Slashdot Mirror
Jon Johansen's Answers to Your DeCSS Questions
1) About the cops...
by ronfar
Did the arresting officers say or do anything that blatantly hinted that they were doing this because of pressure from the MPAA or the United States government? What kinds of questions did they ask during the interrogation? Were they looking for other
The MPAA filed charges and the police was forced to investigate. There was a debate program on TV [ Redaksjon 21 ] where judging from the district attorney's comments, she meant that there was no doubt that I was guilty [ and this was before they had actually started investigating ]. She also compared me with an old case where a guy had sold "pirate-cards" for decoding paytv channels, and had earned tens of thousands of dollars. Luckily the biggest inet/computer guru [ Gisle Hannemyhr ] was there too, and the district attorney and the MPAA's lawyer were left biting the dust. Just one thing: if the police actually had any competence, they wouldn't have brought charges against me, because they would have known that they're plain lies. During the interrogation they asked all kinds of questions. Every detail, no matter if it was important or not, was to be included. IMHO, the only reason they seised my computers was in order to try to track down the two other members of MoRE.
2) Support in Norway?
by cetan
Have you found any support from people (aside from family) in Norway? Has the public reaction to the arrest been favorable (i.e. in support of you) or negative?
The public reaction has been in support of me. Almost the entire norwegian press supports us. The norwegian computer community, "led" by Gisle Hannemyhr, also supports us. Several norwegian computer companies have sent their support [ and told horror stories about the police' computer competence ] and offered me jobs. Last Friday I accepted WAPFactory's offer. WAPFactory works with WAP and interactive/digital tv. They recently bought wap.com for 0,5 million USD
3)Question
by JamesSharman
Now you know about all the hassle that has resulted from your posting DeCSS, the arrest, the press attention etc.. If you could go back and change your mind about posting it, would you?
All the press attention has been quite a strain. There have been times where I disconnected my phone just to get some peace. I can't remember doing much homework last week. I do not regret posting DeCSS. It's very important that we stand up against these multibillion corporate interests who seek to dominate with their proprietary standards. It's in consumers interest to be able to make a free choice from whome or where to buy products. Last, but not least, I've never really "fought one" for Linux. I guess this is my way of getting back at Gates for those GPFs ;-)
4) Programming background
by jstepka
Where did your original programming experience
come from? I'm speaking in terms of your ability to reverse
engineer the encryption and apply the key in a
useful manner.
Well, first of all, the reverse engineering was done by our german member who wrote the decryption code. My programming days started when I was 11-12 years old. Started off with basic and then moved on to c, c++ and assembler. I've learnt a lot by working with others over the Internet. Greetings go out to all my friends in "you know which coding channels" ;-)
5)Why Windows?
by Kupek
I think that the charges you are facing is rather ridiculous, but I have to wonder: Why Windows? If the motive of you and the group you worked with was to have a DVD player for Linux, why release this program that works only under Windows?
While this was being worked on, Linux did not have UDF [ the filesystem used on dvds ] support. It was thus natural to implement it under Windows in order to test if it actually worked. [ Yes, I've used Windows, nobody's perfect
6) Is there a legal defense fund? Can I contribute?
by Anonymous Coward
It seems like the MPAA has just about unlimited amounts of cash, and I'm guessing you don't. Do you have somebody taking care of funding your defense (i.e., the EFF), or can I send some money to a legal defense fund for you?
The EFF is currently putting together a team of lawyers. It's hard (very hard) to get pro-bono lawyers in Norway, and whether they'll be picking up the bill themselves, or setting up a fund, has yet not been decided. Sorry for not being able to give any more specific info at this time. EFN [ Electronic Frontier Norway - "the norwegian EFF" ] have also been discussing whether or not they should set up a fund.
7)Public Reception
by Wah
In discussing this topic with "regualr people" (those folks who don't live and breath tech) I've found general support for the people and very little for the MPA(A).
What, IYHO, is the general reception you have felt about this issue? Have you been able to explain your position and have it understood? What are some of the stranger assumptions you have come up against?
It seems as if we've got strong support from the whole public, with a few exceptions. While many ordinary people do not understand the technical aspects of the case, they do understand that this is a "corporate interests vs. consumers"-fight. The biggest problem has been trying to explain non-tech people that encryption does not prevent copying.
8) A question of laws in your country.
by Vladinator
Are "Shrink wrap" agreements enforcable in your country, and are you as a 16 year old subject to contract law? In the us, 16 year olds cannot enter into a contract, I'm wondering if it's the same with you.
Shrink wrap agreements are enforcable only if they are in accordance with norwegian law. You have to be 18 years old to sign [ agree to ] a contract in Norway. Your right to reverse engineer can not be taken away by contract. License agreements during software installation, however, would not hold up in Norwegian court (AFAIK). Not like this is a problem anyway, just decompile the installation package and there you have the files.
9)What Should We Do?
by Syn.Terra
As is a (thankfully) usual reaction to such a blatant injustice, the Slashdot community (and many others) have been scrambling to figure out ways to help you and others prosecuted in the name of this whole DeCSS fiasco.
As one (if not the) most persecuted individual as a result of DeCSS, what do you think the rest of the supporting world should do to help you out? What should the people who want to help do, besides the obvious posting of the DeCSS source and the general badmouthing of the MPAA?
As many as possible should write their local newspapers [ + other media ] and inform them about this injustice. It's also important to get every computer professional to understand that this is a case of freedom of speech. If the MPAA wins this one, I think DeCSS will become the first computer program in the history to be declared illegal. Banning a combination of assembly instructions... Imagine that!
mvh/Regards,
Jon Johansen
jlj@linuxdvd.org
Thanks for the informative answers.
What we shouldn't forget is that Jon is just one of the most highly visible scapegoats for the MPAA and their Police subdivision. We must help Jon with his fight, or it will be us, next.
If there's a fund set up for his defense, I will be one of the first to contribute.
If you can't figure out how to mail me, don't.
For linux tips: http://www.linuxtipsblog.com
I think /.ers should definatly give point 9 some carefull consideration.
We can never win a fight if our side of the story is never heard, don't forget these people are scared of hackers they can't tell whose a hacker, whose a cracker and who is a cival rights fighter with a pocket protector.
sparkes
*** www.linuxuk.co.uk relaunches 1 Mar 2000 ***
blog and junk
When you do, if you do, write something to your local paper to be published be sure to have it proofread by someone who is a nontechie. What we may all understand on here could very easily fly right over the head of the public we need to persuade to be on our side in this issue. Also if it sounds inflammatory or rash lots of little local papers, mine included, will not print it. If anyone has a great writing on this topic try getting it sent to one of the bigger papers. If we can explain the position on this issue to the public then the judges will start to come around. In conclusion good luck Jon and I wish you the best of luck with this legal junk.
I am 31337 or something.
This could have happend to any one of us. I'm glad the person it happend to is a smart, level headed, guy who can express himself effectivly and doesn't seem to be doing stuff "just for the attention".
I'm afraid to imagine what this whole DeCSS fight would be like if the one responsible for starting it was a 3133t cracker dude who's only goal is to fsck the system. Joe had the right motives, did it the right way, and we should all be thankfull that he is not buckling under the threat of punishment.
PS: I'm wearing my DeCSS source code shirt to work today, and if I have to explain it means one more time, I'm going to go nuts.
Finkployd
I got to thinking. If fiction is protected speech, and source code may not be, what if you combined the two. So here is a story about two intrepid programmers, Dick and Jane.
Feel free to distribute this or run it through any Perl scripts you have lying around.
--GnrcMan--
I think one of the things that makes us (the tech community) look bad here is that the writers of the program won't stand up and say "I did it." It's great that John is standing up to everyone like this, but where are the other members of MoRE? If DeCSS isn't wrong, why are they hiding? I call for those two to stand up and say "I wrote it, I'm proud of it, and I have the write to keep writing software like it."
Do the obvious to e-mail me.
...that people have chosen to make CSS pointless by doing things that are illegal. The laws--European and American--clearly state that the copyright holder has the right to dictate the means of playback. If MPAA doesn't want to license your machine, it doesn't have to and you can't legally do anything about it.
Now, like most of you, I agree that it's a stupid law and that the MPAA is acting like pricks. Doesn't bear on the il/legality of what's being done, though.
It would have been far more appropriate to challenge the MPAA in court. It would have put them on the defense.
But, no, instead, we have a bunch of ill-informed, self-righteous crackers who are not impressing the judges in any positive manner. At the rate things are going, MPAA will win and retain its right to tell you that you can't play back your DVD on unlicensed equipment.
Damn shame, but maybe there's a lesson to be learned: maintain the high road.
--
--
Don't like it? Respond with words, not karma.
The biggest problem has been trying to explain non-tech people that encryption does not prevent copying.
I find an analogy helpful: "Just because something's written in a foreign language you don't understand, doesn't mean you can't photocopy it."
I'd like to contribute to a defence fund too...
The good news is, it seems that at least somewhere in Scandinavia, there are places where the general populace won't let itself be taken by the mass hysteria regarding "hackers" and "piracy". However, I can't help but ask myself, considering the hegemony of the US in the global media, how long will it last - how much corporate effort will it take to make it so that all you know is what AOL-TimeWarner-EMI-WhoEverElse tells you - all over the world? If you ask me (and I know you didn't), this is a scary thought.
:) Seriously, government control is, in the end, no better than corporate control, democratically elected or not. The real question is, are there any other means to try and preserve our freedoms from a certain group, that do not involve giving more power to another group that - history has taught us - will eventually turn around to stab us on the back and push an even more opressive regime upon us? Or is it by definition impossible (Individualists unite! and all that)?
And please don't try to tell me that the answer is more government regulation. Any sentence with "more government" in it is automatically evil
(Yes, I am aware that Slashdot is hardly the right place for this kind of discussion. If I have interrupted your daydreaming about chipping Natalie Portman's underwear off, forgive me.)
To the editors: your English is as bad as your Perl. Please go back to grade school.
Well, start here:
As you find things which can come into play (other court cases which help our cause, loopholes or interpretations in the DCMA, etc.) correspond (politely) with the EFF attorneys who will be the point men in the fight. Equip them for the fight. This includes financial support, if you can come up with it.
fight to free the deCss code. Send it to local media outlets (all types: newspaper, tv stations, radio). Make noise, people!!
...Open Source isn't the only answer -- but it's almost always a better value than the alternatives...
Does anyone remember the CDA? It was tossed out because it was unconstitutional.
All we need is a friendly judge and POOF DMCA goes bye bye.
It is a perfectly valid response to a "bad" law.
In the US it was illegal to help slaves escape, good people willingly broke that bad law.
This is a BAD law. It doesn't protect copyright holders anymore than the "war on drugs" helps drug addicts. This is about MONEY, pure and simple. It's a law that gives a copany the ability to extort money from their customers with the US government acting as their hired gun in a legal shakedown.
It must be stopped, if we break this law enough and they haul us into court we will get a friendly judge who will throw the case out.
I'm not even going to get into jury nullification.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
Most people are aware that they can password protect their MS Money/Quicken files so no one else can read them. They are also aware they can copy those files and move them to other machines. I explain that the situation is the same (if a litte bit more complex) with DVDs. Namely, the fact that the stuff on the DVDs is encrypted does not prevent the stuff from being copied. It is like copying a Money file. The encryption simply prevents people without approved players from viewing. In other words, I can view a bootlegged DVD on my Sony DVD player, but I cannot play a DVD I legitimately bought on my Linux box. The reason: the Sony player has the password, without DeCSS, my Linux box does not.
You could, of course, avoid technology all together. The fact that I do not speak Norwegian does not prevent me from copying books written in Norwegian. It just prevents me from knowing what they actually say.
This "fight against multibillion dollar corporations" is impotent at best.
The bottom line is that just about everyone--and 100% of people with web access--want and enjoy what multibillion dollar corporations produce. Movies. CDs. CPUs. You can't make a stand against giant corporations unless you're willing to do without them. "Oh, yes, we hate the corporate interest that drives anti-piracy measures for DVDs! But we love the giant corporations that pour money into action movies and million-dollar-an-episode animated TV shows!"
In the end, this protest comes out looking dumb. We've shown that we're not willing to stand for measures that keep us from pirating movies, but we most certainly still want hundreds of million of dollars to be poured into movies so we can pirate them.
If you're really against multibillion dollar corporations, then you should be buying all your music CDs from local indie bands. You should be running Linux (though I have no idea on what CPU). And you shouldn't be watching Hollywood movies or TV *at all*.
One of the comments I'd seen so far observed that Jon might mount a good defense by himself - by treating it as an engineering problem and figuring out the logic to convince the judge. I'm not advocating that - Jon needs the best lawyers WE can afford him (I joined the EFF - seems the best way to help).
However, that got me to thinking... Could the EFF use some help in reviewing old cases/decisions that MIGHT be relevant? Could a junior legal researcher just throw up a few hundred case names that all of us (the 1,000 eyes) could "read up on" and try to distill the points in the case and the decision to a few paragraphs? Then rate that information as to how useful we *think* it might be? Would that help the EFF lawyers to pinpoint the cases they need to look at while forming their strategy for the DeCSS cases?
I hope a lawyer out there is reading this and can advise us all on how pratical (or useful) such a thing might be. Free/Open Source software has always prided itself on the idea that 1,000s of eyes on the source makes for better code. Why don't we use that same idea to place 1,000s of eyes on our own legal system to make it better?
I for one would be willing to look at a few hundred pages of case records, devote a weekend or two (or 10) in directed law research, if it will help. The MPAA will spend millions (conceivably) on legal fees, so a hundred lawyers can spend a 1,000 hours each on preparing its cases.
We can do them one better - 10,000 technically astute hackers putting in 100 hours each. Even if we are only 1/10th as effective, we'd match their efforts.
Is is possible to Open Source the Defense of DeCSS? Most of us are frustrated that we can't do anything directly to help besides mirroring the code. If the EFF can use a few thousand hands I think most of us are willing and able to lend them.
"DeCSS isn't wrong, why are they hiding?"
I'm a healthy single guy with a good job but still some time on my hands so I would probably take the flack. However I can't say the same about the others. If I had a family with kids and/or a big time consuming job taking the flack would not be such a simple decision. It wouldn't just impact me but others who depend on me as well. For all I know I'm in a country that could react quite negatively toward such actions. Also if there is no legal defense fund or not a big enough one, it could get quite expensive too. It's hard to say why they're hiding, but I can't blame them.
What DMCA (Digital Millenium Copyright Act) says
The DMCA allows copyrighted-content providers to encrypt their content to protect their property from unauthorized duplication. Notice that the law does NOT set any standards for the quality of the encryption, nor does it require it to be hardware or software. The DMCA makes it ILLEGAL to create anything that breaks this encryption for the purposes of copying. Again, no distinction is made between hardware or software.
My opinion on what MPAA's game plan was
It seems they had a four-pronged approach:
1.Some level of encryption to meet DMCA's definiton of encryption, and use of region codes to control DVD distribution.
2.Licensing of the decrypt-codes and region codes necessary to decode and play DVDs to DVD player makers.
3.Put the decrypt-codes and region codes on a specific track of authorized DVDs.
4.Getting all blank DVD makers to write all zeros to the track on the blank DVDs that would normally hold the decrypt-codes and region codes on authorized DVDs.
We all seem to be amazed at how relatively easy it was to crack the CSS. My opinion is that MPAA didn't care and probably expected it to be cracked eventually; their only concern is that it meet the definition of encryption in the DCMA. The use of region codes was just plain greed on the part of MPAA, and since it appears to be in violation of multiple international trade agreements, I expect they will go away at some point.
MPAA's MAJOR SCREW-UP
As we all know, you don't even need to decrypt the DVD to copy it, which is why MPAA didn't put much effort into the encryption scheme, IMHO. You can copy DVDs without decrypting them now, but since the decrypt-keys track is pre-written to zeros on all blank media, you can't play it on a DVD player. BUT, if you wrote the decrypt-code track to some pre-determined ALTERNATE track that wasn't written with zeros, and it was LEGAL to make players that looked for it on the alternate track, the whole scheme of pre-writing zeros on blank media would fail, without any violation of the DMCA, since the COPYING drive is not decrypting the source, and the PLAYING drive is not circumventing the encryption for the purposes of copying!! How did they plan to get around this? By licensing the DVD players, and as part of their license, prevent the DVD player makers from making players that look for the decrypt-codes on alternate tracks. And this is where MPAA's MAJOR SCREWUP comes in. They ASSUMED that anybody who would crack the CSS code would be motivated by profit, and would copyright their code and try to license it to player makers. Then, MPAA would go after the CSS crackers and stop them from licensing the cracked CSS code with the DMCA decryption laws. IT NEVER OCCURRED TO THEM THAT SOMEBODY WOULD CRACK CSS AND PUT THE CODE IN THE PUBLIC DOMAIN. With DeCSS in the public domain, there is nothing stopping DVD player makers from using the DeCSS code, and without the MPAA license, nothing to stop them from looking for the decrypt codes on an alternate track!! And nobody to stop from distributing the code.
So, in spite of MPAA's legal mumbo-jumbo, their real fear is that they will lose control of licensing DVD players, and therefor the ability to restrict DVD players from looking for de-crypt codes on an alternate track. So MPAA may have already lost the war. And this is why MPAA is now trying to put the Fear of God into anybody who has ever HEARD of DeCSS. The cat is out of the bag, they know it, and they are fighting for their very existence. If Jon had GPL'd the code, or any license that prevented commercial use (i.e.: DVD player makers), the only thing MPAA would probably be going after him for would be an agreement to NEVER sell or license the code or allow it's use in DVD players. I don't think the MPAA would scream much if Jon licensed his code, as long as it had the same provisions as the MPAA license. In fact, if Jon could still copyright his code, that might be his best bet for bringing this whole thing to an end.
Am I right?