i don’t know what exactly was in question in the kernel, that the lawyers had to worry about, but From EAR rules…
“note that open source software can still be subject to export control measures if it includes technologies or functionalities that are regulated. In such cases, specific controls may be applied to prevent the unauthorized export of these technologies or functionalities.”
IF something was deemed controlled, it makes sense to pull it so kernel can ship anywhere, and whomever received it can do their own tweaks
@BCsven@Allero Given the modular nature of the kernel, the module can always be made available separately those today’s Internet really makes such restrictions, as they apply to software, moot.
Exactly. Not much different than a distro that can’t legally ship non-free drivers for initial instal due to licensing, but you load them in yourself on first boot
@BCsven As I stated though moot, the laws have really outlived their usefulness. There are simply too many unsecured systems on the Internet to make it impossible for a bad foreign actor to gain access to any software that is not intended for export. When I worked for the local telco, many of their switches had dial-in modems that connected to the recent change channels, the channels that allow you to alter how lines were assigned, telephone calls were routed, etc, without so much as a login or password. If you knew the commands you could do pretty much anything you wanted to. I caused a major meltdown that got me an unwanted interview with directors merely for suggesting that they put a password on the root account of a pbx interface Unix system used to serve a 40,000 line customer. So yea security is mostly a joke and as a result these laws serve no useful purpose.
Oh I get the futility of it. But if you are in the USA you are bound by it. Same reason encryption devs had to cross to Canada to do development because USA would not allow encryption code shared across boundaries.
Or how I once sent a software bug report in for an Engineering product; because company is USA based they assigned it an ITAR /EAR status. It was a 4" cube I modelled, and now some dev has to treat it as sensitive EAR data. LOL
Kernel cannot follow or not follow any legal rules. Linux Foundation can.
And if regulations become a serious issue and go against the spirit of open-source, it is time to move the Foundation somewhere else.
i don’t know what exactly was in question in the kernel, that the lawyers had to worry about, but From EAR rules… “note that open source software can still be subject to export control measures if it includes technologies or functionalities that are regulated. In such cases, specific controls may be applied to prevent the unauthorized export of these technologies or functionalities.”
IF something was deemed controlled, it makes sense to pull it so kernel can ship anywhere, and whomever received it can do their own tweaks
@BCsven @Allero Given the modular nature of the kernel, the module can always be made available separately those today’s Internet really makes such restrictions, as they apply to software, moot.
Exactly. Not much different than a distro that can’t legally ship non-free drivers for initial instal due to licensing, but you load them in yourself on first boot
@BCsven As I stated though moot, the laws have really outlived their usefulness. There are simply too many unsecured systems on the Internet to make it impossible for a bad foreign actor to gain access to any software that is not intended for export. When I worked for the local telco, many of their switches had dial-in modems that connected to the recent change channels, the channels that allow you to alter how lines were assigned, telephone calls were routed, etc, without so much as a login or password. If you knew the commands you could do pretty much anything you wanted to. I caused a major meltdown that got me an unwanted interview with directors merely for suggesting that they put a password on the root account of a pbx interface Unix system used to serve a 40,000 line customer. So yea security is mostly a joke and as a result these laws serve no useful purpose.
Oh I get the futility of it. But if you are in the USA you are bound by it. Same reason encryption devs had to cross to Canada to do development because USA would not allow encryption code shared across boundaries. Or how I once sent a software bug report in for an Engineering product; because company is USA based they assigned it an ITAR /EAR status. It was a 4" cube I modelled, and now some dev has to treat it as sensitive EAR data. LOL
@BCsven Gotta love it.
@Allero @BCsven That was the point I was making when I suggest back to Finland or perhaps Iceland or Switzerland.
Agreed with you!
the foundation should have moved long ago but I think Linus’ personal adoration of the US is going to get in the way of that.