Whose hardware is it anyway?

The following was posted to my BLOG on CLUE. It was also published by p2pnet.

With the recent launch of the Petition to protect Information Technology property rights at the Ottawa Linux Symposium (French translation in progress), we now move to the harder stage of explaining the petition not only to those who we want to sign it, but those whose activities we wish to influence. It is not only politicians who must help protect our property rights, but also software authors who we want to discourage from working with monopolies in the hardware manufacturing and content industries to circumvent our property rights.

I am drafting a paper titled "Protecting property rights in a digital world" that I hope to use to explain the different pieces of the puzzle.

Summary: We have works under copyright, media used to store these works, and hardware/software used to create, distribute and access these works. Each of these things has their own owners which must have their rights protected: authors (and non-creator copyright holders) of digital works, owners of the media (Physical CDs, etc), owners of the hardware, and authors/users of software.

We have a petition for users' rights which focused on the balance needed in copyright to protect the rights of past and future authors, as well as audiences. The current petition focuses entirely on the property rights of the owner of information technology hardware. Authors should strongly support us given it is not possible to protect their rights as authors of digital works without first protecting the rights of those who own the hardware used to produce, distribute and access digital works.

The rights of people purchasing media is important, as is the balance needed in software to protect the sometimes conflicting interests of various rightsholders. We have left these components for later discussions.

Who owns the hardware?

The important question we must ask is this: Who owns the hardware, and what rights should these owners of tangible property expect to be protected in the law.

As an owner of hardware I expect to be control of my hardware for any lawful purpose. Where there is software, I should have the right to replace that software with software of my own choosing, including the right to author and run my own software on the hardware if I have these skills.

Without this basic right, these devices will not be obeying the instructions of the owner, or protect the interests of the owner. Our property might be protecting the special interests of some third party who considers the owner to be a threat. There are many harmful aspects of this which can be understood by thinking of other things which we own, from our homes to our vehicles, and the harm to society if property rights were abolished.

While it is possible to commit crimes within our homes, or with our vehicles, we generally recognize it is inappropriate to revoke property rights in order to stop these crimes.

Car owners have quite appropriately rejected having speed controls built into their cars given it is impossible for technology to tell the difference between illegal speeding and a skilled driver trying to avoid a collision. When it comes to our homes, the idea of placing spy equipment or armed private security guards in our homes in order to protect the special interests of someone else should make every law abiding citizen cringe. The very act of monitoring our private lives can be more harmful than the crimes theoretically being avoided, and any monitoring and control can be abused for far more harmful and/or unlawful purposes.

Hardware manufacturers have their own special interests, some legal and some not legal. Giving hardware manufacturers control over our hardware is more likely to increase the severity of the lawbreaking by these manufacturers, not decrease lawbreaking by the owners of these devices.

Protecting our property rights!

While the need to protect the property rights of hardware owners should be obvious, even those in our community are not yet familiar with thinking of ourselves as property owners. An example can be seen in the public debate about the modernization of the GNU General Public License (moving to GPL Version 3).

In a recent article in CNet News.com, Linus Torvalds, the founder and leader of the Linux kernel project, was quoted as follows:

"Say I'm a hardware manufacturer. I decide I love some particular piece of open-source software, but when I sell my hardware, I want to make sure it runs only one particular version of that software, because that's what I've validated. So I make my hardware check the cryptographic signature of the binary before I run it," Torvalds said. "The GPLv3 doesn't seem to allow that, and in fact, most of the GPLv3 changes seem to be explicitly designed exactly to not allow the above kind of use, which I don't think it has any business doing."

I strongly disagree with Torvalds language, and disagree with his objections to the enhanced GPL.

If I purchase hardware, it is my hardware and is no longer owned by the manufacturer. If my hardware checks a cryptographic signature on a binary file to verify its origins, it should be my signature signed with my key since I am the owner of the hardware. It should be illegal for any hardware manufacturer, whether they are using GNU GPL'd licensed software or not, to use cryptographic signatures to lock the owner of hardware out of their own hardware.

While I am uncomfortable when people refer to infringement of intangible exclusive rights such as copyright as if it were "theft" (See the Jefferson Debate), I am quite comfortable stating that I believe it is theft of tangible property when hardware manufacturers lock out the owners of the hardware.

Unfortunately many governments have attempted to dodge any responsibility of protecting the hardware property rights of their citizens from attempts by hardware manufacturers to circumvent their rights. This has left gaping legal loopholes in many license agreements which assumed basic property rights were protected.

The GNU GPL was written with the assumption that the owner of hardware could not be locked out of their own hardware. This meant that if the owner of the hardware had the full source code to software, and a legal license that protected it as Free/Libre and Open Source Software (FLOSS), then the owner of the hardware would have nothing that could restrict them from running the FLOSS on their own hardware. Being able to run the software is the first condition for software being FLOSS, and holes in the law should not be able to be used to circumvent the intent of a FLOSS license.

There should be no controversy about the provisions of the GPL which protect property rights, and to be honest I am stunned by people like Linus Torvalds who disagree. I wonder if his disagreement relates to personality conflicts with people within the Free Software Foundation. Whatever the personalities, we all have a responsibility to help protect the rights of information technology property owners. Without the right of hardware owners to install software of their own choosing, FLOSS has no future as hardware vendors will be able to revoke these rights from us. It is unfortunate that thus far the GNU GPL is the only FLOSS license that is seeking to help protect our property rights.

Not only should we be actively trying to educate members of our community, we also need to educate the general public and politicians. People who purchase information technology hardware must think of themselves as property rights holders, and the government must step forward and protect these rights, rather than allowing hardware manufacturers to infringe our rights.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

This is an issue overlooked

I have been saying this for years. no one can tell me what I can put on my computer or what software to use. Microsoft thinks that since they make the software that they can push people around.

well, I use a Mac and do not allow anything to be installed on my machine.

It's similar to a car, you buy a car and drive it off the lot. You can paint it whatever color you wish and the auto makers can not do a damn thing.

thanks for writing this article and I wish the US would do something about this extortion by the software makers.

Not a Microsoft problem.

Please note that this is not a Microsoft problem. As we saw in France with their recent attempt to deal with interoperability between hardware manufacturers, it is equally (if not more) an Apple problem. It is Apples iPod that has exposed many people to the problems with DRM.

Because of how pad the DRM is on Apple's "hardware" (Its the embedded software that is the issue) there are actually people who favour Microsoft's DRM given they have licensed it to more hardware manufacturers (like the Beta vs. VHS video-tape format battles of the past). Microsoft is still going to be platform monopoly, but is thus far focused only on the software and not also the hardware.

Free/Libre and Open Source Software (FLOSS) consultant.

Yeah yeah you are so right... NOT!

If a product is made to do X and you buy it, you should know what you bought. You bought a product manufactured to do X. YES it is your property, but if you buy a house built on sand knowing that it was built to show how houses on sand sink, don't blame the manufacturer if he made it hard to keep it from sinking. You the EDUCATED especially know exactly what it is you are buying. If you don't like the terms of a product you would like to own, DON'T buy it then.

YOU are so wrong...

To extend your analogy with another equally possible scenario: what do I do when I find out that due to impossible to forsee circumstances my $1,000,000 mansion is sinking into the sand, and that the builder has gone bankrupt, and the private keys have been destroyed by the administrator of the bankruptcy? (Note the phrase "That's what insurance is for" or anything related, earns you the "Mr Stupid" award).

I can no longer fix my house, nor employ somebody else to fix it for me since the private key required to sign the hardware drivers to "shore up my house" are no longer available.

Note that certain lobby groups will be working hard to make such hardware DRM to be a legal requirement for digital hardware, so the EDUCATED (as you put it) will not have the choice to purchase hardware without such stupidity in it.

BTW I have designed digital hardware devices (chips) for the last 17 years, and I know for a fact that even when a company does not go out of business, somtimes legacy design data does go missing (which might for instance include the private key, or the design data that would allow keys to be regenerated, required to sign hardware drivers in the world in which you look forward to living in). The fact this is criminal incompetence and should get such companies fined out of existance and their assets managed in trust to allow the generation of new drivers, does not help the people for whose hardware it is no longer possible to generate drivers.

mbass, you actually showed mikemike is correct

mikemike is absolutely correct. The act of restricting the hardware is NOT the problem; it's the legal requirement that ALL hardware should act that way. In a proper free market, some hardware makers would produce restricted hardware, and others would produce 'open' hardware. The market would then decide which was better. It's the DRM laws, passed by corrupt politicians (redundant), forbidding 'open' hardware that are the problem. But obviously, you know that, since you said as much. So lay off the stupid hardware makers, and go after the crooked politicos who are actually causing the problem (DRM laws). You ARE registered to vote, aren't you?

Abrogating DRM laws would not entirely solve the problem.

The hardware manufacturers have no responsibility for their own actions and lobbying? That is a very warped thing to suggest that private citizens are entirely responsible for the corrupt politicians and laws, and that the special interest groups lobbying for the defective laws in the first place have no responsibility. Politicians are more often simply uninformed, not corrupt, with it being the special interest lobbiests (in this case from the hardware manufacturers) which are corrupt.

Most countries have consumer protection and anti-trust laws for a reason. It is one thing to say "In a proper free market" that something would happen, and it is entirely another to recognize that without government intervention that such a market could not exist. There is often a disconnect between what consumers believe they are getting, and what they are actually getting, and it is important for it to be illegal for deceptive marketing practises, tied selling, refusal to deal, and other such harmful activities to remain illegal.

Our petition to protect information technology property rights was authored very deliberately to deal with this issue:

"THEREFORE, your petitioners call upon Parliament to prohibit the application of a technical protection measure to a device without the informed consent of the owner of the device, and to prohibit the conditioning of the supply of content to the purchase or use of a device which has a technical measure applied to it."

The first part requires informed consent to allow someone else to be in control of hardware we own, and the other is to ensure it is clear that "tied selling" (IE: conditioning the access of already purchased digital content on specific devices) remains illegal in the digital economy. This is not the creation of new law, but clarifying that existing laws that have protected our property rights and the economy for hundreds of years should be appropriately applied to digital issues.

Free/Libre and Open Source Software (FLOSS) consultant.

Nope, mikemike is still absolutely wrong

Just to clear a few things up:

  1. There is no such thing as an actual free market; and particularly the market which we are discussing. The problem is that content providers want to ensure that if I want to use any hardware capable of rendering their content; then they, and not I, must have control of that hardware; regardless of whether or not I want their content or not. They are attempting to do this by both manipulating the market (working with or trying to develop monopolies in the HW and SW suppliers) and by legislative means (lobbying to make this a legal requirement). And unless I am very mistaken, that's what this blog post was originally about.
  2. The Linus Torvalds quote has more implications: what if it's not only the drivers that will need to be signed, but the operating system, or the applications? At the moment MS warns you that you are installing SW that is not signed by them (or by whoever has paid their fee)-- what if, instead of warning you, windows would not permit you to install your SW at all? Would you still feel free?

    Moving this further down the stack into hardware (thus requiring that you must use a particular OS and set of applications), as proposed by Linus, is not a functional change, only an implementation one (although a very expensive one and likely to introduce a whole new class of bugs and exploits for criminals; and making Free and openly developed operating systems and applications a thing of the past).

  3. I am registered to vote, almost certainly not in the same jurisdiction (or even continent) as you, and I do not believe that my voting choices will be reasonable on this matter without me lobbying to educate my representatives about this.

Additional thoughts on mbass's 3 points.


While we are on the same side, there are some clarifications I would like to offer.

  1. While copyright holders would "like" that they be in control, this is not possible and all the suggestions that they can be put in control is a myth. There are probably people who would "like" gravity to go away on command, so that they can fly without having to purchase an airline ticket.

When it comes to deciding what software can be installed on a computer (or any other information technology) there is really only two possibilities: the manufacturer or the owner.

While it is true that some copyright holders are making (possibly illegal) back-room deals with manufacturers, with the manufacturers (IMHO falsely) claiming that they are going to protect copyright, this is a contractual issue between manufacturers and copyright holders. I believe that many copyright holders are recognizing that giving hardware manufacturers control over what software may be installed on hardware is more harmful in the long term to their interests than ensuring that owners have the freedom to install whatever software they want.

Hollywood was formed by people who fled west to avoid the platform monopoly of the day (Thomas Edison and the other patents from the Motion Picture Patents Company on the film and projection technology). That these same studios, as well as the major music labels, are being duped into creating a new -- and far worse -- platform monopoly only shows how very little the major copyright holding lobbiests understand the technology. Even Hillary Rosen, the most vocal proponent of this concept in the past, is now publicly opposing its effects.

  • Linus Torvalds is not a political person, and I do not believe he has actually thought this issue through. The very existence of Linux and alternative operating systems is due to the fact that the owners of hardware, and not their manufacturers, can choose what software they install on their hardware. If that choice was removed, there would have been no hardware authorized to run Linux, and we wouldn't even be having this conversation as Torvalds would have been some irrelevant graduate from a European university that nobody would ever have known about.
  • Democracy is not only about voting, but far more importantly the interactions we have with government between elections. I also suspect I have a very different idea of what the problem is than people like Torvalds, "mikemike" or "Michael Brutsch".
  • Politicians and copyright holders are getting the blame for a problem that is being created by hardware manufacturers, and the grotesque misinformation they have been spreading about the "benefits" of manufacturers being granted control over what software can be installed on hardware after the hardware is sold. Governments are being duped when it comes to enacting laws such that the courts are no longer applying anti-trust laws on Information Technology the same way they would any other product or service.

    We need to shift our understanding of the problem, and do everything we can to educate politicians so that they will pass laws to protect our property rights (Which for hardware means the right to choose what software we run).

    I strongly believe that once politicians understand this issue as having nothing to do with copyright (or copyright holders), and everything to do with a battle for control between manufacturers and owners of hardware, that governments will properly protect the rights of owners. Hardware manufacturers can not be given government protected "rights", for any reason, past the point of sale.

    Free/Libre and Open Source Software (FLOSS) consultant.

    You missed the point..

    You are not "buying" something in the normal way that word is used if the manufacturer retains control after the sale.

    We are not talking about a product that is only manufactured to only be capable of doing "X" (IE: that the features can't be enhanced - cars don't fly very well), we are talking about who has control over the features that already exist in the manufactured hardware.

    People believe they are legally allowed to purchase (normal sense of the word) iPods and DVD players, and yet the laws are changing such that the rights we all legitimately expect to have as the owner are being revoked. This aspect is not a manufactured limit, but an unreasonable change in the law.

    The Betamax case confirmed the legality of time-shifting television programs in the USA. It was based on the understanding of the day that once a VCR manufacturer sold the hardware that it was the new owner that controlled it and would be responsible for any potentially infringing activity. DRM changes all of this, as hardware manufacturers who include DRM can be expected to be in control and thus held legally responsibility for any infringement by those "operating" (not owning) the hardware.

    Suggesting that people are "uneducated" who don't know that the government has given up on protecting property rights in information technology is insulting and unreasonable. I believe it is quite reasonable that a majority of educated citizens are not aware of what is going on with IT/Internet law. I also believe that many hardware manufacturers don't understand the consequences of what they are asking for, given most US hardware manufacturers rely on the Betamax to avoid liability for infringing uses of their hardware, and the inclusion of DRM is likely to revoke that legal protection.

    Whether devices like cancorders and other recording devices will be allowed to be manufactured and sold to private citizens in the future is uncertain.

    People have purchased (or rather, believe they have purchased) iPods and music from iTunes for it. Apple has unilaterally changed what features these products and services have. It is one thing to have a box that says "now with fewer features" on it (the more understood aspect of DRM), but entirely another for Apple to say "We reserve the right to remove any features we want at any time after the sale of this product".

    Your analogy is also fundamentally flawed as manufacturing a home to protect the interests of the eventual owner (IE: keeping it from sinking) is entirely the opposite of a manufacturer doing something that treats the owner as the attacker. A more correct analogy would be if the manufacturer built the home *deliberately* to sink when the manufacturer wanted it to, and lobbied for laws to make it illegal for the owner to fix their home so that it wouldn't sink. It is true that having homes sink after a few years protects the interests of the manufacturer (IE: they have to buy new homes every few years, making more money for the builders), but legally disallowing the owner from fixing any defects in their home is quite clearly a violation of their property rights. It is not the home owner, but the builder who should be in court up on charges in your scenario.

    Free/Libre and Open Source Software (FLOSS) consultant.

    Owners are not Users

    While I agree with your motives, I don't think equating user rights with property rights is a very good argument for the gplv3's anti DRM clause - or for DRM resistance in general.

    The reason is that if we do implement a DRM policy based around property ownership rights, then it's easy for hardware vendors and other abusers of freedom to circumvent simply by retaining ownership of the hardware.

    Think about it: Suppose Apple's just renting you an iPod or an Xbox? They're designed to wear out after the warranty expires anyway. Mobile phones already receive subsidies for service subscription. It wouldn't be that far of a leap. In such a scenario, not only would you be a felon for circumventing copy controls (which is bad enough), but a vandal, tampering with another person's property.

    While physical property is certainly a convenient and accessible argument as it stands, and is quite applicable in many current contexts, it's critical to note that the FSF's mission is to protect the rights of //users// - not just //owners//.

    To illustrate, imagine you had a device that you wanted to loan to your child. As the owner of the device, you have the right to lock it down so that it doesn't run code you have not signed or approved - right? Unfortunately, this is exactly the kind of behaviour the GPLv3 would prohibit, even though it's justified by your property rights. So, you could only perform this kind of lock down if you used software not covered by the GPLv3. That's a genuine feature lost - but it's the price we pay for making sure we are not treated like children ourselves by our corporate plutarchs.

    The right to dispose of our own property - with DRM or without it - should not be given up lightly. We should weigh carefully, and I think it should be something that software developers should decide for themselves.

    Points of disagreement

    I am not equating tangible property rights of hardware with user rights (of software or of digital content), but suggesting that these are all independent things that need to be analysed as independent.

    No matter what rights a software author (copyright holder) may have, an no matter what rights the copyright holder may have, these must be understood separately from the rights that the owner of the device has.

    We should not "Rob Peter to pay Paul" by claiming it is legitimate to renege on protecting the tangible property rights of hardware owners to protect the intangible copyright of software authors or other copyright holders.

    If Apple was renting, rather than pseudo-selling, the iPod and the Macintosh (Remember: they claim the right to decide features of your personal computers as well), then that would deal with the property rights issue. I don't see that as a problem, or as a loophole. It would switch the debate to contract law, and the rights of people who rent which is separate from the rights of people who own. I also think that hardware vendors would not want to be in the rental business, as it is far more risky and they retain quite a bit more responsibility for the hardware. In the case of communications technology it would likely be the hardware manufacturer that would get sued for any copyright infringement committed using their hardware, not the renter/operator, given that it is often the owner of something that is presumed responsible when they are in control (And DRM is intended to keep the manufacturer in control, and thus more liable).

    While I believe that software developers should be able to decide what software they wish to author, that is also independent of whether or not the owners of hardware should have the legally protected right to decide what software they install on their own computers (including what software they choose to remove). If a hardware owner does not like the terms that Apple or Microsoft offer for operating systems, it should be their legally protected right to remove all existing software and install Linux or *BSD. The special interests of the manufacturers of the hardware, or of any software pre-installed on the hardware, should be totally irrelevant.

    Software authors are and must be restricted by license agreements when they wish to run, copy or modify the source code of other people. It is not the legal right of device driver authors to include binary-only drivers linked within the Linux kernel (Most people recognize that this is a violation of GPLv2), and must put those drivers (if it is worth doing at all as binary-only) in user space. The same will be true of DRM which may be lawful for an author to put in their software, but should not be lawful to embed within hardware in a way that disallows the owner to install any software of their choice, and should not be lawful for a copyright holder to condition the access of content to specific DRM-encumbered hardware or software (something that was previously -- or currently, depending on your country -- unlawful under competition law).

    "To illustrate, imagine you had a device that you wanted to loan to your child. As the owner of the device, you have the right to lock it down so that it doesn't run code you have not signed or approved - right?"

    Please re-read the license, as this is not an example of something that the GPLv3 would prohibit. I believe that much of the disagreement I've seen with the GPLv3 enhancements is based on FUD or misunderstand of the license. Your example is not the use of a technical measure to prohibit the owner of the device from being in control of the device, or an attempt to use a technical measure to circumvent the copyleft nature of the GPL. What you describe is a perfectly legitimate use of a technical measure applied by the owner of the device to protect the interests of that owner -- in other words, the type of freedom which the GPLv3 is designed to PROTECT, not prohibit.

    Free/Libre and Open Source Software (FLOSS) consultant.

    Please also read/comment to article posted on CLUEcan.ca website

    I have written an additional article, "Torvalds' comments on GPLv3 committees refuted: Looking for feedback" which I hope people will read and reply to in the CLUEcan.ca general discussion mailing list.

    Free/Libre and Open Source Software (FLOSS) consultant.