Slashdot Mirror

This article on Freedom to Tinker, and the comments, got me thinking about how Microsoft has a vested interest in squashing outfits like Gator. They have the leverage, and clearly the clout with the courts, to intimidate and spend them (litigation costs) right out of business.

This article on Freedom to Tinker, and the comments, got me thinking about how Microsoft has a vested interest in squashing outfits like Gator. They have the leverage, and clearly the clout with the courts, to intimidate and spend them (litigation costs) right out of business.

There's the ProCD case, which is the leading case.

Hill and the bnetd case are good examples of cases that follow ProCD.

Not all courts have followed ProCD, but the pro-EULA side is, if not winning, at least not losing.

Well, IANAL, but unconscionability of a contract is spelled out pretty well in the ruling, which it's seems you did not bother to read. To quote:

Procedural unconscionability focuses on factors of oppression and surprise. The oppression component arises from an inequality of bargaining power of the parties to the contract and an absence of real negotiation or a meaningful choice on the part of the weaker party.

They then go on to state that the defendants had a "choice", and, that they had 30 days to excercise it. The ruling goes on:

The defendants also had access for up to thirty days to read over the EULA and decide if they wanted to adhere to its terms or return the games. ... Therefore, the Court finds that the licensing agreements were not procedurally unconscionable.

So, it's not about leaving the contract, it's about whether the contract was ever valid in the first place.

I noticed another pretty awkward contradiction in the ruling as well. They rule on the validity of the contract based partly on the UCC, and state that "the court assumes ... that the games constitute goods under the UCC". But then they go on to state that "the defendants did not purchase Blizzard software, rather they purchased a license for the software." They thus deny the defendants protections under the "first sale doctrine". But if it's a license and not goods, how can they apply the UCC. It seems the court is trying to arbitrarily apply double standards: it's goods if it benefits Blizzard, but it's a license if it benefits Blizzard! WTF??

It's not the online version of an established, well-researched traditional encyclopedia. Instead, Wikipedia is a do-it-yourself encyclopedia, without any credentials. [...] One of these skills is to evaluate the authority of any information source. The Wikipedia is not an authoritative source. It even states this in their disclaimer on their Web site." (quoting of Sue Stagnitta)

Shouldn't be news to those who care about hardware hacking, but Ed Felton has a good blog if you don't know about it already called www.freedom-to-tinker.com

Hi,

I'm a wikipedian from de.wikipedia.org and I was very busy reading all the comments on various blogs during the last week. I emailed to the Syracuse Post-Standard guy (without reply) and to Sue Stagnitta, the librarian who started the whole debate. I read the comment from Alex and his experiment and the new one.

Well, my first reaction is to say "nonono, don't do this." but this is more complex.

Have you read Ed Felten's great blog entry on quality check on wikipedia?

Inserting errors is one part but I certainly prefer Felten's way: Take articles about topics you really know and look for errors. Collect these, feel free to correct them.

The next step would be to think of means of more sophisticated quality checks (hint: try to use the category scheme for a well distributed set of articles).

Wikipedia has to deal with various kinds of vandalism, ranging from people who can't believe that this wiki-thing lets them edit the articles to people who try to make wikipedia unusable.

However, I think that people who take time to make these experiments are everything but evil. It should be important to point out that this way might not be the best one to prove or disprove something.

If you read this /. post and one of your thoughts was "Hmm, let me try this", please come to the discussion into wikipedia and try to find/create an experimental situation which leads to results with any value.

The point is non-random collisions. MD5 has been proven to have at least some weakness, and there's no reason to expect more won't be found in the near future, now that the methods have been developed.

Some info

Ed Felten posted a follow-up on this article here.

As it turns out, there was an error in their findings - and that the MD5 value created is NOT the same in this incident.

There is an interesting summery at Freedom to Tinker that I'll post along with this:

Pay attention now, 'cause this story gets kinda complicated. See, Apple had this product called iPod that lets you listen to music. That sounds like a good idea. But Apple thought it would be better if the iPod could do less. So their engineers pulled a bunch of all-nighters to make sure that the iPod couldn't play just any music a customer might have laying around. They called this DRM. I think that stands for Don't Replay Music. Now Apple had a competitor called Real. And Real was unhappy that Apple had made its product less useful. So Real's engineers pulled a bunch of all-nighters, so that they could make Apple's product better. They could've spent that time making their own product better, but that would have been a waste after all of the time they had already spent making their own product worse by making it do DRM too. You still with me? Good. Okay, so Apple was mighty ticked off that Real had made Apple's product better, without even getting permission or anything. So Apple cried foul. Apple was shocked 'n' saddened that Real was trying to improve Apple's product, like those hacker guys are always doing. So Apple drew a line in the sand, and swore to make its own product worse again. I don't know about you, but I find this all very confusing. I guess I just don't have a head for business.

When your toaster tells you that you've got 2 potential e-harmony dates, and your fridge won't shut up about your lousy tv dinner diet, it will be time to move to the mountains.

Thats why i keep my plain old trusty soldering iron handy. If one day my fridge says ANYTHING about my diet, it will taste my screwdriver, warranty be damned. Also, i beleive there is a lots of companies (insurance and marketing) that wants to know about your diet and other things and your household appliances will happily broadcast anything they know.

Happy tinkering

Note this this is just an "alternative" under consideration. It was proposed by Argentina, and Switzerland proposed language that "roughly corresponds" to it. I don't know whether the U.S. has taken a position on this, but I assume the U.S. is still in favor of computers being legal.

Argentina doesn't really have a significant media industry with the exception of exporting some telenovelas. How did they get into the middle of setting intellectual property and technology standards? Maybe it's the less than democratic governments in the developing world that are equal members of WIPO that put all this weird stuff in here. I'm talking about the same countries who put Cuba, Zimbabwe and Sudan on the U.N human rights commission.

Bad example. A better example is the lawsuits against replacement garage door opener remote manufacturers. A completely bogus use of the law, but they still argued it. See http://www.freedom-to-tinker.com/archives/000436.h tml for details on the case.

If they aren't, they should be.

Just because it was a coincidence that I read this on the same day, Ed Felten thinks it's time to retire the term 'hacker'. People may not like it, but he's probably right. It's too late to change the perception.

The Michigan law not only outlaws NAT, it outlaws Proxy servers, Firewalls, anything that hides or obfuscates the originating location of the traffic. If you only have one PC hooked to the cable abd use an appliance FW to protect it, you are violating the law, and have committed a felony.

It is a very poorly written law, I doubt if it would stand a test in court. But until someone with deep pockets or pro-bono lawyers challenges it in court, it stands and can be used for all sorts of mischief.

Last spring, I researched the Michigan laws for some legal courses I was taking. Their law is one of the most draconian ones in effect, and was ghost-written by the industry lobbyists. The Michigan Laws are being used as the blueprint for all the states without DMCA-style legislation on the books.

EFF has some info, but search around there is much more out there.
SuperDMCA

Lemme help you out in your future legal drama. IANAL, BTW.

Based on the court documents, be it hereby known by one and all, that

Bunner M-d N8F8 posted these secrets in the form of DeCSS on the Internet NOT so Linux users could enjoy and use DVD's and so others could improve the functional capabilities of DeCSS. He DID not ^H^H^H post them to comment on any public issue or to participate in any public debate.

[I'm just extracting this from Ed Felten's commentary.]

One of the bizarro rules is that you should be happy when the other side accuses you of lying or acting in bad faith. In the normal world, such accusations will make you angry; but in bizarro world they indicate that the other side has lost confidence in its ability to win the argument on the merits. And so you learn to swallow your outrage and smile when people call you a scoundrel.

It's not that they've specifically banned NAT, I don't think, but rather that NAT falls under the blanket of "evils" that are being outlawed to keep those darn users from sharing files. I think. Read: http://www.freedom-to-tinker.com/archives/000336.h tml

...are largely going down to defeat now that the public has caught on to what's been going on. See Ed Felton's S-DMCA Topic page

Ed Felten has an interesting item on where the money goes for a CD. I'm sure there's a fairly wide variation, but what he quotes is $2.85 for the artist and about $5.00 for the record company overhead. So - is the contribution of the record company worth almost twice the contribution of the artist? To get a bit more on topic, I'm not sure which side of this the cost of a tool like Pro Tools comes from, but from earlier comments it appears the artist, since they have to cover the production costs (yes, from an advance, but that gets taken out of their $2.85 till its paid off, if ever). So...umm...I'm not where I'm going from here...Lets see - less expensive for the artist is good, but overproduction is bad..umm.. hmmm...

...at least 7 states:
Delaware, Illinois, Maryland, Michigan, Pennsylvania, Wyoming, and Virginia
if not more later this year or next:
Arkansas, Colorado, Florida, Georgia, Massachusetts, Oregon, South Carolina, Tennessee, and Texas.
Check out http://www.freedom-to-tinker.com/superdmca.html for status updates.

For Tennessee activities against this bill see: The Tennessee Digital Freedom pages

Dear AC,

Please cease and desist your illegal acts immediately or face the consequences. It is obvious that you have concealed the place of origin of your digital communication by using the name "Anonymous Coward" rather than your true name and email address. You are a threat to Homeland Security and are probably illegally downloading music, too.

Anyone knowing the true identity of Anonymous Coward, please contact your local TIPS snitch.

Regards,
Anonymous Government Offician

There's already Super DMCA legislation that, in certain US states, prohibits the masking and concealment of any internet communication.

Check the eWeek story here.

Doing so is probably now illegal in Michigan, and will be soon in a dozen other states.

This time I remembered the tab key instead of the return key dammit, maybe the filter will save me.

From an email I received 2 weeks ago

[* Check out comp.risks digest 22.66 which has a discussion of legislation being considered by Massachusetts, Texas and some others. The start of this discussion was an article by Ed Felten, "Use a Firewall, Go to Jail" Freedom to tinker archives/000336.html

These laws aim to prohibit any technique used to hide the source of any communication. For example, tunnelling over SSH or using TLS with your email. Even NAT would be illegal because the ultimate source of the IP traffic would not be evident to the recipient nor to any ISP.

Apparently similar laws have already been passed in Michigan, Virginia, Delaware and Illinois.

Of course, making something illegal doesn't stop it happening, and if every business which uses a NAT-enabled router was prosecuted you could imagine the outcry.

*]

And when I finally learnt to put the url in the search...

other slashdot links

Michigan First With A Law That Could Outlaw VPNs
On March 30th, 2003 with 554 comments
zaren writes "Holy frell, Taco, we're gonna be criminals! I was checking out Freedom to Tinker after reading the posting about that multi-state anti-VPN-style...
Section: Your Rights Online > Privacy


Broad Bills to Protect 'Communications Services'
On March 28th, 2003 with 550 comments
mttlg writes "According to Freedom to Tinker, MA, TX, SC, FL, GA, AK, TN, and CO have introduced similar bills that would make it illegal to possess, use, etc....
Section: Your Rights Online > United States


DRM and Threat Analysis
On March 19th, 2003 with 185 comments
miladus writes "A timely and concise intervention by Ed Felten on the topic of DRM and the models used (or not used) to represent the threats to defeat. In...
Section: Main > News


I wonder if AC posts are legal?

And at least now I know why my submisson got rejected...

The German parliament which has just adopted DMCA-style provisions to outlaw the circumvention of technical protection measures that control and curtail the fair use of intellectual property (and only needs the other House's assent for part of the new legislation) makes Germany the third country, following Denmark and Greece, to implement the highly controversial "monstrosity" known as the European Union Copyright Directive 2001/29/EC.

This move, allegedly a "propaganda victory" dubbed "lex Bertelsmann" (after the giant media conglomerate expected to line their corporate pockets under the new laws) in furious disapproval by tech-savvy parts of the news media, makes Germany one of the early adopters setting an unfortunate precedent for further European countries like the UK and France whose citizens, and notably developers like Linux kernel guru Alan Cox, will probably not be spared from similar legislation for much longer either.

Although open-source researchers, cyber-rights activists and even the ruling Social Democrats' very own IT experts as well as hardware manufacturers underlined the severe dangers and inconsistencies of this new and doubtful philosophy extending copyright law to reduce many of the general public's rights to insignificance, in a debate focusing only on academic exemptions from the publishers' power grab, the opposition even tried to tighten the government's bill, ignoring widespread experiences of Chilling Effects such as censorship and assaults on the Freedom to Tinker during the past four years under the EUCD's U.S. counterpart of draconian "bad law and bad policy", the flawed Digital Millennium Copyright Act, another overreaching implementation of the

Princeton eh? Could it be that snarky Ed Felten getting busted there for doing "filesharing research"?

No! He points the finger elsewhere in his Freedom to Tinker blog back in November 2002: the campus paper, the Daily Princetonian then had a nice article with some details on how filesharing works (and is policed, not tightly enough for the RIAA apparently) at Princeton these days.

At least until today.

(I had to laugh at the frankness of the music professor quoted in that article.)

--LP

How does thier technology prevent this?

This whole DRM field is fool's gold. The obvious truth is that business models need to change. Get over it.

See Felton's discussion of threat models

Prof. Felten has a weblog, Freedom to Tinker. It may answer some questions in advance. He is also teaching a class this semester called "Information Technology and the Law". The readings are online.

And guess who's out front waving the flag of support for this?

The stated purpose is to prevent malicious code executing in one part of a system from affecting malicious changes in another part.

Edward Felten discusses this.

Title 17, 1201(a)(1)(A) says: "The prohibition contained in the preceding sentence shall take effect at the end of the 2-year period beginning on the date of the enactment of this chapter."

The DMCA went into effect on Oct98. That means that the prohibition on circumvention didn't go into effect until Oct00, after the AC claims Livid was working.

But 1201(a)(2) which prohibits trafficking in circumvention materials, seems to still apply. Sorry, no such luck.

• BMI Declare that all their future music CDs will be copy protected
• While EMI Germany do likewise, they also insult the complainant. (I'm informed it is even harsher than the translation)
• And soon you won't be able to return the CD if it doesn't work (UK)
• And beware of innovations (this article, beat you to it slashdot - nyah nyah!), as they may be slipping DRM in the back door
• Web radio was getting very popular, everyone was getting in on the act. Not any more. Only the big radio stations still broadcast.
• Microsoft joined the party with their "Trusted Computing" initiative, meaning *you* can trust MS software, Which in reality is a DRM thing (MS software can't trust you)
• Oh, and extending copyright. Courts admit that it can't be extended indefinately, but how long is a piece of string?

• Reuters sued for linking to a URL
• They haven't been the first to be sued for deeplinking. Check out This particularly fine example.
• How a single sniper is more dangerous than all the world's hackers combined

• Getting sued for silence
• Thanks to the CBDTPA, nearly everything *must* embed DRM. This includes cockpit voice recorders, digital speed cameras, hearing aids, and big mouth billy bass
• Even phoning a friend can breach copyright, 2 musicians copyright 100,000 phone numbers (dial tones).

• A review of the technologies shows that it is futile to protect CDs, (based on the assumption that new devices will more likely circumvent protection rather than enforce it)
• Richard Stallman (Free Software advocate) jumps in with a cautionary tale
• And a felt tip pen can bypass some protections

I'm not saying the bike analogy is good, so let's discard that

It is hard to make valid analogies for software and software/hardware bundles like the TiVo. It is both a physical tool, a copy of a copyrighted work and a service.

1) You bought the tool - you have physical ownership of the hardware, and can do whatever you like with it.

2) You either bought or licensed a copy of the copyrighted software running on the hardware.

3) You are buying a service, with software updates, etc.

If you ignore (3) and the courts consider (2) as a sale, then (1) and (2) combined makes a book analogy valid - you own the physical book, and you can do pretty much anything you like with the copyrighted contents of the book (sell the book, pick it to pieces, make comments, etc) as long as you don't give other people copies of it or distribute modified versions.

And I should be able to take my TiVo and reprogram it into an alarm clock if I want. Sure, it voids the warranty - but it shouldn't be illegal.

No argument there. The right to reverse engineer and the right to pick to pieces anything you buy is important. As long as there is no illegal redistribution of a copyrighted work, and the software changes you make is not done in order to break other laws (say, like service theft) then I have no problem whatsoever with 'hacking' the TiVo.

Felten has got the right idea - the freedom to tinker is very important and we have to be very careful not to restrict that freedom.

If the CBDTPA passes, any hardware that doesn't enforce these restrictions will be illegal.

I think the real reason it isn't happening is because Berman learned from here that his Musical Car horn on his nice shiny Cadallic would be outlawed. The new law will probably be ... "All devices which play digital copyrighted stuff must be regulated, except for my musical car horn."

Removing regulation for the types of thing listed on Fritz' hit list would be a start. How to word that, though? "Devices for personal playback of digitally encoded data and/or video" might be a good phrase :). I don't expect them to be so liberal, though.

at Freedom to Tinker. Lots of interesting stuff...