Free software activists disrupt Commerce Dept. DRM roundtable
Photos are here: http://www.mccullagh.org/theme/commerce-drm-rountable-july02.html More on roundtable: http://www.ta.doc.gov/PRel/ma020710.htm --- http://news.com.com/2100-1023-944668.html?tag=politech Tech activists protest anti-copying By Declan McCullagh July 17, 2002, 5:55 PM PT WASHINGTON--Enthusiasts of free software disrupted a Commerce Department meeting Wednesday, insisting on their right to debate the entertainment industry over anti-copying technologies. About a dozen vocal tech activists in the audience challenged speakers, including Jack Valenti, head of the Motion Picture Association of America (MPAA), who equated piracy with theft and applauded digital rights management. "I'm going to accord you the utmost respect," Valenti said. "I'm going to listen to you, but let me finish...The first thing we ought to exhibit is good manners." The activists, mostly from New Yorkers for Fair Use, interrupted Valenti with hoots and jeers from the back of the room until the former presidential aide offered them the chance to reply. [...]
RIAA escalates attack on music piracy, wants "broadcast flag"
Photos from event: http://www.mccullagh.org/theme/commerce-drm-rountable-july02.htm http://news.com.com/2100-1023-944640.html?tag=politech RIAA talks tough on Web radio copying By Declan McCullagh July 17, 2002, 4:50 PM PT WASHINGTON--The Recording Industry Association of America said Wednesday that it has begun pressing for anti-copying technology in future digital radio standards. Mitch Glazier, the association's top lobbyist, said the RIAA is contacting IT and consumer electronics groups to ask them to consider a "broadcast flag" for digital music sent through the Internet, satellite or cable. [...] The idea is straightforward: Future hardware and software would treat music differently if it were designated as broadcast-only, preventing users from saving it or uploading it. Currently programs like StreamRipper or StreamCatcher can record streaming music distributed through Webcasting. But because people might not use these new kinds of music receivers if given a choice, new federal laws likely would be necessary to compel software and hardware manufacturers to abide by the broadcast-only designation. [...]
Re: DRM will not be legislated
David Wagner wrote: > You argue that it would be irrational for content companies to push to > have DRM mandated. This is something we could debate at length, but we > don't need to: rational or not, we already have evidence that content > companies have pushed, and *are* pushing, for some kind of mandated DRM. > > The Hollings bill was interesting not for its success or failure, but > for what it reveals the content companies' agenda. It seems plausible > that its supporters will be back next year with a "compromise" bill -- > plausible enough that we'd better be prepared for such a circumstance. The CBDTPA, available in text form at http://www.politechbot.com/docs/cbdtpa/hollings.s2048.032102.html, does not explicitly call for legislating DRM. In fact the bill is not very clear about what exactly it does require. Generally it calls for standards that satisfy subsections (d) and (e) of section 3. But (d) is just a list of generic good features: "(A) reliable; (B) renewable; (C) resistant to attack; (D) readily implemented; (E) modular; (F) applicable in multiple technology platforms; (G) extensible; (H) upgradable; (I) not cost prohibitive; and (2) any software portion of such standards is based on open source code." There's nothing in there about DRM or the analog hole specifically. In fact the only phrase in this list which would not be applicable to any generic software project is "resistant to attack". And (e) (misprinted as (c) in the document) is a consumer protection provision, calling for support of fair use and home taping of over the air broadcasts. Neither (d) nor (e) describes what exactly the CBDTPA is supposed to do. To understand what the technical standards are supposed to protect we have to look at section 2 of the bill, "Findings", which lays out the piracy problem as Hollings sees it and calls for government regulation and mandates for solutions. But even here, the wording is ambiguous and does not clearly call for mandating DRM. The structure of this section consists of a list of statements, followed by the phrase, "A solution to this problem is technologically feasible but will require government action, including a mandate to ensure its swift and ubiquitous adoption." This phrase appears at points 12, 15 and 19. The points leading up to #12 refer to the problems of over the air broadcasts being unencrypted, in contrast with pay cable and satellite systems. The points leading up to #15 talk about closing the analog hole. And the points leading up to #19 discuss file sharing and piracy. DRM is mentioned in point 5, in terms of it not working well, then the concept is discussed again in points 20-23, which are the last. None of these comments are followed by the magic phrase about requiring a government mandate. So if you look closely at how these points are laid out, and which ones get the call for government action, it appears that the main concerns which the CBDTPA is intended to address are (1) over the air broadcasts (via the BPDG standard); (2) closing the analog hole (via HDCP and similar); and (3) piracy via file sharing and P2P systems, which the media companies would undoubtedly like to see shut down but where they are unlikely to succeed. Although DRM is mentioned, there is no clear call to mandate support for DRM technology, particularly anything similar to Palladium or the TCPA, which is what we have been discussing. As pointed out earlier, this is logical, as legislating the TCPA would be both massively infeasible and also ultimately unhelpful to the goals of the content companies. They know they won't be able to use TCPA to shut down file sharing. The only way they could approach it using such a tool would be to have a law requiring a government stamp of approval on every piece of software that runs. Surely it will be clear to all reasonable men what a a non-starter that idea is.
Re: DRM will not be legislated
AARG! Anonymous wrote: >David Wagner wrote: >> The Hollings bill was interesting not for its success or failure, but >> for what it reveals the content companies' agenda. > >The CBDTPA, available in text form at >http://www.politechbot.com/docs/cbdtpa/hollings.s2048.032102.html, >does not explicitly call for legislating DRM. What's your point? If you think the CBDTPA wasn't about legislating DRM or something like it, we must be from different planets. I'll elaborate. CBDTPA delegated power to the FCC to specify standards that all digital devices would have to implement. It is not at all surprising that CBDTPA was drafted to allow the FCC great freedom in choosing the technical details as necessary to achieve the bill's objectives. It is equally clear that supporters of the bill were pushing for some mandatory "Fritz chip", do-not-copy bit, Macrovision protection, copy protection, or other DRM-like technical measure. This issue is not going away quietly.
Re: Another restriction on technology - cell and cordless scanning now a felony
On Wed, Jul 17, 2002 at 10:04:29AM -0700, Major Variola (ret) wrote:
> Nice post,
>
Thanks - and sorry for the typos - never trust a dyslexic to proofread...
> Could this be warped into affecting wardriving for 802.11b connections?
> The basestation's emissions could be considered 'private' even though
> they're
> not. The traffic could contain unencrypted voice packets, too.
>
18 USC 2511 (the ECPA) reads ...
>
>
> Except as otherwise specifically provided in this chapter any person
> who
>
> (a)
>intentionally intercepts, endeavors to intercept, or
> procures any other person to intercept or endeavor to intercept, any
> wire, oral, or electronic communication;
> shall be punished as provided in subsection (4) or shall be subject to
> suit as provided in subsection (5).
THE CRITICAL EXCEPTIONS FOR RADIO SIGNALS FOLLOW...
> (g)
> It shall not be unlawful under this chapter or chapter 121 of
> this title for any person -
>
> (i)
> to intercept or access an electronic communication made through an
> electronic communication system that is configured so that such
> electronic communication is readily accessible to the general public;
>
>
> (ii)
> to intercept any radio communication which is transmitted -
>
> (I)
>by any station for the use of the general public, or that relates to
>ships, aircraft, vehicles, or persons in distress;
>
> (II)
>by any governmental, law enforcement, civil defense, private land
>mobile, or public safety communications system, including police and
>fire, readily accessible to the general public;
>
> (III)
>by a station operating on an authorized frequency within the bands
>allocated to the amateur, citizens band, or general mobile radio
>services; or
>
> (IV)
>by any marine or aeronautical communications system;
>
>
> (iii)
> to engage in any conduct which -
>
> (I)
>is prohibited by section 633 of the Communications Act of 1934; or
>
> (II)
>is excepted from the application of section 705(a) of the Communications
>Act of 1934 by section 705(b) of that Act;
>
>
> (iv)
>to intercept any wire or electronic communication the transmission of
>which is causing harmful interference to any lawfully operating station
>or consumer electronic equipment, to the extent necessary to identify
>the source of such interference; or
>
> (v)
>for other users of the same frequency to intercept any radio
>communication made through a system that utilizes frequencies monitored
>by individuals engaged in the provision or the use of such system, if
>such communication is not scrambled or encrypted.
There is a defination of what "readily accessible to the general
public" means in section 2510:
> (16)
> ''readily accessible to the general public'' means, with respect to a
> radio communication, that such communication is not -
>
> (A)
>
> scrambled or encrypted;
>
> (B)
>
> transmitted using modulation techniques whose essential parameters have
> been withheld from the public with the intention of preserving the
> privacy of such communication;
>
> (C)
>
> carried on a subcarrier or other signal subsidiary to a radio transmission;
>
> (D)
>
> transmitted over a communication system provided by a common carrier,
> unless the communication is a tone only paging system communication;
>
> or
> (E)
>
> transmitted on frequencies allocated under part 25,
> subpart D, E, or F of part 74, or part 94 of the Rules of the Federal
> Communications Commission, unless, in the case of a communication
> transmitted on a frequency allocated under part 74 that is not
> exclusively allocated to broadcast auxiliary services, the communication
> is a two-way voice communication by radio;
Certainly wardriving for encrypted (WEP) signals is very clearly
illegal (and now a felony by the way - even before the CSEA becomes law).
And wardriving for any access points provided by common carriers
(becoming more common in some places I understand as carriers go into that
business) would clearly be illegal.
But the modulation in 802.11 is public... so nothing is wrong
there. And the frequencies are public (and a ham band to boot)...
It is quite possible that the frequencies allocated to the amateur
radio service clause would apply and trump everything else - especially
if you are a ham as most of the 2.4 ghz 802.11b band is also allocated
as a ham band. I know of no court tests of whether the cordless phone
prohibitions (with cordless phones at both 2.4 ghz and 900 mhz which
are both ham bands too) apply to hams intercepting cordless phones that
also operate in those bands... nor how that impacts WEP interception.
--
Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass.
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2 5D 27 BD B0
Re: Virtuallizing Palladium
Nomen Nescio wrote: > Ben Laurie wrote: > >>Albion Zeglin wrote: >> >>>Similar to DeCSS, only one Palladium chip needs to be reverse engineered and >>>it's key(s) broken to virtualize the machine. >> >>If you break one machine's key: >> >>a) You won't need to virtualise it >> >>b) It won't be getting any new software licensed to it > > > This is true, if you do like DeCSS and try to publish software with the > key in it. The content consortium will put the cert for that key onto > a CRL, and the key will stop working. > > The other possibility is to simply keep the key secret and use it to strip > DRM protection from content, then release the now-free data publicly. > This will work especially well if the companies offer free downloads of > content with some kind of restrictions that you can strip off. If you > have to pay for each download before you can release it for free, then > you better be a pretty generous guy. > > Or maybe you can get paid for your efforts. This could be the true > killer app for anonymous e-cash. Heh. Cool! Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
Re: Another restriction on technology - cell and cordless scanning now a felony
Nice post, Could this be warped into affecting wardriving for 802.11b connections? The basestation's emissions could be considered 'private' even though they're not. The traffic could contain unencrypted voice packets, too. At 03:15 PM 7/16/02 -0400, Dave Emery wrote: > The House just passed the Cyber Electronic Security Act last night >(7/15/02) by an overwhelming margin of 385-3. > > What this does is change the penalty for the first offense of >intercepting an unscrambled and unencrypted radio communication that is >not supposed to be listened to (eg AMPS cellular calls, commercial >pagers, cordless phones, common carrier communications) for hobby >purposes (eg not a tortuous or illegal purpose or for direct or indirect >commercial advantage or private commercial gain) from a misdemeanor (one >year or less prison time) to a federal FELONY (5 years prison time). > > And further this changes the status of the specific offense of >listening to a cell call, cordless call, a pager, or a public land >mobile radio service communication (eg a telephone interconnect) from a >minor offense for which one can be fined a maximum of $500 to a federal >FELONY for which one can be imprisoned for up to 5 years.
Re: CNN.com - Hackers help counter Net censorship - July 15, 2002 (fwd)
Does any one know what happened the the hactivisimo website? It was cited even on CNN, now it seems unavailable. j On 15 Jul 2002 at 16:36, Jim Choate wrote: > > http://www.cnn.com/2002/TECH/internet/07/15/censorship.reut/index.html > > > -- > > > When I die, I would like to be born again as me. > > Hugh Hefner > [EMAIL PROTECTED] www.ssz.com > [EMAIL PROTECTED] www.open-forge.org > > > >
millicent ghettoes
In the wake of the recent public goods postings and some related traffic on a couple of Finnish mailing lists, the concept of transaction costs has somehow managed to dominate my time. That sort of thing has a lot of unlikely consequences, some of which I think are highly CP relevant. While I tend to agree with Tim about the shorter term trouble with micropayments -- the fact that such payments, well, do not pay -- I'd say in the longer term micropayments are what counts, and not perhaps anonymity. The reason is, most of the economy is, and I think will remain, over-ground. People really don't have enough to hide to make anonymous payments mainstream quickly enough. Sure, they have their applications, some of them radical. It's true they will shake the society quite a bit. But the shadier applications can always be controlled, given the vulnerability of the anonymity infrastructure itself. But micropayments, they are another deal entirely. If and when they become practical, we can envision a whole range of previous unheard-of mass transactions taking place. The kind which need millions plus people before they actually become profitable. This is the situation I alluded to in the public goods example, and any market oriented solution to the problem of coordination will eventually have to tackle the issue of aggregating the cost. That's the problem micropayments, as an idea, are meant to solve. So, what's so notable about such transactions? Simply the fact that they are new. In the past entire classes of transactions (the foremost example would be the ones we nowadays see in the international financial markets) have been enabled by lowered transaction costs. I don't think the spread of micropayments will be an exception to the rule. In fact I would argue that the only *lasting* surprise offered by AP was the fact that when mild wants of large numbers of people can be coordinated, economic efficiency can lead to significant, and heretofore unexpected, outcomes (i.e. getting a notable figure killed). In the end I think such new classes of financial transactions, borne of lowered transaction costs, will be far more significant to the society as a whole than anonymity. I also think this is the essence of what is driving the wider P2P cirlce, at the moment, though few people seem to realize it. So, I would deem it quite likely that the millicent ghetto will eventually run over us. -- Sampo Syreeni, aka decoy - mailto:[EMAIL PROTECTED], tel:+358-50-5756111 student/math+cs/helsinki university, http://www.iki.fi/~decoy/front openpgp: 050985C2/025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
Re: Microsoft censors Newsweek - and new version of TCPA FAQ
Removing the article after a few weeks is consistent with MSNBC.com's long-standing article expiration policy. Some articles stay around for years, while others disappear within a month. MSNBC.com reporters have told me there's no logic to this -- and that they're personally frustrated too. Anyway I wouldn't read too much into the link no longer working (not saying that Ross is, but others may). -Declan On Wed, Jul 10, 2002 at 05:50:04PM +0100, Ross Anderson wrote: > I see that MSNBC has pulled the original article on Palladium: > > http://www.msnbc.com/news/770551.asp > > Anyway, I have just put up version 1.0 of the TCPA / Palladium FAQ > at the same URL: > > http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html > > Enjoy! > > Ross > > - > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: Another restriction on technology - cell and cordless scanning now felony
On Tue, 16 Jul 2002 15:15:31 -0400, you wrote: > Thus the legal climate has fundamentally changed, and one can > assume that since the Bush administration has been pushing for the > passage of this bill that they perhaps intend to start prosecuting at > least some category of radio under the new provisions - no > doubt as an example meant to scare the rest of us into handing our > radios in at the nearest police station... Shouldn't we turn in our guns first? Or is it our books? Maybe it would be smart to get rid of any compilers, don't you think? We have a national secret police now that no longer has to start with a crime and then find a criminal, rather they can start with a person and find a way to classify him a criminal. Radio frequencies just give them one more way to put a person in jail for five years. It is actually nice of them to not just suspend habeas corpus universally.
: CDR: millicent ghetto blasters
>>...I would argue that the only *lasting* surprise offered by AP was the fact that when mild wants of large numbers of people can be coordinated, economic efficiency can lead to significant, and heretofore unexpected, outcomes (i.e. getting a notable figure killed). << Or...a complete nonetity that belonged to a certain target group.Society might offer the micro-payment option, for example,of paying a pooled fund out for a confirmed prediction of a bikie member of an outlaw band that made killing a condition of entry. I like the idea of targeting prison guards that volunteer for capital punishment detail. Could lead to significant difficulties filling certain positions that prop up the State...(my 0.02 mcents)
Re: 385-3 vote: House OKs life sentences for hackers
"Elyn Wollensky" <[EMAIL PROTECTED]> wrote : > > seems the cyber-terrorist FUD is starting to hit the fan ... > ;~( > e > > House OKs life sentences for hackers > But time may run out for computer crime bill in Senate > http://www.msnbc.com/news/780923.asp > > WASHINGTON, July 15 - The House of Representatives voted overwhelmingly > Monday to create a new punishment of life imprisonment for malicious > computer hackers. By a 385-3 vote, the House approved a computer crime bill > that also expands police ability to conduct Internet or telephone > eavesdropping without first obtaining a court order. > > > > "Until we secure our cyber infrastructure, a few keystrokes and an > Internet connection is all one needs to disable the economy and endanger > lives," sponsor Lamar Smith, R-Tex., said earlier this year. "A mouse can be > just as dangerous as a bullet or a bomb." > > > Explain to me how someone who puts porno on a USAF website is any worse than someone who spraypaints a bridge abutment? Isn't community service a typical outcome of the latter getting caught? Explain to me how a computer hacker is more dangerous than a drunk driver on the freeway? A hacker who interrupts power could be said to put hundreds or thousands of lives at risk but so could a drunk driver who spends an hour on the freeway. One is parallel the other is more or less serial, so what? I guess rationality has little to do with what we're seeing : enabling technologies scare totalitarians. Mike
