Slashdot Mirror
Felten & Co. Present SDMI Findings, Finally
chill writes: "Princeton scientist Dr. Edward Felten and his colleagues presented their paper entitled 'Reading Between the Lines: Lessons From an SDMI Challenge' at the Usenix Security Symposium. CNN has an article.
This is the paper that the RIAA threatened legal action (DMCA) over in the past, if he made his findings public. They have since backed off their threats."
Newsforge is carrying a piece on the same thing that goes into a bit more depth, and links to coverage of yesterday's press conference, and the Standard has a decent piece on it as well.
The presentation was interesting, if you are an EE studying practical applications of signal processing. By applying standard SP techniques to the sample files, Felten and crew were able to discover all kinds of hidden information buried within. These are standard computer algorithms such as Fast Fourier Transforms, echo detection, and statistical analysis. Nothing magical, mystical, patented, or even super secret. Normal curricula for 2nd year EE students, statisticians, and maybe some CS majors.
The best part started about 40 minutes into the presentation. One of the panel members (I can't remember his name) gave an analysis of section 12.01 of the U.S.Code, broken down paragraph by paragraph. There was a good summary of the DMCA, which exposed it clearly enough for laymen to understand it is not a copyright law, but a "para-copyright law". The distinction is that it doesn't directly change existing laws, but modifies the contract between copyright holders and consumers. Very clear and well spoken, this speaker is someone who has clearly given the speech repeatedly and knows exactly how to present the information for maximum impact.
If you download the presentation, at least take the time to watch that 10 minute section. It will give you the verbal ammo needed to start convincing people you know the basis of why the DMCA is bad.
the AC
[The next section is the EFF lawyer saying "ummm" about 50 times per minute, and completely losing the audience]
Hemos is like...sci-fi fans;he thinks technology is cool, but he hasn't bothered to understand the science it's based on
They're right. The RIAA never threatened him with direct action. The letter only said something along the lines of "your actions could subject you to legal action under the rules of the DMCA". Big difference, hmm? "I'm not saying I'll kill you if you come on my property. It's just that if you come on my property, you might...ummm...die a violent death." The RIAA's claim that no threats were made is infuriatingly insulting.
An interesting anagram of "BANACH TARSKI" is "BANACH TARSKI BANACH TARSKI"
>My prediction - RIAA sues Felten and co
It doesn't matter: as the DOJ said when Adobe "dropped out" of the Sklyrov case: it's a criminal offence.
Why isn't the FBI arresting this guy?
I'd much rather see an american professor in jail for breaking US laws than a russian student.
Do US laws only pertain to foreigners?
When I die, please cast my ashes upon Bill Gates -- for once, make him clean up after me!
The stance being taken by the industry to "protect" copyright is amazingly similar to the idea discussed earlier that publishing security flaws helps the Black Hats. If nobody is allowed to talk about it, nothing bad can happen. Of course, in this case, we (the end users) probably want something bad to happen to the corporations. But not talking isn't a solution to either problem.
I'm astounded that even the EFF reduces all human activity to, "consumption" I did not donate money to the EFF to be called a consumer and if anything would help the debate about our rights in the electronic age (EFF's alleged mission) it would be to recognize the rights we are looking for are citizen's rights, not consumers.
I just finished writing my email to Cindy Cohn a the EFF (cindy@eff.org), and I encourage others to follow-suit.
Feel free to use:
Thanks for all your work for the EFF - I recently became a member and I'm pleased with the EFF's support of the Dimitry & Felten cases.
I'm a little non-plussed though, to see the EFF using language that, IMO, do nothing to help the world recognize the need for ciziten's rights in cyberspace. To wit:
> "This is where the EFF lives and where many of you live -- we live on > the cutting edge," she said. "We're looking at problems that actually > haven't hit home to the consumer yet. That's where we always try to be > ... until everyone else catches up."
I'm a great many things in my life, but "consumer" is right near the bottom of it. I consume what I need to consume in order to do the things that are higher on the list, like be a good citizen and contribute to my community. If we allow ourselves to be called consumers, we will only be able to fight for "consumers rights". I don't want consumers rights, I want citizen's rights. I want to be recognized as a living, thinking, articulate member of society, not a consumer.
I know it may seem like a minor point, and I know that "consumer" has become popular media slang for the common man, but I don't think it's a positive trend and I feel that it's a trend that will only hurt the causes that EFF stands for.
I humbly suggest the EFF do justice to the people it claims to fight for and call them citizens in all public comment or releases.
Thanks for you time.
I'll see your senator, and I'll raise you two judges.
Felten and company have a lawsuit pending over the DMCA's chilling effect on free speech. But how much credibility is the judge going to give the case now that Felten has published his findings? We all know the RIAA isn't going to do anything to Felten while the lawsuit is an issue, because they don't want to give the other side any ammunition for their case.
But now that Felten has presented his findings, it seems to me there's a reasonable chance that the judge will ask "so how exactly has the DMCA proven to be chilling, given that you've presented your work?".
Felten may still win his case, but it seems to me that by presenting his findings he's reduced the odds of winning significantly...
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.
How much bad publicity is it for a company when they dare you to break their copy protection then threaten a university when it was accomplished and they wanted to publish their findings. This is just typical CYA because I believe that these companies that have pushed for the DMCA know that is in a dangerous state and might get repealed. They want to hold on as long as possible to it and use it for the right fight. It just saddens me that our government "for the people and by the people" has been substituted with "for the corperations and by the corperations"
here
They shot a warning and the scientific community, threatening people to discuss their findings. We had a nice story here yesterday about Niels Ferguson (formerly at Digicash, his homepage, btw, can be found here). So for them it was a step in the right direction. The problem is way more fundamental, going hand in hand with the full disclosure discussion that goes on today. People will find security flaws and, if you do not publish them, "Blackhats", people doing this for BUSINESS, will exploit them. If you disclose your findings and help the organizations (because, no matter what you say, somebody who owns the rights for content should have the right to protect it) to find a reasonable level of security enabling them to maintain their business, you help the companies. And this is a good thing. Alternative models might work in some places (Shareware, donations, voluntary work) but not in all cases. And people want to pay their bills, raise their kids and send them to school. If you think that is wrong, then we might want to start a new discussion on capitalism vs. communism vs. marxism and other models.
Straight from the horse's mouth... the RIAA letter
He's got the RIAA letter, the statement contradicting the RIAA letter, the agreement to the competition, and other such nifty info.
I'm waiting for someone to use RSA or something similar for copy protection purposes. Then, it will be illegal to do research on prime number theory, because discussing efficient algorithms to factor large numbers will be a violation of the DMCA. Last I heard, this was a semi-hot topic in math research. I for one hope the DMCA makes research illegal, because the media and the public will be MUCH more upset at that than a few hackers who can't get free music anymore. Also, scientists have a much better record of making their voices heard than Russian political prisoners^h^h^h^h^h^h^h^h^h^h^h^h^h^h^h^h^h computer programmers.
I would've expected news like that out of the communist bloc just a few years ago, but not here and not now.
I take it as a given that the good Dr. Felten withdrew the initial paper because he could then show clear evidence of a chilling effect. Now, of course, the lawsuit proceeds apace, but Felten can of course present his paper without interference from the RIAA because it would further Felten's claims and provide even more clear evidence that the DMCA was, in fact, unconstitutional (not that any thinking person who doesn't accept big media's spin on things needs more clarification on the matter).
To continue to go after Felten would strengthen the case against the DMCA and, speed the day, the eventual dismantlement of this egregiously rotten piece of legislation.
Yay Felten et al. Thank goodness he's on our side.
Protege Posterioram Tuam
"Shortly before the group was due to present its paper at an April conference in Pittsburgh, a lawyer for SDMI and the RIAA sent Felten a letter telling him he could face legal action under the Digital Millennium Copyright Act, a 1998 law that bars efforts to defeat copyright-protection technologies.
The lawyer, Matthew Oppenheim, has since backed away from the letter, saying the SDMI had an obligation to protect the trade secrets of the companies that developed the anti-piracy technology but never intended to sue."
So if they "never intended to sue", what the hell did they mean by "could face legal action under the [DMCA]?" Oh wait - maybe they thought they'd just drop a dime on him - give the FBI a call and have him arrested at the conference!
Let's see: a bunch of manufacturers are getting together over a technology that largely eliminates fair use. That means consumers get less for their money when they buy CDs. That's the equivalent to raising prices. When a bunch of manufacturers get together and agree to raise prices, that's an antitrust violation. So.... Given the Bush Administration's frosty relations with Hollywood, this might even work.
InstaPundit! Ahead of the Curve Since 30 Minutes Ago
no, they can still sue the RIAA for DELAYING the release of their findings. And that is what they were suing about in the first place.
Free as in *BUUURP!*
The DMCA is far from dead. In fact, it appears to be working overtime. We're all doomed!
Co-founder of GerbilMechs
what was the RIAA's real intent? Did they simply retract their threat to sue for the sake of PR, or what it something deeper?
The bluff smells of censorship, IMO. It is a warning to every other research group who will walk the fine line that is the DMCA that they are being watched. The scrutiny serves the role of censorship, and the threat of legal action will remain until the researchers ask if they can publish.
I seriously don't know what is worse. Not being able to publish at all, or having to pander to the legally privileged (thanks to the DMCA) and beg "Please, please, can I publish my paper?". In either case, Big Brother wins.
If you circumvent the DMCA to read a document about how to reverse engineer something (circumventing the DMCA yet again), do you get thrown in jail twice?
I think you are wrong. Corporations would still be making power grabs even if people didn't file ridiculous suits, just like they'd sneak their toxic waste into the water to save a buck.
We didn't bring it on ourselves; I think it's the natural evolution of business. Not that we shouldn't fight it.
Was it that SDMI is dead as a doornail and they therefore know Felten's study can't do any damage to their cash flow, or that the publicity was so bad? I think we can rule out altruism as their motivation...
*This page intentionally left pointless*
Someone thumbed his nose at copyright protection Wednesday without getting arrested, indicted or sued.
Finally, someone sees cracking encryption as something other than a hacker threat. There are more uses for such activity, such as education, to see how the encryption works.
Let's hope that this is a precedent, since that government is unlikely to repeal this law.
Silly guys. Don't they realize that on the internet, the headline is only as tantalizing as what the referring link says, so this kind of thing doesn't increase readership?
They basically said that they never threatened anyone with anything. I've been trying to find the actual letter that was sent to Prof. Felton, so I could read it for myself.
Does anyone have a copy of the original letter that the RIAA (or whoever) sent to Prof. Felton?
The problem is we've had too many multi-million-dollar judgments against corporations because some loon spilled coffee on her lap or because some idiot couldn't read the Surgeon General's Warning. These are cases where the individuals themselves were the ones who should have been held accountable, but the corporations ended up getting the blame.
As a result, corporations bend over backwards to cover their own asses in these cases with all kinds of legalese. The DMCA, the Felten case, Sklyarov, and all of this nonsense are a result of this; since individuals have gotten judgments they didn't deserve, corporations have been able to get more protection than they really needed.
It's not just "Oooh, evil corporations are taking over everything!" Individual citizens failed to be accountable for their own actions, and convinced uneducated juries that the world owed them a living. As a result, companies have gone ape-shit to try to protect themselves, and now this practice has gotten out of hand.
There's a historical cause behind what we're seeing today. It isn't "us" against "them."
It's also not a zero-sum game, where one group gains freedoms at the expense of others.
Ok. Let me get this straight.
Company copyrights a technological form of encryptiong.
Somebody breaks it. Company has the legal right to sue.
so.... if I create an encryptiong alg. copyright it. and then use it to send illegal info. Does the FBI have the right to try and break it. or can I sue good ol Uncle Sam???
Just curious.
"These are hypotheticals. We have no idea what he may or may not write," said RIAA spokesman Jano Cabrera.
That sentence says everything that is wrong with the attitudes of those wielding the DMCA as a weapon. It should not matter what Professor Felton or any other person (academic or not) should write - so long as it is not covered under the dangerous restrictions (i.e. national secrets, "Fire" in a crowded theater, etc.) Freedom of Speech is at issue here and someone's ENTERTAINMENT copyright does not deserve as much protection as an intellectual discourse. It appalls me that apparently, entertainment profits are more important than scientific knowledge.
Don't just complain - DO something about it!
some of those sound pretty ridiculous. Got any references? My doubts are raised because I live near Claymont Delaware and follow the paper and local news carefully. I never heard of such a case....
The SDMI nastygram that started this was a pretty vanila knee-jerk threat. It is the type of threat that in most cases can be made without fear of the consequences since the chances are that the target will simply roll over at the first hint of a threat.
What the SDMI lawyers certainly did not expect was that making threats would land them as defendants in a lawsuit that would be diffciult for them to either defend or disengage from. Essentially the only way to avoid a costly fight is to tell the court to vacate the anti-trafficing provisions in the DMCA that the RIAA paid so much to Senatorial campaign coffers to buy.
What the SDMI and RIAA failed to grasp is that Felten and co are much less interested in the ability to publish one paper than the larger principle. There is no real incentive for Felten and co to accept an out of court settlement.
In the process the suit is likely to issue the coup de gras to SDMI. The group has been spectacularly unsuccessful in meeting a goal to agree on a standard by Christmas 1999. Only one of the vendors has released an SDMI compliant player and they modified it to play unrestricted MP3s pretty quickly when nobody would buy it.
The only reason SDMI is continuing is sheer inertia and the fact that the manufacturers who could not give a monkey's for the interests of the labels would rather participate in an obvious failure of a group than withdraw and risk it being replaced.
I attended only one SDMI meeting and told my company to steer well clear of the loosers. The work was chaotic with deadlines set to fit unrealistic schedules that would inevitably fall apart leading to delay. Worse however was the fact that while 150 engineers were working on one set of specs in open meetings a closed group of 8 people were hacking out a private deal in a back room that entirely negated the rest of the groups work.
Bet you wish you thought of this nym first