Re: privacy digital rights management
Of course, nothing can stop Amazon from entering your credit card data and/or address into another program. They need to see this data in order to perform their normal business functions, and anyone can read it off the screen and type it into another computer. But the point is, they can't do it to the entire database. Amazon has millions This is naive approach. Even if we assume that amazon would in *fact* agree to this mechanized enforcement of corporate policies, and that tcpa owners/creators are not colluding (open source doesn't mean shit - check the history of pgp vulnerabilities) and that policies are foolproof (think bug-free software) and that amazon is not running SSL proxies in front of its servers on separate machines (as they probably do now so it's sniffable plaintext inside) and that there will never be a tap on data/address bus (or is tcpa protecting the whole RAM somehow ?) and that no one will offer $1 off-the-screen reading OCR software with attached device that emulates fingers on the keyboard and reads the entire database in a week (rent-a-tap ?), even if we assume all that, a dream where the server *becomes the business* (amazon is someone who buys the domain name and the server), how do you imagine to convey the advantage of all this to the unwashed masses ? It is much cheaper and equally effective to run advertizing campaign that claims that data is secure than to actually implement it in some technological way which no one can understand. The first time a braindead exec of e-tailer introduces tcpa/drm the competition will come up with tcpa plus or ypzd secure that will sound and feel much more secure and yet let them sell lists and beat the competition. It works - most americans believe in magic properties of the greek word democracy. The technology, once outside of comprehension of your average sheep, is irrelevant. It's waste of money. Note that, as with the earlier DRM analysis, the TCPA in this example exists to help Amazon prove to people that they are behaving honestly. This proof would require understanding of what tcpa is. All people who do actually understand that can protect their privacy just fine today without any additional tcpa needed. I'm starting to believe that there is some truth in stereotyping of engineers as total incompetents in bipedal interactions. = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
Re: Brin
Bob - I'm not sure if you copied David separately/Bcc on your reply, and I've dropped Cc:s to some of your lists that I'm not on, and I missed your original message that David flamed you for which you're flaming back about, but Perhaps I've missed some really critical things the time or two that I've read The Transparent Society, or projected too much liberarian hype into my reading, but to me the big points were - Moore's Law, etc., will make networked cameras so appallingly cheap that that they'll be pretty much universal. It'll do it to other information technologies as well, but the public has an easier time understanding what a camera means than a database, so that's the one to focus on when you're writing popular science. - Usual digressions into what Moore's Law and cheap and universal mean, and some implications about the realism of expecations of privacy that need to be said slowly for people who haven't spent years talking about geodesic economies and therefore don't get it (:-) - Lots of people will be watching you on cameras, either because they feel like it, or because they're watching something else and it's too much trouble to not watch you at the same time. And you'll be watching lots of people or things, for similar reasons, and realistically there's not much that'll stop it. - The government will be watching you, like it or not. Brin spends a while discussing the issue of whether we should try to stop them from doing so through legislation, but basically views it as a lost cause for economic reasons, and all the related reasons of power, convenience, control, etc. (I don't remember how much time he spent on the even if they ban government from watching you most of the time, they'll always give themselves exemptions even if they bother following the rules, so just get used to it issue, but it was there. Video's too cheap.) - We might be watching the government, or we might not, and the government are the only major group that can easily make it hard to watch them, because they can throw you in jail if you get in their face, and they've got enough control over their actions to make it difficult to watch them. THIS IS WHERE WE NEED TO FOCUS AS CITIZENS, because if you don't force them to do their work in the sunshine, they won't, and because getting them not to watch you is a lost cause. - Cypherpunks technologies are mostly a lost cause, because Bad Guys (mainly the government) will use them to do their bad things, whereas they can put cameras in your ceiling to watch you type your passwords, hide bugs under your bed (next to the Communists) to listen to the conversations you're having on your EnCryptoPhone, etc. Making sure the government is maximally watchable is more important, and if you say you're allowed to hide your actions, they'll make sure they're allowed to hide theirs, and they're better at this organized coercion thing than you are. Perhaps I'm putting words in Brin's mouth, especially about the latter, but it has seemed to have been the major bone of contention between Brin and various Cypherpunks. Meanwhile, Big Brother *is* increasingly watching us, even if in GeodesicWorld nobody else has bothered paying enough to watch hi-res videos of most of us very often, and BB is trying very hard to make himself much less accountable, because if we can see where George is, we can question him, and if that happens, the Terrorists Have Won... (Meanwhile, the Bush Administration has been promising heavy scrutiny of the Worldcom Debacle, if nothing else because they're so pleased to have dishonesty from somebody who's not in the Oil Business or Military-Industrial Complex for a change.) At 12:54 PM 06/25/2002 -0400, R. A. Hettinga wrote: I should say, at this point in things, that I've never complained at all about Brin's heralding some mechanical ubiquity of *observation*, per se, any more than I complain about the market, celestial mechanics, or the weather. You can't fight Moore's (or Metcalfe's, or whoever's) Law, and all that. I *do* think that observation done by people of their own property (call it supervision, I guess), is much better than observation by states of their own citizens (call that surveillance). In fact, I would go far enough to say that the former is just plain common sense, and the latter is the very definition of totalitarianism. ... Put in less Proustian terms, the *market* for such things will determine which side will prevail: Monopolistic surveillance with the consent of the governed, versus the supervision of private property by a whole swarm of individual market actors. It will not be decided, as some
Re: Ross's TCPA paper
On Mon, 24 Jun 2002, Anonymous wrote: The important thing to note is this: you are no worse off than today! You are already in the second state today: you run untrusted, and none of the content companies will let you download their data. But boolegs are widely available. The problem is that the analog hole is how we debug stuff. When our speakers don't sound right, we tap the signal, put it on an oscilloscope so we can see what's wrong, correct the drivers, and try again. When our monitor can't make sense of the video signal, it's different equipment but the same idea. When you encrypt all the connections to basic display hardware, as proposed in Palladium, it means nobody can write drivers or debug hardware without a million-dollar license. And if you do fix a bug so your system works better, your system's trusted computing system will be shut down. Not that that's any great loss. Likewise, encrypted instruction streams mean you don't know what the hell your CPU is doing. You would have no way to audit a program and make sure it wasn't stealing stuff from you or sending your personal information to someone else. Do we even need to recount how many abuses have been foisted on citizens to harvest marketing data, and exposed after-the- fact by some little-known hero who was looking at the assembly code and went, Hey look what it's doing here. Why is it accessing the passwords/browser cache/registry/whatever? Do we want to recount how many times personal data has been exported from customer's machines by adware that hoped not to be noticed? Or how popup ads get downloaded by software that has nothing to do with what website people are actually looking at? I don't want to give vendors a tunnel in and out of my system that I can't monitor. I want to be able to shut it down and nail it shut with a hardware switch. I don't want to ever run source code that people are so ashamed of that they don't want me to be able to check and see what it does; I want to nail that mode of my CPU off so that no software can turn it on EVER. I'll skip the digital movies if need be, but to me trusted computing means that *I* can trust my computer, not that someone else can. Bear
Re: Diffie-Hellman and MITM
hi, If there is no previous shared secret,then ur communication on an insecure network is susecptable to the man in the middle attack. One solution suggested against the man in the middle attack is using the interlock protocol InterLock Protocol Is used to foil a man in the middle attack, 1:Alice sends Bob her public key 2:Bob sends Alice his public key 3:Alice encrypts her message with Bob's public key.She sends half of the encryped message to Bob. 4:Bob encrypts his message using Alice's public key.He sends half of the encrypted message to Alice. 5:Alice sends the other half of encrypted message to Bob. 6:Bob puts the 2 halves of Alice's message together decrypts it with his private key.Bob sends the other half of the message to Alice. 7:Alice puts the 2 halves of Bob's message together decrypt it with her private key. Here Mallory can still substitute his own public key for Alice Bob . Now when he interceprs half of Alice's message,he cannot decrypt it with his private key re-encrypt it with Bob's public key .He must invent a completely new message send half of it to Bob. When he intercepts half of Bob's message to Alice,he has the same problem. He cannot decrypt with his private key re encrypt with Alice's public key. By the time the second half of the message of Alice Bob arrive,its already too late to change the new message he invented. The conversation between Alice Bob need to be completely different. How ever if Mallory can mimic Alice Bob,they might not realise that they are being duped may get away with his scheme here is what i think It is not compulsary that all the blocks of messages must be invented by Mallory. he only need to make the first full message for alice and send it to bob vice versa. ok,eg: 1:alice send bob part of 1 st block 2:bob makes the 1 st half on his own and send to bob keeps alice's message 3:now bob sends his first half of message 4:mallory intercept it and make his own message and send it to alice 5:Again bob sends alice the other half of the msg which mallory intercepts substitue his own 2nd part of his block 6:the same happens when bob sends the second half of his message to alice,mallory intercepts it and sends his own 2 nd block to alice. since he has send one full block to each other has the full block of alice's and bob's true messages,mallory can now split it as half and complete the protocol ie, since the 1 st packet is fake,he has the true packets of alice bob can complete the protocol. All mallory would have to do is send the half of the (n th) packet when he receives the half of (n+1)th packet since the 1 st packet was faked by mallory. so i dont think the interlock protocol will work in this case. thats how i understand it. am i not rite? Regards Data. --- Mike Rosing [EMAIL PROTECTED] wrote: On Fri, 28 Jun 2002, Marcel Popescu wrote: Well... I assume an active MITM (like my ISP). He's able to intercept my public key request and change it. Plus, I now realize I should have put an even harder condition - no previously shared *information*, even if it's public. I need to know if two complete strangers can communicate securely over an insecure network, even if they communicate through an untrusted party. Wasn't there a protocol for two prisoners communicating through an untrusted guard? Can't be done. You must have multiple channels, and you need to hope that all of them can't be spoofed. A phone call, a newspaper ad, a bill board, a satallite link, any one of them might be spoofed. But to spoof *all* of them would be very hard. If you use some kind of security by obscurity method, you can do something once. but for general security, it's not possible to just go via the net without an out-of-band check. A public posting of the key id is a pretty safe way for a large company or organization. A .sig with your key id is another good way, it leaves traces all over the net for a long time. The point is that you have to leave some kind of trace that's checkable via an effective alternate channel. Otherwise, the MITM wins. Patience, persistence, truth, Dr. mike __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com
Re: Ross's TCPA paper
Yes, this is a debate I've had with the medical privacy7 guys, some of whom like the idea of using Palladium to protect medical records. This is a subject on which I've a lot of experience (see my web page), and I don't think that Palladium will help. Privacy abuses almost always involve abuse of authorised access by an insider. Recent case: 15-year old girl in Croydon, England, gets termination of pregnancy without telling her mother. This is reported to the local health authority, where her uncle works; he sees the report and tells the family. Palladium doesn't help here. Even if the unclse is constrined by the Fritz chip from doing anything other than look at the screen, he still has the information. The fix for this problem is anonymous reporting, with the identity of the girl known only to the treating physician. It is a policy issue, not a techjnology issue; if technology such as Palladium is introduced it will most likely be by health authorities trying to find an excuse to retain access to data that they shouldn't have in the first place. (We've seen a similar effect with smartcards in healthcare, and in fact the general phenomenon has an interesting similarity with what the environmental economists call the `social reward trap': making `green' goods available often increases pollution as people consume green goods rather than consuming less.) Ross
Re: Rendering Unto Ceasar
At 11:13 AM -0400 on 6/29/02, R. A. Hettinga wrote: Ceasar Romero, Oops. Conflation between Ceasar Romero, Aldo Rey, and the character Aldo in the *third* and *fourth* Planet of the Apes sequellae, played, in the fourth movie's speaking role, by Claude Akins. IMDB is your friend. ;-). Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Cluelessness is Wrong
Anonymous writes This shouldn't have to be said, but apparently it is necessary. And even if it isn't, you're going to say it anyway, aren't you? Piracy - unauthorized copying of copyrighted material - is wrong. It inherently involves lying, cheating and taking unfair advantage of others. Systems like DRM are therefore beneficial when they help to reduce piracy. We should all support them, to the extent that this is their purpose. Guess again. All photons on my property are mine to decode and process as I see fit. By sending photons onto my property, you agree to these terms. When an artist releases a song or some other creative product to the world, they typically put some conditions on it. If you want to listen to and enjoy the song, you are obligated to agree to those conditions. If you can't accept the conditions, you shouldn't take the creative work. The artist is under no obligation to release their work. It is like a gift to the world. They are free to put whatever conditions they like on that gift, and you are free to accept them or not. Well, this post to Cypherpunks is my work. The conditions I put on it are that by reading it, anyone named Anonymous agrees to serve me until the end of time, transfer to me all their worldly goods, and permit me to sacrifice their firstborn to Baal. If you take the gift, you are agreeing to the conditions. If you then violate the stated conditions, such as by sharing the song with others, you are breaking your agreement. You become a liar and a cheat. Like Anonymous here. This isn't complicated. It's just basic ethics. It's a matter of honesty and trust. When someone makes you an offer and you don't find the terms acceptable, you simply refuse. You don't take advantage by taking what they provide and refusing to do your part. That's cheating. Unsolicited free gifts are mine to keep. I just got some lovely address labels from a paralyzed baby-killers organization. I plan to use them on my mail, and not send them a dime. Anyone else who wants to send me free stuff, including photons, is free to do so. They won't get a cent either. Copyright should be abolished. If you don't want your secrets, or artistic works, copied and shared, you are free to keep them in a vault in your basement, for your sole enjoyment. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division Do What Thou Wilt Shall Be The Whole Of The Law
Piracy is wrong
This shouldn't have to be said, but apparently it is necessary. Piracy - unauthorized copying of copyrighted material - is wrong. It inherently involves lying, cheating and taking unfair advantage of others. Systems like DRM are therefore beneficial when they help to reduce piracy. We should all support them, to the extent that this is their purpose. When an artist releases a song or some other creative product to the world, they typically put some conditions on it. If you want to listen to and enjoy the song, you are obligated to agree to those conditions. If you can't accept the conditions, you shouldn't take the creative work. The artist is under no obligation to release their work. It is like a gift to the world. They are free to put whatever conditions they like on that gift, and you are free to accept them or not. If you take the gift, you are agreeing to the conditions. If you then violate the stated conditions, such as by sharing the song with others, you are breaking your agreement. You become a liar and a cheat. If you take the song without paying for it, you are again receiving this gift without following the conditions that were placed on it as part of the gift being offered. You are taking advantage of the artist's creativity without them receiving the compensation they required. This isn't complicated. It's just basic ethics. It's a matter of honesty and trust. When someone makes you an offer and you don't find the terms acceptable, you simply refuse. You don't take advantage by taking what they provide and refusing to do your part. That's cheating.
Re: mount filesystem and run a program when hotplugged
On Fri, Jun 28, 2002 at 05:29:17PM +0200, Eugen Leitl wrote: I've bought me a little (32 MBytes) hotpluggable USB flash stick (a TrekStor). It mounts fine, but what I'd like to do is to automount it, and fire up a program (I intend to put my keyring on it) if hotplugged. You need to enable hot-pluggable devices in your kernel configuration (along with USB storage stuff as well of course). Then, when you insert the flash, kernel will automagically load all necessary drivers and call /sbin/hotplug (path set in /proc), which can be a shell script. From here you can do everything you want. Actually, those flash devices are quite cool, I'm using them to distribute configuration, keys and software upgrades on my security gateways etc., so feel free to ask if you have any problems. -- Pawe3 Krawczyk * http://echelon.pl/kravietz/ Krakow, Poland * http://ipsec.pl/
Re: Piracy is wrong
[From: Anonymous] If you take the song without paying for it, you are again receiving this gift without following the conditions that were placed on it as part of the gift being offered. You are taking advantage of the artist's creativity without them receiving the compensation they required. Of course. But this isn't about that. At least not for me. The reason I don't like DRM is that it stops me from enjoying the music I buy. Unfortunately record companies are already getting started, which got me into trouble a few weeks ago. I wanted to purchase a CD, but it had something called copy protection which made it impossible for me to listen to it. I e-mailed the record company asking what I should do but got no reply. So, I gave up, and downloaded the album from the internet instead, since it was the only way I could think of to get the music. Now, being an honest man (and also wanting to express my opinion) I sent a letter to the record company telling what I had done and why, and enclosed a $10 bill since I wanted to pay for the music. You can read my letter at http://www.tydal.nu/en/cd/bmg.html
Re:
At 03:31 AM 06/29/2002 -0700, [EMAIL PROTECTED] wrote: Thanks Bill, for passing on your message, along with the news that I've been dissed and discussed by R.A. Hettinga. Naturally, he never informed me, nor copied me his missives, nor invited me to answer. This appears to be quite typical. Sure. I'd assumed you'd seen his mail; I'm separately forwarding the message that I'd excerpted, though I don't seem to have most of the other messages in the thread; archives are at http://inet-one.com/cypherpunks/ (it's mostly full of spam, because somebody once decided to make a point about list filtering by subscribing us to all the spam he could find but there's real content as well; I read the spam-filtered version of the list, but I'm not aware of an archive of that version.) You do get occasionally discussed on the list, or at least referred to, Your attempt, below, is a good effort. Inaccurate in some details, but also quite interesting. I wish I had time for a full reaction. Perhaps I will try later, after returning from giving a keynote at the Libertarian National Convention. Oh, that'll be interesting - I'll see you there. One of the cypherpunks arguments is that you'll get a lot more whistleblowers if they can do so anonymously. ... The only defense of freedom that works is the one americans have used for 200 years. An AGGRESSIVE approach, barging into the citadels of power, ripping the blinds, opening the windows, protecting the whistleblowers, siccing elites against each other, unleashing a myriad news-hounds and generally stripping the big boys naked! ... My freedom is protected by MY ability to supervise govt... to know what they are up to and to hold them accountable if they abuse their power. Not only is that epistemologically possible, it is exactly how we got the freedom we now have!
RE: Rendering Unto Ceasar
...hypoxic, spittle-soaked screed elided... (I remember something my brother said to me once, in another context hereabouts, about being careful not to get into a pissing match with a sewer outfall. Oh, well. Hope it was as good for him as it was for me, and all that...) Plutocracy forever, Dr. Brin. Don't let the door hit you on the way out. Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: [IRR] Brin Responds to Re: Brin
At 1:49 PM -0400 on 6/29/02, Somebody wrote: I am delighted to see that David Brin is becoming even more loony with the passing of time, and even more delighted to find you quoting him. What else can one do with Brin, but quote him? More than anyone I have ever known, he debunks himself, thus saving everyone else the time and trouble of doing so. For this, I am extremely grateful. Most loonies are not so considerate of other people's time. :-). Unfortunately, I couldn't leave well enough alone, I'm afraid. I haven't gotten flamed in quite a while, but, on the other hand, I haven't written very much get flamed for, I suppose. As friend Rodney Thayer says, you're only as good as the people you piss off. Taken in the spirit offered above, it looks like I've just rattled the bars on the monkey-cage to no good effect. Oh, well. I need to get in the habit of writing again one way or another, even the word-count *is* in the service of an on-line pissing contest... Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Piracy is wrong
Anonymous wrote: Piracy - unauthorized copying of copyrighted material - is wrong. http://www.gnu.org/philosophy/words-to-avoid.html When an artist releases a song or some other creative product to the world, they typically put some conditions on it. Don't overlook the fact that when the government gives an artist a limited monopoly through copyright, the government retains some rights (e.g., fair use) to the public, whether the artist likes it or not.
maximize best case, worst case, or average case? (TCPA)
[summary: TCPA is a tool which even if not necessarily always used for DRM applications, and other far more evil applications, is dangerous enough that it must be killed to prevent the introduction of, and legal mandate for, these DRM and other more evil applications. People should be prepared to make some sacrifices to accomplish this goal.] (long rambling exposition follows: overview, possible worlds, possible means of resistance, my suggested integrated course of action) I-I. The current TCPA argument is, I believe, the beginning of a three staged war, with the ultimate potential loss being all freedom. It is much bigger than the issues of security for applications or of copyright. A conspiracy does not need to have conscious participation by all parties; those with knowledge of the entire situation can do enough simply by failing to act at key points, rather than taking affirmative action. Completely valid agendas can be piggybacked in order to get other aims accomplished. I-II. Yet, as much as I hate the idea of TCPA, the concept behind it has a few legitimately useful security applications I can see, and has been something I've thought about for years in a specific area. While there's a good debate about TCPA with respect to general purpose computing, that kind of the secure hardware module IS the company computing is a useful model for some specialized tasks. Hardware crypto modules which allow general purpose computation already operate in this mode, and as long as the architecture is open (device certified by one authority, code published and signed, secure and deterministic/duplicable toolchain, certain device functionality like publish hash of executing program available, users choose which hardware modules, software vendors, etc. they trust), it can be a tool for good. Admittedly a tool which can be easily perverted for evil. Being able to secure the entire platform on which a given piece of code is executing, and to publish guarantees about that security to users at a distance who will have reason to trust those guarantees, is undeniably useful for a certain class of applications. Ironically, some of these applications themselves are key to liberty. I-III. DRM systems are obviously something a lot of media execs lust after, even out of proportion to the commercial realities, since they inherently like control and hard ownership. I'm sure most content creators at the direct creation level would rather see more users for the same profit; non-creative people in the industry of creation would prefer to see the same revenue from a smaller population, as it leaves a larger potential untapped marketplace. DRM systems embedded in general purpose computers, especially if mandated, especially if implemented in the most secure practical manner (running the system in system-high DRM mode and not allowing raw hardware access to anything at any time on the platform, rather than trying to allow concurrent open and closed operation a la CMW), and in a closed manner for revenue protection purposes (only rich people get to sign the code, or at least only the keys of rich people are widely distributed by default, and anything else requires special operations by the user), are evil. (There's the whole debate about the role of copyright, piracy, content ownership, etc., which I doubt will be resolved any time soon, and I think tying it too closely to the TCPA/DRM/etc. debate is dangerous, as the intermediate results might suck a lot -- hopefully the copyright and general economic restructuring debate will take a lot longer than this particular issue of hardware restrictions) I-IV. Aside from the issues of legitimate security, and DRM, there's a third hidden agenda behind the restriction of general purpose computing hardware -- the removal of a very powerful tool from the public at large. While not stated even by the paranoids :) who claim TCPA is obviously a wedge for DRM, it seems the logical conclusion. Large commercial enterprises, governments, and the like have a fear of everyone in the world having tools of the same power; for the most part, a single laptop computer is effectively the same as the sum of all other machines in the world, for many critical applications. Auto companies would certainly be displeased by a $5 trivially distributed tool to create cars, just add water, at basically zero marginal cost; without means of protecting their franchise from limitless competition, commoditization, and decentralization, companies need to compete based on speed and agility of innovation. There is no economy of scale in that, indeed, massive diseconomies of scale. General purpose computers are the equivalent of just add water (or beer, or chemical of choice) and produce products and services. As such, they should rightly terrorize any organization which does not compete purely by being the best, most dynamic, most innovative competitor, any organization which uses its current
Re: Piracy is wrong
-- Original Message -- From: Anonymous [EMAIL PROTECTED] Date: Sat, 29 Jun 2002 20:16:06 +0200 (CEST) When an artist releases a song or some other creative product to the world, they typically put some conditions on it. If you want to listen to and enjoy the song, you are obligated to agree to those conditions. If you can't accept the conditions, you shouldn't take the creative work. This assumes the truthfulness of the fundamental premise, that an artist can both share information, and yet control it after it's shared. This is more an artifact of our time than a fundamental moral principle of nature. Throughout most of human history, information was either secret, or it was public knowledge... no other choices. j Sent via the WebMail system at 1st.net
Re: Piracy is wrong
Subject: CDR: Piracy is wrong This shouldn't have to be said, but apparently it is necessary. Which is a correct statement, but an incorrect line of thinking. Piracy is an illegitimate use of a designed in hole in the security, the ability to copy. This right to copy for personal use is well founded, and there are even supreme court cases to support it. DRM removes this right, without due representation, and it is thinking like yours that leads down this poorly chosen path. The other much more harsh reality involved is that DRM cannot work, all it can do is inconvenience legitimate consumers. There is massive evidence of this, and you are free to examine them in any way you choose. Piracy - unauthorized copying of copyrighted material - is wrong. It inherently involves lying, cheating and taking unfair advantage of others. Systems like DRM are therefore beneficial when they help to reduce piracy. We should all support them, to the extent that this is their purpose. When an artist releases a song or some other creative product to the world, they typically put some conditions on it. These include the expectation that the artist will be paid according to whatever deal they have signed with their label. Inherent in this deal is the consumer's right to copy for personal use, and to resell their purchased copy, as long as all copies that the consumer has made are destroyed. DRM attempts to revoke this right to personal copying, and resale. If you want to listen to and enjoy the song, you are obligated to agree to those conditions. If you can't accept the conditions, you shouldn't take the creative work. And if the artist cannot accept the fundamental rights specifically granted, they should not produce art. The artist is under no obligation to release their work. It is like a gift to the world. They are free to put whatever conditions they like on that gift, and you are free to accept them or not. Last time I checked the giver is supposed to remove the pricetag from the gift before giving it. By a similar argument, everyone should be happy that the WTC flying occured, after all they were kind enough not to kill anyone that's still alive. The logic simply doesn't hold. If you take the gift, you are agreeing to the conditions. If you then violate the stated conditions, such as by sharing the song with others, you are breaking your agreement. You become a liar and a cheat. In fact one of the specifically granted rights is the right to share the music with friends and family, so this has nothing to do with being a liar and a cheat it has to do with excercising not just rights, but rights that have been specifically granted. If you take the song without paying for it, you are again receiving this gift without following the conditions that were placed on it as part of the gift being offered. You are taking advantage of the artist's creativity without them receiving the compensation they required. Because of that specifically granted right, that copies can be made for friends and family, it is also a specifically granted right to accept those copies. So it is merely excercising a specifically granted right. You clearly have not read or understood the implications and complexities of your statements, with regard to either logic or the law. This isn't complicated. Apparently it is too complicated for you. It's just basic ethics. It's just basic rights and excercising of those rights. It's a matter of honesty and trust. If the record companies were prepared to trust, why do they employ a substantial army of lawyers? Why do they pursue every p2p network? Why are they pushing for DRM? Trust is not a one-way street. The recording labels have demonstrated that they cannot be trusted in any form, what delusion makes you think they can be trusted now? When someone makes you an offer and you don't find the terms acceptable, you simply refuse. Exactly, I refuse to accept a DRM -limited environment which does not allow me full ownership of something I purchased. You don't take advantage by taking what they provide and refusing to do your part. That's cheating. No, that's a fundamental misunderstanding of everything involved, from law to basic logic you have misunderstood it all. Joe
RE: Rendering Unto Ceasar
R. A. Hettinga writes: At 3:31 AM -0700 on 6/29/02, [EMAIL PROTECTED] paints a picture out of the second Planet of the Apes movie, Roddy McDowell, Ceasar Romero, and all...: Brin said: An AGGRESSIVE approach, barging into the citadels of power, ripping the blinds, opening the windows, protecting the whistleblowers, siccing elites against each other, unleashing a myriad news-hounds and generally stripping the big boys naked! Hettinga comments: In other words, using the nation-state (a mob by any other name smells just same) to solve a technological, a physical, problem. Shall we legislate pi, while we're at it? Brin's new remise: The attempt to paraphrase me, above, using in other words, is yet another example of the profound dishonesty we're witnessing here. It truly is pathetic when people feel a need to cram words and meanings into the mouths of other people, in blatant attempts to make them look foolish or to erect strawmen to knock down. In fact, Hettinga's in other words above has no relationship to anything I believe, nor to anything I've said. And certainly no relationship to the very paragraph to which he refers! This is truly dismal. I think my original point about Brin trusting the nation-state -- one I thought fairly tangential to my review of Wayner's excellent Translucent Databases, though apparently not tangential enough -- is proven above, and throughout Dr. Brin's latest fulmination. Meet the new mob, same as the old mob, with a nod to Mr. Townsend and the now late Mr. Entwhistle. Please note, not an iota of actual citation or specificity. He avoids addressing the central issue -- that he crammed words and meanings into my mouth that have no bearing on my views - a harmful act since others might believe him. Moreover, he did not offer me a chance to see or comment. Moreover he abused quotation marks. These are my mob actions... apparently Hettinga can do whatever he wants to others, but calls it 'mob' when one of those people explicityly and carefully holds him accountable for deliberate untruths. Sure, we're going to have ubiquitous *supervision* of *property* using exponentially cheaper charge-coupled camera devices attached to geodesic internetworks. Moore's, Metcalfe's, Gilder's(?) laws, will not be denied. But it will be increasingly done by property owners, and not by nation states. I think that Brin used his entire book to grope for that same point, but, apparently, he can't see beyond his own statist nose to the ultimate answer to the problem he poses there. At last, a paraphrasing the glancingly touches my actual views. Cameras HAVE proliferated as much in the US as in Britain - though mostly into private hands, rather than the police. This bothers me because ALL elites should be held accountable. Still, dispersal of vision among as wide a variety of elites as possible is certainly preferable. As for 'statist' views... again, pathetic. I am keynote speaker for this year's Libertarian National Convention. Guys like Hettinga hurl such words at anything they do not understand. If it's not their standard line, it must be Big Brother. Feh. Dr. Brin says something about never hearing of society, much less a nation-state, that succeeded in an atmosphere of ubiquitous personal privacy, and, oddly enough, I believe he's right. First, we haven't been able to organize in large groups without force monopolies until now, and second, of course, nation-states probably can't survive in a world of ubiquitous strong financial cryptography and geodesic internetworks. Fine. He is proposing an experimental new kind of society. I am willing to listen. Meanwhile, however, I will try to defend THIS society using the tools that have created more freedom and wealth than any other. Forcing accountability upon elites is the method that has worked. A burden of proof falls upon the romantics who propose that we switch to an entirely different strategy of hiding from each other behind masks. In The Transparent Society I pose many many problems with this approach. Instead of making caricatures to avoid arguing, ANSWER those problems, one by one. Convince us this untested prescription will work better than one that is already working well. You may succeed, I have a more open mind than yours, apparently. But for now, I consider masks to be craven. You'll find me, bare-faced, confronting statists and aristocrats and plutocrats and other elites demanding that they strip. Enough. You haven't a clue what I believe Hettinga. You have proved it so leave me OUT of your screeds. Stop lying about me, or I'll hold you accountable again. Others, please let me know if/when he starts in again. Better yet, go listen to honest men. With cordial regards, David Brin www.davidbrin.com
Re: Ross's TCPA paper
On Wed, 26 Jun 2002, Barney Wolff wrote: Do you really mean that if I'm a business, you can force me to deal with you even though you refuse to supply your real name? Not acceptable. I don't think that privacy (in the sense of having the right to keep private details of your life from being linked for use unauthorized by you) is ever going to happen if merchants have the right to demand true identities. As a merchant, you have the right to be paid and to be sure of your payment. I don't think you have the right to collect data that you can correlate with every public and business record in the universe and build a profile linked to my identity that says what brand of breakfast cereal I eat, how much a month I spend on sex toys, what kind of books I read, and whether I'm in trouble in divorce court. The problem is that there is no way to check what merchants do with the data once they've got it; customers are prevented from getting into the customer databases and finding out what a merchant's got on them. Merchants have no motive whatsoever to police or restrain their actions in invasion of privacy, and they have a financial motive to link data - so there is no reason to believe that DRM stuff on consumer machines is going to apply to their data handling in the least. I just don't see any possible application of DRM that merchants would allow that protects consumer privacy. So yeah, I think that the right to privacy implies the right to use a pseudonym. For any non-fraudulent purpose, including doing business with merchants who don't know it's a pseudonym. And I think that's a constitutional right, whether the merchants happen to like it or not, just like the right to eat in a restaurant even if the manager don't like colored folks, or picket outside a merchant's business on public property seeking redress of grievances, or tell the truth about a merchant even if it's not flattering to him, or otherwise exercising ordinary civil rights the merchant might prefer you didn't. You can't have privacy without the option of pseudonymity, any more than you can have bread without flour. I won't give up the right NOT to do business with anonymous customers, or anyone else with whom I choose not to do business. A few years ago merchants were equally adamant and believed equally in the rightness of maintaining their right to not do business with blacks, chicanos, irish, and women. It'll pass as people wake up and smell the coffee. Unfortunately that won't be until after at least a decade of really vicious abuses of private data by merchants who believe in their god-given right to snoop on their customers. The point about DRM, if I understand it, is that you could disclose your information to me for certain purposes without my being able to make use of it in ways you have not agreed to. At least in theory. But this debate appears largely to ignore differences in the number of bits involved. To violate your privacy I can always take a picture of my screen with an old camera, or just read it into a tape-recorder. I can't do that effectively with your new DVD without significant loss of quality. Understand that I don't really give a flying crap about the DVD player; if I want a nice movie, I'll get together with some buddies and make one. And I'll let anybody who wants to watch it download it. What I want is the right to prevent my customer records at the bookstore from being correlated with the customer records at my doctor, my dentist, my insurance agent, my therapist, my attorney, my grocery store, my pharmacist, the comics shop, the sex-toy shop, the car dealership, the art gallery, the stained-glass place, the computer store, the video-rental place, my favorite restaurants, and my travel agent, and sold as a nice totally invasive bundle back to the marketing databases of all of the above. This is not a question about number of bits. I figure the database will have an efficient, no-nonsense representation of all of these things, and a photo of the screen, if it can be scanned back, is just as good as a binary copy. I don't see any way that DRM addresses the privacy concern of database linking. Especially since I expect database linking to be done using specialized software that doesn't have to get inspected by anybody with a motive to prevent it, on professional (Non-DRM) machines if necessary. Bear