[E3-hacking] PBL V5.1

[David Given]

Antony Stone wrote:
[...]
> It occurs to me that Amstrad don't want to release the keys they've used to 
> sign/encrypt their new code, however the new 5.1 bootloader won't accept 
> unsigned/unenecrypted code, and therefore we get a sort of stalemate.

AIUI, the reason why Amstrad are doing this in the first place is to 
prevent people from buying up large numbers of emailers (which are sold 
at a loss, remember), reflashing them, and then selling them on. This is 
apparently fairly likely in eastern Europe.

[...]
> That way Amstrad keeps its keys, but the devices which were released running 
> Linux remain open for us to use as the GPL requires.

Except the whole point of the exercise is to *close* the device...

(And the GPL, v2 at least, *doesn't* require the devices be open. The 
exact phrasing is:

“The source code for a work means the preferred form of the work for 
making modifications to it. For an executable work, complete source code 
means all the source code for all modules it contains, plus any 
associated interface definition files, plus the scripts used to control 
compilation and installation of the executable.”

PBL and the encryption keys are not covered by this. PBL because it's 
not GPLd, and the encryption keys because they're not an interface 
definition file or script.)

What they might be more likely to go with is a mechanism for obtaining 
the key to an individual emailer --- either by paying them the 
difference in price between what it cost to build and what it's sold at 
(so that they don't end up out of pocket), or by just asking nicely; 
they don't seem to have a problem with small numbers of hobbyists. 
However, it's probably not possible to unlock an individual device. I 
wouldn't have thought they'd have per-machine keys.

-- 
David Given
dg at cowlark.com