Sen. Hollings plans to introduce DMCA sequel: The SSSCA
Text of SSSCA draft bill: http://www.politechbot.com/docs/hollings.090701.html --- http://www.wired.com/news/politics/0,1283,46655,00.html New Copyright Bill Heading to DC By Declan McCullagh ([EMAIL PROTECTED]) 4:19 p.m. Sep. 7, 2001 PDT WASHINGTON -- Music and record industry lobbyists are quietly readying an all-out assault on Congress this fall in hopes of dramatically rewriting copyright laws. With the help of Fritz Hollings (D-S.C.), the powerful chairman of the Senate Commerce committee, they hope to embed copy-protection controls in nearly all consumer electronic devices and PCs. All types of digital content, including music, video and e-books, are covered. The Security Systems Standards and Certification Act (SSSCA), scheduled to be introduced by Hollings, backs up this requirement with teeth: It would be a civil offense to create or sell any kind of computer equipment that "does not include and utilize certified security technologies" approved by the federal government. It also creates new federal felonies, punishable by five years in prison and fines of up to $500,000. Anyone who distributes copyrighted material with "security measures" disabled or has a network-attached computer that disables copy protection is covered. Hollings' draft bill, which Wired News obtained on Friday, represents the next round of the ongoing legal tussle between content holders and their opponents, including librarians, programmers and open-source advocates. [...] - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
> It would be a civil offense to create or sell any kind of > computer equipment that "does not include and utilize certified > security technologies" approved by the federal government. Doesn't this allow the government to (finally?) control *domestic* encryption technology also? Ominous... -- Harald Koch <[EMAIL PROTECTED]> "It takes a child to raze a village." -Michael T. Fry - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
On Sat, 8 Sep 2001, Harald Koch wrote: > > It would be a civil offense to create or sell any kind of > > computer equipment that "does not include and utilize certified > > security technologies" approved by the federal government. > > Doesn't this allow the government to (finally?) control *domestic* > encryption technology also? Ominous... > > -- > Harald Koch <[EMAIL PROTECTED]> The Hollings bill simply outlaws private ownership of home computers. It requires the Ministry of Infotainment to have permanent irremovable root privileges on every personal computer. The Ministry is required to run a complete log of every read and write to the hard disk and of all connections to the Net. oo--JS. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
The complete text of the draft SSSCA (2.5 MB PDF file) is now online: http://gnu-darwin.sourceforge.net/sssca-draft.pdf http://www.nullify.org/sssca-draft.pdf http://sites.inka.de/risctaker/sssca-draft.pdf http://www.parrhesia.com/sssca-draft.pdf John Young has put his amazing OCR software to work and has posted this HTML text of the entire bill: http://cryptome.org/sssca.htm An anti-SSSCA petition is here: http://www.PetitionOnline.com/SSSCA/petition.html Slashdot thread on the SSSCA: http://slashdot.org/articles/01/09/08/0238200.shtml -Declan - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
At 09:27 PM 09/08/2001 -0400, Jay Sulzberger wrote: >The Hollings bill simply outlaws private ownership of home computers. It >requires the Ministry of Infotainment to have permanent irremovable root >privileges on every personal computer. The Ministry is required to run a >complete log of every read and write to the hard disk and of all >connections to the Net. No, you're allowed to own old PCs, though probably not to resell them. What you can't do is reformat the hard drive, or disconnect the old one when you buy a new one, or uninstall any software that might have copy protection capabilities. Lack of scienter may or may not get you off the hook for the $500,000 fine for uninstalling software that you didn't realize had the Hollings/Stevens code installed. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
Am I right in that this bill would effectively outlaw all free open-source operating systems like Linux, OpenBSD, FreeBSD, etc.? Carsten Kuckuk - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
At 9:27 PM -0400 9/8/2001, Jay Sulzberger wrote: >On Sat, 8 Sep 2001, Harald Koch wrote: > >> > It would be a civil offense to create or sell any kind of >> > computer equipment that "does not include and utilize certified >> > security technologies" approved by the federal government. >> >> Doesn't this allow the government to (finally?) control *domestic* >> encryption technology also? Ominous... >> >> -- >> Harald Koch <[EMAIL PROTECTED]> > >The Hollings bill simply outlaws private ownership of home computers. It >requires the Ministry of Infotainment to have permanent irremovable root >privileges on every personal computer. The Ministry is required to run a >complete log of every read and write to the hard disk and of all >connections to the Net. > >oo--JS. > I think the key point is that it doesn't outlaw private ownership of home computers. It merely requires all home computers to include provisions that allow the State to control what it is used for and to trace any information it produces. In this regard it is exactly the same as the laws in the old Soviet Union that forbid private ownership of a typewriter unless it was registered with the local police department, with a typing sample provided. At least the enemy has finally removed his mask. Arnold Reinhold "1984 wasn't a novel, it was just another high-tech product plan with an unrealistic ship date." - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
The scariest part of this proposed bill is its definition of the term "Interactive Digital Device": The term "interactive digital device" means "any machine, device, product, software, or technology, whether or not included with or as part of some other machine, device, product, software, or technology, that is designed, marketed or used for the primary purpose of, and that is capable of, storing, retrieving, processing, performing, transmitting, receiving, or copying information in digital form." This of course applies to all computer software since all programs operate on data in "digital form". Since all interactive digital devices will be required to utilize certified security technologies this would imply that every protocol used on the internet; every program that reads/write from disk or from memory or from a CPU register; will need to have an approved security technology. Certainly the government is not in a position to develop a security standard for each an every internet protocol: SMTP, FTP, HTTP, SSH, TELNET, RSH, LDAP, DNS, ... Not to mention every Hello World type program that has ever been developed. It is also unclear from the proposed bill what the purpose of the bill is. "To provide for private sector development of workable security system standards and a certification protocol that could be implemented and enforced by Federal regulations, and for other purposes." Is this meant to be an add-on to the DCMA to make it easier for commercial copyright holders to limit the types of devices that can be built, sold, and used? This could be done by having the laws specify the use of standards requiring licensing of technologies that are only available on a fee per instance basis. (This would exclude the use of any open source operating system.) Is this meant to ensure that appropriate technologies are in all personal devices (PCs, phones, PDAs, set top boxes, ...) to unsure the privacy of the data sent and received by their users? A worthy goal although I doubt I want the government regulating which protocols and security standards I can use. In either case, it seems unrealistic to assume that the government can regulate this effectively. Will the government create their own security standard for each protocol, service, application, computing architecture, ... or will it simply order the use of standards recognized by a group such as the IETF? If the IETF (or a similar group) where will the funding come from? I'm sure the IETF does not want to become a line item in the U.S. budget. I asked a computer science freshman to look at this proposed bill and here was his reaction" "well from a short look, I like the idea behind it. I think it would be very good if everyone knew when they sent information of any sort that it would be secure. There are two problems I have with it though. One, is that I'm trying to think about the real world implications of this bill. I'm trying to think if it will cause a lot of problems integrating these security measures. Second, I don't know if it's a good idea to use one standard for security. It seems to me that once a security standard is made, a few years later, people find out a flaw in it, or processing power is good enough to break it. Having one standard makes it the target to try and break, whereas if there are many different standards, it's less of a risk." I think that the concerns about end user privacy and identity theft will lead the vast majority of the public at large to support bills similar to this even if the end result would be a sharp reduction in their rights. Of course, my student also understands that there are serious implications that have to be considered. Jeffrey Altman * Sr.Software Designer C-Kermit 8.0 Beta available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
On Sun, 9 Sep 2001, Carsten Kuckuk wrote: > Am I right in that this bill would effectively outlaw all free > open-source operating systems like Linux, OpenBSD, FreeBSD, etc.? > > Carsten Kuckuk Yes. All "interactive digital" systems that directly connect to the net will have to licensed. Most that do not connect directly will also have to be licensed. License costs will be high enough so that only a few large companies can afford them. Individuals will not be allowed to assemble components to make a computer for themselves, unless they spend millions on a license, and wait some months for the paperwork to go through. oo--JS. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
At 12:26 PM 09/09/2001 +0100, Carsten Kuckuk wrote: >Am I right in that this bill would effectively outlaw all free >open-source operating systems like Linux, OpenBSD, FreeBSD, etc.? Only if the free operating system hasn't developed a US-government-certified-copy-protection-system and paid the US government for certification, and the machine had a pre-Hollings OS on it. If an older machine didn't have an approved operating system on it, or had the copy protection built into the hardware, you could install the free OS there, but if there's already a copy of Monopoly-Enforcing Operating System there, you can't uninstall that, because you'd get the $50 fine for disabling it. (Boy, that's a *lot* more expensive that the $2000 fine for disabling smoke detectors in an airplane lavatory. I guess copying music is more of a threat to public safety than airplane fires caused by smoking in the can.) You *probably* could use Partition Magic to let you install the free operating system in one partition while leaving the Monopoly-Enforcing Operating System in its original partition, but I'm not sure if you'd be allowed to boot it after you do. You could also install Linux using a umsdos file system, which stores Linux as files on the Microsoft file system, but I'm not sure if you'd be allowed to boot it or not. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
-- On 10 Sep 2001, at 0:26, Jay Sulzberger wrote: > All "interactive digital" systems that directly connect to the > net will have to licensed. Most that do not connect directly > will also have to be licensed. License costs will be high > enough so that only a few large companies can afford them. > Individuals will not be allowed to assemble components to make > a computer for themselves, unless they spend millions on a > license, and wait some months for the paperwork to go through. When the chinese invented paper, the government eventually decided that this led to dangerous communication of dangerous thoughts, and prohibited private production of paper. It made paper making a state secret, and castrated all paper makers so that the secret would not be passed from father to son, but only transmitted in government approved channels. Thereafter paper was used only to transmit government approved thoughts through government channels, and to the populace. Computers are similarly dangerous. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG pEyJYvluyMSWgNZ7GAkKeNzQ3mshy+SsKVJ/wMhs 4sKLUftGKcn9X/CXUOs7SZPnTiZHI8M0IpiNhuyx6 - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
There are obviously a number of arguments that even Senators might listen to. 1) This Act actually creates two types of computers: those that comply with the Act and those that don't comply. 2) This Act artificially inflates the cost of a basic PC, making it much harder to install them in schools, or use them in other ways to educate disadvantaged American citizens. 3) If this Act forces all U.S. vendors to comply with the Act, then it eliminates U.S. vendors from the international personal computer market. Overseas vendors will continue to build the powerful products we use today, which provide far greater capabilities than most user can harness. U.S. vendors will have to build more costly products that won't be able to compete against cheaper foreign products. 4) This Act prevents "garage shop" innovation in information technology by placing it entirely in the hands of established vendors. This kills the wellspring of innovation that was responsible for the PC revolution in the first place. Innovation doesn't happen if it has to ask permission first. Rick. [EMAIL PROTECTED] roseville, minnesota "Authentication" coming in October http://www.visi.com/crypto/ - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
I believe that only the DA (government) can initiate criminal proceedings. Unlike in civil proceedings the copyright holders don't have to spend a dime defending their DMCA or (proposed) SSSCA rights, the taxpayer foots the bill. -- Viktor. > Richard Hartman > > If this monstrosity gets passed, could we overload the courts > w/ lawsuits against companies that manufacture any digital > device that does not conform to the law (such as digital > answering machines) and, in so doing, bring the inconsistancies > & impracticalities to theattention of the public and the courts? > > [Moderator's note: Probably not. --Perry] > - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
Rick is absolutely right, but could I give the lobbyist reply? >1) This Act actually creates two types of computers: those that comply with >the Act and those that don't comply. Wrong; it eradicates the second type. Our innovative US hardware sector will be ready with compliant machines the day the Act comes into force. >2) This Act artificially inflates the cost of a basic PC, making it much >harder to install them in schools, or use them in other ways to educate >disadvantaged American citizens. Wrong again; economies of scale will mean the entire industry will unite to build on the important work by the TCPA, 4C Entity (or however many Cs there are these days) and Microsoft to add this capability at minimal cost. >3) If this Act forces all U.S. vendors to comply with the Act, then it >eliminates U.S. vendors from the international personal computer market. >Overseas vendors will continue to build the powerful products we use today, >which provide far greater capabilities than most user can harness. U.S. >vendors will have to build more costly products that won't be able to >compete against cheaper foreign products. It won't take long to use the WIPO, WTO, and good 'ole US strongarm tactics to impose this legislation on the rest of the world. Meanwhile, we impose crippling sanctions on any company with any US exposure that produces such devices. cf Cuba, war on drugs, etc. etc. >4) This Act prevents "garage shop" innovation in information technology by >placing it entirely in the hands of established vendors. This kills the >wellspring of innovation that was responsible for the PC revolution in the >first place. Innovation doesn't happen if it has to ask permission first. Who cares about innovation if it isn't contributing campaign dollars? Sorry for my cynicism :( Ian. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
Ian Brown writes: >It won't take long to use the WIPO, WTO, and good 'ole US strongarm >tactics to >impose this legislation on the rest of the world. Meanwhile, we impose >crippling sanctions on any company with any US exposure that produces such >devices. cf Cuba, war on drugs, etc. etc. Before we engage in the usual tirades against the Great Satan, let's note this: Round about the time the recording industries were hobbling DAT decks to make sure they would not threaten their business, there was an attempt to make the PC industry build in anti-copy technology like the one in digital tape decks. The computer hardware lobby, assisted by some non-profits, killed the measure handily. I see little reason to believe we won't see a similar result this time, especially given the huge issue (finally!) digital copyright has become. After all, what hardware company wants to sell a hobbled computer whose main purpose is to protect someone else's line of business? Hollings will make more enemies than he cares to think of if he proceeds with this dead-on-arrival bill. Will Rodger Washington, DC - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
Having read this bill, I cannot shake the suspicion that it is an ambit tactic. An unreasonable bill has been proposed to be shot down, and the real bill will be introduced in a few months time. This new bill will certainly contain a number of nasties, but it's backers will seem to have compromised and "addressed" our concerns. Our continuing objections will be painted as unreasonable, and thus we'll be marginalised in the debate. Their bill will pass, nasties and all. This technique only works if you have tame politicians willing to propose ambit bills, which is a risky strategy as can make them look ridiculous. I don't know enough about Hollings to judge. Even so, the timing of the bill is interesting given the recent papers about the success of the DCMA. One could reasonably suggest that this timing is a little too clever to be unorchestrated. Disclaimer: speaking for myself, not for Sun. Ian. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
> I see little reason to believe we won't see a similar result this time, > especially given the huge issue (finally!) digital copyright has become. > After all, what hardware company wants to sell a hobbled computer whose > main purpose is to protect someone else's line of business? The TrustedPC membership including Microsoft, Intel, IBM and Compaq. Jeffrey Altman * Sr.Software Designer C-Kermit 8.0 Beta available The Kermit Project @ Columbia University includes Secure Telnet and FTP http://www.kermit-project.org/ using Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. SSH soon to follow. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
RE: [dvd-discuss] Re: Sen. Hollings plans to introduce DMCA sequel: The SSSCA
> -Original Message- > From: Scott A Crosby [mailto:[EMAIL PROTECTED]] ... > > Worse.. Think of it: > This even applies to answering machines that store the message on a > digital chip. (Like the one my mother uses). > > So, this like the DMCA, will be a law that will be very selectively > enforced. > If this monstrosity gets passed, could we overload the courts w/ lawsuits against companies that manufacture any digital device that does not conform to the law (such as digital answering machines) and, in so doing, bring the inconsistancies & impracticalities to theattention of the public and the courts? [Moderator's note: Probably not. --Perry] We don't _have_ to let them get away with selective enforcement. By insisting on full enforcement we would be able to break them, I think. -- -Richard M. Hartman [EMAIL PROTECTED] 186,000 mi./sec ... not just a good idea, it's the LAW! - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]