Slashdot Mirror
Descrambling CSS w/ 7 Lines Of Perl A DMCA Violation?
Here's the script:
$_='while(read+STDIN,$_,2048){$a=29;$c=142;if((@a=unx"C*",$_)[20]&48){$h=5;
$_=unxb24,join"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$d=
unxV,xb25,$_;$b=73;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=($t=255)&($d
>>12^$d>>4^$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*8^$q<<6))<<9
,$_=(map{$_%16or$t^=$c^=($m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;$t
^=(72,@z=(64,72,$a^=12*($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)[$_%8]}(16..271))
[$_]^(($h>>=8)+=$f+(~$g&$t))for@a[128..$#a]}print+x"C*",@a}';s/x/pack+/g;eval
A rewrite, using an extra five bytes (!) of perl code, caches a table, which apparently makes the program fast enough to decode a movie in realtime:
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$t=255;@t=map{$_%16or$t^=$c^=(
$m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;$t^=(72,@z=(64,72,$a^=12*($_%16
-2?0:$m&17)),$b^=$_%64?12:0,@z)[$_%8]}(16..271);if((@a=unx"C*",$_)[20]&48){$h
=5;$_=unxb24,join"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$
d=unxV,xb25,$_;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=$t&($d>>12^$d>>4^
$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*8^$q<<6))<<9,$_=$t[$_]^
(($h>>=8)+=$f+(~$g&$t))for@a[128..$#a]}print+x"C*",@a}';s/x/pack+/g;eval
As Touretzky writes on his Gallery page, typical usage is just: cat /mnt/dvd/VOB_FILE_NAME | qrpff 153 2 8 105 225 | extract_mpeg2 | mpeg2dec -
"MPAA claims that CSS is a copy protection system, not an access control system (see their FAQ), so you'd think there'd be no case to answer."
Then the MPAA doesn't know what they're talking about. We've already determined that you can make bit-for-bit copies (which is what industrial pie-rats would be doing, think Hong Kong) without any problem. But you can only decode and show a DVD (think Joe sixpack) on an authorized player (or one using DeCess like code).
So, you can easily copy DVDs, but to access (play/show) them, you need to decode them.
They can claim the moon is green cheese, that don't make it so.
So you wouldn't be able to open a DVD gallery featuring first run DVDs sitting in display cases and charging admission for people to come in and look at then?
You should ask 2600 about that.
_____
Sam: "That was needlessly cryptic."
Max: "I'd be peeing my pants if I wore any!"
This is (+1: Funny), not to be marked down foolish moderator(s).
the Eiffel Tower, brooklyn bridge, etc.
:)
arguably the Apple I was "artistic"
art deco buildings straddle the line
etc.
there's been a long tension between form & function, but sometimes they're complementary. to some, beautiful code == maintainable code. (of course, beauty being in the eye of the beholder and all, the perl script on this page isn't exactly what I had in mind..
-Stu
That's right. In my opinion, punching someone in the face for the expressed purpose of making them angry is a form of art. Slapping our man Gates in the face with a pie is a higher form of art. Lots of art makes people angry, and lots of art deals with punching people in the face.
I can think of Marilyn Manson, WWF Villains, and the Three Stooges off the top of my head.
-the Pedro Picasso
--
--
(sourceCode == freeSpeech)
Damn my feeble brain. Oh well. You've got the idiot's voice down pat. Now let's see you do Moe from the Simpsons.
-the Pedro Picasso
--
--
(sourceCode == freeSpeech)
I'm sorry. I'm afraid this isn't true. The US Government was founded by men who valued (among other things) freedom, but ARPANet was founded by the US Government. It had more to do with military supremacy than freedom at its inception. We have used it for freedom, and we hope to continue to use it for freedom, but we must understand that laws like the DMCA (pdf) are slowly eroding that freedom as are projects like Carnivore. The kind of freedom we enjoy wasn't granted by God. It wasn't encoded into this international jumble of computational devices. It's not guarunteed, and it's not sticking around. For more information about the erosion of freedom, ask the guys at 2600. They love to talk about it. If you actually want to help, donate to the legal support of freedom at The Electronic Frontier Foundation.
Of course, when Al Gore invented the internet, it was all about freedom. ...and democracy. ...and health care.
-the Pedro Picasso
(sourceCode==freeSpeech)
--
--
(sourceCode == freeSpeech)
Line breaks in code are meaningless? Well, that just made all my python coding a hell of a lot easier...
Heck, I'm sure the VB and QBasic programmers around here would be happy to hear that too.
Granted. after tidying, I ended up with 18 lines of fairly readable code. But who are you to say LOC is a completely meaningless standard?
-- perl -e'print pack"H*","6e656d6f406d38792e6f7267"'
(To paraphrase what some /.er said long ago)
MPAA: You are now the proud owner of a license to view some content.
You: Uh-oh, the dog ate my DVD.
MPAA: Did we say you have a license to view content? What we meant was, you are now the proud owner of a shiny plastic disk with some bite marks. If you had a license to view content, we would have to let you download another copy at no cost (being a licensee of the content and all), or at least recognize that you could have made a backup copy in case of the media breaking, and that would be silly. Sucker!
The discs are the same discs as the ones regularly sold in stores. It appears that most of them are region 1.
For this bit of code to be useful, one still needs the title key, right? So where would one find the title key for a given DVD?
I did a quick search on Google, and turned up nothing.
--- Chris
It's also small enough that it wouldn't cost much to run it as part of an ad in a newspaper...
Done. It screws up the spacing, though. Hope it still works.
Now that is a great idea. Someone pass this on and/or mod it up...
IAAL,BIANLY
I work in software industry. Here, the law is simple - good code is a readable code. Unreadable code is a bad code. Period.
Andrew
I vote at-robots asm!
While that is, strictly speaking, seven lines long, it's only because it's like 30 statements strung together. Did the student get extra points for obfuscation?
Art is anything that you can get away with.
Computer programming is much like architecture.
There is an engineering side to it (otherwise buildings would be falling all around us), but it is also an art.
I would also point out that doing something clever is sometimes considered art, as well as the pleasing quality.
Consider some of M.C. Escher's works. While they do have some aesthetically pleasing qualities, what really makes them art, in my opinion, is the clever illusions and math behind the art.
This is how computer science is.
Now where do I get that t-shirt?
You can get them from copyleft.net.
For every DeCSS shirt they sell, $4 goes to the EFF. (note: this is NOT a goatsex link!)
0 1 - just my two bits
That's a high price to pay for a 6-line file. Better use that preview button! :-)
/ \
\ / ASCII ribbon campaign for peace
x
/ \
The existence of something, such as a piece of code, cannot be illegal. Laws do no outlaw existence. Is the person(s) responsible for developing it in violation? Is the reproduction in private or public a violation? Is the course that it was developed during, the violation? Is the language, interpreter or even a compiler that makes it possible in violation? Are the concepts contained in violation? Is the knowledge that it is possible in perl a violation? MUST WE OUTLAW shift-2?! It's all very clear to the uninformed.
Often wrong but never in doubt.
I am Jack9.
Everyone knows me.
Often wrong but never in doubt.
I am Jack9.
Everyone knows me.
I see your point, apart from the fact it wasn't me screwing up. :> Please read who the poster is before commenting.
I personally know how to type and have done for a great many years.. if people don't know what keys they're pressing then yes that's their look-out.
--
Delphis
I don't know .. HTML isn't difficult, people :)
/mnt/dvd/VOB_FILE_NAME | extract_mpeg2 | mpeg2dec -
qrpff 153 2 8 105 225 <
There, that better?
--
Delphis
In the story above, the Gallery of CSS Descramblers has an English-language explanation of how CSS is decrypted, along with other neat stuff.
-- Liquor up front, poker in the rear.
I was under the impression that possessing a circumvention device was illegal. Just because its in an email, its still stored on your computer. Whether you understand what it is, or wanted to receive it, or not. I don't think a determined prosecutor would treat it any differently than when the DEA bust your door down so that they can put some crack in your appartment then bust you for it ;-)
Nice idea, but bear in mind you are making everyone you send email to, technically, into a a criminal. How is your mother going to feel when they put her in jail because you sent her an email!
Is explained pretty well here, and shows why this is not really a problem.
Don't get me wrong, I think Sorites Paradox is interesting, but since philosophy has pretty much given up on the concept of the ideal language doctrine, it doesn't make for a valid argument.
-Wintermute, of course, I still agree the DMCA is absurd.Are you sure? I thought that was just with the brittish RIP (or whatever it's called) act...
How exactly does receiving something illegal involuntarily make you a criminal?
I've been wondering what to get for my next tattoo.....now I know. Can't wait to see the look on the tattoo artist's face when I show him this.
Admit nothing, deny everything and make counter-accusations.
Simple, just encode a few million files with randomly chosen CSS keys, then find the few that happen to be able to decoded by DVD players and sue them for that. After all, he had no choice in selection of the keys...
"There is more worth loving than we have strength to love." - Brian Jay Stanley
is today MIT appreciation day?
Except that in order to decode the audio, you have to use several patented algorithms. If something is patented, it doesnt matter how you come up with it, you cant use it.
I guess we could have a DVD compatable player - if it didnt decode the audio stream.
Software patents are patently evil.
Actually, i saw an interesting thing before for finding that key. Never really thought about it so i dont know all the little intricate parts, but basicaly it works like this:
almost EVERY first screen in a movie is completely black.
the movie is encoded with a very specific algorithem.
So you know what you start with, you know what you end with, and you know the algorithem . . . now you brute force:P supposedly it doesn't take very long, since CSS is such a simple thing.
The only flaw with this logic is that I bought my DVDs. Now I am the owner of that DVD, NOT MPAA.
I should be able to put MY dvd into MY microwave and make a nice coaster for MY table.
Since I purchased MY DVD, I should be allowed to do whatever I want.
The region 2 disks that I bought are useless to me except for to be used as coasters. I don't want to pirate my DVDs. I want to watch MY DVDs on MY DVD player.
-b
Excellent point, very similiar to the Aimster article published earlier. The court case against DeCSS was partially based on the fact that currently DeCSS is only useful to decrypt DVD's so if there was a valid and legal use then possession and hence links to the source become a real 1st amendment issue.
The caveat to this is the original case was also based on the charge that the defendants actually USED DeCSS to decrypt material protected under DCMA and having your own stuff encoded with CSS doesn't change the outcome of that portion of the case.
We the Sheeple...
I would have to agree with this. The defendants tried to argue that they had a safe harbor under the 'integration' clause of DMCA. The judges ruling of irrelavency was based on his assessment that the software wasn't used to make a Linux DVD player but a Windows DVD decoder.
On a side note, is it possible that the RIAA can convince a judge that the Aimster protocol isn't real encryption? This is somewhat a moot point since they could have picked rot13 or whatever, there isn't a shortage of encryption routines.
We the Sheeple...
The DMCA only protects valid copyright holders - as a napster user, unless you recorded the song (and its original), YOU DON'T OWN THE COPYRIGHT, THUS, THE DuMbCA DOESN'T APPLY TO YOU.
Cyano
If you want to do something about the DuMbCA, give to the EFF, the ACLU, or talk to somebody who can actually do something. Being articulate helps. Or move outside of the US's jurisdiction.
Don't like my sig? I don't either.
But then where do you draw the line? Remove one character from the end, and it's still a (broken) circumvention device because you can easily get the last char off the net. Keep removing characters... eventually you get to the stage where any compiler, interpreter, or general-purpose microprocessor, is a copyright circumvention device, which is true in a sense (it's potentially a circumenvention device) but legally ridiculous.
If, on the other hand, you say it isn't a circumvention device unless it is physically distributed with the keys, this provides a ridiculously simple legal loophole, rendering the DMCA anti-circumvention-device provision effectively impotent.
That's the Sorites paradox for you.
This is far from unusual though - the Sorites paradox also crops up in many other legal and moral areas. Morally, for example, it seems arbitrary to draw a line and say that killing a foetus at age x days is okay but killing a foetus (or newborn) at age x+1 days is a horrible crime. Yet this is exactly what the law effectively says today.
Female Prison Rape in NY
The students the reporters arrested interviewed laughed.
perl -e 'fork||print for split//,"hahahaha"'
Bugger, my brain seems to have seized up on that one. "The students the reporters the police arrested interviewed laughed" is what I meant to say.
perl -e 'fork||print for split//,"hahahaha"'
Well, it's almost encoded already...
:(
The code is like this:
$_ = 'code here';s/x/pack+/;eval;
This will assign all the code to $_, replace "x" with "pack+" and then execute the code. Remove everything but "code here" and you have a piece of code that doesn't really work.
Oh - if you run the code through perl's B::Deparse module, it becomes a lot more readable.
I tried to paste the code here, but the lameness filter kicks inn
--
- Trond Michelsen, mike@crusaders.no
In the same breadth, openness will always find a way!
Now where do I get that t-shirt?
Live today. Tomorrow will cost a lot more!
Well, Noryungi, what are you waiting for?
LS
There is a fine line between being a cultivated citizen and being someone else's crop. - A. J. Patrick Liszkie
Well I know every year or so there is an obfusticated perl contest. Man, these guys would give some serious competition! In any case the code looks amazing. Even though I know Perl, I can definitely say this guy pushed the limits! It would definitely take some sit down time to dissect it, but that isn't the point. Anyway, kudos for getting it done in 7-lines :)
JOhn
Campaign for Liberty
1 word: Intercal
I shudder at the thought.
//rdj
No one can understand the truth until he drinks of coffee's frothy goodness.
--Sheikh Abd-Al-Kadir, 1587
DeCSS functionality has now been ported to pretty much every programming/scripting language in common use, so it seem reasonable to me that it's time to integrate it with gnapster!
Imagine the following scenario... gnapster clients hacked in such a way as to run filenames through DeCSS before showing them to the user... all files are shared with their names scrambled using the DeCSS code... Users still see the correct filenames in their gnapster browsers but the real files are encrypted. NOW... if the RIAA then decrypts the filenames in order to try to ban them from the napster servers then they've broken the DeCSS "copyright" and the RIAA can sue the MPAA into submission for violating the DMCA. It would make a lot of lawyers really rich but would be worth it just to seem all squirm.
HA!
In any case, the way I heard this debate had nothing to do with justice: is an unenforceable law a law at all? A second question concerns whether unjust laws are laws at all. And these questions are of course answered by: what is justice? Or rather, is justice such that it can bind where positive (as in asserted) law does not?
(c.f., Plato, Aristotle, Aquinas, Hobbes, Locke, Kant, Rousseau, Hegel, L.Ron, Rand, Satre, Mr. Bean, Epicurus (through Lucretius), Diogenes the Cynic, Me, Maurice Strong, La Rouche, and any ignorant gawker for considered opinions on the topic)
~~~~~~
under-paid karma whore
As he argues in his Report on the Alien and Sedition Acts (January 7, 1800. Papers of James Madison, vol 17, pp. 307-50):
Madison, and every other Founder whose thoughts on the subject I have encountered, desired that the good conclusions that are in common law be codified by the various legislatures responsible for creating law, and that the form of common law be abandoned. The courts were to have appelate, not legislative, authority.
In this same paper, Madison also says why the colonists had a right to rebel, rejecting that it had its origin in common law. But I've wasted enough server-space as it is.
~~~~~~
under-paid karma whore
well, i personally dont find that line at all confusing, if you were a programmer you porably would be confused by it, and writing basic doesnt count. I personally find japanese confusing, because i dont speak japanese, im sure if i spoke it it would be nearly as confusing.
-- free as in swatantryam - not soujanyam.
Actually music history class. Ives was a turn of the century composer who moved into "experimental" music towardthe end of his career. Not my thing at all......but I get what you're saying.
"Share your knowledge. It's a way to achieve immortality." -- Dalai Lama
That's an awful idea. I'd rather live without
DVD's than commit my private messages to a flawed
encryption scheme.
Alex.
ummm...just a question...
:)
wouldn't Double-ROT13 be plaintext?
13+13=26???
...moderate me down, I just couldn't help myself
Check out my sysadmin blog!
Once a upon a time (in NY state, USA), it was legal for a person under twenty-one to possess alcohol, it was just illegal to sell it to them. Result: open parties in college dorms.
Then, somewhere around 1990, it became illegal to possess it, too. Result: drinking quietly in locked doors.
So how long until they take the next step?
I can explanate how to administrate your network. You must configurate and segmentate it, so it can computate.
I know very little (read: nothing) about Perl but it seems like this is basically compressing that long, ugly, awkward table of values that represents the magical mystery DVD key. Am I correct? This reminds me of those DOS days when you would run PKLite on a executable to compress the EXE file and wrap it with enough code to uncompress the original EXE when you actually ran it. - JoeShmoe
-- I wonder which will go down in history as the bigger failure: the War on Drugs or the War on Filesharing
You're right in saying that size doesn't matter. I don't think RSA is considered weak. But there is an encoder/decoder in 2-3 lines of Perl and also a short one in C.
You contradict yourself. You say judges are not supposed to make law, and then, yourself, point out that we have "inherited" British common law that allows them to do so.
It's not my statements that are contradictory, it is the legal system. I simply pointed out how things are supposed to work, and followed up with how they do work, and pointed out that I think that it is a VERY BAD THING(tm).
The Constitution specifically invests the power to make laws in the legislature, not the judiciary. Common law runs contrary to the seperation of the powers. Seperation of powers is as GOOD THING(tm) IMHO. A judge's judgement should be based on the law, not the judgement of other judges.
When a judge makes a decision there are no elected representatives present to debate and influence the decision. In many cases, the judge is appointed, not elected. In many cases, judges have the power to nullify a jury's decision. This, combined with the ability influence other decisions on related matters is just too much power to invest in one person.
If the law is not clear enough for all judges to base their decisions on the law itself, it should be handed back to the legislature to be fixed, not modified by judges.
Of course, this is just my opinion. Your milage may vary.
When will Windows be ready for the desktop?
I'm intrigued.. Could you counter-sue the RIAA for descrambling this piece of code to figure out what it does under the DMCA?
At what stage does obfuscation become "a form of encryption" as recognised by the DMCA?
Q.
It doesn't fit in the recomended 3 lines... but it is ASCII, so should compress nicely. Try that, then run the output through a text encoder and you should be able to compress it to 3 lines or less. Due to the lack of white space, I'm guessing you need a pretty good compression, though (I get about 50-80% using gzip/uuencode on typical text files (program source I posted to newsgroups), so I'd guess between 30-60% for this file). bz2 might work better.
The public/private key encryption system is commonly known as a form of RSA encryption. There are also other types of encryption such as Rot-13, Ceasar, Cypher, and a others which I cannot recall at the time. The reason RSA encryption is used everywhere is because of the reasons you mentioned in that a person who figured out the key would be limited in cracking only a single individuals contents. Anything that intentionally changes the contents of something for the explicit purpose of preventing unwanted people from viewing it is encryption.
Pkzip, Winzip, etc... are not considered encryption because they do no change the contents for the purpose of preventing unwanted people from viewing it. Placing a password on a zip package would be encryption.
Hope this clears things up a little.
how funny, now in the information age you can't own something, but instead you get permission to _use_ it... and this in the same country that bitches on communism and preaches on private property... maybe they meant BigCorp's private property? (please, don't take this as a troll, It's not my intention to insult Americans or anything, I'm just trying to say that it's not about the economic or social system, but about the people who run it.)
"Luck is my middle name," said Rincewind, indistinctly. "Mind you, my first name is Bad." -- Terry Pratchett
That's very interesting...
By itself, the decoding code does NOTHING.... a piece of code with passes the key to this script does NOTHING...
If I have one piece, but not the other, I don't have a "circumvention device," it doesn't work. If I have both pieces, but not hooked together, it still does nothing, so it's still not (shouldn't be?) a "circumvention device."
So, if I manually link them together on the command line every time I use them, at what point does the "circumvention device" get created?
sig fault
I don't think it's a secret any more.
Stupid Cheap Guitars
If I ever get my current piece of Comp Sci coursework finished I'll have a crack at doing it in Miranda (grade-A hyperfreaky functional lang, we use it on Solaris boxen via old mono xterms).
:o)
OK so it'll only be able to handle VOBs of a couple of frames before collapsing in a stack overflow (Miranda lazy-evaluates, which with something recursive can produce huge statements to be reduced at runtime), and OK it won't stream at all, but dammit it's the principle of the thing!
Then after that I'll try something massively harder still - implement it in GamesFactory - anyone who's ever played with klik+play, TGF, etc. will know why this is an insane task
FUNNY +1
KdenLive/PIAVE - non-linear video editing
If people are to respect the law, perhaps the law should begin by respecting the people.
Argh, hit the submit button by mistake, so now I fucked up myself. Of course there was a < in there but I didn't quote it, I was going to whine about "uses only six bytes more!" while invoking it using a whole extra process, and I wasn't going to post at score 2, but whatever. Bah.
I believe posters are recognized by their sig. So I made one.
Yeah, that's all fine and dandy, except I BOUGHT the DVD, so now I AM THE OWNER. The way fair use is interpreted in the current body of copyright law, that means I can do whatever I want with it, short of making lots of copies and selling them on the street, or charging admission to view the unaltered work. By "it," I mean both the physical disk itself, and the content on that disk which I now own a license to view at my discretion.
blah blah blah this has all been said before...
Humpty Dumpty was pushed.
THe DMCA only protects copyrighted works, not anything that has been encrypted...
I guess they could make possession a crime, like certain plants.
Is anyone going to translate that into something readable? Why is it that when someone writes a perl script there always seems to be a challenge of making it use fewer characters, sacrificing readability? In the end, it doesn't matter if you only used XX number of characters if the code is the same, right?
Yes, I program in perl, so don't think I'm talking about "those other people". I know I have fallen victim to the same disease: no matter how small a script is, it would be cooler if it were smaller. I try not to go as far as removing whitespace, but even that urge is hard to resist. What I have to come to terms with is no matter how many characters I use, if the implementation is the same, in the end it doesn't matter enough to make changes. Perhaps reducing the _source_ lines of code can be different, but even that has its potential for obfuscation.
Ok, off the soapbox. Perhaps I'll parse through that later, when I have some spare time. This is just my commentary, take it or leave it, mod me down, whatever, but it had to be said.
Perhaps I didn't state my comment correctly. I do appreciate one-liners in a sense. After all, I _did_ admit that it was novel. When I see something implemented in one line, or two lines, or whatever small number of lines, I think to myself "Yea, that's kinda cool", but I know that it says little about the program's problem domain. In the end, it really says something about the language it was written in and the ability of the programmer to use that language to its fullest.
The reason that I said what I said is that the article on slashdot basically made it sound like the program made a statement about the technology behind CSS. To quote the article:
It's also a bit of an embarassment for Hollywood when you consider that the basis of a multi-billion dollar revenue-stream can be foiled by such a small piece of code!
Therefore my point is that this statement is out of line. How small a piece of code is has little to do with the algorithm behind it. While there is the debate about whether laws are enforceable or not, the size of the code is insignificant.
In that same vein, what keeps M$ or someone else from saying you can't run windows on emulators?
"Buy buying this software, you have the right to run this on real physical computer with a licensed copy of windows, ONLY"
Goodbye VMWare
Goodbye Wine
Goodbye (etc...)
Oops, that should have beeN "from saying you can't run windows software on emulators?"...d0h
The fact that you screwed up justifies people who use cat.
Using cat that way makes it less likely to do bad screw ups.
For example if you had accidentally pressed shift-. instead of shift-, you'd probably screw up your source file. Those keys are a tad close aren't they?
Cheerio,
Link.
The obvious criterion to use is not the algorithmic complexity of the decryption code but an objective measure of the security of the encryption used. You could use a criterion like the key size or the resources needed for an analytical attack. We all know, for instance, that it's possible to write a 3 line RSA public key cryptography encoder/decoder, but somebody who used it with 4096 bit keys would obviously be taking security very seriously. We know that because we have some idea of just how challenging cracking 4096 bit RSA is- essentially impossible barring unforseen developments in NP=P or quantum computing. Similarly, when NIST was evaluating AES candidates, simplicity of the algorithm was actually viewed as a possible security advantage because it made analyzing it for weaknesses easier.
In the case of CSS you can make a reasonable case that the designers were making a good faith effort to use the strongest encryption they legally could. The system was designed at a time when they couldn't legally use keys longer than 56 bits, so they used the legal maximum. Admittedly they did a bad job of designing their crypto so that they didn't get the full strength they could from the key length, but even experienced cryptographers will sometimes screw up and design systems that aren't as strong as their key lengths would suggest. That the CSS designers tried to make a system as strong as they legally could (so long as they wanted it to be available worldwide) is strong evidence that they were attempting to make an effective control device.
There's no point in questioning authority if you aren't going to listen to the answers.
Why not hold a competition to see who can write a descrambler in the fewest lines of code or run an obfuscated DeCSS code competiton or even silliest programming language used in writing DeCSS?
Just because you bought the disc, don't expect to use it in some way in which its owners don't approve.
News Flash: If I bought the disk, I'm the owner.
Perhaps an http link to the code itself, for starters?
Brian.
What if one person distributed just the keys, and another distributes just the decoder? Neither part alone is a circumvention device. If the 2 parties don't work together (do avoid them being considered "in concert with each other" under the law), would that be legal? Of course the end user who puts it together is likely to be guilty of creating a circumvention device.
Just because it CAN be done, doesn't mean it should!
Shhh. Don't give them any ideas!
Just because it CAN be done, doesn't mean it should!
If I bought a disc, aren't I the owner?
--------------------
`Lex - Find Me Here: Text Appeal
---
There is much cruelty in the universe, John.
Yeah, we seem to have the tour map.
If you buy it, you become the owner.
Nah - did you know that "< file" can appear anywhere on the command line - including before the command!
/etc/nsswitch.conf wc
$ <
32 130 936
$
So to insert your frob filter doesn't involve any cutting and pasting.
En français dans le texte : N'importe quoi ! If I send you a bunch of weed, without telling it to you, are you criminal ?
...to post a way to de-obfuscate a program for decrypting DVDs????
8?)
Why is there only one Monopolies commission?
Is there an un-obfusticated version?
Heres another one: Put it in a large comment block in your web pages... I wonder if the MPAA has the brains to look there ;0)
Imagine getting back search results for decss and finding nothing but homepages with no source in sight....
I'm off to insert a nice comment into my homepage.....
Driven by 100% sarcasm - fueled by the need to be heard.
They are evil. So is the MPAA. All they care about is the dollar. They need to understand that less is more... IE stop going after everyone legally, instead release for low cost full quality videos/MP3s WITHOUT SECURITY online and piracy will be gone.
--IronHelix
It's one of those bits of code that make you want to check your eyebrows are still intact after reading it. Somebody give the man a prize.
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
Actually, if you actually read the agreements and legal stuff, you DON'T buy things anymore: You liscense them. Thus, the owners who are liscensing the product out are the MPAA people, and they can decide how the discs get used. Sorry.
Rightly spoken (written?),
/. to say to the law-enforcers that the posted code is not the real DeCSS.
This is a prime example of security through obscurity. Everyone not familiar with the intimates of Perl will take for granted that this script does the job. e.g. Its unreadableness will allow
---
---
"Multiple exclamation marks are a sure sign of a sick mind." (Terry Pratchett)
it wont take long and somebody will write an awk or ps version of it :-))
--
no sig
a great idea, but who is going to encrypt valuable data with CSS, seen as though we ALL know how vulnerable it is, and easy to decrypt, so whats the point?
Kids, you tried your best and you failed miserably. The lesson is, never try. -- Homer J. Simpson
Did he get all his confiscated stuff back?
Wouldn't it make more sense to simply give permission to anyone in the world to decrypt it, using any DVD player (authorized by the MPAA or not)? The only reason that a DVD player is legal at all is because of the "permission of the copyright owner"; if you and the MPAA are both copyright owners, there's no reason your permission is any less valid than the MPAA's.
My point was, by giving permission to anyone to decrypt YOUR work, wouldn't that make DeCSS legal? If not, then the same argument would work in reverse: you could prohibit anyone from playing it on an MPAA-authorized DVD player, thus making all such DVD players illegal circumvention devices. To do otherwise is to allow and require only the MPAA to speak for all copyright owners.
$c = ($a>b)?$a:$b;
Shave the Whales!
hmm, how long for a rijndael de/encriptor?
come to think of it, if you had a library with a css decoder in it, it'd take only one line of say, c.
Worth exactly the paper they're printed on. ;->
I hope that was meant ironically.
I lost my copy of the green golf ball joke can anyone find it for me?
This one is so funny, even my bird is laughing.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
However, this is more of a crack, but "hall of cracks" would get the building inspectors riled.
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
Now wait a minute. I found this on the site:
531 - 526 == 5. Not six, FIVE!
"Ancillary does not mean you get to rule the world." --U.S. Circuit Judge Harry Edwards, speaking to the FCC's lawyer
$_='while(read+STDIN,$_,2048){$a=29;$c=142;if((@a= unx"C*",$_)[20]&48){$h=5;$_=unxb24,join"",@b=map{x B8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$d= unxV,xb25,$_;$b=73;$e=256|(ord$b[4])>8^($f=($t=255 ) &($d>>12^$d>>4^$d^$d/8))>8^($t&($g=($q=$e>>14&7^$e )^$q*8^ $q>=8)+=$f+(~$g&$t))for@a[128..$#a]}print+x"C*",@a } ';s/x/pack+/g;eval
Damm dat linewrap...
This sig is intentionally left blank
Send copies to world leaders so they're all in violation of the DMCA.
Send copies to the people who sponsored and passed the DMCA, attaching a note that reads, "Per the statutes of the Digital Millennium Copyright Act, you have violated federal law by reading this message. Have a nice day."
It's just so unbelievably small that it can be sent with anything. That's the amazing part of this.
Who could have guessed that 7 lines of code could get you arrested?
-- Sinistar
Its short enough to fit in a signature. Sort of. I have added it to my list of signatures anyway.
Perhaps it's not encryption. But DMCA isn't about encryption and decryption, it's about copy protection mechanisms. So in theory if they ROT13 a movie and call it their "copy protection", you can't reverse that. Plain silly, but true.
The previous poster was probably just being humorous but I was thinking "Terse" is the only nice thing I can think to say. Ok I am biassed because I believe three things:
:^) ... use Python, Pascal, COBOL, Basic or any other "syntax intuitive" language to prove your case.
1) Make a program as easy to read/understand as possible(descriptive variables and procedure names, one command per line, etc...).
2) Document code that is not "self explanitory".
3) KISS - which stands for Keep It SIMPLE Stupid. The first S DOES NOT MEAN "SMALL".
IF programmers want to "prove" that computer languages are like any other language used by people, then I would not show them this code. Now that I think of it- don't ever show any Perl! It will only hurt your case
I miss the Karma Whores.
Publish it on post cards and send some season greetings to Hollywood. PLEASEPLEASEPLEASE
Maybe not the fastest way to decrypt a movie but most def the geekiest
Hmm, so, if I purchase a normal DVD player, then I can use a DVD copier to copy all I want just so long as I only view it on the DVD player instead of uploading it to the internet?
I'm a loser baby, so why don't you kill me.
Try this, so that the average person could comprehend it:
The following code is capable of decrypting a DVD, which will allow you to do many things, such as watch a Japanese DVD in the US, or a US DVD in Japan. Imagine if you moved to another country, and all of your DVD-movies that you paid $20-$100 for each, were suddenly no longer able to play.
"Champagne for my real friends - and real pain for my sham friends!" http://ericblade.postalboard.com/
Read section 202.
What I am trying to point our is that according to the courts this code constitutes a circumvention device. According to them, you bought the DVD as is, CSS and all, and per the DMCA you can't circumvent the protection. Just like copyright law prevents you from selling copies on the street corner even though they were made using a movie you legally own, the DMCA prevents you from bypassing CSS. Can you imagine the public outcry if the MPAA simply made the blanket statement that people don't really own the DVDs they buy, they just own the permission to view them? Look how well DivX (Circuit City's DivX) went over. Instead of taking your ownership from you in a way that would cause them a PR fiasco they do it on the sly. They do it under the guise of protecting us all from harm (evil hackers in this case), the same way most of our freedoms in the US are taken away.
Give this law 10 years or so to become universally accepted. Once everyone is comfortable with it a new law will be passed that restricts us even further. When I wrote that it was their DVD I meant that that was how they viewed it, that is their goal for the future. Products that were previously owned by their purchasers will be licensed to us according to whatever rules appear in the EULA. The DMCA is just the beginning, and the 2600 provided an easy target to get a precedent.
SO... when I gave copies of the DeCSS code to the attendees at one of my LAN parties a while ago, I became a criminal?
Knowledge is like ignorance.. too much can be just as bad as not enough.
The size of the source code isn't everything. What if you invent a language that contains decss() as a primitive?
why isn't there a python version too ?
Yes, well, to a Perl fanatic like me (and many others I'm sure) - its a thing of beauty and thus art. Perl never ceases to amaze me at what it can do and how compressed the code can be. It is by far my favorite language to write in.
--
Top Most Bizarre/Disturbing Error Messages
You know, this is a great idea... But I like my own idea a little better - put it on the back of your business cards. Of course, your company might not like the idea of you distributing 'illegal' source code along with their company's promotions... Oh well. :)
________________________________________________
________________________________________________
suwain_2
Mod this up. And someone start development on this right away... :-) (Sadly, I cannot program... What I attempt to write ends up doing nothing but beeping profusely and flashing error messages at the user...) But seriously, this is a really good idea, I don't see why it's only at a 2.
________________________________________________
________________________________________________
suwain_2
This is exactly why the DMCA is such a bizaare law.
I know a guy with Tourettes, and he swears all the damn time.
Oops - I did it again.
ps who is Touretzky and the RIAA?
--
(if you're still looking for the point, it was back there, in the post. </sig>)
For some reason I just can't help but sing this to the tune of 'Ice Ice Baby.' I know that's horrible, but now I can't get it out of my head. Oh well.
Random Musings
MPAA claims that CSS is a copy protection system, not an access control system (see their FAQ), so you'd think there'd be no case to answer.
--
Every bloody emperor has his hand up history's skirt [Peter Hammill/VdGG]
Sorry Perl Gods, but it only counts as seven lines of code if there are seven COMMANDS. Combining multiple commands on one line doesn't count, because what's to stop higher level language writers from doing the same?
Still embarrassingly small though...think I'll port that bit of code to Java... dM
Hey freaks: now you're ju
Taking the 'code is art' argument from above and applying this argument to making a piece of art out of your DVD by nukin' it, it seems to me that either is a valid use of the DVD that you purchased. Obviously you cannot buy a DVD, reproduce it, then sell it for profit, but you can do whatever you want with it once you've purchased it. And if YOU damage or destroy it, and need to buy a new one, well that's your responsibility to go spend money to purchase another DVD. Also, if you paid the money to buy the DVD, then want to use a DeCSS code to drop it to your computer for replication for your own personal use, so be it. If you want to buy a painted canvas of art and use it as a coaster, so be it. Warn the customer that a DVD should not be used as a coaster or it won't work, fine, but don't tell us that we are specifically forbidden from using it that way. It's our own damn fault if we pay for the movie, copy it, and give it to our friends for free. After all, you then become the sucker that paid for the thing while everyone else got it for free.
How long can a browser string (aka. User-Agent header) be? Many filter/proxy programs (e.g. Proxomitron) allow you to set your own user-agent field. Imagine the fit MPAA would be in if every major site's server log had copies of this ultra-small deCSS in it...
--
Caveat Emptor is not a business model.
>But turning DeCSS from hundreds of lines of incomprehensible gibberish into a mere SEVEN >lines of compact code will make the DMCA a lot harder to stand up to public scrutiny.
Man, sorry, but I'm afraid that, comprehensibility-wise (I just made up that word, I think), 5 lines of perl is just as bad as 10 pages of c to the general, non-coding public. If you don't code, you don't code, and you won't understand. Furthermore, the 'viewing public' most likely won't understand the concept of elegant programming, which this certianly is.
I wish that it weren't the case, but one sticking point with the DMCA and the DeCSS lawsuit is that there's a fair amount of work J. Random Workguy has to do to understand the concepts, and as long as JRW has his Coors Lite and his Doritos, he's not going to care that much.
Brant
Brant
Argle. Bargle.
The programmer that wrote such code deserve not to be hired.
Asking to maintain that kind of code is a reason to quit your job.
Code must be more than understandable to the programmer who wrote it, it must be understandable to other programmers as well.
--
Two witches watched two watches.
Which witch watched which watch?
No, I think you own it. There is no licencing agreement, like the one you get with software, on a video DVD. There is only the FBI warning against illegal copying. Unlike software, which you are basically buying a licence to use, with a DVD, you are buying the media and and the right to use it in any way you want as long as is does not violate existing laws. Big difference, IMHO.
-----------------
www.lucernesys.comHorizon: Calendar-based personal finance
Smoking up your ears like the left right winging
2000 years and people (are) still dreaming
Now it's locked into high tech scheming
It's like a demon speeding and screaming
Through your windows while the videos streaming
Nobody wins and that's a guarantee
When there's so much fucking drama that we can't even see
So fly like an eagle while the bandwidths legal
Fresh air friends in the sky turn lethal
Nothings more evil then brain washed people
Living in a land where no mans equal
Where they'll deceive (you) with laws bent backwards
For contractors of suit and tie actors
The factors that finance this full-proof (fool-proof) diversion
So we'll submerge in this cyber excursion
Of ones and O's and codes and files
Tapped by the tone on any phone dial
Monitoring every man women and child
Tallying the numbers for every square mile
Don't smile at the camera No need to be candid
When demanded retinas branded
Screen fiends following the frequencies
They've been playing that sheep for two centuries
While the CEO's got the E G O's
Larger than the national debt we owe
So where do we go or whom do we tell
On this planetary cell that's headed for hell
With digital handcuffs you can't log off
When your just a trademark of Microsoft
Now can't you see in this land of the free?
That prison is the fastest growing industry
That justice for most is just a fantasy
That freedom relates to your currency
It's like modern day slavery
It's like no such thing as privacy
It's like controlled ideology
It's a realiy for both you and me
Um, that would be Voltaire, usually translated as "I may disagree with what you say, but I will defend to the death your right to say it."
But my favourite paraphrase was uttered in a long-running thread, where one guy kept flogging a herd of dead horses. Somebody said, "Buddy, I may agree with everything you've just said, but I will kill you if you say it again."
I'd say an informed populace who gives a darn is one of the central requirements for a real democracy. If we in the first world live in such bastions of democracy why are voter turnouts so low?
> Publishing it is a crime because a judge said it was. That's really all it takes.
Yes, it is a sad state of affairs in the U.S. when the judicial system has the last word on just about everything. While I'm glad we have a judicial branch of gov't, it is absolutely terrible that they are the ones making the bulk of the laws in this country.
cb
No its not. the DMCA does make it illegal to circumvent Access control and copy protection however it also says that it shall not be used to restrict fair use. one of the terms of fair use as spelled out in copyright law says that you may ignore (to a certain extent) the copyright if the material is used for educational purposes. how much more educational could you get? a class at MIT that examins how to circumvent CSS?
-shut up
I guess that is what happens when you have a corrupt judge....he or she ends up legislating from the bench :(
-shut up
Yuck it up. You couldn't even hold onto your empire. Worse than that, I don't even remember having one. I must have been drunk at the time.
To summarise the summary of the summary: people are a problem. ~ h2g2
When people read stories like this, I hope they remember the basic principles the internet and computers were founded on. Freedom. There are things I wouldn't do myself--even if my ex-boyfriend never believed this--but we should all have the choice weather to do them or not. Because he understands technical things better than me, I asked my ex-boyfriend if he would like to post himslef, but he said ./ is full of trolls and wannabees. But when I read the posts, I think they ARE worth the paper their printed on, so that reminds me that we wouldn't have all those posts if people weren't free.
Basically, freedom is the key to everythig. As someone famous (Henry somebody?) said something like, "I may not like what you have to say, but I guess you have to say it anyway even if it kills me" and I think he also meant "First post!" posts even if he didn't think about that part of it.
THL or another TLA
--
Keeping
And how, exactly, is this "Off-Topic"? Do you moderators even have the faintest clue who Touretzky is?
If ya can't beat 'em, clone 'em.
That an interesting "Ask Slashdot" question(and potentially interesting discussion), was lost in the noise of Slashdot actually posting the descrambler source, instead of linking to it.
Optimism is true moral courage
Here's to the failure of efforts by the RIAA, MPAA and any other corporate monstrosity that feels the need to force half-assed, expensive copy protection schemes on the makers of writeable media. If THEY want it, THEY can pay for it, not the consumers!
The point is that the DMCA is blatantly unconstitutional (as interpreted by the courts [so far]). But the courts unconstituional interpretation doesn't mean that we have to sit back and pretend the king has clothes. So, we ask, again and again, is this a violation, is this a violation, to point out that these violations of the DMCA happen also to be speech, which proves the point: the DMCA (as interpreted by the courts) is Unconstitutional (it violates the first amendment).
The way Congress works, most of the people who voted for that bill never looked at it. It was a bi-partisan initiative with strong financial backing. The committee that recommended it considered that it would be another limit on fair use, but they probably never considered its effect on programmers and its conflict with the First Amendment. I tend to think they were looking at a law with powerful backers and few visible enemies and voted the way they thought would make them look good and help the country. Who would vote against a flashy name like Digital Millenium Copyright Act?
-the Pedro Picasso
(sourceCode == freeSpeech)
--
--
(sourceCode == freeSpeech)
Mine:Art is a human expression meant to evoke an emotional response.
I'm not right, really, but neither are you. I would say most code isn't art. I would also say code can be art. After all it is only a set of choppy written instructions. Are recipies art? Is command based haiku art? Is this post art?
(Answers: yes, yes, no)
-the Pedro Picasso
--
--
(sourceCode == freeSpeech)
The program itself is pretty awesome, but even more so is his use of -w. Now that takes guts.
It was on the BBC's web site, etc., a few weeks ago. The law was just passed, though presumably hasn't taken effect yet. The recording racket and friends wanted a tougher law, which made sharing files with strangers a crime, but didn't get it.
I found placing the code snippet in various email program's X-headers works great too.
With a little work, a mail program could enocde this work of art uuencoded into the Message-ID header. Why? When anyone replies or forwards your email, they will resend your CSS code!
X-Comment: ALL YOUR BASE ARE BELONG TO US
He couldn't sue himself under the DMCA any more than he could sue himself under copyright law for copying his own works.
He could try suing DVD makers, but he'd have a hell of a time getting it through court. You see, if he encrypted his DVD with CSS and his own key, then commercial DVD players wouldn't decrypt it. If he encrypted his DVD with CSS and at least one of *their keys*, then he'd have a hard time convincing a judge that the key choice wasn't implicit consent for them to perform decryption.
2^40 is what, one trillion? But there's a couple hundred DVD player keys, so only a few billion files need be generated before a legally useful one is found. So a 1 kilobyte copyrightable file would require just a few terabytes of storage for this workaround... that's not cheap, and I think you'd have a really hard time convincing His Honor that there was any purpose to all this other than pissing off the court.
The following code is a PERL script capable of decoding an encrypted DVD (necessary to watch a DVD on a Linux machine) in real time. This is illegal to use according to the Digital Millennium Copyright Act, a set of laws passed by anonymous vote in congress in 1998. The MPAA feels that they must stop you from using this code to watch DVD movies because then...
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$ t=255;@t=map{$_%16or$t^=$c^=($m=(11,10,116,100,11, 122,20,100)[$_/16%8])$t^=(72,@z=(64,72,$a^=12 *($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)[$_%8]}(16.. 271);if((@a=unx"C*",$_)[20]&48){$h=5;$_=unxb24,joi n"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/. ..$/1$&/;$d=unxV,xb25,$_;$e=256|(ord$b[4])>8^($f=$ t &($d>>12^$d>>4^$d^$d/8))>8^($t&($g=($q=$e>>14&7^$e )^$q*8^ $q>=8)+=$f+(~$g&$t))for@a[128..$#a]}print+x"C*",@a } ';s/x/pack+/g;eval
If you are interested in learning more about how to create your own DVD decoder you can take the authors class on the subject at MIT http://www.mit.edu/iap/dvd
END .SIG
I was kinda hoping to create somthing that could spell out the evils in a tolerable length/readability. Other than manditory commercial viewing and region codes what else does an open source version wreck for the MPAA?
Novel theory: Modern Man evolved from psychopath
you know, if someone did something to "encode" that little perl script, so it ended in say, pig latin, then it wouldn't be functional code anymore, no?
Then, add a script up at the top of the page, mark it "DMCA Violating PLCPS (Pig Latin Copy Protection Scheme) Script", that nicks off the last two characters... and technically, haven't you protected yourself? Because the only DMCA violation is in fact the De-PLCPS script, no? That other thing is protected under a copy-protection scheme and isn't even usable, therefor, what's there to complain about? Sure, I'm sure the owners of De-PLCPS might take offense to your violation of the DMCA, but then again, that would be THEIR problem, not the DVD-CCA's, no?
I'm sorry, but those 7 lines of perl, even as cryptic as they are, sure look a lot simpler to me than the usual DeCSS.c code that's been floating around the net. Whoever wrote the perl code must have done a great job finding the logic behind those tables of numbers. I'm sure that you could turn this perl code back into readable C, and it would be much clearer than the original DeCSS.c. What's more, it'd probably be easier to do it starting from this perl code, than starting with the C code and redoing the work of analyzing the integer tables.
...I've tried to clean up the code a bit, undid the little compression trick they did ('x' == 'pack+'), and still can't make heads or tails of it.
Would anyone care to explain exactly how this works, in english (or should I just wait until the notes from the seminar are online)?
I'm hoping the authors entered this code into the Obfuscated Perl Contest. Then they can claim this code has two uses: descrambling CSS and teaching good programming style through the use of a bad example.
Meldroc, Waster of Electrons
Of course you own something when you buy it.
... a limited monopoly in trade for opening something up for public use.
What proof do you have that you don't? The word of companies like Microsoft with their EULAs and the RIAA and MPAA who try to take away your ability to use the CD/DVD that you own?
Well, what do you think they'll say? They hope that people will believe them. And they hope they'll do what you did, pass that on to others.
Their view of copyright is incredibly short sighted. I really don't see why they deserve copyright protection anymore. Seriously. Copyright is a social contract
The MPAA/RIAA/Software publishers are trying to have the 'limited' part of the monopoly removed, and to take away all your rights to do anything with the work that they don't want you doing.
They aren't living up to their side of the bargain, thus the contract is void.
Now, they can claim anything they like, about how you'll join satan, and undermine capitalism, if you violate THEIR rights, but I don't see them saying anything about your rights. And it's not just a case of "well don't buy it." They're counting on your tax dollars funding the legal system which is granting them this unlimited monopoly, so they're taking from you and giving nothing back.
Anyways, as I see it, their laws are the product of bribery. They lobbied for those laws, which means paying politicians in "campaign funds", then they bribe judges like Kaplan (Dunno if they paid him, or if it was enough that he worked for them before and got paid then) to give weight to their laws. In my view, that's not a valid law. Like a contract for illegal activities isn't a valid contract.
I choose not to follow those laws. I honor copyright as I see it. Limited monopoly, a guarantee to the author that they'll be the first to profit from their work. I don't see it as a right for the author to control everything I do with their work, so I don't feel obligated to follow laws that they buy which say that.
I agree with your assesment of the video media. You buy it, you can use it in any way that doesn't conflict with existing law. (You can't copy and distribute it, and you can't kill someone with it (Britney Spears music...))
But you're wrong when you say you that you license software...
They only software you license if something you buy specifically from a contractor, a company that sells you a specific limited site license for a special deal, or shareware.
In the first case it's because you're paying the contrator for the product. You decide which rights you want and then bargain over the value of those. With the specific site license, that'd be like Adobe selling you 100 copies of Photoshop for an 80% discount because you could show that it was all going to be used in a way that they approved of (to teach people who might later buy their own copy for example) and you were both making concessions in the deal (them price, you in what you can do with it.)
And finally and most importantly, shareware. If you download a program off of CNET (or anywhere else) there's no payment on your part so you have no right to expect it'll do anything. You then get it and can agree to a contract allowing certain use in trade for certain payment (maybe nothing, maybe a post card, maybe $$..)
But with commercial software, you buy it at the store and take it home, where you find the 'contract'. At that point, the contract isn't valid. You purchased all required rights to the software already. It's invalid for a number of reasons.
1) You can't put limits on an existing contract (it becomes a new contract, which requires new agreement and especially, new consideration (compensation)). I can't see you a car and then call up later and say that you have to buy gas from me. I can offer you an exclusive gas contract in trade for something, free tires, a low price, whatever, but it's only an offer until you accept.
2) The 'contract' in the form of a click-through license attempts to prevent your use of *YOUR* software (you paid for it at this point) by requiring you to agree to their contract. That's duress. You're not bound by agreements made under duress. Simply click 'Yes' and ignore it...
3) That contract doesn't even offer you anything, just the ability to use your software, so you don't get anything out of it. A contract that doesn't have compensation for both parties isn't valid. Again, click 'Yes' and ignore it.
Certainly don't take the corps' word on any of this, they stand to gain by making you believe you have more obligations than you really do.
Nope, you're thinking about unlambda.
Personally, I consider that way of thinking bassackwards but that's just me. Playing Devil's Advocate I could see arguements in favor of such a viewpoint.
I don't want knowledge. I want certainty. - Law, David Bowie
Well, this is deliberately bad. If the author had used descriptive variable names with more than one letter, used whitespace, and taken other steps to make it readable, I'm sure it wouldn't be so bad.
(IMHO, though, there is no valid use for the ternary operator '?:' other than making code hard to read.)
If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
These things are what allow projects like xine and LiViD to exist with a relative lack of legal molestation.
xine doesn't include CSS support by default. You can get a version of Xine with libcss support at the Xine resource page (along with a DXR3-enabled version, if you have that card). OMS links to libcss as well. So neither program actually includes it, but they link to it. As well, LiVid developer Matt Pavlovich was charged under the DMCA in California court for distributing DeCSS - strange, since he isn't a California citizen, and he was really (as far as I can tell) distributing css-auth, the non-ripper version of the CSS decryption scheme.
The DMCA itself is strictly an AMERICAN law and has no jurisdiction * anywhere * else in the world.
What worries me is that DMCA-like laws may be quietly pushed into force in other nations, like my own, which tends to bend over for any large US entity that tries to lean on it. In Canada, it would be even worse; we have no system of "fair use" up here, only a very strictly defined system known as "fair dealing", which basically says the copyright holder can set whatever limits they want on use of their work, and anything else in infringement. Just posessing DeCSS/css-auth could be very quickly made illegal up here.
Someday, you're going to die. Get over it.
Hand write your representatives and inform them of your digust with this law.
This may be more effective with new reps than incumbents, as the DMCA was unanimously passed. New reps might not have been subject to MPAA lobbying efforts yet. Some incumbents might (hell, probably did) pass the law without really understanding what it does; there was a letter in 2600 a couple issues back about a guy who runs into a southern Senator and explains to him why the DMCA is a bad thing.
Someday, you're going to die. Get over it.
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
[my emphasis]
Where I come from, If I bought the disk I own it, and the people who sold it to me can go whistle if I do something they don't like with it. But Merka, of course, is the land of the free...
I'm old enough to remember when discussions on Slashdot were well informed.
<thinks>
Another parochial Merkin </thinks>
What if the reverse engineering were done overseas, say in (just as an example) Norway? What would be illegal about that? Or did you think the DMCA somehow covered the whole planet?
I'm old enough to remember when discussions on Slashdot were well informed.
I'm not saying you're wrong, but that's the first time I've heard that; can you provide a reference? I thought this was stictly Merkin nonsense.
I'm old enough to remember when discussions on Slashdot were well informed.
> Now if you use < you have to hit up arrow,
> and do some retyping, cutting and pasting..
>but with cat you can hit up arrow,
>move to the right place, and type frob
> and a pipe!
Redirection doesn't have to go at the end
of the arg list. You're allowed to say
<file qrpff | extract_mpeg2 | mpeg2_dec
Now interpolating something before qrpff
is as simple as point + type.
-Tom Duff
See Tom's object-oriented tutorial for an example of clear perl writing. Perl is quite like a natural language. You *can* write obfuscated perl. But then again, you *can* write obfuscated English. Try this one:
Perfectly valid English, but almost impossible to read. Conversely, English can be very clear - and so can perl.perl -e 'fork||print for split//,"hahahaha"'
or you could put it in the public key section of your slashdot userinfo
Besides, let me explain what's most likely to happen now: People like Randal Schwartz and his crowd could probably reduce "War and Peace" to a JAPH. I suspect you'll see an unoffical competition among the perlites over the next few weeks to see who can chop more bytes off this code. That, in turn, will keep it in the news even longer, which is certainly a "Good Thing(TM) ".
- Read section 202.
Why? Doesn't seem relevant. Example:- Ownership of a copyright, or of any of the exclusive rights under a copyright, is distinct from ownership of any material object in which the work is embodied.
IANAL, but this looks about the most innocuous part of the DMCA to me.If you write a book, and sell a copy to me, then you retain copyright. I am bound by your copyright, and my actions are restricted in certain ways, e.g. I cannot print copies of your book and sell them myself.
If you write a piece of software / author a DVD, and sell a copy to me, then you retain copyright. I am bound by your copyright, and my actions are restricted in certain ways, e.g. I cannot cut copies of the software / DVD and sell them myself.
This code is a reimplementation of the algorithm that sits inside of every DVD player. It allows anyone to access their DVD movies with the flexibility and fair use rights that the movie studio's do not want you to have. Movie studio's do not want you to: fast forward through commercials, be able to backup your expensive movies, or be able to use imported DVD's.
If you're new to Unix, I think that orabidoo means:
/mnt/dvd/VOB_FILE_NAME | extract_mpeg2 | mpeg2dec -
qrpff 153 2 8 105 225
Hey, it's one less process!
-- You can't idiot-proof anything, because they're always coming out with better idiots.
Great. I lost the '<' in my command. I guess 'Plain Old Text' just ain't what it used to be.
-- You can't idiot-proof anything, because they're always coming out with better idiots.
It IS encrypted using rot-0 :-]
Just because you bought the disc, don't expect to use it in some way in which its owners don't approve
Since you are the owner of the disc, by copyright's first sale principle, this is a tautology, unless I suppose you have multiple personality disorder.
Yes, but it shows very nicely how absurd the DMCA is. It shows that code, in a way, really is like speech, and making such things illegal really is constraining the right on free speech.
Get real my friend. Whose fault is it that the popular media and pop culture in general doesn't understand us? I have no responsibility to explain myself and anyone else who feels that if they make something work in a nonconventional manner to the mindless masses. Thank god there still is a digital divide, thank god I'm on this side of it.
"Share your knowledge. It's a way to achieve immortality." -- Dalai Lama
Is that code isn't speech and therefore isn't bound by the the first ammendment. However, source code is primairly meant to convey meaning to other programmers (otherwise still all be writing programs by flicking a row of switches up or down and hitting enter.) Claiming code is not speech is convienent from a legal standpoint since it lets you outlaw encryption and decss and other things you don't like, but code is demonstrably speech and a court will eventually acknowledge that.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Publishing it is a crime because a judge said it was. That's really all it takes. So, you got that one wrong.
Judges do not make law. At least they are not supposed to here in the US. Judges do not have the Constitutional authority to declare anything a crime. Their function is to take laws passed by legislators, compare them to the actions of individuals, and to attempt to decide if those laws are violated by those actions.
Unfortunately, we inherited from the British the concept of "Common Law", which in effect allows Judges to -make- laws because their rulings affect the rulings of other judges. In my opinion, this is a VERY BAD IDEA(tm). It in effect allows individual judges, who may or may not have had any clue about the subject they are ruling on, to unilaterally change laws. It's like having bunches of little emperors running around each making their own laws.
Ocassionally turf wars, called appeals, occur.
When will Windows be ready for the desktop?
It won't actually fit in your sig......but you could always paste it in your post.
2 ;$ t=255;@t=map{$_%16or$t^=$c^=(
$m=(11,10,116,100,11,122,20,100)[$_/16%8])$t^ =(72,@z=(64,72,$a^=12*($_%16
-2?0:$m&17)),$b^=$_%64?12:0,@z)[$_%8]}(16..271);if ((@a=unx"C*",$_)[20]&48){$h
=5;$_=unxb24,join"",@b=map{xB8,unxb8,chr($_^$a[--$ h+84])}@ARGV;s/...$/1$&/;$
d=unxV,xb25,$_;$e=256|(ord$b[4])>8^($f=$t&($d>>12^ $d>>4 ^
$d^$d/8))>8^($t&($g=($q=$e>>14&7^$e)^$q*8^$q>=8)+= $f+( ~$g&$t))for@a[128..$#a]}print+x"C*",@a}';s/x/pack+ /g;eval
C'mon DMCA, I'm not scared.....
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=14
----------------------------
-----------------------
Moderator's essentials
...I totally for this idea. You would need to use a different key then then one used for DVD's, but nothing prevents you from changing you $HOME/.csskey ...
Opus: the Swiss army knife of audio codec
Not anymore :-)
Welcome to the age of Digital Content, where people are slaves to content-providers and huge impersonal companies. Where you you can't really buy or own anything, only a right to use on their terms. Where you don't really have anything to say about it, because common consumers are made redundant. The workforce taken for granted and unemployment coldly calculated to the decimal. Where new laws and authority is created by demand of higher economic growth, not by belief in the people. Where most of the citizens live in apathy and docility, because they have started to believe the false fantasies spouted out from Hollywood. This is the Age of Information as it was meant to be from the start; the stuff nightmares are made of.
- Steeltoe
http://www.debunkingskeptics.com/
Yeah! You go first... :-)
"I have never let my schooling interfere with my education." - Mark Twain
I agree with the original post that the size doesn't matter. The only thing that is proven by this program is that perl can be extremely terse and can do just about anything. I'm willing to bet that this algorithm could be expressed in a shorter way using a different language. To bring it to the point of absurdity, I could propose a new, hypothetical language, "DeCSS/C", where a standard library call called "d()" will decode a file. We could all stand back and say "Ha! One line of code to crack the encryption! Don't you feel silly now!", but really it says nothing, as we just have chosen a more efficient/simple tool for the job.
Sure, it hit the /. radar. I'll agree that it's novel as well. But I don't believe that it should be taken as a proof that the DeCSS matter is off-base.
Programming is not an art, it's probably reached the status of craft by now and we should be aspiring to give it the status of engineering.
The objective of an artist is to produce something that is aesthetically pleasing in some way. The objective of an engineer is to produce something that is functional. As a side effect, it may also have some aethetic qualities, but these should not get in the way of the function.
The above piece of code is a prime example. To me, it's as ugly as sin (speaking as somebody who has a lot of experience of fixing bugs in ther people's code), but the objective was not to produce something beautiful, but something that would decode a DVD in the smallest possible space.
All I want is a secure system where it's easy to do anything I want. Is that too much to ask ~~ Randall Munroe
Anyway, complexity of encoder/decoder has relatively little to do with cryptographic security, so the actual line-count or complexity of the algorithm doesn't really matter. As we all know, security by obscurity doesn't work, and double rot-13 encryption isn't better than single rot-13.
Perhaps the gov't could stretch the meaning of "produce" to include a copy being made of it, even though it was only in memory or for one's own use. Heck, they did that with copyright.
Follow the link for more info on the DMCA.
Just because it CAN be done, doesn't mean it should!
You contradict yourself. You say judges are not supposed to make law, and then, yourself, point out that we have "inherited" British common law that allows them to do so.
We did not "inherit" it accidentally. In fact, the founding fathers, and myself for that matter, considered the common law one of the major advances in the field of *justice.*
They are not called clerks, they are called *JUDGES.* It is their job to exercise *judgement* in specific cases before them in the public interest.
That is a GOOD thing and is core to the entire American philosophical system. It is, in fact, the legal philosophy that gave the founding fathers the idea that they had a RIGHT to declare independence.
If there were no common law and only code, as in the code Napoleon and other essentially fascist dictatorial forms of government and law, then America itself would be illegitamate.
KFG
Jon Johanson has suffered no penalty under Norwegian law.
KFG
THAT, of course, is the $64 dollar question.
It will take a ruling of the Supremes to answer it which is not likely to take place for years yet.
The MPAA, RIAA and the like are actually themselves not in any hurry to have the Supremes make such a ruling because it could invalidate entire provisions of the DMCA. They don't want that. Until such time as those provisions might be overthrown the DMCA still has the force of law, even though they may well be unconstitutional.
I wonder, what changes might occur in the American political and legal scene if legislators could be held liable for passing laws that were unconstitutional.
Surely one could make a reasoned argument that if the legislator BELIEVED it to be unconstitutional he/she/it had commited a violation of the civil rights of nearly every resident of the United States.
KFG
Public/Private Key style encryption is a *type* of encryption that has the advantage of self authentication, but isn't the entire field of encryption.
Simple number substitution for letters, i.e. a=1, b=2, etc., is encryption.
KFG
Yeah, okay... so that's some accident, but "it could happen!"
----
PointlessGames.com -- Go waste some time.
MassMOG.com -- Visit the site; Use the word.
PointlessGames.com -- Go waste some time.
MassMOG.com -- Visit the site; Use the word.
...try reading Finnegan's Wake.
--Perianwyr Stormcrow
What we call folk wisdom is often no more than a kind of expedient stupidity.-Edward Abbey
I mean why should owning or publishing this source code be a crime? Owning a CD-Burner is legal and you can use that to break copyrights too. You can even use a pen to break copyrights. What should be illegal is using this program to decrypt DVD's and copy them. But then again i'm not a lawyer.
The point is that the DMCA is blatantly unconstitutional (as interpreted by the courts [so far]).
And that gives us hope that it will someday be overturned. But in the meantime great damage can be done.
Before I moved to WA, I lived in CA. It is the stated position of the CA attorney general's office that they support and prosecute all CA laws, even if a law is widely known to be unconstitutional and is expected to be overturned in court. In other words, it isn't the police's job to interpret laws. They enforce them, blindly, and let the courts sort out the mess later.
I would be surprised if other states acted otherwise, actually. And I would be surprised if a Federal law was treated any differently. The DCMA will do a hell of a lot of damage before it is fixed, and traces of it will probably linger on forever.
Saying the perl script is 7 lines long is inane, since line breaks in code are meaningless. In a compiled program, what matters is the object code size, and in an interpreted language, it's the size of the script in bytes.
Coming soon...the Linux kernel in one line of code...
I have both the "Got Decss" and the "Open DVDCCA" shirt from copyleft I also have a pic of me wearing the open dvd shirt at my website Just thought that would add a little reality to the above post. :)
The anti-salmon
Somebody should write one of those I-Love-You/Anna-Kournikova viruses to make sure that everyone in corporate America gets a copy of this...
at first glance i'd be damned if that wasn't a perl shopping cart app.
It will have to make the mainstream news first, of course. Although I suspect that their law trolls probably have folks who monitor places like this for breaking news(?)
"It is a greater offense to steal men's labor, than their clothes"
By using the self-decrypting technique the original author uses to compress all instances of 'pack', I believe I've been able to compress it by another 15-20 characters. I save over 40 characters, but the expansion is 20.
I'll post it to David Touretsky's site once I've tested it. (It's taking for ever to decode even a few K on my old machine).
FatPhil
--
Also FatPhil on SoylentNews, id 863
Yeah, sure, like speech...
I think that program should be also protected by te DMCA; After all, it's clearly encripted
That's a fscking beautiful idea! I'll have to do this everywhere. $_='while(read+STDIN,$_,2048){$a=29;$c=142;if((@a= unx"C*",$_)[20]&48){$h=5;
$_=unxb24,join"",@b=map{xB8,unxb8,chr($_^$a[--$h+8 4])}@ARGV;s/...$/1$&/;$d=
unxV,xb25,$_;$b=73;$e=256|(ord$b[4])>8^($f=($t=255 ) &($d
>>12^$d>>4^$d^$d/8))>8^($t&($g=($q=$e>>14&7^$e)^$q *8^$q>=8 )+=$f+(~$g&$t))for@a[128..$#a]}print+x"C*",@a}';s/ x/pack+/g;eval
Lex orandi, lex credendi.
This is the cheese that the rat that the cat that the dog chased bit ate.
I have a positive modifier on Troll. When I mod someone Troll their karma should go UP!
MPAA vs the World? I don't think so. But maybe them the MPAA could sue Microsoft to get all those nasty little security 'features' fixed.
Just a thought.
The REAL jabber has the /. user id: 13196
The REAL jabber has the user id: 13196
What you do today will cost you a day of your life
Redirection doesn't have to go at the end of the arg list.
Damn, 10 years of shell usage and I never knew that... I have been enlightened!
...I'll have to take down my website's link to Slashdot again, for fear of per^H^H^Hprosecution under DMCA.
Aha! So you're the bastard who stole my bold tags. Well, I demand that you return them at once!
Most real world applications, like SSL, actually use symmetric encryptions (same key on both end) for the actual data transfers, and not public/private key (asymmetric) encryptions. Thats because asymmetric encryption schemes are usually lot less efficient that their counterparts. So secure protocols usually only use the asymmetric methods to actually exchange the session keys, after that, the symmetric version is used for the actual transfer of data!
"The point is that the DMCA is blatantly unconstitutional (as interpreted by the courts [so far]). But the courts unconstituional interpretation doesn't mean that we have to sit back and pretend the king has clothes"
Exactly right. So far DeCSS has been ruled illegal by one mis-informed, conflicted federal "judge" who made the most extreme POSSIBLE interpretation of the DMCA. I'm of course talking about the infamous Kaplan. Kaplan in so ruling ignored prior "fair use" case law, and even those provisions in the DMCA itself! In making linking to DeCSS sites illegal, he extended the law far beyond it's reach as it was written.
There really is no logical basis for Kaplan's decision, until you look at whom he used to work for in the past, in a firm that REPRESENTED one of the plantiffs...
I'm sure that if Kaplan got a case about THIS code in front of him he'd rule the same way. But turning DeCSS from hundreds of lines of incomprehensible gibberish into a mere SEVEN lines of compact code will make the DMCA a lot harder to stand up to public scrutiny.
This could turn the debate from "respectable Hollywood vs those EVIL hackers" into what it should have been to begin with:
IS it the role of the Federal government to use the force of law, and the might and guns of the government to protect industry against their own incompetent "copy protection" schemes?
=== The price of freedom is eternal vigilance
"Before I moved to WA, I lived in CA. It is the stated position of the CA attorney general's office that they support and prosecute all CA laws, even if a law is widely known to be unconstitutional and is expected to be overturned in court."
If a law is Unconstitutional, it is therefore ILLEGAL. The Constitution is the highest law in the USA, and no statutory law is allowed to contradict it. I'd think that people who enforce laws should be held liable for eforcing illegal law.
All members of the Armed Forces are held personally liable for the orders they accept and carry out. If a soldier carrys out an illegal order, they are as liable as the superior who gave them that order.
Why shouldn't that principle be applied to all other parts of government?
=== The price of freedom is eternal vigilance
I'm not sure that it would matter to the courts whether the source code to descramble CSS was composed of 7 lines or 700... What really matters is that the MPAA scrambled the content on their DVDs and this code circumvents that.
That's an interesting point - on what basis do you draw the line? You could say that "obviously" rot-13 wasn't a serious attempt to control access but if 7 lines of Perl can be considered a circumvention device, then what about 5 lines? Or 3? Or 1?
I share your scepticism about the outcoming of trying to challenge things on that basis, but you would think there has to be some kind of definition as to how how simple a circumvention device is allowed to be while remaining "effective" (or do they intend every case to be ratified by a court? Wait, don't answer that...).
Pre-DeCSS, if you'd proposed a circumvention device that could be bypassed in 7 lines of Perl, who would have taken it seriously?
-dair
...only if you've never used APL.
It doesn't even need to be copy protection, the DMCA talks about access control. CSS doesn't really provide copy protection, but it does do access control.
I didn't mean to say that I agreed with (or conceded to) MPAA's or Xing's (it was a Xing player, right?) shrinkwrap-license-prohibiting-reverse-engineering . I was just trying to point out that some other "agreeably" illegal activity must be engaged in before use of the perl script became actual circumvention of CSS.
Whether or not what was done to get Xing keys (which, if I recall correctly, is the only part of the "Trade Secret" argument MPAA is using) is illegal shouldn't (IMHO) affect the status of this script.
Correct me if I'm wrong, but wasn't the entire DeCSS system developed originally? That the only part that was "stolen" was the Xing master key, accidentally left unencrypted in the windows program? So MPAAs argument for trade secret theft only applies to the use of those Xing keys, right? Or could they argue that DeCSS could not have been developed without aid of those keys, and so it's a derivitave work, and so tainted by the theft of the secret?
And if so, at what point, after analysis, review, scholarly discussion, and seminars, does the CSS algorithm (and various ways to implement it) pass beyond any trade secret protection, again reducing DeCSS to a key availability issue?
Probably redundant, but CSS -does- use keys. Every licensed DVD player has a different key. Admittedly, the key length is short, so it could've been brute-forced, but the real trick was the Xing didn't encrypt (or even obfuscate) their CSS key in their DVD player software. That's what allowed DeCSS to be written in the first place. They key makes up most of the C code version, though, so I'm not sure how the Perl version gets away without using it (apparently...maybe it's buried in there somewhere). Anyway, it also has public keys, I think, in the form of what the DVD itself is encrypted with. The private player keys are the only things that can decrypt it properly. If indeed the perl version doesn't use the key, then that means it's obviously weaker than I suspected.
No, this is what happens when the space key stops working on your keyboard.
Like most americans you seem to be confused as to how the law works. The law does not work the same for everybody. The intent of the DMCA was to make more money for some corporations any other use of that law will not be held up in court.
The congress critter as well as any other corporation is not answerable to this or any other law only you are. Do you know why? It's because they have more money then you.
War is necrophilia.
Disclaimer: I'm the last person on earth that knows anything about encryption technologies, so I'm just gonna pose a few questions. Talk amongst yourselves, discuss...
/. before, but is CSS really encryption? It seems that it's more of just an encoding/compression scheme. There are no public/private keys envolved. The way that I understand encryption is that if I encrypted the phrase, "All your CSS are belong to us!" it would come out different every time depending on the keys used. This is what makes it private. CSS on the otherhand would just encode the phrase the same way, every time so that anyone's DVD player can decode it. So, I could use CSS to encode my homework and send it to my teacher if I wanted to. The teacher, or anyone intercepting that homework could use DeCSS or this script to unencode it assuming they knew how it was encoded in the first place. If I encrypted it, anyone that intercepted my homework, would have no way to decrypt it, and therefore, steal my answers. The teacher couldn't decrypt it either unless he had the key. Therefore, its not really encryption but more of just an encoding scheme, kind of like "zipping" a file with pkzip, winzip or gzip. Am I correct on this, or at least heading in the right direction?
Firstly, I'm sure this has been discussed on
If this is the case, then it seems like CSS is more of a standard practice thing, than a proprietary thing, and the MPAA should just give up. I'm sure that "zip" technology was at one time proprietary, now its pretty much standard. And, if I am correct, this really doesn't hold up to the DMCA, because its not encryption that I am trying to circumvent, rather, I am just decoding what I have rightfully purchased.
If this is the case, I have no problem with the MPAA going after the individuals that are illegally copying DVD's and selling them to their 31337 friends. However, just using the scripts and code to watch a movie on your Linux box is another story entirely, and I have no problem with that.
Thoughts, comments, bitching???
Typical usage should be /mnt/dvd/VOB_FILE_NAME | extract_mpeg2 | mpeg2_dec -
qrpff 153 2 8 105 225
I believe posters are recognized by their sig. So I made one.
It definitely is.
I bow to the superior skill of the author of those 526 bytes. I've saved it even if I don't own a DVD reader (and I don't plan buying one), just to open up the file at times and contemplate it.
Maybe one day I'll see the light.
The script circumvents access controls, doesn't it? Isn't that what the DMCA makes illegal? This isn't rocket science, folks.
Next question.
So I sez to him, I ain't givin' you no damn three-fity.
Has anyone though of writting a virus that
takes a persons files and encodes them with
CSS? It would be extremely funny if some MPAA
lawyer found himself sitting in front of his
computer and a message pops up
"Dear user: Your files have been encrypted with CSS. You may trivially decrypt these files with DeCSS unless you live in the United States in which case the use of DeCss could cost you five years in jail and $150,000 file. Have a nice day."
I will be appending this with a brief description to my emails. Here is what I had in mind.
The following code is a PERL script capable of decoding an encrypted DVD (necessary to watch a DVD on a Linux machine) in real time. This is illegal to have according to the Digital Millennium Copyright Act, a set of laws passed by anonymous vote in congress in 1998. The MPAA feels that they must stop you from using this code to watch DVD movies because then...
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$ t=255;@t=map{$_%16or$t^=$c^=($m=(11,10,116,100,11, 122,20,100)[$_/16%8])$t^=(72,@z=(64,72,$a^=12 *($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)[$_%8]}(16.. 271);if((@a=unx"C*",$_)[20]&48){$h=5;$_=unxb24,joi n"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/. ..$/1$&/;$d=unxV,xb25,$_;$e=256|(ord$b[4])>8^($f=$ t &($d>>12^$d>>4^$d^$d/8))>8^($t&($g=($q=$e>>14&7^$e )^$q*8^ $q>=8)+=$f+(~$g&$t))for@a[128..$#a]}print+x"C*",@a } ';s/x/pack+/g;eval
If you are interested in learning more about how to create your own DVD decoder you can take the authors class on the subject at MIT http://www.mit.edu/iap/dvd
Novel theory: Modern Man evolved from psychopath
Well.. I tried to paste the unobfuscated version, but unfortunately it is caught by the lameness filter here :(
:-)
Anyway, to unobfuscate it do this:
First paste the code into your favourite editor and change eval to print
Then save the file as decss.pl and execute this command in the shell:
perl decss.pl | perl -MO=Deparse
Now it's almost readable
--
- Trond Michelsen, mike@crusaders.no
I'm not sure that it would matter to the courts whether the source code to descramble CSS was composed of 7 lines or 700, whether it was Perl or C or VB, compiled or binary. The judge probably wouldn't understand any of those details anyway. What really matters is that the MPAA scrambled the content on their DVDs and this code circumvents that. Just because you bought the disc, don't expect to use it in some way in which its owners don't approve. Unfotunately, if the judge could really understand the details of the case I think he would agree with the opinions expressed on Slashdot, so would just about any sensible person who doesn't have some vested intrest in the MPAA's revenue stream.
The reality is that once the lawyers use the word 'hacker' to describe the people who write code like this, throw in 'circumvent' a few times, and tell everyone that this program will cause their DVD prices to skyrocket, people's heads turn. The facts of the case get lost.
Anyway, this is a nice accomplishment. 7 lines of Perl that will descramble CSS. Sad that it constitutes a circumvention device, but maybe that will change.
On second thought, you should email professor Touretzky with this suggestion. He could encrypt one of his copyrighted works and place it on a page at the site and let people know that DeCSS is necessary for them to read his words. On the other hand, this emphasizes the functional aspect of DeCSS which is different from Touretzky's focus. It would allow him to sue (under the DMCA) anyone who trafficked in (or now I think it's even possesses) a circumvention device, such as the courts have determined DeCSS to be. He could sue himself! If he placed his words on a DVD and encrypted using CSS, could he sue the DVD makers for trafficking in a circumvention device -- a DVD player. He could license his DVD as not being allowed (under his authority as a copyright holder) to be used in any DVD player with built-in CSS decryption. Then the DVD makers would be violating the DMCA vis a vis Toretzky's authority as a copyright holder.
Things that actually help:
- OpenDVD - actually learn about the DMCA and the case against it.
- Electronic Frontier Foundation - donate to the actual court case
- US Congress - Hand write your representatives and inform them of your digust with this law
Don't get me wrong. Sig files are fun and using this tiny piece of code in every post might help, but this situation isn't going to get better unless we put some real work into it.-the Pedro Picasso
(sourceCode==freeSpeech)
--
--
(sourceCode == freeSpeech)
Has anyone ever published a CSS encoder? Then people could encode their documents/articles/emails etc with this and distribute DeCSS as the mechanism for accessing the information. This usage should not fall foul of DCMA as it is being distributed by the owner of of the copyright material (you) to enable access. MPAA did not patent CSS, so can they prevent anyone from using the algorithm to "protect" their own copyright material?
slashdot, for the command line at the end of the example.
Once you write brute-force wrapper around it to bludgeon out keys, or something to derive a title key from a disk key, utilizing secrets stolen by illegally reverse-engineering other stuff, then are you violating MPAA plans?
>8^(
I think that's a portrait of the people at the MPAA.
Let's have fun, ladies and gentlement!!
.sigs and use it everyday for every form of electronic communication: Slashdot postings, Usenet, email, you name it!!
We should all add this snippet of code to our
Then stand back and watch as lawyers for the DVD Association go crazy, trying to sue everyone! Even better than linking! =)
The DeCSS case will be won, not in the court, but over the Internet -- so fire up that editor today... ROFL
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
Perl has got to be the only language where its actually more readable when compiled and then disassembled!
if it was a violation, I am sure posting the script on /. is as well. :) This will make for a much better "Got DeCSS" shirt, because it will actually all fit on the shirt.
The anti-salmon