As Bruce Perens points out at this blog entry, it is very
much possible to design a product, particularly an embedded Linux device such
as a mobile handset with all the usual bits and pieces (DRM for mobile media
content, SIM locks, etc.) while preserving the freedom of Free Software.
I'm really pissed off by the kind of FUD that big vendors try to spread about
it. There are so many claims that the user has to be locked down, that he
cannot be allowed to modify/replace the Linux kernel or other bits of the
software stack, etc.
I can only agree full-heartedly with Bruce's article. Such claims are all
bullshit. I've worked for a long enough time with Free Software, the Licenses
involved, the legal framework of those licenses (Copyright Law), the Hardware
Industry, lately even a mobile handset manufacturer. I've seen the software
and hardware architecture of a number of phones myself by reverse engineering.
Never have I found any reason why the bright-line philosophy (see Bruce's
article) should not result in a perfectly working, all-interests-satisfied
Let me use this opportunity to point out my disappointment at the failure of
Motorola to solve this problem properly. Instead of designing their MotoMAGX
family of handsets in a way that preserves the freedom of the Free Software
[community, users] and protects their valid business interests, they chose to
go the easy shortcut of walking borderline on what they think the GPL permits
them: They use cryptographically signed kernel images, a bootloader that only
accepts binaries signed by them, plus a kernel that only accepts signed
modules, plus a SELinux locked-down userspace that is very restrictive on
what userspace programs can still do.
This would all be nice and good _if_ they were to provide the user with a way
to either sign his own kernel images with their key, or (better) to store his
own signature in the bootloader. So the hardware would accept Motorola-signed
kernels and kernels signed by the user (actual owner!) of the device.
The further proprietary bits of the software stack required for DRM
protection can simply refuse to operate if not run under a Motorola-signed
kernel. Especially with TPM's and similar technologies becoming more
widespread in the mobile world, there is a very straight-forward solution to
this problem. The bootloader can store the hash of the kernel image in some
TPM protected register, and the proprietary DRM system can refuse to operate if the hash is not the original one.
With regard to SIM-Lock, Operator-Lock and all the other locks: As Bruce
points out, those are restrictions of the GSM/3G modem. All implemented in the
firmware of this device. It doesn't matter if you run Windows Mobile, Symbian,
Motorola's own locked-down Linux kernel or a custom user-built Linux kernel on
the application processor. The various GSM/3G related locks are never
implemented on that processor, but on the baseband side.
I hereby challenge the mobile industry to come up with hard, technical fact
about what particular problem they have in designing open, FOSS-compatible
devices, where every user can modify and/or replace the FOSS programs, while
ensuring the integrity of their DRM, IPR, SIM lock and other business model
related technologies. I will sit down and look at any such issue brought
forward and I'm extremely confident that for all of such problems there's a
straight-forward technical solution (bright-line in Bruce's terminology) which
will not require the proprietary or FOSS side to make any sort of moot
If not only for the reason of legal safety and security, such solutions should
always preferred to going borderline with FOSS licenses or against the FOSS
developers and users community!