Slashdot Mirror

Max Pyziur writes "Found this on cryptome.org where Linux is cited in a DOJ document against Moussaoui (sometimes referred to as the "20th man"). FBI: Moussaoui E-mail Not Recoverable - January 1, 2003." An interesting read which gives some insight into how computer evidence is handled in court.

mesozoic writes "Wired is running a story about hackers publishing John Poindexter's personal information (like satellite photos of his home) to protest the proposed Total Information Awareness system. This is just too funny, and it may even raise a few more eyebrows among the national media."

cosmosis points to this interesting glimpse presented on Cryptome at ways in which the proposed "Total Information Awareness" system currently being touted as a way to fight terrorism could be abused. It's also a reminder that there's plenty of possibly sensitive information on you and your neighbors that's floating out there already.

joebeone writes "The California Supreme Court has suprisingly ruled that Matthew Pavlovich is not within their jurisdiction in the DVD-CCA's suit against his posting of DeCSS in relation to the development of the LiViD DVD player for open operating systems. What's surprising? It's surprising that they held that his posting of DeCSS was not actionable... (however the use of the program by users to circumvent CSS could be under the DMCA)."

Saint Aardvark writes "A Canadian woman is suing her former ISP over their suspension of her email account. Their accounting system screwed up, and they suspended her account while they sought payment from her. What she didn't realize was that email sent to that address continued to pile up, without any notification to the sender that she had no access to it. She lost a chance at a $65,000 contract job at the Discovery channel because of this. Read the article at CNet, the complaint she brought to the Canadian Privacy Commisioner, and further details from the woman herself on Cryptome.org."

An anonymous reader writes "According to an an article at Cryptome, the UK media has been gagged from reporting on the trial of an ex-intelligence agent. More than this, they've even been gagged from reporting on the gag! Several UK websites that were covering the story have removed it. Insidious..."

An anonymous reader writes "According to an an article at Cryptome, the UK media has been gagged from reporting on the trial of an ex-intelligence agent. More than this, they've even been gagged from reporting on the gag! Several UK websites that were covering the story have removed it. Insidious..."

ChTom writes "John Gilmore initiated a federal suit today in CA Northern District against Ashcroft, et al, challenging the air travel ID requirement: http://cryptome.org/freetotravel.htm (Mr. Gilmore is a businessman, civil libertarian, and philanthropist. He was the fifth employee of Sun Microsystems, an early author of open source software, and co-creator of the Electronic Frontier Foundation, the Cypherpunks, the DES Cracker, and the Internet's "alt" newsgroups. He serves as a director on several for-profit and nonprofit boards. )"

phriedom writes "Salon has coverage of Palladium which gives first page coverage to the idea that Palladium is designed to kill open source software. My favorite part though is on page two, where the Microsoft apologist says that ones view of Palladium 'depends on what you believe Microsoft's long-term aims are. If you believe it's to stimulate commerce and stimulate security, it's a step in the right direction ...and if you're perhaps given to suspicions that Microsoft always makes decisions with the aim of frustrating competitors of the Windows empire rather than for the good of consumers, you might have a different view of the same architecture.'" Wired also has a story claiming under-the-hood exposure to Palladium, although it doesn't seem to have much information that hasn't come out already. Update by J : Steven Levy's Palladium story, which we linked to in an earlier article, has allegedly been pulled from MSNBC's website. Anyone know if there's a simple explanation of this?

Concerned Citizen writes "cryptome has Microsoft's patent for Palladium. Including such gems as: 2. The computerized method of claim 1, wherein protecting the rights-managed data comprises: refusing to load the untrusted program into memory. 14. The computerized method of claim 1, further comprising: restricting a user to a subset of available functions for manipulating the rights-managed data. And I'm sure we'll all be coerced to agree to Palliadium during a future security patch agreement."

Ian Hill writes "This e-mail from Lucky Green, courtesy of Cryptome, provides an interesting look into the Trusted Computing Platform Alliance. It suggests that this is the technology pointed to by Sen. Hollings in his CBDTPA. Frightening quote: "'trusted' here means that the members of the TCPA trust that the TPM [Trusted Platform Module] will make it near impossible for the owner of that motherboard to access supervisor mode on the CPU without their knowledge, they trust that the TPM will enable them to determine remotely if the customer has a kernel-level debugger loaded, and they trust that the TPM will prevent a user from bypassing OS protections by installing custom PCI cards to read out memory directly via DMA without going through the CPU.""

freakyboff writes "Found this on cryptome.org - It's a confidential document from Europol, basically a wish list of all data that they would like people to keep. Many things that violate peoples privacy are in the minimum requirements, such as caller line identification and assigned IP for dial-up Internet access; e-mail and ftp server logs; and companies running web servers should keep information on what information users put on their servers." Statewatch is a good source for more information. I find it odd that Europe is moving from a position of protecting a great deal of data with fairly strong laws to requiring that telecommunications companies store data on their customers for as long as seven years so that law enforcement can go data-mining - skipping the intermediate step of making it optional.

freakyboff writes "Found this on cryptome.org - It's a confidential document from Europol, basically a wish list of all data that they would like people to keep. Many things that violate peoples privacy are in the minimum requirements, such as caller line identification and assigned IP for dial-up Internet access; e-mail and ftp server logs; and companies running web servers should keep information on what information users put on their servers." Statewatch is a good source for more information. I find it odd that Europe is moving from a position of protecting a great deal of data with fairly strong laws to requiring that telecommunications companies store data on their customers for as long as seven years so that law enforcement can go data-mining - skipping the intermediate step of making it optional.

Seth Schoen writes "'I say to you that the VCR is to the American film producer and the American public as the Boston strangler is to the woman home alone.' Jack Valenti said this in 1982 in testimony to the House of Representatives on why the VCR should be illegal. He also called the VCR an "avalanche" and a "tidal wave", and said it would make the film industry "bleed and bleed and hemorrhage". This speech is an important part of history, yet until today it had never been published on-line in its entirety. Valenti's testimony was published today by Cryptome. It's essential background reading if you want to see just how little the MPAA's arguments have changed in two decades." Compare to the Analog Hole document and they're virtually identical (except Valenti was playing on anti-Japanese sentiment then, and today it's anti-pirate sentiment). Of course, the MPAA was unsuccessful in plugging the "VCR Hole" - insufficient lobbying and clueful judges stopped them. The MPAA successfully adapted to the changing times and today sells about 70 million cassettes for rentals and 600 million cassettes for home viewing every year (both numbers are on the decline due to the rise of DVD).

Seth Schoen writes "'I say to you that the VCR is to the American film producer and the American public as the Boston strangler is to the woman home alone.' Jack Valenti said this in 1982 in testimony to the House of Representatives on why the VCR should be illegal. He also called the VCR an "avalanche" and a "tidal wave", and said it would make the film industry "bleed and bleed and hemorrhage". This speech is an important part of history, yet until today it had never been published on-line in its entirety. Valenti's testimony was published today by Cryptome. It's essential background reading if you want to see just how little the MPAA's arguments have changed in two decades." Compare to the Analog Hole document and they're virtually identical (except Valenti was playing on anti-Japanese sentiment then, and today it's anti-pirate sentiment). Of course, the MPAA was unsuccessful in plugging the "VCR Hole" - insufficient lobbying and clueful judges stopped them. The MPAA successfully adapted to the changing times and today sells about 70 million cassettes for rentals and 600 million cassettes for home viewing every year (both numbers are on the decline due to the rise of DVD).

ploog writes "Echelon has been surrounded by controversy since rumors of it first popped up on the net. The US Government has never admitted to it, although various other governments have. Now, a lead architect for Echelon and its "big brother," Echelon II, has been discovered and interviewed. This is fascinating stuff. He is able to give some details about how Echelon works, although he doesn't come divulge everything, for obvious reasons. Trying to deny Echelon just got that much harder. Link found via Megarad.com."

Gemini and many others wrote in with still more info regarding CBDTPA, formerly the SSSCA. Wired has a story. Cryptome has transcribed the text. The Senate Judiciary Committee has a web-form where you can submit comments (although directly contacting your representatives may be better). IMHO, the best thing people can do is explain to less-knowledgeable folks exactly what is at stake. When ABC News (Disney) and Fox News (News Corporation) discuss this, they're not going to be spending much time talking about the downside. Update: 03/23 00:55 GMT by M : EFF has an alert with a sample letter to Congress and background on the issue.

d33l0w3 writes: "It looks like Sherman Austin is off the hook for now. For those of you who missed the previous slashdot posting, Sherman was arrested on Feb. 2 for the contents of his website raisethefist.com. This comes as more of a surprise than the FBI raid on his house." Just a couple of days ago, the government was planning to transfer him to California to face charges there, but now according to Newsbytes, those have been dropped. Read that link I just gave - there's quite a lot of interesting information that came out during the hearing. The attorney's concern about Austin being jacked around in "detention" for an indefinite period of time says a great deal about our judicial system.

d33l0w3 writes: "It looks like Sherman Austin is off the hook for now. For those of you who missed the previous slashdot posting, Sherman was arrested on Feb. 2 for the contents of his website raisethefist.com. This comes as more of a surprise than the FBI raid on his house." Just a couple of days ago, the government was planning to transfer him to California to face charges there, but now according to Newsbytes, those have been dropped. Read that link I just gave - there's quite a lot of interesting information that came out during the hearing. The attorney's concern about Austin being jacked around in "detention" for an indefinite period of time says a great deal about our judicial system.

An Anonymous reader writes: "This essay describes the current battle between two former allies in the DMCA fight - The Content Faction (Universal, MPAA, etc.) v The Tech Faction (IBM, Microsoft, etc.). It gives a great overview of what the battle is, who is taking what position, what's at stake - and how consumers are going to be taking it in the *** no matter who wins, it's just a matter of how rough it will be. "

Dr. Edward Felten is in a funny position -- or perhaps not so funny. He's the Princeton researcher who took up the challenge posed by the music industry to find flaws in the SMDI watermarking scheme, but didn't enter into the 'no-telling' bargain (here's the click-through agreement [pdf]) which would have made him eligible for a reward, so wasn't bound by non-disclosure terms. When a scheduled academic presentation on the weaknesses [pdf] that he and his colleages found in SDMI became the object of lawsuit threats from the RIAA, and caused him to cancel the planned presentation, Felten decided to turn the tables, and in cooperation with the EFF, sue them instead, for interfering with his scholarly research. Though he did eventually get to present his research, the legal action is still going. Dr. Felten is at a hearing today in Trenton, NJ, but he's agreed to answer questions from Slashdot readers. Please confine your questions carefully (one per post), and we'll pass the highest-moderated ones on for his answers.

zavyman writes: "I just noticed at Cryptome that the flaws in HDCP posted to Slashdot earlier this year, which one person refused to disclose due to possible threats from the DMCA, have been made public by different authors. Scott Crosby of Carnegie Mellon University, Ian Goldberg of Zero Knowledge Systems, and Robert Johnson, Dawn Song, and David Wagner of UC Berkeley have published a formal cryptanalysis of the High-bandwidth Digital Content Protection System that proves its fatal flaws. Interesting reading for those with some background with cryptanalysis."

poemofatic writes: "The ruling posted on Cryptome of a disctrict court ruling denying an preliminary injunction against Softman Products Co. Softman "unbundles" and resells at a lower price stuff like photoshop. But of importance to us is that the court upholds the principle of first sale, and invalidates Adobe's claims that Softman is bound to Adobe's EULA. Here's a choice quote: 'In this case, through the use of licensing, Adobe seeks a vast and seemingly unlimited power to control prices and all channels of distribution. On the other hand, in the absence of copyright law violations, the market can often best regulate prices and all subsequent transactions that occur after the first sale. Sound policy rationales support the analysis of those courts that have found shrinkwrap licenses to be unenforceable. A system of 'licensing' which grants software publishers this degree of unchecked power to control the market deserves to be the object of careful scrutiny.'"

John Young of Cryptome, though trained as an architect, has garnered recognition in another field entirely. Since 1996, he's been publishing timely, trenchant news online as the mind behind crypto jya.com and Cryptome. ("Our goal is to be the most disreputable publisher on the Net, just after the world's governments and other highly reputable bullshitters." ) This has put him on the forefront of various online liberty issues, from the MPAA's DeCSS crackdown on DeCSS (he fought the lawyers -- and won), to Carnivore, to Dmitry Sklyarov's continuing imprisonment, and now the several fronts along which electronic communications are threatened by current and upcoming legislation. He recently posted this to the front page: "Cryptome and a host of other crypto resources are likely to be shutdown if the war panic continues. What methods could be used to assure continued access to crypto for homeland and self-defense by citizens of all nations against communication transgressors?" Now's your chance to ask him about the fight for online freedom. Please pose just one question per post; we'll send 10-15 of the highest moderated ones on to John for his answers.

A story at NewsForge details the latest on the state of Senator Fritz Hollings' proposed SSSCA, which may be the most radical attempt at legislative oversight over electronic goods ever attempted in the U.S. Opposition from the Electronic Frontier Foundation, the Free Software Foundation, the Association of Computing Machinery and others notwithstanding, Hollings' efforts to impede a free market in computer hardware and software through legislative fiat has been little commented on, in part because Hollings refuses to release much information about it. Eben Moglen is quoted to good effect on the risk a bill officializing and regulating all digital devices would pose to Free software. Under the SSSCA, it would be "unlawful to manufacture, import, offer to the public, provide or otherwise traffic in any interactive digital device that does not include and utilize certified security technologies." And that rules out most Free software, right from the start. (Read on for some more information.)

Besides writing your own representatives (email and faxes are probably better than phone calls), note that according to Hollings' contact page, "South Carolina residents may call, toll free, 1-800-922-8503" to reach him. In addition, the Electronic Privacy Information Center (EPIC) and the Privacy Center will be holding a meeting on "Security or Surveillance? Technology's Impact After September 11" on October 22 at Washington, DC's National Press Club; you can email for details on this meeting.

As the title says: Microsoft Digital Rights Management Version 2 has been cracked. The Register has the story, including a link to a downloadable zip file which contains source code, explanation and a small DOS utility. Grab it while you can. You can also read the explanation directly here, and you can also find it with Google.

the_2nd_coming writes "Red Hat has announced a legislation alert for the SSSCA. They are collecting comments to hand to lawmakers. Get those comments in while you can, but make sure you give them some thought."

Current WTC happenings: The FBI is searching ISPs with FISA warrants. Architects and civil engineers are starting to speculate on why the towers collapsed. Pictures: NASA, a powerful photoessay, newspaper headlines. Current investigation news: LA Times, NY Times, CNN. They're finally starting to mention casualty figures. Finally, bjb writes: "It isn't the hollywood blockbuster of a story, but I'm a daily reader of Slashdot, and I was on the 38th floor of the WTC 1 building when the first plane hit. Oh, and I was reading Slashdot at the time. You can read about my experience here. It was originally an email that I sent out to friends and family, but I was asked by NPR's Talk of the Nation to make it a web page."

CrossRhythm writes: "The European Commission Resolution on Echelon encourages the Commission and Member States "to promote software projects whose source text is made public", to lay down a standard for the level of security of e-mail software packages, placing those packages whose source code has not been made public in the "least reliable" category," and "systematically to encrypt e-mails, so that ultimately encryption becomes the norm"."

Lord_Pall writes: "There's a very good article on SecurityFocus about a Dutch cryptographer. He apparently has cracked the HDCP video encryption standard, but won't release the research for fear of reprisals under the DMCA." Update: 08/15 06:10 PM by J : Meanwhile, see Keith Irwin's paper which has been released despite the DMCA. Update: 08/15 07:00 PM by J : And someone else points out this old thing. Everyone who hasn't written a paper on cracking HDCP raise your hand.

iamblades writes: "Edward Felten is scheduled to present his research papers on SDMI on Wednesday at the annual USENIX security conference. Apparently the RIAA backed off their harrassment, which makes sense, as SDMI is almost completely dead already." And a Semi-Anonymous Coward writes: "Despite the RIAA's attempts to silence the Princeton Professor and his students, USENIX will broadcast the SDMI Crack Live via the web. The broadcast will be available for the world here along with a discussion concerning your Freedom."

The Sixth District Court of Appeals has denied Matt Pavlovich's challenge to being sued in California for the act of posting DeCSS on an internet web site. CNet has a blurb about it, or go straight to the ruling. The Court apparently believes that "open source" is shorthand for "pirate ring", as evidenced by their description: "At the time Pavlovich posted DeCSS on the Internet, he was a leader in the "open source" movement, the purpose of which was to make as much material as possible available over the Internet." Blatantly false statements like "Further; Pavlovich knew that his Web site allowed the illegal publishing and distribution of DVDs." do nothing to make me think the Court even understands what is alleged to have occurred. And since the Court describes Pavlovich's activities as "illegal", it appears to have already decided the main issue of the case itself (which has not yet been tried). Not good omens for the California DeCSS case. Below we have commentary from the attorney representing Pavlovich.

Appellate Court Issues Precedent Setting Ruling in Cyber-Jurisdiction ruling

The Sixth District Court of Appeals has issued its ruling in the jurisdictional case filed by Indiana student Matt Pavlovich, a foreign defendant in the California DVD case. You may recall that Pavlovich had moved the trial court to dismiss him from the main DVD action due to lack of jurisdiction. When the trial court denied his motion, Pavlovich filed a petition for Writ of Mandate with the Court of Appeals - that court summarily denied his petition. Pavlovich then turned to the Supreme Court for relief by way of a Petition for Review. In a rare move, all seven justices of the Supreme Court unanimously granted review and sent the matter back to the Court of Appeals with instructions that they re-consider the case. Following additional filings and oral arguments, today the Court of Appeals issued a published, written opinion again denying Pavlovich's petition. The Court's order will be available on our web site at www.legal.wao.com shortly, and is also accessible through the Court of Appeal's site.

Today's opinion dramatically increases the jurisdictional reach of California's court system, creating nearly limitless jurisdiction over internet disputes involving the motion picture industry, the technology industry, and any other industry reputed to exist in California. Because the exercise of jurisdiction is fundamentally a question of state power, we contend that this type of hyper-extension of California's long-arm statute violates the Constitutional safeguards found within the Due Process Clause of the U.S. Constitution. Because the decision affects the Constitutional Rights of U.S. Citizens everywhere, we are hopeful that the Supreme Court will again grant review of the Appellate Court's decision.

The underlying California Case:

Pavlovich, along with Andrew Bunner and some 500 other individual defendants, have been targeted by the Motion Picture Industry trade group DVD CCA in the California case. DVD CCA alleges that the defendants, who allegedly found the DeCSS information on the World Wide Web and then republished it, may not continue to publish the information based on California's Uniform Trade Secret's Act. Bunner claims that, like any other innocent republisher of information, he has a constitutionally protected right to publish this particular information and is not liable under the UTSA. Bunner, along with Amicus briefs from the prestigious IEEE and ACIS groups, also argues that the information he republished was properly and permissibly reverse-engineered and as such cannot be enjoined under the UTSA. In his papers, Bunner explains that Reverse-Engineering, along with the publication of technical discoveries, has long been a mainstay of innovation and evolution in the field of high-technology. Enjoining the publication of technical information, and stopping permissible reverse-engineering, would necessarily empower entities to use technologies like CSS to manipulate markets and bar consumer protections.

NEW YORK CASE:

The New York case continues through the appellate process. Appellants presented oral arguments before the appeals court and have recently responded to a number of written questions posed by the court. Additional resources are available at www.eff.org.

Resources:

HS Law Group's web site with information about the DeCSS cases:www.legal.wao.com

http://www.cryptome.org- tends to get the most recent filings fairly quickly

EFF Archive for DVD-CCA Cal. trade secret case: http://www.eff.org/IP/Video/DVDCCA_case/

EFF's DVD Archive: http://www.eff.org/pub/Intellectual_property/DVD/

Allonn E. Levy, Esq.

HS LAW GROUP a.p.c.
210 N. Fourth St. Fourth Fl.
San Jose, CA 95112

Let's go over the Sklyarov situation. Sklyarov is still in jail. In fact, he's still in Las Vegas, where he is being held without even a bail hearing, much less bail. The excuse given for not having a bail hearing when he was arrested on July 16 was that he was being immediately transferred to San Jose and would get a hearing there. Anyway, a recap of the protests: San Jose, more San Jose, New York, Seattle, Chicago writeup and Chicago pictures, Moscow writeup and Moscow photo and news coverage: New York Times, Business2.com. Wired has Washington's viewpoint - Representative Coble says "there have been very few complaints from intellectual property holders". Well, duh. Linuxplanet has an opinion piece exploring the Digital Millennium Rape Act. Finally EFF has written a letter to U.S. Attorney Mueller, asking for the U.S. to drop the charges against Sklyarov. It seems pretty doubtful that he will, since he won't want to be seen as soft on crime during his Senate confirmation hearings.

MadCow-ard writes: "C|Net has an article on the EFF pushing ahead with the countersuit to open the way to Dr. Felten to publishing the SDMI hack. RIAA has back peddled from their original threats, and now claim "hey, we never were going to sue him, so lets just drop the whole thing". It seems they prefer scare tactics to going up against free speech in a court room. Fear has more leverage because 'anything' could happen. The best part is the EFF and Felten are planning a victory dinner at $250 a head!" The recent legal filings are available, if you want to read the maneuvering. In a nutshell: both the RIAA and EFF think the RIAA made a mistake by threatening Felten, and want to negate it or capitalize on it respectively.

Randy Rathbun submitted a Reuters article about the arrest of Dmitri Sklyarov. Cryptome has collected the press release and criminal complaint filed against Sklyarov by the United States, at the urging of Adobe Corporation. The complaint specifically mentions the ROT-13 "encryption" used by at least one "protected ebook" company, so the jokes made about the DMCA before are now true: crack ROT-13, go to jail. Sklyarov is currently imprisoned without bail. We've received a note that another Russian developer who was at the conference with Sklyarov has posted more information about the arrest - can someone provide a translation in the comments? Update: 07/18 10:57 PM by S : This Las Vegas Sun Article provides more interesting details (Thanks to possible for the link).

wiggles writes: "Cryptome is mirroring a federally filed notice which discloses that a small number of companies (9) have joined the SDMI, and a large number of companies (27) 'have been dropped from the [SDMI] venture' i.e. either kicked out, or jumped ship. I put my money on the second possibility. The list of companies 'that have been dropped' is staggering in scope. Some of the more notable names include Encoding.com/Loudeye Technologies (famous infrastructure provider for streaming music), Guillemot (French maker of kickass graphic cards), I2GO.COM (American maker of high-capacity solid state mp3 players), LG Electronics (Korean makers of all kinds of consumer electronics), among others. One wonders how many more defections will follow, as the SDMI group continues to try (and fail) to achieve the impossible. As Bruce Schneier says 'Trying to make bits uncopyable is like trying to make water not wet. The sooner people accept this, and build business models that take this into account, the sooner people will start making money again.'"

wiggles writes: "Cryptome is mirroring a federally filed notice which discloses that a small number of companies (9) have joined the SDMI, and a large number of companies (27) 'have been dropped from the [SDMI] venture' i.e. either kicked out, or jumped ship. I put my money on the second possibility. The list of companies 'that have been dropped' is staggering in scope. Some of the more notable names include Encoding.com/Loudeye Technologies (famous infrastructure provider for streaming music), Guillemot (French maker of kickass graphic cards), I2GO.COM (American maker of high-capacity solid state mp3 players), LG Electronics (Korean makers of all kinds of consumer electronics), among others. One wonders how many more defections will follow, as the SDMI group continues to try (and fail) to achieve the impossible. As Bruce Schneier says 'Trying to make bits uncopyable is like trying to make water not wet. The sooner people accept this, and build business models that take this into account, the sooner people will start making money again.'"

wiredog writes "The EU report on the NSA/GCHQ/et al echelon system is up at cryptome" This is a fairly lengthy piece covering a lot of stuff relating to the feasibility of intercepting transmissions, Cryptography, Privacy and more.

Cryptome has a full transcript of the recent 2600 appeal hearing. Good reading - you can see the arguments each side made in their own words, and see the judges' reactions to them as well. Update: 05/10 12:34 PM by michael : The court has also put out a list of further questions for both sides to answer in written briefs, and given them additional time in which to answer - see the court order.

Cryptome has a full transcript of the recent 2600 appeal hearing. Good reading - you can see the arguments each side made in their own words, and see the judges' reactions to them as well. Update: 05/10 12:34 PM by michael : The court has also put out a list of further questions for both sides to answer in written briefs, and given them additional time in which to answer - see the court order.

Phill Hugo writes: "Cryptome has details of the High-bandwidth Digital Content Protection System which will be implemented as content control between computers and monitor screens. I wonder if continued leaking of the details of the many copy-protections systems will make them unworkable. Who's willing to follow suit in the other camps?" Your monitor will soon be a "licensed monitor device".

Phill Hugo writes: "Cryptome has details of the High-bandwidth Digital Content Protection System which will be implemented as content control between computers and monitor screens. I wonder if continued leaking of the details of the many copy-protections systems will make them unworkable. Who's willing to follow suit in the other camps?" Your monitor will soon be a "licensed monitor device".

John Langford sent in the statement read by Dr. Edward Felten, a professor at Princeton University, who decided to skip presenting the paper he co-authored at a scientific conference due to legal threats made by the RIAA. The RIAA put out an open challenge in September 2000, requesting that researchers attack and crack the SDMI watermarking scheme, but demanded that anyone who researched the scheme suppress their results in order to be eligible for a cash prize. "Show off your skills", they said, but they didn't mean it. Felten and colleagues declined the cash prize and its accompanying restrictions, but have been threatened anyway - the RIAA would have brought a lawsuit claiming the research paper is a circumvention device forbidden by the DMCA, much like the DeCSS case.

Statement read by Edward W. Felten
Fourth International Information Hiding Workshop
Pittsburgh, PA
April 26, 2001

"On behalf of the authors of the paper "Reading Between the Lines: Lessons from the SDMI Challenge," I am disappointed to tell you that we will not be presenting our paper today.

Our paper was submitted via the normal academic peer-review process. The reviewers, who were chosen for their scientific reputations and credentials, enthusiastically recommended the paper for publication, due to their judgment of the paper's scientific merit.

Nevertheless, the Recording Industry Association of America, the SDMI Foundation, and the Verance Corporation threatened to bring a lawsuit if we proceeded with our presentation or the publication of our paper. Threats were made against the authors, against the conference organizers, and against their respective employers.

Litigation is costly, time-consuming, and uncertain, regardless of the merits of the other side's case. Ultimately we, the authors, reached a collective decision not to expose ourselves, our employers, and the conference organizers to litigation at this time.

We remain committed to free speech and to the value of scientific debate to our country and the world. We believe that people benefit from learning the truth about the products they are asked to buy. We will continue to fight for these values, and for the right to publish our paper.

We look forward to the day when we can present the results of our research to you, our colleagues, through the normal scientific publication process, so that you can judge our work for yourselves."

John Langford sent in the statement read by Dr. Edward Felten, a professor at Princeton University, who decided to skip presenting the paper he co-authored at a scientific conference due to legal threats made by the RIAA. The RIAA put out an open challenge in September 2000, requesting that researchers attack and crack the SDMI watermarking scheme, but demanded that anyone who researched the scheme suppress their results in order to be eligible for a cash prize. "Show off your skills", they said, but they didn't mean it. Felten and colleagues declined the cash prize and its accompanying restrictions, but have been threatened anyway - the RIAA would have brought a lawsuit claiming the research paper is a circumvention device forbidden by the DMCA, much like the DeCSS case.

Statement read by Edward W. Felten
Fourth International Information Hiding Workshop
Pittsburgh, PA
April 26, 2001

"On behalf of the authors of the paper "Reading Between the Lines: Lessons from the SDMI Challenge," I am disappointed to tell you that we will not be presenting our paper today.

Our paper was submitted via the normal academic peer-review process. The reviewers, who were chosen for their scientific reputations and credentials, enthusiastically recommended the paper for publication, due to their judgment of the paper's scientific merit.

Nevertheless, the Recording Industry Association of America, the SDMI Foundation, and the Verance Corporation threatened to bring a lawsuit if we proceeded with our presentation or the publication of our paper. Threats were made against the authors, against the conference organizers, and against their respective employers.

Litigation is costly, time-consuming, and uncertain, regardless of the merits of the other side's case. Ultimately we, the authors, reached a collective decision not to expose ourselves, our employers, and the conference organizers to litigation at this time.

We remain committed to free speech and to the value of scientific debate to our country and the world. We believe that people benefit from learning the truth about the products they are asked to buy. We will continue to fight for these values, and for the right to publish our paper.

We look forward to the day when we can present the results of our research to you, our colleagues, through the normal scientific publication process, so that you can judge our work for yourselves."

ssimpson writes "Everyone has probably forgotten the SDMI challenge to hackers to try to break a handful of proposed watermarking and "other" protection mechanisms? Well, it was recognised that a group of researchers at Princeton University broke all of the protection mechanisms and were due to publish a paper on at the 4th International Information Hiding Workshop (25-29 April) but have been threatened with the DMCA if they publish the results. So much for academic freedom, eh? SDMI seem particularly upset because one of the protection mechanims broken in the paper, The Verance Watermark, is currently used for DVD-Audio and SDMI Phase I products. Oops. Somehow, a copy of the threatening letter and the full paper entitled "Reading Between the Lines: Lessons from the SDMI Challenge" has appeared on John Young's excellent Cryptome site. SMDI's urge to "withdraw the paper submitted for the upcoming Information Hiding Workshop, assure that it is removed from the Workshop distribution materials and destroyed, and avoid a public discussion of confidential information." seems a little weak now...."

Anonymous Coward writes: "Mike Godwin, Former Counsel to the Electronic Frontier Foundation and author of Cyber Rights writes about a new international treaty on cybercrime known as the "Convention on Cybercrime." The Council of Europe, a 43-nation public body created to promote democracy and the rule of law, is nominally drafting the treaty. The primary architect is the United States Department of Justice which is using a foreign forum to create an international law-enforcement regime that favors the interests of the feds over those of ordinary citizens and businesses."

Introspective writes "Over on Cryptome they have published an Email from Neal Stephenson explaining his use of Zeta functions in Cryptonomicon. It gives a nice insight into writing about advanced cryptography ( in fiction, that is ) and the kind of reactions he gets back from his readers."

Introspective writes "Over on Cryptome they have published an Email from Neal Stephenson explaining his use of Zeta functions in Cryptonomicon. It gives a nice insight into writing about advanced cryptography ( in fiction, that is ) and the kind of reactions he gets back from his readers."

John Gilmore separates the chaff from the wheat with his look at the new copy-control proposal. See our previous story if you missed the bait-and-switch, as drive manufacturers attempt to include copy controls in all hard drives.

The U.S. Government plans to enter the MPAA vs. 2600 case on the side of the movie studios, arguing in court that the District Court's injunction against distribution of or linking to DeCSS was correct and that the Court of Appeals should not overturn it. The legal brief the government filed is available, as are some news stories. In general, the government supports all of Judge Kaplan's "best" positions in his decision: linking is not speech, linking is equivalent to distributing banned content yourself, etc.