[linux-elitists] The GPLV3 Position... (and a suggestion to Jon Corbet)

Jack Lloyd lloyd@randombit.net
Tue Sep 26 17:19:03 PDT 2006


On Tue, Sep 26, 2006 at 01:36:03AM -0700, Nathaniel Smith wrote:

> I don't, however, know very much about the actual requirements on
> "medical equipment, laser controlled systems", or even wireless
> devices with FCC restrictions -- but I'd like to.  Can anyone
> enlighten me?  Is it strictly necessary that the devices be as
> tamper-resistant as possible?

I'm not sure about FCC restrictions per se, but considering that FIPS
140 (the US govt standard for secure cryptographic devices) does not
go nearly that far, it seems unlikely. For example, the official NIST
testing guide for the lower levels of certification specifically
states that if you have to use a tool (eg, screwdriver, x-acto, ...)
to enter the case, then that's good enough as far as 'tamper
resistance' goes.

And, empirically, I could easily modify (perhaps not usefully, but at
least abusively) all sorts of FCC licensed radio devices, so either
it's not an FCC thing, or the FCC needs to audit the testing
laboratories something fierce.

-Jack



More information about the linux-elitists mailing list