×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

SDMI Challenge Participants May Face DMCA Action

Roblimo posted about 13 years ago | from the academic-freedom-and-commercial-interests-collide dept.

Censorship 228

ssimpson writes "Everyone has probably forgotten the SDMI challenge to hackers to try to break a handful of proposed watermarking and "other" protection mechanisms? Well, it was recognised that a group of researchers at Princeton University broke all of the protection mechanisms and were due to publish a paper on at the 4th International Information Hiding Workshop (25-29 April) but have been threatened with the DMCA if they publish the results. So much for academic freedom, eh? SDMI seem particularly upset because one of the protection mechanims broken in the paper, The Verance Watermark, is currently used for DVD-Audio and SDMI Phase I products. Oops. Somehow, a copy of the threatening letter and the full paper entitled "Reading Between the Lines: Lessons from the SDMI Challenge" has appeared on John Young's excellent Cryptome site. SMDI's urge to "withdraw the paper submitted for the upcoming Information Hiding Workshop, assure that it is removed from the Workshop distribution materials and destroyed, and avoid a public discussion of confidential information." seems a little weak now...."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

228 comments

from the article's conclusion section... (1)

Anonymous Coward | about 13 years ago | (#275330)

Do we believe we can defeat any audio protection scheme? Certainly, the technical details of any scheme will become known publicly through reverse engineering. Using the techniques we have presented here, we believe no public watermark-based scheme intended to thwart copying will succeed.


nice...

Re:proof the RIAA is stupid. (1)

Anonymous Coward | about 13 years ago | (#275331)

Actually, there are a number of odd typos in the document. I suspect it was OCR'ed.

This is why I don't like IP laws. (1)

Anonymous Coward | about 13 years ago | (#275332)

on how the academic aspects of your research can be shared without jeopardizing the commercial interests of the owners of the various technologies.

"Intellectual Property" laws give rise to arrogant concepts like "ownership" of technology.

"urge to withdraw" != "required to withdraw". (1)

Anonymous Coward | about 13 years ago | (#275333)

By saying "urge", they obviously recognize academic freedom's RIGHT to publish it. They just sunk any chances they had in a lawsuit with their own words.

What I don't get... (2)

Dyslexic (112) | about 13 years ago | (#275335)

Alrighty after reading through the document (and the team's FAQ on the challenge), I feel like I'm not getting something here. Basically it says that after SDMI is implemented, if you make an mp3 out of a SDMI-watermarked CD, you will have a hard time playing a burned cd of that mp3 on a SDMI CD player.

Alright. Why would anyone buy a SDMI CD player?!

I know in my house alone, we have atleast 9 non-SDMI CD players that I can think of off the top of my head. The CD format is so widespread right now that I'd imagine it's a similar situation pretty much everywhere. I have no reason to go out and buy a new CD player. I have a portable AIWA discman that I bought in 1997. It has worked like a charm. It has all the neccessary features; 10 second anti-skip, hold, and play controls. What else could they put in there to make you want to go out and buy a CD player that won't work in alot of cases? Are they trying to play the public for fools. This is sounding alot like the DIVX fiasco, and we all know how that turned out...

Dys.

Re:What I don't get... (1)

jedidiah (1196) | about 13 years ago | (#275341)

Actually, very few of my CDROM devices have ever worn out or broken. They tend to get obsolete a considerable time before that. I have at least 4 "classic" CDROM drives sitting around collecting dust because of this.

My first ever (93) PC harddrive was only ever commisioned because I finally reached the point where it was too small to be useful.

a new day a new ... acronym (1)

bobalu (1921) | about 13 years ago | (#275342)

Well, you could've done it ten years ago when it went consumer. Consider all that time you've had three more characters available to use.

Here's another:
OMR - optical mark recognition

That's how they read your SAT tests....

torture and murder - no no no (1)

bobalu (1921) | about 13 years ago | (#275343)

No son, put down that Columbine memorial pamplet and consider the true nature of getting even: make them listen to a continuous stream of Wayne Newton records!

See? And then they can't track you down and jail you for publicy encouraging terroristic threats and murder.

mmm'kay?

Re:Then why did they have the challenge at all??? (3)

Jeremy Erwin (2054) | about 13 years ago | (#275344)

Publicity. The SDMI was being introduced at a time when some individuals were having some doubts about efficiency of CSS style algorithms.

CSS was based on the following set of assumptions:
Data that is transmitted in an encrypted format can not be read except by authorized users-- users that have access to the appropriate key.

Of course, as with all covert communications, the key must be transmitted in a secure fashion.

Now, the CSS designers decided that if DVD players were designed with a "hidden" sector, the key could thus be distributed. Persons who merely copied the data from a DVD would have nothing except the encrypted data-- useless without a key. Access to the key depended on physical access to a tangible medium-- the actual DVD-Video disk.

Of course, the key transmission protocol was eventually compromised, and cryptoanalysts discovered that the actual encrytion- instead of being 40-bit, was closer to 25-bit-- literally, a toy code.

Cryptoanalysts and Cryptologists have long recognized that an ideal code should involve a strongly assymetric algorithm-- cheap for a user to decode with a proper key, but expensive for a eavesdropper to decrypt. More importantly, the algorithm should be subjected rigorous testing and/or peer review. The CSS algorithms were not subjected to this kind of testing prior to the release of DVD-Video.

The SDMI proponents, hearing this criticism, decided that their coding algorithms needed that extra bullet point: "peer-reviewed". But, apparently, they had neglected to consider that their algorithms might amount to nought. They only had visions of a future press release:
"SDMI invulnerable to hacking! Music Industry safe from hackers."

And, because, all of the participants in HackSDMI were bound by confidentiality clauses, no one would be the wiser.

Re:Death to the truth! (2)

Zigurd (3528) | about 13 years ago | (#275347)

What? That trade liberalization means economic growth, which means less grinding poverty in the developing world? There are some pretty screwed-up things about transnational organizations like trade authorities, including especially attempts to make thought-crime laws like the DMCA international, but the alternative of uncoordinated, inefficient, and parochial (to local corporate interests) trade barriers is worse. Much better to support organizations that fight government/corporate corruption, like Transparency International [transparency.de] than hide in ones own nationalistic hole.

Not quite (2)

roystgnr (4015) | about 13 years ago | (#275348)

please refrain from exposing what idiots we are and how much our encryption software sucks.

We already all know what idiots they are (cat's out of the bag on that one!), and the first amendment still protects our right to tell others what idiots they are.

What seems to be illegal now is proving what idiots they are mathematically...

confidential? (2)

ethereal (13958) | about 13 years ago | (#275353)

On behalf of the SDMI Foundation, I urge you to reconsider your intentions and to refrain from any public disclosure of confidential information derived from the Challenge...

Well, it's not really confidential any more, is it? It's not like Felten signed an NDA to get the SDMI secrets, and is now publishing them. The whole point of the exercise was for his team to figure it out on their own. I don't see how it can be considered confidential information restricted only to the SDMI group any more, since another party has independently figured it out. It could be argued that Felten's research is confidential to him until he decides to publish, but it's not confidential to the SDMI folks any more.

While I'm at it, kudos to Cryptome! The site is probably one of the most important resources on the 'net, here's hoping it never goes away.

LOOK at some of this stuff! (2)

Jerf (17166) | about 13 years ago | (#275354)

Attack on challenge B: A spectrum notch around 2800Hz is observed for some segments of samp2b.wav and another notch around 3500Hz is observed for some other segments of samp2b.wav.... The attack fills in those notches of samp3b.wav with random but bounded coefficient values... Both attacks were confirmed by SDMI oracle as successful.

Attack on challenge C:: In the first at- tack, we shifted the pitch of the audio by about a quartertone.... Our submissions were confirmed by SDMI oracle as successful. In addition, the perceptual quality of both attacks has passed the "golden ear" testing conducted by SDMI after the 3-week challenge.

Attack on challenge F: For Challenge F, we warped the time axis, by inserting a periodically varying delay.... confirmed by SDMI oracle as successful.

l-_-_-_-l-_-_-_-l

OK, C in particular was trivial, the kind of thing even somebody who knew nothing about signal processing would try, but, come on, didn't SDMI even try to crack their own things before throwing them out to the world?

Based on what I see in this paper, I think SDMI's motives may be misinterpreted here... I think there's a significant component of embarassment here! "Breaking" some of these "amazingly-wonderfully-powerful gonna-save-music-as-we-know-it" schemes was trivial. No wonder they want to hide it.

Note that the papers definately seem to have enough information to build automated crackers for some of the schemes, mostly shell scripts to already existing tools.

Re:SDMI has no legal ground (1)

Kaa (21510) | about 13 years ago | (#275359)

There is NO POSSIBLE WAY TO TECHNICALLY PROTECT DATA FROM BEING COPIED

Don't be an asshole. Public hysterics on Slashdot went out of style a long time ago (Katz nonwithstanding).

First of all, proving a negative is notoriously difficult. I suspect your ability to actually argue your position instead of waving hands is quite limited.

Second, watermarks have nothing to do with protecting the data from copying.

Third, given that protection from copying goes hand in hand with encryption these days, of course it is possible to protect the data from being copied (in the useful form). The very first thing that jumps into my mind is to make it tied to the individual physical characteristics of the device which stores it. I am sure I can think up more ways, and I am also sure that people smarter than me already thought of them already. The sticking point is that all these ways make the *use* of data very inconvenient. Thus they are not very well suited to, say, selling the latest Britney Spears song over the 'net.

Kaa

Re:it was gonna happen (1)

SEWilco (27983) | about 13 years ago | (#275360)

The researchers did mention "security through obscurity", and also noted that they had less information and tools than a serious attacker would have. They also used information in a patent, so they did better than the British codebreakers who ignored Enigma patent information [telegraph.co.uk] due not not believing German cryptographers would make such an obvious mistake.

Where'd the link go??? (2)

Raleel (30913) | about 13 years ago | (#275363)

I seem to remember there being (and me using) a link to the published document. www.cryptome.something blah...I can't remember or find it in my history..hmm..

anyways...what happened slashdot???

Re:PGP Approach (1)

jmauro (32523) | about 13 years ago | (#275366)

No, PGP had a much, much more novel approach to beating the laws. They printed out the entire code, bound it and then exported the book to Europe. It couldn't be stopped, because banning a book from being exported was a clear violation of the first amendment. When the book arrived in Europe they cut of the bindings and then used a scanner to converted it back into source code. I don't think that that will work in this case.

But since they did ask to have it broken and it was broken I wonder why they are still persuing it. I think that they have already committed to it, and have begun production long before they offered the challange. The challenge was just to get the most obvious cracks off the net and then sue those more active members into submissions. But since they asked for it to be broken I don't think they really have a leg to stand on. Just my thoughts.

Publish "abroad"! (1)

billsf (34378) | about 13 years ago | (#275367)

So what if it isn't published in the USA? It would be legal to publish all in the vast majority of countries that haven't been so foolish to adopt a DMCA or other absurd laws. Many sites (including this one) have vast bandwidth and would gladly publish your work and take a /.'ing

I would respect your team if you simply published in a move of civil disobediance against absurd US policies. Publish from your school and dare the US Gov't to take it down. The whole world laughs at the USA these days..... (Do keep a mirror in a safe haven, please) Many of us wish to see the work.

Hardware hackers raise your hands..... (1)

dmaxwell (43234) | about 13 years ago | (#275371)

If it's necessary, I'm sure there are plenty of people here who can build whatever they need to play audio. DA converters are not that hard to build. I don't believe that stripping the electronics from a CD-ROM transport need be terribly difficult either. Let's all get our Digi-Key and Mouser catalogs ordered and whip out those soldering irons. A good electronics hobbyist and good firmware coder should be able to make any piece of open hardware that they want.

Once workable plans are developed, the skills to assemble devices from a kit are even more widespread. We don't absolutely need Circuit Shitty and their ilk. We especially don't need to enrich anybody buying deliberately broken equipment. There is a long history of audiophiles building their own equipment. I think that particular subculture is about to expand.

I was supposed to present results at IHW ... :( (4)

JPS (58437) | about 13 years ago | (#275379)

...on our own paper [julienstern.org] regarding the SDMI challenge. Now, I'm not sure I will...

What I think is really very funny is that the SDMI didn't contact us to have to paper removed or something. This probably means that either 1) they know we are French and know the DMCA doesn't apply or 2) (most likely) they don't really care about our results because we are attacking an algorithm that they haven't picked.

So the funny point is that they had apparently already chosen and deployed an algorithm before the contest. Now they are whinning because the Princeton team (brillantly) broke this very algorithm. And they are invoking some almost "moral" reasons for that, while they probably would have shut up if only the three other algorithms had been broken.

Anyway, I hope that this story will illustrate the dangers of the DMCA so that the european equivalent which is on its way will never come up, and that eventually the US one will be removed.

Re:Then why did they have the challenge at all??? (1)

ghoti (60903) | about 13 years ago | (#275380)

I would even say this was clearly instigation, and the very least thing that could be done is sue SDMI for that! But I really, really hope that this is going to cause a big stink and maybe even lead to the DMCA being found for what it really is ..

This is what's scaring them (1)

medcalf (68293) | about 13 years ago | (#275381)

[BLOCKQUOTE]Do we believe we can defeat any audio protection scheme? Certainly, the technical details of any scheme will become known publicly through reverse engineering. Using the techniques we have presented here, we believe no public watermark-based scheme intended to thwart copying will succeed. Other techniques may or may not be strong against attacks. For example, the encryption used to protect consumer DVDs was easily defeated. Ultimately, if it is possible for a consumer to hear or see protected content, then it will be technically possible for the consumer to copy that content. [/BLOCKQUOTE] So they are reacting by being an ostrich.

SDMI has no legal ground (1)

selectspec (74651) | about 13 years ago | (#275382)

SDMI is completely offbase. SDMI are complete idiots for the following two reasons:
  • 1. They believe watermarks have a future
  • 2. They publicly invited the crypto community to hack their pathetic technology.
These people are nothing but fancy con artists who have convinced the recording industry that they can save them from their inevitable doom.

There is NO POSSIBLE WAY TO TECHNICALLY PROTECT DATA FROM BEING COPIED

THERE IS NO POSSIBLE WAY TO TECHNICALLY PROTECT DATA FROM BEING COPIED!!!! THERE IS NO FUCKING WAY TO PROTECT DATA FROM BEING COPIED YOU COMPLETE MORONS!!!

Weak (5)

Mike Connell (81274) | about 13 years ago | (#275384)

Whilst I'm happy to see the results published, it's dissapointing to see them leaked anonymously. I would have far prefered the faculty at Princeton to stand up, give the RIAA the finger and say "We're scientists. We do research and publish. If you don't like the fact that some of our guys cracked your methods, don't make them so weak".

Now the appearance is that university researchers *are* in fear of RIAA and the bizarre legal state of affairs that exists. After all, if Princeton can't/won't stand up to them, who will?

It's nice that the paper is out, and that, (presumably), they can now present it at the IHW conference without repercussions, but it still leaves a bad taste in my mouth.

It would be nice (2)

moller (82888) | about 13 years ago | (#275385)

If the researchers went ahead and published the paper anyways. Large universities have fairly competent legal teams, they should be able to defend themselves.

Besides, this is Princeton. I can't see how any litigation pursued against researchers from Princeton would be anything other than a black eye for SDMI. It's not like they'd be suing some little private university with no grad school that no one's ever heard of. This is barely a step down from threatening Harvard (and seriously, who in their right mind would threaten Harvard?).

It would be a shame if Princeton's legal dept tells the researchers to back down because they don't have a legal leg to stand on here. Hell, even if they didn't have a legal leg to stand on it would still be fun to watch SDMI go after several professors at Princeton. High visibility and bad publicity for SDMI. I'd pay to watch those court proceedings.

Moller

proof the RIAA is stupid. (5)

moller (82888) | about 13 years ago | (#275386)

They addressed the letter wrong:


April 9, 2001

Professor Edward Felton
Department of Computer Science
Princeton University
Princeton, NY 08544

Dear Professor Felten,

(etc.)


Well, it's a good thing that they got the Zip code right. Last time I checked, Princeton University wasn't in NY. The RIAA can't even send threatening letters correctly.

I'm going to disagree for this instance (5)

moller (82888) | about 13 years ago | (#275387)

Colleges and Universities also have a time honored tradition of bending over for anyone who is or might be a contributor. If Princeton's development office has them on file as a donor, you'll be disappointed how quickly they'll act to shut up their own students and faculty.

Well...I don't know how true that is in general. But specifically regarding this case, from the FAQ (http://www.cs.princeton.edu/sip/sdmi/faq.html [princeton.edu]) on their webpage, they state that:

Fortunately, the DMCA did not apply to this challenge, since SDMI granted explicit permission to study their technologies. We are not sure whether it would have been legal to study these technologies outside the context of this challenge. We think the DMCA, by criminalizing some kinds of study of important technologies, represents an "ignorance is bliss" approach to technological copyright enforcement, which will not work in the long run. We lobbied against certain aspects of the DMCA while it was before Congress, and we still consider it to be a seriously flawed law. (my emphasis)


Above, we mentioned the important role of analysis in the design of security systems. The main problem with the DMCA is that it hinders this analysis, restricting it in order to provide an extra layer of legal protection for existing copyright systems. But this causes the scientific process to stagnate. Imagine a federal law making it illegal for anyone (including Consumer Reports) to purposefully cause an automobile collision. While this may be a well-intentioned attempt to stop road-rage, it also bans automobile crash-testing, ultimately leading to unsafe vehicles and the inability to learn how to make vehicles safe in general. The situation with the DMCA is analogous.


So this group of researchers lobbied against the DMCA. This would be the perfect opportunity for them to fight it. Seeing as how they've said that they disagree with the DMCA, it seems that it would be more likely for them NOT to fold under the RIAA's pressure.

Moller

The Verance Watermark (5)

Apotsy (84148) | about 13 years ago | (#275390)

The thing that really sucks about the Verance watermark is that it is designed to survive lossy compression and analog copying. Of course, in order to do that, it has to be so obtrusive that you can hear it, despite the company's claims to the contrary.

According to this article [audiorevolution.com], recording engineer Tony Faulkner was able to spot the watermark 75% of the time on his first chance at hearing it. What does that tell you? That this stupid watermark is going to be something you will hear on every DVD-A disc you buy! Doesn't that suck?! Well, the recording companies don't care ... they just want to stop those Napster punks from stealing their content -- quality be damned!

de.css file -- german cascading style sheet? (2)

Speare (84249) | about 13 years ago | (#275391)

I don't have a copy of the file, is it for Deutche (German) language pages? Do Germans need different style sheets? Or is this some sort of style-remover?

i18n is a bad abbreviation [explorati.com]

Legal Action = Mirroring (3)

MrKevvy (85565) | about 13 years ago | (#275392)

Did anyone not save a copy of this document or download the Zip provided? Most wouldn't probably have cared much otherwise. I would have read it and moved on myself. Now how many copies of it are out there? When will these groups realize that as soon as they threaten legal action, it's both an incentive to make as many copies of the "infringing" documents as possible, and find out exactly what it is and how it works? If it's to be censored, it must a) work and b) be interesting. Probably never...they didn't learn it with DeCSS, nor with CP4Hack (The CyberPatrol URL list cracker,) nor now with this article.

Re:Weak (2)

FattMattP (86246) | about 13 years ago | (#275393)

"We're scientists. We do research and publish. If you don't like the fact that some of our guys cracked your methods, don't make them so weak".
Or challenge people to crack it. Surely people are going to discuss what they went through on a challenge.

Let me get this straight... (1)

Trekologer (86619) | about 13 years ago | (#275394)

The RIAA/SDMI released all watermarked music tracks, of which some contained watermarks currently in production, with a challenge to crack them. Obviously, they assumed that no one would be able to crack it or anyone who did would give up all claim to their work for some money (probablly so that RIAA/SDMI could patent any way to remove the watermark, ala Macrovision). They didn't count on someone taking up the challenge (or using their publiclly released materials) for purely academic research and are now trying to plug the hold in the dam before it bursts.

Man... is the RIAA really stupid or just playing stupid to get public opinion on their said agaist those evil hackers from Priceton?

Either way, their big secret is out, just like the MPAA's CSS secret, and the knowlege of it is not going to disappear.

Re:What I don't get... (1)

Seth Finkelstein (90154) | about 13 years ago | (#275396)

When the issue is settled, you will buy a SDMI CD player or you will never buy a new CD player again.

Eventually, your old CD players will break. They aren't built to last for eternity. Yes, there may be the odd one which lasts a long time, but unless you're going to turn them into family heirlooms, new CD players will be bought

And every single one of them will have SDMI.

DMCA - Permissible acts of encryption research (2)

Seth Finkelstein (90154) | about 13 years ago | (#275398)

The DMCA text [cornell.edu], part (g), does define "Permissible acts of encryption research", with a laundry-list of factors which are used to determine the permissibility.

The important thing to understand is that these are defenses. This means the RIAA still gets to drag someone into court and wage a legal war of attrition, while the defense are argued. That's very, very, expen$$$ive.

Re:PGP Approach (1)

evilWurst (96042) | about 13 years ago | (#275402)

The catch is that they could sue HIM for doing it, as he's an american citizen who wrote that paper in america. They just couldn't shut down his foreign server as easily, that's all.

I believe PGP did it by forming a foreign company, re-engineering the program with new people, and releasing it that way.

To generalize: (1)

nahtanoj (96808) | about 13 years ago | (#275404)

Whenever a technology/product is proven to be less than it is marketed/hyped as, the company will do all it can to keep the masses from finding out.

Ciao

nahtanoj

A tiny bit of legal knowledge (1)

Pyrrus (97830) | about 13 years ago | (#275405)

I know a little about law, and here's some of it: a trade secret is a fucking *secret*, if I break into your lab at night and steal your data, that's illegal, if I take whatever has been publicly released and figure it out for myself, it's all good and legal. for example: the recipe for coca-cola is a trade secret, if I break into their processing plants and look at the manufacturing process to figure out the recipie, it's illegal. If I buy a coke and analyze it in my own lab, the coca-cola co. is SOL. (unless like here, they hope you don't know the law and write threatening letters...)

"huhuhuhh, go away. we're like closed or something"

DCMA? (1)

martinflack (107386) | about 13 years ago | (#275411)

In addition, any disclosure of information gained from participating in the Public Challenge would be outside the scope of activities permitted by the Agreement and could subject you and your research team to actions under the Digital Millennium Copyright Act ("DCMA").

Oh, no, hold it... they are threatening to sue under the Dumbass Chickens who Misuse Agreements law... not the _D_igital _M_illenium _C_opyright _A_ct. Oh, thank God. Don't worry guys, everybody go home, it's just the DCMA, thankfully not the DMCA.

If I was Princeton, I would write back and say nothing except, "Can we have the spell-checked version of your letter now? Then we'll consider it. Thanks."

On knowing how to do something eeeeevil. (1)

L. J. Beauregard (111334) | about 13 years ago | (#275412)

Hillary Rosen and her mom must have never had The Talk. After all, it's information she could use to be a whore.
--
Ooh, moderator points! Five more idjits go to Minus One Hell!
Delenda est Windoze

Re:will this trigger them, as well? (3)

rograndom (112079) | about 13 years ago | (#275413)

That's funny. At my web design job I've been naming all my external stylesheets "de.css" also. Nobody at work knows what it means (I've tried to explain, but...), but they just go along with it anyways, even on projects I have nothing to do with. :-)

Re:LOOK at some of this stuff! (2)

Animats (122034) | about 13 years ago | (#275416)

I'd like to see those "minor distortions" reviewed in The Absolute Sound. [theabsolutesound.com]. This sounds little better than the first attempt at "watermarking" years ago, which involved a fixed notch filter. Classical music listeners hated that; you could easily hear what it did to a glide tone, or in some cases a piano scale.

Weekend release (1)

lesterhv (125530) | about 13 years ago | (#275421)

What is even more delicious is that this was released on a Saturday morning -- when the lawyers are away from their offices enjoying the sun and a few beer. Lots of time to spread it around before the judicial system has a chance to yank it

We need punitive IP laws... (2)

aiken_d (127097) | about 13 years ago | (#275422)

...this kind of thing really gets my goat. I think I've got an answer, albeit one that's unlikely to be passed any time soon.

What we need is a law that would allow courts to punitively strip intellectual property protections from individuals, companies, and organizations that use those protections in bad faith.

Under my proposal, those who abuse the system would be subject to public domainification not only of the IP in question, but also of other IP they may own.

My law would allow courts to strip IP ownership in the event that any one of the following is true:

- The guilty party is using IP laws to prevent dissemination of critiques of IP. This includes flaws, comparisons with other solutions, historical research, or other legitimate academic or competitive information

- The guilty party *knowingly* sought and received IP protection in bad faith; IE patenting something with advance knowledge of prior art that would disqualify the patent

- The guilty party is, or has a business relationship with, the RIAA

Ok, that last one may not fly, but the first two cases are increasingly common, and go beyond corporate malfeasance and into the area of crimes against the public good. The only way these abuses will stop will be if there are severe penalties levied on those who perpetrate IP abuse.

Cheers
-b

Re:Its their own fault... (3)

ssimpson (133662) | about 13 years ago | (#275425)

As stated in my story, a copy of the paper is at: http://cryptome.org/sdmi-attack.htm

Happy mirroring :)

Verance is patented, and out of the bag allready (1)

gaijin_ (134592) | about 13 years ago | (#275428)

If you read the document properly you will see that one of the things that helped them get at technology A was a patendt filed by verance.

I think this means that the technology talked about in the letter is patented, and that most of the information about it is allready available to anyone who wants to take a look.

Nice trick, telling people to stop spreading confidential information that is allready in the patent databases.

SDMI's hypocrisy (1)

cliffiecee (136220) | about 13 years ago | (#275429)

Quote from the RIAA letter:

The limited waiver of rights (including possible DMCA claims) that was contained in the Agreement specifically prohibits participants from attacking content protected by SDMI technologies outside the Public Challenge. If your research is released to the public this is exactly what could occur.

I argue that, by including the "Verance Watermark" technology as part of the Challenge, even though it's already in commercial use, SDMI already "allow[ed] the defeat of those technologies." Further, by making the Challenge public, SDMI implicitly encouraged attacking content outside the scope of the challenge.

How can they apply this complaint to Princeton U. but not themselves?!

Re:"urge to withdraw" != "required to withdraw". (1)

kil0watt (141321) | about 13 years ago | (#275433)

It may be appropriate to present the letter instead of the paper as an example of what's in store for the future:

"My esteemed colleagues, it is my pleasure to welcome you to the Information Hiding Conference. Many of you have travelled a great distance, at great expense. Our initial panel and workshop will be scrubbed due to the following taste of DMCA's teeth..."

Certainly it's one form of Information Hiding? (Hush or it's curtains, prof.)

Its their own fault... (1)

pe1rxq (141710) | about 13 years ago | (#275434)

A very simple lesson to be learned here: READ a license before you accept it!!!!

SDMI now knows how to make its technology better while at the same time has prevented anyone to have knowledge of it, anyone suprised?????

I hope that they will publish anyway, I will add it to my DeCSS mirror!

Jeroen

Re:will this trigger them, as well? (2)

TheGratefulNet (143330) | about 13 years ago | (#275437)

and a very cool idea, that is, too.

lose the good stuff in the noise and burden the attacker even more, intentionally wasting their time.

I love it!

--

will this trigger them, as well? (5)

TheGratefulNet (143330) | about 13 years ago | (#275438)

I just downloaded the latest Mandrake install .iso

I mounted the iso image in loopback mode (mount -o loop ...) and did a find on the filesystem to see what the latest Mandrake has.

imagine my surprise when I found they had a copy of DE-CSS in there:

% find /mnt -print
/mnt
/mnt/autorun.inf
/mnt/COPYING
.
.
.
/mnt/tutorial/style/de.css
/mnt/VERSION

its the 2nd to last file in the distro.

sorry for blowing the whistle on you, Mandrake, but I'm just doing what my country wants; turning in my fellow man for the Greater Good.

--

Felten is amazing. (5)

e_lehman (143896) | about 13 years ago | (#275440)

Edward Felten is amazing.

  • This is the same guy that provided Boies with his technical ammunition in the Microsoft trial. It was while trying to prove that Felten's IE-remover program didn't work that Microsoft was devastatingly caught showing a faked video.
  • Would you prefer this incident has been used as a First Amendment challenge on DMCA? Say by the ACLU? Back in January, baby!!! [aclu.org] (See page 15, or 8 by the document's own numbering.)
  • And now, just to pour salt on the wounds, his group leaks the SDMI cracks anyway. I love it!

This guy is my hero! [princeton.edu] Looks so *innocent*, doesn't he? :-)

DMCA will protect the scholars, not SDMI (5)

sparkane (145547) | about 13 years ago | (#275441)

From the law his own self:

USS Code, Section 1201(g)(2):

Permissible acts of encryption research. - Notwithstanding the provisions of subsection (a)(1)(A), it is not a violation of that subsection for a person to circumvent a technological measure as applied to a copy, phonorecord, performance, or display of a published work in the course of an act of good faith encryption research if -

(A) the person lawfully obtained the encrypted copy, phonorecord, performance, or display of the published work;
(B) such act is necessary to conduct such encryption research;
(C) the person made a good faith effort to obtain authorization before the circumvention; and
(D) such act does not constitute infringement under this title or a violation of applicable law other than this section, including section 1030 of title 18 and those provisions of title 18 amended by the Computer Fraud and Abuse Act of 1986.

Let's see: the scholars recd the copy lawfully (they didn't infringe copyright to get it); their act was not just necessary for research, but was research itself; I am sure they are making a good faith effort, as is evidenced in the harrassing letter; I'll eat my hat if releasing their paper breaks any other laws.

That's 4 for 4.

But wait there's more:

1201(g)(3):

Factors in determining exemption. - In determining whether a person qualifies for the exemption under paragraph (2), the factors to be considered shall include -

(A) whether the information derived from the encryption research was disseminated, and if so, whether it was disseminated in a manner reasonably calculated to advance the state of knowledge or development of encryption technology, versus whether it was disseminated in a manner that facilitates infringement under this title or a violation of applicable law other than this section, including a violation of privacy or breach of security;
(B) whether the person is engaged in a legitimate course of study, is employed, or is appropriately trained or experienced, in the field of encryption technology; and
(C) whether the person provides the copyright owner of the work to which the technological measure is applied with notice of the findings and documentation of the research, and the time
when such notice is provided.

The scholars *are* disseminating the information to further encryption study; if they are not employed in the proper field, then no one is; clearly they have notice of the findings to the copyright holder, to wit the harrassing letter.

Conclusion: Those bastards don't have a leg to stand on.

I don't really understand... (3)

DeeKayWon (155842) | about 13 years ago | (#275445)

How can watermarking be covered as a "device that effectively controls access to a work"? According to the text of the DMCA [loc.gov],
''(B) a technological measure 'effectively controls access to a work' if the measure, in the ordinary course of its operation, requires the application of information, or a process or a treatment, with the authority of the copyright owner, to gain access to the work.
If a watermark qualifies as an effective access control measure, then I would think that by that logic, any player that doesn't check for watermarks would be considered an access circumvention device and therefore illegal. Or would they be legal because they have a commercially significant purpose? This is confusing.

Cat out of the bag (2)

Alien54 (180860) | about 13 years ago | (#275458)

Now that the cat is out of the bag, there are going to be unhappy people.

I wonder how this could be used in a First Amendment challenge to the DCMA?

Check out the Vinny the Vampire [eplugz.com] comic strip

Re:It would be nice (1)

fatphil (181876) | about 13 years ago | (#275459)

"
Dear Professor Felten,
Whilst it appears from the title "professor" you may be an academic, we /urge/ you to refrain from researching in this particular field, because that would be a bad thing, and we know what school your children go to, if you know what we mean...
"

Fuck it, if they don't want the information to come out in an formal academic way, then they'll have a few months more of perceived security before it comes out via unofficial routes.

Put the cracks off guys (and gals). Let this thing become universal before breaking... :-)

Whiney fuckers.

FatPhil (mad)

--

Re:proof the RIAA is stupid. (1)

fatphil (181876) | about 13 years ago | (#275460)

+1 Funny to that, for sure!

New Jersey? Hell it's /close/. :-)

In the UK, people have got of incredible serious (alleged) offences due to typos!
Note, however, that we don't know if the typo was on the transcriber's (to the web page) part.

Hmmm, actually, I'm gonna do a quick web-suck of that page /just in case/...

FP.
--

PGP Approach (2)

CaptainZapp (182233) | about 13 years ago | (#275461)

As far as I recall PGP was released from a server in New Zealand to avoid the ludicrous American encryption export laws.

What if Prof. Felton releases the conclusions in an academic environment abroad.

Since SDMI asked for their crappy scheme to be broken, would that still be illegal under the DMCA ?

Up to this point most other (civilized) countries appear to have more reasonable laws on the issue then threatening academic researchers with jailtime.

Re:DMCA - Permissible acts of encryption research (1)

Peter Dyck (201979) | about 13 years ago | (#275463)

You seriously think that an academic organization has enough money to fight a commercial one?

it was gonna happen (1)

dacopperhead (209337) | about 13 years ago | (#275470)

someone was going to crack all of that stuff eventually. I wonder if it would have been someone other than a university that did it, would they just be outright sued, or get the same threat as the people at Princeton did. Either way, this just means that they have to learn to make a code that noone can crack

Freenet? (2)

evanbd (210358) | about 13 years ago | (#275472)

So, has anyone put this on Freenet yet? If so, what's the key? If not, then I'm very disappointed in Slashdot.

Re:It would be nice (1)

Miragejp (214942) | about 13 years ago | (#275474)

Wholeheartedly agree here.

My one true wish is that there would be backlash against DMCA, SDMI along with the MPAA and RIAA and all of their supporters who believe that corporations are more important than people.

The backlash I wish to happen would be of such a magnitude and type as to make Genghis Khan or Atilla proud - By that, I mean go in and torture and murder whole slews of company executives and lawyers - to quote Cornholio - "The streets will flow with the blood of the non-believers!"

Re:Whooo there! (1)

ackthpt (218170) | about 13 years ago | (#275475)

DMCA is just the USA's way of catching up with all the repressive governments of China, past (and possibly near future Russia), Iraq, North Korea, etc.

Now if you'll excuse me, I have to see how the prison laborers are doing on those De-DeCSS shirts.

--

Re:It would be nice (1)

ackthpt (218170) | about 13 years ago | (#275476)

Colleges and Universities also have a time honored tradition of bending over for anyone who is or might be a contributor. If Princeton's development office has them on file as a donor, you'll be disappointed how quickly they'll act to shut up their own students and faculty.

Good thing the USA is a free country or it would be run by a bunch of oligarches with a big business puppet in the Whitehouse ...er... never mind.

--

Long article (2)

ackthpt (218170) | about 13 years ago | (#275477)

It's gonna be tough to fit this on a t-shirt...

...maybe an entire line of clothing?

--

Bigger Consequences (1)

metoc (224422) | about 13 years ago | (#275478)

Taking RIAA's arguments further, it would be illegal to report on any bugs found in commercial software.

Their current argument is that the report would impact on commerically available software and therefore allow individuals to take advantage of faults in the software.

Well isn't that what bug reports do? If would mean that you couldn't analyze and report on bugs found in bind, sendmail, apache, linux, IIS, Windows, Outlook, WEP, etc.

It would make CERT and bugtrak illegal! Next they would be after /. to stop discussions.

This should prove interesting.... (2)

segfaultcoredump (226031) | about 13 years ago | (#275479)

If this ever goes to court, it will be a good test of the DMCA.

Unlike previous cases (DeCSS, etc, etc) that were electronic publications, this one is a paper based publication. The court has no problems with understanding things that are on paper (compared to anything electronic) and thus their academic publication will most likely enjoy the full protection of the law. That and I'm sure that there is a long history of corporations trying to stop the publication of formal academic papers (from what I've seen, the academic's usually win)

When coupled with the fact that the SDMI folks presented a formal and public challenge to break their system, I'm sure that whatever protection that they though the dcma would have provided them will be thrown out the window.

Re:Weak (2)

zhensel (228891) | about 13 years ago | (#275481)

They probably were sharing their paper with other academics prior to release and someone else leaked the paper. Given scientist's (well most of them) inclination to check their work prior to publishing it (unlike, say, Slashdot), this makes sense.

Re:will this trigger them, as well? (2)

zhensel (228891) | about 13 years ago | (#275482)

Someone also released a program called decss.exe or something (think it was windows) that would strip all style sheets from an html file. They wanted everyone to distribute it to get false MPAA threats or something.

Re:Legal Action = Mirroring (3)

acceleriter (231439) | about 13 years ago | (#275483)

And the recording industry is particularly good at this. If it wasn't for the writeup a few years back (before Napster was a twinkle in Fanning's eye) in Wired where the RIAA had pulled a stormtrooper act on the few college kids who were trading MP3's, I and darn near the rest of the world probably never would have heard of them.

<humor>
I suspect that the recording industry and manufacturers of hard disks and removable media are laughing all the way to the bank, having negotiated in smoke filled rooms to share the profits while they play us all for fools buying 80GB disks and CDR drives with 100 spindles to store MP3's and legally challenged material like DeCSS, VirtualDub 1.3, TotalRecorder, ASFRecorder, the eFront ICQ logs (which I and about 1E6 others posted to Freenet). And now this.
</humor>

Oops. (2)

JAVAC THE GREAT (239850) | about 13 years ago | (#275485)

In the meantime, we urge you to withdraw the paper submitted for the upcoming Information Hiding Workshop, assure that it is removed from the Workshop distribution materials and destroyed, and avoid a public discussion of confidential information.

Oops! Now it's on the Internet. I hope everyone saves a copy for when cryptome is shut down tomorrow.
---

Excellent. (4)

JAVAC THE GREAT (239850) | about 13 years ago | (#275486)

This is just the challenge the DMCA needs to be taken to the Supreme Court and repealed. With Princeton (=State of New Jersey? Is Princeton public?) footing the legal bill, they can afford to go all the way, and the with something so fucked up as this SDMI is bound to lose.

But then, I wouldn't be surprised if the SDMI people back down to make sure they don't lose their most valuable weapon in the fight against free speech.
---

Poor RIAA (1)

tripiecz (253861) | about 13 years ago | (#275491)

Poor RIAA bastardos are beaten again... when the fuck they gonna realize they have to start trying to find a way to keep up with evolution and technological progress, rather than trying to force people to stop thinking and sharing their thoughts.

Re:from the article's conclusion section... (2)

mikethegeek (257172) | about 13 years ago | (#275494)

"Do we believe we can defeat any audio protection scheme? Certainly, the technical details of any scheme will become known publicly through reverse engineering. Using the techniques we have presented here, we believe no public watermark-based scheme intended to thwart copying will succeed."

Which makes the DMCA all the more abhorrent. It's NOT a copyright protection law, but a copy protection protection law.

Copy protection was proven an ineffective mechanism back in the 1980's, and it's just as ineffective now, if not more so, given the much greater number of computer professionals (that you may call "hackers") than there were then.

Given that the right to make a backup copy is an established RIGHT under the Constitutional derived principle of "fair use" would it not follow that any law preventing you from circumventing copy protection to excercise that right would be Unconstitutional?

Keep in mind, the Constitution places SEVERE limits on the scope and duration of patents and copyrights (though that has been violated many times by Congress and several presidents, most recently, Clinton. when copyrights were extended pretty much to infinity).

Re:Voodoo Science (2)

mikethegeek (257172) | about 13 years ago | (#275495)

"The DMCA has so far only protected the rights of big business. The courts have a history of supporting free exchange of ideas. I have faith in our courts. I hope this is not misplaced."

I don't have much faith in the courts. Perhaps I'm pessimistic, but so-called "judge" Kaplan seems to be a typical example of the neo-Napoleonoic complex that most of our newer judges seem to have.

Also, keep in mind, that Judges come from lawyers. Lawyers come from lawfirms. The past 20 years has seen a geometric increase in litigation, most of it being done BY the corporations and the powerful. From that pool of lawyers come the next crop of judges. Today, I'd doubt it's possible to apppoint a Federal judge who hasn't done a lot of work for at least one of the aggressive IP cartels.

Judges are supposed to be different from lawyers. They are supposed to be impartial, ubiased, and rule on the LAW, not their personal biases. If "judge" Kaplan is indeed a typical example of the modern judge, then it's obvious that wishing for impartiality is, indeed, wishing for something that won't happen.

Re:It would be nice (3)

mikethegeek (257172) | about 13 years ago | (#275510)

"It would be a shame if Princeton's legal dept tells the researchers to back down because they don't have a legal leg to stand on here."

The fact is, they DO have a legal leg to stand on here... The rights of "fair use" and "reverse engineering" were established by the courts over the years in many many, precedent setting cases (such as the Betamax case) as being from the Constitution. NO statutory law can "outrank" the Constitution, it's the higest law of the land, from which there is no option but to change it.

The DMCA has many MANY problems with the Constitution, and this threat towards these Princeton professors proves, it could have this little side effect of DESTROYING academia.

The unanimous voice vote "coup de etat" nature of the DMCA's passage is even more insidious. Congress, and Bill Clinton, in effect, conducted an illegal Constitutional Convention, in their roles in passing that law. The DMCA cannot be legal without a Constitutional Amendment.

Remember, there has yet been NO TEST of the Constitutionality of the DMCA. This didn't happen in the 2600 case, because it was presided over a conflicted judge (the so-called "judge" Kaplan) who did not hide for one second his contempt for both the defendants and their counsel.

And, he also had worked for a lawfirm that had DIRECTLY represented a plantiff before becoming a judge (Martin Garbus, lead attorney for 2600 and the EFF was EXCORIATED by Kaplan for previously working for a firm that had represented a company that was eventually BOUGHT by Time Warner.)

Kaplan refused to recuse himself, and ran a "show trial" with an illogical and indefensible verdict. But then, one only need have paid attention to the judge's behavior in the pre-trial to know that the verdict was a foregone conclusion. Kaplan ruled on the most narrow POSSIBLE interpretation of the DMCA, even ignoring the language in the DMCA itself which would seem to make reverse-engineering CSS for the purpose of creating a Linux DVD player perfectly legal.

"Hell, even if they didn't have a legal leg to stand on it would still be fun to watch SDMI go after several professors at Princeton. High visibility and bad publicity for SDMI. I'd pay to watch those court proceedings."

I would think that the MPAA/RIAA/SDMI cartels et all, would be very hesitant to go forward with such a case. 2600 was an easy target because it was VERY easy to spin them off as "anarchistic hackers". Princeton professors will be a lot harder to mount a slander campaign against. It's a sad indictment of the US legal system that not all defendants are equal before the eyes of the law.

What the IP cartel is doing right now is trying to win by intimidation, threat, and extortion what it probably can't win in a courtroom (as it's certain that all or at least MOST of the DMCA would be struck down or at the very least, limited by the courts). They are hoping that either the authors of the paper will back down, or else Princeton will back them down.

If I were the author of the paper, I'd be considering pulling an "Infineon" on the IP cartel: What they are doing right now (using threat, intimidation, and extortion) kinda smacks as illegal under the RICO laws doesn't it?

Are we really surprised? (3)

localroger (258128) | about 13 years ago | (#275516)

Nobody issues a challenge like that if they expect their precious standard to be broken. Oops. Now they're pissed. I didn't realize two year olds were allowed to run corporations.

Voodoo Science (2)

Paul the Bold (264588) | about 13 years ago | (#275522)

These kind of threats by industry groups to prevent the publication of scientific papers that may injure their public image or some foothold in the market is not new. I heard a man named Robert Park speak a year ago. He is a professor (physics, I think, but I can't remember where he teaches) and a writer, and this talk was one of a series of lectures to promote his latest book, "Voodoo Science." After the lecture, there was to be a brief book signing. Unfortunately, lawsuits were preventing the release of the book (libel).

Dr. Park said that these kind of law suits are common, but the courts have a history of releasing academic material in an effort to protect a free exchange of ideas.

The DMCA has so far only protected the rights of big business. The courts have a history of supporting free exchange of ideas. I have faith in our courts. I hope this is not misplaced.

I hope Professor Felten et. al. fight this tooth and nail. Princeton has a legal department, and this is Princeton's fight. I hope they stand behind the professor.

Quick Summary (2)

Anml4ixoye (264762) | about 13 years ago | (#275523)

Ok, so let me see if I can summarize this...

"Dear Sir:

Because we believe that our cool watermarking technology is going to make us lots and lots of money, and because we think that the internet is a fad and will hopefully go away soon, please refrain from exposing what idiots we are and how much our encryption software sucks.

Oh, and please don't let anyone know about all of the hard work you did to prove that. We thank you for that and all, but will attempt to destroy you if you talk bad about us.

Finally, we will have to sue you under the DMCA if anything that you have said, ever, in your life, and we mean ever, could, at any time, in some way, possibly, be used to give someone the faintest idea about cracking this software and maybe using this illegally. we don't care about a better tomorrow as long as we make money today and look good."

Sound right? *sigh*

Re:DMCA - Permissible acts of encryption research (1)

dachshund (300733) | about 13 years ago | (#275526)

This means the RIAA still gets to drag someone into court and wage a legal war of attrition, while the defense are argued. That's very, very, expen$$$ive.

Princeton's got enough money to fight them, if they've got the will. It would seem to be a worthwhile fight, as the DMCA could theoretically cause them (and other universities) an enormous amount of grief over the coming years (which could theoretically translate into enormous compliance costs.)

Re:What I don't get... (1)

dachshund (300733) | about 13 years ago | (#275527)

Why would anyone buy a SDMI CD player?!

Market domination. Not yet, of course. But they're already including this in DVD-Audio and presumably it could be included in future technologies. It just takes a few simple licensing agreements between a few major hardware manufacturers and the Music Industry to insure that the next generation of CD/DVD/?? players include these features (ala CSS.)

Essentially, once the RIAA has something they trust, they patent the hell out of it and license it to some big hardware companies, who can either play along and get a big share of a new market-- or not play along and get left behind (with already paper-thin margins on audio equipment, where's the choice?) Because the standards are proprietary and patented (and protected by the DMCA and its ilk), content-producers can license it to whomever they please, wielding the power of life and death over manufacturers (who are, unfortunately, in an industry with actual competition.) Forget about anti-trust, this is a legally sanctioned cartel.

So don't get worried yet. Wait til your current CD players aren't working so well and most new music is being released in some other format (remember Betamax?)

Re:SDMI has no legal ground (2)

dachshund (300733) | about 13 years ago | (#275528)

SDMI are complete idiots

What are you talking about? These folks managed to hold every single one of their conferences in some exotic location like Florence or Hawaii, all at company expense. I would say they're quite clever, really.

So what if they never quite got any decent work done?

DMCA (5)

dachshund (300733) | about 13 years ago | (#275529)

I was under the impression that "encryption research" was specifically excepted under the DMCA anti-circumvention clause. Does this letter take that into account? I would love to see this go to court, even though today's (apparently bought and paid for [salon.com]) federal courts give me little reason for optimism.

Didn't the reviewers break the DMCA? (1)

Joey7F (307495) | about 13 years ago | (#275533)

If knowing about a technology is illegal(according to the DMCA) the people who submitted the instructions on how to crack it, as well as the people reviewing it(on behalf of the SDMI proponents(mostly the riaa)) would be in violation.

Yeah, this is why the DMCA sucks.

--Joey

Sounds familliar (1)

BIGJIMSLATE (314762) | about 13 years ago | (#275539)

Why does remind me so much of that (somewhat) recent story of the teacher who dared/told/challenged/asked his students to break past the school's security systems? One kid did, showed how, and was immediately suspended for it, while the teacher wasn't even reprimanded for doing such a thing. Besides, even if they don't publish the stuff, they'll surface sooner or later. Just like Nosferatu, no matter how much someone wants for something to disappear or go away, it will always turn up again.

Then why did they have the challenge at all??? (1)

iamroot (319400) | about 13 years ago | (#275541)

Why did SDMI have the challenge in the first place? They were enthusiastic about the challenge, but when someone cracks their technologies, they get so upset and were even reluctant to admit that someone had. If they say "try to crack this" they should accept it if someone does crack it, and also accept the results of that. Furthermore, why were they challenging people to crack a watermarking technology that is currently being used???

Why stick your finger in it? (3)

janpod66 (323734) | about 13 years ago | (#275544)

Why bother dealing with these people? They have trouble understanding that the price of content goes down as distribution costs go down. They are fighting a losing battle against companies that do understand economics. The content that gets distributed with fewer restrictions at lower production costs will win out over high-priced content from a bunch of media czars and over-the-hill writers, composers, and pop stars.

They also seem to have trouble understanding that watermarking is not technically feasible. It won't take some really smart guys from Princeton to break this or future systems. Given Chiariglione's inelegant and messy technical track record [mpeg.org], I doubt they are going to get a technical clue any time soon either.

Let them add poor watermarks to poor content and create players with all sorts of limitations. In the long run, it's only going to hurt their business. Dealing with these people is a waste of time in my opinion.

Death to the truth! (1)

Vintermann (400722) | about 13 years ago | (#275545)

"ithdraw the paper submitted for the upcoming Information Hiding Workshop, assure that it is removed from the Workshop distribution materials and destroyed, and avoid a public discussion of confidential information"


"Ye shall know the truth, and the truth shall set you free." - John 8:32

Re:it was gonna happen (1)

Vintermann (400722) | about 13 years ago | (#275546)

Well, you have no doubt heard the cliché that "security through obscurity is no security at all". Most (all?) of us cypherpunks believe that there is no such thing as an un-hackable watermarking scheme/copy-protection, so just becoming better coders won't help them.
I am sure that the commercial actor's coder employees have told them long ago. They just refuse to accept the limitations of technology.

I wonder if it is possible to prove mathemathically that such a scheme won't work. Perhaps that'll convince them.

are they serious? (1)

s20451 (410424) | about 13 years ago | (#275548)

Are these people being serious?

Think about what they're saying: "We challenge you to find a way to break our cipher. But if you succeed you can't tell anyone how you did it." I could claim to have broken the cipher, and under the DMCA no one could legally verify my claim.

A more important point is lost here: the only secret about a cryptographic system is whether it can be broken. The fact that it has been cracked is now public news, so the SDMI's cipher should be considered insecure, DMCA or no DMCA.

Publish Results (1)

ayr (413296) | about 13 years ago | (#275551)

If I had received that letter I would have to respond by publishing the results, regardless. DMCA is not near as important as the 1st admendment. They asked to have it broken now they don't us to know how their protection is flawed... typical. I say Publish.

Re:Death to the truth! (1)

deaddrunk (443038) | about 13 years ago | (#275552)

Truth is subjective. Just listen to Dubya lying through his teeth at the Globalisation Conference today, and the media presenting it as 'truth'. Same conglomerates as the RIAA.

Re:Death to the truth! (1)

deaddrunk (443038) | about 13 years ago | (#275553)

Does it though? I doubt that the average sweatshop worker's lifestyle has changed a great deal, the grind is working 13 hours a day, seven days a week in appalling conditions. Although globalisation is claimed as the removal of trade barriers, what it is is large corps making sure that governments don't get in the way of making huge profits. Did you know, for example, that one of the provisions of the FTAA is to allow corporations to take national governments to court if any law they inact hits profits? Nice - I wish I had as much right to misbehave as corporations do. Liberalisation of laws should be for the benefit of everyone, not just those wanting the right to cut labour costs by abusing people in appalling poverty, most of it as a result of western policy over the past 200 years.

Legal Bearing (2)

Nerve_Ripper (444852) | about 13 years ago | (#275555)

As I understand the agreement, the professors were only under the confidentiality clause if they accepted the cash settlement...They did not, and that is why the SDMI could only "Urge" them not to publish the paper, and make vague threats of legal action. They have every right to put forth their findings, after their work. Also...does it seem to anyone else that the SDMI *completely* tried to fix the contest so that no one would win? The whole point of this seems to be them trying to say "Look at our unbreakable work"...even to the extent of fixing the contest "the 'broken' oracle"

copying data (1)

$hecky (445344) | about 13 years ago | (#275556)

I'm afraid our friend, in spite of his hysterics, is quite correct-- provided data can be played, it can alwaysbe copied. This is a very simple matter-- if there exists a device capable of recording audio or video data, playback can always, by definition, be reproduced: even if it's by some moron pointing his super 8 at a movie screen.

Furthermore, while such crude methods of reproduction (...sounds like an alien watching a porno...) are imperfect, recent history shows us that these things really don't matter where piracy is concerned-- just because something's an analog (or imperfect digital) copy doesn't mean it can't be of exceptional quality (look at a high quality VHS dub of a DVD, or dub a cassette tape if you have one of those 2-deck dinosaurs lying around). All it takes is a single person willing to convert a high-quality analog copy of a movie, music, or whatever to a more portable format (DivX, Ogg-Vorbis, or MP3 for the Morloks) and we're back to square one.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...