Slashdot Mirror
Keep It Legal To Embarrass Big Companies
Bennett Haselton is the founder and head of Peacefire, an activist group to support the free-speech rights of young people. He suggests that you might want to download the X-Stop "smoking gun" evidence (4MB) before the company has a chance to remove it from their server.
The feature below was written by Mr.Haselton.
X-Stop is an Internet censoring program with an encrypted database of 370,000 URL's blocked under various categories: Sex, Drugs, Rock `n' Roll, etc. Their competitors like SurfWatch and Cyber Patrol also do not publish their blocked site lists; the officially given reason is to keep kids from using the lists to find smut on the Internet. This is silly, given how easy it is to find Internet porn without the aid of X-Stop's secret database (although if you still want to, you can download our codebreaker, follow the instructions to get the X-Stop list and decrypt it, and help yourself). But for the next part of our report, after we decoded the URL list, we looked at the first 50 URL's in the .edu domain that were still valid, and found that 34 of them were regular student home pages with nothing offensive (hence the "68% error rate" t-shirt slogan). None of those 34 students who responded to our e-mails could think of why X-Stop would want to block their pages.
X-Stop admits on their Web site that their database is put together by a Web spider called "Mudcrawler" and not by human reviewers, but even for a machine, a 68% error rate is pretty bad. And even though the real reason why these lists are encrypted is obviously to keep competitors from stealing them, this also makes it much harder for third parties to find out what the programs really block. In fact, X-Stop had once claimed that every URL on their list was reviewed by a human before getting blocked, but cyber lawyer Jonathan Wallace called them on it when he published "The X-Stop Files" in 1997, asking why X-Stop blocked several sites like the Quakers home page, the AIDS Quilt, and parts of Jonathan's own e-zine, The Ethical Spectacle. Peacefire also put up a page in 1998 about sites blocked by X-Stop, including an affirmative action site and a blind children's hospital. But these examples were all found through trial and error; today is the first day that the entire list of URL's has been made public. And to determine the 68% figure, it was necessary to have a copy of the entire list, so that the first 50 blocked sites could be used as a random sample.
So far, this is more or less the same story that took place in 1997 with another blocking program, CYBERsitter, right down to Jonathan Wallace posting a page about CYBERsitter and getting his site blocked. First, several people posted articles criticizing CYBERsitter's policies, and slowly CYBERsitter's public image deteriorated as word got out that they were blocking sites which criticized their company (even Time magazine got blocked, and then posted an article about how they found themselves on CYBERsitter's list). Then in April 1997, Peacefire released a program that broke the encryption on CYBERsitter's list of blocked URL's. CYBERsitter sent Peacefire a threatening letter demanding that we take down the program and remove all of our links to CYBERsitter's Web page. Jim Tyre, a volunteer lawyer and future founding member of the Censorware Project, sent CYBERsitter a reply telling them they had no case, and we never heard from them again. But UCITA, the Digital Millennium Copyright Act, and the two court injunctions against the right to post DeCSS, didn't exist in 1997. If we had released the CYBERsitter codebreaker today, would CYBERsitter actually file a lawsuit?
The outcome of the DeCSS court cases could, in fact, determine the rights of a private citizen to embarrass a big software company by reverse engineering their products and catching them in a lie. It's easy to forget the importance of legal protection for reverse engineering, because sometimes public opinion is enough: RealNetworks never sued Richard Smith when he revealed that copies of RealPlayer included a "globally unique identifier" to track user's listening habits, and Microsoft never sued Andrew Schulman when he discovered that Windows 3.1 threw up fake error messages about DR-DOS. These were large companies that would have been crucified if they had tried to sue someone for discovering something that the public thought they had a right to know anyway. But legal protections are still important, because sometimes public opinion isn't enough - when the software company doesn't have much of an online reputation to worry about, or when then they have a reputation but they don't care about it.
The RIAA, with their campaigns against MP3 technology and reverse-engineering SDMI, is an example of an organization that doesn't care about their online image - and why should they, since we all download our music for free anyway. CYBERsitter is another good example - they do care about their reputation, but in 1997 their image was that of a children's guardian angel and an ally in fighting government censorship, almost immune to criticism. It took an enormous amount of bad press - letters from CYBERsitter's CEO threatening ISP's and flaming people in general, and at one point actually mail-bombing a lady who sent them a complaint - before even advocates of blocking software started distancing themselves from the company. Even today, CYBERsitter's public image is fairly rosy, and their campaigns of legal harassment hardly affected their reputation at all. (What had you heard about CYBERsitter before you read this article?) It's hard to imagine Microsoft, for example, filing a similar lawsuit without embarrassing themselves and turning their intended target into a martyr. The real threat to "reverse engineering for the public good" is from medium-sized companies, small enough that not everything they do will get in the news, but still big enough to afford lots of lawyers.
This threat affects not just programmers, but even journalists who get anonymous tip-offs - like Brock Meeks and Declan McCullagh, who were threatened with an FBI investigation by CYBERsitter in 1996, after they published their "Keys to the Kingdom" article about sites that CYBERsitter and other "censorware" programs blocked. The part of the article that got them in so much trouble was this excerpt from CYBERsitter's bad- word file:
[up][the,his,her,your,my][ass,cunt,twat][,hole]
[wild,wet,net,cyber,have,making,having,getting,giving,phone][sex...]
[,up][the,his,her,your,my][butt,cunt,pussy,asshole,rectum,anus]
[,suck,lick][the,his,her,your,my][cock,dong,dick,penis,hard on...]
[gay,queer,bisexual][male,men,boy,group,rights,community,activities...]
[gay,queer,homosexual,lesbian,bisexual][society,culture]
[you][are][,a,an,too,to][stupid,dumb,ugly,fat,idiot,ass,fag,dolt,dummy]
If this now counts as a "trade secret" under the Digital Millennium Copyright Act, then our list of the 50 .edu sites blocked by X-Stop - and the study that found the 68% error rate - could be declared illegal. And under UCITA, CYBERsitter could even claim the enforceability of these excerpts from their license agreement:
Reverse Engineering Prohibited
Unauthorized reverse engineering of the Software, whether for edcucational, fair use, or other reason is expressly forbidden. For the purposes of this license the term "reverse engineering" shall apply to any and all information obtained by such methods as decompiling, decrypting, trial and error, or activity logging.Non-Disclosure
Unauthorized disclosure of CYBERsitter operational details, hacks, work around methods, blocked sites, and blocked words or phrases are expressly prohibited.
So any CYBERsitter user who even discusses what the program blocks, would be in violation. Not that CYBERsitter would enforce this against everybody, but they probably would have liked to enforce it against Brock and Declan.
At this point, we don't know how X-Stop will respond to our report. But we do know that for all of their bluster, CYBERsitter never actually sued Brock, Declan or Peacefire. Given that CYBERsitter pursued the matter for months (and the fact that Brock and Declan had actual money), if CYBERsitter gave up, it's because they had no case. If the Digital Millennium Copyright Act, UCITA, or the DVD court rulings change that situation, then it will become much harder to criticize blocking software - or any kind of software - except for the user interface and other things that users can "see" without looking under the hood.
(Those with keywords on the brain have a rare, but fortunately treatable, disease called Greperitus. The cure for this is to hit yourself over the head with a salami sandwich, repeating "Grep is not all-powerful. Grep does not out-rank The Great Linus.")
Nor does it make any sense to filter everything for every user of the software. What is wanted, IMHO, is an ability to selectively control what is filtered and what isn't, maybe by nature, relying on volunteer-maintained databases and/or filters of what fits into the category you don't want. (Sort of like a super-Junkbusters, but not restricted to just banner ads.)
I e-mailed a couple of organisations involved in promoting filter software, to see why they promoted such packages. I did NOT get the usually claimed line of "it's for the children". What I DID get was "if you go into a bicycle shop, you expect to see bicycles. Why should public Internet terminals be any different?" Now, -that- is a line of argument I can have some sympathy for, which is why I think self-selective censorship makes much more sense than blanket, keyword stuff.
To make sure this is on-topic, I can't say I sympathise with companies that provide encrypted dictionaries with network software. If they didn't want you to have access to the dictionary, they could just as easily have the filter software connect to a database at THEIR end. Ergo, they are not -really- serious about not letting you access their dictionaries. Ergo, reverse-engineering is being implicitly permitted, because they are not taking obvious, simple measures to prevent it.
Embarassing such companies, IMHO, is a good idea. Force them to declare where they stand, and make them act on their beliefs. The more these companies are forced to actually -occupy- the moral high ground, rather than merely claim it, the better. Anyone can claim anything, but morality cannot co-exist with dictatorship. The sooner these companies are made to be moral, the sooner they will stop trying to be thought-police.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
209.137.141.68
...
cacheflow1.direcpc.com
cacheflow.tcg.sgi.net
206.49.216.243
ch2smc.bellglobal.com
ch1blm.bellglobal.com
> if I were to log on remotely to a site someplace
> in Sweden from my home here in the US of A,
> and do all my hacking there, then what?
Hmm interesting question actually.
If you used ssh to connect to the server in
the other country...it could get very interesting.
I would imagine you would still be under US law
sinc eyou were in the US when you did it (at
least according to the authoritarians who run
the US maff^H^H^H^HGovernment.
However, assuming you do not do this...then it
would require them finding out it was a person in
the US who did it...and ALL of the evidence would
be on a machine in another country...
This of course means requesting that either
A) The sysadmins of the machine volunteer to
cooperate with US authoritiarians or B) The
US Authoritarian regime contacting the regime
where the server is located and asking them to
go through their process for forcing the admins
to cooperate and give up the info.
Basically...if you were smart about it...and
released any reverse engineered info in a
fairly anonymous way...it would make prosecution
nearly impossible.
Hmmm who else likes the idea of running fiber
lines from 5 or 6 countries out into the middle
of the ocean and setting up a platform in
international waters just full of servers?
allow anyone to get an account for free and have
a policy of not cooperating with ANY government
wrt identitfication of acounts...support only
ssh connections to the server...even add an
anonymous remailer.
Course...I imagine within a year or so...all the
governments would be pissed off to the point that
they would just send a few ships out and sink the
damned platform but...hey...its a nice idea....
perhaps some satilites....
too bad its all to expensive to offer accounts
for free. I don't think people should have to pay
to hide their identity.
In any case...it would make any discussion of
making reverse engineering illegal a moot point...
since anyone would have a safe place to do it and
publish from.
"I opened my eyes, and everything went dark again"
*But* with some luck I might bring the law down with me. If the UCTIA gives the little guy a chance to screw with the big boys, the big boys will make sure that it goes away.
All opinions are my own - until criticized
From the DVD side, its probably very important to them that the case be settled before the general public becomes more technologically literate.
In fact, I bet most of the people pushing this case actually believe CSS does something to prevent copying.
- Michael T. Babcock (Yes, I blog)
Why?
:)) and have a right to "know" that their resources aren't being squandered away.
Cyber Patrol is a strictly opt-in deal. Parents get it to "protect" their children from filth and smut. Employers get it to "protect" their employees from distractions. Those are both definetly within their rights - they supply the computer for a certain set of tasks (homework, games, research (games doesn't apply to employers
IF you take objection to libraries and other public resources using internet filters, take it up with them, your local government or your state rep. Don't sabotage their property because you don't like the way some of their clients use it.
Suppose UCITA is passed in all 50 states as a worst-case scenario. Reverse-engineering is illegal.
Save your work on a foreign server. If they try to say you worked on it here, disclose that the server where the work exists is located in Holland. They will say "you were located here while you typed it."
"No, I called my friend in Holland and repeated my program verbatim to him and HE typed it in."
Soon, you will be seeing laws passed that say "Intellectual property cannot be exported" (ala crypto) and the security guards doing mind-scans in the airport for any programming knowledge.
You can expand this via paranoia to any length. IANAL.
This post encoded with ROT26. If you can read it, you've violated the DMCA. Handcuffs please, sergeant.
Wouldn't it be possible to write a self-extracting encryption wrapper around DeCSS and its ilk, which presented the user with a choice:
1) continue, and forfeit any right to pursue the hosting site;
or 2) exit, without evidence that the program contravenes the DMCA;
leaving only the option of reverse-engineering the access control mechanism itself to prove anything?
Hamish
"Wise men talk because they have something to say; fools, because they have to say something" - Plato
Sounds good to me. An open source software censorware program should allow you to import black lists from other sites, so you could subscribe to the anti-porn, anti-racist, anti- sports, anti-republican, anti-microsoft and/or anti-government lists of your choice.
If the KKK and NAACP put up lists, take your pick. Or choose neither or both.
Maybe that way parents who don't want to take responsibility for supervising their children can at least take responsibility for choosing who they trust to take responsibility.
And maybe it will help the common folk realize that the open source community aren't just anarchists, but are really trying to help people get control of technology.
Reposted at Score:2 because I can't moderate today. If you're going to mod this down as redundant, then please mod up the parent coment and give GreyMatter the credit that he's due for this great idea.
I've been thinking about this. The user should be able to select the order that censor lists are applied in, and the censor list should be able to allow as well as disallow access. For example, if the American Family Association block list included gay and lesbian sites, then a Gay Rights block list, if applied with higher priority, would re-enable access to the sites that they think are inappropriately blocked. I can see that it would be difficult to get groups like the AFA to join this scheme, though.
Don't worry, they won't take away all our rights at once. They'll just take little bits at a time
until you don't have the right to complain that they have taken away your rights.
Of course, it did not get far beyond the joking stage. I do suspect that a few people at the company kept copies of the porn lists for their own use. ;). And no, I was not one of them.
It's a little hard for a company to keep a straight face when selling a list of porn site (or publishing porn themselfs) and selling an internet filter or blocker. It's along the line of a virus protection software company also selling a virus writing kit.
CyberPatrol does have a page to check their list to see if a site is on it. It does not do much good for seeing how good their list is, but at least you can check if your own site is on it.
Fight Spammers!
So, if I were a porn site operator, all I'd need to do is disallow access to User-agent: "Mudcrawler" and then kids can surf my site freely.
Do you get the feeling that even the programmers know that their software is pretty much useless?
I use this site to get around my school's CyberPatrol proxy. Get to it quick as it will probably be blocked soon, along with the rest of MIT.
Remember when Consumer Reports rated a small SUV by Mitsubishi or Suzuki "unacceptable" because it tended to roll over in hard turns (the kind you would make trying to avoid a child or a deer)? The magazine is being sued for slander. The January issue has more details (it's on the web, for a fee).
PR Watch has an eye-opening series of articles about SLAPP (Strategic Lawsuit Against Public Participation) suits. Companies file them to bankrupt, and effectively silence, people who speak out against them (which is not the same as libel or slander). Oprah Winfrey was SLAPPed by the National Beef Council when she disparaged beef during the Mad Cow outbreak in Britain. An environmentalist in West Virginia was SLAPPEd by a coal mining company when he highlighted environmental abuses by the company.
Free Speech is becoming very expensive.
Put my clarinet beneath your bed 'till I get back in town.
On a web site hosting, for example, deCSS. Put the words "Any similarity between this program and any commercial products is purely coincidental. Reverse enginering of this program, wether by looking at the source or observing the operations of the program, for the sole purpose of finding such similarities is not permitted"
Let the system fight itself!
All opinions are my own - until criticized
DOH! Color me porn!
Funnily enough airwindows.com is not on any list I've ever checked. I say that because in the fiction section is at least one completed novel with adult themes, one short story with adult themes, and an unfinished novel with even more adult themes. All are basically sci-fi or fantasy and none are really gratituous- the closest that I get to gratituous is the last one mentioned, 'Aquarius', which is sci-fi and deals with a society so advanced in genetic engineering that you have 'races' of cat-people, dog-people, wolf and fish and fox ad infinitum people- and the springboard for the adult theme is this: what if humans went into heat? More, what if this was socially unacceptable and got fixed through surgery and medication, but the untreated condition also brought the ability for sharper concentration and fits of intensely hard work? (not to mention the obvious 'private benefits'- and even here, there's a dark side, as in heart attack risks and added stress)
I don't know how many Slashdotters have done serious literary writing, or how many people with 'geek values' are also writers. I _do_ know that I've walked a fine line of MY OWN CHOOSING in writing these things- wanting to deal with the fascinating concepts (it's a very geeky trait of mine that even sex is something to intellectually study in fascination rather than just wallow in), but not wanting to be pigeonholed as a tacky porno writer. As a result, I've had to work quite hard (but am pleased to do so), because if you're writing decently about this subject it _must_ be sensed and felt. Fiction is not a HOWTO, but neither is it a scholarly essay. If I'm setting up tensions they must be felt, they must involve- and interestingly, there seems to _never_ be any reason to use 'dirty keywords' or phrases- it's a lot more effective to take the time and energy to write up such a scene properly. And 'effective' does mean inflaming the imagination- that's what fiction is _for_.
It's ironic- I've never been a particularly prurient writer. I've never written outright porn (this despite the fact that I know where I could sell it for a damned decent price, I might add). My fine line of decency is discreet enough that, even when I write about adult topics, I tend to delicately slip away from the focus of the matter. And yet, every time I read about this damn censorware nonsense, I am more inclined to take my existing approach and really _run_ with it. There's no reason I have to show such decorum. I'm quite capable of taking my SF/fantasy stuff, dealing with the adult topics that do interest me, absolutely going for the throat (or, uh, other areas :) ) and STILL not using any Dirty Keywords.
I consider this the hidden cost of what the censorware people are doing. Eventually they may just have to _read_ my fiction writing and ban me on _content_ alone despite my tendency to not use dirty words. If they are capable of banning 'gay culture', then they are capable of banning the adult situations of entirely fictional characters which aren't even human in the normal everyday sense. But to do so they'll have to actually read it- and they'll also have to really drop the pretense and stand revealed as the bookburners they are.
In conclusion: censorware people? "You are stupid". Pardon my _obscene_ _words_. furrfu.
I am really happy about this.
IMHO, blocking websites from children should not be done by software but by the parents. If they can't sit down with the kid for a few hours a week to browse disney.com, they probably shouldn't have had children.
Of course, not every parent will sit with a child while they're looking information about volcanos for a school project. This is what history/cookies/cache/ip logs are for - you can *always* find a way to monitor what your kids did.
The best analogy I can think of is not allowing children to watch porn on tv. Sure, they'll still do it on occasion (and they should, eventually), but it won't be done on every day basis.
As for public access from libraries, maybe it's time to face the fact that "CLICK HERE IF YOU ARE UNDER 18" rarely gets pressed. Maybe the public terminals could only be accessed by people of legal age.
On the other hand, I wouldn't want to be checking out porn in *any* public place...
Food for thought. Now it's time to put on my anti-flame suit.
Cheers,
Bart
Given that the entire list has been decoded, you could have really produced a valid statistic by taking an actual random sample of 50 working .edu sites from the whole list. Merely using the first 50 is not a random sample.
Actually, I just went through all of the "geocities.com/SiliconValley/*" sites listed as a quick test. Most didn't exist, and of those that did, only 4 (out of 20 or so) actually had pr0n on them. I might put together a quick test utility to pull down 1000 pages and look them over. That would probably give a more accurate percentage of invalid blocks. Keep selecting random URLs from the list until I've got 1000.
---
"Go Metallica. Die RIAA." -- Linus Torvalds
Ahh, another example of why stoplists don't work, especially on something as nebulous as the Internet.
My new iMac came with a web blocking package, so I decided to see how it works. I don't recall the name of the package, but they do it the right way -- there is a list of "approved" sites, and the person in control (parent, teacher, etc.) can add sites.
The software blocked RedHat, for example, but it was trivial to go in and say, "Naw, it's ok for my kids to go there" and add it to the "ok" list.
Interestingly, Dav Pilkey is on the default "ok" list. So apparently being dangerously subversive isn't enough to prevent approval.....
Computers are useless. They can only give you answers. -- Pablo Picasso
Then, the parents could tell the proxy server which other reviewers they trusted, and the proxy would block access to any URL that had been flagged by either the parents or their trustees.
The technology for doing all this seems pretty simple ... the biggest programming challenge, I think, would be the interface.
--
"But, Mulder, the new millennium doesn't begin until January 2001."
send all spam to theotherwhitemeat@ropine.com
There is no better way to have your children surfing good links then finding and supplying what you consider to be good links yourself. Porn gets boring very quickly, when you take away the thrill of the forbidden. Eventually all kids are going to get unfiltered access to the internet they might as well learn early where the good links are for them.
The web forces us to make decisions about who's spin is valid something kids didn't have to deal with in the days of the one way media monolith. Perhaps it will force us to be better and more involved parents.
No it's not. The only thing that even remotely forbids this is the provision in most EULA's that prohibits it, but most companies with a reasonable legal budget will have no problem getting that shot down should the need arise.
I think the big thing here is that the software industry wants an exception to law that no other industry gets; reverse engineering is actually protected by law in this country. The software industry is still just trotting out the tired old 'software is different' mantra that keeps them out of trouble with things like the consumer protection laws, and unfortunately, people are still falling for it.
I remember back in the BBS days, when I was young, my dad would take the computer cord, but he didn't take the monitor cord. I would switch the cords, and use the computer without a monitor, sending output to the printer. heheh the days of dos!
The way to block a distributed technique is to cease providing that service. This service is useful to individuals, but if it is being used to circumvent measures they took to prevent an aggregate list from being public, it would be appropriate for them to disable it.
Trees can't go dancing
So do them a big favor
Pretend dancing stinks!
My company uses the SurfNazi.. er, SurfWatch on the proxy server. The Onion is blocked out! Nooooo!
Instead of the dialup, you can go through an anonymizer or URL rewriter. Many of those are also blocked by SurfWatch, but not fr0.idzap.com. It's free, but you have to have look at an extra banner ad. It also doesn't require you to change your proxy setting. Any site that's in their blocked site list will go through (like TheOnion) but URL's that have keywords in them still get blocked.
-CausticPuppy "Of all the people I know, you're certainly one of them." -Somebody I don't know
I've always thought this was the way to go. Censorware is not going to go away and the only way to get stuff that actually works is to do it open. My idea was to have the list of blocked sites on a website that the programs download periodically. This list would be not only viewable by the public, people would be able to add links to the list. The list of links would then be voted on by site visitors according to their "smut" rating or something and if a librarian wanted to filter only stuff rated above +2 on the smut-o-meter they could. This would make it similar to the slashdot forum moderation, the sites that are blatantly adult-only would get rated that way and some shmoe's student homepage would get off the list where it belongs.
It strikes me that if an organisation of 'moral guardians' set themselves up and went round burning books and stealing 'offensive' books from bookshops to prevent them being read there'd be a huge outcry.
But because it's the Internet rather than books it's ok. I never could grok this attitude.
It's as though any media that has popular appeal is to be feared and attacked. With a few exceptions art exhibitions are not censored, but every cinema film is in most countries and TV is constantly redefining the lowest common denominator. It's such a poodle the censors don't even need to threaten it.
More importantly, how does/will law deal with the Zen koan that is the Internet -- it being both everywhere and nowhere all at once?
... still doesn't seem aware of the issues at stake. Apathetic as they usually are, they will only get it, when it will be too late.
But then again, let the software moguls à la M$ have their way, and let us go ahead with UCITA. It will only put off more people who will turn to open source instead.
People need to realize that by not taking responsibility for your actions (or inactions) you are giving up your right to make decisions and causing others to make them for you. If you don't make your own decisions on what is good for your children to see and what's not... don't complain when someone else does for you and you don't get any say.
As far as reverse engineering goes do you think Apple would have sued Microsoft? Almost every major computer company got where it is today by reverse engineering something someone else already did. If the government wants to stop the technology boom I see no better way of doing it.
If words were wisdom I'd be talking even more.
"Happiness in intelligent people is the rarest thing I know."
-- Ernest Hemingway
As if only to prove the point for us, that censorship once begun is necessarily indiscriminate, the codebreaker URL has itself been seized upon by various "net-nannies" as the subject of censorship.
Slashdot itself may soon be censored, after all, for harboring open discussion of the propriety of censorship, or the reverse engineering of censor listings. Such censorship censorship is useful for censors who would avoid review of the "quality" of their censorship.
At any rate, I am sad to report that, at least, our Novell BorderManager improvidently censors the link. Are there others?
this software comes with no warrantee. its not my fault if it breaks your computer, deletes your files, orders pizza in your name, or tries to sleep with your girlfriend. its just not my damned fault - ok?
;-)
--
--
"It is now safe to switch off your computer."
From my point of view, the law should say: "reverse engineering is permitted. 'Reverse engineering' is hereby defined as any method by which someone may gather information about how a software or hardware works".
Anything else is ridiculous. If I simply watch how something works I can design another thing that works in the same way. The internal components may be different or not, but if both the first designer and I followed the current engineering practice, there is a strong chance that we will arrive to similar designs.
If a design is original, and the owners want to protect it, they should *patent* it.
Moderators, take note:
1)Read the moderation guidelines before moderating anything
Although all these restrictions will be a pain for the time being, I can't see how the law can continue to fly in the face of progress for ever. I remember reading "The Hacker's Handbook" (remember that?) in the 80s and all the controversy that caused. Back then, computer 'crimes' were being dealt with by analogy to existing laws. People in the UK were prosecuted for 'theft of electricity' and 'trespassing' until such a time as the law caught up. Now it seems like the law is getting ahead of things and listening to corporations rather than Real People.
As long as the flow of information continues, this can't go on forever.
For Google, the way to improve peacefire's exposure is to link it from your own personal web pages and make sure those pages are indexed. I dunno about other search engines.
-jwb
I don't think I fully understand the reverse-engineering clauses in UCITA. Is it really
going to outlaw all reverse-engineering? Do the major software companies really want this?
If you go into any major software program they almost all support importing/exporting into some competitors format. Are these competing formats open standards? I doubt it; they were probably reverse-engineered. Or what about Microsoft reverse-engineering of the AOL messenger protocol? That would now be illegal?
Is this the end of interoperability between proprietary packages?
I agree that this requires the parents to do a lot of work, but if enough people sign onto the system, the parents who don't want to do a lot of work can just place their trust in a few of the more active folks. (Open-source censorship, er, editorial review, so to speak.)
--
"But, Mulder, the new millennium doesn't begin until January 2001."
send all spam to theotherwhitemeat@ropine.com
And civilised countries have a loser-pay system.
I doubt that would work well. You'd have to find really good lawyers to represent you in order to even have a chance at standing up against the lawyers that a big corporation can field. You wouldn't have a choice. The corp is going to spend a ton of money fighting you, whether you hire the best lawyers you can get or not. If you don't get good lawyers, the corp will probably win and you'll be in debt for life. If you do get really good lawyers, then your financial future is entirely dependent on the outcome of the case, because you will end up paying not only your own legal bills, but also the corp's legal bills if you lose. As we've seen in many cases, being right doesn't mean you'll win, especially if you have a case related to technology (the courts haven't been real impressive in their grasp of technology issues). Such a system would probably destroy a lot of people.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
THE X-STOP FILES: The Truth Isn't Out There
While it scares me to death that things like the DeCSS fiasco and content blocking are going on, it is far scarier that so many people either don't know or don't care. My friends think I'm weird for not going to the movies (for $8), and they don't get it when I try to explain why DeCSS is important. We live in a world where we depend more and more on technology but a growing number of people (the vast majority) understand that technology less and less every day. With this sort of apathy, we cannot hope to beat the big corporations in these legal battles. We are all up in arms (and VERY rightly so), but that doesn't matter. We need to get John "What's a computer?" Doe to care.
...just my $0.02...
Virtually every old, large software company is guilty of reverse engineering at some stage. Even though it's probably not part of there corporate policy.
How many times has a programmer been told to duplicate a competitors feature and started by looking at how the competitor has done it. Often the next logical stage is to reverse engineer that feature to get a better understanding of it, especially if the method used is not obvious. Yes this is illegal, it probably should be as well but without doubt a programmer in every large organisation has done it.
Of course they don't tell the world they did it...but if they can't stop it being done for corporate profit should they really stop it for community awareness?
"Do you think we could wipe out world hunger forever if scientists figured out how to make AOL's Free CD's edible?"-
From their website (emphasis added):
Here's what DAB has to do:
1.User requests a URL through a browser
2.Before the computer even gets the keystrokes, the URL is translated (if necessary) and compared to the URL list. Because this is done with numbers instead of letters (there are only 10 digits! There are 255 characters...) the response is nearly instantaneous. If the site is on the blocked list, the screen is covered, and the violation message is displayed.
You little wankers just can't understand that. Go back hacking your silly kernels toys and let real people transfer keystrokes to base-10 number before the computer get it.
1 reply beneath your current threshold.
You /HAVE/ to be kidding me? This is how they search for "smut"?
Good grief. I mean, according to those bits of search file, doesn't having the phrase "you are too stupid" on a page sucessfully match?
Maybe we need a publicly accessed "blocker"... kind of like NoCeMs in usenet - you basically pick a set of "trusted" people who you rate as being able to block stuff. The christian fundies can all subscribe to christian fundie blockers for all the categories, whereas a merely concerned parent might just go with someone a bit less radical.
Having a centralised system just seems hugely open to all kinds of manipulation: right from the naive bozoness that seems to permeate the industry these days to corruption, bribery and even actual criminal intent. Distributing the system removes a large amount of that failure.
I mean personally, I kind of think it would be nice to trust sites to rate themselves as "porn" or "unsuitable for minors" or "religious content", but I can see why people wouldn't trust it. The porn sites include "perl" in meta-tags and stuff. Honesty doesn't exactly seem to come hand-in-hand with web businesses. (Business models built on hit-counts seem basically flawed to me. Would you want to advertise on a page whose basic method of getting people to go there was to con them? Great chance they'll read the ads then...)
Distribution has to be the way to go. Undermine the obviously broken corporate approach with an open standard that ends up being free.
Received this in a forward this morning. Somewhat related to the matter at hand .. and definitely amusing:
x 7e,0x36,0x2b,0x6e,0x2e,0x66, 9 e,0xd6,0x0b,0x4e,0x0e,0x46,0 x 1a,0x52,0x8f,0xca,0x8a,0xc2, x 98,0xd0,0x01,0x48,0x08,0x40, x 7c,0x34,0x25,0x6c,0x2c,0x64, x 9c,0xd4,0x05,0x4c,0x0c,0x44, x 18,0x50,0x81,0xc8,0x88,0xc0, x 9a,0xd2,0x0f,0x4a,0x0a,0x42, x 1e,0x56,0x8b,0xce,0x8e,0xc6, b e,0xfe,0xb6,0xab,0xee,0xae,0 2 ,0x3a,0x7a,0x32,0x2f,0x6a,0x x f8,0xb0,0xa1,0xe8,0xa8,0xe0, 5 c,0x1c,0x54,0x85,0xcc,0x8c,0 x fc,0xb4,0xa5,0xec,0xac,0xe4, 3 8,0x78,0x30,0x21,0x68,0x28,0 2 ,0xba,0xfa,0xb2,0xaf,0xea,0x x 08,0x0b,0x0a,0x0d,0x0c,0x0f, 1 b,0x1a,0x19,0x18,0x1f,0x1e,0 3 ,0x2d,0x2c,0x2f,0x2e,0x29,0x , 0x31,0x3f,0x3e,0x3d,0x3c,0x3 0 x4f,0x4e,0x40,0x41,0x42,0x43 x 5e,0x5d,0x5c,0x52,0x53,0x50, 6 9,0x68,0x6b,0x6a,0x64,0x65,0 c ,0x7b,0x7a,0x79,0x78,0x76,0x , 0x91,0x96,0x97,0x94,0x95,0x9 0 x82,0x83,0x84,0x85,0x86,0x87 x b7,0xb4,0xb5,0xb2,0xb3,0xb0, a 4,0xa5,0xa6,0xa7,0xa0,0xa1,0 a ,0xdb,0xda,0xd9,0xd8,0xdf,0x , 0xd5,0xc9,0xc8,0xcb,0xca,0xc 0 xc6,0xc7,0xff,0xfe,0xfd,0xfc x f3,0xf0,0xf1,0xed,0xec,0xef, e 0,0xe1,0xe2,0xe3'" x 24,0x49,0x6d,0x92,0xb6,0xdb, x 24,0x49,0x6d,0x92,0xb6,0xdb, 0 0,0x24,0x49,0x6d,0x92,0xb6,0 f ,0x00,0x24,0x49,0x6d,0x92,0x , 0xff,0x00,0x24,0x49,0x6d,0x9 0 xdb,0xff,0x00,0x24,0x49,0x6d x b6,0xdb,0xff,0x00,0x24,0x49, 9 2,0xb6,0xdb,0xff,0x00,0x24,0 d ,0x92,0xb6,0xdb,0xff,0x00,0x , 0x6d,0x92,0xb6,0xdb,0xff,0x0 0 x49,0x6d,0x92,0xb6,0xdb,0xff x 24,0x49,0x6d,0x92,0xb6,0xdb, 0 0,0x24,0x49,0x6d,0x92,0xb6,0 f ,0x00,0x24,0x49,0x6d,0x92,0x , 0xff,0x00,0x24,0x49,0x6d,0x9 0 xdb,0xff,0x00,0x24,0x49,0x6d x b6,0xdb,0xff,0x00,0x24,0x49, 9 2,0xb6,0xdb,0xff,0x00,0x24,0 d ,0x92,0xb6,0xdb,0xff,0x00,0x , 0x6d,0x92,0xb6,0xdb,0xff,0x0 0 x49,0x6d,0x92,0xb6,0xdb,0xff x 24,0x49,0x6d,0x92,0xb6,0xdb, 0 0,0x24,0x49,0x6d,0x92,0xb6,0 f ,0x00,0x24,0x49,0x6d,0x92,0x , 0xff,0x00,0x24,0x49,0x6d,0x9 0 xdb,0xff,0x00,0x24,0x49,0x6d x b6,0xdb,0xff,0x00,0x24,0x49, 9 2,0xb6,0xdb,0xff,0x00,0x24,0 d ,0x92,0xb6,0xdb,0xff,0x00,0x , 0x6d,0x92,0xb6,0xdb,0xff,0x0 0 x49,0x6d,0x92,0xb6,0xdb,0xff x 24,0x49,0x6d,0x92,0xb6,0xdb, 0 0,0x24,0x49,0x6d,0x92,0xb6,0 f '" x 90,0x50,0xd0,0x30,0xb0,0x70, 1 8,0x98,0x58,0xd8,0x38,0xb8,0 4 ,0x14,0x94,0x54,0xd4,0x34,0x , 0xec,0x1c,0x9c,0x5c,0xdc,0x3 0 x62,0xe2,0x12,0x92,0x52,0xd2 x aa,0x6a,0xea,0x1a,0x9a,0x5a, 2 6,0xa6,0x66,0xe6,0x16,0x96,0 e ,0x2e,0xae,0x6e,0xee,0x1e,0x , 0xc1,0x21,0xa1,0x61,0xe1,0x1 0 x49,0xc9,0x29,0xa9,0x69,0xe9 x 85,0x45,0xc5,0x25,0xa5,0x65, 0 d,0x8d,0x4d,0xcd,0x2d,0xad,0 d ,0x03,0x83,0x43,0xc3,0x23,0x , 0xf3,0x0b,0x8b,0x4b,0xcb,0x2 0 x7b,0xfb,0x07,0x87,0x47,0xc7 x b7,0x77,0xf7,0x0f,0x8f,0x4f, 3 f,0xbf,0x7f,0xff'" ; lfsr0 = ^ csstab1[key[3]]^key[2];key[2 b 1[key[1]]^key[0];key[0]=k[0] [ 4]]^key[3];key[3]=k[3]^cssta e y[1];key[1]=k[1]^csstab1[key 7 );lfsr0 =
NOTE: This story is licenced under the GPL version 2.
It is a dark and stormy night in a dark and stormy town. Tonight we find
ourselves looking apon Dick and Jane, two programmers bundled up by the fire
discussing current events:
"So, Jane, how was your day?" says Dick.
"Oh, fine. You know, I just heard about this interesting program that is
creating quite a fuss." says Jane, "It is called 'css_descramble.c'.".
"Wow," Dick enthused, "I have heard of it. My buddy kept talking about it.
He couldn't stop mentioning how it was...how did he put it? Ah yes, 'Released
under the version 2 of the GPL and Copyright 1999 Derek Fawcus'".
Jane jumped with joy. "I am so glad you have heard of it. I happen to
have
a copy. Here, look. The very first thing it does is '#include '
then
it has '#include '."
"You are right, but you forgot '#include "css-descramble.h"'" Dick
admonished.
Jane blushed, "Silly me. Well, we should have a look at the code. It
seems to start with 'typedef unsigned char byte;'. Then it moves right
along
to an array. What is that? Oh, 'static byte csstab1[256]={'"
"I know!" Dick blurted, "lets play a number game! I will say a bunch of
numbers, then you can repeat the numbers. Ready?
'0x33,0x73,0x3b,0x26,0x63,0x23,0x6b,0x76,0x3e,0
0x7b,'"
"Hmmm...that is one long list of numbers...let me see. Was it, '
0xd3,0x93,0xdb,0x06,0x43,0x03,0x4b,0x96,0xde,0x
x9b,'?"
Dick frowned, "That is completely wrong! Well, let me try again,
'0x57,0x17,0x5f,0x82,0xc7,0x87,0xcf,0x12,0x5a,0
0x1f,'"
Jane furrowed her brow, "I think I can do this one,
'0xd9,0x99,0xd1,0x00,0x49,0x09,0x41,0x90,0xd8,0
0x91,'?"
"Wow!" dick exclamed, "You suck! Third time is the charm:
'0x3d,0x7d,0x35,0x24,0x6d,0x2d,0x65,0x74,0x3c,0
0x75,'. Got it?
"I think so," Jane said, "Is it
'0xdd,0x9d,0xd5,0x04,0x4d,0x0d,0x45,0x94,0xdc,0
0x95,'?"
Dick scowled, "No, no, no! It is,
'0x59,0x19,0x51,0x80,0xc9,0x89,0xc1,0x10,0x58,0
0x11,' or is it,
'0xd7,0x97,0xdf,0x02,0x47,0x07,0x4f,0x92,0xda,0
0x9f,'? That is not right. It could have been,
'0x53,0x13,0x5b,0x86,0xc3,0x83,0xcb,0x16,0x5e,0
0x1b,0xb3,0xf3,0xbb,0xa6,0xe3,0xa3,0xeb,0xf6,0x
xe6,0xfb,0x37,0x77,0x3f,0x22,0x67,0x27,0x6f,0x7
2a,0x62,0x7f,'. No that is too many letters...."
"I remember!" Jane interupted "It is
'0xb9,0xf9,0xb1,0xa0,0xe9,0xa9,0xe1,0xf0,0xb8,0
0xf1,0x5d,0x1d,0x55,0x84,0xcd,0x8d,0xc5,0x14,0x
xc4,0x15,'. Well, either that or
'0xbd,0xfd,0xb5,0xa4,0xed,0xad,0xe5,0xf4,0xbc,0
0xf5,0x39,0x79,0x31,0x20,0x69,0x29,0x61,0x70,0x
x60,0x71,0xb7,0xf7,0xbf,0xa2,0xe7,0xa7,0xef,0xf
aa,0xe2,0xff'"
"Boy, that was harder than I thought." Dick sighed. Where were we in
the
code? Ah yes, '};static byte lfsr1_bits0[256]={'".
"You skipped a bunch" said Jane, "Besides, I am still not ready to look
at
that again. I feel like counting. In hex!
'0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x09,0
0x0e,0x12,0x13,0x10,0x11,0x16,0x17,0x14,0x15,0x
x1d,0x1c,0x24,0x25,0x26,0x27,0x20,0x21,0x22,0x2
28,0x2b,0x2a,0x36,0x37,0x34,0x35,0x32,0x33,0x30
b,0x3a,0x39,0x38,0x49,0x48,0x4b,0x4a,0x4d,0x4c,
,0x44,0x45,0x46,0x47,0x5b,0x5a,0x59,0x58,0x5f,0
0x51,0x56,0x57,0x54,0x55,0x6d,0x6c,0x6f,0x6e,0x
x66,0x67,0x60,0x61,0x62,0x63,0x7f,0x7e,0x7d,0x7
77,0x74,0x75,0x72,0x73,0x70,0x71,0x92,0x93,0x90
b,0x9a,0x99,0x98,0x9f,0x9e,0x9d,0x9c,0x80,0x81,
,0x89,0x88,0x8b,0x8a,0x8d,0x8c,0x8f,0x8e,0xb6,0
0xb1,0xbf,0xbe,0xbd,0xbc,0xbb,0xba,0xb9,0xb8,0x
xa2,0xa3,0xad,0xac,0xaf,0xae,0xa9,0xa8,0xab,0xa
de,0xdd,0xdc,0xd2,0xd3,0xd0,0xd1,0xd6,0xd7,0xd4
d,0xcc,0xcf,0xce,0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,
,0xfb,0xfa,0xf9,0xf8,0xf6,0xf7,0xf4,0xf5,0xf2,0
0xee,0xe9,0xe8,0xeb,0xea,0xe4,0xe5,0xe6,0xe7,0x
When jane finished she looked exausted. As she collapsed, she uttered
the
cryptic phrase, '};static byte lfsr1_bits1[512]={'.
Dick slapped Jane back to consciousness. "You counted wrong. You are
delerious. Repeat these numbers until you feel better,
'0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,'"
Jane smiled, "Numbers always make me feel better. I will repeat those
numbers,
'0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
b6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb
2,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,
,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0
0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x
x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6
24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49
0,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,
,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
b6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb
2,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,
,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0
0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x
x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6
24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49
0,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,
,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
b6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb
2,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,
,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0
0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x
x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6
24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49
0,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,
,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
"'};static byte bit_reverse[256]={'," Dick swore. "That gave me a
headache."
But Jane still continued to repeat the numbers, So Dick was forced to
drown Jane out with his own numbers, "Two can play at that game,
'0x00,0x80,0x40,0xc0,0x20,0xa0,0x60,0xe0,0x10,0
0xf0,0x08,0x88,0x48,0xc8,0x28,0xa8,0x68,0xe8,0x
x78,0xf8,0x04,0x84,0x44,0xc4,0x24,0xa4,0x64,0xe
b4,0x74,0xf4,0x0c,0x8c,0x4c,0xcc,0x2c,0xac,0x6c
c,0xbc,0x7c,0xfc,0x02,0x82,0x42,0xc2,0x22,0xa2,
,0x32,0xb2,0x72,0xf2,0x0a,0x8a,0x4a,0xca,0x2a,0
0xda,0x3a,0xba,0x7a,0xfa,0x06,0x86,0x46,0xc6,0x
x56,0xd6,0x36,0xb6,0x76,0xf6,0x0e,0x8e,0x4e,0xc
9e,0x5e,0xde,0x3e,0xbe,0x7e,0xfe,0x01,0x81,0x41
1,0x91,0x51,0xd1,0x31,0xb1,0x71,0xf1,0x09,0x89,
,0x19,0x99,0x59,0xd9,0x39,0xb9,0x79,0xf9,0x05,0
0xe5,0x15,0x95,0x55,0xd5,0x35,0xb5,0x75,0xf5,0x
x6d,0xed,0x1d,0x9d,0x5d,0xdd,0x3d,0xbd,0x7d,0xf
a3,0x63,0xe3,0x13,0x93,0x53,0xd3,0x33,0xb3,0x73
b,0xab,0x6b,0xeb,0x1b,0x9b,0x5b,0xdb,0x3b,0xbb,
,0x27,0xa7,0x67,0xe7,0x17,0x97,0x57,0xd7,0x37,0
0xcf,0x2f,0xaf,0x6f,0xef,0x1f,0x9f,0x5f,0xdf,0x
At this, Jane opened her eyes wide, she began shaking and speaking in
tounges. "Bloogle said, '};static void css_titlekey(byte *key, byte *im,
byte invert){unsigned int lfsr1_lo,lfsr1_hi,lfsr0,combined;byte o_lfsr0,
o_lfsr1;byte k[5];int i;lfsr1_lo = im[0] | 0x100;lfsr1_hi = im[1];lfsr0 =
((im[4] >8)&0xff] >16)&0xff]>24)&0xff];'" Jane
said as she rolled her eyes. "Lograth
told Jane, 'combined = 0;for (i = 0; i >1;lfsr1_lo = ((lfsr1_lo&1)>8)^lfsr0)>>1)^lfsr0)>>3)^lfsr0)>>7)
(lfsr0>>8)|(o_lfsr0>= 8;}'" His voice cresendoed as he reached the height of
the epic
function,
'key[4]=k[4]^csstab1[key[4]]^key[3];key[3]=k[3]
]=k[2]^csstab1[key[2]]^key[1];key[1]=k[1]^cssta
^csstab1[key[0]]^key[4];key[4]=k[4]^csstab1[key
b1[key[3]]^key[2];key[2]=k[2]^csstab1[key[2]]^k
[1]]^key[0];key[0]=k[0]^csstab1[key[0]];}'"
Jane relaxed vissibly. At that point there was a knock at the door. Dick
got up to answer it.
"Oh dear," said Dick. Jane rushed to see the problem.
At the door was a a robot gone awry. "Illegal function." It said in
monotone, 'int css_decrypttitlekey(byte *tkey, byte *dkey, struct playkey
**pkey){byte test[5], pretkey[5];int i = 0;for (; *pkey; ++pkey, ++i)
{memcpy(pretkey, dkey + (*pkey)->offset, 5);css_titlekey(pretkey,
(*pkey)->key, 0);' Illegal function,
'memcpy(test, dkey, 5);css_titlekey(test, pretkey, 0);if (memcmp(test,
pretkey, 5) == 0) {fprintf(stderr, "Using Key %d\n", i+1);break;}}if
(!*pkey) {fprintf(stderr, "Shit - Need Key %d\n", i+1);return
0;}css_titlekey(tkey, pretkey, 0xff);return 1;}' violates rules. Illegal
function."
"Illegal function. What do you suppose it means?" wondered Jane.
"Hmm..." said Dick. "Lets see if we can fix the robot with some new
instructions."
"Robot, enter command mode" Ordered Dick.
"By using this robot you agree not to reverse engineer, distribute, rent,
or use this robot for purposes not explicitly..."
"Whatever," Dick interupted as he pressed the glowing accept button on the
torso of the robot, "Robot, enter command mode."
"Ready for commands"
"Command: 'void css_descramble(byte *sec,byte *key){unsigned int
lfsr1_lo,lfsr1_hi,lfsr0,combined;unsigned char o_lfsr0, o_lfsr1;unsigned
char *end = sec + 0x800;#define SALTED(i) (key[i] ^ sec[0x54 + (i)])'" Dick
paused for a breath, "'lfsr1_lo = SALTED(0) | 0x100;lfsr1_hi =
SALTED(1);lfsr0 = ((SALTED(4) >8)&0xff] >16)&0xff]>24)&0xff];sec+=0x80;combined = 0;while (sec != end)
{o_lfsr1 = lfsr1_bits0[lfsr1_hi] ^
lfsr1_bits1[lfsr1_lo];lfsr1_hi = lfsr1_lo>>1;lfsr1_lo =
((lfsr1_lo&1)>8)^lfsr0)>>1)^lfsr0)>>3)^lfsr0)>>
(lfsr0>>8)|(o_lfsr0>= 8;}}'
End
command."
At this point the robot did something very frightening. It blew up.
Dick and Jane shielded thier eyes. When they were finally able to see
again,
they were shocked by what lay before their eyes. When the robot exploded,
it
released thousands of fliers. The fliers flew for miles around. On each
flyer the reader was greeted with the source code for a program.
These pretzels are making me thirsty.
Is there such a beast? This strikes me as the best way to deal with the problem - produce some software that does the job properly, and is open to peer review. Something like Junkbuster.