Slashdot Mirror
AIMster Uses Pig Latin Encryption to Defeat RIAA
wiggles writes "On Sunday night, Napster started filtering out copyrighted song names from its system. People have been proposing alternate ways of naming their music files so as to defeat such filtering, but no workable solution has emerged... until now! AIMster is offering a Pig Latin encoder that will encrypt your mp3 titles. They state that, under the DMCA, it would be illegal for the RIAA to reverse engineer their encoding scheme and try and filter the encrypted filenames from Napster. Beating the RIAA over the head with the DMCA is fun!"
That has no bearing on what I said. I *know* that's what they mean. And in this case, that's not what aimster does.
This in no way appears to protect a copyright holders rights.
Yeah, they should have used a strong encryption algorythm.
Like EBCDIC.
Seriously, though, you could argue that the *list* of songs itself is a copyrightable work (recent stupid copyright changes make databases of public facts copyrightable), and thus DMCA applies. QED.
Unfortunately, lawyers are allowed to use sense, instead of just logic, unlike computers. This is why hackers get into so much legal trouble - it's *almost* logical, but not quite.
>rot13(rot13(plaintext)) == plaintext
No shit? You`re smart!
If you haven't checked it out, www.opensecrets.org is a great reference for these things. For the 1999-2000 election cycle, RIAA contributed $46,888 to the Republicrats. The breakdown is 51% to the Republican half, and 49% to the Democratic half.
OpenSecrets groups 24 entertainment PACs under the heading TV/Movies/Music. I don't know that all of these companies / PAC's are DMCA fans, but some of them certainly are (MPAA, ASCAP, Sony, Disney, MGM, and Time Warner for sure are fans.) The group as a whole gave $3,288,367 to the Republicrats (split D's 43% R's 57%).
If you ever had any doubts that most political contributions are for the exclusive purpose of buying influence with both parties (AKA bribery) as opposed to offering support to the one party that they actually want to win, here is proof. Some of the companies actually give money to only one party. This accounts for a whopping $55,000 out of the $3 million given. The rest of the money was contributed by companies and PAC's who are giving significant sums to both parties. The most even split in the Movie/TV/Music category is Disney. R's:$141,071 D's:$140,500. Disgusting.
Please don't take the Garth Brooks approach that "used CDs = piracy."
Oh, I'm not. I'm trying to illustrate the RIAA mentality that seems to suggest that a CD is actually just a nontransferable single-site license for one person to listen to nine songs, all other uses prohibited.
~ radiographite: art by john shepard
Remember, there are songs on Napster not owned by any of the companies RIAA represents. While what you say is true, RIAA is put into a legal Catch-22... they can't download an arbitrary file encrypted in this manner, no matter how provocative the title, unless they are certain in advance that it's a copyright violation, because if they download something that isn't theirs, then they will be themselves in violation.
True, the protection may not extend to the illegal files, but nobody can be sure they're illegal until they are downloaded, which could itself be illegal. Oops. They will get some 'legal' files if they're not careful (for example, parody files).
For the purposes of the DMCA I don't know that it matters WHAT kind of protection mechanism is in place, only that you can't circumvent it.
A new music format could be double-rot13'ed (that is, plaintext) and if the RIAA sticks a label on it that says "This product is copy protected" then you could be sued if you reverse engineer the player software and discover that it's doing nothing, or even so much as attempt to play the format in a non-sanctioned player.
Well, IANAL anyway...
~ radiographite: art by john shepard
The problem with 'pig latin' and the DMCA is that there is not copyrighted material to protect.
Then solution is to create a plugin that creates an encrypted header (rot13, rsa, enigma whatever) that contains copyrighted information as well as the song name. The header should look like this:
Metallica.MP3 (Aimster Business Plan: Use DMCA to bludgen RIAA as much as possible. Copyright 2001 Aimster Inc.)
Then, decypting the 'copyrighted' portion of the message creates the infringment. Then Aimster sues the RIAA. Even searching for RIAA material will create hundreds of violations. Unfortunatly the larger header will consume a bit of bandwidth :)
âoeWho knew something as harmless as willful ignorance could end up having real consequences?â
I concur. A quick search for Metallica, which *should* be the most heavily filtered name on the service, returned the maximum 100 matches. Most were songs. I did see a few pig latin variations... A few were non-metallica songs in metallica folders.
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
And effective kind of protection mechanism.
The DMCA exists to add legal "effectiveness" to just about ANY protection mechanism. That's my point: they just have to put legal threats behind it and if it looks like the threats might deter people, the protection mechanism is effective.
At least that's how it's been used so far.
~ radiographite: art by john shepard
As one possible alternative, I'd like to point to the etree project. Their goal is to create a collection of high-quality recordings of various concerts from artists that permit such recordings.
One could argue that it's not quite the same as mp3's (it's nice that it's higher quality, but it's a bit more unwieldy), but it does provide an alternative, particularly one that should be free of an legal problems.
How about just open secrets?
The RIAA's 98 lobbying moneys
2000 donations by TV/movies/music combined. -- over 100% increase since the 96 presedential election. The entertainment industry is ranked 8 in amount contributed to elections across ALL industries.
Time Warner, Seagram and Sons, and Disney leading the pack.
You can also look up individual investors. Jack Valenti (MPAA) knows which side of the bread to butter--ALL of them, donating equally to Gore, Bush, and McCain. His congressional donations are...interesting.
Hilary Rosen actually has a decent donation list. She gave Hatch 1000, but then took it back (apparently) and donated a decent chuck to a pro-choice group.
Returned Peace Corps IT Volunteer
reverse-engineering an effective copy-control mechanism is illegal
I'm tired of seeing this on Slashdot (and elsewhere).
The DMCA uses the word "effectively" in this way: "... such that the method effectively controls access to the work" (paraphrasing). However, this does not mean that the method needs to be crack-proof, unhackable, or even all that great. "Effectively" is not being used in the sense of, "is good at what it does."
It is used in the sense of, "has the effect of." Go re-read the law again, only this time everywhere you see "effectively" replace it with "has the effect of".
"... such that the method has the effect of controlling access to a copyrighted work." is the interpretation that the courts use when they read the law, not "... such that the method is good at controlling access to a copyrighted work." That's why all this nonsense talk about 40-bit CSS encryption being a poor choice misses the point - it's not that the encryption is weak, it's that the encryption is there period.
--
I don't think people will do that because,
a) they don't know such music exists,
b) they wouldn't know where to find it if they did,
c) the genereal populace doesn't like music that they haven't been told they like by extensive marketing campaigns.
Which isn't to say I wouldn't love for this to happen.
-----
"People who bite the hand that feeds them usually lick the boot that kicks them"
Higher Logics: where programming meets science.
DMCA states that you are not allowed to circumvent access control "without authorization." It doesn't explicitly say whose authorization is needed, but the implication is that it is the copyright holder's.
Thus, if you piglatin-encode "Trapped Under Ice," then Metallica or someone who represents them (e.g. RIAA) is prefectly within their rights to decode the song. If they do, and then listen to the song and it reveals that you violated their copyright, then they can come after you and their evidence was legally obtained.
If they decode a file and listen to it and discover that it is not a copyright violation, then they aren't going to say anything. No one will ever know that they decoded it, and no one will ever be able to prove that they broke the law.
Thus, this scheme accomplishes nothing. Well, it accomplishes one thing: it reveals something about the mentality of the Aimster guys.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
The idea is that the filenames are a copyright of the user & thus attempts to decrypt the filename fall under that clause
If you are sharing your files via napster, you could hardly claim that it was invasive for someone to look at the shared file names.
And no, a file name would not have a copyright -- only creative works are entitled to copyright, so a purely functional title such as "artist - track.mp3" is not going to be protected in any way. Even in pig latin or french or any other language...
---------------------------------------------
Recursive: Adj. See Recursive.
...except, of course, right in the Slashdot headline. So technically, /. is in violation of the DMCA by publishing the algorithim. Heathens.
-----
"You owe me a case of beer. Sucka'."
Doesn't have to be a copy protection scheme. The
DMCA says it's illegal to circumvent an access control scheme.
--
Every bloody emperor has his hand up history's skirt [Peter Hammill/VdGG]
I don't think many will argue that the DMCA is a flawed and very unfair piece of legislation, and that for many different reasons it should be repealed / struck down. I also think that most would agree that the goal ( of the online community, at least ) in mind is to be able to share / trade information freely, without being monitored / jailed / oppressed / etc. So why are we considering trying to live within the tiny confines of a flawed system, when we should be trying to defeat the system itself? Live with the DMCA so that we can use it's relatively insignificant protections? I say, to hell with the DMCA, to hell with hundreds of years of copyright protection, to hell with intellectual property feudalism. Lets try and get down to the real root issues that people don't like, and solve the problem from the ground up. Trying to cobble together a compromise on top of a hundred years of irrelavant law may be impossible.
I'm sure I'll regret posting something that sounds like a defense of the RIAA, but the DMCA states that it is illegal to attempt to circumvent a copyright protecion mechanism. Inasmuch as Aimster's Pig Latin Encoder does not protect copyright, but just mangles filenames, it's not a copyright protection scheme. Thus, it is perfectly legal for the RIAA to begin using the encoder to request both the regular and pig-latinized versions of songs be removed from Napster.
Then by the exact same argument CSS is NOT a copyright protection mechnism. CSS just mangles the contents of the files through encryption, it doesn't hinder the direct bit-for-bit copy of the files in any way.
I see a move/counter move battle similar to the ones between the sattelite TV industry and the sattelite TV pirates coming.
Napster filters certain copyrighted info, people cipher their filenames to get around the filter. Napster updates their filtering methods to compensate for the cipher, people develop new ciphers, napster compensates again, people develop new ciphers.....
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
Simply breaking any old encryption is not, nor is it a copyright issue.
This is what has constantly amused me as I've seen the string of stories on Slashdot proclaiming how enterprising hackers plan to turn the DMCA on itself. The DMCA does not ban reverse engineering or breaking of encryption per se. I've read the DMCA and it specifically targets circumvention of copyright protection systems. Unless AIMSter users are encrypting music to which they own the copyright then they're so called claims of reversing the DMCA are so much piss in the wind. The DMCA would simply be a license to pirate/steal/share digital works and protect yourself by encrypting them if that was the case. The RIAA, MPAA and congressmen who drafted the DMCA are not that stupid.
Bottom Line: If you are not encrypting work to which you own the copyright then the DMCA does not apply to you.
A single "artist - track.mp3" entry can not be copyrightable under current law. A COLLECTON of these entries (probably) would be - the courts have held that a database (list) of publicly available facts is copyrightable, at least under certian circumstances.
Why is it that the proponents of "one nation under God" are so eager to get rid of "liberty and justice for all"?
Since this is just a simple transformation and no key is required to undo it, it is not encryption, and thus probably not covered by the DMCA.
--
"Where, where is the town? Now, it's nothing but flowers!"
that's absolutely correct -- so if your file and directory structure (which would legitimately be considered valuable information) is encrypted, the RIAA couldn't republish that information. But that's hardly what they're doing, they're searching for file names/ID3 tags that are publically accessable and marking down folks who have a given match...
---------------------------------------------
Recursive: Adj. See Recursive.
Isthay isay absolutelyay illarioushay! Onglay ivelay Apsternay!
Uh, it's not Napster that's "using pig latin," it's cohort of Napster's users.
.. let's take this legislative joke to its logical extremes and demonstrate to the public just how ridiculous it is.
Right, but that distinction is insignificant to the RIAA and to the courts (who, quite frankly, have not demonstrated a particularly vast amount of technical knowledge.) The bottom line is that Hillary Rosen and her legal army can go to the courts and say "Napster promised to filter out copyrighted material, and they're still trading copyrighted material. The only thing remaining that you can do to fix this situation is shut them down."
This would be a Bad Thing (TM) simply because of the size of the Napster community. As you point out, there are always other options such as OpenNap, but you are not going to get the depth and breadth of choice on an OpenNap server as you get on the "real" Napster, simply because there are fewer users. Now, if you're looking for the latest Eminem track, chances are you can connect to any random OpenNap server and be in luck. But if you're looking for a specific song from a specific live performance of a certain band, get ready to spend some time browsing OpenNap servers.
Napster is great because there is a ton of "alternative" material available on it. It would be a shame to see this resource die simply because a few of us had to "push our luck" with the RIAA. Again, I do believe if that there was ever a corporate entity that needed to be a taught a lesson, the RIAA is it. But we need to face reality here, and the reality is that the RIAA has got (bought) the ear of the courts and is currently in the position to shut Napster down with a single flick of Hillary Rosen's gnarled, twisted little finger.
Keeping Napster running does not mean that the protocol cannot be worked on, improved, and deployed in other capacities. I agree with you about the DCMA, though
We're going down, in a spiral to the ground
I hear the military are using ROT52. Apparently the NSA put a backdoor in ROT26 to facilitate key recovery. Go figure...
What does it mean to "Encode" the file names? The Aimster Pig Encoder encodes the file names by simply changing the words in the file name very slightly. For example, "Music" becomes "usicM", "Hello" becomes "elloH", and you can guess what becomes "uckF ouY, ouY pyS astardsB".
Is it considered reverse engineering a scheme if said scheme is advertised (ok not advertised but spelled out) on their web page?
RIAA: "We didn't reverse engineer anything, you told us how to do it."
"Me Ted"
BOSTON SUCKS!
There are much better ways to do this.
Just publish some content (that you own the copyright to), using a access-control scheme that is compatable with their own. (For example, publish a CSS-protected DVD.) Then sue manufacturers for making equipment that is capable of playing your copyrighted work.
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
If you moved the first syllable, luck would become ayluck (because it only has one syllable). You move everything before the first vowel sound to the end, and append 'ay'.
That one doesn't even go to 2.
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
Expanding a vast wasteland since 1996.
No, we all understand perfectly that research has demonstrated quadruple ROT13 is no more effective than double ROT13, which is why double ROT13 is in such widespread use.
Boss of nothin. Big deal.
Son, go get daddy's hard plastic eyes.
Expanding a vast wasteland since 1996.
Purely functional works are not protected?
That's not what I (or the courts) said. Only creative works are eligible for copyright, functionality has nothing to do with it. Its completely possible for a work to be both creative and functional, and generally creativity is a VERY low bar to clear. But purely factual information ("this song is by britney spears. This song is 'oops, i did it again', this song is 3:00 long", etc) is not creative in any way, and limiting the ability of people to republish those facts would be VERY counter-productive of copyright law.
Particular arrangements of facts (dictionaries, encyclopedias, phone books, etc) are creative in that the arrangement of the collective work itself is an act of creation, even though the constituent facts are not creative. So you can republish all the phone numbers you like, but you can't list them exactly the same way as the phone company does in their phone book.
As to the file list/ directory structure, it would be an interesting question where the threshold is. Since you are sharing the information to anyone with Napster (there is no discrimination as far as I know for RIAA Napster accounts) you could hardly claim it was a violation of your rights for them to view your files (especially since they have no way of NOT viewing them when they search -- Napster decides which search results to return to a client).
If you encrypted your drive structure, and left the encrypted text file containing that info on a public drive, and the RIAA brute-forced it open to find out you have MP3 files, they would be violating the DMCA. But "encrypting" the individual files with pig latin and publishing the individual file names on Napster makes it a much harder argument to make.
If you had all your MP3 files saved as a tar file named "myfiles.tar.mp3" and the tar file was encrypted, I doubt they would be able to legally assault the tar file to determine its contents. If your had an UNencrypted tar file named "myfiles.tar.mp3" and they just decompressed it (which is similar to what is being done with piglatin -- a very common code is being used) you wouldn't have a leg to stand on (anti-circumvention-wise).
---------------------------------------------
Recursive: Adj. See Recursive.
I compiled the list, so I hold the copyright. I am, therefore, entitled to control access to the list according to any criteria I see fit.
You're making a pretty clear decision by making it available to anyone on Napster. AFAIK, Napster does allow you to block users but beyond that has no provisions for negotiating licensing arrangements in return for access privleges. The act of sharing a directory is not passive, you have given Napster (also by their user agreement) and by extension others on the Napster network the ability to peruse your file list.
And Napster does not return your complete file list (when searching) -- only those entries that match a user search. And individual file results would not be covered under copyright regardless of your licensing statements (or else it would be illegal for me to look up a phone number in the book and tell it to you!)
---------------------------------------------
Recursive: Adj. See Recursive.
Right here.
I'd paste it, but there's this lameness filter thing.
And yes, it will compile and run on any system.
--Shoeboy
Theres so much evil in the world its easy to get some of it confused with the other :)
Free Techno/Jazz/DNB/MI Music by guys obsessed with monkeys!
Under DMCA, reverse-engineering an effective copy-control mechanism is illegal. This is what the RIAA claims that DECSS does.
Simply breaking any old encryption is not, nor is it a copyright issue.
If that encryption is used for copy control.. then it is. This is not.
If they can't find all such services, the media companies can consolidate and buy ISPs until they can just shut down any server they don't like (in progress).
Can you say AOL-Time Warner?
---
Check in...OK! Check out...OK!
I pledge allegiance to the flag...
of the Corporate States of America...
Clearly Napster is being cracked down on by the RIAA. It was just the next weekend that they were sending out cease-and-desist orders to all "Napster-like services" and hosting ISPs (as reported here on Slashdot) -- including every one of the open products that you reference.
If they can't find all such services, the media companies can consolidate and buy ISPs until they can just shut down any server they don't like (in progress). If that doesn't work, they can convince CD and hard drive manufacturers to include built-in copy-protection (in progress). If the servers are offshore, they can have lawyers and diplomats "educate" those ISPs about how much bandwidth they're "losing" (in progress). If push comes to shove they certainly will receive search warrants, break down doors, and make high-profile arrests, hardware confiscations, and heavy fines (also in progress, esp. at certain university dormitories).
I have a huge fear that our decade-or-so Internet Nirvana will soon look like the 60's, in which a bunch of idealistic college students were absolutely convinced that the government couldn't stop a revolution based on the people's power, and look foolish for it in retrospect.
We know where leadership by an anti-intellectual "strongman" who scapegoats minorities and likes boisterous rallies goes
I'm sure I'll regret posting something that sounds like a defense of the RIAA, but the DMCA states that it is illegal to attempt to circumvent a copyright protecion mechanism. Inasmuch as Aimster's Pig Latin Encoder does not protect copyright, but just mangles filenames, it's not a copyright protection scheme. Thus, it is perfectly legal for the RIAA to begin using the encoder to request both the regular and pig-latinized versions of songs be removed from Napster.
The RIAA is pissing off a huge portion of their fan base. They can see the impact on their bottom line when sales decrease after napster is gone.
What are you talking about? the RIAA doesn't have a fan base. Joe Sixpacks doesn't know who or what the RIAA is. He buys music (or downloads it off napster) and never sees "RIAA" anywhere at all.
Hell, most people I know think that they download their mp3's off of a website called napster.com. Also, I sincerely doubt many Jow Sixpack's got high speed access for Napster. A Jow Sixpack I know got cable because he wanted his games to run faster... when I asked him if he wanted to play online sometime he didn't even know you could do that.
And more importantly, when people start flocking to independent music that doesn't pull these kinds of shenanigans, sells music for reasonable prices, and generally doesn't treat the music-buying public as the enemy.
I don't see the hordes of teenyboppers that are the RIAA's favorite markey moving toward independent music any time soon. Or 95% of the rest of the music buying population.
Bill
Your trying to find a band but can't figure out how to spell it in pig latin?
Like, Oingo Boingo? This is just gonna be another cause of baldness.
Everyone pullin their hair out because they can`t figure out how to spell stuff in pig latin.
Thats what you get when you teach pigs how to speak!
No pleasure, no rapture, no exquisite sin greater.
And, I have to add, the 'CSS' isn't either of these protections. One of them is a hardware setup where a program has to unlock it before doing certain things (which doesn't even involve the content, just the keys), and one of them is just selling disabled media. CSS is the actual content scrambling system that the keys decode. CSS is not involved in the lack of key copying ability.
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
This is funny - it had me laughing out loud - but I do have a few concerns about using legislation of which we don't approve in order to beat the nasty people round the head. Would Aimster react positively or negatively to someone producing an Open Source reverse-engineered piece of sofware for doing this? What if the RIAA did it themselves? Is this substantively different to DeCSS?
So, it's funny, and it's parodying the whole mess, but let's be careful, now. Do we see ESR writing closed source code to get back at M$? No, we don't...
Seriously.
.. remember that bands like Phish and the Dead encourage their fans to tape their live performances and swap them with other fans. This is exactly the type of application that Napster was built for.
This is just going to be more ammo for the RIAA. When Napster says to the court, "We're filtering out all copyrighted songs," the RIAA can just come back and say "No they're not; they're using Pig Latin now." This will likely result in Napster being shut down entirely, regardless of the promises that David Boies and the rest of the team make. The RIAA has always taken the position that Napster users will do whatever is necessary to trade music "illegally." They will claim that this just demonstrates their point.
This would be shameful since there really is a lot of music legally traded on Napster. And not just the indie stuff, either
Now, I'm not siding with the RIAA here. They're a bunch of greedy bastards with little to no interest in the artists they claim to represent. But they're also a bunch of greedy bastards with a vast legal team and a bunch of sympathetic courts. The way things are right now, Napster can at least be salvaged for those of us who use it to trade "legal" material. So let's not goad the RIAA any more than we need to.
We're going down, in a spiral to the ground
A nice idea, but you really dont want to add to the already large file size. The solution? ROT13 the last 256 bytes of the MP3 (ID3v1 tag) and then XOR the MPEG header by the MP3 filename minus its given extension.
You are hereby controlling access to the MP3's contents, and copyrighting its ID3 text value (over 200 characters). This will hold up under the DMCA, and simple ROT13/XOR will not add to the file size. (XOR probably isnt a good idea, but any rotating cipher would work just as well)
---
Video meliora proboque deteriora sequor - Ovidius
If somebody had told me 4 years ago that any of this stuff would happen (the DeCSS t-shirts, legally protected pig latin "encryption", etc...) i would have laughed out loud. I saw this story today, and i thought "okay, this seems logical" but then upon taking a step back, holy shit the computer culture has gotten even sillier than it was before...
---
Play Six Pack Man. I
If, for some reason the RIAA was violating the DMCA, how long do you think it would be before the same lawmakers who wrote the damn thing in the first place fixed the bug in the law to make AIMster the bad guys?
And, just curious, but totally unrelated, of course, but how much has the RIAA and its members given to the Republican party in the past year?
How 'bout the Democrats?
hmmmm?
Reality has a liberal bias
No way. While cat and echo are both pretty much functionally equivalent cryptography suites, I'd have to say that echo's user interface is far superior.
When I'm inputting a lengthy chunk of ciphertext into echo's decryption engine, I rely heavily on its advanced editing capabilities. If I discover a typo at the beginning of my inputted ciphertext, for instance, I can hit control-A, and echo jumps me back to the beginning of the line, where I'm just a few characters away from my error. If I try that in cat, I get:
What the hell is that? I'm sure the mathematicians and programmers who wrote cat were smart people, but why couldn't they spend a little extra time incorporating echo-style advanced editing capabilities?
And while we're on the topic of cat's user interface, what's up with it not exiting? After I decrypt something in echo, it drops me back to my command prompt, where I can quickly email the decrypted message to my cohorts. Cat, on the other hand, makes you do some control-C or control-D mumbo jumbo for no apparent reason.
To each his own, whatever floats your boat, yada yada, but I prefer echo's user friendliness. Comparing echo to cat is like comparing Microsoft Windows to Microsoft DOS.
`(A) to `circumvent a technological measure' means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner; and
The problem, obviously, is that the encryption is not desgiend to protect a copyright holder, sadly enough.
I'm the best IRC client ever.
If the people are giving the tool away for free, then the RIAA dosn't even need to reverse enginer it, they just have to download it.
Rate me on Picture-rate.com
"and dear god does this website suck now." -- CmdrTaco
The only way they could prevent this is by shutting down the internet itself or by banning general-purpose computers. Corporations might have a lot of influence, but even they aren't going to do that. They *will* fail evenutally, it's just a matter of time.
Or maybe we use H4X0R 5P33K to encode the filenames.
Metallica would become M374111C4
Greatest Hits would become 6R347357 H175
RIAA would become 14M3R2
and so on.
One could get the number of possible ASCII characters down to 64, thus making a basic compression algorithm possible. Then, to decode the data, those obscure compressions can be run through a program using an algorithm that converts them into plausible words. This algorithm could even be patented to screw up the legal system further for the RIAA.
The more we abuse the system, the more likely the flaws will be exposed.
--
The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke
Real pig latin moves the first syllable to the end and appends 'ay'.
Tried looking up a FAQ or some other 'formal' definition but no ucklay.
---
It's all pretty funny and pokes fun at silly laws, but seriously, do we want it known how easy it is to get past filters (so that they find a better way to control copyrighted music)?
Yes we do, for the simple reason that they will fail miserably, and so the sooner this happens the sooner we can all get on with our lives.
They are never going to find a way to prevent the distribution of copyrighted music. All they can do is spend billions of dollars harrassing those who do. Unless they're willing to throw every Napster user in jail (which would be an enourmous PR disaster) they're simply not going to be able to stop it. So the sooner we demonstrate that, the sooner they'll leave us alone.
well, i found one: try beatles yesterday. i guess they're doing it by title only and not artist, a bunch of other beatles stuff does come up.
The "key" is knowing how to arrange the letters. If you use ROT13, the key is 13. If you XOR everything by 42 the key is 42.
As silly as it is, I think the logic is valid. I personally prefer double or even quadruple ROT13 for maximum safety, but this is an interesting application of the "logic" used to create the DMCA.
There's no doubt that as more and more legislation is passed, we'll see more and more examples of ludicrous conslusions drawn from the tortured reasoning behind the legislation. Face it, our generally techno-illiterate legislatures know what they want to do, but they don't know how. Preventing people from ripping off the record companies is a reasonable goal (not that they have made any effort to keep the record companies from ripping off the consumers, but that's a slightly different issue). However, any legislation that is going to work, has to crafted by people who not only understand intimately the capabilities of the state-of-the-art, but have enough insight to predict what things might be like 10, 20 or more years down the road. The current legislation smacks of 19th century law (which isn't bad in itself) and seems to completely fail to understand 21st century technology (which is disasterous).
You are in a maze of twisty little passages, all alike.
the whole p2p and file sharing industry should cooperate and try to develop a file sharing system that will NOT be countered by any government or institution or at least be stopped.
after the napster controversy, there are numerous programs out there spawning in the hope of gaining market share from napster. better features are included in their program that is deemed to be 'unstoppable'.
i just suggest that all of those product makers like freenet, aimster, etc. create a universal program with plug-ins for each other.
it is nice to encrypt the data while having a p2p transfer system. you can also have index servers located worldwide that can be donated by people. you can also use the power of search engines to look for the files that you want thereby making the system rather difficult to shut down.
for the music and movie industry, i think that the concept of pay per view or pay per hear is also good. like a person can donate a $0.01 TO THE ARTIST each time the song/movie is played. in the long run, the artists are happy and you are happy. at least you can get the most updated songs all the time.
ha. RIAA may have won the first round. but let's wait and they will not be able to stop everybody from sharing files.
this concept is not just for the music sharing service. this can be good to share files like newest software versions without having to create a download site. this will reduce costs for companies and improve the overall speed of the net.
i hope that even though the unfortunate event of napster happened, the internet will not be and SHOULD NOT BE controlled.
johnlaw
Live your life each day as if it was your last.
Owhay areway ouyay entlemengay? Allway ouryay mpay3 areway elongbay otay usway!
;).
PS I'll give props to the first person to write an on-topic haiku in piglatin
Alex Bischoff
---
Alex Bischoff
HTML/CSS coder for hire
Right - I've just looked at all the discussion on /., and I'm going to post another comment, and it's a congratulation. Well done, Aimster.
/. is _right_ in the middle of their target audience) to see new things isn't always easy, so - time to generate some free publicity. And it's worked. People are debating the rights and wrongs of their (pretty specious, I suspect) argument, they're getting thousands of hits from /., and lots of links from the news agencies, probably.
We all know that this isn't really going to make anyone safer, or stop the RIAA doing anything. In fact, I doubt that Aimster really care how much they upset the RIAA, or if the RIAA care themselves. My suspicion is that it's a publicity play. Getting your users (and
Which is what they wanted. Nice work - you've got your users covered, you've made RIAA spend some money on _really_ checking with their lawyers, just in case, and you've raised your profile outside your user network, too. I rather like it!
Are you insane?
Sure encryption with ROT13 is fast, but decryption is a bitch.
Go ahead if you've got a quad xeon box, but on anything else, forget about it.
While encryption is an linear, decryption is an N^2 operation. Even with a processor capable of performing 10^12 operations/second you'd requre months to decrypt a gigabyte of text.
Admittedly, there's some academic research that indicates an N lg N solution for ROT13 decryption is possible, but nobody has built a working prototype.
And don't even get me started on the amount of CPU time a ROT26 algorithm requires. It's been proven to be an NP complete problem. Can you say "computationally unfeasable"?
I knew you could.
--Shoeboy
They've taken aim square at their foot, and pulled the trigger. Let's see what happens as they shut napster, opennap clones, and other servers down, and piss off not just us geeks who will grumblingly return to FTP servers and ratios or guntella/freenet/mojonation/etc., but the millions of Joe Sixpacks who got highspeed access just for napster.
The RIAA is pissing off a huge portion of their fan base. They can see the impact on their bottom line when sales decrease after napster is gone.
Returned Peace Corps IT Volunteer
The problem is that pig latin is a natural language and therefore might not qualify as an encryption scheme. In fact, copyright holders are entitled to the sole right to translate their work. Hence, the RIAA could claim that the songs on AIMster are their song titles, translated into "pig latin" and demand that the pig latin translations of their song titles be blocked.
It would be funny to have the RIAA submit a list of songs to be blocked, in pig latin, though!
Lenny
ByteMyCode.com: A Web 2.0 code sharing community.
o-wor-n-wor-e-wordip
Rich
If Aimster is trying to go on a "My filenames are copyrighted" argument, then this entire exercise was even more futile then anyone imagined. (Or, alternatively, solely a press stunt.)
Furthermore, you might be surprised what a "circumvention device" is. It's not clearly defined. Simply typing it "by hand" into the computer on the tech's desk could make that computer a circumvention device. It's very, very vague.
Even with this solution, the RIAA still prevails. Their goal was to reduce the amount of illegal trading of music. They are well aware that there will still be a mere 1% or so that can find alternate solutions. But this is an insignificant impact. The few techie geeks (no insult implied here as I fall into this category as well) that go out of the way to get these files are having to resort back to the old days of trading (almost) newsgroups, irc, ratio ftp sites, etc. Or in this case multiple pieces of software that becomes time consuming to get what you want.
Screw you, I just did.
Besides, you didn't invent that cipher: my computer came with a decryption utility for it. I don't remember exactly what it's called... I'll have to skim through some man pages. I think it's like "echo" or something. Maybe some of the crypto-heads on /. can reply with the exact name. It's GPL'd, too, if I remember correctly.
Is this a good thing?
Of course the point of this whole mess is to force the RIAA, MPAA, etc... into fighting the DMCA in court. Ironic yes, but I wonder if we're not actually starting to use the protections offered by the act they way they should be used.
Since Napster is no longer a suitable example, I'll refer to Gnutella. With a fairly simple layer of 'copy control' encryption layered on top of the file transfer protocol, it becomes illegal for the RIAA to try to stop users from trading files. It forces them to fight the DMCA, which they lobbied for, but at the same time, it protects individual's rights to do as they will with the stuff they have bought. I want to share all my Eminem CD's, which is legal under 'fair use' but will get me whipped with a garden-hose if the RIAA has their way? This scheme allows me to do so and makes it a crime for RIAA to try to figure out that I'm doing it.
Perhaps we should take this seriously, not to get rid of the DMCA, but to exploit the hell out of all the protections it offers to those who know how to use and abuse them while we still have the chance.
Aimster claims to do this with some pretty good encryption, but alas, it is entirely dependant on AIM, which, frankly, sucks donkey balls. I'd much rather see the OpenNap or Gnutella guys develop something similiar.
C'mon, Aimster. Let's see a non-AOL dependant version of your software!
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
Weakness of the system is not relevant under the DMCA. CSS could have been XOR 255 and DeCSS would be just as illegal. Judge Kaplan didn't say anything about CSS meeting any standard of being difficult to break as a part of why he convicted the defendants.
Just because it CAN be done, doesn't mean it should!
All napster did was put the filter on the AUTHOR field, not the TITLE field. So you can still download all the metallica you want, without downloading any Etallicamay.
Someone ever tries to kill you, you try to kill them right back!
This particular approach is bogus, since as others have pointed out, the DMCA is not about methods of encryption but about methods of copy control.
This does raise an interesting question. How can we consumers use methods of copy control to prevent excessive and DMCA-illegal snooping by the new corporate thought police?
--LP