Slashdot Mirror
Mattel Dislikes Being Embarrassed (UPDATED)
Update: 03/16 6:50 PM EDT by J : The problems started with the AP story (cited above). The decryption software posted by the activists was described as "a method for kids to deduce their parents' password and access [pornographic] Web sites."
This was the spin that Mattel's PR people put on the story. They surely didn't want the news media reporting that activists had posted software that exposes their secret, hidden blacklist to the light of day. That wouldn't sound so good - it might get people to ask "why are these blacklists encrypted at all?"
Instead, Mattel's PR decided to say that the decryption software allows kids to view pornography. Predictable - this is the same smear that's always dragged out - but the media swallowed it uncritically. (The AP story was repeated on cnet, and everywhere else that uses the AP feed.)
Even the normally-critical Declan McCullagh wrote a story for Wired whose opening sentence was corporate propaganda. "Toy-maker Mattel has sued two programmers who revealed how to circumvent its CyberPatrol blocking software." Thankfully, the rest of his article gave the full story.
Mattel is not upset about CPHack's minor feature of circumventing the program when installed. Peacefire has been distributing their own instructions to disable Cyber Patrol for months now, and hasn't been sued. (They're pretty simple instructions, too.)
Mattel is upset that people can see the flaws in their software which were previously hidden by encryption. They want to continue selling bad software and will use the full force of law to prevent you from learning how bad it is. Legal papers have already been served and the proceedings will presumably begin shortly. Stay tuned - and don't trust press releases.
I wouldn't know, because I'm not an American.
I'd just like to say:
I'm fed up with this country of Puritans who think everything around has to be child-safe, EXCEPT advertising from the damn cigarette companies who HAVE to hook kids to stay alive. I have kids and it's MY responsibility to take care of them, not the government's.
We can't even get an uncensored copy of Kubrick's last movie into this country, not even on DVD or tape! Not that I want to show it to my kids, but damn...! I'D like to see it uncensored!
To those with kids: take care of them yourselves and stop trying to dumb down everything to a five-year-old's level!
www.virtualcrack.com Yeah, yeah, off-topic but who cares?
There already is something like this in the works, check it out! Its called the FreeNet Project.
I'm not certain how they're set up for hosting, but if their ISP is hosting them and keeping the logs, it may be difficult or impossible to get them destroyed, depending on how self-rightious or symathetic they are...
Then it would be too easy to block.
he's annoyed the computer community in victoria long enough.. it's about time somebody tried to get rid of him.
Sounds like it's time to mirror! Someone should write a massive mirroring system for things like this and decss and whatnot.
COUGH COUGH
gnutella
COUGH COUGH
opennap
COUGH COUGH
Well, Sweden is politically neutral since late renaissance. I also think Sweden can be labelled net-friendly, being the country with the (by far) highest on-the-net ratio in the world. Regardless, we can give Mattel the finger. :-)
Well, Mattel is a toy company and their Cyberpatrol is just a toy puzzle. As such, it comes under consumer protection laws and should be tested for safety and given a product safety rating for different age brackets. THus, since their puzzle toy corrupted my mind since it allowed me to go to all of those naughty sites, I'm suing for corruption of a minor. It's not safe for my age bracket -- big kid! particularily since the library and all public places are restricting me from learning about the "real" world. Waaaaa! Thus since their puzzle toy was so easy to break, it is dangerous and can be life threating to my health since I'm in shock about the outside world. Now I'll need shock trauma treatments and pschotherapy to turn me back into a mindless cyber droid! You'll be assimulated!!!! My innocense is lost!! They also need to fix the encryption on the TV commercials for cartoon characters since they are pushing a product via mind control and subbliminal thoughts to buy it! Need more shock treatments!
Since there is a nice description of how to generate the list, it would be nice if someone who is not in the thick of the controversy would generate the list and then make use of the anonymous remailer network to post the results on an appropriate newsgroup. See the EFGA Remailer page among other places for information on secure anonymous posting.
Once the message propogates a bit, they could then let people know throught Slashdot and other fora. Then lots of people could scoop it up from this already widely distributed source. Other people could then mirror the list all over the place with descriptions of how the mirrored list came to be and why it is unlikely to have come from the same people who originally cracked Cyber Patrol.
Well, that's what both my ex-wives thought :)
ok, I'm a big company, I write up a 200 page license agreement for my software. Why would I even sell my software in a country where my license agreement wasn't legally binding?
Because you want to sell your software(that being the reason you bothered to create it in the first place), and countries where shrink wrap licence have any sort of validity are few and far between.
Therefore I conclude either a) mattel can enforce it's software rights in swedan and canada because all the legalities in it's license fall under us, canadian and swedish laws. or b) mattel decided to sell it's software in a country where it could not legally enforce it's software; therefore, mattel is dumb.
Actually c) if you make your licences look all legalistic, people will think they're valid anyway, and as long as they stick to it, wh care that you can't enforce it?
I love the name.. Can Opener. This is a very necessary tool. Perhaps it should be writting in Perl so it will run on more than one platform.
I have a feeling that Mattel really is behaving unacceptably in this matter! But what if I'm wrong?
As a potential Cyber Patrol customer, I am sure that they would be more than happy to entertain an intensive dialogue with me (via phone and e-mail) in order so that I can better understand why it is that I should not know what sites their product will prevent me from seeing and why they are abusing the legal system in an attempt to supress customer-benefiting Consumer Reports-style reviews and analyses of their products.
During my lunch hour, I will call their Tech. Support dept. so I can get their side of the issue, and express my side. Who knows... I might even have to ask to speak with a "supervisor" (and perhaps even the supervisor's supervisor). If I can think of something to say to them tomorrow that I hadn't thought of today, then I will call them again. And so on.
Tonight, when I arrive home, I will send the company an e-mail. If and when they reply, I will send them another e-mail, responding to their points and adding any additional ones of my own. (And if they do not reply I will of course e-mail them to enquire as to whether or not they received my original e-mail). And so on. I think that it would mean a lot to them to know that I cared enough about their company and its product to want to get into a long-term e-mail Pen Pal-esque relationship with the company and its employees.
As as an added convenience -- that is to save them the trouble of having to Xerox(tm) duplicate paper copies of my enquiries for their files, I will send a fax version of each of my e-mails as well.
I will take advantage, so to speak, of Mattel's open invitation for me to submit recomendations for sites to be blocked via a website application (http://www.cyberpatrol.com/forms/lists ub.asp) by using this interface to pose press-conference style questions such as: Why does Mattel take insult the good faith of its customers by making additions to its ``CyberLISTS'' for purely political reasons?
I assume that if they had wanted this form interface to strictly support only the transmission of URL's (and not insightful questioning) they would have programmed out the polymorphism that permits the latter.
Mattel has a corporate interest to serve the customer. And that's why I am sure that they would be most appreciative if YOU, humble Slashdot Reader, were to likewise contact them in order to let them know that you are interested in finding out more about how their software works and to express to them that it not acceptable for them to pad their list of blocked sites merely for the sake of corporate censorship.
Mattel / Microsystems / The Learning Company
They will thank you for it!
--------------------------------From the cyberpatrol website (http://www.cyberpatrol.com/central)
If you're looking for support on your Cyber Patrol product, please contact:
Cyber Patrol technical support at (319) 247-3333 Monday thru Friday, 9am to 9pm EST,
or email help@tlcsupport.com, fax 319-395-9600,
or mail The Learning Company 1700 Progress Drive P.O. Box 100 Hiawatha, IA 52233-0100
-----------------------------
P.S. If using the website interface (http://www.cyberpatrol.com/forms/lists ub.asp) to pose your questions (instead of URLs)is the only convenient way for you to contact Mattel, I am sure that they will understand. The important thing, as I am sure they would heartily agree, is to get the communications flowing! Let's make contact!
Demonstrate how porn is speech. There's educational value in racist or hate speech, which I don't find in porn.
I ca understand your unhappiness with all the crap coming from the USA lately. I'm an American(that statement has sort of a hollow sound to it lately), and I'm pissed too. Corps here in the US are clearly out of control. It's atough problem as they seem to have corrupted a large part of the government.
The clown has disguised himself as Barbie, will show up at my door and seduce me with beauty. After an exhausting evening, I will fall to sleep and he will morph back to his horrible self and eat me.
Copy copy copy. Oh, and Matel? As far as coming after to for items on my hard drive simply because "You Don't Like Them"? The expression KISS MY FUZZY BUTT! simply leaps instantly to mind!
shouldn't that be "down on their knees" at the drop of a dime?
Not that it even matters. There's always less crime the more brutal the government is (unless you count crimes perpetrated by the government). Many european countries, in addition to gun control, also censor (hate literature mostly) and there's no doubt that it does reduce Nazism and hate crime. Trampling on peoples' rights quite often does reduce crime; it's just never worth it.
ok, I'm a big company, I write up a 200 page license agreement for my software. Why would I even sell my software in a country where my license agreement wasn't legally binding?
Therefore I conclude either a) mattel can enforce it's software rights in swedan and canada because all the legalities in it's license fall under us, canadian and swedish laws. or b) mattel decided to sell it's software in a country where it could not legally enforce it's software; therefore, mattel is dumb.
Its really quite simple. The money they make from sales revenue greatly outweighs the money they lose from people who violate the license. End of story.
This is just classic /. bias. The suit has nothing to do with being embarrassed; it has everything to do with the creation of a piece of software that effectively destroys the value of another piece of software. You dinks at /. can't seem to recognize that not all hacking is benevolent.
To wit:
Yeah! Porn is bad, kids should not know about sex!
Lets inculcate them racism and hate instead.
Splendid work!
Copyright only applies to original works. How can you copyright a URL list? Think before you post!
Can I get an `Amen brother!'?
This lawsuit looks stupid (as distinct from evil). Companies that file stupid lawsuits have problems.
Time to consider a short sale.
To present the software which decrypts the list of blocked sites as simply and solely a tool to allow children to circumvent the protections is simplistic, unfair and ignores the much deeper issues involved. Such oversimplifications are a violation of journalistic integrity for an organization which purports to report the news fairly and without bias.
Since when is intelligence a requirement for practising journalism? Heh.
And as for the phrase "journalistic integrity"..... bwahahaahhahaahha!
No, it should be "bend over and pick up the soap they dropped in the shower"
Shadowcaster if you curious. I'm just not logged in. Them getting the logfiles is completely useless. Let's say for arguement's sake that 100 people downloaded the crack. Then those 100 people *each* gave it to ten friends. Each of those gave it to ten. How many copies exist now? (calculator, please ;) Even if 75% of the total ammount of people give up info on who got a copy from them, that's still alot of copies around. Why bother with the logfile?? Seems like basically just another strongarm/scare tactic to keep their valued customers in line like the sheep they think we all are. Shadowcaster - wishing he would get more karma for this post. :(
How long is it going to take before large corporations realize that the inherently chaotic, decentralized nature of the Internet makes their "whack-a-mole" antics futile?
Heehee... that's the first I've heard of Helms-Burton since Godfrey-Milliken. Anyone remember how Helms and Burton and Gingrich sputtered when that was trotted out?
Obviously IANAL, :-)
Yes, you do anal. And it was very good last night
If you are in the US, use their 800#, 1-800-828-2608.
Susan Getgood, Vice President of Marketing, at susang@microsys.com.
Larry Mason, Vice President of Engineering larrym@microsys.com Venus Felix, QA - venusf@microsys.com
Random House sues all public and private Schools! In an unusual move today, Random House has filed suit against all public and private elementry schools alleging that by teaching students to read and write, they are enabling plagerism and other copyright infringements on a massive scale.
Given your spelling ability, RH has nothing to worry about.
We're talking about children here dumbass. I don't see how porn has any value for children, unless you're proposing to teach children different sexual positions.
The ISP is swedish. (Passagen) I don't think swedish law even allows sharing of this kind of information. I would guess that they won't give any logs out.
You think those Internet Directory books of a couple of years ago weren't copyrighted? You think dictionaries - just lists of words, to you (hell, every book is just a list of words, really) - aren't copyrighted?
Duh.
Civilised countries make do with "loser pays". Then whoever presses a suit is motivated to have his facts straight.
> That would allow parents to make a more informed
;-)
> decision about the blocking software.
This is exactly what they -don't- want.
I didn't get it from Sweden because it was gone by the time I heard about it, but I did get it. Everything I could find. Downloaded and stored for future fun. ;-) CyberPatrol? Wassat? :-)
Why are americans worrying so much about kids seeing porns? I mean, is there any reason other than their puritan reflex?
Is there any evidence that porns are bad for kids? I personally don't care for porns. But don't get "disgusted" even if I happen to run into them. Hell, those recent stories about big companies trying to violate individual rights any way possible disgust me infinitely more....
That's why I got my copy. Can you say DeCSS? I knew you could.
Is there any proof they installed it, and clicked on the license agreement ? From what I remember of the article, they just played with the data files. They didn't have to do a full install for that, and may not have ever seen the license agreement. You don't have to run the "setup.exe" file to get a program's files onto your computer. Most programs use a simple compression/extraction scheme that lets you extract it if you want without clicking on the agreement.
OK, so they probably installed it and saw the license, but it isn't a certainty
Well, ya. But if someone calls you on it, then you have to take the blame, you can't blame somebody else because you took the easy way out. that's just silly.
I guess it would be the fact that, by reverse-engineering the code, you are violating the terms of the license agreement you clicked "I Agree" to when you installed the software. It's definitely unethical (you're breaking a promise outright), and depending on the jurisdiction, perhaps illegal as well.
Bullshit. You should note that these hacks occurred in Canada and Sweden, and neither of these countries are (yet) subject to your crappy DMCA and UCITA laws. Clickwrap licenses are legally worthless in any sane country (for good, ethical reasons). This is simply an exercise in malicious procecution by big foreign corporations. I sincerely hope the defendants have a responsible judge in these cases who sees what the plaintiffs are attempting to do here and fines them accordingly.
C'mon folks! This is the shit of the dog, as we say in the United Arab Emirates.
Someone needs to develop a site that allows everyone to email Mattel en masse (as a group) so they know how unacceptable this is!!!
Agreed, but it'd reduce the problem, and likely facilitate court defense -- an overbroad license should generally be ruled against by the courts, on the grounds that it oversteps reasonable authority. The CDA was taken down partly for that reason. We'd have them reacting to us, instead of the other way around -- that initiative thing.
me too.
I said when this first came out, we should mirror it quickly, before lawyers got involved. I was told no one needed to, that the list needed to be distributed instead.
Well, looks like that my advice shouldn't have been dismissed so fast. Had there been plenty of mirrors in many countries, Mattel would not be able to silence just two people, which Big American Corp(TM) seems happy to do too often.
One question I *DO* have, is that if the children have enough sense to find the crack to discover their parents' password and see the list of blocked URLs... Don't the children have enough sense to know what the blocked sites would be anyways? Yeah, parents don't want their kids seeing offensive sites, but if the kids know where to get cracks and how to operate them, they probably already have seen pornography, religious sites, offensive sites, etc., and the filtering software is useless anyways.
It just provides parents a fake peace of mind that their kids are "safe from harmful sites". If they were safe, they wouldn't know about the cracks, and there's no harm.
Mattel, like the MPAA before, are trying senseless scare tactics and money-thrown-at-lawyers to keep themselves from being shown as the true fakers they are. Their encryption was apparently easy to figure out and decrypt. The kids who are supposed to be protected from harmful sites probably won't find the cracks, unless they already have seen harmful sites many times over, and the crack just eliminates some extra work for them.
I hope Mattel loses, and they continue to get embarrassed. Maybe then they'll stop with the lawyers going after everyone, trying to make themselves look good.
This ought to be moderated up. It's the first post I've seen that actually understands what's wrong--people's inability to solve problems creatively.
CNN
What this person says is right. The RIAA has _billions_ of dollars set aside just for lawsuits. But they don't need that much unless they intend to drag court cases out...
Can you believe that.. they have a _budget_ for frivolous law suits. My source is one of the top attorneys at the law firm which the RIAA hired for the decss case.
Maybe it's just me but I think the only thing this shows is me stepping on Mr. J. Random Moderators own personal opinion on gun control. Thanks for being fair.
Seriously, the post I responded to should have been marked as troll. I responded to it and now I've learned my lesson. Don't respond to trolls, because it's you and not the troller that will be moderated down to negative infinity. Wonderful world of Slashdot.
Of course you buy the software before you get to see this agreement, and once you've gone far enough to see it most stores will not accept a return, only and exchange.
One word: Anonymizer.
This has to be one of the most well thought out and consice posts that I've ever seen on /. I agree completely with your point of view. If we can't protect our corporations from the depreditations of the communist pinko movement that now reigns on the net then all is lost.
I would also like to think Mattel for taking a stand. Also I would like to give a big shout out to Satan, Bill Gates, all the necrophiliac NSA, FBI, and CIA agents and Bill Clinton for working so diligentally to protect the American-nazi Corporations from depreditations by warped anti-social individuals. !!INDIVIDUALS!! are the opposite of society, unity, uniform thought, and are the most dangerous enemy of any Dictatorship such as the united states.
"Church of the Sub-Genius" banned in every category except sex-education? "Top 10 reasons why Beer is better than Jesus"? "Cheesehead Central"?
For that matter, how did a "404 - not found" page end up in their data-base of blocked sites?
Oh I can understand that Mattel is extremely embaressed about this. It isn't everyday that a company gets it's faced rubbed in the fact that they don't have a sense of humor.
The really laughable thing about this is that by trying to force it off-line, they aren't doing anything except making themselves look like even bigger idiots.
All up, it looks to me like they could have saved themselves a lot of embarresment if they had just grinned and made a press statement to the effect of "we are aware that some sites may be being incorrectly blocked and we wish to assure all of our customers that we will give this issue prompt attention yadda! yadda! yadda!" and then kept their heads down until the whole thing had blown over.
But no. They just have to compond their stupidity by publicly shooting themselves in the foot by threatening to take people to court.
Hey, Cigarette companys use/d this tactic. I know, lets make a move about software companys called the ***sider.
Corporations are becoming the neo-gestapo. How dare them even *think* about pulling shit like this! To our elected representitives:
Shame on you.
To everyone else:
Our governemt has turned it's back, giving
the corps free reign to trample who they
please. What sort of government do we have
today anyway? Could it be that it has sold out
to the point that what we want and need has
become totally irrelevant? My god, I get chills
contemplating what this place will be like 5 years
into the future. Is Phillip K Dick the new Nostrodamus? What a trip.
To Mattel:
Your're all sons of bitches now.
A quick advanced search at people.yahoo.com shows a non-uniform email address policy, some are {first initial}{lastname}@mattel.com, others are {lastname}{first initial}@mattel.com, and there are several {partial first}{partial last}. If you are a director, I bet you get first use of the name, so one of the first two patterns is likely.
Jill E. Barad (Chairman [Chairperson?] and Chief Executive Officer)... my guess would be jbarad@mattel.com or baradj@mattel.com...
Ned Mansour (President, Corporate Operations and General Counsel) likewise nmansour@mattel.com or mansourn@mattel.com?
If this works, looks like I've reverse engineered their mail address generation algorithm. Probably against the terms of use on their site... expect a lawsuit against /. in the near future for hosting this message.
Actually, while it's true that we Canadians aren't as wound up about sexuality as Americans are, it's not so much a matter of our being 'sexually open' as it is of being 'unsexed'. We are, you see, at the forefront of Mankind's evolution into an androgynous, Taelon-like species. Primitive diversions such as Pr0n are, to us, purely of academic interest...
(In a recent survey, 60% of Torontonians claimed that they preferred sleep to sex. No joke.)
You are allowed to mirror this document and the related files anywhere you see fit.
note how the best programmers tend to come from the most liberal and sexually open countries, and the so-so programmers tend to be from the sexually repressed, religious countries.
on one hand is a piece of censorware, that "protects" kids from something they (arguably) may not really need to be protected from, and on the other hand it is cracked wide open by a couple people who have probably been taught sex is a normal and healthy part of life since their earliest days.
i just find that really ironic. please don't yap at me about kiddie pron and sexual predators. i'm taking about this at a different level.
I'm not advocating we expose children to pornography, but if you ARE GOING TO COMPARE pornography to hate speech, hate speech is far more damaging to children and society than the freedom of sexual expression.
My god, some people's priorities are really screwed up
When I wrote earlier that hate speech has educational value, I didn't mean that I endorse hate speech (I certainly don't). What I meant is that there's something to be learnt from it, to learn how hate arises, why it is wrong, and what we can do about it. I'm astounded that this simple principle is not understood, even here on Slashdot.
no, it's: "When you control the mail, you control.... information!!" - Newman
As to how this word managed to get such a stigmata in our society...
Stigmata! Praise be to Jesus our Lord and Savior! Hallelujah!
If Mattel really wants to get the list of people who have downloaded these pages and software then I'd suggest everyone use http://www.anonymizer.com to get the data. They get a lot of log entries to a site that doesn't report where you came from.
Those of you outside of the country or not afraid of lawyers should mirror it as well.
I think somebody needs to crack open a dictionary and look up the words "stigma" and "stigmata".
Now write a 100-word essay on the various reasons you should not attempt to use "big words" (i.e. three or more syllables) that you do not understand.
Sad that this post was marked as flamebait. Someone is making a tool to decrypt a privately owned database. This is theft.
What's the big deal anyway, you big babies? If you don't like the censoring software, don't use it! Who really cares about children, anyway?
to be even more specific, it was written by the AP after (more than likely) being submitted as a press release by someone at Mattel. That's why most stories about corporations have such a decidedly corporate slant...it is because corporations know who to call and fax when they have a message they want to promote. if it is some self-serving garbage about new product releases, it usually gets ignored but if it's about "hack program to let 12-year-old kids download porn" then it makes good copy.
or your could go under the assumption that people will be ethical and not try to crack/break/maim/manipulate/rewrite code that you wrote (or in the case of rewrite, rewrite it and take credit for it) but, obviously, people arn't ethical, or else we wouldn't have security software. The idea that a company should HAVE TO write great code that nobody can crack is stupid, every code is crackable by it's nature. the fact is that *you* shouldn't HAVE TO feel the need to crack their software. However, the point of blame rests on the company to protect it's code, not on you, as it should...but it's still a rather dumb statement to insists companys MUST write good code, the only reason they must is because people are unethical. I don't understand how you can state 'I don't mean warez.' Are warez (I'm assuming you mean games, as applications would be appz ;) ) held to some higher standard then other software? From my understanding, what you're essensially saying is that all software companies must create super duper crack proof code or else it's their own fault for getting cracked...unless they're warez companies (whatever that is), in which case, they can write shoddy code because, uhh, well, I don't know why.
GoodThink says that american courts are clogged with consumers filing frivilous lawsuits against virtuious American corporations. Thus we need to pass all sorts of laws limitting the individual's right to sue. Here in America we all love Big Brother...
Um, why? The only reason I can possibly think of, which is pretty paranoid, is that Microsystems plans on using this as data, to say "hey, look how many people can now see porn whenever they want to, instead of letting us decide what is decent for them!" If you want to get really paranoid, you can say Microsystems wants to track who downloaded it and say "sorry, you've gotta get rid of that program", but I'm not sure how far you can trace IP addresses...
:)
Well, I downloaded it and I have a static IP with a domain name attached. They can probably track me but screw them. They must also prove that I did something illegal with the program before they can touch me.
*raises my right hand* For every lawyer they send at me, I promise to create a new mirror from a free (geocities, yahoo, etc.) web hosting firm and post the decoding program on it. Whack-a-mole on a exponential scale.
When the revolution comes I can assure you that the lawyers will be the first up against the wall. Unfortunately, the revolution's IT infrastructure is currently upgrading to windows 2000 so the revolution has had to be delayed indefinately.
The answer to the obvious question "Why is the revolution using Microsoft products?" is simply that Bill was pretty upset about this whole anti-trust thing and has kicked in a lot of cash and MS products gratis. Had we went with linux we'd be in control by now.
No, it's: "When you control the penis, you control the male."
Well, I'll have to make sure that if I'm ever a company (from any country) to keep all my innovations and products from being shipped out to anybody else not belonging to my country (kinda nationalistic, isn't it?) cause if I do, I'll lose all rights to my product...hell, somebody else could even rename it and sell it as their own invention. Actually, since I'd lose all rights to it once it left the country,they wouldn't even have to rename it!
I agree. The original article was one of the most interesting and informative things I have ever seen linked from Slashdot.
Looks like they already have.
WTF? what do ethics have to do with encryption and code breaking? that's 10 times more asinine than saying that companies should have to write better code. first don't confuse mathematics and computer science with ethics. certainly the application of those topics can be used for unethical means, but nothing about them have inherent ethical issues. trying to decypher encrypted messages is a fundamental part of developing reliable, encryption algorithms. from computer security specialists to national security specialists, code decyphering is the job of many people. i fail to see how said people are unethical. secondly and more importantly, what is the point of encryption if it is unethical to view the contents of a file that one has purchased as part of a product? why not just include a note saying, "HEY LOOKING AT THIS FILE IS UNETHICAL/ILLEGAL!"? after all only an unethical person would do so whether they had to crack the file or not. tell me what is more unethical, a person who want's to know the contents of a product they purchased, or a company that want's to sell that person a faulty product and wants to make it illegal to find out the product is faulty at all (despite all laws to the contrary, that basically say that reverse engineering is legal, and the government is obligated to protect consumers from companies that knowingly sell faulty products)? PS - sorry if this seemed incoherent, the guinness has been good to me this evening :)
Come git me suckaaaz!!
"Reactionaries must be deprived of the right to voice their opinions; only the people have that right." - Mao
Yes, but one of the points that the article deals with at some length is the fact that Mattel used a totally sub-standard encryption algorithm. For a start, they didn't bother to salt the hashe's.
So parents shouldn't allow kids to browse the net unattended?
That's a rather broard question.
My response to it is - those parents who keep screaming about all of the porn/bomb recipies/drug recipies on the net and who keep pertitioning politicians to pass laws to restrict my right to view and read what I wish to should be forced to supervise their kids.
The reason why I have this attitude is simple - it isn't my job to supervise their kids and from what I have seen to date, the parents who scream the loudest about this subject are the ones who seem most likely to neglect their kids and let them run wild.
Consider the converse as a point in case - my sister and brother in law take turns to supervise their kids net useage. They act in a responsible manner. Because of this, they can't understand why some of the other parent in their neighbourhood keep screaming about the internet. To them it's a non-issue.
As to any other interpretaion of the issue beyond this one, you will need to be more specific.
You must be really boring in bed - porn is legal in Holland, and they're some of the best people at sex in Europe. Porn is nearly completely illegal in Ireland, and the majority of people there don't do anything other than missionary.
A lot of porn is quite educational, and soft porn/erotica can be aesthetically pleasing - check it out some time.
You may do something that is perfectly legal, reverse engineer some product, attempt to export strong crypto, create a fake modem server that DIVX will accept. But it being legal doesn't matter. Big corps and gov't can litigate you directly into hell. And once they do so, it doesn't matter anymore who is right. *YOU* are faced with years to decades long court proceedings, many thousand times your annual salary in legal bills, harassment, investigations, etc. Got a life? Not anymore. Need to pay bills? You're already in debt for the next 1000 years. You don't even have time to hold a job. And you are required to appear in a court of courts far, far away from where you live. Can you addord this too? In short, you lose. So, to escape hell, you *WILL* accept whatever plea bargin bone the other side throws at you. And by doing so, you admit guilt, and help build case law and legal precedent that makes it easier for the corps and gov't to sue and quash the next guy. i.e., you help hurt your own cause bu assisting the destruction of the next free thinker. You have been assimilated. Did I miss something here?
And the common "their encryption sucks, it's their fault" argument is trash. If someone breaks into your house because they could smash down your door, is it your fault that you didn't have steel bars?
I don't think this analogy quite sticks. Cyberpatrol isn't analogous to one person's house -- it's a product that's being marketed as secure but really isn't, as Skala and Jansson have demonstrated.
If a company was marketing a "break-and-enter-resistant" house, but someone exposed a flaw in the design that allowed intruders to get in through a basement window, it would be prudent to publish those findings so that consumers would be warned about this weakness.
The last few issues of Crypto-gram, Bruce Schneier's monthly cryptography newsletter, have discussed the ethics of the publication of security flaws. Back-issues can be found at www.counterpane.com.
What the US considers "children" are already well withing breading age in most parts of the world. Of course how many 13 yrs get knocked up every year in the US. Keep in mind that to may Americans, any info abotu birth control is well over the "porn" line.
Ever notice how its always the American geeks that aren't getting laid?
Oh, yes. Of course. How could I be so silly? There's no way that porn could be considered speech by some people, or vice versa, and it's perfectly clear to everyone exactly what is porn and what isn't. Thanks for shedding your shining light of wisdom upon this discussion.
"I mean, shouldn't they at least be viewable from within an administrative section of the program that requires passwords and what not to get into?"
:^)
Yes, they should.
"Or is it because the corporations don't want people seeing all their mistakes and what not in the list?"
I say that's the reason right there.
..so how many people, who have absolute no need for a Cyber Patrol blocklist decoder (and indeed, have never even seen a machine which was running Cyber Patrol) just rushed over to the Swedish server in question and downloaded cphack.exe ? Just so they could make the download log bigger?
I sure did! Blow me, Mattel!
(so, what's Cyber Patrol again?)
Well at least in Sweden, it's the one that looses the trial that pays for the other ones (and their own) trial costs.
Given your spelling ability, RH has nothing to worry about.
Truly, sir or madam, I am skewered by your rapier wit! To think, I was so very unaware of the pointlessness of my whole existence until you so kindly pointed out the tragic flaw of my post! Surely a spelling error shall be the downfall of civilization as we know it!
If only you weren't so Anonymous and so Cowardly, I could thank you properly for your incredible gift to me and all of mankind! I must endeavor day and night to carve your immortal words in the highest mountain for all to see so that future generations may bask in the glow of your genius.
Shakespeare, Blake, and Chaucer, all bow down before you, for they with their terrible fault of spelling shall be swallowed by the sands of time, while your great words shine on!
By all that is holy, I implore you, do not waste your great gift! Waste no time on idle productivity or creative thought. Toil not on invention, innovation, or scholarly pursuits! Such a terrible thing it would be if instead of pointing out poor spelling for the masses, you wasted your talent and cured cancer or brought peace to the world!
Truly sir or madam, I am deeply humbled and shamed by the brilliance of your spelling. Not mere monosyllables, but bisyllabic words no less! Such a wondrous time it is to be alive, to breath the same air as the spelling messiah!
>Sad that this post was marked as flamebait. Someone is making a tool
>to decrypt a privately owned database. This is theft.
>What's the big deal anyway, you big babies? If you don't like the
>censoring software, don't use it! Who really cares about children,
>anyway?
What's the big deal? Fraud is the big deal. The argument that people who are buying this software are being defrauded can quite easily be made.
I managed to retrieve a few of the images from my cache (they're at http://ferret.lmh.ox.ac.uk/~weejock/barbie/) but the rest of the site is basically lost an gone forever.
We would have fought it, but we didn't have the money or the time to, so the site got taken down. Shame really, as I found it rather amusing.
Matthew.
How can they claim privacy on something that is published and sold to the world at large? This is not like peaking into their windows or reading their mail. They sold (licensed) this software, it is no longer "private".
As for why they want the ISP logs, they want to violate the privacy of anyone who downloaded their little "secret".
Improvise, adapt, and overcome.
Just to pick my own nit, the author's name is Ted Bridis, not Brides. D'oh.
If anyone would care to email me the :)
decoded block list, I would appreciate it. I
lack windows, or I'd do it myself
For every problem, there is at least one solution that is simple, neat, and wrong.
Distribution of DeCSS is a criminal offense in the US, or so Judge Elfving has ruled. Not sure about possession, though those willing to prosecute have a lot of money to spend on crucifying anyone who gets in their path; These days, it wouldn't surprise me if they introduced civil forfeiture on suspicion of possession, just like in drug cases.
well don't forget that england used to be part of the Roman Empire. Seems like the Italians should be getting in on this action. And the Mongols and the Macedonians.
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
One thought -- poison the logs. Find an open proxy or two, and (gently, don't hurt the proxy) download the thing. Download the thing by segments if the webserver provides HTTP request ranges. If you control your own DNS, feed back deliberately misleading hostnames and HTTP referrers (referrers and/or hostnames from mattel.com, say, or from mattel's upstream, pilot.net). Tamper with the agent info (e.g. wget's -U), both to engender legal mistrust and to hinder automated parsing.
Other more fanciful/nefarious possibilities: write a windoze/activex macro virus that spreads the cp4break file around. Post it to usenet once so it gets put in Deja's archives (once overtly, and once covertly, e.g. with deniable-crypto hidden in some suitably naughty jpeg). Give copies to homeless people in libraries. Leave soiled-looking printouts in the men's room stalls of courthouses.
And remember the lessons of DeCSS. Do what worked, avoid what didn't.
Mankind has always dreamed of destroying the sun.
I think it's got a lot to do with politics of censorware companies, as well. I seem to remember a certain software had competitors' sites on the list of blocks, which I'm sure they would rather not have publicized. Plus there's the other questionable sites blocked that don't jibe with the beliefs of the censorware blocklist compilers, such as sites about gay rights & planned parentood & other "controversial" things like that.
-mike kania
>The hideous truth is that we're exactly the sorts of people that censorware advocates are trying
to protect the children from - intelligent, progressive, think-for-ourselves - we're a major risk
to the estabished order.
Slashdot to be sencored!( I bet we'll be on the next version of the list.
FRA: STFU GTFO
>If someone breaks into your house because they
>could smash down your door, is it your fault that
>you didn't have steel bars?
I wish people would keep in mind that COMPUTERS ARE NOT HOMES. I don't live in my computer! If someone breaks into my computer, I'm pissed off, but I'm not in any physical danger. Please don't be alarmist, people. This isn't a flame, just something that bugs me...
Excellent points on everything else, though, especially on Yahoo's interesting choice of words.
They give us permission to do that, so let's kick it up.. and watch em try to shut them ALL down.
Hokey statistics and ancient misconceptions are no match for a good thought in your head, kid!
Here is a mirror.
L-ViS
For once I'm glad I've been cursed with the task of being (among other things) in charge of CyberPatrol - I am going to go put that site on our "Approval" override list! :)
I'm behind a CyberPatrol'ed proxy and those slimy people have added it to their database as an "offensive" site.
Please try to remember that American citizens are not American companies or the government. My views are not necessarily those of my government or employer. ;-)
The system of law in the US must be curtailed! It is out of control with $$$-hunters
Definitely. We used to have a sensible system of jurisprudence but it has been wrecked. Then there are those folks who hold to a globalist philosophy. Now, I'm not an isolationist and I believe in free trade; however, I think it is 100% wrong to extend this freedom to law. Since each nation's judical history and standards are different, the only practical way to do this is to eradicate national governments and establish a single global government; which I am totally opposed to.
[ angry ] I say that if the US government, through the agency of it's court system demands the logs, then we sue the bastards for invasion of privacy. Or shoot them. [ /angry ]
[irritated] This is all about chill. They aren't going after people with big sticks. They're going after students, and foreigners who are unlikely to spend the money to hire a lawyer to fight this in an american court. By the time they go after an american with the wherewithal to fight, they'll have built up a nice set of precedents. It's time to stop them. Here, and now. [/irritated]
[logical] Just ignore them... they can't sue the entire internet[/logical]
~ a low user id is no indication I have a clue what I'm talking about.
I agree that the consumer probably does have some right to poke around with his property, but taking the information that you as a consumer get, and distributing that widely, is not the same. The construction of the application, and the data that underlies it, could be considered a trade secret. And taking a companies trade secret and publishing it, is not "free speech", it's intellectual property theft.
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
Frankly, I don't necessarily see that consumers have an absolute right to know what they are paying for. If someone objects to how this software is screening, or they object to not knowing how the software screens, then they are under no obligation to buy the software.
I'd say any company marketing a product like this, can make their design as proprietary, as they like. If you don't like the fact that you don't know the screen, don't buy the product. Or better yet, write your own, that has a completely open list of blocking criteria.
It seems that blocking software is here to stay, in one form or another. Why is it completely beneath the open software movement, to create a program that at least does it in an open manner?
"Politicians are interested in people. Not that this is always a virtue. Fleas are interested in dogs." P.J. O'Rourke
Hence, "by clicking OK you agree" would fall back to "by using this software you agree," and the latter's perfectly fine, since plenty of reverse engineering can be done without ever running a piece of software.
Unfortunately, you'll just see them rewrite the EULA's to be more broad. It's already happening. Check out Loki's Quake III Arena EULA in the back of the manual and see what I mean.
Worked fine for me when I brought it up...
--
Oh, no! You have walked into the slavering fangs of a lurking grue!
Yup, I did.
I really liked the essay on how they did it. Very informative. A lovely balance of plenty of technical detail together with plenty of explanation of what it all meant. Written for the ignorant, not the stupid.
Many linux documenters could learn a lot from these people
No matter how cynical you become, it's never enough to keep up.
So can we please see the block list? That would be very interesting indeed.
No matter how cynical you become, it's never enough to keep up.
DCMA is AFIK a USA thing... We can do anything we want in whatever country we live in, provided we don't break the law where we live.
Here's a thought...
Download it from a school or library workstation onto floppy. That way, they have even fewer practical means to find and prosecute legal behavior.
You're talking about copyright law. Please show me exactly how these people have breached Mattel's copyright.
Thanks. You know why I do that? It is because I was just left to my own devices as a kid. I got lucky though along with being a geek, I also read/learned some of the right things young. As a minimum, I was aware of what the dangers were. Did a lot of things that I was told I shouldn't anyway figuring that they told me not to do them because 'sombody' decided that I probably would not understand really how to do them safely. Right. All you have to do is read and understand, and ask questions. It is not hard. I could have just as easily been a damn good criminal. All comes down to a few delicate moments in life. I know a lot of people who did not make the same choices I did, and they were the worse for it. Many of them having more attentive parents than I did! Still can't figure that one out...
The implications of this law are hitting home. My career and family depend on the sort of free-learning that is only possible without these sort of stupid laws. It chills me to consider what things would be like without that freedom. Things like this get real personal real fast. Whom did these guys hurt? Nobody. If Mattel was a little smarter they could easily put a positive spin on this and profit anyway. Nothing generates name impressions like contraversy. (it's late! and spelling is for weenies) Now they have a bunch of bad ones. Their loss. The people doing the hacking probably have the same motive that most of us do. They just want to know Why and HOW! What is wrong with that?
Blogging because I can...
yet another mirror: ftp://128.148.190.238
enjoy!
I agree, Yahoo's report is a hideous example of inept or biased journalism. Not only the quote mentioned, but the entire story has an apparent slant against the *nasty hackers*.
I AM, therefore I THINK!
And the common "their encryption sucks, it's their fault" argument is trash. If someone breaks into your house because they could smash down your door, is it your fault that you didn't have steel bars?
Wrong analogy. It fits the case of someone guessing an easy password, and abuse it. This didn't happen.
It is more like this: I publish a book, and expect to make money of it (assuming I write well) . However, I post the entire book on my public webpage, encrypted with rot-13 or something similiar a child could crack. With no restriction on downloading. No surprise when few people buy the book because they all viewed it in netscape and used the "rot 13" menu to get at it. Then I sue netscape for lost sales.
As much as I hate to admit it, I can see where Mattel is coming from. Decrypting their list, after all, is kind of an invasion of their corporate privacy
..."
I am going to put my root password on a web page. I'll encrypt it of course, to prevent abuse. My fantastic encryption consist of uppercasing the entire password. Now, if anybody decrypts my lowercase password then I'll go after them in court for invading my privacy. Even worse if they actually <I>use</I> it...
<I>But what do they really expect to gain from the ISP's log files? Are they planning to try to track down every single copy?</I>
Maybe that was the plan originally. Futile now, but they still want to know who got it, so they can pick <I>some</I> people to harass. And they will keep records. If stuff like this happens again they'll look for "repeat offenders". "Hey judge - these people were part of the crack back in 2000 too... a history of crime
Oh, is that so? Well, I wasn't terribly interested in this particular mess at first, but now I guess I'll have to add my IP# to that logfile... Thank you, Mattel, for bringing this site to my attention.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
If you write crap code and people crack your software ...but it is always only a matter of time before your code gets cracked. How do you avoid this? To some extent adopt the open source method, release often. but with each new version, change how everything works, thus making it harder to crack.
if you write crap code and someone cracks it thats one thing
good luck getting customers though.
The basic sleazeware produced in a drunken fury by a bunch of UCBerkeley grad students was still the core of BIND. --PV
They're making it sound like the people who cracked the encryption are promoting children seeing porn instead of promoting the anti-censorship movement. Way to keep neutral, Yahoo.
well, actually, from the web page, they say, and I quote:
So technically, when the report said "two computer experts developed a method for kids to deduce their parents' password and access those Web sites" they were right. However, that you can't examine a file that you buoght, uh, licensed, well it just gets me pretty scared.
I'm an American, and it pisses me off to no end.
We need a law that says that court costs must be paid for by the plaintiff when seeking judgements in cases out of jurisdiction (e.g. a waste of court time that could be better spent locking real criminals up behind bars).
now we need to go OSS in diesel cars
Mirror, mirror, on the wall,
whose code is it I have today?
I wonder how they have the gall,
to want to take it all away.
Now that the code is my very own,
will they want next to come for me?
But if it is that I'm not alone,
how can they cause that to be?
If we spread that code far and wide,
using hyper links and chain.
maybe they will just decide
that in this is more cost than gain.
now we need to go OSS in diesel cars
"Front" every site in an apparently obscene hostname. www.tits.kernel.org, hotbabes.slashdot.org, cum.aclu.org, sexxx.enlightenedcompany.com, porno.nytimes.com. Make the censorware users realize they have to either lose the software or live in an Internet Disneyland.
It ain't perfect, suggestions welcome. Maybe along the lines of constantly changing the domain under which the content lives, and using redirects (to "obscene" domains) from the "well-known" pages. With a bit of Javascript the page should be able to detect the redirect didn't happen, and ask the user if they're running censorware, maybe under the guise of a "help wizard". If they answer yes, take them to a page that explains why censorware sucks. Of course that page would have to keep moving too, otherwise something tells me it would get blocked soon.
want to write to Mattel to explain this but I can't find any useful email address on their web site. Does anybody know such an email address?
Try this: http://www.service.mattel.com/contac t_mail.asp
Heck, why not just have a piece of software click the I agree button? It's just an installer, you didn't agree to anything ;-)
Works well. Were I at home, I'd boot into billyware, and tell you what it's called.
There was a (new, late '80s) Twilight Zone story
...
Based on a short story by Isaac Asimov, in fact
But there is still the issue of wrongly blocked sites.
The thing which I find most bewildering about censorware software is how many of the popular ones --- and both ones which have generated articles on slashdot recently --- make it impossible to find out what is being blocked.
One company claims that the list is a "trade secret", and Mattel doesn't publishe theirs --- and somehow that makes the censorware software seem much, much, much more sinister than it is intended to be.
That's one of the funniest political statement's i've seen in a long time:
tell your governments to start standing up to the US and stop being our lapdogs! After all, if we lose the battle to stop and reverse the hemorrage of civil liberties here, it would be nice to have somewhere to escape to
A citizen of a theoretically democratic country exhorting citizens of other countries to stop his country, so he has a place to escape to when things get bad ---- something is very, very wrong with the picture.
Sounds like when cops invade your house and you yell that you're gonna sue everybody, but you never really fo it.... I don't think it should be taken too seriously. I mean...analyzing that much logfiles!!! Not even Mattel could do it (the site _has_ been linked on slashdot...)
"Mattel is also seeking the logfiles of the Swedish ISP that hosts the decryption utility, to identify everyone who has downloaded it to date"
When I read this, I just HAD to go download the decryption utility. I don't think I'll *ever* have a copy of that crappy program to run it on thought...
What the hell.. What can they do to you? Demand that you turn it over to Mattel? (Yeah, here it is, I "swear" it's my only copy! )
I use Linux at home. I'm tempted now to buy CyberPatrol so I'll have a legal copy of their database and can implement the blocks that I agree with. They want to stop me from buying from them?
http://users.intermediatn.net/localh/cp4break
http://users.chartertn.net/localh/cp4break
(both resolve to the same server, but intermediatn.net could die anytime)
_______
Scott Jones
Newscast Director / ABC19 WKPT
Commodore 64 Democoder
FC Closer
Anomalous - adj. weird
Canard - n. duck
Envy my 5 digit Slashdot User ID!
So many people (especially computer people) confuse knowledge with intelligence. Knowing how to use a computer does not make you smart. Further, and more importantly, it does NOT make you a better person than anyone else. Fight arrogance. Teach kids to do what it takes to excell and not be pompous brats about it.
Thank you for your time.
A closed mouth gathers no foot.
Well, in my book, I'd rather my children were learning how to have hot, raunchy sex than how to hate and kill other people.
We may not like the idea of our children having sex, but its going to happen, and I'd rather they learned about that than how to hate and kill.
I'm not advocating we expose children to pornography, but if you ARE GOING TO COMPARE pornography to hate speech, hate speech is far more damaging to children and society than the freedom of sexual expression.
My god, some people's priorities are really screwed up.
http://www.nara.gov/exhall/charters/declaration
http://www.nara.gov/exhall/charters/declaration/d
http://www.nara.gov/exhall/char
Hey, I'm all for hate speech too. I'm for hate speech and pornography. I'm for all speech. I'm for free speech. I'm just saying that I think hate speech is more damaging than pornography because hate speech will lead people to supress other people's rights or even harm them, whereas pornography just teaches people to get in touch with their sexual selves -- a good thing.r ation/declaration.html
http://www.nara.gov/exhall/charters/decla
http://www.nara.gov/exhall/charters/declaration/d
http://www.nara.gov/exhall/char
Hey, I'm all for hate speech too. I'm for hate speech and pornography. I'm for all speech. I'm for free speech. I'm just saying that I think hate speech is more damaging than pornography because hate speech will lead people to supress other people's rights or even harm them, whereas pornography just teaches people to get in touch with their sexual selves -- a good thing.r ation/declaration.html
http://www.nara.gov/exhall/charters/decla
http://www.nara.gov/exhall/charters/declaration/d
http://www.nara.gov/exhall/char
Wrong. The DATABASE would be copywrited, but not the method to decrypt it. They can distribute a method to decrypt the database, provided they do not provide the decrypted database itself (which they haven't).
It's already been said, but it deserves to be said agian:
Planning ahead, everyone should download it. That way if Mattel does get access to the log files they'll have so much information they can't do anything with it.
Dan
It might cause her to walk in circles.
Save the whales. Feed the hungry. Free the mallocs.
...To which the Swedish ISP replied:
Bork bork, borkity bork bork gebork!
"I came here to kick ass and chew bubblegum. I'm all out of bubblegum." MSE USC APX AIA CSI CASp
I think a better analogy is more along the lines of you buying a trainset and taking it apart to see how it works.
Its yours so you can do what you want with it.
If you find out that the product has poisonous gas coming from inside it and you think consumers have a right to know about it then you are welcome to publish your findings.
The fact that the company is not happy about this is obvious and they will do everything in their power to stop you.
"DNA is God's contribution to the Open Source movement"
The modern English language is the result of a head-on collision between two other languages: Anglo-Saxon (with Germanic roots), and Norman French (Latin roots). When the Normans conquered England in 1066, they became the English aristocracy; thus Norman French became the language of aristocrats, and Anglo-Saxon, the language of the proles. The languages eventually merged, but traces of class distinction remain in the words for delicate subjects like sex and other bodily functions.
Words descended from Norman French -- which tend to be baroque and polysyllabic -- are the "polite" terms, used by polite gentlemen and ladies. While the Anglo-Saxon terms -- blunt monosyllables, mostly -- are considered rude, like the Saxon peasants who used those words.
Norman aristocrats might fornicate, or have intercourse, but only Saxon peasants and cattle f--k. And the upper class do not s--t, they defecate or excrete. (I'm on a company network too.) You can even see the distinction in equivalent words like "perspiration" and "sweat", or "expectorate" and "spit".
This also, almost by accident, makes the language more expressive, allowing writers and speakers to easily add a nuance of politeness or rudeness that might not be possible in other languages.
Silly, isn't it? The indignation of American moralists who rail against "foul" language is rooted in a class distinction that we theoretically left behind over two centuries ago...
(Okay, now it's time for a real linguist to come along and tell me everything I got wrong.)
Oh, I dunno. The beauty of free speech is that you have to use good speech to combat bad speech. The alternative is to *cough*cough* censor it. And that leads us right back to the root cause of all these problems:
Who gets to decide what to view and what to censor?
Sure, you have your view of pr0n. But a feminist is going to come along and claim it is degrading and depicts sexual violence against women. In fact, she may view you as being in the same league as the Klan...you may not think it rational, but there it is...
The downside to persecuting stuff like the Klan is that you drive it out of sight, into the dark corners where it can fester and grow.
James
Does she already have Barbie dolls? If so, your boycott is doomed to failure. You're about to find out that hell hath no fury like a woman denied her Barbie dolls...
James
I'm just curious as to how we've gotten to the point where a lawsuit in the U.S. could require a Canadian and a Swede to appear and stand trial. If a lawsuit like this were filed in the Ukraine or Greece or ... (essentially any country that's not the U.S. or a country really closely tied to it) and Americans were required to go stand trial, does anyone really think there'd be such little news on it? I just find it sick that U.S law has become such an all encompassing force that the rest of the world is made to bow to it whenever a powerful entity in the U.S. decides it doesn't like something. Of course with comments like this, I expect in another 70-80 years there'll be a story on Slashdot about my FBI file being released. :)
-Mike
---
--
If I actually could spell I'd have spelled it right in the first place.
May as well start putting up mirrors of the software now, before it gets banned and the authors get arrested for copyright infringement, or license infringement, or stupidity infringement, or some damned thing.
Someday, you're going to die. Get over it.
I don't think that it is unethical to crack code. Is it unethical for a writer to analyze another writer's copyrighted works to get ideas? Those in English would find that idea stupid.
That whole "reverse engeneering" restriction is the stupidest thing that I ever heard of. If companies don't want you to disclose something, they should make you _SIGN_ a nondisclosure agreement _before_ you buy the product. That is what my company does when we don't want our secrets to get out. You know, something that is legally binding.
I see their point exactly. They are a big corporation and they are worried about their stock price. They could give a crap about privacy, ethics, the US constitution, right, and wrong. They are mindless. They are doing this for hype to scare people, not because they're loosing their shirt.
They are also doing this because they _have_ to. They have no choice. If they stand idle while this software is propigated over the internet, shareholders will get pissed. Users will also get angry that the software that they bought is useless and the supplier is doing nothing to defend it.
I think the scare tactics work, too. If I were to do something like this and were sewed by a corporation, I could not begin to afford a lawyer or the time required to fight this. To the corporation, this is waving a fly swatter at a pest. That's why I'll stay with using software with non-restrictive copyrights (GPL, BSD, other open source, public domain) or I'll just use commercial software as it is.
I know I will be flamed for this; but, if a parent wants to use a piece of blocking software to prevent their kid from seeing porn, what is actually wrong with that? Why shouldn't a parent be able to have some control over their kid? If the blocking software is what works for them, so be it. To advocate putting ways of getting the passwords to bypass them on the net is irresponsible. Just as I feel that government really doesn't have a right to tell me how I should raise a kid, I don't think any of you have a right to tell me what I should do either! What happens inside someones home is their own problem.
I am not pro-censorship. I in no way support filters in libraries and places like that. I do agree that the list of block sites should be made available and support decryption of those. However, going beyond that is wrong and I think a lawsuit over that is actually reasonable.
Like the company, software or not, they do have a right to protect the viability of thier product. Other countries have laws also. Just because a US company is filing a suit against a Sweedish or Canadian national, it doesn't mean they are enforcing US laws. Between treaties and other items, most of these compaines will have laws of their own to cover these situations.
/. posters tend to take a knee-jerk reaction to certain items. Being completely radical will cause views to be dismissed as crackpot in just the same way many of you would dismiss the views of the American Family Association[which is a screwed up all together]. There is a use for filtering for parents at home. Yes, the parents have to use proper discretion and know when to disable such filters. However, that should be the parents call. As much as many of you in the under 18 crowd think you know everything, you don't. I thought I knew everything when I was a kid, as did my parents, as did your parents and as did your own kids. I never thought I would say this; but your parents do know what they are talking about [much of the time].
I would suggest that future efforts stick to decryption of the blocking databases. Having that available is far more beneficial then just trying to destroy the programs because that will only lead to someone coming up with something even harder.
A company that makes popular software to block children from pornographic Internet sites filed an unusual lawsuit late Wednesday against two computer experts who developed a method for kids to deduce their parents' password and access those Web sites.
<BR>
Except that porn is only one of 16 catagories the program uses. Some of which don't appear to be applied very well. e.g. Microsoft isn't likely to be barred as "ilegal activities", nor is the US Government (even though breaking a treaty is arguably worst than other criminal activity.)<BR>
Indeed the peacefire website itself is barred under every possible catagory. Surely cause for a counter suit, for libel. About the only catagory it could legitimatly come under would be "profanity", where it is documenting emails sent by another companyi, producting a similar piece of junk (Solidoak).<br>
T
We need a law that says that court costs must be paid for by the plaintiff when seeking judgements in cases out of jurisdiction (e.g. a waste of court time that could be better spent locking real criminals up behind bars).
Surely the plaintiff pays the cost of the initial action anyway...
Rather than a law surely what's needed is to educate the judges to do their job. They undoubtedly have the power to say "out of the juristiction of this court, case dismissed (fool)". Indeed it would surprise me if judges didn't have the power to fine such a plaintiff.
If a company was marketing a "break-and-enter-resistant" house, but someone exposed a flaw in the design that allowed intruders to get in through a basement window, it would be prudent to publish those findings so that consumers would be warned about this weakness.
Not only that, but should the company involved even think about suing the people who exposed and published the information they would be laughed at.
They wouldn't be plaintiffs, they'd be defendants, the plaitiffs would be their customers and consumer protection organisations (private and state). All civilised parts of the world take a dim view of companies providing poor products and services (especially if they try to cover up their faults.)
Why should software products be treated any differently from houses, cars, VCR, insurance, etc
or your could go under the assumption that people will be ethical and not try to crack/break/maim/manipulate/rewrite code that you wrote (or in the case of rewrite, rewrite it and take credit for it) but, obviously, people arn't ethical
Exactly what is "unethical" about reviewing a commercial product and if needs pulling it apart? If a company makes certain claims about their products then they really should make some effort into making sure those claims stand up to critical and skeptical examination. Not everyone is the kind of fool who will just belive their unsubstantiated claims.
This is accepted with any other kind of product, why should software be treated differently?
If I were those Swedish dudes, my logs, if any, would be a figment of Mattel's imagination. "Don't run'em, your honor. Violation of privacy." In other words, Bork you very much, Mattel. If, of course, it ever came to that; if I were the Swedish ambassador, I'd be giving that judge the dipolmatic finger when it came to any half-baked ideas of extradition.... Maybe it'll teach our American bureaucracy a thing or two about soveriegnity. They need to learn that.
Well issuing the directors of the ISP with diplomatic passports would be an intersting way of "showing the finger". Maybe the Swedish government could follow the US government's lead on following treaties (i.e. ignore them when it feels like it.)
Well, I think their argument is that it's a "trade secret." If they had it available in plaintext, their competitors could freely propogate the mistakes to their own software.
Except that the encryption is so weak as to merely be an "annoyance" to commercial competitors".
IMHO it isn't competitors, so much as journalists they want to keep out.
Microsystems (MSI) is really a dead company. MSI was bought by TLC (The Learning Company). The assets were transferred.
Maybe they fully expect to get countersued, so they are deliberatly naming what amounts to a "strawman company" as the plaintiff.
But if your local council is using public funds to enforce, or even just support, filtering in public access libraries then you're at least entitled to see what's being blocked.
No doubt there are places where this would be an absolute statutory right.
Personally, I belive that no public body should be allowed to install censorware with a secret way of filtering content - god only knows what hidden agendas find their way into such products.
Already all sorts of political agendas have been found in such software. Let alone the lack of quality in doing what the software claims to do.
One of the most flagrant examples of this type of American attempt to impose their laws on foreign soil is the Helms-Burton act which would allow americans to sue foreign companies that have benefitted from properties that had formerly been American in another country. The bill was primarily aimed at Cuba (don't even get me started on that one) but affected any property worldwide that had once been American! Imagine if the Brittish were passing laws like this, they'd be able to sue most of countries in the industrialized nations.
:)
Or France or Spain or Italy or Egypt or Mongolia
There is an issue that occurs to me with all this examination of the blocking lists of products like this and the discovery that there are sites being listed a pornographic which are patently not. Is listing a site as pornographic like this libellous?
Quite likely, one of the most obvious examples would be www.peacefire.org.
If I put up a web site with some latin on it (the word cum is apparently a common pornography trigger) and it gets added to this list can I claim that I have been libelled and can I claim compensation?
In that example they would probably be able to claim an "honest mistake". Though it would kind of knock the frequent claim to use people (rather than computers) to do the selection.
I feel there must be a reason this cannot happen otherwise you could sue credit agencies for incorrect data as well.
They would probably go for an out of court settlement, so as not to create a legal precedent.
Agreed. I learned a lot from reading the article. After you wade through the whole thing, it's pretty funny to scroll back up to the top and read the quote again. I got a laugh anyway.
http://www.reed.edu/~turnerd/cyberpatrol.tar.gz
Become a FSF associate member before the low #s are used
Is it? This software is based on a block list isn't it? In that case, why do they need encyption at all? Can't they just use a one-way hash, like /etc/shadow?
I am right there with ya, and I bet a helluva lot of other /.'ers are as well! I went to the site, and downloaded everything on the crack - I thought the paper was extremely well written, and it gave good insights into how they did everything - it isn't too often you see cryptanalysis explained in such detail (it isn't something I pursue - but I enjoy reading about it). I am looking on what they are providing as an "educational" page, a "how-to" on cryptanalysis, of sorts...
Reason is the Path to God - Anon
Well, I think their argument is that it's a "trade secret." If they had it available in plaintext, their competitors could freely propogate the mistakes to their own software. And we all know companies don't like sharing their screwups for free.
Exactly what is "unethical" about reviewing a commercial product and if needs pulling it apart?
I guess it would be the fact that, by reverse-engineering the code, you are violating the terms of the license agreement you clicked "I Agree" to when you installed the software. It's definitely unethical (you're breaking a promise outright), and depending on the jurisdiction, perhaps illegal as well.
This is accepted with any other kind of product, why should software be treated differently?
Because software is licensed, other products are bought outright - ie, I don't think Consumer Labs runs their roll tests on rented cars.
This is one of the most outrageous actions I have ever seen. I found the essay to be the most interesting reverse engineering tutorial I have ever read. I am mirroring the web site and I would encourage everyone else to do so.
What we need is to post all the "forbbiden" content (DeCSS, banned crypto, etc...) on one web site hosted in a liberal country (!= USA). That way it would be easier to find these software, and gathering media coverage would be easier.
Sweden is a neutral country. And I don't see how a US court order could have any influence on a swedish ISP. A US judge isn't yet a Ruler of the world.
This post encoded with ROT26. If you can read it, you've violated the DMCA. Handcuffs please, sergeant.
how about bothering to get patents in other countries.
Forgetting that Internet is international are we? Don't forget that this is not all just about americans.
Thank you for your short moment of attention. ;)
> files? Are they planning to try to track down every single copy?
Maybe they are planning on using it as the basis of their damages amount... 10,000 people downloaded it, so our software has been damaged 10,000 times, so we demand $xx.xx for each of the 10,000 copies....
Sounds weak to me too, but it's the most logical use for the log files that I can come up with.
No ... not EVERY .. there is ONE .. that resists the trend ... :) a filter for SQUID ! .tar.gz packages.
... :) I speak from experience !
The URL'list come in very uncrypted
(although only Porn & warez filters are avialble, the MAIN reason to filer out porn is the bandwith
Regards,
Michael
Can't we host it in a country (like Swisserland, which is politically neutral) and give Mattel the finger?
-=- SiKnight
Another mirror. http://plato.nebulanet.net:8080/~mabus/cp4/
Hey! Don't just agree with this post about the reporting story, let the people that distribute this story know!!
Contact feedback@ap.org and let them know why you feel the article run in Yahoo news was "whatever".
We should be taking our views out to the world, not just agreeing amongst ourselves, which amounts to a head in the sand.
Oriental Hero "I want to live in a city where the Police don't shoot you" Jean Charles de Menezes
I think you people need to take a broader view. DMCA has no jurisdiction in Canada or Sweden. No US law does.
This is a scare tactic no doubt, and Mattel looks even worse because (if I read the article right) they are filing suit against a Canadian Citizen in a US State court.
If these corps really want to fight, come to my country and file suit against these people using the Criminal Code of Canada and the Laws written by Parliament. File suit where the alleged "crime" was committed.
Just because an American court issues a court order doesn't mean that the Canadian Courts will uphold the order. (IANAL, BTW)
some karma... and kinda lukewarm about it.
They make a software that blocks access (takes your freedom away from you) and since it doesnt just block kids from the dangerous porn it's blocking your way to information.
:)
All code is ment to be broken. They write a code and someone breaks it. They have NO right in saying that their code has more right than the code you wrote to break theirs.
People should SUE Mattel for inprisoning Internet users.
Ofcourse the person who installed this software isn't any better but still I would say that Mattel is responsable.
Well, enough crap for me today... have a nice one
-- Merlin - www.scrolls.org/merlin merlin@bofh.is --
If Mattel succeeds in getting the logfiles, what do they plan to do with them?
If they think they're going to be able to take any action against people who download source code, they're going to get bit - and hard.
As has been stated in the DeCSS case, source code is not (yet) illegal, and any legal action against people for possessing such code would be illegal.
I don't see why these companies see the need to keep their lists encrypted anyway. Consumers should have the right to see exactly *what* the software they purchase is blocking. One possibility could be to set up a search engine that searches through the list so parents can see what comes up when they search for, say, 'breast'.
That would allow parents to make a more informed decision about the blocking software.
--
Sygnus
First posting isn't trolling. It's...first posting.
Peacefire works fine from my computer, even with my crappy ADSL connection ;-)
In this case, the documents are in the possession of an organization in a nation other than the USA. Further, I find it difficult to believe that they have been served a US subpoena for them yet. Thus the logical act would be to delete them before our government bullies the Swedish government into enforcing our laws in their country.
Unbreakable toys can be used to break other toys.
The word "fuck" is one of a short list of words that aren't allowed into radio or television broadcast. It is also considered grounds for discipline in most, if not all, schooling systems.
As to how this word managed to get such a stigmata in our society I have no earthly idea. Personally I use it a lot (in the proper context of course) and it doesn't seem to bother anybody.
My wife, raised a catholic, believes we should prevent our son from using the word "fuck" and should stop using it around him ourselves. This is one of the few child rearing points we haven't resolved yet, as I personally consider all language to have a proper use. I'd rather my son learn to say FUCK when he drops a hammer on his foot than going around inanely whispering "fuck fuck fuck fuck" and giggling just because it's forbidden.
The entire concept that a word can be "bad" in and of itself has always amused me. Words are just fluff that you throw together to convey ideas. It's the ideas and your ability to convey them that matter, this preoccupation with meaningless taboos is a bad meme.
And before you jump to the conclusion that the majority of us are prudes it's important to realize that the fundamentalists responsible for the majority of censorship in the USA are in fact a minority. They just happen to be a very vocal minority that has regrettably managed to maintain their powerful access to politics for much of this century.
Unbreakable toys can be used to break other toys.
This is a public relations move. By aggressively going after the ISP, they are creating the impression that the release of the list-decrypting software was an illegal action, when it wasn't.
Personally I think they're trying to implement a new type of harassment. Given such a list, perhaps they'll try to subpoena hard drives from a few thousand people for "discovery".
What's this? Somebody accessed a controversial site? Well we'll just have to take their hard drive away and see how they like that. That'll learn 'em to think for themselves.
Unbreakable toys can be used to break other toys.
Actually, whenever I use the word stigmata I think of the song by Ministry off of the "Land of Rape and Honey" CD.
Unbreakable toys can be used to break other toys.
Make it even harder for them. You don't have to actually use it or anything. Just keep a copy around.
I just downloaded cphack.exe. Please add me to the list of the people Mattel wants to sue. :-)
:-)
I suggest everybody that reads this download the program. Let's see if we can make Mattel go broke trying to track down everyone that downloaded it. It doesn't really matter that I don't use Cyber Patrol or even know anyone that uses it.
I would hope they have doubly implanted breasts. Having just one breast augmented would be a little strange, methinks :)
;)
Sorry I'll go back to my politically correct corner now
SEAL
...or rather an Island nation. If we could keep from being invaded or completly blocked from the outside world, it would be a nice place to live. Keep a few hundred copies of DeCss et. all on hand, and pool are savings to hire some mercenaries to keep us safe (I am sure there will be planty of countries that would dislike us as much as the corps. ) -Anthony
Done. Check out http://www.thehitpark.com/freespeech for a mirror.
Joe Morse
Screw you guys...I'm going home.
-Eric Cartman
"You done taken a wrong turn."
-Bill McKinney, in Deliverance
I agree with your criticisms, but it should be pointed out that this article comes from the Associated Press, not Yahoo. In other words, the problem goes even deeper than that.
Francis Hwang
Do domain names matter?
After all, isn't that precisely what their distributed file sharing system is good for? None of those pesky web-logs like web-hosting providers like to keep under their control...
mcrandello@my-deja.com
rschaar{at}pegasus.cc.ucf.edu if it's important.
Here's my DeCSS mirror. Where's yours?
Here's my DeCSS mirror, where's yours?
Here's my DeCSS mirror. Where's yours?
Here's my DeCSS mirror, where's yours?
Harrison Bergeron by Kurt Vonnegut, actually
anything beyond EIDE/16 has been useless dickwaving - jkujawa
Culture is more than commerce
. If you write crap code and people crack your software (I don't mean warez), you should get better programmers.
If the encrypted list can be used by the software, the software must contain the means by which the list can be decrypted i.e. the decryption key. Which implies that the software must be crackable, however good your programmers were.
If the parents really cared they would be in the room with the kids while they were browsing the net.
So parents shouldn't allow kids to browse the net unattended?
If the encrypted list can be used by the software, the software must contain the means by which the list can be decrypted i.e. the decryption key. Which implies that the software must be crackable, however good your programmers were.
I guess there's another way around this: hash the urls.
You can still add banners to Peacefire and like-minded sites on your website, to show your support.
- Steeltoe
http://www.debunkingskeptics.com/
If I were them the first thing I would do is delete all my log files. I don't believe in giving out information like that to anyone when those people aren't technically doing anything illegal.
I like that they are comparing a *explicitive deleted* encrypted file to someone breaking into your house. I dont see how they compare. The reason why you encrypt things is to make it so other people can't view them. However if there is a way decrypt that information it doesn't make it illegal for someone to do so and view it. It's the responsibility of the person distributing or sending the encrypted files to make sure it's encrypted to their liking. I just like how businesses think they can go after people and file suit for people who are just exercising their rights. I mean come on. what's the big deal? So what if people see the blacklisted URL's. It's not like they could legitamently be sued because that information got out. They are specifically selling that information so that parents who dont bother to take the time to spend with their children and supervise what they do on the internet can let this software do it for them. Personally I think that parents should play a more active role in what their children are doing.. I know when I was growing up I was into all sorts of BBS's doing god knows what. And I know none of which they wouldn't have approved of if they knew. But since they didn't have a clue what I was doing and didn't care as long as i wasn't getting into or causing any trouble... sigh
We could start by mailing the swedish ISP who closed ELOJs web page. Not that it really matters, but whats interesting is that the law suit completely goes against Swedish law, and that the suit contained several demands that in themselves would mean that Scandinavia Online would have to break Swedish law to meet. The suit smells curiously either of disregard of Swedish and International law, or of a completely fake scare-suit. Sweden has recently adapted a personal information integrity law TLAd "PUL", the Personal Informations Law, which prohibits any information about a third person being given out without that persons explicit acceptance of this. So, the suit containing demands for Scandinavia Online to publish the http-logs of ELOJs web page is in fact a request from Mattel for Scandinavia Online to break Swedish law, you see. Furthermore, reverse engineering itself is not a crime in Sweden, and since the buyer of a copy of Cyber Patrol is an OWNER of a LICENSE to that software, that owner has the right to know the contents of the program. Legally. At least in Sweden, and I would assume that Canada and maybe even US law sees things in a similar way. I agree completely with everyone saying that the decryption is a service to the users, and if that also means that it is a disservice against Mattel and its cohorts, then Mattel has some kind of dirt on some of their hands, or perhaps on someone whose hands they are holding. / per edman
/ Per
Scandinavia Online, the ISP for Passagen, has already terminated ELOJs web hosting. They fell for the threats of a lawsuit against them, because ELOJ sure as hell did not break their rules. They probably did not even check the vailitidy of the lawsuit, because if they had done that they would have noted that they could even have produced a counter-suit on the charge of unlawful lawsuit..
But noo, the people behind Passagen have always been pooftahs.
/ Per
HA! I should download it, so they will have to block Eastern Kentucky University.... That'd make them a real winner! blocking a college.. And think they can find me? doubt it. All the world sees is the ip of my firewall....
Fish
Download download download. Don't use mirrors. We need to fill up the logs. What are they going to do sue everyone that has downloaded it?
As much as I hate to admit it, I can see where Mattel is coming from. Decrypting their list, after all, is kind of an invasion of their corporate privacy. But what do they really expect to gain from the ISP's log files? Are they planning to try to track down every single copy? Since that would obviously be futile (especially after it has been Slashdotted twice) why do they want the ISP's logs?
This is a breach of corporate secrecy -- a busted trade secret. They failed to adaquately protect their trade secret, and now it has been revealed. There are no privacy issues involved here.
So if I don't adequately protect my house against surveilance (boarding up my windows, getting an Rf scanner for hidden bugs, etc.) and somebody spies on me, it's not a breach of my privacy? How about if someone bugs my corporate office? If I spy on you, is it your fault for not protecting yourself better?
No. That's one of the key flaws in the DMCA: it does NOT protect COPY-control systems, but ACCESS-control systems. Like, for example, DVD's CSS. Yes, we all know it isn't a working COPY prevention system - that doesn't matter. It IS an ACCESS control system (to stop you playing DVDs on non-cartel approved players).
What I want to know is, WTF are these guys (the censorware clowns, I mean) playing at? If I were doing it, I'd just ship a load of MD5 hashes of the blocked URLs. That way, you CANNOT "decrypt" the list - it's not an encrypted list to begin with! (Brute forcing the hashes would take quite a while...)
So parents shouldn't allow kids to browse the net unattended? what kind of question is this? of course parents shouldn't allow children, of young age, to browse the web alone, the same should be applied to television, however do we ever see any of these ideas about being intrested in what your child does and supervising them, hell no. Your question is the same as asking should we let young children swim alone? harm to a child physically or psychologically is still harm, regardless if they see porn or if they drown, both will have profound affects upon them.
"Real knowledge is to know the extent of one's ignorance" -Confucius
The place to hit Mattel is in the pocketbook. This kind of campaign is a way that embarasses Mattel without taking any legal risk with respect to source code. If the word can be circulated around the Net that "buying Mattel isn't cool", that should cost them money.
BTW, while boycottmattel.com is taken, boycottmattel.org and boycottmattel.net are still available.
y2k info - http://www.ecis.com/~alizard/y2k.html
Tech Public Policy stuff
-=RR=-
Insanity is the last line of defence for the master diplomat. But you have to lay the groundwork early.
Hi All - We may not like what Mattel is doing - using lawyers instead of improving their software. (Some here may also recall the bitter lawsuit over the Aqua song "Barbie Girl") But as a corporation they may only respond to their bottom line. For years, the NAACP had great success in using boycotts or the threat of boycotts to get some concessions from large companies. Can we simply start some sort of boycott of Mattel? I have an eight year old daughter, and I can certainly find other toys for her besides Barbie dolls. With email and the web, the word of such a boycott could be spread quickly and with little cost. TWR
strange, i think it is. can't get to it from here...
---- Sig? What sig? Who needs one, anyway?
Does Mattel even have the legal right to take these actions? Absurd doesn't even begin to describe it. Obviously IANAL, so I can't say this with authority, but since when is cracking a proprietary non-governmental encryption scheme illegal?
Someone help me out here.
J
"coordinated on slashdot"??? Heh.
Slightly disreputable, albeit gregarious
Actually, it's more like asking if we should let our children read books alone. Should parents watch over their children's shoulders every time they read something, just in case what they read might be provocative? Condorcrap. I grant you that there are things online that shouldn't be seen by young eyes, but:
1) really young kids probably aren't going to be surfing for porn.
2) if they're old enough to be surfing for porn, they should be old enough to have been taught what is considered appropriate, and should be old enough to behave accordingly.
Now, do I think my 13-year old should be looking at nekkid chiks? No, but I can understand why he would want to, and I think it far better that he surf to his heart's content than that I stand watch over him whenever he's within 5ft of the box. If nothing else, it shows trust. Plus, it means that they don't have to feel even guiltier about trying to "get away with something". I swear, this puritanical Western society'll be the end of the human race yet... but that's another rant... =>
--
--
It's not the rambling I object to, so much as the mumbled incoherancies...
I don't necessarily agree with these cybernazi programs, but there *are* legitimate uses for censorship. ANYWAY... I think the fact is that these encrypted lists that we have grown to know and love... these lists are the product created by the companies. Sure, these companies make filter software. But this list is also a product they have put time and money into creating, and they have to protect that investment. My two cents...
The streets shall flow with the blood of the Guberminky.
Decryption per se, does not necessarily reveal the encryption algorithm, and a list of sites that are blocked does not comprise anything that has been engineered, it is not a program, not a structure, not a machine; it is a list. Can one "engineer" a list? I don't quite see how then decrypting a list of blocked URLs constitutes reverse engineering if you did not rip apart the original program to reveal the encryption; and this could have been done without doing perhaps using differential cryptanalysis or a brute force known-plaintext attack (since you know some of the sites that are blocked). So in short; I don't think the company has a leg to stand on. Download the decryptor today!
An other mirror...
Here is an other one (but not 100 percent uptime, since it is my private box, but anyway :-)
Why doesn't all those decrypt hackers post
their finding anonymously on usenet?
Before BigCorp discovers what have happened
it is to late to stop it and no one to sue.
Joe average doesn't have that kind of money
it takes to take up the fight with BigCorp,
so why not use the tools that are available?
Bjarne
...would be to fire the people who wrote that lame ass encryption routine, and hire these two guys as consultants to come in and upgrade the software every time it gets hacked.
because it will get hacked eventually.
and it would be cheaper than attorneys.
and their crappy software should be as easy to upgrade as norton antivirus or whatever.
these two folks did mattel a favor!
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
I've seen this bandied about a whole bunch, just wanted to post it here so everyone can see.
Privacy laws apply only to individuals. No wonder your clever analogies seem so true, they are - when you start comparing Mattel, etc. to you. You and I, as individuals, have privacy rights. No group or corporation does. (I'm speaking of the US only here)
Companies have a lot of other laws (patent/copyright/etc, etc.) they can work with, but not privacy, per se.
So please, enough with the "well, if I don't burglar-proof my house and someone spies on me, then I guess that's fine! See, me clever!". It's specious at best.
I read this and seen the part how they want the logs, well i went and downloaded it. Download it and keep it, who knows maybe mattel will actually hire competent programmers and do something right. i doubt it tho, look at what they pay programmers, and these kids cracked it in there free time, says alot. i dont even use it but i downloaded it just so they could see my ip address, eat a dick mattel
I have zipped the page and the four files linked in the source and binaries section. Email me to get it.
They that quote Benjamin Franklin on liberty and safety deserve neither.
Its not actually breaching copyright, but giving others the ability to breach copyright. After this is decrypted, anyone can use that list. As far as I know, this is not illegal, but Mattel thinks it should be. Still, copyright violation would be a lot easier to get to stick in a foreign court than the DMCA.
Of course, if it wasn't decrypted, anyone could just copy the entire package, but big corporations don't think like that.
As unkind as it may be to Eddy Jansson and hem.passagen.se, it would sure be damn funny if someone (or a large group of someones) started an HTTP flood on the page, just so by the time Mattel gets the logs, it has to fly a charter plain from Sweden just to deliver all the backup tapes with the logs. Then, of course, if there's any sanity left in this world, they shouldn't ever get access to the logs...
(this poster does not endorse irresponsible behavior. this poster just thinks it WOULD be funny...)
// zyqqh
I've downloaded it, sent it to 18 of my friends, and asked each of them to send it to a friend explaining why. Pointless, i suppose, but I feel a moral obligation to bring freedom to the information.
Increase the Peace, No More Censorware !
If a few hundred thousand people download the software, I would like to see Mattel try to deal with filing suit with all of the ppl who downloaded it.
I for one
Jailbrekr
Feed The Need[goatse.cx]
That is fine if you are a mushroom! (You like to be kept in the dark and being fed shit)
These companies promise security and you should be able to check if this is true. These kind of lists shouldn't be encrypted in the first place. Please don't start that shit about competitors copying their lists, you shouldn't be using these kinds of programs from comercial vendors anyway since they are not interested in a safe-web but in MONEY. A porn-free internet wouldn't be profitable to them.
Grtz, Jeroen
Secure messaging: http://quickmsg.vreeken.net/
Fight Spammers!
Fight Spammers!
Take a look at http://www.sorehands.com/injdir/sj/sjmemo.htm to get the requirements for a libel case.
Fight Spammers!
Sorry, though it's just about the same thing, what is a company without employees?
Fight Spammers!
Fight Spammers!
Fight Spammers!
Mattel thinks that they can shut me up by bring a frivilous claim against me, then litigate me into silence. It won't work, I'm too stubborn! If I give in, it is letting Mattel to be rewarded for this practice.
Free speech is not free! It has to be worked for.
Fight Spammers!
Fight Spammers!
They of course would say it's accidental.
Fight Spammers!
I don't doubt it, but that can't be used as evidence for a judge.
Fight Spammers!
It is known as a "special motion to dismiss."
Fight Spammers!
Fight Spammers!
Someone shows the dirty laundry of their cybernot list, so the file suit against them.
Barbie Benson uses her name on her site, they don't like it, so they file suit.
A pattern perhaps?
Fight Spammers!
In their opposition to summary judgment, I have caught many misrepresentations that they have made.
Fight Spammers!
There was one story where the kid would have to be surgically altered if they were able to beat the test. If the kid was smart enough to figure out the way around the test, they would be put in an advanced studies program.
Maybe we can use these filters for that.
Hey Mattel, if a kid can break your filter, give them a scholarship to MIT.
Fight Spammers!
The decryption code seems more like a class in how to determine and break encryption and how the CyberPatrol encryption works.
Fight Spammers!
MSI originally developed CyberPatrol.
Fight Spammers!
Like the V-Chip before it, this type of product is aimed at parents who what to "care" for their kids without actually interacting with them. Welcome to the automated babysitter for the 21st century. If kids are old enough to "surf freely", then they will look for what they want. At which point parents may need to *GASP* trust their kids. They need to trust how resourceful these youngsters are......what is keeping kids from getting porn from newsgroups? In the end, you can't stop the next generation. After all,can the V-Chip keep kids from watching "squigle-vision"? It better not, otherwise they will find a friend who has a porn movie (probally stolen from a parent).
I don't know why Mattel thinks they can do this. Decrypting something and then posting it on the web for download should be perfectly legal, as long as the process was legal (i.e. no stealing of files, etc.).
here in the UK consumers right are protected by the Trade Discription Act, this states that anything sold must be 'fit for the purpose', in other words do what it claims to do.
Do you believe Matel (or whom ever) when they say their software will protect your child from accessing inappropriate material on the internet? - My answer would be No.
This tool provides a method of accessing the 'banned' database and confirming that the tool is fit for the purpose. My own personal opinion is that should not be filtering, if you are concerned what your kid might be viewing then sit with them whilst they browse. Or make sure they know that you are logging all accesses and will find out if they are misbehaving. Just my 2 pence worth, Mungewell.Is it just me, or is www.peacefire.org down? (Could just be my crappy connection.) The reason I ask is because several of the companies Peacefire has pissed off have been trying to get the Peacefire domain taken down by their ISP... Or maybe they're just getting /.ed right now... :)
Yet another poster who is not paying attention to the article, it's details, or the facts in general. This program only exposes the contents of the cyber.not list, it doesn't allow anyone to circumvent it's 'protections'....
Think outside the... Hey, where'd the friggin' box go?
Judging from the description of how they decrypted the url list, it seems like there wasn't much attention at all put into the encryption scheme. It was very poorly implemented and inconsistant. So, it's no surprise that the encryption was 'broken'.
--
Soma: because a gramme is better than a damn.
The company's lawyer, Irwin Schwartz, said damage to its product is ``at least at a minimum'' now because relatively few people were believed to have downloaded the bypass software.
err... :
Everyone seemed to forget to ask these four very important questions...
Everyone seemed to forget to ask these four very important questions...
Yeh? And? So? What?
It drives me nuts that some parents rely so much on 'outside control' to keep their kids in line and go ape shit when the tools fail, as if they had done more than nothing. When something like this happens it pisses me off that the Internet and hackers/crackers will get blamed for destroying the sanctity of life for their kids.
I don't know. Could it possibly be too much to expect parents to *gasp* actually look after and pay attention to their kids in this hectic world of profit and loss?
Mmmm.....ideals.....
Anyhoo, I'm glad to see someone is at least putting effort into the upbringing of their kids and not plonking them infront of the TV and hoping that the Cartoon Channel will teach them about life.
Everyone seemed to forget to ask these four very important questions...
Everyone seemed to forget to ask these four very important questions...
Yeh? And? So? What?
There is an issue that occurs to me with all this examination of the blocking lists of products like this and the discovery that there are sites being listed a pornographic which are patently not. Is listing a site as pornographic like this libellous?
If I put up a web site with some latin on it (the word cum is apparently a common pornography trigger) and it gets added to this list can I claim that I have been libelled and can I claim compensation?
I feel there must be a reason this cannot happen otherwise you could sue credit agencies for incorrect data as well.
Gamma Testing - Where testing is extended to the full user community (AKA Shipping the Program)
Is it just me or is Canada and other liberal minded countries taking a lot of heat lately? We may have been slow to update our laws regarding the Internet, but maybe this is for a good reason. I, for one, believe the lawmakers of Canada has long viewed the Internet as a rather free and anonymous form of communication and Networking, and realized their jurisdiction did not extend to the ether. Our best bet, I feel, is to view the Internet in an "International Waters" sort of light.
Do corporations ever do anything that isn't totally abusrd? I don't see that Mattel really has any ground to stand on, just another case of a giant corporation trying to intimidate people with lawsuits.
"Have you eaten your
Of *course* Big Companies don't like embarassment! And while the alien and sedition acts are no longer for the US government to enforce, they're obviously OK for big companies, since they have $$. So remember, don't say anything hasbro or fisher price doesn't like, or the nerf gestapo will break into your house in the middle of the night with nerf rifles, and drag you off!
Visit the Libertarian Party home page to find candidates that believe in your ability to govern yourself.
Topher
"Man is free at the moment he wishes to be." -Voltaire
I just had /. blocked for "extream illegal activity". So I got to wondering : How can we find out if our own web pages are being blocked? Also, do we have any recourse if it is? A commercial site being blocked could suffer big money losses.
I have heard that the new cyber patrol demo somehow blocks cphack -- instead of loading the NOT list, cphack gives error: 'TProgressBar property out of range'. Anyone know about this?
In the West, most people are unfamiliar with the majority of the few thousand families of world religions, and millions of variants thereof, even though many are lurking right in the USA. As with other predators and criminals, only those religions which make a habit of attempting to pervert law to abuse the civil rights of everyone are of much concern to anyone other than their own followers. If Muslim religion were more prolific in the USA, we'd see even more problems than with xtians of the Rabid Religious Reich. The two are fairly similar, with loving, tolerant factions, moderates, and large minority extremist hate cults. Non-supremacist religions, which often are anti-proselytizing, simply are non-issues to people not following them as personal paths. BTW, congrats to Skala & Jansson! Balancing any Copyright law is a right of all Americans to petition government over redress of grievances. So long as Mattel's subsidiary sells CyberPatrol to such customers, we as citizens are entitled to know whether, or more accurately how severely and in what manner, illegal censorship is being imposed. FOIA law toward such government end used to demand the Cybernot list, and the political grievance prong of the 1st amendment, might be added to other legal arguments as to why block lists of government marketed censorware must be public domain. Cyperpatrol, after some early negotiated rounds of cleanup including meetings with pagan, naturist, and other leaders, did work to become a lot less discriminatory over criteria illegal for schools and libraries to impose on taxpayers and citizens than they were initially, or than many RRR backed competitors. However, the very notion of profanity (of which deity? By what criteria?), nudity (skyclad religious ritual? art? Jain clerical vows?), or sex (religious ritual or spirituality, Neopagan or Buddhist for many) somehow being "neutral" criteria for censorship is rooted in fraud. The only variant is whether the fraud is motivated by outright religious bigotry, economic predation, or political predation. The idea of blocking a Jungian psychology newsgroup also reflects severe religious bias. As an ordained pagan minister, were I refering someone for counseling, I'd specifically choose someone with a Jungian world view as religiously tolerant and more likely to be qualified than a hate monger like Dr. Laura. Of course, all those hundreds of xtian variants who just know their one right way is the only right way can't stand the idea that ethics and values in a culture that legally promises to protect diversity are rarely right or wrong, UNLESS they claim to have an exclusive handle on truth. Historically, the "dirty parts" of literature and medical texts in English switched to Latin, presuming that an educated elite were exempt from censorship. The major change we see today is a 14th Amendment which entitles EVERYONE to live by the same standards. As Peacefire's ongoing effort, of Eddy & Matt's new one prove, censorware is nothing but content selective speech restriction with illegal biases only applicable to those less skilled at circumventing it. Rev. Terry Smith ERLAN Electronic Communication Freedoms Liaison
Will anyone who can offer a more precise legally upholdable definition of "porn" than "whatever gives the judge an erection" please stand up? Instead of censoring speech, let's remove religious bias from other laws and regulations. Nudity on the beach, the town green, the back yard, or along Main Street, USA harms no one. At most it harms supremacist ILLUSIONS of certain predatory religions. Nudity is a goal in several forms for a number of non-supremacist religions, for which it might be nice to eventually acheive "equal protections of law". Sex, while more controversial given indoctrinated prejudices and bigotry, is likewise a matter of religious ritual and celebration for people of some religions, and as such qualifies for freedom from legal oppression, just as much as anti-sexual religious followers aren't obligated to take their sex to the town square if they prefer otherwise. Nudity is a state of being, deserving equal legal protections as sideburns, hats, other costumes including genital coverage in xtian ideas of religious "decency", covering head hair for females in Muslim ideas of "decency", or carrying a book of one's choice, whether the bibles of xtians, pagans, Jews, Muslims, Hindus, or any other group under whatever name. Sex is an activity. To rid laws of religious bias, it might be restricted where motion or making noise would disrupt usage-dedicated places at at times when activities could be disruptive. That means that it's reasonable to restrict sex at some time and place a xtian bible discussion would be legally banned, or where a volleyball game might be banned, but not elsewhere or at other times. Clean up those elements of law, and speech censorship related to them would become moot. ==== As to CyberNot, so long as CyberPatrol is marketed and used in public facilities, citizens have a right to know what illegal criteria are being used to impose illegal discrimination. If Microsystems won't release the info, such that a public user cannot comply with an FOIA demand for the censored sites, citizens are entitled to do whatever else it takes to discover that info. This is a simple issue of the peitioning for redress of grievance prong of the 1st Amendment, not to mention generic speech, press, Establishment clause, or Free Exercise clause prongs. There could be an interesting issue for the Supreme Court if this case raises the issue of how those aspects of Constitutional rights contradict Copyright law. Skala & Janssen appear to have acted to help Americans hold local governments accountable under the law, which might just preempt and contrary business interests of fraudulently promoting intentionally discriminatory criteria as if "neutral" under Lemon v. Keurtzman, or the broad notions of what are equal protections of religion under the 29 CFR 1605.1 analysis of Supreme Court findings and US Code. Rev. Terry Smith ERLAN Electronic Communication Freedoms Liaison
There's no way Sweden's legal system or ISP will agree on this. If they do I'll be severly shocked. In my younger days I was stupid enough to do some cracking, and eventually I got sloppy and caught. But even when facing legal actions my ISP did not release it's logs with me. So if they comply with this, it will be quite a new turn.
So Mattel feels violated because of a program that lists their blocked sites? Claims copyright infringement? Their case is similar to these headlines I hope to never see:
Random House sues all public and private Schools! In an unusual move today, Random House has filed suit against all public and private elementry schools alleging that by teaching students to read and write, they are enabling plagerism and other copyright infringements on a massive scale.
Ford Motor Company sues Pinto victims. By having accidents and reporting on the outcome, they are engaging in illegal reverse engineering Ford says. Ford's representitives also maintain that, "Reporting a mechanical failure is also a clear violation of our new licensing agreement". The case is expected to go to court as soon as the defendants are discharged from the hospital or buried.
Just to a pick a nit, Yahoo just picks up stories straight from The Associated Press. Blame AP/Ted Brides (the author) for the slanted journalism. You'll find the exact same story on any number of sites that carry the AP wire.
We've talked about this before, but I think it's time to get serious about writing a canopener to extract files from InstallShield and similar SEA utilities without displaying, reading or parsing the license. It can't be that hard, and it would kill off the click-wrap license BS completely.
Not to mention get anyone touching or linking to it sued into debtor's prison.
David E. Weekly
David E. Weekly
Code / Think / Teach / Learn
h4x0r for
Be glad you don't live in a country where the entire legal system goes belly-up for big business at the drop of a dime.
"God fights on the side with the best artillery." - Napoleon, Marshal of France - speaking truth to power
http://www.mit.edu/~ocschwar/ ... :
cp4break.html
cp4break.zip
cph1_rev.c
cphack.exe
cndecode.c
On US soil, no less.
I disabled logging on my mirror. If Mattel comes knocking on my door, I can honestly say that I don't have a damned clue of how many people downloaded the program, or who, or what IP, or anything.
I recommend that everybody else running a mirror do the same.
On one of my sites, Curfew.Org, I've done something close to this. Curfew.Org is all about how to fight youth curfews of a legal nature. 99% of the people looking at my site are from
I wrote mine in PHP. As you can see, it's grossly simple:
$remotehostname = gethostbyaddr($REMOTE_ADDR);
if (ereg ("bess-proxy", $remotehostname)) {
echo("You're being censored!");
}
This only works for proxies, and this is just the Bess section. You could insert this, and add other proxy names, and put a more useful message up. (I took out the full paragraph for brevity.)
Anyhow, steal this highly-advanced code and use it on your own site!
What I do (did) have time to do was to go to the site and download the software. That way, if Mattel succeeds in getting the list of IP's that downloaded the software, they'll have one more person to track down and try to bully.
Just think if everyone who reads slashdot did the same... It would sure cost them a pretty penny to have the lawyers track everyone down, send them notices, etc. It wouldn't take long before the postage and legal fees would far outstrip any profits they might get from selling their software.
Stupid people will be persecuted to the fullest extent allowed by law.
I'm hosting the cp4break package on an Australian server. You can have frames or no frames. Look at the bottom of the page in the software section. You'll also find links to DeCSS/Livid, unf*ck & software to copy MP3 files off the old Rios. Feel free to link. My Geocities version of the page also contains links to the copies on the Australian server; mp3.krisjohn.net. Enjoy.
Why can't the block list be an open-sourced ratings system and each one of the censorware products is simply a front end / way of implementing the list?
Other than that I recommend that they spend time with their kids, educating them on the ways of the world. I also tell them that their kids will always find a way around any technological "solution". They usually walk away very happy.
--
I intend to boycott Mattel products (I have two small children aged 4 and 6, who use a LOT of Mattel products). I want to write to Mattel to explain this but I can't find any useful email address on their web site. Does anybody know such an email address?
Consciousness is not what it thinks it is
Thought exists only as an abstraction
I intend to boycott Mattel products (I have two small children aged 4 and 6, who use a LOT of Mattel products).
I want to write to Mattel to explain this but I can't find any useful email address on their web site. Does anybody know such an email address?
I posted the above question elsewhere, I know, I only wanted to maximise my chances of getting a reply.
Consciousness is not what it thinks it is
Thought exists only as an abstraction
We deserve this.
,irrespective of how involved we are in teaching others and promoting our political and social values, or not. If I chose to be a hermit with a keyboard, I am entitled to the same rights as someone who is out in the limelight, day in and day out, working to protect those same rights.
No, we don't. No one does.
I know, I tend to blurt out the same untruth as well when I'm feeling emotional about something (e.g. "the USA diserves the oppression it will get if this censorship continues!").
We do not deserve to lose our rights
No one deserves to lose their rights, for any reason, much less laziness.
That having been said, losing one's liberties is a natural consiquence of laziness. Not because it is deserved, any more than a victim of an airline accident in the Andes deserves to starve, but simply because that is the nature of things.
I know I'm nitpicking, but I grow wearing of hearing "we deserve this, they deserve that," as though the atrocity which came about as a consiquence of something is somehow justified, when it simply is not.
That having been said, I agree 100% with your prescription: get involved and get others involved. Failure to do so will have the undeserved consiquence of our losing our rights and our liberties.
The Future of Human Evolution: Autonomy
A citizen of a theoretically democratic country exhorting citizens of other countries to stop his country, so he has a place to escape to when things get bad ---- something is very, very wrong with the picture.
:-)
As the one who made the statement you refer to, I couldn't agree more. Something is very, very wrong here, indeed.
Hence the diatribe with the provocative subject line.
The Future of Human Evolution: Autonomy
Isn't it only a problem if the encryption scheme is clamed to be a _copy_ protection scheme? Which the stupid filter producers doesn't claim (They claim it's a security against children viewing porn). At least this should hold as long as you don't _distribute_ the database, only a decoder for it (thus people has to buy the database in order to decrypt and read it), thus the filter producers have got their money.
--The knowledge that you are an idiot, is what distinguishes you from one.
--The knowledge that you are an idiot, is what distinguishes you from one.
Only if it can be shown that significant creative effort went into their making. I doubt an automatically generated list of questionable sites could qualify. The problem is the testing of this in court. That costs $$$.
My little mirror.
Of course, everything there is downloadable from the swedish site, but its important to get it mirrored fast.
--
"Rune Kristian Viken" - arcade@kvine-nospam.sdal.com - arcade@efnet
"Rune Kristian Viken" - http://www.nwo.no - arca
If I were those Swedish dudes, my logs, if any, would be a figment of Mattel's imagination. "Don't run'em, your honor. Violation of privacy." In other words, Bork you very much, Mattel. If, of course, it ever came to that; if I were the Swedish ambassador, I'd be giving that judge the dipolmatic finger when it came to any half-baked ideas of extradition.... Maybe it'll teach our American bureaucracy a thing or two about soveriegnity. They need to learn that.
OK, now the hard part. How do we as geeks, the denizens of cyberspace, prevail upon Mattel to BUTT OUT of our millieu? Bigger question: How do we enforce the idea that, barring outright thievery or violation of a contract, there is free speech in cyberspace (barring the "printing press" rule i.e. no free speech if you don't own the box)?
I don't have an answer to that, but we need a way or three to lean on Mattel, MPAA, the Imperial Federal Government dominant in North America, and anyone else who gets in our way. (Hear that, BorgieBill?) Whining on here won't do it.
OK, guys, suggestions?
Considering that there's no law against deleting log files unless they're subponeaed, it's not breaking the law.
Mattel only WANTS to view the logs, that has no legal force until they actually bribe a judge, or in this case, bribe a foreign judge.
Until that point, the log files are just another text file, which could be deleted to save space.
Good advice. Just don't log, or delete the logs in rotation. That way they can't recover anything.
But, don't forget that Mattel isn't the court. If Mattel wants the logs, you can delete them. Until they get around to asking the court, it's just the wishes of some company.
If they had sued you and then you went around removing evidence, it wouldn't go so well for you. But if you're a neutral third party they just might think of suing, you have no reason to keep those logs, especially if they might contain private information.
Microsystems Software Inc. of Framingham, Mass., which sells the widely used Cyber Patrol,
Acourding to the artical, the Suit is being filed by Microsystems Software... Not Mattel, infact the string "Mattel" doesn't even appear in the artical whatsoever (case insensitive). Now this may be an outside peice of information that the author just happend to know, but from this it really dosn't look like Mattel ether makes this product or is filing suit. Do you have any backup that says it is Mattel?
ReadThe ReflectionEngine, a cyberpunk style n
I read the article/paper and found it to be very well-written. Not only do Jansson and Skala present tools for cracking CyberPatrol's weak encryption, but they explain why the encryption is weak. They also take us on their journey as they reverse-engineer the file formats and the encryption algorithm. That part alone makes this paper a valuable educational resource.
Oh, go on, check out my job.
So this is basically saying that a kid can download an exploit that will let him see porn.
Well, we have to shutdown rootshell.com and censor 2600 when they post code for exploits.
This is insane. If you write crap code and people crack your software (I don't mean warez), you should get better programmers. This is nonsense. How many little kids would know how to do this? If the parents really cared they would be in the room with the kids while they were browsing the net.
Save your breaking and entering analogies for piracy. This was an act of free speech consumers have a right to know what they are paying for.
The US motor industry is probably regretting that current attitudes wern't arround a few decades ago. Then they could have put that "anoying" Mr Nader behind bars. This is simply another version of "consumer journalism", exposing a product as being of poor qualityi, poor workmanship and barely able to carry out it's intended purpose.
This encryption scheme is not a method to stop piracy or digital theft.
For all anyone knows a commercial competitor could have "ripped off" this list ages ago.
If your child is bright enough to find the crack to cyber patrol on the web, download/run it, and beat your pathetic attempt at stopping that child from seeing whats really out there then you have little to worry about. You kid is smart, able to think for themself, aware of political censorship (you) and somewhat rebellious. All are admirable qualities!!
Unfortunately, you are overlooking the "script kiddie" (no, that wasn't an intentional pun) effect - Cut-down "find admin password only" copies of this code will already be being passed from hand to hand in schools - as the geekier kids that ARE capable of finding, downloading and so altering this code experiment with buying a bit of peer-group respect with their talents.
--
-=DaveHowe=-
> or the facts in general. This program only exposes the contents of the
> cyber.not list, it doesn't allow anyone to circumvent it's 'protections'
Wrong! I'm running the app right here in front of me. It clearly displays the Admin and deputy passwords, which will let anyone bypass the protection....
> It has one reason for existance, which is to keep people from knowing what
> sites and what rules are used to block sites.
Actually, I bet it's to make sure that people need to keep paying the makers of Cyber Patrol for new/updated lists every couple months. If the format is public and easily read/written, then someone could publish a free list of domains for use with the software.
BTW: IANAL
But I just wanted to make sure that everyone is clear, once you have been served a subponea, deletion of the logfile is punishable. I wouldn't be suprised to hear that your system backups are subponead as well if they are to subponea your logs.
You do realize that dcestroying subponeaed documents (yes, log files are electronic documents) is a punishible offense, don't you.
Of course, you can choose to disobey any law that you really want, can't you
It never ceases to amaze me that we abrogate our freedoms because some corporation wants us to. I am also continuiously astounded at the attitude that most people have of "some one else should take care of it".
The people who buy blocking software are "letting someone else take care of" their children's access to the internet. Are they also letting "someone else take care of" their discipline, or their education, or their meals, or their housing? Probably.
It's a sad, selfish world we live in.
"values of beta will give rise to dom!"
Maybe, but they aren't distributing their database. At most, they have described a schema.
Want to work at Transmeta? Hedgefund.net? Priceline?
Can your IM do this?
Yahoo did not write the article. It was written by the Associated Press.
This morning after clicking on the Mattel/Cyber-Patrol story, I found myself in a rather novel position. I had moderator points, and I work for Mattel. And I censor images and text for them. And I read slashdot regularly. Quite an interesting position, non? By the way, I do not speak for my company in any capacity, all opinions and ideas expressed here are my own.
I am one of the people who looks over the immense number of graphics that we put into Printshop, Printmaster & ClickArt. I specifically look for corrupted images and images that may be offensive. Offensive images may be racist in nature, or may be derogatory towards women, or maybe too mature for those who might use our product. The reason we take those out is that the majority of the people who buy these products do not want these images in there. What disturbs me the most when I find a racist image, is the thought of young person in the ethnic group portrayed seeing that image and not liking themselves because they saw it. Childhood and adolescence is hard enough. Parents who buy these products do not want their children to find mature graphics. And I am sure that many women who buy this product would take issue with being portrayed in the old stereotypical ways.
This said, I still harbor very many doubts about censorship in general. I think that adults should be able to look for and find any information that they want or need. I also think that artists and the media should be able to freely produce whatever they see fit to make. And be able to show it in public. But parents should be able to restrict the information that their children receive. And that is what the filters do. Schools are institutions that exist specifically to teach people. The selection of a textbook can be construed as an act of censorship because of the difference in political leanings and depth & scope of textbooks. I cannot see what the issue is if K-12 schools want to restrict what students can use the network connection for. Looking up pr0n can be considered an educational experience, but it is not the kind schools are intended to impart. Colleges are a different matter all together, often times a big part of the experience of going to college is finding out who you are, and free(!beer) information access should be considered an integral part of the process.
But there is still the issue of wrongly blocked sites. And this is probably the biggest problem with filter software. There is a need for quick resolution and correction of wrongly blocked sites.
Thank you for your time.
$var = <STDIN>
$var =~ s/\\$//;
this is slashchomp
All these lawsuits by American companies against poor little foreigners (regular joes who post stuff on their sites) are really starting to piss me off. Americans (and American companies) think they are the police to the world not only in military matters but in internet matters too. These companies are using the intimidation of lawsuits to prevent freespeech elsewhere in the world. Even if the lawsuits are frivolous and based on the law in the defendants country, they are picking people who do not have the financial wherewithall to defend themselves, leading to court precedents that hurt everyone who follows. One of the most flagrant examples of this type of American attempt to impose their laws on foreign soil is the Helms-Burton act which would allow americans to sue foreign companies that have benefitted from properties that had formerly been American in another country. The bill was primarily aimed at Cuba (don't even get me started on that one) but affected any property worldwide that had once been American! Imagine if the Brittish were passing laws like this, they'd be able to sue most of countries in the industrialized nations. I'm not sure what the outcome of the act was (hopefully squashed) but the essense of it live on in lawsuits like this one.
The system of law in the US must be curtailed! It is out of control with $$$-hunters
</rant>
no sig.
A story entitled "Software Co. Sues Hackers" by TED BRIDIS, AP Technology Writer, appeared on Yahoo! News (http://dailynews.yahoo.com/h/ap/20000315/tc/inter net_decency_hackers_1.html). The first line of the story reads:
"A company that makes popular software to block children from pornographic Internet sites filed an unusual lawsuit late Wednesday against two computer experts who developed a method for kids to deduce their parents' password and access those Web sites."
This line is grossly misleading . Cyber Patrol, the software in question, is a filter program which prevents access to web sites which it deems unsuitable. Microsystems Software refuses to release specific info about which sites are blocked, or the specific criteria which it uses to determine those sites. If Cyber Patrol were used solely in private homes by parents to limit browsing by their own children, this would not be a problem. There are legal movements underway, however, to require use of such software in public libraries and other places of public internet access. When these programs are used to restrict public browsing, the public has a right to know which sites are being censored and why. Cursory use of the software shows that it blocks numerous sites which are not pornographic, such as sites on breast cancer, gay rights and birth control. If Microsystems Software will not release this information, it leaves the public no choice but to seek it via reverse engineering of the software itself.
To present the software which decrypts the list of blocked sites as simply and solely a tool to allow children to circumvent the protections is simplistic, unfair and ignores the much deeper issues involved. Such oversimplifications are a violation of journalistic integrity for an organization which purports to report the news fairly and without bias.
"The legitimate powers of government extend only to such acts as are injurious to others." Thomas Jefferson.
Mattel is a California company. It might be possible to use the California anti-SLAPP act against them.
Not a good idea. If a court expresses interest in a piece of information you have and you destroy it before the court decides whether you have to hand it over, you could be found guilty of destroying evidence, obstructing justice or contempt of court. It is better not to have the information stored in the first place.
Anomalous: inconsistent with or deviating from what is usual, normal, or expected
Anomalous: deviating from what is usual, normal, or expected
Canard: a false or unfounded repor
Could someone clarify something for me? Why does EVERY Net Censoring product out there have encrypted software lists? I mean, shouldn't they at least be viewable from within an administrative section of the program that requires passwords and what not to get into? Or is it because the corporations don't want people seeing all their mistakes and what not in the list?
Please keep the source code small on these decoders people; the court might wants to save on paper when printing it as "exhibit A" for our attention.
------
sigs are a total waste of bandwith, especially when the signal-to-noise ratio is lower than 1:10.
Yet another company flounders about, trying to bludgeon people into submission by hitting them with a sack of lawyers. Are Sweden and Canada within US court jurisdiction? Exposing what a tool does can't possibly be illegal (but exposing how it does it, or providing a tool to defeat it might be, if the hero/perps are within US jurisdiction.) How utterly silly. If Mattel had just shut up and wiped the egg off their faces, they would see little or no real damage to their revinue stream. Instead, they make a big deal out of it, make a futile attempt to squelch the exposure, and end up with a situation where several orders of magnitude more people download the code, tell their friends about it, and generally make it publicly known that Cyberpatrol and their ilk are ineffective at best, and an affront to American civil liberties -- potentially tanking the revinue stream. How is it that such a big organization can't muster the collective brain cells and foresight to see beyond the tip of their corporate nose?
As a side note, do the authors *want* the code mirrored, or just distributed directly? I'll have to look again, but I didn't see a license in the code. Obviously the code and essay make it clear that it's a protest on principle, but it'd be nice to know the desired propogation.
J
I think not...(*poof*)
The rest of the time I read about Echelon, big company bully tactics, the great firewall of China and censoring Fahrenheit 451 and start to wonder if the paranoid aren't actually a cabal that tries to look ridiculous in order for us "normal" people not to notice that they're the only ones seeing the true situation.
The hideous truth is that we're exactly the sorts of people that censorware advocates are trying to protect the children from - intelligent, progressive, think-for-ourselves - we're a major risk to the estabished order.
I think that web sites against censorware should find a way to detect a censorware product and display a banner, instead of the requested page, indicating that the site does not support censorware and the website can not be viewed if you're using a censorware filter. Then perhaps parents may be forced to (re)consider the product.
Personally, I think they want the logs so that they can add the list of sites involved to those blocked by their software. Then they can say that they're doing it to prevent kids from downloading this "dangerous" piece of "contraband".
I think that web sites against censorware should find a way to detect a censorware product and display a banner, instead of the requested page, indicating that the site does not support censorware and the website can not be viewed if you're using a censorware filter.
This is an excellent suggestion for a partial technical solution to a technical / political problem!
Assuming censorware can be identified by an http daemon, getting a large percentage of web maintainers to "self-block" their content from users of censorware could have a very interestin impact. Imagine an adults ire when they discover an ever growing number of legitimate sites they want to access have refused to deliver their content because of the censorware they installed on their children's behalf. Instead they get a banner berating them for using the product (perhaps with relevant links to anti-censorware sites which they discover to their dismay are censored!). Although it is unrealistic to expect
sites like Yahoo (aptly named, c.f. "yahoos" in Gulliver's Travels) and Google to join in, these big sites rely in no small part on the smaller, personal, and useful sites many of us maintain for our respective comminities. By "freezing out" the censorware users we become not only a large voice against such products, but an evergrowing incentive for people to drop the use of the offending filters.
Alternatively, for those who find cutting off censorware users entirely to be too draconian, one could set up a banner page the censorware user is forced to confront and (at least the first time) read, before continuing to the actual content. Idaelly such a banner page would include links to anti-censorware site and reputable news sites documenting their abuses. After having seen the message once they would of course click through quickly without reading, but that doesn't matter for two reasons: (1) They will have read the message at least once and (2) the message will be reiterated on a subliminal level every time they see such a banner, even if they don't read it explicitly. For the same reason you see Coke and Nike logos plastered everywhere, seeing educational, anti-censorware logos everywhere will have an effect.
Finally, if the censorware products censore a growing number of legitimate sites for displaying such a page and/or logo, this will merely add even fuel to the argument that using such software is much more dangerous to the children one is trying to protect than the so-called harmful material one is trying to protect them against, both by cutting them off from important resources and education materials and because of the distortion its politically/economically motivated censorship has on the public discourse and the ability of its customers to form their own opinions in an informed manner.
In short, I like your idea very much. While not a panacea, it provides the possibility for confronting censorware users with the tradeoff they have made in a very "in-your face" way. The more sites to take this stance, the more they would either be confronted with the cold facts of the choice they have made, or the less usable the net becomes to them because of the software they are using. Either would tend to put people off form continuing its use, which is a net positive for the net as a whole.
If any apache/html gurus out there could toss together a quick 'howto' to accomplish this I would be happy to support it at our site. Alas, I am too buried with work right now to dig into this and impliment it right now myself (call me lazy if you will, though swamped and exhausted would be closer to the truth).
The Future of Human Evolution: Autonomy
Yet again companies are trying to get US law enforced on other soveriegn nations. This parallels the ICraveTV and DeCSS fiascos, not to mention brings up the legality of "click wrap" licenses.
Obviously the US court has no jurisdiction, but will render a verdict anyways. I just have to wonder how US citizens like their tax payer money being spent on operating courts whose judgement has no relevance? This would piss me off to no end if I were american.
-- iCEBaLM
Man's unique agony as a species consists in his perpetual conflict between the desire to stand out and the need to blend in.
72656B636148206C72655020726568746F6E41207473754A
It would be a herculean effort to track down everyone who downloaded it based on IP addresses and times.
Not to mention a GROSS misuse of logs, and a GROSS disregard for privacy.
You'd think they just downloaded crack cocaine or something, you can't just track down people because you think they downloaded something YOU DON'T LIKE.
Your analogy is false. Look at it this way. If I buy a safe, and fill it with secret documents, and then SELL YOU THE SAFE without giving you a key or the combination, how can I logically complain if you break into the safe? Manipulating data that you have legally acquired is not even CLOSE to being the same thing as breaking and entering, as you would have us believe. This is a common argument when these things come up, and it is always false.
"Destroy science and religion. Science would re-emerge exactly the same; but not religion." - Penn Jillette, paraphrased
DCMA is AFIK a USA thing... We can do anything we want in whatever country we live in, provided we don't break the law where we live.
Tell that to the US courts who feel no compunction whatsoever is handing down injunctions against people in other countries for activities which, obviously to any casual observer, do not concern the aforementioned courts in the least (c.f. DeCSS, etoy.com).
Tell that to the US special agents who routinely kidnap people abroad, bringing them over to the United States to stand trial under US laws, often for activities or behavior which was committed outside of the US and therefor outside of US jurisdiction.
Tell that to the US Army, which on more than one occasion has invaded a country for violation of US Law (remember Panama and Noriega?), completely at odds with both international law and international norms.
Tell that to the IMF, the World Bank, and the WTO, who can coerce with extreme economic threats any government (including, ironically, the US) legislation of nearly any kind under the argument that trade is "unfairly restricted" otherwise. Definitions are deliberately vague, changing to fit the political agenda of the moment.
Most of all, tell that to the Politicians whose hubris in ordering such actions threatens to destroy not just the external victims of their intoxication with power, but the US itself.
Not that they'll listen. After all, if they won't even listen to their own people (and from personal experience I can assure you they don't), they certainly won't listen to a bunch of durn' pinko commie bedwettin' ferrener's anyway. Still, the more voices added to the chorus, the more difficulty they'll have in ignoring it, over time.
Much more importantly, tell your governments to start standing up to the US and stop being our lapdogs! After all, if we lose the battle to stop and reverse the hemorrage of civil liberties here, it would be nice to have somewhere to escape to, in order to fight again another day. If your governments continue to behave as an extention of our own, this option won't exist and the downward spiral and attrition of civil rights and liberties may well reach an irreversable point.
The Future of Human Evolution: Autonomy
I was talking with my wife earlier today about issues like DeCSS and DMCA adn she was shocked that she did not know any of this stuff was going on. I said that I did not expect her and other non-geek population at large to be very informed about such a narrow (albeit important) topic. She then said then we get just what we deserve. She suggested htat we email everybody we know and educate them about these topics. Having thought about this for a while I agree with her. We tend to look down on the "ordinary" american and dismiss them but as long as we don't get them involved we are powerless. I suppose it would help if the geek community was a little more political too but we seem all too happy to bury our noses in our monitors and pretend this is all going to get better on it's own.
Step 1. Get organized
Step 2. Recruit your neighbor.
Step 3. Get involved
Or else forget about it.
War is necrophilia.
Comment removed based on user account deletion
Because there's a sizable (if misguided) market for censorware, there are quite a few companies vying for that market all of whom consider their prime asset to be their blocked site list, and if there were a plain text copy of one company's list, it would be very easy for every other censorware company to add every site in that list to their own, this negating the original company's advantage.
Now why a company wouldn't think that a list with 75% false positives (assuming that's typical - it might or might not be) isn't considered a liability is very interesting: They get less shit for a false positive than for a false negative. Virtually all censorware products have ways of overriding both. So imagine the two scenarios:
Because of this, censorware companies feel that the larger list they have, the better, no matter where that list comes from. And therefore they try to protect their list from being stolen by encrypting it. Badly.
So that's why. I know it doesn't make any sense, but that's the rationale.
[TMB]
Look at this opening statement:
A company that makes popular software to block children from pornographic Internet sites filed an unusual lawsuit late Wednesday against two computer experts who developed a method for kids to deduce their parents' password and access those Web sites.
Anyone else notice the disinformation in this? The censorware doesn't just block children, it blocks everyone. They're making it sound like the people who cracked the encryption are promoting children seeing porn instead of promoting the anti-censorship movement. Way to keep neutral, Yahoo.
But then see this:
Microsystems also asked the judge to order the Swedish Internet company where the bypass utility is published to turn over records identifying everyone who visited the Web site or downloaded the program.
Um, why? The only reason I can possibly think of, which is pretty paranoid, is that Microsystems plans on using this as data, to say "hey, look how many people can now see porn whenever they want to, instead of letting us decide what is decent for them!" If you want to get really paranoid, you can say Microsystems wants to track who downloaded it and say "sorry, you've gotta get rid of that program", but I'm not sure how far you can trace IP addresses...
And the common "their encryption sucks, it's their fault" argument is trash. If someone breaks into your house because they could smash down your door, is it your fault that you didn't have steel bars? It's a question of whether or not reverse engineering like this is legal, not a "you suck, get better" situation.
------------
"Okay, who taught the cat how to type ctrl alt delete?"
What has happened here is that someone did an expert(at least compared to the people that did the programming) analysis of a cryptographic aproach. Something that is specifically allowed under US law.
Save your breaking and entering analogies for piracy. This was an act of free speech consumers have a right to know what they are paying for. The list of blocked sites should not be encrypted with anything more powerfull then a simple shift cipher to keep children from looking at the list in a text browser. The person that bought the program has the *RIGHT* to know what sites are being blocked.
This encryption scheme is not a method to stop piracy or digital theft. It has one reason for existance, which is to keep people from knowing what sites and what rules are used to block sites. Reverse engineering is completely legal. Therefor if they don't want to see their precious list fall into the wrong hands they should use a decent encryption algorithm.
Environmentalists are their own worst enemy. ~tricklenews.com
I was cusious and downloaded a tool to decrypt blockfiles from peacefire. I was able to decrypt a 4 mb blocklist which resulted in a >10mb plaintext file full of URLS.
Just for the fun, I tried grep'ping for the most known porn site and they were all there.
Strangely enough, I looked for known URLS of the Ku Kluxx Klan, none showed up.
Yeah! Porn is bad, kids should not know about sex!
Lets inculcate them racism and hate instead.
I just read this, and am enraged at the very thought of this litigation. I am a parent, and thought for a while about using some of this software because my time to surf with my kids is limited. I never did it though because it goes against everything that I believe about parenting. Those that hide things from their kids only ensure that their kids will hear it from somebody else, and that their values are not the same. Why even go there? Any smart parent will deal with the issue and give their kids the support that they need to make smart decisions. The software is nothing more than a cop out.
Given that I would not use this sort of software, I still have to say that parents that do choose this (lazy!) path have a clear right to understand what it is they are getting for their money. How else are they going to know? Type in a bunch of URLs and see if they are blocked? Maybe if they typed in a lot of them they would understand what was being done. Heck if they thought about it for a while, they probably could just deduce the rule sets based on the content of the blocked sites! Would this then be reverse engineering? I hardly see that as being illegal. I think the DMCA only serves to empower the corporations with the ability to keep their customers stupid. The chances of any group of parents doing this is almost none. Who's interest is best represented here? Not mine!
This decryption is a service to me and reinforces my decision not to use this type of software. There are many ways around this sort of thing anyway. Some of the easier ones that I can think of are easily within the abilities of smart children that I know. Information like this flies through the kid network faster than you think. If one of them really wants to know, I don't think that this sort of software will stop them for long. Just one kid wanting to be popular or cool with a printer could print the content, and the methods of getting it and show it off at school. Give that a few weeks and pretty soon almost all of them who want to see will. Simple. The only ones that can have an effect on this are the parents.
We deserve the right of full-disclosure on any technology that can have this much impact on our lives. How will this happen if it can't be verified. Trust our goverment to handle it? Not bloody likely.
Who can we write to? I am beginning to realize that this is going to be a long battle. Fight it or become just another dumb computer USER.Blogging because I can...
If Mattel is so keen on keeping children ignorant about their sexual destiny, why does their famous doll scale up to have a Vegas showgirl's legs and doubly implanted breasts? And a wardrobe to show it.
That's the drill, Mattel! Teach little girls to want to grow up to be sex objects, but make sure they don't know what the "sex" part is about until they do grow up.
--
Sheesh, evil *and* a jerk. -- Jade
If your child is bright enough to find the crack to cyber patrol on the web, download/run it, and beat your pathetic attempt at stopping that child from seeing whats really out there then you have little to worry about. You kid is smart, able to think for themself, aware of political censorship (you) and somewhat rebellious. All are admirable qualities!!
Congratulate your child for seeing through your silly attempt, and having graduated to the level of being able to view the real world for themselves.
Your kid will trust you so much more when you trust them. (vice versa works too)
no sig.