Stories
Slash Boxes
Comments

News for nerds, stuff that matters

Hifn Restricts Crypto Docs, OpenBSD Opens Fire

Posted by ScuttleMonkey on Wed Jun 14, 2006 06:45 AM
from the don't-tread-on-me dept.
Mhrmnhrm writes "After totally closing off public access to documentation for their chips roughly five years ago, Hifn is again offering them, but with an invasive registration requirement. Needless to say, Theo de Raadt and the rest of the OpenBSD team were not amused, and following a Hifn manager's missive, the gauntlet has been thrown. Either open the docs fully, or be removed from the system. This wouldn't be the first time... the same thing happened to both Adaptec and Intel following similar spats."

Related Stories

[+] Mobile: Update On OpenBSD Firmware Activism 134 comments
putko writes "Here's an update on the OpenBSD firmware activism. Basically, Intel says no. Plenty of contact info, in case you want to write someone an email or a phone call. As Theo writes, 'Without these firmware files included in OpenBSD, users must go do some click-through license at some web site to get at the files. Without those files, these devices are just bits of metal, plastic, and sand.'" While I applaud the notion behind Freer distribution (as in beer) it's also highly probable that Intel doesn't have much ground make them freer - we've seen this before on machines like the HP nw8000; basically, the wireless stuff is owned by someone else, licensed by Intel. That's not to say that the fight isn't worth fighting for freer distribution - it is. But if you want to make your voice heard, remember to be effective advocate.
[+] Hardware: OpenBSD Clashes with Adaptec In Quest for Docs 367 comments
TrumpetPower! writes "OpenBSD developers have been asking for documentation from Adaptec for over four months. Adaptec's response has been to deliberately misunderstand what is being asked of them. A former Adaptec employee admits that the hardware is buggy and tricky to get right. So, as a result, OpenBSD 3.7 will ship without Adaptec RAID support. Personally, I'm glad that Theo isn't resting on his laurels."
This discussion has been archived. No new comments can be posted.
Display Options Threshold:
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • Go Theo. (Score:4, Funny)

    They obviously don't know who they are dealing with.

    This should get really interesting.

    • Re:Go Theo. by thc69 (Score:2) Wednesday June 14 2006, @06:56AM
    • Indeed by mnemonic_ (Score:1) Wednesday June 14 2006, @08:25AM
      • Re:Indeed by Anonymous Coward (Score:1) Wednesday June 14 2006, @02:26PM
    • Re:Go Theo-Batter up. (Score:5, Interesting)

      by Svartalf (2997) on Wednesday June 14 2006, @08:40AM (#15531651)
      (http://www.earlconsult.com/)
      It's the most security oriented. Funny...a crypto chip vendor spurning the most security oriented
      OS developers' desires for unfettered acces, etc. No personal info should need to be given to a
      vendor unless he's entering into a sales relationship with them. Honestly- too much risk of Identity
      Theft through this sort of thing.

      Seriously, I'd have to agree with him on this one- and I'm from the Linux camp and would be driving
      sales into that segment very shortly. I'd be making a big stink about it too. And what's sad about
      all these vendors is that they're doing nothing but pissing off the people that'd be helping them
      sell chips.

      In reality, the vendors are doing this because idiot IP lawyers tell them to do so. There should
      be no IP revealed in the systems interfaces to a device. It should be the silicon equivalent to
      an API. If there is IP honestly revealed, then you've got something new, and the patent itself
      should be sufficient to protect it. If you're trying to hide a design flaw by not revealing info-
      don't. You should design devices with interfaces that make sense and are system safe or can be made
      so with the right device driver code.

      Keeping it secretive helps nobody in reality. For example, ATI's drivers work adequately on the
      desktop space but are less performant on at least part of the laptop line under Linux- because of
      a design/coding flaw in the closed source drivers. I can't reccomend anyone get a laptop with an
      ATI based display because they just don't seem to work as well. If someone had source code and
      technical data access they could most likely fix the problems in question- unless the chip had a
      design hickey. Even then, unless it's something that would compromise security, it should be
      able to be coded around- Windows drivers can do Sideport memory correctly, why can't the Linux
      support do the same thing?

      At any rate, I believe I've drifted from the conversation... Yes Theo's got a niche play- but
      in the segment that Hifn's in, it's an important one all the same.
      [ Parent ]
    • 3 replies beneath your current threshold.
  • By my math... (Score:3, Insightful)

    ...I count 12 required fields where you have to enter data.

    Is this worth throwing a hissy fit over? Once one person downloads the docs, they can distribute them.

    • Re:By my math... by tygerstripes (Score:3) Wednesday June 14 2006, @07:02AM
    • Re:By my math... (Score:5, Insightful)

      by Deliberate_Bastard (735608) <doslund@cs.ucr. e d u> on Wednesday June 14 2006, @07:02AM (#15531131)
      >I count 12 required fields where you have to enter data.

      >Is this worth throwing a hissy fit over?

      And I count one (1) principle at stake.

      Which is *always* worth throwing a fit over.
      [ Parent ]
    • Re:By my math... by linvir (Score:3) Wednesday June 14 2006, @07:05AM
    • Re:By my math... (Score:5, Insightful)

      by bhima (46039) <Bhima.Pandava@gmai[ ]om ['l.c' in gap]> on Wednesday June 14 2006, @07:22AM (#15531228)
      Yes.

      You have to sign an NDA to get the documents. So you would be violating the NDA to redistribute them.

      There isn't a business advantage to this sort of secrecy because your competitors can easily obtain this same information through a blind. So it comes down to policy motivated by irrational fear & greed. Who needs to really deal with company with these qualities?

      This topic is of primary interest to me because I am shopping for a crypto accelerator card right now, for use in the fall. Given the success and ease I have had using OpenBSD, and given the great support I have from the mailing lists, this is a reasonable criterion to use when purchasing hardware. In fact at some point of the decision making process for all of my hardware I have done a search on the OpenBSD mailing lists. This sort of information makes installation and maintenance a simple thing.

      So it really does boil down to unless the OpenBSD group recommends a certain piece of hardware I won't buy it...
      [ Parent ]
    • Re:By my math... by gkhan1 (Score:1) Wednesday June 14 2006, @07:46AM
    • Re:By my math... by Intron (Score:2) Wednesday June 14 2006, @09:11AM
    • Re:By my math... by RemovableBait (Score:1) Wednesday June 14 2006, @12:38PM
    • 1 reply beneath your current threshold.
  • Theo (Score:5, Insightful)

    by dirtyhippie (259852) on Wednesday June 14 2006, @06:56AM (#15531113)

    Oi, Theo! I agree with you 100%, but please, tone down the virtiol just a smidge! From TFA:

    Jason and I spent a lot of time writing that code in the past, but because your policies are privacy invasive towards us, and thus completely thankless for the sales that we have given you in the past -- we will not spend any more time on your crummy products.

    And if you continue baiting me, I will delete the driver from our source tree.

    Calling their products "crummy" and threatening them with driver deletion if they don't stop "baiting" you is not a way to get what you want. Now it means some egomaniacal manager has to eat crow for the driver to go public. I was in 100% agreement with your post until I got to this point.

    Sometimes, I wish someone would just slip some sort of tranquilizer in the water supply near Alberta...

    • Re:Theo (Score:5, Insightful)

      In fairness you do not know what has gone before. Theo mentions "personal emails" and "previous discussions".

      Some people just do not listen unless you threaten them like this. It must've been the last straw..
      [ Parent ]
      • Re:Theo by gowen (Score:1) Wednesday June 14 2006, @07:08AM
        • Re:Theo by flumps (Score:1) Wednesday June 14 2006, @07:14AM
          • Re:Theo by gowen (Score:1) Wednesday June 14 2006, @08:09AM
            • Re:Theo by 1u3hr (Score:2) Wednesday June 14 2006, @08:25AM
            • Re:Theo (Score:5, Interesting)

              by the_B0fh (208483) on Wednesday June 14 2006, @09:57AM (#15532191)
              (http://www.bofh.to/)
              Has any one who badmouths Theo actually tried to talk to him? I've communicated with him without any issues. Just because a person has principles, and stands up for those principles, loudly, doesn't mean he is an asshole.

              Looking at the NetBSD issue, Theo was bitching about developers who kept introducing security holes - I dunno about you, but I'd bitch slap people who keep introducing security holes too, else you end up with something like Windows.
              [ Parent ]
              • Re:Theo by the_B0fh (Score:2) Thursday June 15 2006, @10:45AM
              • 1 reply beneath your current threshold.
            • Re:Theo by LandruBek (Score:1) Thursday June 15 2006, @12:24AM
        • Re:Theo by Bin_jammin (Score:3) Wednesday June 14 2006, @07:16AM
      • Re:Theo by JanneM (Score:1) Wednesday June 14 2006, @07:15AM
        • Re:Theo by Plammox (Score:1) Wednesday June 14 2006, @07:37AM
          • Re:Theo by BVis (Score:3) Wednesday June 14 2006, @09:32AM
        • Re:Theo by Anonymous Coward (Score:3) Wednesday June 14 2006, @08:09AM
    • Re:Theo by Entropy (Score:2) Wednesday June 14 2006, @08:34AM
    • Re:Theo by Yvanhoe (Score:2) Wednesday June 14 2006, @08:47AM
    • Kudos to theo by wardk (Score:2) Wednesday June 14 2006, @10:14AM
    • Re:Theo by top_iguana (Score:1) Wednesday June 14 2006, @11:19AM
      • Re:Theo (Score:4, Interesting)

        by number11 (129686) on Wednesday June 14 2006, @04:30PM (#15535317)
        8 or 10 years ago we didn't have the wars of today, road side bombs, remote detonation with cell phones, and all other types of devices.

        Yeah, "we" had a lot of that stuff (the Mossad was the world expert on killing people via cell phone), it's just that at that time the US hadn't attacked and occupied Iraq, so those things mostly weren't happening to Americans.

        Consider it a neccesary evil of sorts. Not our fault, just a result of terror.

        You're right that it's an evil, but it's not necessary. You don't think "bad people" can get copies of the data sheets? That's stupid. I can think of half a dozen ways to get the info, and you probably can too. Besides, you can't build a bomb from a chip data sheet. And on the other side of the coin, there is absolutely no reason to believe that the information will be used only for export control. Or, as far as that goes, even for legal purposes, since Bush has made it clear that he views himself and his security forces as above the law.

        People who put their life on the line (IEDs) while you confortably sit back and code.

        I feel terrible about that. But the thing is, they're not doing it for me (whatever they may think), because Iraq never was a threat to me. Bush & Cheney didn't invade Iraq because of terrorism, they did it for political reasons. And they didn't do it to "free the Iraqis", because there are any number of other countries whose governments are even more oppressive, but remain unattacked.

        Before the attack, Iraqis lived under a thuggish dictator who killed thousands. They also had electricity, women could work outside the home, and they could drive their cars without fear of being stopped and killed at some random checkpoint or machine-gunned by panicky American troops. Today, the thousands are instead killed by US troops, Interior Ministry death squads, religious militias, Al Quaida, and random car bombs. And there's not much electricity.

        I don't know what the answers are, but I'm positive that collecting identifying info on people who want to look at chip data sheets is not one of them.
        [ Parent ]
      • Re:Theo by greenrd (Score:2) Wednesday June 14 2006, @06:09PM
      • 1 reply beneath your current threshold.
    • Re:Theo by Anonymous Coward (Score:1) Wednesday June 14 2006, @07:35AM
      • Re:Theo by BVis (Score:2) Wednesday June 14 2006, @09:40AM
      • 2 replies beneath your current threshold.
    • Re:Theo by Anonymous Coward (Score:2) Wednesday June 14 2006, @07:44AM
    • Re:Theo by Anonymous Coward (Score:1) Wednesday June 14 2006, @07:54AM
      • Re:Theo by Bilestoad (Score:1) Wednesday June 14 2006, @07:08PM
    • Re:Theo (Score:5, Interesting)

      by ScouseMouse (690083) on Wednesday June 14 2006, @07:56AM (#15531422)
      (http://www.salkin.co.uk/)
      The fact that he *does* stick to his principles despite people telling him just how out dated and un-capitalist he is, is the reason i *do* use open source.

      The problem is that Manufacturers seem to have the idea that they can dictate terms to the people who produce software to run on their hardware. Unfortunately, In the majority of cases, that appears to actually be the case.

      The insulting thing in the original email was that he should be expected to comprimise his principles to support other people's profit, and as he is *not* being paid by Hifn, I personally see that it is well within his rights to not support the hardware in question.

      Perhaps if you went up to some Civil rights protestor in the 1960's and said that this entire equality thing was a bit silly, and they should just accept these limitations, because its convenient for the asker, you may get a similar response.

      Yes, i know this is a bit contrived, however, its worth noting that there are people who consider this sort of thing a matter of Civil rights. The right to be able to do whatever you want with the electronics in your computer, as opposed to what someone you have never met tells you.

      Some people do consider this sort of thing a huge insult, and if putting it in plain language offends you enough that you dont use open source software, then i feel sorry for you. Your missing out on a lot of great software written by people who love what they do, however thats your choice.
      [ Parent ]
      • Re:Theo by gowen (Score:1) Wednesday June 14 2006, @08:17AM
      • 1 reply beneath your current threshold.
    • Re:Theo by Casualposter (Score:3) Wednesday June 14 2006, @08:09AM
    • 3 replies beneath your current threshold.
  • Well, theres a surprise. (Score:5, Insightful)

    That's a typical OpenBSD discussion, in which Theo DeRaadt
    i) is basically right
    ii) still manages to sound like spoiled whiny tosser in the process.
  • Personal Info == Legal Tender (Score:5, Interesting)

    by TripMaster Monkey (862126) * on Wednesday June 14 2006, @07:07AM (#15531148)


    From Theo's response:
    "50 personal questions" is not open access. Please don't lie about it.


    Theo is essentially taking the position that personal information is tantamount to currency, and therefore, requesting personal info is tantamount to charging...hence, HIFN can no longer be considered Open Source. This position may currently be confined to OSS in general and the HIFN question in particular, but it's not difficult to imagine this argument generalized to apply to any situation in which an entity requests personal information. Personal info needs to be treated as the valuable commodity that it is...kudos to Theo for taking a stand on this issue.

    Theo also addreses something many of us here are worried about:
    >Registration at our extranet is required along with an email address
    >that can be confirmed. We cannot support anonymous FTP or http
    >downloads. The reason for this is that we are required by the
    >conditions of our US export licenses to know who and where our customers
    >are. If anyone objects to registration then we could not sell them
    >chips anyway so it does not seem an unreasonable restriction to us.

    So the personal information you ask for in the registration process
    will be given to the US government if they ask? Without court
    documents demanding the information?


    Even disregarding the 'personal info == currency' argument outlined above, this objection stands on its own. HIFN is basically stating that yes, the info gathered will be handed over to the U.S. government on request, to satisfy their licensing requirements. This alone is a deal-breaker.

    Theo sums his entire argument up beautifully here:
    We are not your customers. YOU ARE OUR CUSTOMER. Our driver sells
    your chips.

    I know that our hifn driver has some problems. But because I cannot
    get data sheets without giving you private information, I will not
    spend even one moment more of my time to improve support for your
    products. Jason and I spent a lot of time writing that code in the
    past, but because your policies are privacy invasive towards us, and
    thus completely thankless for the sales that we have given you in the
    past -- we will not spend any more time on your crummy products.


    Well said, Theo. I for one don't care to support a company who engages in such practices, and I would rather see no support for a product than half-assed support, because the driver writers were not allowed full, unfettered access to the data sheets.

    And finally from Theo's response:
    And if you continue baiting me, I will delete the driver from our
    source tree.

    I stand by my statement that HIFN is not open.


    Don't just say it, Theo, do it. If you stand by your statement, then HIFN has no place in the source tree, and should be deleted immediately.
  • Export regulations? (Score:3, Insightful)

    by nonmaskable (452595) on Wednesday June 14 2006, @07:07AM (#15531154)
    I didn't see any useful discussion of the key point in Cohen's email:


    Registration at our extranet is required along with an email address
    that can be confirmed. We cannot support anonymous FTP or http
    downloads. The reason for this is that we are required by the
    conditions of our US export licenses to know who and where our customers
    are. If anyone objects to registration then we could not sell them
    chips anyway so it does not seem an unreasonable restriction to us.


    With a choice between "make Theo happy" and "violate export regulations" it doesn't seem like Hifn is exactly trying to "bait" Theo or OpenBSD.
    • Re:Export regulations? by tygerstripes (Score:2) Wednesday June 14 2006, @07:16AM
      • Re:Export regulations? (Score:4, Informative)

        by nonmaskable (452595) on Wednesday June 14 2006, @07:46AM (#15531358)
        I really don't see how this is supposed to be a violation of export licences

        AFAIK (and IANAL), detailed hardware documentation is considered the same as the product under the export license laws. Cryptographic technology actually falls under an even more restrictive license class - munitions.

        http://en.wikipedia.org/wiki/Export_of_cryptograph y [wikipedia.org]

        Read the "Current Status" section. My point is that Hifn isn't "baiting" anyone. You might disagree with their lawyer or think it's your right to demand that Hifn fight "the man", but that's another issue.
        [ Parent ]
        • Re:Export regulations? (Score:4, Insightful)

          by TripMaster Monkey (862126) * on Wednesday June 14 2006, @08:09AM (#15531482)

          AFAIK (and IANAL), detailed hardware documentation is considered the same as the product under the export license laws.

          Please post links supporting this contention, or withdraw it.

          Cryptographic technology actually falls under an even more restrictive license class - munitions.

          Whle this is true, the source code can still be legally exported in written format, since it falls under Free Speech.

          From this article [goingware.com]:

          And interestingly, you can't ban the export of a book, because a book is a form of free speech, and free speech is protected by the first amendment to the United States Constitution. So when a new version of PGP becomes available in the United States, it's source code is simply published in book form and mailed overseas, where the source can be retrieved by scanning it and using inexpensive optical character recognition software to convert the printed pages back to machine-readable program text files.
          Given that, as you stated, crypto falls under the even more restrictive license class of 'munitions', if you can export PGP source code without violating U.S. export restrictions, I'm betting you can export data sheets too.

          My point is that the HIFN's explanation of their requirement for personal info to satisfy their U.S. export license is pure codswallop, your nonsensical comments about HIFN 'fighting the man' notwithstanding.
          [ Parent ]
          • Re:Export regulations? by nonmaskable (Score:3) Wednesday June 14 2006, @08:42AM
            • Re:Export regulations? (Score:4, Insightful)

              by TripMaster Monkey (862126) * on Wednesday June 14 2006, @09:19AM (#15531900)

              The applicable categories are obvious.

              If they're so obvious, why didn't you post links to those categories, or better yet, applicable excerpts?

              Don't forget to read interpretations

              Fair enough...I read through Part 770 - Interpretations [gpo.gov], but strangely enough, the word 'documentation' is only used once in the entire document. I've posted the relevant passage for clarity:

              (2) Export documentation requirement.

                        (i) When preparing a license application for a
              numerical control system, the machine tool and
              the control unit are classified separately. If either
              the machine tool or the control unit requires a
              license, then the entire unit requires a license. If
              either a machine tool or a control unit is exported
              separately from the system, the exported
              component is classified on the license application
              without regard to the other parts of a possible
              system.

                                (ii) When preparing the Shipper's Export
              Declaration (SED) or Automated Export System
              (AES) record, a system being shipped complete
              (i.e., machine and control unit), should be
              reported under the Schedule B number for each
              machine. When either a control unit or a machine
              is shipped separately, it should be reported under
              the Schedule B number appropriate for the
              individual item being exported.

              Please explain how the above supports your contention that 'detailed hardware documentation is considered the same as the product under the export license laws'.

              and supplement 2.

              Which supplement 2? The Supplement No. 2 to Part 764 - Denied Persons List [gpo.gov], or the Supplement No. 2 to Part 774 - General Technology and Software Notes [gpo.gov]? (HINT: Neither supplement contains anything to support your contention that 'detailed hardware documentation is considered the same as the product under the export license laws'.)

              In short, it looks like you thought you could try to justify your argument by pointing me to a ridiculously large government document, and then hoping I wouldn't bother to actually read it. You thought wrong.

              I'm not going to respond to the rest of your rant,

              Translation: I can't refute it, so I'll shut my eyes and pretend it's not there.

              other than to suggest you get legal advice somewhere other than mailing lists and agitprop web sites.

              And this from the person who qualified their original contention with 'AFAIK' and "IANAL'. Pot, meet kettle.
              [ Parent ]
              • by nonmaskable (452595) on Wednesday June 14 2006, @03:29PM (#15534916)
                The applicable categories are obvious.
                If they're so obvious, why didn't you post links to those categories, or better yet, applicable excerpts?


                Laziness. Category 5pt2, and 4 & 5pt1 also. Look how broad ITAR 120.10 is (and according to another poster in the thread they can also classify info as a "service" and use those sections).

                In short, it looks like you thought you could try to justify your argument by pointing me to a ridiculously large government document, and then hoping I wouldn't bother to actually read it. You thought wrong.

                I thought right. It looks like you searched a couple of sections for the word "documentation" without even trying to follow it. Understanding "ridiculously large" and complex laws that put people in jail is hard, that's why lawyers get paid big.

                other than to suggest you get legal advice somewhere other than mailing lists and agitprop web sites.
                And this from the person who qualified their original contention with 'AFAIK' and "IANAL'. Pot, meet kettle.


                Or with more thought and less attitude you might infer that I take my own advice.

                I'm not going to respond to the rest of your rant,
                Translation: I can't refute it, so I'll shut my eyes and pretend it's not there.


                Better translation: Oops, I'm wrestling a pig in mud.
                [ Parent ]
              • 1 reply beneath your current threshold.
          • This is exactly how PGP was exported. by btarval (Score:2) Wednesday June 14 2006, @10:14AM
          • 2 replies beneath your current threshold.
        • Re:Export regulations? by nacturation (Score:2) Friday June 16 2006, @09:48AM
      • Maybe not? by Frosty Piss (Score:1) Wednesday June 14 2006, @07:52AM
        • Re:Maybe not? by Bogtha (Score:2) Wednesday June 14 2006, @08:30AM
          • Paranoia? by Frosty Piss (Score:1) Wednesday June 14 2006, @09:24AM
    • Re:Export regulations? by Adam Hazzlebank (Score:2) Wednesday June 14 2006, @07:19AM
    • Re:Export regulations? (Score:5, Informative)

      Documentation on how to interface with the hardware chip is NOT covered by export regulations. Only the actual chip, and its design specifications in regard to implemented algorithms, are covered.
      Hence, the docs that OpenBSD folks need (and had access to, until a few years ago) are NOT covered.

      The choice is between "giving back access to documentation to allow developers to work with your hardware" or "keep track of developers for marketing purposes".
      Export regulations enter the picture only if you don't know them.
      [ Parent ]
    • Re:Export regulations? by tokul (Score:1) Wednesday June 14 2006, @07:42AM
    • Re:Export regulations? by quarkscat (Score:2) Wednesday June 14 2006, @10:39AM
    • Re:Export regulations? by HermanAB (Score:2) Wednesday June 14 2006, @11:03AM
    • Re:What do you think this is, dark ages redux? by Bilestoad (Score:1) Wednesday June 14 2006, @07:23AM
      • Re:What do you think this is, dark ages redux? by TripMaster Monkey (Score:2) Wednesday June 14 2006, @07:28AM
      • Would that not be... (Score:5, Interesting)

        by Phil John (576633) <phil@webstarsl t d .com> on Wednesday June 14 2006, @07:30AM (#15531269)

        Would that not be on documentation that explained exactly how the chip worked and not just how to send and receive bits from it?

        If this is the case with HIFN, why do some other hardare companies in the same field not have the same restrictions?

        There was a good comment made later in the thread:

        Perhaps you can talk to your legal counsel and actually break out the documentation needed for these open source drivers into a separate and truly open to the "general public" anonymous download site. I doubt that the documentation that is being requested by developers is putting you in violation of US Export Regulations
        ....snip....
        I understand it's very easy these days for attorneys to just say put everything behind your registration only access extranet to be safe. This is not acceptable and, in my opinion, is not open to the general public like you stated.

        That sums up my thoughts much more succinctly.

        [ Parent ]
      • Re:What do you think this is, dark ages redux? by Qzukk (Score:2) Wednesday June 14 2006, @08:08AM
    • 1 reply beneath your current threshold.
  • by rsidd (6328) on Wednesday June 14 2006, @07:18AM (#15531205)
    Theo repeatedly claims that the site wants "approximately 50 personal questions". I looked, and there are only 11 questions with required answers, of which I can only construe two (office phone number, and office address) as invasive of Theo's privacy. (I assume everyone knows Theo's name and email address, from the mailing lists.)

    If he objects to providing that information, he can say so, but this sort of easily-refuted hyperbole doesn't help.

  • Oh for pity's sake... (Score:5, Informative)

    by tygerstripes (832644) on Wednesday June 14 2006, @07:27AM (#15531252)
    Due to lazy moderation and posting, there now appears to be no point in posting anything as a reply, so I'll ask again what I think is a pertinent question as a main post:

    How would this violate US Export Licences???

    Fine, don't export chips overseas without knowing who you're selling to, but documentation? For driver developers no less?? When Hifn themselves are trying to say that this information is open and free???

    This is the key point of Theo's argument, surely: that Hifn are not at all obliged to demand this information, and therefore are going against the principles of open access/source by demanding it. Can someone please explain what I'm missing here.

    • Re:Oh for pity's sake... (Score:4, Interesting)

      by TripMaster Monkey (862126) * on Wednesday June 14 2006, @07:36AM (#15531305)

      How would this violate U.S. Export Licenses

      It wouldn't. Exporting documentation...even source code...is protected as Free Speech, provided the export is in book format.

      From this article [goingware.com]:

      And interestingly, you can't ban the export of a book, because a book is a form of free speech, and free speech is protected by the first amendment to the United States Constitution. So when a new version of PGP becomes available in the United States, it's source code is simply published in book form and mailed overseas, where the source can be retrieved by scanning it and using inexpensive optical character recognition software to convert the printed pages back to machine-readable program text files.

      If you can export PGP source code without violating U.S. export restrictions, I'm betting you can export data sheets too. Therefore, HIFN's argument is invalid.
      [ Parent ]
    • Re:Oh for pity's sake... by 91degrees (Score:1) Wednesday June 14 2006, @07:36AM
    • MOD UP by PetriBORG (Score:1) Wednesday June 14 2006, @07:52AM
    • Re:Oh for pity's sake... by Tsu Dho Nimh (Score:2) Wednesday June 14 2006, @09:18AM
    • Re:Oh for pity's sake... by GodBlessTexas (Score:2) Wednesday June 14 2006, @12:59PM
    • 1 reply beneath your current threshold.
  • Abusive much? (Score:4, Insightful)

    by thePowerOfGrayskull (905905) on Wednesday June 14 2006, @07:31AM (#15531274)
    (http://www.khalidine.com/)
    While I whole-heartedly agree with the point Theo was making in his article, I can't help but think that engaging in hyperbole (50 questions? ~25 is accurate) and verbally abusing and threatening the vendor is going to help in any way.
    • Re:Abusive much? by thePowerOfGrayskull (Score:1) Wednesday June 14 2006, @07:33AM
    • Re:Abusive much? by mike_the_kid (Score:2) Wednesday June 14 2006, @07:56AM
    • Re:Abusive much? (Score:4, Interesting)

      I can't help but think that engaging in hyperbole (50 questions? ~25 is accurate) and verbally abusing and threatening the vendor is going to help in any way.

      True, but on the other hand, Theo really does have the upper hand on this one. If I can't use those cards under OpenBSD, I won't buy them. If I can, I probably will (because I could actually use some of that functionality in my VPN servers). Since I suspect a large part of their potential client base is in the same situation, it'd be in their best financial interests to go meet Theo's (reasonable) requests and stay stop arguing the point.

      [ Parent ]
    • Re:Abusive much? by chazwurth (Score:3) Wednesday June 14 2006, @10:52AM
      • Re:Abusive much? by thePowerOfGrayskull (Score:1) Wednesday June 14 2006, @11:50AM
  • by ABoerma (941672) <ABoerma.gmail@com> on Wednesday June 14 2006, @07:34AM (#15531291)
    Well, I can't say I disagree with Theo. The 'Open' in OpenBSD loses its meaning if you use such non-free documentation. And it's not as if the OpenBSD team has any obligation to include Hifn drivers.
  • Give it a rest, Theo. (Score:3, Insightful)

    by Ritchie70 (860516) on Wednesday June 14 2006, @07:34AM (#15531292)
    (Last Journal: Saturday March 17 2007, @09:54AM)
    OK, great. This info was freely available on their web site 8 years ago. So?

    You know what, if you'd wanted this 15 years ago, you would have phoned them up, given them the EXACT SAME INFO THEY'RE ASKING FOR on their web site, and they would have mailed it to you.

    And a sales-person might have called to see if you wanted to buy some chips.

    Theo's "50 questions" is email, name, company name, title, address, phone number, and "what is your project? What is your role? When do you want to buy some chips?" How about a little reality here. Theo does some great stuff, but that doesn't mean he gets to bend how the world works to his will.

    Just like the "I don't get any donations" rant from him a bit ago, he just doesn't seem to be well grounded in business realities. If you want donations, you need a tax-exempt foundation, not "make checks out to Theo." If you want data sheets, you might have to tell the company who you are and why you want them.

    • Re:Give it a rest, Theo. by Sigma 7 (Score:2) Wednesday June 14 2006, @08:08AM
    • Re:Give it a rest, Theo. (Score:4, Interesting)

      by quarkscat (697644) on Wednesday June 14 2006, @11:07AM (#15532846)
      The parent poster is a troll, and his argument is patently absurd.

      HIFN might make their documentation available to the (USA) public,
      but if it is released under restrictive NDA language, it is hardly "OSS-
      friendly". Is OpenBSD supposed to bundle binary-only drivers, with
      the MS-inspired adage "Trust us, we know what's best for you?"
      I think not!

      Imagine your level of trust in OpenBSD drivers that you cannot even
      see the source code to, let alone be forced to go back to the OEM for
      man / info pages. HIFN has far exceeded any legal requirement that
      USA Export Control regulations impose, and Theo has rightfully called
      them out for their current nonsensical position. This is not about HIFN
      furnishing proprietary SystemC or ERDA(?) data that would reveal the
      construction of the chipset or the crypto algorythms involved -- this
      is about data on how to fully interface to the chipset's I/O. There is
      no valid reason for OpenBSD (or any other open source OS) to continue
      to support HIFN. In fact, I woudn't mind seeing kernel code included that
      would fail to build with HIFN support, sort of like has been discussed on /.
      regarding locking out the SCO OS.
      [ Parent ]
    • Re:Give it a rest, Theo. by dstone (Score:3) Wednesday June 14 2006, @11:21AM
    • Re:Give it a rest, Theo. by Ritchie70 (Score:1) Wednesday June 14 2006, @11:58AM
    • 2 replies beneath your current threshold.
  • Whinge whinge whinge.. (Score:4, Informative)

    by mcbridematt (544099) on Wednesday June 14 2006, @07:34AM (#15531294)
    (http://mcbridematt.dhs.org/ | Last Journal: Saturday September 13 2003, @09:02PM)
    "Jason and I spent a lot of time writing that code in the
    past, but because your policies are privacy invasive towards us, and
    thus completely thankless for the sales that we have given you in the
    past -- we will not spend any more time on your crummy products."


    Sales?

    Unless Theo can give a decent estimate of how much 'sales' OpenBSD has 'given' them, I doubt the upper brass at Hifn cares about Theo's whinging.

    If you want drivers for "less mainstream OS'es", please attach your request to a large multi-mega-million part order from <insert vendor here>. If you don't believe me, we'll, the only reason NVIDIA's Linux support is miles ahead of ATI is due to the demand from Hollywood setups to use high-end-5000%-margin professional cards on Linux, not geeks on Slashdot playing Tuxracer.
  • by m874t232 (973431) on Wednesday June 14 2006, @07:39AM (#15531326)
    When companies impose weird intellectual property restrictions on their data sheets, then I'm all for making the process of getting the data sheets as cumbersome as possible--that way, FOSS developers will at least become aware that there is something funny going on.

    Some other vendors hide a restrictive license ("if you look at this, we own stuff you do with it") somewhere in the documentation or behind a "Read This License" link, but people who look at the documentation never notice.
  • Theo is right (Score:1, Insightful)

    by Anonymous Coward on Wednesday June 14 2006, @07:40AM (#15531329)
    OpenBSD could really care less about Hifn in the long run. Someone stated that Theo thinks his personal information is like currency. It is. The US government would love nothing more than to learn who uses crypto devices and they have no right to that information. Thankfully, OpenBSD is based in Canada and not in the US. The US has long been opposed to crypto among the masses but cannot really do anything about it. This president is doing his damndest to crack down on anyone and anything that even remotely smacks of anti-US sentiment, policy, etc.

    OpenBSD should delete the driver and move on. It would not take that much capital to devise you own crypto chip sets, write the drivers and then have the Chinese or Koreans build them for you. OpenBSD could sell the chips and the drivers and fund itself in the process.

    Go OpenBSD!
  • Theo is the man (Score:3)

    by brennz (715237) on Wednesday June 14 2006, @07:40AM (#15531333)
    I like Theo. The more of his statements I read, the more I appreciate his no compromise, take no prisoners approach.

    50 personal questions sounds way beyond overkill. I've downloaded plenty of export controlled software, with merely a few questions.

    My guess is, Hifn like many other companies, gives everything to their sales folks, or worse, resells it. Can you blame Theo for taking offense, when they want 50 personal questions answered?

    BTW, is this the signup? http://extranet.hifn.com/home/anonymous/?workflow= signupapp [hifn.com] or just part of it? That part about the NDA bothers me.....
  • "50 personal questions"? (Score:3, Interesting)

    Does anyone know what they were besides what's on the first sign up page?
  • by Jerom (96338) on Wednesday June 14 2006, @07:50AM (#15531385)
    ... and lately the only OS focussing on fais seems to be openBSD. Thanks for fighting for OUR long term freedom again Theo.(Also a thank you to RMS). The one PC I have left at home runs OpenBSD and i BUY every new release.

    Kudos to Theo and the openBSD team

    J.

  • by Tsu Dho Nimh (663417) <<abacaxi> <at> <hotmail.com>> on Wednesday June 14 2006, @07:52AM (#15531402)
    This is so the sales department can have an easy time pushing product. I'll bet anyone who signs up gets a call from the Hifn sales-droids within a week after they download the datasheet, if not before they grant access.