[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Is distribution of cracked Texas Instruments signing keys illegal according to DMCA?

Dear debian-legal members,

While working on packages related to Texas Instruments (TI) graphical
calculators [1] I decided to package rabbitsign [2]. This application
includes TI signing keys that was requested by TI to be removed from
various places (including Wikipedia [3]). Currently some of those keys
are available on Wikileaks [4]. Most (if not all) keys are available
from [5].

While most sites removed keys on TI requests, Electronic Frontier
Foundation (EFF) stated [6] that "TI's DMCA claim fails for another
reason, as well: running software of your choice on your calculator
has no "nexus" with copyright infringement". And warned Texas
Instruments "not to pursue its baseless legal threats against
calculator hobbyists" [7]. I'm not an US citizen, so I don't have any
knowledge about US copyright law.

Is distribution of cracked Texas Instruments signing keys illegal
according to DMCA? If it's legal then rabbitsign can be included in
Debian. If not, is it legal to remove TI's keys and include rabbitsign
in Debian (it will still be usable with community-created "0005" key
which anyone can use to sign their own third-party OS). Finally, is it
possible that signing application is illegal at all, no matter if
distributed with or without keys, because it "circumvents DRM"?

[1] namely TiEmu, TiLP and their dependencies
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=533838
[3] http://en.wikipedia.org/wiki/Texas_Instruments_signing_key_controversy
[4] http://wikileaks.org/wiki/Suppressed_Texas_Instruments_cryptographic_signing_keys,_28_Aug_2009
[5] http://db48x.net/TI-keys/keys.shtml
[6] http://www.eff.org/deeplinks/2009/09/ti-leave-those-kids-alone
[7] http://www.eff.org/press/archives/2009/10/13

(Please CC me. I'm not subscribed.)

Best regards,
Krzysztof Burghardt <krzysztof@burghardt.pl>

Reply to: