"That's the beauty of the GPL: one can't lock down a GPLed distro that way."
True, but its strength is also its weakness in this context: anyone can keep the distro open but add some "vital" code that is closed and does what they want without anyone noticing. The GPL doesn't prevent closed code from running on open source machines, it just sets limitations on imposing limitations (which makes it so great IMO), so a module that displays advertising, tracks users or steals personal data can easily be implemented inside a closed app, blob, device driver etc. and unless I missed something the GPL can do nothing if that module was compiled using non GPLed compilers, linked against non GPLed libraries etc.
In other words, if I take a non GPLed compiler and a set of non GPLed libraries that set no obligation to open the resulting code if I distribute the output, I can write anything and add it to a Linux distro then distribute them together without any legal obligation to publish the source and reveal the internals of my code. That would be the case for suspicious code inside blobs and drivers.
Someone please correct me if I'm wrong.
Of course the community can fork in no time, but imagine a very popular piece of hardware which could work only with that closed blob.
True, but its strength is also its weakness in this context: anyone can keep the distro open but add some "vital" code that is closed and does what they want without anyone noticing. The GPL doesn't prevent closed code from running on open source machines, it just sets limitations on imposing limitations (which makes it so great IMO), so a module that displays advertising, tracks users or steals personal data can easily be implemented inside a closed app, blob, device driver etc. and unless I missed something the GPL can do nothing if that module was compiled using non GPLed compilers, linked against non GPLed libraries etc. In other words, if I take a non GPLed compiler and a set of non GPLed libraries that set no obligation to open the resulting code if I distribute the output, I can write anything and add it to a Linux distro then distribute them together without any legal obligation to publish the source and reveal the internals of my code. That would be the case for suspicious code inside blobs and drivers. Someone please correct me if I'm wrong.
Of course the community can fork in no time, but imagine a very popular piece of hardware which could work only with that closed blob.