Sklyarov Tells U.S. Court, 'I'm no hacker'

DaytonCIM writes "Dmitry Sklyarov, the Russian programmer at the centre of the first Digital Millennium Copyright Act (DMCA) prosecution, yesterday delivered his long-awaited testimony in the trial of his former employer, ElcomSoft." There are also stories at The Register and on CNET.

Throw it out?

[KeatonMill]

It seems like this case shouldn't even be happening. Adobe just wants to make an example out of someone. The problem is, they picked the wrong guy. As seen earlier on Slashdot, they haven't found a single eBook decrypted with his software, and if it isn't on (I assume they use) KaZaA, then it really doesn't exist freely. He also appears to have said all the right things in court. There is such a thing as catching a drift, and I think Adobe missed it, and is now trying to drown Sklyarov.

Re:Throw it out?

[sasha328]

I wish I had moderating rights at the moment, because this and the parent thread should be read by all those who are breating Adobe without knowing what is it they've done wrong.
The point is not that Elcomsoft and Sklyarov developed anti DMCA software, because they did; The point that should concern people (especially those from outside the US) is that they are being tried in the US, under US law for legal actions they committed in another country. This just shows the hypocrisy of the US government. They want others to follow their rules, but they never stop to consider others' rules.

Re:Throw it out?

[Henry+V+.009]

Did you know that, under the DMCA, it is not illegal to circumvent copy protection mechanisms for the purpose of making fair use of a work? [17 U.S.C. 1201(a)(1)(B)]

Did you know that this case rests on the DMCA's prohibition of the importation or sale of devices whose sole purpose is to circumvent copy protection? [17 U.S.C. 1201(a)(2)]

You really don't see any conflict at all between those two statements do you?

Re:Throw it out?

[lobsterGun]

The DMCA is a bad law because it requires an affirmative defence in order to create tools for excercising fair use rights.

That is to say: If a developer creates a tool to enable a user to excercise his or her fair use rights, a copyright holder can have the state haul him into court and claim that the tool is actually an illegal circumvention device. The court is then forced to 'read the mind' of the developer to attempt to divine his motivations for creating the tool.

Re:Throw it out?

copyright holders are not required to do anything at all in order to ensure that users of their works can exercise all-- or even any!-- of the possible fair uses of their works

Straw man. Adobe isn't merely failing to accomodate fair use. They are actively trying to block people from using their own resources to enable fair use. That is what people are rightfully complaining about.

it is not illegal to circumvent copy protection mechanisms for the purpose of making fair use of a work
...
DMCA's prohibition of the importation or sale of devices whose sole purpose is to circumvent copy protection

Put these two together. You're saying you can have your rights as long as you're an expert computer scientist and cryptographer? Nice. What about the other 99% of US citizens? In a free market, shouldn't people be allowed to hire someone else with the necessary skills or purchase a tool that enables them to do what they want? Also in a free market, shouldn't I be allowed to satisfy that demand if I have the expertise?

Did you know that this case rests on the DMCA's prohibition of the importation or sale of devices whose sole purpose is to circumvent copy protection?

Did you know that copyright holders can bundle extra restrictions into their "copy protection" systems that have absolutely nothing to do with the actual rights granted to copyright holders? eBooks you can't read aloud or print, DVD region coding, software that's tied to a single computer and can't be resold, and many more to come if this case is lost.

Re:Throw it out?

[CyberKnet]

My point was that this is entirely legal. If I want to release my (copyrighted, naturally) works encased in lucite and locked with a padlock, I am free to do so. The fact that this frustrates attempts to make noninfringing use of my works is not legally significant.

The only problem I have with this is that the DMCA specifically outlaws the creation of keyblanks; disabling me from getting a copy of the key I purchased to that padlock in case I lose the original.

Sure, it says if I can make a key. [17 U.S.C. 1201(a)(1)(B)]

But in order to do so, I must know how to mine the ore, refine it, forge it into a keyblank, make a key-cutting machine, and finally, duplicate said key. And that is assuming you don't use one of those keys with a circuit inside them, in which case I need to mine the silica to make the chip too. (along with all the fabbing goodness). [17 U.S.C. 1201(a)(2)(A)]

And that is what is so wrong with this law. It may not be constitutionally wrong (I do not have enough knowledge to make that decision), but it is reserving rights (or exceptions thereof) to a very, very few people. (in the case of the padlock, possibly *none*).

That is not a law that serves the majority; that is not how a democracy is supposed to function. That is a law that was bought by corporations with moneys accepted by corrupt polititians wanting to make the quick buck at the american peoples expense...

Legitimate use?

"the company's password retrieval programs have been purchased by the FBI, the IRS, U.S. district attorneys and U.S. police departments, as well as by private companies like Microsoft and Motorola."

It should be interesting to hear what the "legitimate uses" sited by these people are.

Control the access, control the ...

[peripatetic_bum]

Why isnt anyone really stating that this is about a blind person's ability to read the book they bought.

While the seller doesnt have to guarantee that his books can be read by the blind, the seller cant keep the blind from reading the book, ie using the software to 'open' the book and let him read it.

I would like to hear a valid argument against this statement?

thanks for reading.

Re:"I'm No Hacker" ?!?

[halftrack]

Oh, oh ... haven't you read the jargon file? No true hacker calls himself a hacker, it's a title given to you by the community. Now you've really made a boo-boo.

"Didn't care that he violated US law"

[ryants]

In one dramatic moment in a relatively anticlimactic afternoon of testimony, Frewing forced Sklyarov to acknowledge that he didn't consider the legality of his program.

"Isn't it true that when you wrote this software you didn't care whether it violated laws in the U.S.?" Frewing asked.

"That's true," Sklyarov said.

And why the fuck should he care? A Russian programmer working in Russia shouldn't have to consult the law books of every nation on Earth to see if his work may or may not violate some law somewhere. If we all had to do that, nobody would ever get anything done, and pretty much anything would be illegal in some country or other.

copying books

[Fuzquat]

Does Adobe give users the ability to print out copies of their e-books? If so, then they need to prosecute every manufacture of OCR software that exists.

In fact, they need to prosecute every manufacture of OCR software anyway because it could be used to read the characters directly off of a screenshot of an open e-book.

They also need to bring lawsuits against anyone with data entry skills because theoretically someone could read text from a screen and input it into a word processor.

Wait, that means word processors are a circumvention device for e-book protection, but that's ok: everyone uses Microsoft Word anyway and Microsoft has more lawyers then Adobe.

The list goes on, but the point is that data will be copied one way or another when people want to copy the data.

Pick your favorite fix to the copyright system we have today, but it had better deal with two parts of reality:\

Encryption can and will be decrypted.

Content must be cheap or people will copy it.

Re:copying books

[roystgnr]

Regardless of the flaws of the DMCA, this type of software will ALWAYS be illegal (even if the DMCA is repealed and replaced with soemthing else), beacuse it's PRIMARY USE is to circumvent copyright protection measures. This is clearly wrong to anyone with a conscience*.

Do you demonize everyone who disagrees with you, or just everyone who disagrees with you on this issue?

You've just said that the solution for blind people is not to buy EBooks. You have no right to accuse anyone else of lacking a conscience.

You've just given Adobe the sole authority for "transferring certain material from reader to reader". Since every ebook in existence should eventually be public domain, and the length of current copyright terms vastly exceeds the halflife of electronic gadgets, this is unacceptable.

Even in the meantime, I can think of a dozen legitimate reasons for wanting unchained access to material I have purchased (and so there are probably a hundred more I haven't thought of). Getting that access may break the DMCA but does not break copyright law, and it is not immoral of me to want it.

Elcomsoft published code whose primary use is to to break encryption. Subverting copy prevention is a secondary use.

Hacker ... just what is that?

[Hektor_Troy]

My answer would have been

Please define "hacker".

Some dictionaries define it as follows:

hacker
n. Informal.

1. One who is proficient at using or programming a computer; a computer buff.
   
2. One who uses programming skills to gain illegal access to a computer network or file.
   
3. One who enthusiastically pursues a game or sport: a weekend tennis hacker.
   

So which one is it? Saying "yes" would be a lie either way.

Hell, he might just have lied, when he said "no"; I would certainly label him as a hacker, using definition 1, and he might also be a golf hacker for all we know.

Re:doesn't matter

[Henry+V+.009]

I would give anything to be able to killfile posts based on included phrases.

Still not so sure about the long arm of the law..

I'm still not sure why Sklyarov is being prosecuted in the U.S. The alleged "crime" took place in Russia where his actions were perfectly legal. Why is an act, which may be in violation of US law, but which took place completely outside US jurisdiction being tried in a US court?

Suppose that the Kingdom of Tuva passes a law making it a crime for any politician to accept a campaign donation from any corporation or individual who receives any benefit from a vote cast by that politician. Can the Kingdom of Tuva then try the entire US Congress? Is this any different than the US trying Dmitry?

Re:DMCA logic

[IndependentVik]

Oh, but don't you get it? A gun, while lethal, is extremely unlikely to deprive big corporations of great sums of money. A couple of dead people is nothing compared to (potentially) lost profits.

Violate US Law

[nuggz]

He didn't violate US law on US soil.

He violated a US law on Russian soil.

That is the key point people SHOULD be upset about.

You can't argue that you shouldn't have to follow a countries laws while you are in that country. The origional issue was that a Russian citizen in Russia, working for a Russian company, shouldn't have to worry about US law.

Re:doesn't matter

[geronimo87]

Illegal in the USA. Sklyrov is Russian.

Re:DMCA logic

[Christopher+Chang]

The problem is one of enforcement.

If someone uses a gun to commit a crime, there is a fair probability they will be caught. The more effective a society is at catching illegal uses of guns after the fact, the fewer restrictions it needs to impose on guns before the fact. Though it should be mentioned that even if we have perfect after-the-fact enforcement, some restrictions on guns should remain thanks to the irreversibility of murder.

The difficulty of tracking down acts of copyright infringement, combined with the suddenly huge frequency of such acts thanks to the popularization of the Internet, creates a problem. While any individual act of copyright infringement is practically harmless, when they occur in the millions they can unfairly hurt producers of content.

There are two categories of approaches to deal with this, both of which should be employed to some degree.

One is to ask everyone to "think outside the box" and adapt their business models to the new reality of effectively zero cost of data duplication. In the long run, this should be done in as many contexts as possible. However, the transition is not always easy, if possible at all. In the cases where it is difficult or not possible, it needs to be decided whether the old class of business model should still be kept around for the time being. While some zealots would deny it, the truth of the matter is that sometimes the answer to this last question is "yes".

That's where the second type of approach comes in to play. Put restrictions on the tools that change what would be tens or hundreds of copyright infringements into millions of them, in a manner that's otherwise minimally disruptive. This is not a simple thing to do. The DMCA was the first attempt, and frankly I don't think it was that bad of an attempt, but clearly it could be improved. We need to find ways to let it do its job while constantly brainstorming ideas to better achieve "minimal disruption", and help society evolve to the point where few business models still need to be protected. We need to ensure that this law, in the long run, "withers away", rather than let it be like most real life Communist regimes which do not speak highly of Marx's ability to predict history.

What we shouldn't do is retreat into a hole and ignore the problem entirely.

It's a good thing the ancient Greeks and Egyptians

[sdo1]

... didn't have the DMCA. Otherwise a lot of our shared history may have been lost forever. What are our decendants 100 or 500 or 1000 years from now going to know about us?

Our creative output is going to be slowly locked away in copyright protected files never to be seen again... except to the person who originally bought the rights to view it. But they (we) will be long since dead... and the content, which will be as helpful to them in understanding their history as hiroglyphics are to us, will be lost.

Bottom line... the DMCA, and everything it stands for, sucks. It is the epitomy of government "of the people, for the people, and by the people" gone terribly wrong.

-S

Re:Pecking order

[base3]

Please. Adobe knew exactly what they were doing, and exactly what the result of their "backing off" after the PR got hot would be. No sympathy.

They got what they wanted, and decided to sit back and let the feds be the bad guys.

I personally make a point of showing everyone I encounter who's interested in making PDFs the beauty of Ghostscript and Ghostview. Every sale I can cost Adobe makes me feel that much warmer inside.

I look forward to the day when the DMCA wielding jackbooted thugs cease to be relevant, and their stock becomes worthless.

Re:doesn't matter

[Sleepy]

AH. Next we'll have the Saudi's here at the beaches of the United States, monitoring who's wearing a swimsuit.

Such clothing is illegal in Saudi Arabia.

Who knows, they might jail a few tourists for crimes never commited on their soil... hmm?

Where does it end?

To foreign programmers: don't step foot in the US

[Maul]

"I cared about not violating the law of the country I am operating in," Sklyarov said.

Sklyarov should not have had a responsibility to know or obey the laws of the United States, as a Russian doing work in Russia. What his employer does with the product he makes is none of his concern.

Putting the fact that I don't agree with the DMCA (I believe it is Unconstitutional) aside, the company sold the product in the USA, and should be the one held responsible.

Holding Sklyarov accountable is just plain wrong. US citizens wonder why foreigners hate our guts. One of the reasons is that our government feels that its laws should forced upon everyone worldwide.

If you are a foreign programmer who deals with security issues, I'd be cautious about stepping foot in the US, at least while Bush and his administration hold power. As you can see, our government is out of control right now, and it'll take a lot of US citizens to wake up to that fact before things can really change.

so Adobe stuffed up twice!

[martin-boundary]

Your objection doesn't apply at all. Dmitry didn't go to the US to sell his company's software, he went there to give a talk. So not only did Adobe attack a Russian student for completely legal work he did in his home country, but they also purposefully accused the wrong person. If they had been serious, they would have gone after the *servers* in whatever US colo they happened to reside.

Re:To foreign programmers: don't step foot in the

[bockman]

Holding the copyright and selling the product are different things. Unless Sklykarov was actually selling the program personally and on the US soil (i.e. when he was at the conference ), he should be not accountable, if not according to the law at least according to common sense.

Even if he did it, it should depend on the terms on which he was granted entrance in the US. We European can shortcut the visa procedure by signing a visa waiver, that allows US administration and justice to handle us as they see fit. For instance, if a citizen of the Netherlands is found in possess of marjuana, it can be arrested in the US even though this is legal in the Netherlands.

If Sklyarov signed something like that and then violated the american law (even not knowing it), bad luck to him. But if he came in the US with a real visa, I believe that the only legal act for the US authorities was expulsion. Anything else, in a country less powerful than US, would have raised one hell of an international case.

Corporate droid

[horza]

Ahh, nothing like a zealot PHB to fuck up one's work life. I'm sure the poor schmuck just trying to do his job appreciated your insipid political antics.

You should keep your personal battles out of the workplace. You wouldn't like it if your employer involved itself in your personal life.

It's called a company having ethics.

At my company before last the management landed a large tobacco account. They had to cancel the contract because the team refused to work on the account on ethical grounds. It happens. Some of us care. We don't submit to the cowardly excuse "if we don't do it someone else will".

Final point. It's not our "personal life", this guy is a fellow software engineer and the outcome will affect what we can and can't do professionally.

Phillip.