Slashdot Mirror
The Read-Once, Write-Never Web
grub points to this TechWeb story about a software tool (NetRecall) from a company called Athentica which they claim can selectively allow viewing, copying, and forwarding of online materials. The idea is to maintain control of content on a per-person or per-category basis -- something which could have good or bad applications, but which sounds difficult to implement effectively no matter what use it's put to. (Will the required plug-on also block all screenshot utilities? If not, exactly who is it intended to stop?) Of course, since circumventing even simple methods used to "protect" copyrighted materials is illegal under the DMCA, perhaps that doesn't much matter.
Protecting sensitive information on the web seems like a contradictory endeavor.
I was thinking the same thing, but more like just taking a screenshot and saving it out as a png or something. Let's not stop there :) Screenshot + OCR would do wonders for retrieving most anything you can display "securely" on a screen. In all seriousness, do we really need to look at every one of these companies whose business is based on ignorance of the simple rule: "If I can see it or hear it, I can record it."? Who comes up with these ideas? Your problem isn't the 80% female over 35 audience. I doubt this has any security value at all. In the practice of tolerance, one's enemy is the best teacher. Quick -- must forget-- the cops are coming.
I run an X desktop on Windows and use the X cut buffer. Adobe does not seem to interfere if you allow the X-win manager to control things but if the Native Windows manager is in charge, the adobe protection works
Usually this is humorous but off topic, however i find in this incarnation it is actually insightful.
Obviously(read: hopefully), the people who made this know that this kind of protection is a joke. I assume that using a system like this is intended to sasisfy the DMCA's definition of "reasonable content protection". This isn't really a content management system, it's a large wooden sign that says "Beware Of DMCA!"
Didn't XP also break most of the 3rd-party tools? A review I saw (maybe CNet?) suggested that all of the 3rd-party tools they tried failed to work under XP--even tools that worked fine in 2k. Now, since XP and 2k are based on the same code base, I fail to see why a program that works fine on 2k wouldn't work on XP unless functionality it relied on was specifically targeted for change (perhaps ASPI mods to prevent ripping? That's where I've had the most problems under Win2k).
lyrics.ch == Paper Tiger, albeit an obnoxious one.
E.g., use Netscape to look up lyrics for a song. Right click and select "View Frame Info". You'll see a couple of JAR files: SPDEN2Controls.jar and one of the form X12345.jar. The former contains the applet, and the latter contains the lyrics for the song you looked up.
The applet will proceed to read the lyrics out of this X12345 JAR and draw them as image text, which gets wiped away the moment the applet window loses focus or you hit a key, etc. The better to tantalize, and enrage, you!
However, there is nothing to stop you from downloading X12345.jar and, for example, displaying its content with strings.exe (from SysInternals.com). You could also download the other JAR, decompile it, and modify it to supply suction to an automated lyric spider. You could, but that would be wrong (to paraphrase a dead president).
By the way, SPD = Self Protecting Document. It's part of the Xerox ContentGuard system. They've come a long way since PARC.
Bruce Schneier wrote this about Authentica.
Hmm, exactly how do they keep me from reading it more than once. ?
What if I memorize it and just keep reading it in my mind ?
:)
God. I hate reading this blatant misinformation on Slashdot at such frequency. Microsoft doesn't prevent mp3 recording in XP. Windows Media player will only encode at a low bit rate. This does NOT mean that you can't use a third party utility and acheive higher bit rates. You make me sick. Please check your facts before you spew this gibberish. I know that its anti-microsoft, and so its ok...But come on, think about it this way..We(by we I mean open source advocates) are constanly bitching about microsofts unfair FUD against our preferred programs. Yet we are not above doing the same thing, and in a blatantly incorrect way. Please think.
comet cursor is spyware
IS it really about corporate applied constraints or a challenge to the open community to create a better information system?
Last I checked, I do believe we still have freedom of choice in the market place. But when packaging all turns to the same shade of gray, then maybe it's time to become seriously concerned.
Could this be the beginning of something more restrictive?
There is China and the cyber cafes that are becomming a concern to the government. Concern about the need to apply censoring methods. So it seems to me that the real value in overcomming organized constraint efforts is in support of freedom of speech and education of the real world more so than gaining access to corporate selected restricted information.
Maybe this is apporaching the matter/topic from the other side. Perhaps there is a bias against the Chinese due to the political issues at hand. But when did promoting censorship or restriction of the real world ever achieve genuine solutions?
Besides it's not the chinese people responsible for the political issues at hand now, but governments playing the game of war. The sort of thing that gets removed thru education of the real world of adverage people.
Maybe it's not so much what is restricted but who such restrictions are to apply to, directed at?
Clearly there has been enough supporting comments to our ability to get around such restrictions, but if a whole country is restriced from access then who's gonna know there is something there to see? Unless someone outside tells them?
I hope this is never used on Slashdot.
I am, quite frankly a comment thief.
You call me by many names...troll, imposter.
I do a search on whatever topic the story is on in the slashdot archives. I then pick highly rated posts, and simply copy and paste them into the new story.
I have amassed great amounts of karma in a short time doing this.
If I could only VIEW old comments...I would be forced to retype all that drivel (usually the high scoring comments are decently long)
So..I hope slashdot never uses a system like this...or I will be out of a job.
Satellite image resellers use this sort of thing. Terraserver.com used a plugin that would block screenshots/clipboard/etc so you couldn't get your satellite photo unless you paid for it. Yes, you can trace it or photograph it off of your screen, but it's a damned good deterrent. And don't be surprised if you see Microsoft Wallet become the leading solution when every online newspaper and information site starts charging per-content, and the industry needs a way to make billing as easy as possible for the user. How much will it cost? Probably a fraction of a penny per article. There have already been conventions regarding this--it's on it's way.
So you're saying that women in this age group don't have young guys to help them "do screen shots, print to PDF, and post on a web stie, bla, bla, bla."
So what if a few forward or cut-n-paste. Besides, we can always sue offenders under the DCMA.
Sure, sue your customers. Great business plan. And the first time you do it, your "content" will be on approximately 1.2 bazillion "whack-a-mole" Geocities type sites, Gnutella, and Freenet.
Personally, I don't subscribe to any service that assumes I'm a copyright infringer (sometimes erroneously referred to as "thief") and impedes my use of the information I paid for. In that case, if it's something I want, I'll just take it, and people with your attitude can take that copy protection and pound sand.
~~~
One big difference is that it allows the person sending the document to place restrictions on how and when the document can be used. With PGP you would have no way to prevent them from forwarding the information to individuals who are not supposed to view the data.
Wayne
--
My wife is over 35, but she knows how to hook the S-Viceo output from either of our laptops to a VCR, either directly or through am S --> RCA adaptor. This works with RealPlayer, too. - Robin
What's the point of showing people something they're not supposed to remember? You may as well not show it to them in the first place, the net effect is the same.
--
Do these screen shot preventers still work if windows is run through plex86 or vmware?
--
Assuming, of course, that monetary motivations are the only ones that matter. That however has been proven wrong repeatedly, for instance by the huge amount of free software produced by enthusiastic volunteers.
--
Is that a copyright violation? Sure. The act of making a copy is the crime, it doesn't matter how it is done.
--
For the longest time, most hackers fell into category (c): students.
People were hacking on Linux, FreeBSD, gimp and apache with abandon even before the term "open source" existed and before a single article about free software had appeared in the New York Times. There was no money in it, and putting your Linux experience on a resume was not on anybody's mind.
Hackers hack for three reasons:
There simply is nobody who sits down at night and thinks "ok, tonight I'm going to submit a patch to the gimp in the hope that I will learn from it and that will improve my earning power in the future".
While I agree that nowadays writing the patch will probably marginally improve his earning power: even if it didn't, the guy would still write the patch.
Nor do I think that hacking on free software is an optimal strategy to maximize one's earning power in the least amount of time. There are lots of more efficient (but less sexy) ways to do that.
--
I mean... sue the keyboard manufacturers.. they have less money. Those pesky printscreen buttons are now a circumvention device under the DMCA!
it isn't free in the first place. What is being traded on Napster and Gnutella (I have no experience w/Freenet) for the most part is copyrighted material, not just "computer data".
I am not siding w/the fact that they are stopping this kind of service from running, I am saying that it isn't free and we aren't squashing any free trading of computer data. I have a good feeling that email, ftp, and www will be around for a while to do just that.
There seems to be a trend in the "content industry" of sending people encrypted things along with the keys and hoping that because they invoked the buzzword god "encryption" they are safe.
repeat after me: If someone can read something, they can copy it. Obviously the computer screen can be saved (by screenshot, by decoding the video signal, by pointing a camera at it... whatever). However, it gets better
The fundamental flaw in the security models of this (and DVD) is that they trust the user's computer with the capability to decrypt the content. However, as the user's computer is controlled by the user and not the DRM company, the model is flawed.
There is no doubt in my mind that, should there ever be good reason to do so, this will be cracked. Additionally, what with recent events such as the SDMI fiasco, I believe that at this point basing your business model on DMCA protection of your security is risky. Also, remember that in many uses simply being able to prosecute people for cracking it might not cut it; after sensitive data has been leaked no amount of litigation can undo the potential damage.
Who comes up with these ideas? I mean, i'm sure someone with a high priced education was involved. But, can't they see the obvious? It's been said before, if you can see it, you can copy it. If you can hear it, you can copy it. Attempting to control information is just an open invitation to steal it.
---
--
Insert Witty Sig Here
Sorry, please play again.
But thanks, really.
Actually, it's interesting the level of knee-jerk defense Microsoft gets on this issue. Do you guys really think that they won't go further to restrict possible "non-approved" use of Windows XP? The mp3 thing is just a shot across the bow. Microsoft looks out for #1, and what's good for big media is good for #1.
See, just 'cause I didn't take four paragraphs to explain myself above, doesn't mean I wasn't right :)
Caution: contents may be quarrelsome and meticulous!
Your right to not believe: Americans United for Separation of Church and
Ah, but they have... There is an option in the document properties (file..document info..security in acroread). Now, I don't know how durable this is under Acrobat (the editor), but I tho...
My memory says that I was told that it's just a flag, and that if you modify the program to just ignore it, then it acts unset. I was also told that it's an easy change, but that somebody (the xpdf maintainer?) wasn't going to make it because he thought the author's choices should be respected. Sounds like a good argument to me, even if it has caused me to trash a few interesting files (I tend to feel that files like that shouldn't be on my computer).
Caution: Now approaching the (technological) singularity.
I think we've pushed this "anyone can grow up to be president" thing too far.
ACtually he used the wrong word. What he meant to say was:
If it's something I want, I'll just COPY it
And if I remember correctly, the definition of thief doesn't mention anything about copying.
Yep, just look at the last few years: Napster, Gnutella, Freenet. We're definitely moving away from the free exchange of computer data. Yep, one-tenth of one percent of the population runs fast enough to maintain the freedoms they have, the other 99.9% are increasingly screwed. Sounds like we're winning to me.
This thing is going to get hacked quicker than you can say "CueCat". What is to stop someone from using a proxy and stripping the encryption? Oh yeah... the DMCA (Don't Make Copies Asshole)
If I press this here "PrtScr SysRq" button have I effectively 'circumvented' the control? God you Americans have f*cked up laws.
-ShieldWolf
just = (My)Opinion.toCents();
DMCA = Digital Millenium Copyright Act
-- It only takes 20 minutes for a liberal to become a conservative thanks to our new outpatient surgical procedure!
That doesn't prove it can't be cracked. If anything, it proves that 1) Nobody capable thought it was worth $20, or 2) The successful crackers waited until the program was used to crack it, to ensure they'd get something from it.
I know that if I was looking to crack something like SDMI that I'd try now, but wait to release anything until the format had a few billion invested in it to release the crack. After content providers get stung repeatedly with unsecure 'secure formats' enough they'll stop trying that method.
Taking a screenshot of that bill would be 'easy', in that it's easily said. You'd obviously have hooked all the screen viewing and capture routines but the video is still displayed by the graphics card. Overlays are harder to read, but can be done. And better yet, they can be done directly from the hardware. Maybe the hack would have to be written for each major video card, but it'd get around any level of OS-level protection.
And if that didn't work, there's always VMWare.
All your method would do is raise the bar. But it takes a lot longer to write a protection system than it does for an equally skilled person to break it.
And to crack the recreation for yourself, find a way to set your system clock back to a couple of hours before key expiration. Boom!
You feel foolish! You haven't been paying attention. -more-
Ah, but they have... There is an option in the document properties (file..document info..security in acroread). Now, I don't know how durable this is under Acrobat (the editor), but I thought it interesting that there's an option for 'selecting text and graphics'. So no copy/pasting either. Yikes.
And, remember, it's not just available on Windoze... it's MacOS, Solaris (both x86 and Sparc), HP-UX, Irix, AIX, and this little thing called Linux.
Where the value of X-Mailer: is the true measure of a man...
I know one of the sysadmins here _think large private university in los angeles_ and he told me the other day they needed to install monitoring software on the Macs.
I politely asked him for more info: he told me that by requiring students to log into accounts to use the pc's, they already know everything we do on those machines: they were simply trying to spread their coverage to another os.
Sigh.
We have a large mailing list (550,000 addresses), 80% are female and over the age of 35. Odds are, they won't do screen shots, print to PDF and post on a web site, bla, bla, bla.
It would work for us. It would allow us to charge for content.
So what if a few forward or cut-n-paste. Besides, we can always sue offenders under the DCMA.
Laters,
Microbob
Circumvention tool
http://www.ecn.purdue.edu/~laird/PDF/
You can also modify xpdf and recompile it: http://www.foolabs.com/xpdf/download.html
Commercial tool:
http://www.elcomsoft.com/apdfpr.html
More can be found looking for password recovery and PDF in search engines and web directories.
gs -dBATCH -sDEVICE=epswrite -sOutputFile=myfile.eps myfile.pdf
BTW, it can decode encrypted pdf too with a little modification. Just follow the (very simple) instructions printed when you try to read an encrypted .pdf for the first time...
Combined with pstoedit is a great tool
I downloaded the IE6 beta yesterday and it actually pops up a small box inside the picture when you point to the left corner, and allows you to save/print/email/ or open the my pics folder. Pretty cool feature for Win users to get pics and stuff from the net. DP
"(I) have this unfortunate condition that causes me not to believe a single thing any politician says when a mic's on.
. . . with predictable results. Anyone remember Things and Thingmaker? I didn't think so. That's because people don't tend to "consume" much "content" that requires some "rights management-enabled" plug in that usurps fair use (not to mention being hard to install and use).
Also, even if this software is Windows only, a screen capture would work just fine under VMWare or similar program.
Obviously it is meant to be used (or read, in the case of literature). Things which are not meant to be used are described as ornamental, decorative, etc. But anyway, whichever way you look at this, this is irrelevant to the point RMS is trying to make.
The usefulness of their software releases interests them insofar as it is useful in lining their pockets.
Obviously. Anyone with half a clue about business knows that - including RMS.
I'll make a wild stab as to the objection you're trying to make to "The Right To Read" - it's hard to see what your relevant point is, but I'll guess. Maybe you're saying that fair use is not in business interests.
Not necessarily so. What is in a business' interestes depends upon how their customers behave.
You don't even have to understand the concept of altruism to get this (I know some "libertarian" sheeple have a problem getting their heads round that concept). This is not essentially about altruism. RMS point is that is not in consumers' interests to have their fair use rights taken away, and that if they make enough fuss about it (via e.g. political action, market choices etc.), they might be able to preserve or enlarge their legal rights to share. NOTE: I'm talking about legal rights here, not some incoherent bollocks about "natural rights".
Is that too hard for you to understand? Do you now understand that you completely missed the point?
Female Prison Rape in NY
I never know who to hate more, the shister or the idiots who buy his warez. Truely, you would think that anyone with enough money to be interested in protecting their stuff and willing to pay for a system like this would have someone in charge who has a freakin' brain. Exactly what is the limit here? If I was to tell your CEO that I could give him eternal life (by use of a computer) would he believe me?
How we know is more important than what we know.
yer, and no-one would go to this much trouble to make a copy of someone's confidential information. Idiot.
How we know is more important than what we know.
the /. types will bitch and moan and do nothing, just like we always have.
How we know is more important than what we know.
How does *that* work? A screenshot is a screenshot, and should capture, pixel-for-pixel, what's on the screen.
I don't want your grandma's music anyway ;)
JOhn
Campaign for Liberty
Okay buddy, I don't know how long you've been reading slashdot for, but you need to run down to the corner store and by yourself a clue.
If you don't want uninformed miscreants spouting anti-microsoft, pro-linux bullshit, then don't read here. On occasion you get some good humor. The content of the articles as well as most of the posts sucks. Don't whine about the "blantant misinformation." That's what slashdot IS. It's what slashdot has BEEN. Read somewhere else if you want real news and real discussion...
Justin Dubs
This article is not talking about protecting news articles from nytimes (though if it actually worked, that might be a possible application). They are talking about protecting trade secrets or classified information from potential espionage. That is an environment where people would go to extrodinary lengths to copy data without it being recorded.
Many years ago now, the DOD tried to push the Orange Book as a solution to this problem, and IMO, it was a dramatic failure. But in any case, any implementation requires a trusted client terminal, either a tamperproof PC or preferably a terminal in a secure facillity (where you can observe to make sure people don't take pictures, copy down notes, etc). They you just have to worry about people remembering everything well enough to copy it down later.
As content protection for copyrighted material (music, nytimes articles, pr0n), just making it "to painful" to reproduce might be good enough to prevent the majority of casual or unintentional copying. However, once again, people forget the primary attribute of the virtual world: "All marginal costs are zero". Once someone discovers how to circumvent the plugin, the process can be automated and provided as a patch and you will never have to worry about it again.
I checked their site and there seems to be no linux plug-in, in other words: their technology is completely useless.
why use PDF (== portable document format) and then require a plug-in that will only run on win32 or mac, that's just stupid.
since everyone and their mother is working on a content protection system (which in 99% of the cases only works in MS-DOS 9x/NT/2000), I wonder if there is being worked on an open source, cross-platform content protection system.
I realize OSS people don't like content-protection but since there seems to be a demand for it it's better to have an open, cross-platform system then to have a closed (security through obscurity) win32-only system wich will result in linux users not being able to view some content.
---
Screenshots only work if the OS doesn't clamp down on the ability to make them. And there aren't many OS manufacturers to convince to get your policy adopted by 90+% of consumers...
And don't expect those input/output jacks in your computer to remain sacrosanct for long if there's big bucks on the table. Go do a search on "Macrovision" to see what's already adopted in millions of VCR jacks for preventing that sort of thing. For bonus points, cross-reference Firewire. Sure you can take photographs of your screen or tape-record your speakers. But that's not the point.
It's all about barriers-to-entry. Or in this case barriers-to-copy, barriers-to-distribute, and barriers-to-publicize.
Remember the following simple table, bulletized since /. doesn't let me do HTML tables:
Barriers-to-copy: Copyright? Check. DMCA-no-reverse-engineering? Check. Increase the proportion of technology components protecting copying by requiring reverse engineering? Ongoing, minor consumer resistance at best sighted so far, marketing and upgrades will take care of the rest...
Barriers-to-distribute: Suing webserver owners? Check. Shutting down napster? Check. Shutting down gnutella/freenet? Umm, working on that but if all else fails street-fight with denial of service- pay someone to pollute popular servers with bad content.
Barriers-to-publicize: Contributory-copyright-infringement law? Check. Intimidate press by suing people who link to workarounds like 2600? Check. Shut down highly publicized services with said law like napster? Check. Fragment any potential successor networks so no one approach gets too much publicity? In progress (but if network effects overrides these efforts, must insure other barriers are up)
Checkmate. Game over man, game over.
"Freedom for one" is not "freedom for all". And freedom for only a repressive-law-disobeying techno-elite is no freedom at all. We are destined to lose it very soon if we don't organize to make our voices heard very big and very fast. Do something. I'd start with the EFF and your congressperson.
--LinuxParanoid, thinking about adding a new alias, RIAAParanoid...
"only the paranoid survive" ... and I don't think most Linux proponents are paranoid enough
It could be similar to terraserver.com. If you right-click on the sat image and go save picture, you end up with a tiled image of the company's name instead of the sat image. (can't remember the name as terraserver is offline at the moment). Even Alt-Printscrn or screen capture from Paint Shop Pro wouldn't reveal the picture.
Or it could be similar to lyrics.ch - the lyrics you can view (which are owned by the Fox Agency), can only be viewed through a java applet that won't allow you to select the text to copy (surprise).
--
Consultancy: If you're not part of the solution, there's money to be made in prolonging the problem
How can they prevent someone from just taking a screen capture?
:)
Actually, taking a screen capture would probobly be your last resort, I'm sure there are 20 other ways to copy a "protected content web page"
Hmm, but, if it can't be screen captured, then how did they make that demo
You know, it's really unfortunate that people keep saying this in the past few weeks. Napster is not "dead." All the reports I read said that usage was down something like 20-25% from the pre-filter average.
If you're counting, that means upwards of 70% of napster users are still there. What on earth could they be trading?! Probably a bunch of name-mangled stuff, but I doubt that's all. RIAA gave Napster a list of songs/artists that had to be blocked. And insisted that the Billboard top 100 be blocked each week. Which really screws over people trying to get the latest "Destiny's Child" remix, but not, by and large, people trading electronic, punk, classical, or folk music. Or anything legally traded.
So, let's not start with Napster doomsday scenarios. They might start doing some crappy things like restricting the copying of mp3s you download, but so far, it's not at all dead.
---
Clearly one could ultimately retrieve the data, bit for bit, either by capturing pixels in the application, window manager, OS, or even hardware layers. However, such measures could make the copying task difficult and time consuming and such an effort would involve significant manual or engineered effort. This is the key to the copyright problem introduced with our digital age. Magazine publishers were not terrified of printing presses or even xerox machines. It is the ease of cut, paste, copy, and link that gives them the chills. I may pay for a magazine instead of reading a xeroxed one, and I might pay for the real picture as opposed to a reproduction.
Someone you trust is one of us.
The only secure computer is the one that's powered off and unplugged from the wall.
I'm sorry for sounding so skeptical, but I just can't believe that they can make this "secure". And if it's not secure, then it's crackable. If it's crackable, then it's only a matter of time (usually days, sometimes hours) until somebody posts a cracked version on a website.
I understand that it's important to get security, but I think that it's important to keep things in perspective. People should keep working on more and more secure applications. But at the end of the day, nothing is truly secure.
------
That's just the way it is
Ah yes, that is their goal, but you forget what Bruce Schneier has always been saying about these situations: Once someone writes some sort of hack program, that runs with a few mouse clicks, the average dumb user is back in business.
It's the same thing with mp3s: the average person doesn't know how to rip / encode a cd that isn't even copyright protected, but give them a program like napster, and they can can download mp3s all day.
... when someone could simply use a camera.
-----
"But really, I think life is just a game of Mao Nomic." -Purplebob
Or, will it stop people from using a pencil, writing it down, and retyping it? As long as people can read it, we can copy it- even if it's without a computer.
-----
"But really, I think life is just a game of Mao Nomic." -Purplebob
No more new web pages; Just read what's already out there, and you can shut down your damned browser for good.
I suppose it's kinda like trying to sue someone for copyright infringement when all they did was use your RSS file to make a "slashbox".
As much as I would want to hope that we will be able to convince our legislators and big businesses of such things, I believe that it is a lost cause. The digital copyright revolution won't happen until the "net" generation siezes power.
Quick -- must forget-- the cops are coming.. aughh...
Most people don't even bother to make it work on other platforms. e.g. On Macs it's ctrl-click, so the script doesn't pick it up...
Drag n' Drop DVD Recommendations
I have a few points
First remember the guy that claimed to be working for the FBI/CIA by stealing secrets from AMD. He brought a video recorder in and took movies of him scrolling throught internal data on his computer. That easily defeated all of their counter measures, in fact now they search for such devices.
As for 'new' or a 'innovation' of technology. Isnt they are talking about just another form of e-books, AKA key encrypted PDF. Also it seems that most of these encrypted books are able to be hacked the old fashion way of just editing the encrypted file, or hacking the reader. In the end this will only give a false sense of security, Of course if this sense is strong enough we might see more E-books ready to be traded on IRC. So, lets keep quite about how much of a lame idea this is, and just get the Hex Editors warmed up.
Try an unaccelerated video driver such as the standard VGA driver, or try just disabling accelerated video within the app if it allows for it. BTW, it's not that hard for a dedicated individual to write a video driver shim.
or goes full-screen and traps all keys but Ctrl+Alt+Del.
There's a lot of screenshot programs out there that have timer functionality.
And go to jail for posting this information on Slashdot.
Yes your honor, I'm guilty of being trolled.
1. Do you think this is ethically wrong. Should content be entrusted to the user.
It's a bitch, but not morrally wrong IMO.
2. Is this technically possible.
To a limited extent yes. But should we trust our nuclear secrets to a safe or should be build a number of security precautions? This is one tool.
Yeah that's all there really is to talk about. Sorry.
So close and yet so far from the world's perfect ID number
BTW, it's not that hard for a dedicated individual to write a video driver shim.
Microsoft has already addressed the audio side of this issue with the Secure Audio Path (can't play encrypted content through drivers not cryptographically signed by Microsoft). Who's to say they're not working on the video side?
Will I retire or break 10K?
People are using JavaScript to prevent viewers from using the right mouse button to save a picture
Blocking contextual menus is more trouble than it's worth (read more). (Circumvent it in IE by holding down the right mouse button and pressing Enter, or choosing File : Save As... : Web page complete. Circumvent it anywhere by wgetting the page and its images.) And it pisses some people off enough to make them write right-click shit lists.
Will I retire or break 10K?
it's always possible to make a screenshot
Not if the plugin opens DirectX and puts the image in an overlay, or goes full-screen and traps all keys but Ctrl+Alt+Del.
(even if they try to stop me from doing that, I can always directly read the video memory or something and circumvent their protection
And go to jail for posting this information on Slashdot. (You're posting it on a U.S. operated web site; therefore you're posting it in the U.S. under U.S. jurisdiction, including the Digital Millennium Copyright Act.)
Will I retire or break 10K?
You CAN download/save Quicktime clips; just view the source for the page, and the author HAS to specify the clip filename in the embed or applet or whatever they use now, and if they don't use proprietary (non-http) streaming of that clip, then... yoiNK!
Not to mention that people with good (or better still, photographic) memories can reproduce text, images, and sounds pretty accurately anyway.
Even if you put someone inside a custom built room, frisk them for recording devices, and show them the media, nothing short of erasing their own memory can prevent copyright infringement.
HypersnapDX will happily take grabs of the DirectDraw layer. It will do this in the native resolution being pumped to the screen as well, for the highest possible quality on any DVD screengrabs you might be wanting (for your personal use, copyright zealots). By the way, I just think its a cool product for making myself desktop backdrops, this is not an ad. No doubt there are other things that can do this too, if you don't want this one.
"I Know You Are But What Am I?"
My grandparents stopped using Napster too. Then my brothers and I went over and installed Napigator, and they're right back at it.
Go green: turn off your refrigerator.
I doubt this has any security value at all.
[an error occurred while processing this directive]
http://www.authentica.com/products/whitepapers/PRw hitepaper.pdf
>>The thing about the "Microsoft tax" is that it is wholly a "use tax". Unlike your income tax
>>which pays for services you may never use, no one is forcing you to pay.
Really, the Microsoft tax is that portion of the cost of a system that comes bundled with Windows which would be refunded if the purchaser took the time to return the copy of Windows 'unused'. Since the difference often isn't worth the hassle, people (like me) just eat the cost of an OS they'll never use.
You're right, no-one is _forcing_ me to pay it, they're just making it hard enough not to that I couldn't be bothered...
if you factor in the time it takes to source parts, I think it's at least break-even, and I've generally been satisfied with the build options I get from Dell...
nifty???
"The FBI is using Authentica's software, company officials said. According to one source, the technology may help the agency keep tabs on would-be spies by preventing agents from printing files that reside on an intranet or by monitoring what they do or attempt to do with sensitive documents."
Somehow, I get the nagging feeling that, if the FBI isn't ALREADY monitoring this stuff (how hard is it to log access to so-called 'sensitive documents,' anyhow?), we have more serious problems on our hands. Now, I have no clue how tight internal security there is, but a software program like this obvioulsy isn't the way to keep people from viewing it. When (not if, when) it's cracked, if the FBI is relying solely on this program for internal security, that will be a Bad Thing(tm).
-Corvidae
I find that attching an external screen grab to my card's out out works very nicely...
Time to dig out RMS's "The Right To Read" essay again. The scariest part is that I probably reread this essay once a year, and each time, we've crept closer and closer to it being reality.
Comment removed based on user account deletion
Comment removed based on user account deletion
There will always be a market for free content.
Otherwise you run into the situation of those certain stores. There are some stores in fancy areas of any city where you can shop at only if someone has told you where they are, and where if you have to ask, you can't afford it anyhow. It is shopping by appointment only. It is not just fashion, but includes antiques, and many other high price items.
Now this makes sense with exotic items. It even makes sense with things like porn.
But in the model of the corner grocery store, where you want to encourage traffic and lots of people, you can not suddenly put a lock on the door. What level of paranoia must you have to suddenly require an ID and a credit check to buy the equivalent of a can of Internet soup and a newspaper? I would go shop someplace else. I would move to another neighborhood.
An awful lot of sites going to the shopping by appointment only model are only selling soup, and they are cutting their own throats.
I can see the use of this software for the exclusive content set. Artists, etc. But in the long run, alot content will develop it's own alternate forums.
Check out the Vinny the Vampire comic strip
"It is a greater offense to steal men's labor, than their clothes"
The problem is, when someone savvy enough finds some content protected with this scheme that he wants to copy, he hakcs it, and makes a program that even grandma can use to copy the restricted content. Back to the drawing board.
A fast solution would be that the company changed the encription scheme every few days, but this doesn't hold, because while new content may be protected for some time, old content will have working hacks for it.
So maybe this scheme will stop the distribution of content that nobody is interested in (duh), but if the content is good, it will be cracked.
Yawn.
Never underestimate the bandwidth of a truck load of tapes
Personal privacy (section 1201(i)). This exception permits circumvention when the technological measure, or the work it protects, is capable of collecting or disseminating personally identifying information about the online activities of a natural person.
The way I see it. If the use of this 'service' requires identifying information and logs my use or access to it, I have the right to circumvent the 'protection' to maintain my own copy.
Yes we're winning the battles but this is rapidly coming to a head and the money and political power lie in the hands of the coporations. We rule the virtual world, they rule the real world. Unfortunately you can be sued in the real world whereas the coporations cannot be sued in the virtual world. Maybe if we setup virtual judges and courts...
Pinky: "What are we going to do tomorrow night Brain?"
Pinky: "What are we going to do tomorrow night Brain?"
Brain: "I would tell you Pinky but this 120 char limi
taking away the "save as" button would be sufficiently annoying and frustrating for that 90% of people -- 6EQUJ5
.pdfs. I'm not sure (i.e. haven't cared) exactly what the technical deal is, but I presume you can create a .pdf that specifies 'no save as'/'no print'/etc. I'd say 35% of the .pdf's I regularly work with don't have 'save as' enabled, but (for now) I can right-click and save them via the browser, or take the other obvious steps.
FWIW, the button/option IS missing for lots of
Eventually, I'm sure more and more of these holes will get closed, and I'll flip over to being in the stupid majority that can't or won't bother to figure out how to work around the annoying restrictions.
The earlier comment comparing these features to house locks was right on. We all know that a pro thief won't be deterred for a moment by a house lock, car lock, etc. Yet it's not the pros that create the bulk of the threat.
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
Several comments here point out that this kind of weak security can be circumvented in various ways, not necessarily requiring sophisticated hackery, allowing some users to defeat the content usage restrictions. True indeed, as a security measure it is weak. But for commercial purposes, this approach may be enough. To succeed, they don't have to block EVERY violation, but just make it a bit harder to violate such that violations aren't dramatically reducing sales.
.pdf file provides a statistical measure of protection -- even if 10% of the community can figure out how to make a copy, and 1% knows how to hack the .pdf content.
By example, if Napster hadn't been so widespread and easy to use -- if we were just exchanging MP3's via email, for example -- I bet the landscape would look quite different, because MP3 exchange wouldn't be seen as such a threat to copyrights and royalties.
I hate technologies that restrict what strikes me as 'fair use,' that restrict the free exchange of ideas, or that treat something that appears commonsensical and public-domain as if if were proprietary.
That being said, I won't dismiss the commercial value of easy-to-defeat restrictions. If 90% of the end users are perpetually confused, then taking the 'save as' button away from a
JMHO -- Trevor
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
Will it keep a PC anywhere machine from seeing the screen and doing a copy and paste on the machine not running the script? Can I be liable under the DMCA for suggesting such a thing?
The truth shall set you free!
yeah, but which information is really free? If information wasn't created by some individual(s) it was most likely at least recreated by some individual(s). All these indidviduals might claim some sort of ownership over the information and demand some sort of compensation for it's use.
It seems to me that historically the concept of copyright is relatively new. I don't neccesarily disagree with the concept of copyright but I just think that what we are seeing right now is tending towards the opposite extreme of not having copyright at all; complete control of the copyright holders over the materials.
What I'd like to see is some fair and socially healthy copyright legislation. IMHO freedom of information has greatly contributed to the general advancement of mankind's living conditions. I understand that profit is a factor that drives the creation of new information and that is something that should be taken into account. However I don't think that the motive of profit should stop the availability of information to society.
What we need is legislation that takes the welfare of the human race as a whole into account and not just the factor "profit".
Now I can use their technology to protect my code on my "m4d l33t h4x0r s1t3!!!"...
Seriously though, how long until the browser plugin is hacked and the content is downloaded anyway?
--The space between my ears was intentionally left blank--
If anyone knows how to unlock /dev/null's Write-Only Memory, please tell me. It's where I have all my nightly backups archived.
You want the truthiness? You can't handle the truthiness!
To recreate this for yourself just pgp encrypt everything you have and find a way to make the keys expire... possibly based on salt from the time date stamp etc...
I have to disagree with these comments because the /. types will not allow this to happen. Whenever a new technology comes along, we will always make it our own by whatever means necessary. Eventually I beleive we will have a situation where patent laws and inforamtion are valued only due to their timeliness. Meaning that the information will only be worht something if it is known and implemented within a certain period of time. Then anyting beyond will not be controlled because to do so would be a waste of money.
HOWEVER, all the examples given in the article involve companies (and the FBI) being concerned with espionage of some sort, where the stakes are high and you expect highly motivated individuals to come after your information. Simply preventing someone from printing the document directly is not providing any real security.
Either the article is poorly written (and this tech is intended to prevent lusers from sharing protected content) or the product is screwed.
Is this the promised end? Or image of that horror? KING LEAR
I misunderstood. I thought it was the "Read once. Right? Never!" web. Maybe that's just my experience.
-Styopa
Bypass #1: Disable JavaScript. Bypass #2: Read the source code, download the image directly from the URL. Bypass #3: Take a screenshot and cut out the image you want.
Lots of protection there.
i-name =twylite [http://public.xdi.org/=twylite], see idcommons.net
Personally, I LOVE eye candy.. the more the merrier!
Knowledge is like ignorance.. too much can be just as bad as not enough.
Sounds great at first but should someone want the information they don't neccessarily have to use tech methods to get it. Take a good old pen and paper and write down what you want, or take a picture of the screen with a digital camera.
What if the second party receiving the email chooses not to use the plugin then what? Are companies going to be willing to let business go because someone doesn't want to comply with using a certain product. Aside from that how is this plugin written, my guess is its a Windows based plugin which does little for Nix users.
Its sort of like this tool called Comet Cursor which allows you to highlight any word in a document and get all the information on that word even if they don't have a link posted on the document, only difference is, its blocking information.
Oh well I'll wait to see how people circumvent this, and laugh at the companies who dished out 30+ thousand dollars for this cheesy program.
360 degrees of Karma
www.lyrics.ch (once the best lyrics search site out there, now a pile of dog doo...) uses a Java applet to "protect" the few lyrics they still have on their site. The applet displays the song lyrics one page at a time. It also disables the Print Screen key, and stops displaying lyrics if you switch to another task. Obviously, you can't select any of the words that the applet displays, either...
The end result of their lovely system? I go elsewhere for lyric searches, to sites where I don't have to put up with an annoying and invasive Java applet just to look at a few song lyrics...
DennyK
Dunno how they do it, but RealPlayer manages to do this very thing...
Endless arguments over trivial contradictions in books written by ignorant savages to explain thunder in the dark.
When a company comes up with software like this, it's not intended to stop the savviest /. reader from doing whatever. It's designed to stop the 99% of people who wouldn't ever even think that a hack might exist to get around it. For examply, the reason Napster got popular is because people like my Grandma started swapping files. Napster started blocking and she stopped using it, and now it's basically dead. We all know there's way to get around the blocks, but that doesn't really matter. So, I guess my point is, if it's good enough to stop my Grandma, then it's good enough. :)
Unless they lock all our computers in glass cases and leave us without a single port to access, we'll still be able to record this stuff to our heart's delight. This is all hullabaloo.
Lets just do away with people altogether, I mean they are responbile for 100% of stealing :)
Or hey lets go back to closed minded countries that dont want their populace doing anything.
Thank you slashdot for turning into a GRIPE about Rights and not about news
Rember this all If we can view it on a computer screen it can be downloaded
These companies are always talking about new ways to protect content, but it is just a matter of time until someone figures out how to circumvent it. The only thing that keeps most protection schemes from being circumenvent is the lack of interest in its contents. If this method is to protect sensitive documents then it should be a relatively short period of time untill someone figures out how to crack it. It would take very smart people a very long time to design a content protection scheme that would take so long to break that it would be infeasible. I seriously doubt that this technology is one of those.
At best, plug-ins like that are an expression of policy and preference, not a security device, and only keep casual users from accidentally storing data. Trouble is that they are being marketed for security purposes: the article talks about proprietary design documents, the FBI, and sensitive corporate information. In my opinion, for that, they are completely unsuitable, and anybody who buys them for that is a fool.
I recognize that this will likely be unpopular, but before you mod this down, consider it.
There seems to be two ends of this spectrum:
This article, "The Right To Read", portrays one end of the spectrum. It portrays a world in which information is overly expensive. Yes, a world in which all information (books, music, etc.) is overly expensive would be bad. It would financially lock us out of good ideas on which to build new better ideas.
The other end of the spectrum is a world in which all information is free. This would also be bad. What motivation would there be to provide new better ideas? None.
So these two ends of the spectum represent economics which are broken.
The current situation for the music industry is a good example of an economic system which has been broken. However much fun it is at the moment, and I'm certainly having a good time, the long term consequense of not rewarding musical artists for their work will be shitty music.
Currently, the music industry has little to no control over how much I pay for a piece of music. Typically, it is $0 because that's what I choose to pay because I can. But this is broken. The person doing the selling needs to set the price, not the person doing the "buying". This is just basic economics. A fair price is reached when both the seller and the buyer agree.
I honestly hope that we can ultimately devise methods which will allow authors to control digital information. I don't think it will be easy, in fact I don't think it is theoretically possible, but ultimately it is important to refix the economics that we have managed to break by at least making it very inconvenient. It would be short-sited to believe anything else, and would simply be restoring a condition which existed before the digital era.
At the same time, I'm also confident that the world envisioned by "The Right To Read" will never happen. That is also about broken economics, but in the opposite direction: the seller has all the power. But this is a condition which does not exist long term in a free market. If your information is too expensive, I'll just buy someone elses. And please don't tell me that you expect someone to own the viewing rights to something like the periodic table of elements.
I should also mention that anyone that has done system administration for a large university knows the value of the warning message quoted in "The Right To Read", and the actions that it describes. There are a million ways to abused student computer services, and students seem to find every one.
"The only rights you have are the rights you are willing to fight for."
Yep, just look at the last few years: Napster, Gnutella, Freenet. We're definitely moving away from the free exchange of computer data.
("Andre creep, Andre creep...")
--
I suppose the headlined "read once, write never" memory is marginally better than the competing standard of Write Only Memory.
In all seriousness, do we really need to look at every one of these companies whose business is based on ignorance of the simple rule: "If I can see it or hear it, I can record it."?
--
It's fairly trivial to convert .pdf files into editable vectored graphics. I have a NetBSD box at work on my private subnet (the main machines at work are all Win32, OS/2, or rather controlled Sparc boxes, my subnet is composed of a second net card in my NT Box and a crossover cable to my NetBSD box). I run the xpdf package on it expressly to convert .pdf files to pure postscript (the print command). Then I drag them back to the NT side and import them into Micrografx Designer. Viola! Editable vectored drawings from stuff formerly locked up in the .pdf format. Any good graphics program that can import postscript vectors will do the same. I like being able to resize and manipulate the schematics we get from an outside design house only as PDF files....
"2) Viva la comunista! Down with the capitalist regime! "
The king is dead. Long live the king.
The only way liberals win national elections is by pretending they're not liberals.
Good points there... but taking away the "save as" button would be sufficiently annoying and frustrating for that 90% of people, so they would demand to have it back or use an alternative product. If a feature is downright annoying, people won't buy it. Ooops- Then how do you explain Microsoft's marketshare? I guess 90% of people are either masochists or brainless sheep who will buy anything!
Quite an interesting article to read over there. . . And I definitely agree that it is a problem where people essentially go and make copies of said information. However, I don't think that what Authentica is doing is quite right in a sense. If a company is going to do things that are in a proprietary nature, is this not where someone should be allowed to make copies of such information.
I remember a year ago, seeing a little Java applet being run that prevented the user from 'stealing' the image so to speak as it was displayed in a box. However, I'm not quite sure how this would stand up for documents. One thing that could be done would be to display such images in a PDF format. I'm surprised that Adobe, the head of the WinOS PDF readers, has not yet made an option that prevents printing of certain documents. Alas, those are my mere thoughts of a mere man.
I am but mad north-north-west: when the wind is southerly I know a hawk from a handsaw.
The seeds of the future have been planted...
...
Soon enough, information will be distributed in a closed manner similar to this. People who wish to view this information will have to use The System. Big Media will team up with Big Microsoft to form one huge monopoly that *no one* can break. (See: Windows XP and MP3). Unfortunately, most attempts by the open source community et al will fail because secrets to reading information will be kept only by the monopolizers (See: DeCSS encryption). The occasional advances made by the community will be stopped by lawyers and legislation (See: Your Rights Online).
Possible Endings:
1) You have been assimilated into the Complex. Do not resist.
2) Viva la comunista! Down with the capitalist regime!
3)
People are using JavaScript to prevent viewers from using the right mouse button to save a picture (this is used a lot on some "entertainment" sites). I'm sure that new plugin will at least work better than that.
I don't know why any company would waste their time doing something like this. It's obvious someone will find a way to by-pass whatever protection anyone puts on anything nowadays on the internet. It's all most likely BS anyway, just something someone said to get worked up on, doubt it's even gonna happen.
Need someone to host your site? Preferably someone Canadian? look here