No announcement yet.

A "Large Hardware Vendor" Wants A EULA Displayed For Firmware Updates On Linux

  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by bug77 View Post
    It wouldn't break anything if it could be hidden behind a switch.
    unless you have to deploy it onto hardware which works only with such switch


    • #52
      Originally posted by rastersoft View Post
      I'm already using their hardware, and the conditions should be no different of using the old firmware, so I don't see the point in having to agree an EULA.
      I totally agree.


      • #53

        Originally posted by r3pek View Post

        hummmm firmware? After getting "flashed" it's done, there's no per-user firmware? What are you guys talking about? People just look like they never upgraded a BIOS or a SSD firmware ever! You know Windows have multiple users too right? Damn... trying to find problems where there aren't any.
        hummm EULA ? What sense does it make to have a user accept an End User License Agreement and then apply it to another user just because the firmware it covers was flashed somewhere the other user also uses ?. How enforceable is such an EULA ?

        I mean either accepting the EULA is not necessary to use the hardware with the new firmware flashed into it, and then the second user is legally fine, but then the first user would also be fine without accepting any EULA, and nobody needed to click through an EULA, so the VLFS does not have to bother with it, or the second user can not legally use the hardware with the firmware flashed on it because it was the first used who accepted the EULA and flashed it.

        I know the firmware would work for both users, and they would probably never be sued, I'm only saying the requirement to click through the EULA is ridiculous, because the firmware will also work if nobody clicks anything and LVFS installs it without asking.

        Don't pretend I'm obtuse. The ones asking for click-through EULAs for software that gets flashed into things and then used by someone else are obstuse! Maybe someone who have come to regard EULAs as meaningless can make sense of it, but that same person should also make sense of no EULA dialog at all.

        Also some firmware is not flashed, it just stays on disk an drivers load it into device RAM at system boot or at other times. I'm not sure whether these firmwares are out or in scope for LVFS.


        • #54
          Originally posted by torsionbar28 View Post
          Um, no. You are aware that the GPL v2 and GPL v3 are also EULA's, correct?
          I don't think so, the GPL v2 and GPL v3 are distribution agreements, the use of the software has no restrictions.

          So are MIT, Apache, and all of the open-source license agreements.
          All that licenses don't restrict the use. The only kind of free (libre) license I know that I would call an EULA is AGPL or similar, that make mandatory for the software user (the service provider) the distribution of the the source code if requested by the service consumer.

          Literally every piece of every Linux distro is covered by one EULA or another.There is nothing inherently bad about EULA's.
          EULA's are only for software that restricts the use, if that is inherently bad is a personal opinion.

          All this vendor is asking for, is that the user be prompted to explicitly accept it. I don't have a problem with that, especially since you already have to explicitly accept their EULA to download the firmware from their web site today.
          This new EULA that the vendor is asking to agree are restrictions that you didn't accept when you bought the hardware. As other reader replied, why does the new firmware want to put restrictions the stock firmware didn't have.


          • #55
            Originally posted by k1e0x View Post
            "Large Hardware Vendor" is probably scared to death they will push software what bricks peoples devices and want users to agree to no class action + don't sue us + arbitration only.

            Should they or do they need that.. I think no? The general convention in software is it is provided without warranty. If that ever changes.. the software industry as a whole is going to be in major pain.
            Maybe they should exchange some lawyer-salary for better software and QA people? Otherwise they must be prepared to pay my money back.
            If software companies do not experience pain, when they make big mistakes, they have no incentive to improve...


            • #56
              Interesting. Aside from language etc., here is another argument:
              What if I don't have intelectual capacity to understand what I'm agreeing to? Let's assume everyone who reads EULAs knows the language that was presented on, but, specific legal terms might be very foreign to the most proficient "regular" speakers of that language. So what then?

              It's same with the laws, you just can't win, it is not your defense the fact that you didn't know that was the actual law, and there are statistics of how many laws average person breaks per day without even knowing it. It's ridiculous...

              EULAs, specifically in firmware, should not be anything more than those two things mentioned (copying, distribution = not sure why it matters, logically it shouldn't) and the common sense fact "We don't take responsibility for your own actions or conditions that are outside of our control (lighting or flood or whatever happening while upgrading firmware)".

              In fact, I am for name changing, it shouldn't be called EULA, but ESLA (S = scammer) or ECLA (C = company), because normal users would not even bother with such things..., so it really isn't about users.


              • #57
                Originally posted by k1e0x View Post
                Should they or do they need that.. I think no? The general convention in software is it is provided without warranty. If that ever changes.. the software industry as a whole is going to be in major pain.
                Definitely not true, if your software is part of a device. If you deliver a firmware upgrade for your defibrillator that makes it shock someone to death, you WILL be liable for this software, people will likely even go to jail for it. If you deliver a software update to your Mercedes, that instead of breaking it will accelerate to over 250 mph, you will be liable. If you are Apple and you brick 1billion IPhones with an update, you will have to replace them and get sued by class action suits, no matter if there is a EULA or not.

                There are only some instances, where you enjoy the protection from the legislator. Like when you are an American air plane manufacturer, that intentionally cripples his software to randomly read only from one of two redundant sensors at a time, making the plane crash into the ground in case of a malfunction of one of the sensors, because reading from two redundant sensors would mean you need an expensive and time-consuming full risk evaluation of the now automatically classified as critical system. THAT is totally acceptable.

                "Sooo there have been hundreds of deaths. It is at is. But it's totally under control." ;-)


                • #58
                  I can't read all of this thread at this time but I think far too many here are on the wrong side of the fence. First everyone here is agreeing to an end user agreement even if they are running Linux. Frankly GPL is just one of the agreements you are accepting with Linux.

                  Second Firmware Update should be warning everybody that the update process might break something and accepting that it can happen. I see automated updates as beyond stupid so I have little concern about people wanting to implement such systems. However if you build in a rational EULA agreement protocol you can also automate acceptance of those EULA. So what I'm saying is that one of the things that many firmware EULA address, the potential of bricked devices, should be covered by normal operation of firmware update.

                  The third problem is the legal landscape that requires this sort of thing in the first place. Everyone wants to blame the manufacture but they are not responsible for the laws that put them into this position in the first place. The only time this is a huge problem is when they go well beyond what is required to cover their legal liabilities. This usually isn't a problem with firmware agreements.

                  What would be real funny is if this was Apple asking. Sound strange to even suggest? Well I look at it like this, they want to have the coming ARM based Macs be a huge success and strongly supporting Linux would give them some positive propaganda.


                  • #59
                    This shouldn't be a problem in the first place. It should be doable in coexistence and without compromising the existing system, i.e. as an option. It shouldn't be used to create a drama, to force a conflict or to exclude vendors when it brings a benefit for the end users. Even more so when it can get more vendors to the table than before. Open source should always invite all vendors in.


                    • #60
                      Originally posted by doublez13 View Post
                      hughsie Give us a hinnnnnnnnt :P
                      Pretty sure there will be no hint.

                      But, you are free to try to make some (educated?) guesses. If one looks at the list of hardware vendors who are at least evaluating the solution, there are a couple of large vendors noticeably missing. The one that immediately stands out (to me) is the vendor whose name starts with a B.