Slashdot Mirror
IETF on DRM, Internet Faxing
Rich Salz writes: "The Internet Research Task Force, a sister of the IETF, has a research group on Internet digital rights management. Ebooks, secure content, no-fair-use (sic), etc.
According to a presentation at the last IETF, one of the group's work items is to influence other IETF activities to support/architect DRM. IDRM membership is open to anyone, presumably including nay-sayers." Meanwhile, the IETF has put on hold its work toward an internet fax standard, as Adobe and Xerox squabble over a file format.
Yes, so you get two copies of the book. You diff them. You find several differences. Now what are you going to do? Suppose you resolve them randomly. When you see "grey" and "gray", you just pick one version at random. That should do the trick, right???
Not so, young grasshoppah!
Suppose that I, the Evil Publisher, encode 1000 random bits into each book using things like "gray/grey" or comma/no-comma. Your two copies will actually AGREE on about 500 bits, so you won't even know they're there. Now I compare the books I've sold against the pirate copy. Almost all books with agree with the pirate copy on about 500 bits +/- a few standard deviations. But TWO will agree on around 750 bits-- namely, the two you merged. With 99.9999% confidence (or around there), I now know the identity of both you AND your buddy who also purchased the second book. That should be enough for a search warrant!
(Of course, you might be more clever. But then so might the Evil Publisher. Not clear who would win, but without knowing his strategy and with years of prison time on the line, would you actually play the game?)
Computer generated PS files can be the most hideously inefficient program creators of all time. But they work.
What a great idea! Good thing there are such mechanisms.
See rfc2026: (The IESG is the Internet Engineering Steering Group, the folks who approve standards.)
The rest of the RFC is a worthwhile description of IETF policy, but, I believe, is being revised.
Interesting analysis, but as you note it depends on the publisher being able to track each individual copy sold. In addition to being highly impractical until we have universal 802.11 at all beaches in the world, the privacy impact is severe and negative. So I still doubt very much that this scheme (scam) will be effective, even if it is briefly protected by a patently unconstitutional law.
sulli
RTFJ.
Or you simply run a spellchecker on the text. All copies have the same spelling, problem solved.
.....Wait a second! Now I know why CmdrTaco's spelling is so bad! It's a copy protection mechanism!
Mart"I know I will be modded down for this": where's the option '-1, Asking for it'?
What the hey... maybe I'm ignernt or something, but what's the deal with waiting for two companies to quit squabbling? Why not define the standard and let _them_ conform to the standards, instead of conforming the standards to _them_??
Skivvy Niner? Email me!
HEY! Look left just ONE MORE TIME!
The question is what makes a fax more legally reliable than an e-mail. Maybe its simply because it is harder, for the sender, to falsify the originating phone number?
Jumpstart the tartan drive.
I think thats more than half the problem. They arent asking IF something should be done, only how to do it. If someone comes up with a way to track every word I read in an ebook and then delete it so I cant re-read it what are the bets these guys would support it rather than 'constrain' the technology?
Maybe we should form the Internet Social Issues Team (IS IT) to address the things the corporations dont want to be bothered with.
It's not a tech arms race. The copy-"protection" don't have to work. Their very existance makes using content in unapproved manners ILLEGAL under the DMCA. That is what it is all about - the DMCA allows even a trivial amount of programming to have the same legal force as Federal legislation.
Using the DMCA, Adobe can, and has, written a copyright "law" that applies to their products which goes beyond the old standard copyright law and infringes on fair use.
And the courts enforce those "protection" algorithm "laws" with sometimes draconian severity. Just ask Dmitry Sklyarov.
Just because it CAN be done, doesn't mean it should!
PNG includes some compression techniques a lot like that used in fax transmission, so it's an easy conversion, I think. Some fax-to-email software already converts faxes to PNG format. And PNG includes some metadata capabilities (comment fields) which could be used for the phone numbers ("station ID's" in fax terminology) etc.
What a depressing organization.
Friends don't help friends install M$ junk.
Well we will test your theory when WinXP comes out with renting only
http://saveie6.com/
Yeah, I know what you mean. I was kind of amused at all the convoluted ways people were thinking up to the 'different spelling error in every copy'-mechanism, when there is a perfectly good and common utility to circumvent it.
And the dig at Taco's spelling comes naturally after reading /. for awhile :)
Mart"I know I will be modded down for this": where's the option '-1, Asking for it'?
Unfortunately this will never be possible unless the USPTO ends its current corrupt scheme.
At present there is no means by which anyone can know what patent applications are in progress. It appears that even the modest changes under which patent applications would be published a year after filling are now 'optional'. What this means is that a corrupt applicant can easily file for a patent on somebody else's invention.
Another common trick is to extend an existing patent to include a claim on somebody else's invention that was published after the original application. Under the current rules the applicant gets the benefit of the original filling date.
Patent fraud is real and its legal. It is even encouraged by the USPTO.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
Looks like a GPL Patent. ALl Future Patents related to First Patent are free for us to use. (Us being Xerox). Seems reasonable to me.
ever hear of diff? ok then.
I don't really mind double posts on
One can standardize the method while leaving open enough details to maintan obscurity.
In traditional ("real") security, yes, because there the security has the clear, definite goal of sperating the universe into two groups: those who have access to the information, and those who do not. Those who have the key/password/whatever can access this server, or decrypt this email, or whatever; those who can't, can't. WIth this aim, you can actually *use* cryptography, which is based on real, solid, one-way math; and since you are using math and not secrets to protect your stuff, you can use standards.
In "copy protection" (i.e. "use control"), however, this is not the case. Here, the person you are giving access to is the same person that you are attempting to limit. The "has access" and "does not have access" distinction is eliminated completely. The "shared secret" of the "key" that makes up the inherent obscurity part of any security is no longer something that is used to unlock the book; it is something that is used to limit when and how the book can be unlocked by a person who posesses a key. Your "enemy" is not some evil person who has intercepted your encrypted email; your enemy is the person who has purchased your product. Therefore, you cannot put the security into cryptography-style math, becuase if the person you have sold the product to can pay $25 to ANSI and get the copy of your "standard", they can see how you are preventing copying, remove the prevention, and copy all they like. In the end, security through obscurity of method is all you have, because obscuring the key is not an option-- you must give your enemy a copy of the key for them to be able to watch your dvd at all! And since the enemy has a key, all that is needed is for one of the enemy to reverse-engineer or figure out how their key works, and your copy protection scheme has become completely useless.
It is important to note here that most content-protection forms i have seen thus far-- most notably CSS-- are there with the "copy protection" aspect there not as the primary goal, but just as a side effect, with use limitations being the primary purpose. CSS is there not to prevent the copying of movies, but there so that nobody can build a nonliscensed DVD player-- meaning that nobody can build a DVD player without paying money to the dvd forum, and that all dvd players can conform to the exact demands of the dvd forum (like, nobody can watch THe Sixth Sense without watching a trailer first, or watch a japanese movie on an american player before the movie companies decide they're good and ready to release the japanese movie in america), meaning nobody can invoke fair use and use a dvd in a way inconsistent with the desires of the dvd forum. The "copy prevention" thing is there mostly as a smokescreen, and so using a legitimate open standard for dvd devices would not work here; a scheme which would restrict illegal & immoral redistribution without restricting who can build devices for the viewing of dvds would be unacceptable to the dvd forum.
Please note that i am referring only to the traditional, nefarious form of "copy protection", the one that is more accurately described as "use control". If by "copy protection" you mean some kind of watermarking/tracing scheme, then that is not what i refer to in the above paragraphs, and i have nothing in particular to say on that subject at this time.
-mcc
help me help me i'm in a windows computer lab and i miss applespell
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
TIFF works.
Why bother with Color? Only graphic artists and print shops use color faxing. And then, the documents are usually printed on a Postscript printer, then faxed. In that case, if you have a PostScript printer and internet, why not send the plain PS file?
That title is dangerous. It looks like the IETF is addressing the question of putting DRM in internet faxing.
Upon reading the article it is clear that the post is about the two seperate issues of [the IETF and DRM] and [the IETF and faxing], but the four seconds of shocked, frozen horror upon reading that headline were still pretty bad.
Gods.. DRM built into your fax/print standard. that would be terrifying, a fax/print system with an inherent bias against flexibility at the standard level. What an ugly, ugly thought. Be more careful next time.. you might give some old, feeble-hearted UNIX/COBOL engineer a heart attack before they get a chance to read the article blurb and realise they misinterpreted the headline.
Jeez.. you might as well accidentally post a link on a for-children-only website to whitehouse.com, or something.
Why are they studying Ebonics? OOOhhh, ebooks, never mind.
Well, it's rather cumbersome to type the documents before sending them, opposed to just putting it in the fax and pushing 'Send'... One doesn't always have the digital copies on hand.
Burn the land and boil the sea, you can't take the sky from me
ok I'm not an "information wants to be free" monkey, neither do I oppose the idea. But to what extent do we need (I)DRM? Understandably, commercial software vendors want to profit from their creations, and artists want to be paid for their art, but I think that this is going to reach much farther than that. I have seen how the 'net has changed in the last 8-10 years and I remember when it was the BBS ops protecting their own 'wares (which had an entirely different meaning back then) and through it all, not a lot has really changed except the technology behind it all. Big brother (whoever it may be in each particular case) wants to be assured that you only get your slice of the pie and not a part of his. It's only a matter of time before image recognition filters are in place and can monitor who is on your desktop background. It's always us [trying to keep them out of our business] against them [making us their business] and guess what! We always lose! How long until pirated software, mp3s pr0n etc just searches your drive for a liscense, and self destructs when it doesn't find it? Anyway, I suppose I'm just ranting.
</rant>
Are YOU listed?
What, me worry?
I wonder which format (Xerox or Adobe) is going to have the first fax virus embedded... oops.. sorry, Adobe.Alex
A winner is you!
...to see that this "new" innovation is going to use a propietary format. Think of the bickering it will cause.... oh, right. You know why they're fighting over this, right? Same kind of problem with MP3. Royalties, it is all about the royalties. Shame on the IETF.
Use my userscript to add story images to Slashdot. There's no going back.
The question is what makes a fax more legally reliable than an e-mail. Maybe its simply because it is harder, for the sender, to falsify the originating phone number?
No, it's the same thing that makes any other paper document legal: the signature. They may be far from perfect, but they've been the basis of all legal transactions for the past several hundred years.
"The future's good and the present is nothing to sneeze at." - Roblimo's last
sPh
--CTH
--Got Lists? | Top 95 Star Wars Line
does anyone actually fax over the internet? with email and all?
IETF Meetings
The process is simple, pay the fee, read the documents, show up prepared to make comments. The IETF works both online through their mailing lists and Face - Face with their meetings held 3 times a year.
and DRM is the last thing in the world I want to deal with. Imagine the pains in the ass, customer service calls, etc. to deal with network-based DRM. "My ebook didn't work! It's your fault, ISP!" Yucko.
I agree, TIFF is dead as much as it is proprietary. Many TIFFs I've come across use LZW compression so they suffer the same patent problems as GIFs. I refuse to use crappy software that can't use decent non-proprietary formats. Long live PNG!
The new RFC 3456 is about dead Nietzsches !
Here is a link.
I believe it's usually fairly easy to scan a hard copy document and email it that way, and most of the things you are sending by fax have probably been produced on a system in the office so they can be forwarded fairly easily...
Email is a great thing... even those workers in Florida have figured out how to get work home without floppies =P
prosebeforehos.com
In principle, it is possible. One can standardize the method while leaving open enough details to maintan obscurity.
This is, btw, how cryptography works anyway - it is based on obscuring information (like the encryption key, or the key pair in public key cryptography). There is no security without obscurity (a Unix password, for example, is technically an obscured, user-supplied part of an encryption algorithm).
An interesting point is however that watermarking has quite inverse goals. While most authentication applicatiosn can't care less if you scramble or mutilate the (wrong) key (authentification will still fail), watermarks should maintain their information under such attempts and only be removable if the key is known.
Meanwhile, the IETF has put on hold its work toward an internet fax standard, as Adobe and Xerox squabble over a file format.
Internet Fax standards have already existed for years : Check out www.tpc.int for more info. You'll note that the entire TPC.INT system is based on several RFCs that were released years ago: see RFCs 1528, 1529, and 1530. (And 1703, which extended tpc.int to radio paging....)
"The future's good and the present is nothing to sneeze at." - Roblimo's last
Rights management? that's an oxymoron.
IDRM will not pursue research into the legal and social issues of DRM. IDRM is concerned with legal and social issues only to the extent that they affect or constrain DRM technology. As the IDRM RG intends to focus on technical issues, it will address technologies that promote both copy-protection and fair-use copying of digital objects. IDRM will pursue research into DRM technology with a focus on the end-to-end and IP network infrastructure issues of DRM.
What the heck? I don't think that someone who views legal and social issues as a constraint on technology should be developing the technology.
The people who develop technologies deeply rooted in the social context have truly achieved their dreams; as these technologies gain widespread use, they transform society and enrich their creators.
In the case of copy protections and other forms of rights management, these technologists are inventing far away from the wishes of society.
If the mainstream press has understood antyhing, it is that people want to widely share and download music, to create their own unique musical soundtracks and archives, and to share music for free.
If digital rights management becomes widespread, it will only be because the influence of money, and not that of a vast social trend, caused it to happen.
The technologists who make it won't ever be able to rest, they will be in a permanent arms race with those who try to crack the technology. They'll be foot soldiers in a war between money and a social trend.
I doubt that rights management, an algorithmic, bureaucratic process, can win against fair use, a social and organic process. I think the people who live and love the science of copy protection should look in the long term, and use their talents in the interests of people, rather than money.
Goat sex free since 2001
? Is this the right to rearange the bits in my PCs memory as I see fit? Bunk. A modified tiff file is no more a "standard" than the original tiff. Patents on things like this are artificial and arbitrary restrictions on the use of computing equipment.
Friends don't help friends install M$ junk.
The standard seems to be: "Who the hell cares?"
- A.P.
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
If "digital rights management" is "bad", why does Slashdot put an OSDN copyright statement on its web pages?
I'm far more concerned about plugging up the Internet with more crap, i.e. faxes. Why do we need fax over IP anyway? Is it just so Adobe and Xerox can introduce a new uselss must-have product to business, or because there's any crying need for fax-over-IP?
All about me
Typically, you use the SMTP protocol and the "PNG" "GIF" or "JPG" file formats. Our office uses "DOC" "HTML" and "PDF" internally. Do any of these sound familiar to anyone else?
Seriously, what advantage does internet faxing have over email? Email is fast and open-ended. It can handle any type of file format. It can be secured, tracked, provides return reciept.
If you read the article, it talks about two companies using proprietary extensions for color faxes, and they are talking IP rights before the working group has even made a draft! I'm not interested in protocols being manhandled by corporations. Standards are standards. (Remember USRobotics and modem standards years back?)
Maybe its simply because it is harder, for the sender, to falsify the originating phone number?
Yes. The telco is treated as a trusted source for authenticated the physical location of the origin of the fax. This can be used to back up an assertion that "The person who sent this fax was authorized to use this telephone account to send this fax," or that "My client didn't commit this murder because he was off in Chicago sending this fax at the time the murder occurred."
Will I retire or break 10K?
the IETF cannot proceed without the permission of Adobe and Xerox because the new standard relies on IP from the two companies.
It doesn't have to. There's always PNG, the latest free replacement for GIF and TIFF.
Will I retire or break 10K?
dude! that's what i thought
-zr
that's in the kernel, right?
Anyone else have a problem with this link from the main post? I just get a blank page :(
http://www.cnn.com/2001/TECH/internet/08/13/adobe. xerox.tiff.idg/
Until either AOL or Microsoft disappears, no, it won't be possible to standardise much of anything in terms of content.
Maskirovka
Does the prospect of someone modifying an image encoding format slightly to TIFF-FX, then using that to claim ownership to "electronic faxes" or any image sent electronicaly bother you? Go look at the greedy claims being made for this, tunneling, and a whole host of other ideas.
Friends don't help friends install M$ junk.
Is it even possible to have standardized DRM? I thought that every single attempt at DRM, has absolutely and solely relied on security through obscurity. If you publish a standard, don't you lose obscurity?
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I don't know about you but I advoid TIFFs. This sould be solved quickly with a simple agreement on png or jpeg.
There are two kinds of organizations:
A) Hardware/Infrastructure
B) Software/Content
Type A has no business getting involved with type B goals and priorities. Type A's job is to make things work. Type B goals like DRM make things NOT work.
Stop it stop it stop it, stop it right now.
The charter for this RG says explicitly that "it will address technologies that promote both copy-protection and fair-use copying of digital objects" which hardly sounds like no fair use to me. People on Slashdot all too often seem to think that all digital rights management is inherently evil when this is simply not the case. For instance, DRM covers schemes that allow unlimited copying with strong tracability so that you can make all the copies you need but if you start selling them the owners will know the who the culprit is.
You should all remember that this is an open IRTF group. If you have ideas about how DRM should work to both protect the fair use rights of consumers and also allow fair dues to the authors, then go and let them know. Sitting around on Slashdot moaning that the IETF is going to become a branch of the MPAA is both disingenuous and unproductive.
If intelligent life is too complex to evolve on its own, who designed God?
Squabling over Intellectual Property in standard protocols is short sighted. It reduces the possibility the company holding the IP will be able to have the market advantage that comes with inclusion of their technology in a atandard (because no one will bother to include their technology) and potentially harms the quality and viability of the proposed standard
Wow! This is incredible news: greedy claims to obvious ideas harms everyone! The patent system is broken!
from the listed Xerox rights assertment:
"Any license granted by Xerox under this Statement shall be subject to the following condition: any party receiving such a grant from Xerox must agree to grant Xerox Corporation, Xerox Ltd., Fuji Xerox Co. Ltd., Modi Xerox Limited and any corporation, firm, partnership, individual, or other form of business organization at least forty percent (40%) owned or controlled, directly or indirectly, by Xerox Corporation, Xerox Ltd., Fuji Xerox Ltd. or Modi Xerox Limited, upon request, a license under that party's patents relating to the TIFF-FX standard, on terms and conditions no less favorable than those granted by Xerox to that party."
So they don't just own your base, they own your hide. Yeah, right. Do you expect people like that to ever be able to co-operate or agree with anyone? That whole site made me sick.
Friends don't help friends install M$ junk.
DRM == Dead, Ridiculous, Moronic. The IETF should stay far, far away from this shit.
sulli
RTFJ.
All this shouting about IP and digital copy protection and DRM has everyone upset and thinking the virtual sky is going to fall on them. All the history of commerce and ownwership and copyright and the related shows that no matter what is legislated, mandated, or threatened, any conclusion that makes a technology or product inconvenient to have or use or own will fail. Any product that cannot be owned, transacted, or used without inconvenience will fail to be profitable. Any technology that keeps a product or service from being used easily will be replaced with something new, or will be morphed (legally or not) into something that people appreciate. Otherwise it will fail. It's why radios and cell phones got smaller. It's why newspapers still cost $0.50 and books are expensive, and why flying cars aren't everywhere. It's why liquor is still legal.
What's important to remember is that it will not happen overnight. It will happen over years, decades, or generations.
- Sig this!
I really want to participate in this, as it seems o be a fairly democratic process, and I know the the IETF and RFC's really truly matter.
My only question is, when is the next meeting? It's not mentioned on the site. Are the meetings help online? I'm not exactly flying to stockholm, no matter how much I care.
Has anyone here participated in this kind of thing before?
hyperpoem.net
As far as I can tell, technically there *IS* one slim sliver hope for digital rights management on the internet.
For concreteness, suppose we're talking about an eBook. It is a given that you can't secure an eBook: someone can always run it an emulated environment and dump the text to an ASCII file. And you can't prevent it from being passed around the internet once it is broken. A system like Freenet can be made more or less unbreakable (provided automatic passing of encrypted messages remains legal and permitted by ISPs.)
The ray of hope is to make every copy of an eBook slightly different. In one book, use "grey" instead of "gray" on page 67. In another, put a comma before a short prepositional phrase on page 123. By using various combinations of these, a publisher could at least identify which copy is being passed around the net and prosecute the hell out of that person. (Copyright holders can probably get the law changed to prescribe a many-year prison sentence.)
Clearly, this is no panacea. What if someone in Cuba breaks the eBook? What if you steal the book off someone else's computer, break it, and distribute their copy? What if you buy the eBook in a way that conceals your identity? Futhermore, it might be possible to combine several versions of the text to destroy these markers. (But this doesn't look easy to me.) And even if you can identify and prosecute the original copyright violator, that's little solace to the publisher after everyone already has a free copy of Harry Potter V in hand.
But that's it: the only ray of hope I see for DRM, unless the internet itself is significantly hobbled-- which seems entirely possible.
Tell the DP pool users to RTFM unless they are FM in which case they can SC like the little CG that they are. If you don't understand TA, then you really SN be reading it.
Stupidity never felt so good.
It sounds as if the IETF is a puppet group trying to enforce the whims of some major corporations. Think they'll be as big and bad as the RIAA in 5 years when ebooks get more mainstream? Maybe I'm reading too much 2600
Consider amagazine page with some coloured text over a photographic background. (Yes, internet fax isn't just black and white.) Using TIFF-FX, you can represent
- the background photograph as JPEG
- the shape of the text characters with JBIG2 (a compression standard that is optimised for compressing text)
- the colours of the text characters using another compression method suited for that
This allows you to get MUCH higher compression than something like PNG that doesn't take into account the document structure.In my opinion, Adobe is attempting to block TIFF-FX from passing in the IETF because they feel that it is a competitor to PDF. TIFF-FX is capable of representing many kinds of documents in less space and higher quality than PDF (if you've ever used PDF for a scanned document, you know what I mean). A free, open (IETF-backed) standard would cut PDF's market share, and Adobe doesn't want that, so they're using their control over the base TIFF file format to block any extensions.
...legal for over a year here in .uk
Ever wonder about all those people publishing, and *claiming copyright* over public domain documents? Say the works of Swift?
What they do, in fact, is introduce intentional errors into the text. THIS they do, in fact, own the rights to. If anyone else simply copies their "public domain" work it can proven, and the copier can be prosocuted.
This makes the work of the Guttenburg Project considerably more difficult, and costly, than it otherwise need be as they actually need to pay lawyers to arrange rights to public domain documents.
This technique is also used to protect modern IP, the two most famous cases of which are probably found in the game Trivial Pursuit and the original G.I. Joe.
Some of the answers in Trivial Pursuit are WRONG. . . *on purpose.* This fact was used to allow them to successfully prosecute a company that wasn't just content to knock off the game, but copied the questions and answers, including the "trojan horse" copyright proof questions.
Hasbro knew that if the G.I Joe were at all successful factories in Taiwan and Japan would start pumping out copies overnight. They couldn't do anything to prevent them from making a selling army man dolls, but what they COULD do was make sure that if the used a real G.I. Joe it could be proven.
If you ever get a chance to look at an original, full size, ( in a couple of cases we old timers got to have the GOOD toys), examine his hands.
On one of them the thumbnail is *on the wrong side of the thumb!*
KFG