Red Hat possibly in violation of the DMCA?
Results 1 to 3 of 3

Thread: Red Hat possibly in violation of the DMCA?

  1. #1
    Senior Member
    Join Date
    Aug 2001
    Posts
    233

    Red Hat possibly in violation of the DMCA?

    Hey folks. I haven't seen this posted here yet, and it was an interesting read when I found it, so I thought I would share. The story can be found here:

    http://www.theregister.co.uk/content/4/27636.html


    here are a couple of excerpts from that article:

    Red Hat has struck a small blow against the DMCA, by publishing a security patch which can only be explained fully to people who are not within US jurisdiction

    ... when we asked Red Hat about it we got an official comment which at least partially explains it: "RHSA- 2002-158 is an errata kernel which addresses certain security vulnerabilities. Quite simply, these vulnerabilities were discovered and documented by ppl outside of the US, and due to the Digital Millenium Copyright Act legislation in the US, it is potentially dangerous to disclose any information on security vulnerabilities, which may also be used in order to circumvent digital security - i.e. computer security. For this reason, RH cannot publish this security information, as it is not available from the community in the first instance. The www.thefreeworld.net site allows for accessing this information, but requires you agree to terms which protect the author and documenter of the patches from being accusations that they themselves have breached DMCA."

    Got that? In some instances at least, the very act of explaining what has been fixed by a security patch could be construed as explaining how the security of a product could be breached, and hence could be viewed as a breach of the DMCA.



    So what's your thoughts on the DMCA now? I know there have been some fairly spirited discussions about this topic before, but this article really drives home how archaic, heavy handed, and just plain wrong the DMCA really is.




    El Diablo

  2. #2
    Senior Member problemchild's Avatar
    Join Date
    Jul 2002
    Posts
    551
    This isn't the first time this has happened. A while back, Alan Cox released some kernel patches and refused to elaborate on the kernel mailing list because it reached US citizens:
    Newsgroups: mlist.linux.kernel
    Subject: Re: Linux 2.2.20pre10
    X-To: ahu@ds9a.nl (bert hubert)
    Date: Mon, 22 Oct 2001 12:30:02 +0100 (BST)
    X-Cc: linux-kernel@vger.kernel.org
    MIME-Version: 1.0
    Content-Type: text/plain; charset=us-ascii
    Message-ID: <linux.kernel.E15vdHO-0001ds-00@the-village.bc.nu>
    From: Alan Cox <alan@lxorguk.ukuu.org.uk>
    Approved: news@nntp-server.caltech.edu
    Lines: 15


    > > 2.2.20pre11
    > > o Security fixes
    > > | Details censored in accordance with the US DMCA
    >
    > Care to elaborate?

    On a list that reaches US citizens - no. File permissions and userids may
    constitute and be used for rights management.

    Alan
    -
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/
    Newsgroups: mlist.linux.kernel
    Subject: Re: Linux 2.2.20pre10
    X-To: davidsen@tmr.com (bill davidsen)
    Date: Mon, 22 Oct 2001 17:49:42 +0100 (BST)
    X-Cc: linux-kernel@vger.kernel.org
    MIME-Version: 1.0
    Content-Type: text/plain; charset=us-ascii
    Message-ID: <linux.kernel.E15viGk-0002Xu-00@the-village.bc.nu>
    From: Alan Cox <alan@lxorguk.ukuu.org.uk>
    Approved: news@nntp-server.caltech.edu
    Lines: 17


    > And who will be maintaining the world and us-castrated kernel source?

    Im not aware of any probl;ems distributing fixed source

    > I can't imagine anything worse for the security of this country than not
    > allow computer users access to security issues.

    As it stands I cannot legally advise the US security services about Linux
    security issues. Normally I'd find this excruciatingly funny but in the
    current circumstances its rather less humourous.

    Alan
    -
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/
    Do what you want with the girl, but leave me alone!

  3. #3
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Red Hat are trying *not* to breach the DMCA - obviously because they saw what happened to Skylarov et al.

    It is a rediculous law but as they are based in the US they have to comply with it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •