If I tell you that I'll have to kill you: Red Hat fights the DMCA [Digital Millenium Copyright Act]

The Register USA ^ | 10-16-2002 | John Lettice

[JameRetief]

FYI Ping.

[BillCompton]

I am of the opinion that hackers generally do us a valuable service. If you can extend the "virus" metaphor a little, the multitude of virus' help innoculate us. When China decides to destroy the US Internet infastructure, oops, those hackers have prevented this. Better to get a bunch of small ailments that create persistent antibodies than to be unchallanged but vulnerable to a killer attack.

[rdb3]

The Penguin Ping.

Wanna be Penguified? Just holla!

Got root?

[Jalapeno]

Is that graphic suppose to black out like that, or is it corrupted?

I love those penguin things. The superhero one is my favorite.

[billbears]

Not sure I understand. Anyway of explaining this is some form of layman's terms?

[demlosers]

If you find a security hole in somebody elses software, you cannot publish your findings, That would violate the Digital Millenium Copyright Act, and exposing you to possible prosecution.

[demlosers]

If people cannot get the word out about flaws it would remain a problem until the proprietary software company fixes it, which may never happen. Since the word did not go out, it’s not a well known problem. The OEM may forget about the problem or could drag their feet to fix the flawed software, because there is less pressure to do so. The outlaws in the hacking community(not saying all are outlaws) would most likely hear of the problem and exploit it, which in the end, leaves the user(you and me) vulnerable to hacks.

[afz400]

Can you imagine if this law applied to telling others about for example a car safety defect you discovered? You would be forbidden to tell anyone aobut it because it would violate the Vehicle Millenium Copyright Act, exposing you to possible prosecution.

[gore3000]

If you find a security hole in somebody elses software, you cannot publish your findings, That would violate the Digital Millenium Copyright Act, and exposing you to possible prosecution.

Wonder whose idea this was? Wonder whose software has more security holes than swiss cheese? Wonder who knows they have security holes but does nothing about them until someone screams.

[TechJunkYard]

RedHat does seem to be treading very carefully here, in contrast to a certain software company which ignores laws and court orders.

XMMS, as shipped with RH 8.0, will not play MP3s. This is due to some concerns about patents. (The Ogg Vorbis folks have an interesting response to the MP3 royalty stuff.)

The RPM which restores MP3 functionality is available here, but be aware that this web site is in Norway. Importing this software may also violate the DMCA, since it allows the circumvention of the royalty.

[TechJunkYard]

Not sure I understand. Anyway of explaining this is some form of layman's terms?

In this particular case, RedHat has posted some fixes for "potential security holes" on its web site, but the explanation of why these are security holes cannot be provided to US eyes lest they violate the DMCA.

So the details have been provided to a web site in the UK, which has copyrighted them, and has instituted a mechanism (a click-thru license agreement) that controls access to the information. As shown in the article above, the license agreement specifically states that if you are in the USA, you are not allowed in.

Under the DMCA, it is illegal for those of us in the USA to represent that we are NOT in the USA, for the purpose of reading the details, since that would circumvent a technological measure used to control access to a copyrighted work.

Now, do you see how stupid this is?

[gitmo]

Reckon how a Linux user is supposed to know whether he needs to apply the specified patch?

If it ain't broke, don't fix it. And don't fix it if you don't know what it is you're supposedly fixing.

[billbears]

I understand now, thanks very much. Still doesn't make much sense except maybe to protect a company that isn't making a very good product in the first place

[ThinkDifferent]

except maybe to protect a company that isn't making a very good product in the first place

Bingo.

[Bush2000]

If you find a security hole in somebody elses software, you cannot publish your findings, That would violate the Digital Millenium Copyright Act, and exposing you to possible prosecution.

Do you have a list of people who have been successfully prosecuted under DMCA?

[Bush2000]

RedHat does seem to be treading very carefully here, in contrast to a certain software company which ignores laws and court orders.

Is Oracle really that bad? ;-p

[Utilizer]

Bravo for Red Hat. I have been using their OS since v4.0, and have been very happy with it.

[TechJunkYard]

Is Oracle really that bad? ;-p

Good one! ;-)