synclink drivers		(Paul Fulghum)
o	Update netlink help texts			(Magnus Damm)
o	Fix rtl8139 keeping files open			(Andrew Morton)
o	Further sk98 driver updates. fix wrong license	(Mirko Lindner)
	text in files
o	Jonathan Woithe has moved			(Jonathan Woithe)
o	Update cpqarray driver				(Charles White)
o	Update cciss driver				(Charles White)
o	Don't delete directories on an fs that reports	(Ingo Oeser)
	then 0 size when doing distclean
o	Add support for the 2.4 boot extensions to 2.2	(H Peter Anvin)
o	Fix nfs cache locking corruption on SMP		(Craig Hagan)
o	Add missing check to cdrom readaudio ioctl	(Jani Jaakkola)
o	Fix refclock build with newer gcc		(Jari Ruusu)
o	koi8-r fixes					(Andy Rysin)
o	Spelling fixes for documentation		(Andries Brouwer)

2.2.20pre3
o	FPU/ptrace corruption fixes			(Victor Zandy)
o	Resync belkin usb serial with 2.4		(Greg Kroah-Hartmann)
o	Resync digiport usb serial with 2.4		(Greg Kroah-Hartmann)
o	Rsync empeg usb serial with 2.4			(Greg Kroah-Hartmann)
o	Resync ftdi_sio against 2.4			(Greg Kroah-Hartmann)
o	Bring keyscan usb back into line with 2.4	(Greg Kroah-Hartmann)
o	Resync keyspan_pda usb with 2.4			(Greg Kroah-Hartmann)
o	Resync omninet usb with 2.4.5			(Greg Kroah-Hartmann)
o	Resync usb-serial driver with 2.4.5		(Greg Kroah-Hartmann)
o	Resync visor usb driver with 2.4.5		(Greg Kroah-Hartmann)
o	Rsync whiteheat driver with 2.4.5		(Greg Kroah-Hartmann)
o	Add edgeport USB serial				(Greg Kroah-Hartmann)
o	Add mct_u232 USB serial				(Greg Kroah-Hartmann)
o	Update usb storage device list		(Stas Bekman, Kaz Sasayma)
o	Bring usb acm driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring bluetooth driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring dabusb driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring usb dc2xx driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring mdc800 usb driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring rio driver into line with 2.4.5		(Greg Kroah-Hartmann)
o	Bring USB scanner drivers into line with 2.4.5	(Greg Kroah-Hartmann)
o	Update ov511 driver to match 2.4.5		(Greg Kroah-Hartmann)
o	Update PCIIOC ioctls (esp for sparc)		(Dave Miller)
o	General sparc bugfixes				(Dave Miller)
o	Fix possible oops in fbmem ioctls		(Dave Miller)
o	Fix reboot/halt bug on "Alcor" Alpha boxes	(Tom Vier)
o	Update osst driver 				(Willem Riede)
o	Fix syncppp negotiation bug			(Bob Dunlop)
o	SMBfs bug fixes from 2.4 series			(Urban Widmark)
o	3ware IDE raid driver updates			(Adam Radford)
o	Fix incorrect use of bitops on non long types	(Dave Miller)
o	Fix reboot/halt bug on 'Miata' Alpha boxes	(Tom Vier)
o	Update Tim Waugh's contact info			(Tim Waugh)
o	Add TIOCGSERIAL to sun serial on PCI sparc32	(Lars Kellogg-Stedman)
o	ov511 check user data more carefully		(Marc McClelland)
o	Fix netif_wake_queue compatibility macro	(Andi Kleen)

2.2.20pre2
o	Fix ip_decrease_ttl as per 2.4			(Dave Miller)
o	Fix tcp retransmit state bug			(Alexey Kuznetsov)
o	Fix a few obscure sparc tree bugs		(Dave Miller)
o	Fix fb /proc bug and OF fb name size bug	(Segher Boessenkool)
o	Fix complie with CONFIG_INTEL_RNG=y		(Andrzej Krzysztofowicz)
o	Fix rio driver when HZ!=100			(Andrzej Krzysztofowicz)
o	Stop 3c509 grabbing other EISA boards		(Andrzej Krzysztofowicz)
o	Remove surplus defines for root= names		(Andrzej Krzysztofowicz)
o	Revert pre1 APIC change

2.2.20pre1
o	Fix SMP deadlock in NFS				(Trond Myklebust)
o	Fix missing printk in bluesmoke handler		(me)
o	Fix sparc64 nfs					(Dave Miller)
o	Update io_apic code to avoid breaking dual	(Johannes Erdfelt)
	Athlon 760MP
o	Fix includes bugs in toshiba driver		(Justin Keene,
							 Greg Kroah-Hartmann)
o	Fix wanpipe cross compile			(Phil Blundell)
o	AGPGART copy_from_user fix			(Dawson Engler)
o	Fix alpha resource setup error			(Allan Frank)
o	Eicon driver updates				(Armind Schindler)
o	PC300 driver update				(Daniela Squassoni)
o	Show lock owner on flocks			(Jim Mintha)
o	Update cciss driver to 1.0.3			(Charles White)
o	Backport cciss/cpqarray security fixes		(me)
o	Update i810 random number generator		(Jeff Garzik)
o	Update sk98 driver				(Mirko Lindner)
o	Update sis900 ethernet driver			(Hui-Fen Hsu)
o	Fix checklist glitch in make menuconfig		(Moritz Schulte)
o	Update synclink driver				(Paul Fulghum)
o	Update advansys scsi driver			(Bob Frey)
o	Ver_linux fixes for 2.2				(Steven Cole)
o	Bring 2.2 back into line with the master ISDN	(Kai Germaschewski)
o	Whiteheat usb driver update			(Greg Kroah-Hartmann)
o	Fix via_rhine byte counters			(Adam Lackorzynski)
o	Fix modem control on rio serial			(Rogier Wolff)
o	Add more Iomega Zip to the usb storage list	(Wim Coekaerts)
o	Add ZF Micro watchdog 				(Fernando Fuganti)

Re: Linux 2.2.20pre10

[bert hubert]

On Mon, Oct 22, 2001 at 11:21:49AM +0100, Alan Cox wrote:
> Things took a bit longer than intended with various security fixes needing to
> be done. If this tree tests out ok it will be 2.2.20
> 
> 2.2.20pre11
> o	Security fixes
> 	| Details censored in accordance with the US DMCA

Care to elaborate?

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
Trilab                                 The Technology People
Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

Re: Linux 2.2.20pre10

[Alan Cox]

> > 2.2.20pre11
> > o	Security fixes
> > 	| Details censored in accordance with the US DMCA
> 
> Care to elaborate?

On a list that reaches US citizens - no. File permissions and userids may
constitute and be used for rights management.

Alan

Re: Linux 2.2.20pre10

[bert hubert]

On Mon, Oct 22, 2001 at 12:30:02PM +0100, Alan Cox wrote:

> > > o	Security fixes
> > > 	| Details censored in accordance with the US DMCA
> > 
> > Care to elaborate?
> 
> On a list that reaches US citizens - no. File permissions and userids may
> constitute and be used for rights management.

I may be a bit simple today, but I still don't get it. In what way does the
DMCA (horrible as it is) apply to our own software, which we in know way
'reverse engineered'?

Are you saying that we can't divulge security problems in our own software
anymore for fear of being sued by affected parties?

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
Trilab                                 The Technology People
Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

Re: Linux 2.2.20pre10

[Alan Cox]

> Are you saying that we can't divulge security problems in our own software
> anymore for fear of being sued by affected parties?

Not even affected parties - the government can do it too without anyone else
and indeed even if their are contractual agreements between parties
permitting the data to be released..

I hope to have the security stuff up on a non US citizen accessible site in
time for 2.2.20 final

Re: Linux 2.2.20pre10

[Matthias Andree]

On Mon, 22 Oct 2001, Alan Cox wrote:

> > Are you saying that we can't divulge security problems in our own software
> > anymore for fear of being sued by affected parties?
> 
> Not even affected parties - the government can do it too without anyone else
> and indeed even if their are contractual agreements between parties
> permitting the data to be released..
> 
> I hope to have the security stuff up on a non US citizen accessible site in
> time for 2.2.20 final

Putting pressure on US people to have them influence their
legislation? Aka. every people have the rulers they deserve? Won't work
out.

Seriously, are you kidding?

-- 
Matthias Andree

Re: Linux 2.2.20pre10

[Alan Cox]

> Putting pressure on US people to have them influence their
> legislation? Aka. every people have the rulers they deserve? Won't work
> out.

   "Until they become conscious they will never rebel, and until after
    they have rebelled they cannot become conscious."

> Seriously, are you kidding?

The current interpretation of the DMCA is as lunatic as it sounds. With luck
the Sklyarov case will see that overturned on constitutional grounds. Until
then US citizens will have to guess about security issues.

Alan

Re: Linux 2.2.20pre10

[Luigi Genoni]

Reral problem is that there are also good developers that this way are
cutted out, and cannot give their contrib.

ufff! I tend to belive that politicians make law without a real knoledge
of what they are doing (see Italian law on copyrights)

Luigi

On Mon, 22 Oct 2001, Alan Cox wrote:

> > Putting pressure on US people to have them influence their
> > legislation? Aka. every people have the rulers they deserve? Won't work
> > out.
>
>    "Until they become conscious they will never rebel, and until after
>     they have rebelled they cannot become conscious."
>
> > Seriously, are you kidding?
>
> The current interpretation of the DMCA is as lunatic as it sounds. With luck
> the Sklyarov case will see that overturned on constitutional grounds. Until
> then US citizens will have to guess about security issues.
>
> Alan
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>

Re: Linux 2.2.20pre10

[brian]

> > Putting pressure on US people to have them influence their
> > legislation? Aka. every people have the rulers they deserve? Won't
> > work out.

On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
>    "Until they become conscious they will never rebel, and until after
>     they have rebelled they cannot become conscious."

While I've been generally saddened by Alan Cox's and others
anti-America attitude,  I am somewhat surprised to find that
Alan believes the US bombing of Afghanistan is justified and so
is the collateral damage as they call it.

Alan's point being that a population of a State can't be innocent
of the actions of their government, something, by the way, with
which I disagree.

Strange though, while the US has delivered hundreds of millions of US
dollars in aid to Afghanistan both before and after 9/11, Alan would
deny US citizens some of the tools with which to change things at home.

Alan asks us to rebel, but then denies us at least some of the
avenues we might take.  Others claiming for him that he doesn't
want to risk jail.  What if every aid worker in Afghanistan
and elsewhere around the world had the same attitude?

-- 
Brian Litzinger <brian@worldcontrol.com>

    Copyright (c) 2001 By Brian Litzinger, All Rights Reserved

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001 brian@worldcontrol.com wrote:

> While I've been generally saddened by Alan Cox's and others
> anti-America attitude,  I am somewhat surprised to find that

	[snip drivel on steroids]

> Others claiming for him that he doesn't want to risk jail.

You seem to have claimed as much for (against?) him as
all the others in this thread together. Lets take this
topic elsewhere, shall we ?

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Richard B. Johnson]

On Mon, 22 Oct 2001 brian@worldcontrol.com wrote:

> > > Putting pressure on US people to have them influence their
> > > legislation? Aka. every people have the rulers they deserve? Won't
> > > work out.
> 
> On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> >    "Until they become conscious they will never rebel, and until after
> >     they have rebelled they cannot become conscious."
> 
> While I've been generally saddened by Alan Cox's and others
> anti-America attitude,  I am somewhat surprised to find that
> Alan believes the US bombing of Afghanistan is justified and so
> is the collateral damage as they call it.
> 
> Alan's point being that a population of a State can't be innocent
> of the actions of their government, something, by the way, with
> which I disagree.
> 
[SNIPPED...]

Once the government controls the schools, children learn what the
government wants them to learn. This knowledge becomes "fact" even
though it may be illogical and have no technical basis. Once the
United States government gained a toe-hold in the schools in the
1948 "School Lunch Program", the result was clear and the future
certain. Now we have socialist teachers teaching future socialist
legislators.

I am certain that the same problem exists with all governments,
even the United Kingdom. I don't think Alan is anti-American,
merely having been blinded by his own schooling. The days of
the patriots who declared; "Give me liberty or give me death!"
are long gone everywhere. Now we have, instead, those who declare;
"Give me a job so I can feed my family...". Anything the government
promises, that makes that job easier, or more readily available,
is accepted as the price of liberty when, if fact, there is no
liberty involved whatsoever. I read a quote in one of the IEEE
rags where Alan stated that he was afraid that he'd be arrested
if he entered the United States.  I don't think he has too
much to worry about, the United States government didn't even
"provide for the common defense" (preamble to the US Constitution)
as became obvious on 9/11. I'm sure nobody would wake up even if
Alan was a terrorist.

I believe that we should have sent a tactical nuclear cruise
missile to Ben Laden's last known address. We can always apologize
later. This would put future terrorists on notice that if you
tweak the tiger's tail, you get hurt. But, that's why I'm
not a politician. Instead, we've got so-called government leader-
ship that is running around the world kissing ass. I don't need
some government to apologize for my existence. I need a government
to "provide for the common defense..." as required by the United
States Constitution.

Sorry about the off-topic.

Cheers,
Dick Johnson

Penguin : Linux version 2.4.1 on an i686 machine (799.53 BogoMips).

    I was going to compile a list of innovations that could be
    attributed to Microsoft. Once I realized that Ctrl-Alt-Del
    was handled in the BIOS, I found that there aren't any.

Re: Linux 2.2.20pre10

[Alan Cox]

> United States government gained a toe-hold in the schools in the
> 1948 "School Lunch Program", the result was clear and the future
> certain. Now we have socialist teachers teaching future socialist
> legislators.

I think that you need to learn the difference between socialism and
stalinist statism - what you are describing is the USSR, which was of
course the other major state that imprisoned people for wanting to make
copies as part of free speech, and which controlled copying devices with
laws.

Alan

Re: Linux 2.2.20pre10

[Richard B. Johnson]

On Mon, 22 Oct 2001, Alan Cox wrote:

> > United States government gained a toe-hold in the schools in the
> > 1948 "School Lunch Program", the result was clear and the future
> > certain. Now we have socialist teachers teaching future socialist
> > legislators.
> 
> I think that you need to learn the difference between socialism and
> stalinist statism - what you are describing is the USSR, which was of
> course the other major state that imprisoned people for wanting to make
> copies as part of free speech, and which controlled copying devices with
> laws.
> 

Sorry. I got confused. With the government reading everything we
type, I tend to get the countries mixed.

Cheers,
Dick Johnson

Penguin : Linux version 2.4.1 on an i686 machine (799.53 BogoMips).

    I was going to compile a list of innovations that could be
    attributed to Microsoft. Once I realized that Ctrl-Alt-Del
    was handled in the BIOS, I found that there aren't any.

Re: Linux 2.2.20pre10

[Paul P Komkoff Jr]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Replying to Alan Cox:
> I think that you need to learn the difference between socialism and
> stalinist statism - what you are describing is the USSR, which was of
> course the other major state that imprisoned people for wanting to make
> copies as part of free speech, and which controlled copying devices with
> laws.

Not only copying devices - every typewriter also needed to be registered
here "that days" :) we was denied not to only copy but to say anything own
too.

And about restricting copying devices - somebody trying the same in computer
industry, yeah? to deny cd-recorders 'coz they can be used to violate
somebody so-called-copyright, er

and I finish with an usual in this cases (translated from russian) -
"The author thanks the alphabet for kindly given letters"

- -- 
Paul P 'Stingray' Komkoff 'Greatest' Jr // (icq)23200764 // (irc)Spacebar
  PPKJ1-RIPE // (smtp)i@stingr.net // (http)stingr.net // (pgp)0xA4B4ECA4
-----BEGIN PGP SIGNATURE-----

iEYEAREDAAYFAjvVBpEACgkQyMW8naS07KRseACbBry5lcKVGXa9juDVoUSjkj1K
S/EAoKQYaf+2wiXpgc8mrMzU+AzHUU+N
=9Qi3
-----END PGP SIGNATURE-----

Re: Linux 2.2.20pre10

[Henning P. Schmiedehausen]

"Richard B. Johnson" <root@chaos.analogic.com> writes:

>I believe that we should have sent a tactical nuclear cruise
>missile to Ben Laden's last known address. We can always apologize
>later. This would put future terrorists on notice that if you

>From this day on I promise to always firmly side with Al Viro. You're
a jerk. You just proved it one time too much.

I'm glad that I have the privilege of living in Europe and that people
like you don't have power in the U.S.

And your company builds bomb scanners? Do they know about your ideas?
Scary if you ask me.

	Henning

-- 
Dipl.-Inf. (Univ.) Henning P. Schmiedehausen       -- Geschaeftsfuehrer
INTERMETA - Gesellschaft fuer Mehrwertdienste mbH     hps@intermeta.de

Am Schwabachgrund 22  Fon.: 09131 / 50654-0   info@intermeta.de
D-91054 Buckenhof     Fax.: 09131 / 50654-20   

Re: Linux 2.2.20pre10

[Alan Cox]

> On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> >    "Until they become conscious they will never rebel, and until after
> >     they have rebelled they cannot become conscious."
> 
> While I've been generally saddened by Alan Cox's and others
> anti-America attitude,  I am somewhat surprised to find that
> Alan believes the US bombing of Afghanistan is justified and so
> is the collateral damage as they call it.

That quote is rather older than the US bombing of Afghanistan. You read 
totally inappropriate things into it. 

Re: Linux 2.2.20pre10

[Steven Walter]

On Mon, Oct 22, 2001 at 09:34:28PM +0100, Alan Cox wrote:
> > On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> > >    "Until they become conscious they will never rebel, and until after
> > >     they have rebelled they cannot become conscious."
> > 
> > While I've been generally saddened by Alan Cox's and others
> > anti-America attitude,  I am somewhat surprised to find that
> > Alan believes the US bombing of Afghanistan is justified and so
> > is the collateral damage as they call it.
> 
> That quote is rather older than the US bombing of Afghanistan. You read 
> totally inappropriate things into it. 

Certainly, it is not.  This statement applies to Afghanistan, in that
the fact that they have not rebelled means they imply consent to
everything their government does, and therefore are just as guilty as
the Taliban.  Therefore, killing civilians (collateral damage) is no
worse than killing terrorists or Taliban officials.  This is a stance I
can easily subscribe to, not just with Afghanistan but with any people,
nation, state, or country.
-- 
-Steven
In a time of universal deceit, telling the truth is a revolutionary act.
			-- George Orwell
Freedom is slavery. Ignorance is strength. War is peace.
			-- George Orwell
Those that would give up a necessary freedom for temporary safety
deserver neither freedom nor safety.
			-- Ben Franklin

Re: Linux 2.2.20pre10

[Mike Fedyk]

On Mon, Oct 22, 2001 at 05:45:02PM -0500, Steven Walter wrote:
> On Mon, Oct 22, 2001 at 09:34:28PM +0100, Alan Cox wrote:
> > > On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> > > >    "Until they become conscious they will never rebel, and until after
> > > >     they have rebelled they cannot become conscious."
> > > 
> > > While I've been generally saddened by Alan Cox's and others
> > > anti-America attitude,  I am somewhat surprised to find that
> > > Alan believes the US bombing of Afghanistan is justified and so
> > > is the collateral damage as they call it.
> > 
> > That quote is rather older than the US bombing of Afghanistan. You read 
> > totally inappropriate things into it. 
> 
> Certainly, it is not.  This statement applies to Afghanistan, in that
> the fact that they have not rebelled means they imply consent to
> everything their government does, and therefore are just as guilty as
> the Taliban.  Therefore, killing civilians (collateral damage) is no
> worse than killing terrorists or Taliban officials.  This is a stance I
> can easily subscribe to, not just with Afghanistan but with any people,
> nation, state, or country.

And how is someone from a forien country going to see just how much or how
little you have rebelled against the DMCA?  We allowed the law to be passed
so now we should take the blame?

Like some have already said, we have politicians that promise one thing, and
do whatever the hell they want after they're in office.  It depends on how
much they stick to their promisses when comes election time in 2-4 years
that determines wheather they stay there...

Re: Linux 2.2.20pre10

[Steven Walter]

On Mon, Oct 22, 2001 at 04:07:49PM -0700, Mike Fedyk wrote:
> On Mon, Oct 22, 2001 at 05:45:02PM -0500, Steven Walter wrote:
> > On Mon, Oct 22, 2001 at 09:34:28PM +0100, Alan Cox wrote:
> > > > On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> > > > >    "Until they become conscious they will never rebel, and until after
> > > > >     they have rebelled they cannot become conscious."
> > > > 
> > > > While I've been generally saddened by Alan Cox's and others
> > > > anti-America attitude,  I am somewhat surprised to find that
> > > > Alan believes the US bombing of Afghanistan is justified and so
> > > > is the collateral damage as they call it.
> > > 
> > > That quote is rather older than the US bombing of Afghanistan. You read 
> > > totally inappropriate things into it. 
> > 
> > Certainly, it is not.  This statement applies to Afghanistan, in that
> > the fact that they have not rebelled means they imply consent to
> > everything their government does, and therefore are just as guilty as
> > the Taliban.  Therefore, killing civilians (collateral damage) is no
> > worse than killing terrorists or Taliban officials.  This is a stance I
> > can easily subscribe to, not just with Afghanistan but with any people,
> > nation, state, or country.
> 
> And how is someone from a forien country going to see just how much or how
> little you have rebelled against the DMCA?  We allowed the law to be passed
> so now we should take the blame?
> 
> Like some have already said, we have politicians that promise one thing, and
> do whatever the hell they want after they're in office.  It depends on how
> much they stick to their promisses when comes election time in 2-4 years
> that determines wheather they stay there...

Eh?  Perhaps it was unclear that I was speaking in a broader sense, thus
being more off-topic than most.  The DMCA is collectively our (U.S.
Citizens') fault.  We must now work to correct it.  Just as the Taliban
is at least partially the Afghan people's fault.  See?
-- 
-Steven
In a time of universal deceit, telling the truth is a revolutionary act.
			-- George Orwell
Freedom is slavery. Ignorance is strength. War is peace.
			-- George Orwell
Those that would give up a necessary freedom for temporary safety
deserver neither freedom nor safety.
			-- Ben Franklin

Re: Linux 2.2.20pre10

[Paul G. Allen]

Mike Fedyk wrote:
> 
> On Mon, Oct 22, 2001 at 05:45:02PM -0500, Steven Walter wrote:
> > On Mon, Oct 22, 2001 at 09:34:28PM +0100, Alan Cox wrote:
> > > > On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> > > > >    "Until they become conscious they will never rebel, and until after
> > > > >     they have rebelled they cannot become conscious."
> > > >
> > > > While I've been generally saddened by Alan Cox's and others
> > > > anti-America attitude,  I am somewhat surprised to find that
> > > > Alan believes the US bombing of Afghanistan is justified and so
> > > > is the collateral damage as they call it.
> > >
> > > That quote is rather older than the US bombing of Afghanistan. You read
> > > totally inappropriate things into it.
> >
> > Certainly, it is not.  This statement applies to Afghanistan, in that
> > the fact that they have not rebelled means they imply consent to
> > everything their government does, and therefore are just as guilty as
> > the Taliban.  Therefore, killing civilians (collateral damage) is no
> > worse than killing terrorists or Taliban officials.  This is a stance I
> > can easily subscribe to, not just with Afghanistan but with any people,
> > nation, state, or country.
> 
> And how is someone from a forien country going to see just how much or how
> little you have rebelled against the DMCA?  We allowed the law to be passed
> so now we should take the blame?

No, "we" did not allow the law to pass. It was passed under our noses and is now being interpreted poorly. The DMCA does not remove our rights under copyright
law as written, but it has removed them as interpreted. The interpretation of the written law is the dangerous thing, not the actual written law. Chances are
the DMCA will stand until the US Supreme Court hears a case and makes the proper decision.

The DMCA and laws like it are meant for one thing: to allow entertainment companies to control what we see/read/hear, how we see/read/hear it, where, and when
we see/read/hear it. Since the networks in this country are run by the very same companies that propose and lobby for these laws, we never hear about them
through these channels. The public at large never has a clue until it's too late. Then we get to suffer until the law is overturned (hopefully).

> 
> Like some have already said, we have politicians that promise one thing, and
> do whatever the hell they want after they're in office.  It depends on how
> much they stick to their promisses when comes election time in 2-4 years
> that determines wheather they stay there...

Politicians are allowed to do as they please by the pundits who continue to vote for them, or not vote at all. It also occurs because the same people can't seem
to realize why politicians do this. Short term limits force them to do what the corporations they represent tell them to so that they'll have a job once they
are no longer politicians. The lame idea that we must allow campaign contributions at all allows these same corporations to easily grease their palms. The
public at large seems to think there are only two political parties and there is no other alternative. And it is extremely rare that anyone knows what the law
really is in any given situation, even though it is easily accessed via library or Internet.

Throw in the ridiculous complacency of most Americans, the programming that tells us "I can't make a difference, so why bother.", the lack of understanding of
how the law really works (and it does work well when people know how it works - been there, done that), and the general "I don't give a damn about my neighbor
or my kids." attitude, and we get what we deserve. What we have is a government run by, and for, corporations, and fewer and fewer freedoms than our
Constitution garnets as a result. Usually the Supreme Court fixes these things in time, but in the mean time we're screwed, blued, and tattooed.

Now, as for the DMCA bad SSSCA as it pertains to those outside the US. The FBI operates outside the US. The US has great influence on many countries. Don't
think for a minute that a law passed here will never, ever effect you in your own country. We all live on the same planet and with this "New World Order" crap
we, more and more, are dependent upon each other. Unless we all work together, ping our own governments and publicly pressure them, things will only get worse.
The saying "You can't fight City Hall." is very true if you do it alone, but if you make a spectacle of them, public pressure will far outweigh corporate or
special interest money.

Note also that the SSSCA will destroy most all GPL software in the US. It will also harm the Internet as a whole in a LARGE way because Apache, OpenSSH, Linux,
etc. will become illegal. Companies such as mine will be forced to find alternative ways to run their network. In case you are not aware, most likely you use
Akamai servers every day when you browse the Internet (we have over 12,000 servers in 53+ countries on over 300 networks). Most of our servers run Linux,
OpenSSH, and Apache/Apache SSL (using OpenSSL), as well as Perl and many, many GPL programs. Take all those away, or impose licensing and other costs on them,
and the Internet is a much different, and more expensive, place. Whether it realizes it or not, the SSSCA will greatly harm the US government itself.

I for one will not submit to the SSSCA and DMCA or any other such law that removes any of my constitutionally guaranteed freedoms. I do not vote for either of
the main parties and have a reputation for bitching and moaning to lawyers, law makers, and other authorities whenever my freedom is threatened. I guess it's in
my blood to do so, considering my ancestors did the same when this country was founded. Would that more Americans did the same.

PGA

-- 
Paul G. Allen
UNIX Admin II/Programmer
Akamai Technologies, Inc.
www.akamai.com
Work: (858)909-3630

Re: Linux 2.2.20pre10

[Nicholas Dronen]

On Mon, Oct 22, 2001 at 05:45:02PM -0500, Steven Walter wrote:
> On Mon, Oct 22, 2001 at 09:34:28PM +0100, Alan Cox wrote:
> > > On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> > > >    "Until they become conscious they will never rebel, and until after
> > > >     they have rebelled they cannot become conscious."
> > > 
> > > While I've been generally saddened by Alan Cox's and others
> > > anti-America attitude,  I am somewhat surprised to find that
> > > Alan believes the US bombing of Afghanistan is justified and so
> > > is the collateral damage as they call it.
> > 
> > That quote is rather older than the US bombing of Afghanistan. You read 
> > totally inappropriate things into it. 
> 
> Certainly, it is not.  This statement applies to Afghanistan, in that
> the fact that they have not rebelled means they imply consent to
> everything their government does, and therefore are just as guilty as
> the Taliban.  Therefore, killing civilians (collateral damage) is no
> worse than killing terrorists or Taliban officials.  This is a stance I
> can easily subscribe to, not just with Afghanistan but with any people,
> nation, state, or country.

Rather, they have not rebelled *successfully*.  The country
is in civil war.  The Taliban are not regarded as a legitimate
government.  Until shortly after 9/11, only three governments
recognized the Taliban diplomatically -- the Wahhabist Saudi
Arabia, the militarist Pakistan and the United Arab Emirates.
(The standing representative of Afghanistan in the United Nations
is *not* of the Taliban.)

Finally, Afghani women have risked their lives and been beaten and
killed for their protests and activities.

	http://www.rawa.org/

I witnessed a film just this weekend of an Afghani woman being
shot to death by a member of the Taliban.  The film was taken
by a woman who herself risked her life by carrying a video camera
under her clothing.

So, infer what you will about Mr. Cox's statement, but don't
breezily justify the death of innocent civilians (Afghani or
otherwise) in part by disregarding such all-too-inconvenient
details.

Regards,

Nicholas Dronen

Re: Linux 2.2.20pre10

[Jonathan Lundell]

At 5:45 PM -0500 10/22/01, Steven Walter wrote:
>On Mon, Oct 22, 2001 at 09:34:28PM +0100, Alan Cox wrote:
>>  > On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
>>  > >    "Until they become conscious they will never rebel, and until after
>>  > >     they have rebelled they cannot become conscious."
>>  >
>>  > While I've been generally saddened by Alan Cox's and others
>>  > anti-America attitude,  I am somewhat surprised to find that
>>  > Alan believes the US bombing of Afghanistan is justified and so
>>  > is the collateral damage as they call it.
>>
>>  That quote is rather older than the US bombing of Afghanistan. You read
>>  totally inappropriate things into it.
>
>Certainly, it is not.  This statement applies to Afghanistan, in that
>the fact that they have not rebelled means they imply consent to
>everything their government does, and therefore are just as guilty as
>the Taliban.  Therefore, killing civilians (collateral damage) is no
>worse than killing terrorists or Taliban officials.  This is a stance I
>can easily subscribe to, not just with Afghanistan but with any people,
>nation, state, or country.

That seems like a willful misreading of the original. Where did you 
get "consent"? Alan suggests that non-rebellion implies lack of 
consciousness, which doesn't imply consent.

-- 
/Jonathan Lundell.

Re: Linux 2.2.20pre10

[Steven Walter]

On Mon, Oct 22, 2001 at 04:39:02PM -0700, Jonathan Lundell wrote:
> >>  > >    "Until they become conscious they will never rebel, and until after
> >>  > >     they have rebelled they cannot become conscious."
> >>  >
> >>  > While I've been generally saddened by Alan Cox's and others
> >>  > anti-America attitude,  I am somewhat surprised to find that
> >>  > Alan believes the US bombing of Afghanistan is justified and so
> >>  > is the collateral damage as they call it.
> >>
> >>  That quote is rather older than the US bombing of Afghanistan. You read
> >>  totally inappropriate things into it.
> >
> >Certainly, it is not.  This statement applies to Afghanistan, in that
> >the fact that they have not rebelled means they imply consent to
> >everything their government does, and therefore are just as guilty as
> >the Taliban.  Therefore, killing civilians (collateral damage) is no
> >worse than killing terrorists or Taliban officials.  This is a stance I
> >can easily subscribe to, not just with Afghanistan but with any people,
> >nation, state, or country.
> 
> That seems like a willful misreading of the original. Where did you 
> get "consent"? Alan suggests that non-rebellion implies lack of 
> consciousness, which doesn't imply consent.

Seems like, but isn't.  It's every citizen's responsibility to be aware
of the matters concerning the State.  If they aren't, then again it is
their own fault.
-- 
-Steven
In a time of universal deceit, telling the truth is a revolutionary act.
			-- George Orwell
Freedom is slavery. Ignorance is strength. War is peace.
			-- George Orwell
Those that would give up a necessary freedom for temporary safety
deserver neither freedom nor safety.
			-- Ben Franklin

Re: Linux 2.2.20pre10

[Jeff Golds]

Steven Walter wrote:
> 
> On Mon, Oct 22, 2001 at 04:39:02PM -0700, Jonathan Lundell wrote:
> > >>  > >    "Until they become conscious they will never rebel, and until after
> > >>  > >     they have rebelled they cannot become conscious."
> > >>  >
> > >>  > While I've been generally saddened by Alan Cox's and others
> > >>  > anti-America attitude,  I am somewhat surprised to find that
> > >>  > Alan believes the US bombing of Afghanistan is justified and so
> > >>  > is the collateral damage as they call it.
> > >>
> > >>  That quote is rather older than the US bombing of Afghanistan. You read
> > >>  totally inappropriate things into it.
> > >
> > >Certainly, it is not.  This statement applies to Afghanistan, in that
> > >the fact that they have not rebelled means they imply consent to
> > >everything their government does, and therefore are just as guilty as
> > >the Taliban.  Therefore, killing civilians (collateral damage) is no
> > >worse than killing terrorists or Taliban officials.  This is a stance I
> > >can easily subscribe to, not just with Afghanistan but with any people,
> > >nation, state, or country.
> >
> > That seems like a willful misreading of the original. Where did you
> > get "consent"? Alan suggests that non-rebellion implies lack of
> > consciousness, which doesn't imply consent.
> 
> Seems like, but isn't.  It's every citizen's responsibility to be aware
> of the matters concerning the State.  If they aren't, then again it is
> their own fault.

That might be true in a democracy, but what do you do when you don't
live in such a place?  What if your government was not democractic but
"whoever has the most guns".  Are you saying that people who don't rebel
against people with guns are consenting?

Also, how can "every citizen be aware of the matters concerning the
State" when you live in a society where the State controls the media?

-Jeff

-- 
Jeff Golds
Sr. Software Engineer
jgolds@resilience.com

Re: Linux 2.2.20pre10

[Steven Walter]

On Mon, Oct 22, 2001 at 06:01:02PM -0700, Jeff Golds wrote:
> > > >>  > >    "Until they become conscious they will never rebel, and until after
> > > >>  > >     they have rebelled they cannot become conscious."
> > > >>  >
> > > >>  > While I've been generally saddened by Alan Cox's and others
> > > >>  > anti-America attitude,  I am somewhat surprised to find that
> > > >>  > Alan believes the US bombing of Afghanistan is justified and so
> > > >>  > is the collateral damage as they call it.
> > > >>
> > > >>  That quote is rather older than the US bombing of Afghanistan. You read
> > > >>  totally inappropriate things into it.
> > > >
> > > >Certainly, it is not.  This statement applies to Afghanistan, in that
> > > >the fact that they have not rebelled means they imply consent to
> > > >everything their government does, and therefore are just as guilty as
> > > >the Taliban.  Therefore, killing civilians (collateral damage) is no
> > > >worse than killing terrorists or Taliban officials.  This is a stance I
> > > >can easily subscribe to, not just with Afghanistan but with any people,
> > > >nation, state, or country.
> > >
> > > That seems like a willful misreading of the original. Where did you
> > > get "consent"? Alan suggests that non-rebellion implies lack of
> > > consciousness, which doesn't imply consent.
> > 
> > Seems like, but isn't.  It's every citizen's responsibility to be aware
> > of the matters concerning the State.  If they aren't, then again it is
> > their own fault.
> 
> That might be true in a democracy, but what do you do when you don't
> live in such a place?  What if your government was not democractic but
> "whoever has the most guns".  Are you saying that people who don't rebel
> against people with guns are consenting?

Of course.  It's naturally understandable that they don't rebel, but
that's the case, at least.  Democratic society did not spring overnight.
It was hard won through centuries of standing up against 'the people
with guns,' even if the people with guns had swords, bows and arrows,
cannons, rifles, etc., instead.

> Also, how can "every citizen be aware of the matters concerning the
> State" when you live in a society where the State controls the media?

Again, see above.  Others have managed it.  No one is saying its easy,
only possible.

And again, I don't hold the fact that the unarmed Afghans don't rebel
against them.  As I said it's completely understandable.  I don't think
they deserve to be killed.  I'm only saying that a good argument can be
made that they are completely responsible for their government, directly
or indirectly.
-- 
-Steven
In a time of universal deceit, telling the truth is a revolutionary act.
			-- George Orwell
Freedom is slavery. Ignorance is strength. War is peace.
			-- George Orwell
Those that would give up a necessary freedom for temporary safety
deserver neither freedom nor safety.
			-- Ben Franklin

Re: Linux 2.2.20pre10

[Jonathan Lundell]

At 6:47 PM -0500 10/22/01, Steven Walter wrote:
>  > That seems like a willful misreading of the original. Where did you
>>  get "consent"? Alan suggests that non-rebellion implies lack of
>>  consciousness, which doesn't imply consent.
>
>Seems like, but isn't.  It's every citizen's responsibility to be aware
>of the matters concerning the State.  If they aren't, then again it is
>their own fault.

I don't quarrel with the fact that you assert that. However, it does 
not follow from Alan's statement.

And if non-rebellion by a citizenry against immoral behavior by its 
government justifies the slaughter of that citizenry, then, to quote 
Jefferson in a slightly different context, " Indeed I tremble for my 
country when I reflect that God is just, that his justice cannot 
sleep forever."
-- 
/Jonathan Lundell.

Re: Linux 2.2.20pre10

[Steven Walter]

On Mon, Oct 22, 2001 at 04:58:48PM -0700, Jonathan Lundell wrote:
> At 6:47 PM -0500 10/22/01, Steven Walter wrote:
> >  > That seems like a willful misreading of the original. Where did you
> >>  get "consent"? Alan suggests that non-rebellion implies lack of
> >>  consciousness, which doesn't imply consent.
> >
> >Seems like, but isn't.  It's every citizen's responsibility to be aware
> >of the matters concerning the State.  If they aren't, then again it is
> >their own fault.
> 
> I don't quarrel with the fact that you assert that. However, it does 
> not follow from Alan's statement.

My logic is that a lack of rebellion implies consent.  If you don't
rebel against it, then you must agree with it.  If you don't agree with it,
then you must rebel against it.  Is there a flaw in that logic?  Surely,
there are degrees to it, i.e., you disagree, but not enough to be
killed.  However, in what is practically the scenario now (either
they're are killed by the Taliban for disagreeing or killed by Americans
for agreeing), it only makes sense to align yourself with the same side
as your heart.

> And if non-rebellion by a citizenry against immoral behavior by its 
> government justifies the slaughter of that citizenry, then, to quote 
> Jefferson in a slightly different context, " Indeed I tremble for my 
> country when I reflect that God is just, that his justice cannot 
> sleep forever."
> -- 
> /Jonathan Lundell.

-- 
-Steven
In a time of universal deceit, telling the truth is a revolutionary act.
			-- George Orwell
Freedom is slavery. Ignorance is strength. War is peace.
			-- George Orwell
Those that would give up a necessary freedom for temporary safety
deserver neither freedom nor safety.
			-- Ben Franklin

Re: Linux 2.2.20pre10

[David Ford]

I assume since you are using Sklyarov as an example that you fully 
intend to prevent Linus from getting such information as well?

This reaction is ludicrous.

Instead of helping US people, now the US people are fighting both US 
politicians and their own camp of code developers.

David

Alan Cox wrote:

>>Putting pressure on US people to have them influence their
>>legislation? Aka. every people have the rulers they deserve? Won't work
>>out.
>>
>
>   "Until they become conscious they will never rebel, and until after
>    they have rebelled they cannot become conscious."
>
>>Seriously, are you kidding?
>>
>
>The current interpretation of the DMCA is as lunatic as it sounds. With luck
>the Sklyarov case will see that overturned on constitutional grounds. Until
>then US citizens will have to guess about security issues.
>
>Alan
>

Re: Linux 2.2.20pre10

[Alan Cox]

> This reaction is ludicrous.
> 
> Instead of helping US people, now the US people are fighting both US 
> politicians and their own camp of code developers.

I dont see why I should risk 5 years in a US jail. Not my problem.
Fortunately the major vendors kernel development teams are all non US based.

Alan

Re: Linux 2.2.20pre10

[Mike Fedyk]

On Tue, Oct 23, 2001 at 12:15:00AM +0100, Alan Cox wrote:
> > This reaction is ludicrous.
> > 
> > Instead of helping US people, now the US people are fighting both US 
> > politicians and their own camp of code developers.
> 
> I dont see why I should risk 5 years in a US jail. Not my problem.
> Fortunately the major vendors kernel development teams are all non US based.
> 

You still didn't answer the qustion of wheather you are going to give
descriptions to Linus in the US of A...

Re: Linux 2.2.20pre10

[D. Stimits]

David Ford wrote:
> 
> I assume since you are using Sklyarov as an example that you fully
> intend to prevent Linus from getting such information as well?
> 
> This reaction is ludicrous.
> 
> Instead of helping US people, now the US people are fighting both US
> politicians and their own camp of code developers.

And there is the real danger of terrorism. Someone once wrote a book
(called "The Art of War") that describes it. It's the realm of "divide
and conquer". It brings a lot of people together to finally agree on
things when they wouldn't even talk to each other. But it also brings
together the "bad" things. These laws are dangerous because they add to
the terrorist concept of divide and conquer, only now we're sponsoring
it against ourselves, and companies like Disney and much of the
entertainment industry finds it profitable to join the momentum, it's
profitable for them.

D. Stimits, stimits@idcomm.com

> 
> David
> 
> Alan Cox wrote:
> 
> >>Putting pressure on US people to have them influence their
> >>legislation? Aka. every people have the rulers they deserve? Won't work
> >>out.
> >>
> >
> >   "Until they become conscious they will never rebel, and until after
> >    they have rebelled they cannot become conscious."
> >
> >>Seriously, are you kidding?
> >>
> >
> >The current interpretation of the DMCA is as lunatic as it sounds. With luck
> >the Sklyarov case will see that overturned on constitutional grounds. Until
> >then US citizens will have to guess about security issues.
> >
> >Alan
> >
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Sam Vilain]

On Mon, 22 Oct 2001 12:27:22 -0700
brian@worldcontrol.com wrote:

> On Mon, Oct 22, 2001 at 01:29:14PM +0100, Alan Cox wrote:
> >    "Until they become conscious they will never rebel, and until after
> >     they have rebelled they cannot become conscious."
> While I've been generally saddened by Alan Cox's and others
> anti-America attitude,  I am somewhat surprised to find that
> Alan believes the US bombing of Afghanistan is justified and so
> is the collateral damage as they call it.

*plonk*

Re: Linux 2.2.20pre10

[bert hubert]

On Mon, Oct 22, 2001 at 12:55:12PM +0100, Alan Cox wrote:
> > Are you saying that we can't divulge security problems in our own software
> > anymore for fear of being sued by affected parties?
> 
> Not even affected parties - the government can do it too without anyone else
> and indeed even if their are contractual agreements between parties
> permitting the data to be released..

This is getting daft in a hurry.

> I hope to have the security stuff up on a non US citizen accessible site in
> time for 2.2.20 final

This would then presumably lead to password protected access for US kernel
developers that need to know? And some kind of NDA?

'IANAL', and neither are you, are you sure this sillyness is necessary?

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
Trilab                                 The Technology People
Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

Re: Linux 2.2.20pre10

[Alan Cox]

> This would then presumably lead to password protected access for US kernel
> developers that need to know? And some kind of NDA?

US kernel developers cannot be told. Period.

> 'IANAL', and neither are you, are you sure this sillyness is necessary?

Its based directly on legal opinion.

Re: Linux 2.2.20pre10

[bert hubert]

On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > This would then presumably lead to password protected access for US kernel
> > developers that need to know? And some kind of NDA?
> 
> US kernel developers cannot be told. Period.
(...)
> Its based directly on legal opinion.

Then I suggest we leave this planet.

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
Trilab                                 The Technology People
Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, bert hubert wrote:
> On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > > This would then presumably lead to password protected access for US kernel
> > > developers that need to know? And some kind of NDA?
> >
> > US kernel developers cannot be told. Period.
> (...)
> > Its based directly on legal opinion.
>
> Then I suggest we leave this planet.

You suggest we're leaving for The Free World(tm) ? ;)

Btw, does anybody know how to setup HTML click-through
licences ?  ;)  [mmm, need to learn more non-kernel stuff]

cheers,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Horst von Brand]

bert hubert <ahu@ds9a.nl> said:
> On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > > This would then presumably lead to password protected access for US kernel
> > > developers that need to know? And some kind of NDA?
> > 
> > US kernel developers cannot be told. Period.
> (...)
> > Its based directly on legal opinion.

> Then I suggest we leave this planet.

I'd expected an "all the world is USA" delusion from an US citizen, not
from somebody in .nl...
-- 
Dr. Horst H. von Brand                Usuario #22616 counter.li.org
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513

Re: Linux 2.2.20pre10

[Dan Hollis]

On Mon, 22 Oct 2001, Horst von Brand wrote:
> bert hubert <ahu@ds9a.nl> said:
> > Then I suggest we leave this planet.
> I'd expected an "all the world is USA" delusion from an US citizen, not
> from somebody in .nl...

The MPAA abducted a norwegian child using police armed with assault
weapons. Alan and other non-us citizens certainly have reason to be
concerned.

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]

Re: Linux 2.2.20pre10

[D. Stimits]

Horst von Brand wrote:
> 
> bert hubert <ahu@ds9a.nl> said:
> > On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > > > This would then presumably lead to password protected access for US kernel
> > > > developers that need to know? And some kind of NDA?
> > >
> > > US kernel developers cannot be told. Period.
> > (...)
> > > Its based directly on legal opinion.
> 
> > Then I suggest we leave this planet.
> 
> I'd expected an "all the world is USA" delusion from an US citizen, not
> from somebody in .nl...

Racist and prejudiced opinions though are found everywhere. Stereotypes
and arrogance know no boundaries. You mistake being a US citizen with
being a puppet.

D. Stimits, stimits@idcomm.com

> --
> Dr. Horst H. von Brand                Usuario #22616 counter.li.org
> Departamento de Informatica                     Fono: +56 32 654431
> Universidad Tecnica Federico Santa Maria              +56 32 654239
> Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Dan Hollis]

On Mon, 22 Oct 2001, bert hubert wrote:
> On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > > This would then presumably lead to password protected access for US kernel
> > > developers that need to know? And some kind of NDA?
> > US kernel developers cannot be told. Period.
> (...)
> > Its based directly on legal opinion.
> Then I suggest we leave this planet.

What, Heavens Gate style?

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]

Re: Linux 2.2.20pre10

[D. Stimits]

bert hubert wrote:
> 
> On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > > This would then presumably lead to password protected access for US kernel
> > > developers that need to know? And some kind of NDA?
> >
> > US kernel developers cannot be told. Period.
> (...)
> > Its based directly on legal opinion.
> 
> Then I suggest we leave this planet.

If I could leave I would.

FYI, I am one of those USA people that wrote to Senator Hollings and
others about this new SSSCA stuff, asking him why he wanted to destroy
economic interests (e.g., IBM's), along with showing his utter contempt
for the Constitution of the USA. He'll just killfile it, it isn't what
he wants to hear, he's a child with a loaded gun.
http://www.newsforge.com/article.pl?sid=01/10/19/1546246&mode=thread

D. Stimits, stimits@idcomm.com

> 
> --
> http://www.PowerDNS.com          Versatile DNS Software & Services
> Trilab                                 The Technology People
> Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
> 'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Roger Gammans]

On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > This would then presumably lead to password protected access for US kernel
> > developers that need to know? And some kind of NDA?
> 
> US kernel developers cannot be told. Period.

Huh, US resident or US citizens?

If US resident , does that mean we can't send security patches to 
Linus. 

*shakes head*

TTFN
-- 
Roger.
	ashes and diamond,
	foe and friend,
	we _are_ all equal in the end. -- Pink Floyd 

Re: Linux 2.2.20pre10

[bert hubert]

On Mon, Oct 22, 2001 at 02:07:03PM +0100, Roger Gammans wrote:
> On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > > This would then presumably lead to password protected access for US kernel
> > > developers that need to know? And some kind of NDA?
> > 
> > US kernel developers cannot be told. Period.
> 
> Huh, US resident or US citizens?
> 
> If US resident , does that mean we can't send security patches to 
> Linus. 

You can send him the patch. It appears you cannot tell him which
vulnerability it fixes.

That is, unless the 'code = speech' people have succeded in setting enough
precedent, in which case even 'code' may become a 'circumvention device'! 

I am not a lawyer though, but at this point logic seems so far away that
anything appears possible.

Regards,

bert

-- 
http://www.PowerDNS.com          Versatile DNS Software & Services
Trilab                                 The Technology People
Netherlabs BV / Rent-a-Nerd.nl           - Nerd Available -
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet

Re: Linux 2.2.20pre10

[David Lang]

and how can you dare send the source code or patches to the US in that
case, it's the same info in a different form.

David Lang

On Mon, 22 Oct 2001, Roger Gammans wrote:

> Date: Mon, 22 Oct 2001 14:07:03 +0100
> From: Roger Gammans <roger@computer-surgery.co.uk>
> Reply-To: rgammans@computer-surgery.co.uk
> To: linux-kernel@vger.kernel.org
> Subject: Re: Linux 2.2.20pre10
>
> On Mon, Oct 22, 2001 at 01:30:00PM +0100, Alan Cox wrote:
> > > This would then presumably lead to password protected access for US kernel
> > > developers that need to know? And some kind of NDA?
> >
> > US kernel developers cannot be told. Period.
>
> Huh, US resident or US citizens?
>
> If US resident , does that mean we can't send security patches to
> Linus.
>
> *shakes head*
>
> TTFN
> --
> Roger.
> 	ashes and diamond,
> 	foe and friend,
> 	we _are_ all equal in the end. -- Pink Floyd
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>

Re: Linux 2.2.20pre10

[Danny ter Haar]

Alan Cox  <alan@lxorguk.ukuu.org.uk> wrote:
>US kernel developers cannot be told. Period.

Are you looking for non-us webspace ?
I'm willing to letyou have full access to www.bzimage.org if 
needed.

Let me know.

Danny

Re: Linux 2.2.20pre10

[bill davidsen]

In article <E15veDQ-0001nl-00@the-village.bc.nu>
alan@lxorguk.ukuu.org.uk wrote:
| > This would then presumably lead to password protected access for US kernel
| > developers that need to know? And some kind of NDA?
| 
| US kernel developers cannot be told. Period.
| 
| > 'IANAL', and neither are you, are you sure this sillyness is necessary?
| 
| Its based directly on legal opinion.

  And who will be maintaining the world and us-castrated kernel source?
I can't imagine anything worse for the security of this country than not
allow computer users access to security issues.

-- 
bill davidsen <davidsen@tmr.com>
  His first management concern is not solving the problem, but covering
his ass. If he lived in the middle ages he'd wear his codpiece backward.

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, bill davidsen wrote:

>   And who will be maintaining the world and us-castrated kernel
> source? I can't imagine anything worse for the security of this
> country than not allow computer users access to security issues.

Don't worry, there are more than enough kernel hackers
outside of the US to keep maintaining the kernel.

The worst that could happen is that the US cripples
itself by not allowing the kernel hackers outside the
US to publish security info to people in the US, but
only to the rest of the world.

That's tough, they're a democratic country, they can
change the law if it hurts them too much.

cheers,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/  (volunteers needed)

http://www.surriel.com/		http://distro.conectiva.com/

Re: Linux 2.2.20pre10

[Nick LeRoy]

On Monday 22 October 2001 11:34, Rik van Riel wrote:
> On Mon, 22 Oct 2001, bill davidsen wrote:
> >   And who will be maintaining the world and us-castrated kernel
> > source? I can't imagine anything worse for the security of this
> > country than not allow computer users access to security issues.
>
> Don't worry, there are more than enough kernel hackers
> outside of the US to keep maintaining the kernel.
>
> The worst that could happen is that the US cripples
> itself by not allowing the kernel hackers outside the
> US to publish security info to people in the US, but
> only to the rest of the world.
>
> That's tough, they're a democratic country, they can
> change the law if it hurts them too much.

Rik...

I *wish* it were that simple.  If you don't think that a least some of us 
*try*, you're kidding yourself.  The real problem, IMHO, is that the 
electorate of our country no longer has any real power or control over the 
government -- it's the corporations that do.  Money talks, so the saying 
goes.  He who has the gold makes the rules.

So, please don't punish all of us for the acts of our corrupt system.  We 
just try to make it better in whatever ways we can.  FWIW, the ACLU, EEF, 
etc. are our best hope for a free society.

Thanks

-Nick

Re: Linux 2.2.20pre10

[D. Stimits]

Nick LeRoy wrote:
> 
> On Monday 22 October 2001 11:34, Rik van Riel wrote:
> > On Mon, 22 Oct 2001, bill davidsen wrote:
> > >   And who will be maintaining the world and us-castrated kernel
> > > source? I can't imagine anything worse for the security of this
> > > country than not allow computer users access to security issues.
> >
> > Don't worry, there are more than enough kernel hackers
> > outside of the US to keep maintaining the kernel.
> >
> > The worst that could happen is that the US cripples
> > itself by not allowing the kernel hackers outside the
> > US to publish security info to people in the US, but
> > only to the rest of the world.
> >
> > That's tough, they're a democratic country, they can
> > change the law if it hurts them too much.
> 
> Rik...
> 
> I *wish* it were that simple.  If you don't think that a least some of us
> *try*, you're kidding yourself.  The real problem, IMHO, is that the
> electorate of our country no longer has any real power or control over the
> government -- it's the corporations that do.  Money talks, so the saying
> goes.  He who has the gold makes the rules.
> 
> So, please don't punish all of us for the acts of our corrupt system.  We
> just try to make it better in whatever ways we can.  FWIW, the ACLU, EEF,
> etc. are our best hope for a free society.

In one location, I see senator Hollings listed as party
"Democrat-Disney". Disney is another spot to boycott, they are trying to
have Linux and open source o/s's declared illegal to even touch
copyright media...not as a web server, a home machine, or anything (say
bye to IBM's Linux efforts). I think the vote for this killer SSSCA is
somewhere around the 25th of this month, so you better hurry.

D. Stimits, stimits@idcomm.com

(PS: I always suspected Mickey Mouse was a member of the Taliban)

> 
> Thanks
> 
> -Nick
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Doug McNaught]

"D. Stimits" <stimits@idcomm.com> writes:

> In one location, I see senator Hollings listed as party
> "Democrat-Disney". Disney is another spot to boycott, they are trying to
> have Linux and open source o/s's declared illegal to even touch
> copyright media...not as a web server, a home machine, or anything (say
> bye to IBM's Linux efforts). I think the vote for this killer SSSCA is
> somewhere around the 25th of this month, so you better hurry.

Committee hearings, not a vote.

-Doug
-- 
Let us cross over the river, and rest under the shade of the trees.
   --T. J. Jackson, 1863

Re: Linux 2.2.20pre10

[D. Stimits]

Doug McNaught wrote:
> 
> "D. Stimits" <stimits@idcomm.com> writes:
> 
> > In one location, I see senator Hollings listed as party
> > "Democrat-Disney". Disney is another spot to boycott, they are trying to
> > have Linux and open source o/s's declared illegal to even touch
> > copyright media...not as a web server, a home machine, or anything (say
> > bye to IBM's Linux efforts). I think the vote for this killer SSSCA is
> > somewhere around the 25th of this month, so you better hurry.
> 
> Committee hearings, not a vote.

Even better...as much influence against Disney and politicians that
support SSSCA should be put in as soon as possible. Would you rather
have your input a few days before a final vote, or while minds could
still be open? SSSCA is more dangerous than the Taliban, all the Taliban
can kill are people...SSSCA can kill more than that.

D. Stimits, stimits@idcomm.com

> 
> -Doug
> --
> Let us cross over the river, and rest under the shade of the trees.
>    --T. J. Jackson, 1863
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Luigi Genoni]

That means USA are not a democracy anymore, but a elegible oligarcy!
that is exactly what you wrote!

If it is so, stop to call you a democracy.
but, untill USA citizens call USA a democracy, and they
go to vote, people have the power to change things. Real problem is
INFORMATION!
Alan is right with what he is doing. But we should do something so that
ALL USA citizens will be informed!!!

Luigi


On Mon, 22 Oct 2001, Nick LeRoy wrote:

>
> I *wish* it were that simple.  If you don't think that a least some of us
> *try*, you're kidding yourself.  The real problem, IMHO, is that the
> electorate of our country no longer has any real power or control over the
> government -- it's the corporations that do.  Money talks, so the saying
> goes.  He who has the gold makes the rules.
>
> So, please don't punish all of us for the acts of our corrupt system.  We
> just try to make it better in whatever ways we can.  FWIW, the ACLU, EEF,
> etc. are our best hope for a free society.
>
> Thanks
>
> -Nick
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>

Re: Linux 2.2.20pre10

[D. Stimits]

Luigi Genoni wrote:
> 
> That means USA are not a democracy anymore, but a elegible oligarcy!
> that is exactly what you wrote!
> 
> If it is so, stop to call you a democracy.
> but, untill USA citizens call USA a democracy, and they
> go to vote, people have the power to change things. Real problem is
> INFORMATION!
> Alan is right with what he is doing. But we should do something so that
> ALL USA citizens will be informed!!!

Who told you the USA was a democracy? Never has, never will be. It is a
democratic republic. ENORMOUS difference.

I consider it supportive that someone outside the USA is "drawing the
line". The buck has to stop somewhere. The sooner the s*it hits the fan,
the better. The damage caused by excess corporate influence is one place
that needs a line drawn, and politicians willing to join in creating
collateral damage against their own people in some demented and wrong
idea of real security is another ("hey, son, you have a wart on that
finger, better amputate the arm").

D. Stimits, stimits@idcomm.com

> 
> Luigi
> 
> On Mon, 22 Oct 2001, Nick LeRoy wrote:
> 
> >
> > I *wish* it were that simple.  If you don't think that a least some of us
> > *try*, you're kidding yourself.  The real problem, IMHO, is that the
> > electorate of our country no longer has any real power or control over the
> > government -- it's the corporations that do.  Money talks, so the saying
> > goes.  He who has the gold makes the rules.
> >
> > So, please don't punish all of us for the acts of our corrupt system.  We
> > just try to make it better in whatever ways we can.  FWIW, the ACLU, EEF,
> > etc. are our best hope for a free society.
> >
> > Thanks
> >
> > -Nick
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > Please read the FAQ at  http://www.tux.org/lkml/
> >
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Luigi Genoni]

On Mon, 22 Oct 2001, D. Stimits wrote:

> Luigi Genoni wrote:
> >
> > That means USA are not a democracy anymore, but a elegible oligarcy!
> > that is exactly what you wrote!
> >
> > If it is so, stop to call you a democracy.
> > but, untill USA citizens call USA a democracy, and they
> > go to vote, people have the power to change things. Real problem is
> > INFORMATION!
> > Alan is right with what he is doing. But we should do something so that
> > ALL USA citizens will be informed!!!
>
> Who told you the USA was a democracy? Never has, never will be. It is a
> democratic republic. ENORMOUS difference.
sorry for bad english. I was refering to greek meaning ot the work
democratia, that implies, of course, a democratic republic way of
government, because citizens are too many for direct cratia, do they need
a way to get an indirect cratia.
>
> I consider it supportive that someone outside the USA is "drawing the
> line". The buck has to stop somewhere. The sooner the s*it hits the fan,
> the better. The damage caused by excess corporate influence is one place
> that needs a line drawn, and politicians willing to join in creating
> collateral damage against their own people in some demented and wrong
> idea of real security is another ("hey, son, you have a wart on that
> finger, better amputate the arm").
>
agreed

Luigi

Re: Linux 2.2.20pre10

[Michael Rothwell]

> If it is so, stop to call you a democracy.

Okay, call us a Republic instead. ;)

Re: Linux 2.2.20pre10

[Gregory Ade]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 22 Oct 2001, Rik van Riel wrote:

> That's tough, they're a democratic country, they can
> change the law if it hurts them too much.

No, it's a Republic.  More specifically, a representative democracy, which
means that we're at the mercy of the people we've given license to
represent us.  They make all sorts of promises to get in office, and then
go do their own damn thing anyway.

Unfortunately, the people I vote for never make it in to office, but
that's fodder for an entirely off-topic debate (flamewar?) on American
Politics.  But, because I at least voted, I reserve the right to bitch
about what the people in office are doing. =)

I've written my representatives and voiced my opinions, but apparently
I'm of such a small minority that I think I'm being ignored.

- -- 
Gregory K. Ade <gkade@unnerving.org>
http://unnerving.org/~gkade
OpenPGP Key ID: EAF4844B  keyserver: pgpkeys.mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE71HoGeQUEYOr0hEsRAuf1AKCEwe84VvLtomt1KYvSRWMIQCozhQCfZHrM
WjIEixxaffGjwl6aecjHxew=
=wkYl
-----END PGP SIGNATURE-----

Re: Linux 2.2.20pre10

[Jussi Laako]

Rik van Riel wrote:
> 
> The worst that could happen is that the US cripples
> itself by not allowing the kernel hackers outside the
> US to publish security info to people in the US, but
> only to the rest of the world.

Unless they pressure foreign governments to make similar laws as we have
seen with Wassenaar arrangement and few other cases...


	- Jussi Laako

-- 
PGP key fingerprint: 161D 6FED 6A92 39E2 EB5B  39DD A4DE 63EB C216 1E4B
Available at PGP keyservers

Re: Linux 2.2.20pre10

[Bill Davidsen]

On Mon, 22 Oct 2001, Rik van Riel wrote:

> On Mon, 22 Oct 2001, bill davidsen wrote:
> 
> >   And who will be maintaining the world and us-castrated kernel
> > source? I can't imagine anything worse for the security of this
> > country than not allow computer users access to security issues.
> 
> Don't worry, there are more than enough kernel hackers
> outside of the US to keep maintaining the kernel.

Last I heard Linus was in the USA, his not being able to participate in
security discussions worries me very much. Ditto Redhat and IBM.

-- 
bill davidsen <davidsen@tmr.com>
  CTO, TMR Associates, Inc
Doing interesting things with little computers since 1979.

Re: Linux 2.2.20pre10

[Dan Hollis]

On Mon, 22 Oct 2001, Bill Davidsen wrote:
> Last I heard Linus was in the USA, his not being able to participate in
> security discussions worries me very much. Ditto Redhat and IBM.

I wonder if Linus has an exit-usa plan in case the SSSCA passes.
If the SSSCA does pass, Linus would be in extreme danger.

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]

Re: Linux 2.2.20pre10

[Tony Hoyle]

In the ancient scrolls of Usenet, page
<Pine.LNX.4.30.0110221508450.19190-100000@anime.net>, "Dan Hollis"
<goemon@anime.net> spake thus:

> On Mon, 22 Oct 2001, Bill Davidsen wrote:
>> Last I heard Linus was in the USA, his not being able to participate in
>> security discussions worries me very much. Ditto Redhat and IBM.
> 
> I wonder if Linus has an exit-usa plan in case the SSSCA passes. If the
> SSSCA does pass, Linus would be in extreme danger.

It wouldn't surprise me if half of silicon valley had an exit plan...
The fallout will be fun to watch from 3000 miles away :-)

Tony

-- 
"Only wimps use tape backup: _real_ men just upload their important stuff on
 ftp, and let the rest of the world mirror it ;)"  -- Linus Torvalds

tmh@nothing-on.tv	http://www.nothing-on.tv

Re: Linux 2.2.20pre10

[Nick LeRoy]

On Monday 22 October 2001 17:16, Tony Hoyle wrote:
> In the ancient scrolls of Usenet, page
> <Pine.LNX.4.30.0110221508450.19190-100000@anime.net>, "Dan Hollis"
>
> <goemon@anime.net> spake thus:
> > On Mon, 22 Oct 2001, Bill Davidsen wrote:
> >> Last I heard Linus was in the USA, his not being able to participate in
> >> security discussions worries me very much. Ditto Redhat and IBM.
> >
> > I wonder if Linus has an exit-usa plan in case the SSSCA passes. If the
> > SSSCA does pass, Linus would be in extreme danger.
>
> It wouldn't surprise me if half of silicon valley had an exit plan...
> The fallout will be fun to watch from 3000 miles away :-)
>
> Tony

I'm not sure if anybody else has heard this yet, but apparently a number of 
big software corps, including M$ & IBM have come out AGAINST the SSSCA.  This 
is good news.

http://linuxtoday.com/news_story.php3?ltsn=2001-10-23-008-20-NW-BZ-LL

-Nick

Re: Linux 2.2.20pre10

[Alan Cox]

>   And who will be maintaining the world and us-castrated kernel source?

Im not aware of any probl;ems distributing fixed source

> I can't imagine anything worse for the security of this country than not
> allow computer users access to security issues.

As it stands I cannot legally advise the US security services about Linux 
security issues. Normally I'd find this excruciatingly funny but in the
current circumstances its rather less humourous.

Alan

Re: Linux 2.2.20pre10

[Greg Hennessy]

In article <E15viGk-0002Xu-00@the-village.bc.nu>,
Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
> As it stands I cannot legally advise the US security services about Linux 
> security issues. Normally I'd find this excruciatingly funny but in the
> current circumstances its rather less humourous.

Which part of the DMCA do you think prohibits this?

Re: Linux 2.2.20pre10

[D. Stimits]

bill davidsen wrote:
> 
> In article <E15veDQ-0001nl-00@the-village.bc.nu>
> alan@lxorguk.ukuu.org.uk wrote:
> | > This would then presumably lead to password protected access for US kernel
> | > developers that need to know? And some kind of NDA?
> |
> | US kernel developers cannot be told. Period.
> |
> | > 'IANAL', and neither are you, are you sure this sillyness is necessary?
> |
> | Its based directly on legal opinion.
> 
>   And who will be maintaining the world and us-castrated kernel source?
> I can't imagine anything worse for the security of this country than not
> allow computer users access to security issues.

See:
http://www.newsforge.com/article.pl?sid=01/10/19/1546246&mode=thread
http://www.petitiononline.com/SSSCA/petition.html
http://216.110.42.179/docs/hollings.090701.html

Then complain to Senators Hollings and Stevens; they haven't heard of
the Constitution, maybe someone could remind them.

D. Stimits, stimits@idcomm.com

> 
> --
> bill davidsen <davidsen@tmr.com>
>   His first management concern is not solving the problem, but covering
> his ass. If he lived in the middle ages he'd wear his codpiece backward.
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

Re: Linux 2.2.20pre10

[Andreas D. Landmark]

At 22.10.2001 17:20, bill davidsen wrote:
>   And who will be maintaining the world and us-castrated kernel source?
>I can't imagine anything worse for the security of this country than not
>allow computer users access to security issues.

I'd say the DMCA is a good candidate for being worse for computer security
than no security patches...



-- 
Andreas D Landmark / noXtension
Real Time, adj.:
         Here and now, as opposed to fake time, which only occurs there
and then.

Re: Linux 2.2.20pre10

[Gregory Ade]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 22 Oct 2001, Alan Cox wrote:

> > This would then presumably lead to password protected access for US kernel
> > developers that need to know? And some kind of NDA?
>
> US kernel developers cannot be told. Period.
>
> > 'IANAL', and neither are you, are you sure this sillyness is necessary?
>
> Its based directly on legal opinion.

<rantmode>

So, then, just to satisfy my curiosity, how long until users of Linux in
the U.S.A. will no longer be allowed to download new kernels?

After all, all it would really take for one of us to find out what was
fixed is to download this patch and go through it line by line, and
examine the context of the changes.

Or are we no longer allowed to look at the sources either?

I'm really confused by this gesture.  You're talking about both sides of
your mouth by telling us that "US kernel developers cannot be told" and at
the same time releasing the source/patch to the world.

Make up your mind.

</rantmode>

I guess I was wrong about the Linux kernel being Open Source and freely
available and distributable.

- -- 
Gregory K. Ade <gkade@unnerving.org>
http://unnerving.org/~gkade
OpenPGP Key ID: EAF4844B  keyserver: pgpkeys.mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE71HbOeQUEYOr0hEsRAn39AKC7loLShLzNQvH2fbr4fsVz5pxfHACeIiAi
1vzVfy+QQNpSlS6wEbkiWeI=
=X7eo
-----END PGP SIGNATURE-----

Re: Linux 2.2.20pre10

[Alan Cox]

> So, then, just to satisfy my curiosity, how long until users of Linux in
> the U.S.A. will no longer be allowed to download new kernels?

Potentially about 12 months after the SSSCA is passed. At which point you may
well find only a binary only OS with enforced copy management is legal in
the USA.

> I guess I was wrong about the Linux kernel being Open Source and freely
> available and distributable.

It is, subject to the law of the various countries concerned.

Alan

Re: Linux 2.2.20pre10

[Gerhard Mack]

On Mon, 22 Oct 2001, Alan Cox wrote:

> > So, then, just to satisfy my curiosity, how long until users of Linux in
> > the U.S.A. will no longer be allowed to download new kernels?
> 
> Potentially about 12 months after the SSSCA is passed. At which point you may
> well find only a binary only OS with enforced copy management is legal in
> the USA.
> 
> > I guess I was wrong about the Linux kernel being Open Source and freely
> > available and distributable.
> 
> It is, subject to the law of the various countries concerned.
> 
> Alan

Has it become time for a non-us.vger.kernel.org ??

--
Gerhard Mack

gmack@innerfire.net

<>< As a computer I find your faith in technology amusing.

Re: Linux 2.2.20pre10

[Florian Weimer]

Gerhard Mack <gmack@innerfire.net> writes:

> Has it become time for a non-us.vger.kernel.org ??

This whole non-use concept doesn't work.  Even if the server is
located in a free country, traffic might still be routed over US soil.

-- 
Florian Weimer 	                  Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart           http://cert.uni-stuttgart.de/
RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898

Re: Linux 2.2.20pre10

[Riley Williams]

Hi Alan, Bert.

>> Are you saying that we can't divulge security problems in our own
>> software anymore for fear of being sued by affected parties?

> Not even affected parties - the government can do it too without
> anyone else and indeed even if their are contractual agreements
> between parties permitting the data to be released..

Even if there are contractual agreements REQUIRING the data to be
released between the parties (as currently exists between Lockheed
and the USAF that require the mutual release of certain sensitive
information), the government would have the right to prosecute both
the USAF for releasing the information and Lockheed for accessing
it once it had been released - even if nobody at Lockheed ever read
the information in question.

That is how ludicrous it is.

If the said bill ever becomes law, then the US will of necessity become
a third world nation. However, until the idiots sponsoring it get their
faces muddied, the rest of us have to act in just such an insane way!!!

> I hope to have the security stuff up on a non US citizen accessible
> site in time for 2.2.20 final

That's an impossibility!!! However, if you remove the word "citizen"
from that statement, then it becomes possible.

Best wishes from Riley (a US citizen living in England).

Re: Linux 2.2.20pre10

[Gavin Baker]

On Mon, Oct 22, 2001 at 12:30:02PM +0100, Alan Cox wrote:

> > > 2.2.20pre11
> > > o	Security fixes
> > > 	| Details censored in accordance with the US DMCA
> > 
> > Care to elaborate?
> 
> On a list that reaches US citizens - no. File permissions and userids may
> constitute and be used for rights management.

Alan, are we to assume any future security related patch details are to
be censored until this DMCA madness is over?

In this case, im not sure if its a good idea for anyone to actually
apply these patches until they have read, and understand the code. If
the person in question is not fluent in C, how do they know what they
are patching, or whether to patch it at all without your explanation of
what it does?

If this is the case, im sure lots of websites will spring up, with
blatent disregard for the DMCA, that will fill in the blanks from the
changelogs. People will make a public stand against this insanity.

On the other hand, if the actual code for these security fixes is not
classed as "Details", i dont know what is.

2.5.8 changelog...
o	Security Fixes
	| None applied for fear of the code upsetting the US DMCA
o	VM updates                           (Rik)
o	Some other updates
	| applied, but authors kept anonymous for fear of the DMCA
	| seeing the updates as security issues, also details censored
	| just in case.
o 	etc.

madness.

--
Gavin Baker - UK

Re: Linux 2.2.20pre10

[Allan Sandfeld]

On Monday 22 October 2001 12:21, Alan Cox wrote:
> Things took a bit longer than intended with various security fixes needing
> to be done. If this tree tests out ok it will be 2.2.20
>
> 2.2.20pre11
> o	Security fixes
> 	| Details censored in accordance with the US DMCA

Why? I didnt think you like it, nor lived in the US?

If v'ger is in the US, I can understand not putting it in the changelog 
there. But why not on the mailing list?

regards
`Allan

Re: Linux 2.2.20pre10

[Dominik Kubla]

On Mon, Oct 22, 2001 at 12:40:49PM +0200, Allan Sandfeld wrote:
> On Monday 22 October 2001 12:21, Alan Cox wrote:
> > Things took a bit longer than intended with various security fixes needing
> > to be done. If this tree tests out ok it will be 2.2.20
> >
> > 2.2.20pre11
> > o	Security fixes
> > 	| Details censored in accordance with the US DMCA
> 
> Why? I didnt think you like it, nor lived in the US?
> 
> If v'ger is in the US, I can understand not putting it in the changelog 
> there. But why not on the mailing list?

Because the mailing list is hosted in the US of A...

Dominik
-- 
ScioByte GmbH    Zum Schiersteiner Grund 2     55127 Mainz (Germany)
Phone: +49 700 724 629 83                    Fax: +49 700 724 629 84

GnuPG: 717F16BB / A384 F5F1 F566 5716 5485  27EF 3B00 C007 717F 16BB

Re: Linux 2.2.20pre10

[Henning P. Schmiedehausen]

Dominik Kubla <kubla@sciobyte.de> writes:

>Because the mailing list is hosted in the US of A...

If this is ever a problem, I can offer a box on a 100 MBit pipe to the
various german interconnection points (DE-CIX, MAE-FFM, INXS) here in
Germany any second.

	Regards
		Henning
-- 
Dipl.-Inf. (Univ.) Henning P. Schmiedehausen       -- Geschaeftsfuehrer
INTERMETA - Gesellschaft fuer Mehrwertdienste mbH     hps@intermeta.de

Am Schwabachgrund 22  Fon.: 09131 / 50654-0   info@intermeta.de
D-91054 Buckenhof     Fax.: 09131 / 50654-20   

Re: Linux 2.2.20pre10

[Andreas Haumer]

Hi!

Alan Cox wrote:
> 
> Things took a bit longer than intended with various security fixes needing to
> be done. If this tree tests out ok it will be 2.2.20
> 
> 2.2.20pre11
> o       Security fixes
>         | Details censored in accordance with the US DMCA
> o       Sparc updates                                   (Dave Miller)
> o       Add escaped usb hot plug config item            (Ryan Maple)
> o       Fix eepro10 driver problems                     (Aris)
> o       Make request_module return match 2.4            (David Woodhouse)
> o       Update SiS900 driver                            (Hui-Fen Hsu)
> o       Update ver_linux to match 2.4                   (Steven Cole)
> o       Final isdn fixups for 2.2                       (Kai Germaschewski)
> o       scsi tape fixes from 2.4                        (Kai Mäkisara)
> o       Update credits entry                            (Henrik Storner)
> o       Fix scc driver hang case                        (Jeroen)
> o       Update credits entry                            (Dave Jones)
> o       Update FAT documentation                        (Hirokazu Nomoto)
> o       Small net tweaks                                (Dave Miller)
> o       Fix cs89xx abuse of skb->len                    (Kapr Johnik)

Any reason for my one-liner patch to linux/net/sunrpc/sched.c
is still not included?

andreas@ws1:~/cvsdir {625} % cvs diff -C5 -rR_2-2-19~11 -rR_2-2-19~12
linux/net/sunrpc/sched.c
Index: linux/net/sunrpc/sched.c
===================================================================
RCS file:
/raid5/cvs/repository/distribution/Base/linux/net/sunrpc/sched.c,v
retrieving revision 1.1.1.6
retrieving revision 1.12
diff -C5 -r1.1.1.6 -r1.12
*** linux/net/sunrpc/sched.c    2001/03/25 16:37:42     1.1.1.6
--- linux/net/sunrpc/sched.c    2001/08/17 11:53:48     1.12
***************
*** 1066,1075 ****
--- 1066,1076 ----
        rpciod_pid = current->pid;
        up(&rpciod_running);
 
        exit_files(current);
        exit_mm(current);
+       exit_fs(current);
 
        spin_lock_irq(&current->sigmask_lock);
        siginitsetinv(&current->blocked, sigmask(SIGKILL));
        recalc_sigpending(current);
        spin_unlock_irq(&current->sigmask_lock); 

Without this patch, rpciod keeps the initial ramdisk rootfs
busy on our diskless clients, so we cannot umount and free
it...

Regards,

- andreas

-- 
Andreas Haumer                     | mailto:andreas@xss.co.at
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71

Re: Linux 2.2.20pre10

[Alan Cox]

> Any reason for my one-liner patch to linux/net/sunrpc/sched.c
> is still not included?

It didnt seem critical and I wanted to be sure that I got 2.2.20 out.
Its sensible for 2.2.21

Re: Linux 2.2.20pre10

[Rik van Riel]

On Mon, 22 Oct 2001, Alan Cox wrote:

> 2.2.20pre11
> o	Security fixes
> 	| Details censored in accordance with the US DMCA

OK, the changelog is now online, though still in
accordance with the US DMCA (apologies to our
friends in the states):

	http://thefreeworld.net/

kind regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/

http://www.surriel.com/		http://distro.conectiva.com/

Linux 2.2.20pre10

[Alan Cox]

If you know any reason this should not be 2.2.20 final now is a very very
good time to say. I intend to call this patch 2.2.20 in a week or so barring
any last minute problems. Please save anything but actual bugfixes for
2.2.21.

2.2.20pre10
o	Update the gdth driver				(Achim Leubner)
o	Fix prelink elf loading in 2.2			(Jakub Jelinek)
o	2.2 lockd fixes when talking to HP/UX		(Trond Myklebust)
o	3ware driver update				(Adam Radford)
o	hysdn driver update				(Kai Germaschewski)
o	Backport via rhine fixes			(Dennis Bjorklund)
o	NFS client fixes		(Trond Myklebust, Ion Badulescu,
					 Jim Castleberry, Crag I Hagan.
					 Adrian Drzewiecki)
o	Blacklist TEAC PD-1 to single lun		(Wojtek Pilorz)
o	Fix null request_mode return 			(David Woodhouse)
o	Update credits entry				(Fernando Fuganti)
o	Fix sparc build with newer binutils		(Andreas Jaeger)
o	Starfire update					(Ion Badulescu)
o	Remove dead USB files				(Greg Kroah-Hartmann)
o	Fix isdn mppp crash case			(Kai Germaschewski)
o	Fix eicon driver				(Kai Germaschewski)
o	More pci idents					(Andreas Tobler)
o	Typo fix					(Eli Carter)
o	Remove ^M's from some data files		(Greg Kroah-Hartmann)
o	64bit cleanups for isdn				(Kai Germaschewski)
o	Update isdn certificates			(Kai Germaschewski)
o	Mac update for sysrq				(Ben Herrenschmidt)

2.2.20pre9
o	Document ip_always_defrag in proc.txt		(Brett Eldrige)
o	Update S/390 asm for newer gcc			(Ulrich Weigand
o	Update S/390 documentation			 Carsten Otte
o	Update s390 dump too				  and co)
o	Update s/390 dasd to match 2.4
o	Backport s/390 tape driver from 2.4
o	FDDI bits for s/390
o	Updates for newer pmac laptops			(Tom Rini)
o	AMD760MP support				(Johannes Erdfelt)
o	Fix PPC oops on media change			(Tom Rini)
o	Fix some weird but valid input combinations	(Tom Rini)
	on PPC
o	Add additional checks to irc dcc masquerade	(Juanjo Ciarlante,
							 Michal Zalewski)
o	Update 2.2 ISDN maintainer			(Kai Germaschewski)
o	Fix 3c505 with > 16Mb of RAM			(Paul)
o	Bring USB into sync with 2.4.7			(Greg Kroah-Hartmann)

2.2.20pre8
o	Merge DRM fixes from 2.4.7 tree			(me)
o	Merge sbpcd fixes from 2.4.7 tree
o	Merge moxa buffer length check
o	Merge bttv clip length check
o	Merge aha2920 shared irq from 2.4.7 tree
o	Merge MTWEOF fix from 2.4.6 tree
o	Merge serverworks AGP from 2.4.6 tree
o	Merge sbc60xxx watchdog fixes from 2.4.6
o	Merge lapbether fixes from 2.4.6
o	Merge bpqether fixes from 2.4.6
o	Merge scc fixes from 2.4.6
o	Merge lmc memory leak fixes from 2.4.6
o	Merge sm_wss fixes from 2.4.6
o	Resync AGP support with 2.4.6
o	Merge epca fixes from 2.4.5
o	Merge riscom8 fixes from 2.4.5
o	Merge softdog fixes from 2.4.5
o	Merge specialix fixes from 2.4.5
o	Merge wdt/wdt_pci fixes from 2.4.5
o	ISDN cisco hdlc fixes				(Kai Germaschewski)
o	ISDN timer fixes				(Kai Germaschewski)
o	isdn minor control change backport		(Kai Germaschewski)
o	Backport ELCR MP 1.1 config/PCI routing stuff	(John William)
o	Backport isdn ppp fixes from 2.4		(Kai Germaschewski)
o	Backport isdn_tty fixes from 2.4		(Kai Germaschewski)
o	eicon cleanups					(Armin Schindler)
	| Armin can you double check the clashes were ok
o	Fix an ntfs oops				(Anton Altaparmakov)
o	Fix arp null neighbour buglet			(Dave Miller)
o	Update sparc version strings, pci fixups	(Dave Miller)
o	Define CONFIG_X86 in 2.2 as well as 2.4		(Herbert Xu)
o	Configure.help cleanups				(Steven Cole)
o	Add MODE_SELECT_10 to qlogic fc table		(Jeff Andre)
o	Remove dead oldproc variable			(Dave Miller)
o	Update starfire driver for 2.2			(Ion Badulescu)
o	8139too driver update				(Jens David)
o	Assorted race fixes for binfmt loaders		(Al Viro)
o	Update Alpha support for older boxes		(Jay Estabrook)
o	ISDN bsdcomp/ppp compression fixes		(Kai Germaschewski)

2.2.20pre7
o	Merge rose buffer management fixes		(Jean-Paul Roubelat)
o	Configure.help updates				(Steven Cole)
o	Add Steven Cole to credits			(Steven Cole)
o	Update kbuild list info				(Michael Chastain)
o	Fix slab.c doc typo				(Piotr Kasprzyk)
o	Lengthen parport probe timeout			(Jean-Luc Coulon)
o	Fix vm86 cleanup				(Stas Sergeev)
o	Fix 8139too build bug				(Jürgen Zimmermann)
o	Fix slow 8139too performance			(Oleg Makarenko)
o	Sparc64 exec fixes				(Solar Designer)

2.2.20pre6
o	Merge all the pending ISDN updates		(Kai Germaschewski)
	| These are sizable changes and want a good testing
o	Fix sg deadlock bug as per 2.4			(Douglas Gilbert)
o	Count socket/pipe in quota inode use		(Paul Menage)
o	Fix some missing configuration help texts	(Steven Cole)
o	Fix Rik van Riel's credits entry		(Rik van Riel)
o	Mark xtime as volatile in extern definition	(various people)
o	Fix open error return checks			(Andries Brouwer)

2.2.20pre5
o	Fix a patch generation error, replaces 2.2.20pre4 which is
	wrong on ad1848

2.2.20pre4
o	Fix small corruption bug in 82596		(Andries Brouwer)
o	Fix usb printer probing				(Pete Zaitcev)
o	Fix swapon/procfs race				(Paul Menage)
o	Handle ide dma bug in the CS5530		(Mark Lord)
o	Backport 2.4 ipv6 neighbour discovery changes	(Dave Miller)
o	FIx sock_wmalloc error handling			(Dave Miller)
o	Enter quickack mode for out of window TCP data	(Andi Kleen)
o	Fix Established v SYN-ACK TCP state error	(Alexey Kuznetsov)
o	Sparc updates, ptrace changes etc		(Dave Miller)
o	Fix wrong printk in vdolive masq		(Keitaro Yosimura)
o	Fix core dump handling bugs in 2.2		(Al Viro)
o	Update hdlc and synclink drivers		(Paul Fulghum)
o	Update netlink help texts			(Magnus Damm)
o	Fix rtl8139 keeping files open			(Andrew Morton)
o	Further sk98 driver updates. fix wrong license	(Mirko Lindner)
	text in files
o	Jonathan Woithe has moved			(Jonathan Woithe)
o	Update cpqarray driver				(Charles White)
o	Update cciss driver				(Charles White)
o	Don't delete directories on an fs that reports	(Ingo Oeser)
	then 0 size when doing distclean
o	Add support for the 2.4 boot extensions to 2.2	(H Peter Anvin)
o	Fix nfs cache locking corruption on SMP		(Craig Hagan)
o	Add missing check to cdrom readaudio ioctl	(Jani Jaakkola)
o	Fix refclock build with newer gcc		(Jari Ruusu)
o	koi8-r fixes					(Andy Rysin)
o	Spelling fixes for documentation		(Andries Brouwer)

2.2.20pre3
o	FPU/ptrace corruption fixes			(Victor Zandy)
o	Resync belkin usb serial with 2.4		(Greg Kroah-Hartmann)
o	Resync digiport usb serial with 2.4		(Greg Kroah-Hartmann)
o	Rsync empeg usb serial with 2.4			(Greg Kroah-Hartmann)
o	Resync ftdi_sio against 2.4			(Greg Kroah-Hartmann)
o	Bring keyscan usb back into line with 2.4	(Greg Kroah-Hartmann)
o	Resync keyspan_pda usb with 2.4			(Greg Kroah-Hartmann)
o	Resync omninet usb with 2.4.5			(Greg Kroah-Hartmann)
o	Resync usb-serial driver with 2.4.5		(Greg Kroah-Hartmann)
o	Resync visor usb driver with 2.4.5		(Greg Kroah-Hartmann)
o	Rsync whiteheat driver with 2.4.5		(Greg Kroah-Hartmann)
o	Add edgeport USB serial				(Greg Kroah-Hartmann)
o	Add mct_u232 USB serial				(Greg Kroah-Hartmann)
o	Update usb storage device list		(Stas Bekman, Kaz Sasayma)
o	Bring usb acm driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring bluetooth driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring dabusb driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring usb dc2xx driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring mdc800 usb driver into line with 2.4.5	(Greg Kroah-Hartmann)
o	Bring rio driver into line with 2.4.5		(Greg Kroah-Hartmann)
o	Bring USB scanner drivers into line with 2.4.5	(Greg Kroah-Hartmann)
o	Update ov511 driver to match 2.4.5		(Greg Kroah-Hartmann)
o	Update PCIIOC ioctls (esp for sparc)		(Dave Miller)
o	General sparc bugfixes				(Dave Miller)
o	Fix possible oops in fbmem ioctls		(Dave Miller)
o	Fix reboot/halt bug on "Alcor" Alpha boxes	(Tom Vier)
o	Update osst driver 				(Willem Riede)
o	Fix syncppp negotiation bug			(Bob Dunlop)
o	SMBfs bug fixes from 2.4 series			(Urban Widmark)
o	3ware IDE raid driver updates			(Adam Radford)
o	Fix incorrect use of bitops on non long types	(Dave Miller)
o	Fix reboot/halt bug on 'Miata' Alpha boxes	(Tom Vier)
o	Update Tim Waugh's contact info			(Tim Waugh)
o	Add TIOCGSERIAL to sun serial on PCI sparc32	(Lars Kellogg-Stedman)
o	ov511 check user data more carefully		(Marc McClelland)
o	Fix netif_wake_queue compatibility macro	(Andi Kleen)

2.2.20pre2
o	Fix ip_decrease_ttl as per 2.4			(Dave Miller)
o	Fix tcp retransmit state bug			(Alexey Kuznetsov)
o	Fix a few obscure sparc tree bugs		(Dave Miller)
o	Fix fb /proc bug and OF fb name size bug	(Segher Boessenkool)
o	Fix complie with CONFIG_INTEL_RNG=y		(Andrzej Krzysztofowicz)
o	Fix rio driver when HZ!=100			(Andrzej Krzysztofowicz)
o	Stop 3c509 grabbing other EISA boards		(Andrzej Krzysztofowicz)
o	Remove surplus defines for root= names		(Andrzej Krzysztofowicz)
o	Revert pre1 APIC change

2.2.20pre1
o	Fix SMP deadlock in NFS				(Trond Myklebust)
o	Fix missing printk in bluesmoke handler		(me)
o	Fix sparc64 nfs					(Dave Miller)
o	Update io_apic code to avoid breaking dual	(Johannes Erdfelt)
	Athlon 760MP
o	Fix includes bugs in toshiba driver		(Justin Keene,
							 Greg Kroah-Hartmann)
o	Fix wanpipe cross compile			(Phil Blundell)
o	AGPGART copy_from_user fix			(Dawson Engler)
o	Fix alpha resource setup error			(Allan Frank)
o	Eicon driver updates				(Armind Schindler)
o	PC300 driver update				(Daniela Squassoni)
o	Show lock owner on flocks			(Jim Mintha)
o	Update cciss driver to 1.0.3			(Charles White)
o	Backport cciss/cpqarray security fixes		(me)
o	Update i810 random number generator		(Jeff Garzik)
o	Update sk98 driver				(Mirko Lindner)
o	Update sis900 ethernet driver			(Hui-Fen Hsu)
o	Fix checklist glitch in make menuconfig		(Moritz Schulte)
o	Update synclink driver				(Paul Fulghum)
o	Update advansys scsi driver			(Bob Frey)
o	Ver_linux fixes for 2.2				(Steven Cole)
o	Bring 2.2 back into line with the master ISDN	(Kai Germaschewski)
o	Whiteheat usb driver update			(Greg Kroah-Hartmann)
o	Fix via_rhine byte counters			(Adam Lackorzynski)
o	Fix modem control on rio serial			(Rogier Wolff)
o	Add more Iomega Zip to the usb storage list	(Wim Coekaerts)
o	Add ZF Micro watchdog 				(Fernando Fuganti)

Re: Linux 2.2.20pre10

[Roberto Nibali]

Hi Alan,

> If you know any reason this should not be 2.2.20 final now is a very very
> good time to say. I intend to call this patch 2.2.20 in a week or so barring
> any last minute problems. Please save anything but actual bugfixes for
> 2.2.21.

Could you please include following patch to your tree? I need this because
we deploy machines with more then 16 interfaces. It's not a problem for me
to patch the kernel but a patch less to carry on each new kernel release is
something less to be able to forget. I know, it's not an actual bugfix but
it's also nothing to worry about since it definitely doesn't break anything
nor unnecessary bloats the kernel.

--- linux-2.2.20pre10/drivers/net/net_init.c	Wed Sep 12 09:39:15 2001
+++ linux-2.2.20pre10-ratz/drivers/net/net_init.c	Wed Sep 12 09:44:11 2001@@
-62,7 +62,7 @@
 */
 
 /* The list of used and available "eth" slots (for "eth0", "eth1", etc.) */
-#define MAX_ETH_CARDS 16
+#define MAX_ETH_CARDS 32
 static struct device *ethdev_index[MAX_ETH_CARDS];

Regards and thanks for including the starfire.c changes from Ion,
Roberto Nibali, ratz

-- 
mailto: `echo NrOatSz@tPacA.cMh | sed 's/[NOSPAM]//g'`

Re: Linux 2.2.20pre10

[David Woodhouse]

alan@lxorguk.ukuu.org.uk said:
> o	Fix null request_mode return 			(David Woodhouse) 

Is this attribution correct?

Grepping for request_mode in my outbox, the 2.2.20-pre10 patch, and the 
dark recesses of what passes for my brain turns up no matches.

--
dwmw2

Re: Linux 2.2.20pre10

[Kai Germaschewski]

On Wed, 12 Sep 2001, David Woodhouse wrote:

> alan@lxorguk.ukuu.org.uk said:
> > o	Fix null request_mode return 			(David Woodhouse) 
> 
> Is this attribution correct?

I suppose this fragment is refered to:

diff -ur linux-2.2.20-pre9.work/include/linux/kmod.h linux-2.2.20-pre10.work/include/linux/kmod.h
--- linux-2.2.20-pre9.work/include/linux/kmod.h	Wed Aug 29 01:30:13 2001
+++ linux-2.2.20-pre10.work/include/linux/kmod.h	Wed Sep 12 10:14:14 2001
@@ -13,7 +13,10 @@
 #else
 #include <linux/errno.h>
 
-#define request_module(x) do {} while(0)
+static inline int request_module(const char *name)
+{
+	return -EINVAL;
+}
 static inline int exec_usermodehelper(char *program_path, char *argv[], char *envp[])
 {
         return -EACCES;


--Kai

Re: Linux 2.2.20pre10

[David Woodhouse]

kai@tp1.ruhr-uni-bochum.de said:
>  I suppose this fragment is refered to: 

Oh yeah, I do have a vague recollection of that. Thankyou.


--
dwmw2

Re: Linux 2.2.20pre10

[Andreas Haumer]

Hi,

Alan Cox wrote:
> 
> If you know any reason this should not be 2.2.20 final now is a very very
> good time to say. I intend to call this patch 2.2.20 in a week or so barring
> any last minute problems. Please save anything but actual bugfixes for
> 2.2.21.
> 
I did a short check through the pre10 patch but couldn't find my small
patch to linux/net/sunrpc/sched.c I sent you back in August.

This patch fixes (at least for us) the problem where rpciod still
keeps references into the root fs even after it was daemonized.

I didn't get any reaction after posting this patch, neither
positive nor negative. 

In case you don't remember here's the patch again:

andreas@ws1:~/cvsdir {625} % cvs diff -C5 -rR_2-2-19~11 -rR_2-2-19~12
linux/net/sunrpc/sched.c
Index: linux/net/sunrpc/sched.c
===================================================================
RCS file:
/raid5/cvs/repository/distribution/Base/linux/net/sunrpc/sched.c,v
retrieving revision 1.1.1.6
retrieving revision 1.12
diff -C5 -r1.1.1.6 -r1.12
*** linux/net/sunrpc/sched.c    2001/03/25 16:37:42     1.1.1.6
--- linux/net/sunrpc/sched.c    2001/08/17 11:53:48     1.12
***************
*** 1066,1075 ****
--- 1066,1076 ----
        rpciod_pid = current->pid;
        up(&rpciod_running);
 
        exit_files(current);
        exit_mm(current);
+       exit_fs(current);
 
        spin_lock_irq(&current->sigmask_lock);
        siginitsetinv(&current->blocked, sigmask(SIGKILL));
        recalc_sigpending(current);
        spin_unlock_irq(&current->sigmask_lock); 

Is there any reason for not including this in 2.2.20?
It helps us getting rid of the initial ramdisk rootfs 
on our diskless clients...

Regards,

- andreas

-- 
Andreas Haumer                     | mailto:andreas@xss.co.at
*x Software + Systeme              | http://www.xss.co.at/
Karmarschgasse 51/2/20             | Tel: +43-1-6060114-0
A-1100 Vienna, Austria             | Fax: +43-1-6060114-71

Re: Linux 2.2.20pre10

[Mike Fedyk]

On Wed, Sep 12, 2001 at 12:06:41AM +0100, Alan Cox wrote:
> If you know any reason this should not be 2.2.20 final now is a very very
> good time to say. I intend to call this patch 2.2.20 in a week or so barring
> any last minute problems. Please save anything but actual bugfixes for
> 2.2.21.

OK, will test.

I know the Ingo's raid patch hasn't been included because of tool
compatibility problems.  Has anyone thought of having both versions in the
2.2 kernel?  Would this be trivial, or something that would change too much
for 2.2?

I've been compiling in Andre's EIDE patch for months, without any problems
on x86.  Except for an #include error on PPC.  I have a patch, but I can't
sent attach now because the patch is on a computer that is off at the moment...

Is there any chance of getting either of these two things into 2.2.21?

Mike

Re: Linux 2.2.20pre10

[Alan Cox]

> I know the Ingo's raid patch hasn't been included because of tool
> compatibility problems.  Has anyone thought of having both versions in the
> 2.2 kernel?  Would this be trivial, or something that would change too much
> for 2.2?

It wont be happening in the base 2.2 code.

> I've been compiling in Andre's EIDE patch for months, without any problems
> on x86.  Except for an #include error on PPC.  I have a patch, but I can't
> sent attach now because the patch is on a computer that is off at the moment...

And that one definitely wont

Re: Linux 2.2.20pre10

[Nicolas Turro]

Le Mercredi 12 Septembre 2001 01:06, Alan Cox a écrit :
> If you know any reason this should not be 2.2.20 final now is a very very
> good time to say. I intend to call this patch 2.2.20 in a week or so
> barring any last minute problems. Please save anything but actual bugfixes
> for 2.2.21.

Is 2.2.20 final coming anytime soon (october) or should i use 2.2.20pre10 ?

N. Turro