Slashdot Mirror
AIMster Uses Pig Latin Encryption to Defeat RIAA
wiggles writes "On Sunday night, Napster started filtering out copyrighted song names from its system. People have been proposing alternate ways of naming their music files so as to defeat such filtering, but no workable solution has emerged... until now! AIMster is offering a Pig Latin encoder that will encrypt your mp3 titles. They state that, under the DMCA, it would be illegal for the RIAA to reverse engineer their encoding scheme and try and filter the encrypted filenames from Napster. Beating the RIAA over the head with the DMCA is fun!"
For the purposes of the DMCA I don't know that it matters WHAT kind of protection mechanism is in place, only that you can't circumvent it.
A new music format could be double-rot13'ed (that is, plaintext) and if the RIAA sticks a label on it that says "This product is copy protected" then you could be sued if you reverse engineer the player software and discover that it's doing nothing, or even so much as attempt to play the format in a non-sanctioned player.
Well, IANAL anyway...
~ radiographite: art by john shepard
The problem with 'pig latin' and the DMCA is that there is not copyrighted material to protect.
Then solution is to create a plugin that creates an encrypted header (rot13, rsa, enigma whatever) that contains copyrighted information as well as the song name. The header should look like this:
Metallica.MP3 (Aimster Business Plan: Use DMCA to bludgen RIAA as much as possible. Copyright 2001 Aimster Inc.)
Then, decypting the 'copyrighted' portion of the message creates the infringment. Then Aimster sues the RIAA. Even searching for RIAA material will create hundreds of violations. Unfortunatly the larger header will consume a bit of bandwidth :)
âoeWho knew something as harmless as willful ignorance could end up having real consequences?â
How about just open secrets?
The RIAA's 98 lobbying moneys
2000 donations by TV/movies/music combined. -- over 100% increase since the 96 presedential election. The entertainment industry is ranked 8 in amount contributed to elections across ALL industries.
Time Warner, Seagram and Sons, and Disney leading the pack.
You can also look up individual investors. Jack Valenti (MPAA) knows which side of the bread to butter--ALL of them, donating equally to Gore, Bush, and McCain. His congressional donations are...interesting.
Hilary Rosen actually has a decent donation list. She gave Hatch 1000, but then took it back (apparently) and donated a decent chuck to a pro-choice group.
Returned Peace Corps IT Volunteer
I'm sure I'll regret posting something that sounds like a defense of the RIAA, but the DMCA states that it is illegal to attempt to circumvent a copyright protecion mechanism. Inasmuch as Aimster's Pig Latin Encoder does not protect copyright, but just mangles filenames, it's not a copyright protection scheme. Thus, it is perfectly legal for the RIAA to begin using the encoder to request both the regular and pig-latinized versions of songs be removed from Napster.
Then by the exact same argument CSS is NOT a copyright protection mechnism. CSS just mangles the contents of the files through encryption, it doesn't hinder the direct bit-for-bit copy of the files in any way.
Simply breaking any old encryption is not, nor is it a copyright issue.
This is what has constantly amused me as I've seen the string of stories on Slashdot proclaiming how enterprising hackers plan to turn the DMCA on itself. The DMCA does not ban reverse engineering or breaking of encryption per se. I've read the DMCA and it specifically targets circumvention of copyright protection systems. Unless AIMSter users are encrypting music to which they own the copyright then they're so called claims of reversing the DMCA are so much piss in the wind. The DMCA would simply be a license to pirate/steal/share digital works and protect yourself by encrypting them if that was the case. The RIAA, MPAA and congressmen who drafted the DMCA are not that stupid.
Bottom Line: If you are not encrypting work to which you own the copyright then the DMCA does not apply to you.
What does it mean to "Encode" the file names? The Aimster Pig Encoder encodes the file names by simply changing the words in the file name very slightly. For example, "Music" becomes "usicM", "Hello" becomes "elloH", and you can guess what becomes "uckF ouY, ouY pyS astardsB".
Is it considered reverse engineering a scheme if said scheme is advertised (ok not advertised but spelled out) on their web page?
RIAA: "We didn't reverse engineer anything, you told us how to do it."
"Me Ted"
BOSTON SUCKS!
If you moved the first syllable, luck would become ayluck (because it only has one syllable). You move everything before the first vowel sound to the end, and append 'ay'.
Purely functional works are not protected?
That's not what I (or the courts) said. Only creative works are eligible for copyright, functionality has nothing to do with it. Its completely possible for a work to be both creative and functional, and generally creativity is a VERY low bar to clear. But purely factual information ("this song is by britney spears. This song is 'oops, i did it again', this song is 3:00 long", etc) is not creative in any way, and limiting the ability of people to republish those facts would be VERY counter-productive of copyright law.
Particular arrangements of facts (dictionaries, encyclopedias, phone books, etc) are creative in that the arrangement of the collective work itself is an act of creation, even though the constituent facts are not creative. So you can republish all the phone numbers you like, but you can't list them exactly the same way as the phone company does in their phone book.
As to the file list/ directory structure, it would be an interesting question where the threshold is. Since you are sharing the information to anyone with Napster (there is no discrimination as far as I know for RIAA Napster accounts) you could hardly claim it was a violation of your rights for them to view your files (especially since they have no way of NOT viewing them when they search -- Napster decides which search results to return to a client).
If you encrypted your drive structure, and left the encrypted text file containing that info on a public drive, and the RIAA brute-forced it open to find out you have MP3 files, they would be violating the DMCA. But "encrypting" the individual files with pig latin and publishing the individual file names on Napster makes it a much harder argument to make.
If you had all your MP3 files saved as a tar file named "myfiles.tar.mp3" and the tar file was encrypted, I doubt they would be able to legally assault the tar file to determine its contents. If your had an UNencrypted tar file named "myfiles.tar.mp3" and they just decompressed it (which is similar to what is being done with piglatin -- a very common code is being used) you wouldn't have a leg to stand on (anti-circumvention-wise).
---------------------------------------------
Recursive: Adj. See Recursive.
Right here.
I'd paste it, but there's this lameness filter thing.
And yes, it will compile and run on any system.
--Shoeboy
Under DMCA, reverse-engineering an effective copy-control mechanism is illegal. This is what the RIAA claims that DECSS does.
Simply breaking any old encryption is not, nor is it a copyright issue.
If that encryption is used for copy control.. then it is. This is not.
I'm sure I'll regret posting something that sounds like a defense of the RIAA, but the DMCA states that it is illegal to attempt to circumvent a copyright protecion mechanism. Inasmuch as Aimster's Pig Latin Encoder does not protect copyright, but just mangles filenames, it's not a copyright protection scheme. Thus, it is perfectly legal for the RIAA to begin using the encoder to request both the regular and pig-latinized versions of songs be removed from Napster.
The RIAA is pissing off a huge portion of their fan base. They can see the impact on their bottom line when sales decrease after napster is gone.
What are you talking about? the RIAA doesn't have a fan base. Joe Sixpacks doesn't know who or what the RIAA is. He buys music (or downloads it off napster) and never sees "RIAA" anywhere at all.
Hell, most people I know think that they download their mp3's off of a website called napster.com. Also, I sincerely doubt many Jow Sixpack's got high speed access for Napster. A Jow Sixpack I know got cable because he wanted his games to run faster... when I asked him if he wanted to play online sometime he didn't even know you could do that.
And more importantly, when people start flocking to independent music that doesn't pull these kinds of shenanigans, sells music for reasonable prices, and generally doesn't treat the music-buying public as the enemy.
I don't see the hordes of teenyboppers that are the RIAA's favorite markey moving toward independent music any time soon. Or 95% of the rest of the music buying population.
Bill
Seriously.
.. remember that bands like Phish and the Dead encourage their fans to tape their live performances and swap them with other fans. This is exactly the type of application that Napster was built for.
This is just going to be more ammo for the RIAA. When Napster says to the court, "We're filtering out all copyrighted songs," the RIAA can just come back and say "No they're not; they're using Pig Latin now." This will likely result in Napster being shut down entirely, regardless of the promises that David Boies and the rest of the team make. The RIAA has always taken the position that Napster users will do whatever is necessary to trade music "illegally." They will claim that this just demonstrates their point.
This would be shameful since there really is a lot of music legally traded on Napster. And not just the indie stuff, either
Now, I'm not siding with the RIAA here. They're a bunch of greedy bastards with little to no interest in the artists they claim to represent. But they're also a bunch of greedy bastards with a vast legal team and a bunch of sympathetic courts. The way things are right now, Napster can at least be salvaged for those of us who use it to trade "legal" material. So let's not goad the RIAA any more than we need to.
We're going down, in a spiral to the ground
If, for some reason the RIAA was violating the DMCA, how long do you think it would be before the same lawmakers who wrote the damn thing in the first place fixed the bug in the law to make AIMster the bad guys?
And, just curious, but totally unrelated, of course, but how much has the RIAA and its members given to the Republican party in the past year?
How 'bout the Democrats?
hmmmm?
Reality has a liberal bias
`(A) to `circumvent a technological measure' means to descramble a scrambled work, to decrypt an encrypted work, or otherwise to avoid, bypass, remove, deactivate, or impair a technological measure, without the authority of the copyright owner; and
The problem, obviously, is that the encryption is not desgiend to protect a copyright holder, sadly enough.
I'm the best IRC client ever.
Real pig latin moves the first syllable to the end and appends 'ay'.
Tried looking up a FAQ or some other 'formal' definition but no ucklay.
---
The "key" is knowing how to arrange the letters. If you use ROT13, the key is 13. If you XOR everything by 42 the key is 42.
As silly as it is, I think the logic is valid. I personally prefer double or even quadruple ROT13 for maximum safety, but this is an interesting application of the "logic" used to create the DMCA.
There's no doubt that as more and more legislation is passed, we'll see more and more examples of ludicrous conslusions drawn from the tortured reasoning behind the legislation. Face it, our generally techno-illiterate legislatures know what they want to do, but they don't know how. Preventing people from ripping off the record companies is a reasonable goal (not that they have made any effort to keep the record companies from ripping off the consumers, but that's a slightly different issue). However, any legislation that is going to work, has to crafted by people who not only understand intimately the capabilities of the state-of-the-art, but have enough insight to predict what things might be like 10, 20 or more years down the road. The current legislation smacks of 19th century law (which isn't bad in itself) and seems to completely fail to understand 21st century technology (which is disasterous).
You are in a maze of twisty little passages, all alike.
the whole p2p and file sharing industry should cooperate and try to develop a file sharing system that will NOT be countered by any government or institution or at least be stopped.
after the napster controversy, there are numerous programs out there spawning in the hope of gaining market share from napster. better features are included in their program that is deemed to be 'unstoppable'.
i just suggest that all of those product makers like freenet, aimster, etc. create a universal program with plug-ins for each other.
it is nice to encrypt the data while having a p2p transfer system. you can also have index servers located worldwide that can be donated by people. you can also use the power of search engines to look for the files that you want thereby making the system rather difficult to shut down.
for the music and movie industry, i think that the concept of pay per view or pay per hear is also good. like a person can donate a $0.01 TO THE ARTIST each time the song/movie is played. in the long run, the artists are happy and you are happy. at least you can get the most updated songs all the time.
ha. RIAA may have won the first round. but let's wait and they will not be able to stop everybody from sharing files.
this concept is not just for the music sharing service. this can be good to share files like newest software versions without having to create a download site. this will reduce costs for companies and improve the overall speed of the net.
i hope that even though the unfortunate event of napster happened, the internet will not be and SHOULD NOT BE controlled.
johnlaw
Live your life each day as if it was your last.
Are you insane?
Sure encryption with ROT13 is fast, but decryption is a bitch.
Go ahead if you've got a quad xeon box, but on anything else, forget about it.
While encryption is an linear, decryption is an N^2 operation. Even with a processor capable of performing 10^12 operations/second you'd requre months to decrypt a gigabyte of text.
Admittedly, there's some academic research that indicates an N lg N solution for ROT13 decryption is possible, but nobody has built a working prototype.
And don't even get me started on the amount of CPU time a ROT26 algorithm requires. It's been proven to be an NP complete problem. Can you say "computationally unfeasable"?
I knew you could.
--Shoeboy
They've taken aim square at their foot, and pulled the trigger. Let's see what happens as they shut napster, opennap clones, and other servers down, and piss off not just us geeks who will grumblingly return to FTP servers and ratios or guntella/freenet/mojonation/etc., but the millions of Joe Sixpacks who got highspeed access just for napster.
The RIAA is pissing off a huge portion of their fan base. They can see the impact on their bottom line when sales decrease after napster is gone.
Returned Peace Corps IT Volunteer
This has got to be some of the funniest sh*t I have heard in a while here on /. I love irony.
"Everything that can be invented has been invented."
--I assume full responsibility for my actions, except the ones that are someone else's fault.
Is this a good thing?
Of course the point of this whole mess is to force the RIAA, MPAA, etc... into fighting the DMCA in court. Ironic yes, but I wonder if we're not actually starting to use the protections offered by the act they way they should be used.
Since Napster is no longer a suitable example, I'll refer to Gnutella. With a fairly simple layer of 'copy control' encryption layered on top of the file transfer protocol, it becomes illegal for the RIAA to try to stop users from trading files. It forces them to fight the DMCA, which they lobbied for, but at the same time, it protects individual's rights to do as they will with the stuff they have bought. I want to share all my Eminem CD's, which is legal under 'fair use' but will get me whipped with a garden-hose if the RIAA has their way? This scheme allows me to do so and makes it a crime for RIAA to try to figure out that I'm doing it.
Perhaps we should take this seriously, not to get rid of the DMCA, but to exploit the hell out of all the protections it offers to those who know how to use and abuse them while we still have the chance.
Aimster claims to do this with some pretty good encryption, but alas, it is entirely dependant on AIM, which, frankly, sucks donkey balls. I'd much rather see the OpenNap or Gnutella guys develop something similiar.
C'mon, Aimster. Let's see a non-AOL dependant version of your software!
The next Slashdot story will be ready soon, but subscribers can beat the rush and slashdot the links early!
This particular approach is bogus, since as others have pointed out, the DMCA is not about methods of encryption but about methods of copy control.
This does raise an interesting question. How can we consumers use methods of copy control to prevent excessive and DMCA-illegal snooping by the new corporate thought police?
--LP