Slashdot Mirror
The Read-Once, Write-Never Web
grub points to this TechWeb story about a software tool (NetRecall) from a company called Athentica which they claim can selectively allow viewing, copying, and forwarding of online materials. The idea is to maintain control of content on a per-person or per-category basis -- something which could have good or bad applications, but which sounds difficult to implement effectively no matter what use it's put to. (Will the required plug-on also block all screenshot utilities? If not, exactly who is it intended to stop?) Of course, since circumventing even simple methods used to "protect" copyrighted materials is illegal under the DMCA, perhaps that doesn't much matter.
Satellite image resellers use this sort of thing. Terraserver.com used a plugin that would block screenshots/clipboard/etc so you couldn't get your satellite photo unless you paid for it. Yes, you can trace it or photograph it off of your screen, but it's a damned good deterrent. And don't be surprised if you see Microsoft Wallet become the leading solution when every online newspaper and information site starts charging per-content, and the industry needs a way to make billing as easy as possible for the user. How much will it cost? Probably a fraction of a penny per article. There have already been conventions regarding this--it's on it's way.
So you're saying that women in this age group don't have young guys to help them "do screen shots, print to PDF, and post on a web stie, bla, bla, bla."
So what if a few forward or cut-n-paste. Besides, we can always sue offenders under the DCMA.
Sure, sue your customers. Great business plan. And the first time you do it, your "content" will be on approximately 1.2 bazillion "whack-a-mole" Geocities type sites, Gnutella, and Freenet.
Personally, I don't subscribe to any service that assumes I'm a copyright infringer (sometimes erroneously referred to as "thief") and impedes my use of the information I paid for. In that case, if it's something I want, I'll just take it, and people with your attitude can take that copy protection and pound sand.
~~~
it isn't free in the first place. What is being traded on Napster and Gnutella (I have no experience w/Freenet) for the most part is copyrighted material, not just "computer data".
I am not siding w/the fact that they are stopping this kind of service from running, I am saying that it isn't free and we aren't squashing any free trading of computer data. I have a good feeling that email, ftp, and www will be around for a while to do just that.
There seems to be a trend in the "content industry" of sending people encrypted things along with the keys and hoping that because they invoked the buzzword god "encryption" they are safe.
repeat after me: If someone can read something, they can copy it. Obviously the computer screen can be saved (by screenshot, by decoding the video signal, by pointing a camera at it... whatever). However, it gets better
The fundamental flaw in the security models of this (and DVD) is that they trust the user's computer with the capability to decrypt the content. However, as the user's computer is controlled by the user and not the DRM company, the model is flawed.
There is no doubt in my mind that, should there ever be good reason to do so, this will be cracked. Additionally, what with recent events such as the SDMI fiasco, I believe that at this point basing your business model on DMCA protection of your security is risky. Also, remember that in many uses simply being able to prosecute people for cracking it might not cut it; after sensitive data has been leaked no amount of litigation can undo the potential damage.
Yep, just look at the last few years: Napster, Gnutella, Freenet. We're definitely moving away from the free exchange of computer data. Yep, one-tenth of one percent of the population runs fast enough to maintain the freedoms they have, the other 99.9% are increasingly screwed. Sounds like we're winning to me.
Ah, but they have... There is an option in the document properties (file..document info..security in acroread). Now, I don't know how durable this is under Acrobat (the editor), but I thought it interesting that there's an option for 'selecting text and graphics'. So no copy/pasting either. Yikes.
And, remember, it's not just available on Windoze... it's MacOS, Solaris (both x86 and Sparc), HP-UX, Irix, AIX, and this little thing called Linux.
Where the value of X-Mailer: is the true measure of a man...
. . . with predictable results. Anyone remember Things and Thingmaker? I didn't think so. That's because people don't tend to "consume" much "content" that requires some "rights management-enabled" plug in that usurps fair use (not to mention being hard to install and use).
Also, even if this software is Windows only, a screen capture would work just fine under VMWare or similar program.
I don't want your grandma's music anyway ;)
JOhn
Campaign for Liberty
This article is not talking about protecting news articles from nytimes (though if it actually worked, that might be a possible application). They are talking about protecting trade secrets or classified information from potential espionage. That is an environment where people would go to extrodinary lengths to copy data without it being recorded.
Many years ago now, the DOD tried to push the Orange Book as a solution to this problem, and IMO, it was a dramatic failure. But in any case, any implementation requires a trusted client terminal, either a tamperproof PC or preferably a terminal in a secure facillity (where you can observe to make sure people don't take pictures, copy down notes, etc). They you just have to worry about people remembering everything well enough to copy it down later.
As content protection for copyrighted material (music, nytimes articles, pr0n), just making it "to painful" to reproduce might be good enough to prevent the majority of casual or unintentional copying. However, once again, people forget the primary attribute of the virtual world: "All marginal costs are zero". Once someone discovers how to circumvent the plugin, the process can be automated and provided as a patch and you will never have to worry about it again.
I checked their site and there seems to be no linux plug-in, in other words: their technology is completely useless.
why use PDF (== portable document format) and then require a plug-in that will only run on win32 or mac, that's just stupid.
since everyone and their mother is working on a content protection system (which in 99% of the cases only works in MS-DOS 9x/NT/2000), I wonder if there is being worked on an open source, cross-platform content protection system.
I realize OSS people don't like content-protection but since there seems to be a demand for it it's better to have an open, cross-platform system then to have a closed (security through obscurity) win32-only system wich will result in linux users not being able to view some content.
---
Screenshots only work if the OS doesn't clamp down on the ability to make them. And there aren't many OS manufacturers to convince to get your policy adopted by 90+% of consumers...
And don't expect those input/output jacks in your computer to remain sacrosanct for long if there's big bucks on the table. Go do a search on "Macrovision" to see what's already adopted in millions of VCR jacks for preventing that sort of thing. For bonus points, cross-reference Firewire. Sure you can take photographs of your screen or tape-record your speakers. But that's not the point.
It's all about barriers-to-entry. Or in this case barriers-to-copy, barriers-to-distribute, and barriers-to-publicize.
Remember the following simple table, bulletized since /. doesn't let me do HTML tables:
Barriers-to-copy: Copyright? Check. DMCA-no-reverse-engineering? Check. Increase the proportion of technology components protecting copying by requiring reverse engineering? Ongoing, minor consumer resistance at best sighted so far, marketing and upgrades will take care of the rest...
Barriers-to-distribute: Suing webserver owners? Check. Shutting down napster? Check. Shutting down gnutella/freenet? Umm, working on that but if all else fails street-fight with denial of service- pay someone to pollute popular servers with bad content.
Barriers-to-publicize: Contributory-copyright-infringement law? Check. Intimidate press by suing people who link to workarounds like 2600? Check. Shut down highly publicized services with said law like napster? Check. Fragment any potential successor networks so no one approach gets too much publicity? In progress (but if network effects overrides these efforts, must insure other barriers are up)
Checkmate. Game over man, game over.
"Freedom for one" is not "freedom for all". And freedom for only a repressive-law-disobeying techno-elite is no freedom at all. We are destined to lose it very soon if we don't organize to make our voices heard very big and very fast. Do something. I'd start with the EFF and your congressperson.
--LinuxParanoid, thinking about adding a new alias, RIAAParanoid...
"only the paranoid survive" ... and I don't think most Linux proponents are paranoid enough
It could be similar to terraserver.com. If you right-click on the sat image and go save picture, you end up with a tiled image of the company's name instead of the sat image. (can't remember the name as terraserver is offline at the moment). Even Alt-Printscrn or screen capture from Paint Shop Pro wouldn't reveal the picture.
Or it could be similar to lyrics.ch - the lyrics you can view (which are owned by the Fox Agency), can only be viewed through a java applet that won't allow you to select the text to copy (surprise).
--
Consultancy: If you're not part of the solution, there's money to be made in prolonging the problem
Clearly one could ultimately retrieve the data, bit for bit, either by capturing pixels in the application, window manager, OS, or even hardware layers. However, such measures could make the copying task difficult and time consuming and such an effort would involve significant manual or engineered effort. This is the key to the copyright problem introduced with our digital age. Magazine publishers were not terrified of printing presses or even xerox machines. It is the ease of cut, paste, copy, and link that gives them the chills. I may pay for a magazine instead of reading a xeroxed one, and I might pay for the real picture as opposed to a reproduction.
Someone you trust is one of us.
Ah yes, that is their goal, but you forget what Bruce Schneier has always been saying about these situations: Once someone writes some sort of hack program, that runs with a few mouse clicks, the average dumb user is back in business.
It's the same thing with mp3s: the average person doesn't know how to rip / encode a cd that isn't even copyright protected, but give them a program like napster, and they can can download mp3s all day.
Or, will it stop people from using a pencil, writing it down, and retyping it? As long as people can read it, we can copy it- even if it's without a computer.
-----
"But really, I think life is just a game of Mao Nomic." -Purplebob
As much as I would want to hope that we will be able to convince our legislators and big businesses of such things, I believe that it is a lost cause. The digital copyright revolution won't happen until the "net" generation siezes power.
Quick -- must forget-- the cops are coming.. aughh...
it's always possible to make a screenshot
Not if the plugin opens DirectX and puts the image in an overlay, or goes full-screen and traps all keys but Ctrl+Alt+Del.
(even if they try to stop me from doing that, I can always directly read the video memory or something and circumvent their protection
And go to jail for posting this information on Slashdot. (You're posting it on a U.S. operated web site; therefore you're posting it in the U.S. under U.S. jurisdiction, including the Digital Millennium Copyright Act.)
Will I retire or break 10K?
HypersnapDX will happily take grabs of the DirectDraw layer. It will do this in the native resolution being pumped to the screen as well, for the highest possible quality on any DVD screengrabs you might be wanting (for your personal use, copyright zealots). By the way, I just think its a cool product for making myself desktop backdrops, this is not an ad. No doubt there are other things that can do this too, if you don't want this one.
"I Know You Are But What Am I?"
"The FBI is using Authentica's software, company officials said. According to one source, the technology may help the agency keep tabs on would-be spies by preventing agents from printing files that reside on an intranet or by monitoring what they do or attempt to do with sensitive documents."
Somehow, I get the nagging feeling that, if the FBI isn't ALREADY monitoring this stuff (how hard is it to log access to so-called 'sensitive documents,' anyhow?), we have more serious problems on our hands. Now, I have no clue how tight internal security there is, but a software program like this obvioulsy isn't the way to keep people from viewing it. When (not if, when) it's cracked, if the FBI is relying solely on this program for internal security, that will be a Bad Thing(tm).
-Corvidae
Time to dig out RMS's "The Right To Read" essay again. The scariest part is that I probably reread this essay once a year, and each time, we've crept closer and closer to it being reality.
Comment removed based on user account deletion
There will always be a market for free content.
Otherwise you run into the situation of those certain stores. There are some stores in fancy areas of any city where you can shop at only if someone has told you where they are, and where if you have to ask, you can't afford it anyhow. It is shopping by appointment only. It is not just fashion, but includes antiques, and many other high price items.
Now this makes sense with exotic items. It even makes sense with things like porn.
But in the model of the corner grocery store, where you want to encourage traffic and lots of people, you can not suddenly put a lock on the door. What level of paranoia must you have to suddenly require an ID and a credit check to buy the equivalent of a can of Internet soup and a newspaper? I would go shop someplace else. I would move to another neighborhood.
An awful lot of sites going to the shopping by appointment only model are only selling soup, and they are cutting their own throats.
I can see the use of this software for the exclusive content set. Artists, etc. But in the long run, alot content will develop it's own alternate forums.
Check out the Vinny the Vampire comic strip
"It is a greater offense to steal men's labor, than their clothes"
Several comments here point out that this kind of weak security can be circumvented in various ways, not necessarily requiring sophisticated hackery, allowing some users to defeat the content usage restrictions. True indeed, as a security measure it is weak. But for commercial purposes, this approach may be enough. To succeed, they don't have to block EVERY violation, but just make it a bit harder to violate such that violations aren't dramatically reducing sales.
.pdf file provides a statistical measure of protection -- even if 10% of the community can figure out how to make a copy, and 1% knows how to hack the .pdf content.
By example, if Napster hadn't been so widespread and easy to use -- if we were just exchanging MP3's via email, for example -- I bet the landscape would look quite different, because MP3 exchange wouldn't be seen as such a threat to copyrights and royalties.
I hate technologies that restrict what strikes me as 'fair use,' that restrict the free exchange of ideas, or that treat something that appears commonsensical and public-domain as if if were proprietary.
That being said, I won't dismiss the commercial value of easy-to-defeat restrictions. If 90% of the end users are perpetually confused, then taking the 'save as' button away from a
JMHO -- Trevor
-- We all have enough strength to endure the misfortunes of other people. La Rochefoucauld
Now I can use their technology to protect my code on my "m4d l33t h4x0r s1t3!!!"...
Seriously though, how long until the browser plugin is hacked and the content is downloaded anyway?
--The space between my ears was intentionally left blank--
I have to disagree with these comments because the /. types will not allow this to happen. Whenever a new technology comes along, we will always make it our own by whatever means necessary. Eventually I beleive we will have a situation where patent laws and inforamtion are valued only due to their timeliness. Meaning that the information will only be worht something if it is known and implemented within a certain period of time. Then anyting beyond will not be controlled because to do so would be a waste of money.
Your problem isn't the 80% female over 35 audience. Its the single 15 year old linux kiddie who knows how to rip out the content, and distribute it to the 80% female over 35 audience for free (or a lot less than you charge).
...and no, the DCMA does not protect against cut & paste - that's the job of Copyright. The plug-in decrypts the information (legally) and displays it -- *then* it gets copied.
i-name =twylite [http://public.xdi.org/=twylite], see idcommons.net
Please. You need to lay off the Robert Louis Stevenson if the mental picture you get of "Chinese software pirates" is of a band of swarthy Asian men brandishing cutlasses and boarding innocent mercantile ships.
Dancin Santa
Sounds great at first but should someone want the information they don't neccessarily have to use tech methods to get it. Take a good old pen and paper and write down what you want, or take a picture of the screen with a digital camera.
What if the second party receiving the email chooses not to use the plugin then what? Are companies going to be willing to let business go because someone doesn't want to comply with using a certain product. Aside from that how is this plugin written, my guess is its a Windows based plugin which does little for Nix users.
Its sort of like this tool called Comet Cursor which allows you to highlight any word in a document and get all the information on that word even if they don't have a link posted on the document, only difference is, its blocking information.
Oh well I'll wait to see how people circumvent this, and laugh at the companies who dished out 30+ thousand dollars for this cheesy program.
360 degrees of Karma
When a company comes up with software like this, it's not intended to stop the savviest /. reader from doing whatever. It's designed to stop the 99% of people who wouldn't ever even think that a hack might exist to get around it. For examply, the reason Napster got popular is because people like my Grandma started swapping files. Napster started blocking and she stopped using it, and now it's basically dead. We all know there's way to get around the blocks, but that doesn't really matter. So, I guess my point is, if it's good enough to stop my Grandma, then it's good enough. :)
Unless they lock all our computers in glass cases and leave us without a single port to access, we'll still be able to record this stuff to our heart's delight. This is all hullabaloo.
These companies are always talking about new ways to protect content, but it is just a matter of time until someone figures out how to circumvent it. The only thing that keeps most protection schemes from being circumenvent is the lack of interest in its contents. If this method is to protect sensitive documents then it should be a relatively short period of time untill someone figures out how to crack it. It would take very smart people a very long time to design a content protection scheme that would take so long to break that it would be infeasible. I seriously doubt that this technology is one of those.
Yep, just look at the last few years: Napster, Gnutella, Freenet. We're definitely moving away from the free exchange of computer data.
("Andre creep, Andre creep...")
--
I suppose the headlined "read once, write never" memory is marginally better than the competing standard of Write Only Memory.
In all seriousness, do we really need to look at every one of these companies whose business is based on ignorance of the simple rule: "If I can see it or hear it, I can record it."?
--
It's fairly trivial to convert .pdf files into editable vectored graphics. I have a NetBSD box at work on my private subnet (the main machines at work are all Win32, OS/2, or rather controlled Sparc boxes, my subnet is composed of a second net card in my NT Box and a crossover cable to my NetBSD box). I run the xpdf package on it expressly to convert .pdf files to pure postscript (the print command). Then I drag them back to the NT side and import them into Micrografx Designer. Viola! Editable vectored drawings from stuff formerly locked up in the .pdf format. Any good graphics program that can import postscript vectors will do the same. I like being able to resize and manipulate the schematics we get from an outside design house only as PDF files....
Quite an interesting article to read over there. . . And I definitely agree that it is a problem where people essentially go and make copies of said information. However, I don't think that what Authentica is doing is quite right in a sense. If a company is going to do things that are in a proprietary nature, is this not where someone should be allowed to make copies of such information.
I remember a year ago, seeing a little Java applet being run that prevented the user from 'stealing' the image so to speak as it was displayed in a box. However, I'm not quite sure how this would stand up for documents. One thing that could be done would be to display such images in a PDF format. I'm surprised that Adobe, the head of the WinOS PDF readers, has not yet made an option that prevents printing of certain documents. Alas, those are my mere thoughts of a mere man.
I am but mad north-north-west: when the wind is southerly I know a hawk from a handsaw.
Hey, for the record, there are a lot of females over the age of 35 (myself included) who are quite capable of taking screen shots, printing to PDF and posting to the web!
Jeez, I was probably using FidoNet when some of you guys were thinking solid food was a neat idea...
Just because some of us are old enough to be a parent of many of you doesn't mean we're by definition tech-ignorant; people do pick this up later in life, too - my mother didn't get her first (PowerMac) computer until she was 60!
I've also done enough tech support to see there are just as many ignorant males as females-of all ages- out there...
Anyway, I don't mean to be strident; I just ask that y'all be a little more open-minded, please!
= )