Active Topics

 


Page 2 of 3 1 2 3
Reply
Thread Tools
qgil's Avatar
qgil is offline qgil
2010-04-01 , 09:17
Posts: 3,105 | Thanked: 11,088 times | Joined on Jul 2007 @ Mountain View (CA, USA)
#11
The MeeGo Security framework (which is what was called Maemo 6 Security Framework) is highly configurable. It's up to the device vendor to define the level of openness of a device and it's up to the customers to buy a device with the desired levels of openness.

No matter what, MeeGo will fulfill the requirements of the licenses of the components integrated.
__________________
http://maemo.org/profile/view/qgil/ + http://qt-project.org
 
johnel is offline johnel
2010-04-01 , 10:11
Posts: 999 | Thanked: 1,117 times | Joined on Dec 2009 @ earth?
#12
As far as I understand there are 2 installable images of n900 MeeGo.

(1) The closed image - (includes BME, wifi & bluetooth firmware)

(2) The open image - does not include the above components.

The open image can be installed on the n900 but you may damage the device due to the lack of battery management (no BME).

But you can install the open image on a virtual device and use it as a development environment.

The only realistic decision is to install the closed image to the n900.

The open image can be freely distributed by the closed image cannot?

I'm fine with that.

However if I wanted to create a custom image for the n900 I can do that but I would have to exclude the closed components.

Are the components seperate enough so I can build a custom image on the n900 and install the closed components too?

Will these components ever be "open source". I understand that there may be patent, third-party license and/or distribution issues too. But until these components are open-source then I don't think the MeeGo platform (as regads to the n900) can be considered open-source.

Am I just being really "picky" about this. I'm not an open-source zealot but I would feel a lot better if these components were "freely" available. I would even settle for unrestricted re-distributable firmware blobs and battery-manger binary.

I've had my fingers burnt before with stuff like this (ATI drivers now legacy - no longer work with newer versions of Xorg)
__________________
I like cake.
 

The Following User Says Thank You to johnel For This Useful Post:
dov is offline dov
2010-04-01 , 10:26
Posts: 81 | Thanked: 45 times | Joined on Dec 2009
#13
Originally Posted by Laughing Man View Post
Considering the rumors of some of the DRM implementation in Maemo 6/Harmattan, I'm not so sure. Seems like you were going have to choose between having a free open-hackable device and a semi-hackable device (e.g. no kernel modifications if you wanted to keep the access to DRM files).
It's more than rumors. See:

http://lwn.net/Articles/373780/
 

The Following User Says Thank You to dov For This Useful Post:
attila77 is offline attila77
2010-04-01 , 11:38
Posts: 3,319 | Thanked: 5,610 times | Joined on Aug 2008 @ Finland
#14
Originally Posted by qgil View Post
The MeeGo Security framework (which is what was called Maemo 6 Security Framework) is highly configurable. It's up to the device vendor to define the level of openness of a device and it's up to the customers to buy a device with the desired levels of openness.

No matter what, MeeGo will fulfill the requirements of the licenses of the components integrated.
I know this is more of a meego.com question, but how does this relate to the Intel counterparts ? The Maemo 6 Security Framework was in good part based on TrustZone, which is AFAIK an ARM specific technology (=not present on the Intel counterparts). Still confused
__________________
Blogging about mobile linux - The Penguin Moves!
Maintainer of PyQt (see introduction and docs), AppWatch, QuickBrownFox, etc
 
Stskeeps's Avatar
Stskeeps is offline Stskeeps
2010-04-01 , 11:53
Posts: 1,671 | Thanked: 11,478 times | Joined on Jun 2008 @ Warsaw, Poland
#15
Originally Posted by johnel View Post
As far as I understand there are 2 However if I wanted to create a custom image for the n900 I can do that but I would have to exclude the closed components.

Are the components seperate enough so I can build a custom image on the n900 and install the closed components too?
You can make your own image with the closed components but currently not redistribute.

In the area where you grab closed images (after accepting EULA), there is a kickstart file with a auto-generated repository URL (unique to yourself, do not distribute at breach of EULA). This is same template which the closed image was built from

This repository contains the closed components (BME, wifi firmware, bt firmware, etc), so you can make your own images.

Even though this isn't open source, I'm personally happy cos we can grab the closed source parts with ease due to our ownership of the devices.
__________________
As you go on to other communities, remember to build them around politeness, respect, trust and humility. Be wary of poisonous people and deal with them before they end up killing your community.. Seen it happen to too many IRC channels, forums, open source projects.
 

The Following 7 Users Say Thank You to Stskeeps For This Useful Post:
Master of Gizmo is offline Master of Gizmo
2010-04-05 , 13:02
Posts: 345 | Thanked: 467 times | Joined on Nov 2007 @ Germany
#16
Originally Posted by qgil View Post
No matter what, MeeGo will fulfill the requirements of the licenses of the components integrated.
How can a drm protection scheme fulfil the gplv3 requirements?

I have asked this question many times and the answer always was either "don't worry, everything will be ok" or "i just don't know". But i think this question deserves a real answer as it's not some proprietary nokia/intel code we are talking about.
 
Master of Gizmo is offline Master of Gizmo
2010-04-05 , 13:07
Posts: 345 | Thanked: 467 times | Joined on Nov 2007 @ Germany
#17
Originally Posted by jaem View Post
I might also add (and I think I've said elsewhere) that even if other manufacturers TiVo-ize it ...
They can't as the licenses explicitely forbid exactly that.
 
javispedro's Avatar
javispedro is offline javispedro
2010-04-05 , 13:16
Posts: 2,355 | Thanked: 5,249 times | Joined on Jan 2009 @ Barcelona
#18
Relevant GPL3 parts (extracted from http://www.gnu.org/licenses/gpl-3.0-standalone.html, emphasis mine):
A “User Product” is either (1) a “consumer product”, which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, “normally used” refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.

“Installation Information” for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.

If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).

The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.

Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
From Maemo Security in the wiki:
(of course some content becomes unavailable when one switch to its own kernel, for example DRM)
So, dunno. I don't think the GPLv3 will allow for operators to sell devices where you cannot enter "open mode" (would violate the first bold statement), but Nokia might be allowed to disallow the download & use of DRM'd apps and media in "open mode" (might be allowed as per the second bold statement).

IANAL.

EDIT: Note that Open vs Closed mode in the Harmattan security framework at least has nothing to do with BME, etc. (those are "the closed components" and I'm pretty sure they will still be avail in "open mode", else the device would be useless).
Last edited by javispedro; 2010-04-05 at 13:23.
 

The Following User Says Thank You to javispedro For This Useful Post:
Master of Gizmo is offline Master of Gizmo
2010-04-05 , 15:12
Posts: 345 | Thanked: 467 times | Joined on Nov 2007 @ Germany
#19
Originally Posted by javispedro View Post
So, dunno. I don't think the GPLv3 will allow for operators to sell devices where you cannot enter "open mode" (would violate the first bold statement), but Nokia might be allowed to disallow the download & use of DRM'd apps and media in "open mode" (might be allowed as per the second bold statement).
To me it seems even more complex. The 1st highlighted paragraph imho reads: You have to allow people to tinker with the code and while doing so you are not allowed to disable certain functionality just because of the fact someone tinkered with it.

Otherwise the gplv3 would not be able to prevent tivoization (which was one of its primary goals). To avoid tivoization you must prevent manufacturers from disabling (service critical) components just because someone modified certain code. If you allow manufacturers to do so you again face the tivo issue: The device will just refuse to work after you uploaded new code.

Of course there's a difference between "not working at all anymore" and "doesn't play drm protected files anymore". But you cannot draw the line there as "evil" manufacturers will then draw the border whereever they like and e.g. tivo may still say "hey, hacked units still display the time. they just don't playback any files anymore. so no reason t complain".

Hightlight 2 imho has nothing to do with this. It imho only sais that nokia/intel do not have to provide any guarantee on the parts the hacker modified. Still as of highlight 1 they must not add artifical limitations to the part the hacker did not touch.

To me this means: I must be e.g. allowed to upload a new kernel (regardless of the mode the device is in). Furthermore they must not disable certain functions (e.g. decoding og drm protected files) just because they detect my modified kernel.

I still don't see how they could add drm in a hacking-prevented but still legal way.
 

The Following User Says Thank You to Master of Gizmo For This Useful Post:
javispedro's Avatar
javispedro is offline javispedro
2010-04-05 , 16:11
Posts: 2,355 | Thanked: 5,249 times | Joined on Jan 2009 @ Barcelona
#20
Originally Posted by Master of Gizmo View Post
Hightlight 2 imho has nothing to do with this. It imho only sais that nokia/intel do not have to provide any guarantee on the parts the hacker modified. Still as of highlight 1 they must not add artifical limitations to the part the hacker did not touch.
Because I see DRMd files as downloaded (a "service" provided for a work "that has been modified by the client" -> no requirement). If anything, this forbids them to disallow you to access your already bought DRMd songs, but allows them to prevent you buying any new DRMd song. (Stuff gets more weirder when you think that a DRM might be implemented as a quick ping to an online server every time you try to play a "protected" material... god save us).

Clearly, this last clause is designed to help prevent cheaters from entering a multiplayer network (or stuff like that), but I see no difference between that and preventing freeloaders from entering a paid content network.
Last edited by javispedro; 2010-04-05 at 17:33.
 
Reply
Page 2 of 3 1 2 3

« Previous Thread | Next Thread »

 
Forum Jump


All times are GMT. The time now is 11:23.

Contact Us - Home - Archive - Top