Schneier on Security
A blog covering security and security technology.
« Convicted Felons with Big Dogs |
| Limits on Police Tracking People with Cell Phones »
October 28, 2005
The Copyright Office of the U.S. Library of Congress is conducting its required regular review of the anti-circumvention provisions of the Digital Millennium Copyright Act. Comments can be submitted over the Internet, and are due December 1st.
Good information on the DMCA can be found here, here, and here.
Posted on October 28, 2005 at 3:47 PM
• 12 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
(3) As used in this subsection-
(A) to “circumvent a technological measure��? means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner; and
(B) a technological measure “effectively controls access to a work��? if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.
17 U.S.C. 1201(a)(3).
Sad, sad, sad. I've half a mind to register with the patent office double applied rot13 just so I can sue for easy money. I can't believe the're trying to stop the actual attempt of decryption? Am I getting that right? Maybe cracking a protocol and giving it away is in a grey area*, but even attempting to mess with something is illegal. What if I just view the raw code and my super intelligence (stop laughing) can decode it on the fly "Rain Man" style?
*no flaming. I know there is no grey area in doing this.
Technology and law rarely intermix well, and the DMCA represents the worst of it all.
SONET (and SDH) uses a "scrambled" signal for transmission. Does the DMCA really mean that I'm not allowed to descramble the SONET signal if it's carrying my iTunes download? For that matter, how can "ethernet" be legal under the DMCA?
A Compact Disc embeds a digital encoding of a musical work, and has Error Correcting Codes (ECC) applied to that encoding. Does the DMCA legally prevent me from decoding a CD?
A DVD has what a CD has, plus the "Content Scrambling System" (CSS). I put a DVD into my DVD player, and it happily decodes the various levels of "encryption" to present a signal on my television. But the Motion Picture Industry consider the CSS to be "magic" because of their _intent_. Yet, from a purely technological standpoint, how does CSS differ from the ECC or the particular codec selection for that recording (which could equally be regarded as an "encryption")?
But if the law is willing to judge the _intent_ of the various "encryptions", why is it unwilling to define the intent of consumers? Why can the law not simply say that sharing with friends and acquaintances is okay if no business relationship is established, but sharing with strangers requires consent of the owner?
(Before everybody starts flaming me, I should acknowledge that most lawyers would agree that the law doesn't actually mean literally what it says in this case, but that at trial a lawyer will try to convince a judge of what was actually meant by the statements which were written down.)
there is a new thing in yahoo mail that is another security stupidity.
i composed a mail (took half an hour - i know it is bad practise) and hit the send button. it was for just one single receipient. yahoo pops up a verification box. i entered the characters and viola a message is spewed: you failed the verification and your message is lost.
this verification system is apparently meant to check spammer activity. alright, i understand if one has to enter a verification code each time one sends a mail (i will not even bother about the possibility of the same mail i would like to send my ten friends.)
if by mistake i enter the wrong code, the whole mail is wiped out. i cannot decipher what purpose it serves - perhaps like years ago when non-americans couldn't type, spammers don't know the CTRL+C, CTRL+V secret. they will foolishly keep keying in messages each time they spam us.
what yahoo doesn't understand is that the only fools who key in without saving them in notepad are users like us who shoot out ad hoc replies.
i am permanently switching to gmail now.
That's not new. I had the exact same experience (6 months ago?) and complained to Yahoo! about it.
Their canned response was instructions to type in the characters in the image.
Sorry. Was what you posted an accident? I don't see the connection to this thread.
Just exactly where will they draw the line between hideously bad encryption and just another propietary file format?
When you stop and think of it, all text formats are in fact substitution ciphers where everybody knows and agrees on the mapping, but using a non-standard keyset could be argued is encryption.
Well the law aside. Any protecton will work agaist joe blog. And i would say non of them work agaist joe hacker.
The fact remains that Joe hacker will probably post the crack or even a tool than joe blog can use. They simply can't sue everone, and i can see people siting around having to pay for the same song 3 times for the stero in the living room. The computer in the bedroom and the Ipod.
The DMCA sould not prevent Fair Use.
When the copyright on a DRM-encumbered work expires, parties should be able to copy and access the work without liability for illegal circumvention. Copyright is meant (in theory) to expire eventually. An old public-domain work could be rereleased in electronic format, and DRM could be accidentally applied. A distributor might purposely apply DRM to an electronic public-domain work. There have been cases of copyright notices being placed on very old public-domain works. See http://www.brooklaw.edu/faculty/news/...
"The DMCA sould not prevent Fair Use."
But that's much easier, and much more profitable, than preventing "piracy". Remember who bought this law, and you'll realise that it's working exactly as intended.
Did the DMCA have anything to do with anti-virus companies deciding not to add the Sony rootkit to their list?????
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.