Re: Boiling the DeCSS frog

Wed, 9 Feb 2000 21:06:04 -0800 


In <[EMAIL PROTECTED]>, on 02/10/00 
   at 02:06 PM, [EMAIL PROTECTED] (Peter Gutmann) said:

>"William H. Geiger III" <[EMAIL PROTECTED]> writes:

>>IIRC several years ago someone wrote a script that would split up pgp into
>>multiple parts (say 100) and then each e-mail message they sent out would
>>have a different part at the bottom of the message.

>I saw it done via Usenet posts, and it was a real find-the-thimble game 
>trying to find all the pieces from 1,001 mangled, dropped, spammed-out,
>etc articles.  What I was after was a way to put it on a web page so that
>anyone who went there would see the whole thing, but it wasn't possible
>(well, not sanely possible, the MPAA will try anyway) to attack it in
>court. This is like the watermark-defeating attack where you snip an
>image into enough small images that they drop below the
>watermark-detection threshold, then combine them back into a single image
>when displayed using HTML.

Interesting ...

Say you divide up the code into x pieces.

Those pieces are stored on y servers.

Then any server that wanted to server the CSS code without having the
actual code on it's server would then use a list of links to display the
code.

I see two different possible approaches:

1: The displaying server uses a cgi script that goes out and collects the
pieces from the various other server, combines them, and then returns to
the browser the complete code.

2: Make use of multiple frames in a manner that the browser is the one
that actually goes out to the different web sites and combines the parts.

-- 

I am not very fluent on frames but basically what you want is this:

-----------------------------------fuck_the_MPAA.html--------------------------------

<HTML>
<HEAD>
<TITLE> Fuck the MPAA </TITLE>
</HEAD>
<BODY>

<CENTER><H1><B>Fuck The MPAA</B></H1></CENTER><P>

Here is the DVD-CSS Code and none of it is on my sever so <B>FUCK-OFF MPAA!!</B><P>

<IFRAME src="http://server01/part01.html" scrolling="off" frameborder="0">

[Your browser does not support inline frames 
 <A HREF="http://server01/part01.html"> select </A> to get part 1 of X

</IFRAME><P>

<IFRAME src="http://server02/part02.html" scrolling="off" frameborder="0">

[Your browser does not support inline frames 
 <A HREF="http://server02/part02.html"> select </A> to get part 2 of X

</IFRAME><P>


... etc


<IFRAME src="http://serverX/partX.html" scrolling="off" frameborder="0">

[Your browser does not support inline frames 
 <A HREF="http://serverX/partX.html"> select </A> to get part X of X

</IFRAME><P>


<CENTER><H1><B>Fuck The MPAA</B></H1></CENTER><P>
</BODY>
</HTML>

-----------------------------------fuck_the_MPAA.html--------------------------------


#1 has the risk of the MPAA shysters claiming that your server is, at the time of 
generating the html page, in possesion of all the code and therefor in violation of 
the law.

#2 should work but will require a web browser that supports inline frames. The same 
can be accomplished without inline frames using framsets but the setup is more 
complicated.


I will try and set up a sample webpage on my server and see if I can ge this working.


In the mean time I have my CSS-Split code running. I have it set to send out parts 
sequentially for 2 weeks after that it will select parts randomly.

-- 
---------------------------------------------------------------
William H. Geiger III                    http://www.openpgp.net  
Geiger Consulting    

Data Security & Cryptology Consulting
Programming, Networking, Analysis
 
PGP for OS/2:                   http://www.openpgp.net/pgp.html
---------------------------------------------------------------

Fight Censorship! Stop the MPAA! http://www.openpgp.net/censorship.html

-----BEGIN PGP MESSAGE, PART 01/36-----
Version: 2.6.2

rUNcYgdjc3MuemlwAAAAAFBLAwQUAAIACAADmUkoi0kVx6kSAABnOAAACgARAGNz
cy1hdXRoLmNVVA0AB3YPojgCE6I4dg+iOM1abXMbx5H+TFT5P4yTKouQQHnfgF2E
luqABZBSnctJnVy5ulLJriWwJDcCsAx2IYpJnN+e7n56t4cUfefobFf0YQXMTs/0
y9Pdzwz45Zdu3TRnxbG9fr7+bPDZ4Munnw3cU5fXN3eH6uq6daf50IXT6dQtykP5
zq2K2/WxcV9t+Nt/NDcVfXi+rncvSYoFv72uGreuN6XbFXfuonTHpty4456mufa6
dG152DWuvnR/Kg9NVe9dxF/4ze//+PWIVziUxUYGLqtt6fI//PF/Xn3ze3dZH9ym
bItq2zzHVl8OSFlsWTalO9THttqXjdvUrql3NFDWB9q12l91OzTHm5ttRepsirYg
3WjNkhdYF9stTyv3V7TC6dC1Na/CIrui2rvb+vDueW/fvZWbsiRzmmpXbYsDy7XX
RUvC+9Jd3MkK1b5qq2Lrmra4KtlyXoVfLJavXbG9qg9Ve70b0TzIVq3b1vW7xm2r
dyTdPmncn49NS+qWeyzc1rLE4c4V+w1pSNOa+rK9LQ4luYh8L4pt61uKjHOvnuzc
=J5jr
-----END PGP MESSAGE, PART 01/36-----



Reply via email to