[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Mass bug filing: Cryptographic protection against modification

On Tue, May 04, 2004 at 08:11:03PM +1000, Herbert Xu wrote:
> Consider the hypothetical case of a piece of firmware for a peripheral
> device that is protected by a cryptographic signature such that the
> device will reject anything that is not signed using a specific key.
> Let's further assume that that the said firmware is distributed with
> full source (but without the private key used to make the signature)
> and a license saying that you can do whatever you wish with it.
> Do you consider this piece of firmware to be distributable in Debian main?

At a first glance, yes.  The software may have uses other than operation in
the hardware for which it may originally have been designed for.  Also, the
restrictions on use aren't licencing, nor do they effect Debian.

There would be several practical problems that I can see, however - we'd
want to be able to build from source, and since the resultant binary would
need to be signed, the value of the packaged software would be limited. 
Hence we're back to distributing effectively unmodifiable binary blobs.  At
least we've solved the no source problem, though.  It's a thorny problem,
certainly.  I'd say that it would probably be rejected (on the grounds of
"no buildability") by ftpmasters, but if somebody found some other use for
the code and it was packaged that way, it would almost certainly get in.

I'll be interested to see what happens when we get software in that
situation proposed for Debian.

> Substitute firmware with software for Digital Rights Management.

DRM illustrates the problem nicely, but it's a slightly different issue,
because it's really a supported architecture problem rather than a "utility
of software" problem.

- Matt

Reply to: