In the case of GPLv3, the development of software for hardware devices that are tamperproofed
This is not true. All the GPLv3 requires is for you to provide the means to modify or replace the software contained in the device. In the case of a tamper-proof device, this would entail providing the user with a master key or password which would allow her to unlock a developer mode of some kind.
Alternative, a tamperproofed device can be immune to any form of modification or replacement of the software contained in the device.
The issue GPL fixes is when device manufacturers exercise ownership control of the device after sale (ie, do things that the owner is not allowed/enabled to do). If the manufacturers can modify or replace the software, then the device owner must be able to do the same.
Alternative, a tamperproofed device can be immune to any form of modification or replacement of the software contained in the device.
Sure, you can develop one of those, as long as you subsequently provide a means to circumvent the tamper-proof mechanism. There is a critical semantic distinction that I think a lot of people are missing: the GPL does not restrict your ability to develop any sort of product you wish, it merely imposes additional obligations designed to ensure your users have the same freedom of development that you had when you developed the device.
> Sure, you can develop one of those, as long as you subsequently provide a means to circumvent the tamper-proof mechanism
No, you do not need to add a way to circumvent the tamper-proof mechanism. Thats the whole point of my comment.
Section 6, Conveying Non-Source Forms:
"this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM)."
If the device is completely immune to software modifications, the anti-drm requirement of GPLv3 won't come into effect.
Last, a device which the manufacturer has ability to tamper with is not a device I would call tamper-proof. The attacker just need to get the developer key, so maybe Tamper-resistant is a better description?
If the device is completely immune to software modifications, the anti-drm requirement of GPLv3 won't come into effect.
Right, I had forgotten that. The reasoning behind it is that a non-programmable ROM chip might just as well be considered hardware for the purposes of programmability. Of course, the user might decap the chip and modify the code stored there with a scanning-tunneling microscope so the term tamper-proof in the absolute sense is probably not applicable to any device made by humans.
There is an old saying in computer security that the only secure program is one that is in a computer that is turned off, locked inside a safe, located in a bunker.
So maybe tamper-proof is not the best term, but at least physical security add something more than just a digital signature. The device owner has a much better chance to see if someone took apart the device, decapped the chip and then put it together. If I as the consumer want a tamper-proof device, I would go with physical security every time.
This is not true. All the GPLv3 requires is for you to provide the means to modify or replace the software contained in the device. In the case of a tamper-proof device, this would entail providing the user with a master key or password which would allow her to unlock a developer mode of some kind.