-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Julian Oliver wrote: > ok. the method of signing clearly does breach the GPLv3, in the sense > that client functionality with a specific server is "interfered with". > > this was not a problem with the GPLv2. > > i'll need to read more about this to understand the full scope of that > change. > > i wonder how this implicates upon Linus and IBM's favoured TPM module? > > http://en.wikipedia.org/wiki/Trusted_Platform_Module
This doesn't implicate the module at all. The module could be perfectly legally used by GPL code - e.g. to generate or store cryptographic keys for file system encryption (this is what it is used for by Linux, AFAIK). What you cannot do is to use the module to prevent running GPL code that was not signed by some secret keys that weren't distributed with the source. > well, in the quote two-above they do specifically mention a hardware > trigger. They do not - the part about the signing keys is from the FAQ explaining one specific case, not the actual license text. The other part from the actual license speaks about "installation information" - whether the key check is done in hardware, software or by a hired goon is completely irrelevant. > at the end-of-the-day, the problem of cheating is created by the > game-designer, i think, not the players: when game-play is built around > surviving in a world where resources are scarce, competition between > people increases. factor in subscription costs and an opportunity for > people to exert social and/or physical power over others and 'cheating' will > seem like an increasingly desireable solution for many. Well, that is a poor point of view - most games are built around the notion of competition or a goal to achieve. If you remove that, the game play will be lost. Where cheating becomes possible is when you are putting trust in inappropriate places - such as piece of software not under your control. This is basic information security and many game designers seem to think about this only as an afterthought, after solving all the cool explosion effects and fancy physical simulations. Also a lot of people seem to think that just bolting on some crypto will solve their problems, resulting in a solution where you have a bulletproof front door and wide open windows. If you want to get the security right, you need to design for it from start and make a lot of tradeoff-s between security, performance and practicality of the solution. Jan -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mandriva - http://enigmail.mozdev.org iD8DBQFHeA4Yn11XseNj94gRAlSyAKCgnWqlw+xIw5OYdiB76Qs8nAOfswCffnYF SocIs0zvdldnsmWh6Nr+TpA= =UChl -----END PGP SIGNATURE----- _______________________________________________ Soya-user mailing list Soya-user@gna.org https://mail.gna.org/listinfo/soya-user
