[olug] Fw: FC: Linus Torvalds on digital rights management inLinux kernel

Daniel G. Linder dlinder at iprevolution.com
Tue Apr 29 18:49:29 UTC 2003 

> On Tue, 29 Apr 2003, Andrew Holm-Hansen wrote:
> > Why can't you sign the kernel with a blank key, note the 
> > location of the
> > signature block in the binary, write a closed source 
> > signing tool, and
> > run it against the kernel?  This would mean that the key 
> > could remain
> > closed source and the kernel could be signed by said key.

Eric Johnson [mailto:eric_j at oasis.novia.net] then replied:
> I don't think there is a problem with that under the current 
> GPL, but I
> believe that security experts (and I am not one) would see 
> issues with the
> implementation of this. That said, I bet it would work plenty 
> well for 95%
> of all users until the other 5% made the workarounds easy 
> enough to use.

I think this "blank" key is kind of a nice feature.  If that is
implemented, then there are two ways the kernel could be compiled: with
or without a key.
A: With the key compiled into the kernel, a Firewall or VPN manufacturer
could use a unique key per customer if they wanted to and then they
could ensure that the customer only loaded the modules they had paid
for.
B: With the blank key, the FW/VPN manufacturer could let any stock
kernel run, but you would need the run-time binary to load the key into
the kernel, then they still have the same protection as before
(protecting paid for modules, etc).

On the "kernel hacker" or small time user, we could make our own
firewalls and compile the kernel and modules on another system, copy
those to the firewall, and even if the firewall was compromised, the
hacker would have to find some way around the DRM (which is in both the
kernel and the hardware).  Thus, they couldn't copy their own compiled
Trojan module/program to the firewall unless they were able to get a
hold of the "signing key" that was used in the first place.

As a security conscious person, I like what DRM will *allow* me to do,
but I don't like what our elected officials are wanting DRM to *force*
me to do...

I shouldn't be *required* to have my computer locked down like Fort Knox
anymore than they should *require* me to lock all my doors and windows
in my house.  Both are good practices, but the world would be up in arms
if they were asking for a law that allowed the police (or their
"entrusted agents") to walk up to my house and start "testing" the doors
and windows...

Dan

More information about the OLUG mailing list