Slashdot Mirror
Sklyarov Tells U.S. Court, 'I'm no hacker'
DaytonCIM writes "Dmitry Sklyarov, the Russian programmer at the centre of the first Digital Millennium Copyright Act (DMCA) prosecution, yesterday delivered his long-awaited testimony in the trial of his former employer, ElcomSoft." There are also stories at The Register and on CNET.
If you can get arrested for providing someone with the tools to commit a crime, how come this does not apply to anything but the software/electronics area. For example gun manufacturors do not face such action for providing people with items that could be used in a crime. even a shoe could be used to kill somebody :-)
Bigger for those of us who are not yet on trial, probably not as big for the guy on trial. Here's the thing: the legal system, as in copyright law, is so far behind the technology that it can't quite cope with what's going on. It doesn't matter what the law _is_. We have to start thinking about what the law will be. Lessig's idea that the law will be code, or rather that code will supplant law seems appropriate to think of here.
The question I have is this: what's the next frontier? What is the next law which proves to be obsolete in our world? And what will each of us do to bring about the change? This last bit is important because, as the laws need to grow, someone will have to help them along. Those people who help the change, will likely be prosecuted because the law is there to protect someone's interests. Those interests come with a lot of money. So the law is on the old money side. The code, it seems to me, is on the new money side. I don't believe that code will lead to free (beer). There will be free stuff, but there will also be money. My guess is that it won't be the money of the blue chips unless law beats code.
I'm rambling now. Time to shut up.
Yeah, I'm as old as my UID would suggest.
Elcomsoft has sold copies of their programs to the FBI and other branches of the US government. So, why are they attacking in court a company that they are willing to support by buying their software. Granted the DOJ buying it may just mean that they just needed the evidence. But the FBI, surely they have a more sinister reason for the purchase. Maybe they are hoping to that Elcomsoft will either win the case or perhaps an appeal and their supplier of toys would still be around.
... er, excuse me, friends in Redmond are looking for more information on Adobe's file standards. Or perhaps this will crack other copy protection schemes that M$ has been using???
Now, why would Microsoft own any copies? I wonder if our fiends
ElcomSoft Managing Director Vladmir Katalov took the stand after Sklyarov. He testified that ElcomSoft, which also makes password-retrieval software, has many major customers for its products, including Adobe and the U.S. Department of Justice.
Now this is an interesting twist. I didn't know anything about ElcomSoft itself. This is like blaming the guys who make the tools used to extract keys from locked cars. Everyone curses the wind wishing they're around when you get locked out.
Who here has not scrambled for a NT Admin password recovery disk, or a ZIP password cracker, or swapped NVRAM chips between Suns?
They don't hide behind pretenses... they expose the poor security and help you when you are hindered by said annoyances! I believe there is insufficient evidence to make Sklyarov appear malicious, and he had little to gain personally. He exposed the information that would only be profitable within the confines of the company and his product to the public. Moreover, he warned potential publishers that the protected PDFs weren't safe. Therefore, the only person that loses out is the lazy programmers at Adobe. And he claims to be ignorant of the legal ramifications. AND WHY SHOULD HE, HE'S A FRIGGIN RUSSIAN CITIZEN (Spare me the IN SOVIET RUSSIA... replies).
I hope to GOD that the DMCA doesn't get used to uphold lazy habits.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
Wow, they just fundamentally don't get it:
The whole point of fair use and its ilk is that it does not require permission from the copyright holder. If I have to beg for my fair use rights, then they have been stolen from me. Forget free speech, this case is about the basic rights to own and use one's private property.
In one of Lessig's speeches, he lists the absurd restrictions on an eBook of a work in the public domain. Who do these people think they are?!
There are examples of controlled dual-use "tools" such as explosives and locksmithing devices. (There's a federal statute specifically for the latter, though it is a bit vague and I doubt often enforced; non-Hollywood burglars usually use less finesse :).
Obviously you can get arrested as a conspirator, accessory, or accomplice to a crime. But liability goes further, it depends on your knowledge and exercise of due care.
You can get in trouble for supplying a gun to someone knowing they intend to use it for a crime; you can be liable for joyriders crashing your car after you left the keys in the ignition; there is even liability for serving one drink too many to someone before they go driving ("dram shop laws"). Said liability may be civil or criminal depending on the jurisdiction and the circumstances.
Before anyone says these sorts of liability are unfair in some abstract sense of causality, I'll add that the rules were developed in an effort to reduce the overall misery by allocating responsibility efficiently and reducing opportunities for mischief. So it has less to do with condemning anyone than with dry economics. Of course the details are open to debate.
As for shoes, well, they've been trying to get stiletto heels over 3" banned outright for years. (I'm kidding -- but I wonder if you can still take them on an airplane?)
I *hope* this is what you were asking about!
Forget free speech, this case is about the basic rights to own and use one's private property.
Did you know that copyright holders are not required to do anything at all in order to ensure that users of their works can exercise all-- or even any!-- of the possible fair uses of their works?
Did you know that, under the DMCA, it is not illegal to circumvent copy protection mechanisms for the purpose of making fair use of a work? [17 U.S.C. 1201(a)(1)(B)]
Did you know that this case rests on the DMCA's prohibition of the importation or sale of devices whose sole purpose is to circumvent copy protection? [17 U.S.C. 1201(a)(2)]
Did you know that most people who complain with zeal that the DMCA is a bad law have never actually read it, or indeed any part of Title 17?
Just some legal trivia for y'all to chew on.
I write in my journal
I just killed an Adobe Pagemaker sale today. No fanfare, no big deal, I just wrote "denied" on the purchase request and sent it back. I told him to find something else, and as long as it's not from Adobe I'll sign off on it.
That one's for you, Jon. And so's the next one. And the one after that. And as many as it takes until Adobe fully appreciates the delicacy of vendor-customer relationships, and acknowledges who's really in charge.
The court is then forced to 'read the mind' of the developer to attempt to divine his motivations for creating the tool.
The court usually has to "read the mind" of the accused. Intent is often a very important factor in deciding whether an act is in violation of the law or nor, or in deciding how severe a violation is. So the fact that the DMCA depends on intent would not, in and of itself, make it a bad law.
But as it turns out, that's not what the DMCA says. The DMCA says that tools that are primarily designed for circumventing the access controls on protected works, that have limited commercially significant purposes other than circumvention, and that are marketed for the purpose of circumvention may not be produced, imported, or distributed in the US. The question of the intent of the maker of the tool is not relevant. What's relevant is what the actual practical use for the tool is, and how the tool is described by its maker.
I write in my journal
You have no right to demand something in a particular format.
We aren't demanding that they change their format; we demanding the right to write programs that read their format, if we can figure it out. They can release anything they want, so long as we can also.
Then why is Dmitry Sklyarov on trial for violating the DMCA?
Because he didn't circumvent any copy protection mechanisms himself. Instead, he created-- as the copyright holder, he is the legal author-- a tool to circumvent copy protection, and then distributed his tool into the United States. That's illegal.
I don't see anything in there mentioning fair use, do you?
It's hidden under the word "noninfringing." You have the broad class of noninfringing uses; this class includes things like reproduction by libraries and archives. Within noninfringing use, you have fair use, which is a very specific kind of noninfringement.
All I see mentioned is that you can circumvent the protection if you are 'adversely affected' by it.
Read more carefully. It says that the prohibition doesn't apply to people who are "adversely affected... in their ability to make noninfringing uses." In other words, if the copy protection mechanism prevents you from making a noninfringing use, you are not prohibited from circumventing it in order to make that noninfringing use.
if I do any of them I am a criminal and I am placed in the same group as rapists, drug dealers, and murders.
Hardly. For a first offense, the absolute statutory maximum penalty is 5 years in prison. That's a serious sentence, but a far cry from "rapists, drug dealers, and murderers." Don't exaggerate, okay?
I write in my journal
I don't believe it. They use overbroad copyright statements - putting Copyright 1999 on a copy of 1912 book where they only thing they added was the introduction - but minor changes in the US don't matter - from the copyright office's FAQ:
However, If I publish it, I sure as hell shouldn't be able to tell people who legally purchased it how they can view it.
Of course you can. It's a free country. You can tell people that they are only allowed to view your works while wearing a fez. If you make them sign a piece of paper stipulating such, that becomes a contract, and you're both bound to it. If somebody reads your work while wearing a bowler instead-- or, god forbid, no hat at all-- you can sue for breach of contract.
On the other side of the table, a potential buyer is free to reject your terms. In other words, if you don't like the deal, don't accept it.
Another reason is that it puts the burden of proof on the accused.
In what way? I'm not sure I know what you mean.
(I'll just ignore your personal remarks. If you don't want to talk with me, that's fine; you don't have to get all huffy.)
I write in my journal
If you read the text of the DMCA, one of the issues is whether the copy protection is "effective." And I'm surprised that Elcomsoft's attorney apparently didn't make some hay out of that.
"Effective" doesn't mean "really good." It just means that the mechanism does, on its face, restrict access to the work. It's not a question of how easy or hard it is to get around it. It's a question of whether it presents an obstacle at all.
This analogy isn't perfect, but I think it'll serve. Imagine that a policeman comes to your house. You have the severed head of your last victim in your freezer, and you decide (for whatever reason) to leave your freezer door open. The policeman walks in, sees the severed head in plain sight, and arrests you on the spot.
On the other hand, what if you had closed the freezer door? If the policeman had opened your freezer, seen the severed head, and then arrested you, your lawyer would immediately start drafting a motion to suppress evidence. If a policeman looks around and sees a severed head in plain sight, that's not a search and requires no warrant. If, on the other hand, he opens your freezer and finds the head, that's a search, and it requires a warrant in order to be legal.
The question of whether your freezer is a good place to hide things or not never comes into it. The point is that you had the severed head behind closed doors. That's all it takes.
This is the same thing. The important fact is that the content of the work is hidden behind an access control mechanism such that you have to circumvent it in order to get to the content. Even if the process of circumvention is trivial-- like opening a freezer door-- it's still circumvention, and (mostly) prohibited.
I write in my journal
Anything sold to US citizens in the US, falls under US laws./
Really? Tell that to the U.S. judge who ruled, last year, that Yahoo didn't have to block auctions of Nazi items to French citizens.
-- "At Microsoft, quality is job 1.1" -- PC Magazine, Nov. 1994
The only problem I have with this is that the DMCA specifically outlaws the creation of keyblanks
Well, not necessarily. Section 1201(c)(1) says, "Nothing in this section shall affect rights, remedies, limitations, or defenses to copyright infringement, including fair use, under this title." So in other words, one could argue that the DMCA doesn't apply, in any way, shape or form, to fair or otherwise noninfringing uses.
Since the authors of the law went to the trouble of putting this clause in, it makes the most sense to conclude that they never intended for chapter 12 to in any way prohibit the fair uses of copyrighted works. So the circumvention of copy protection and the manufacture, importation, and sale of devices for the circumvention of copy protection are legal in the context of fair use.
The burden is on the government to show that a given device for circumvention has no significant potential for application for the purpose of fair use.
Given the facts of the case, it seems like the government should be able to show that very easily here. The eBook system doesn't appear to prevent fair uses; it doesn't stop you, or even hinder you, from quoting sections of a work for criticism or comment, or from making backup copies for personal use, or any of those things. So it should not be necessary to circumvent copy protection in order to make fair use of an eBook-protected work. (It should be noted that wanting to read a work on a device for which there is no eBook reader is not, as yet, covered under fair use. The DeCSS case may change that.) If that's the case, then there's no significant noninfringing potential use for the Elcomsoft software, and the importation of it into the US should be illegal.
So what chapter 12 really criminalizes is the circumvention of copy protection for the purpose of copyright infringement, and more importantly the sale or distribution of devices to facilitate same. Which ought to be against the law, I think.
Doesn't sound like a bad law to me at all. Sounds like a perfectly reasonable law, badly misinterpreted.
I write in my journal
>Holding Sklyarov accountable is just plain wrong
If I am not mistaken, according to the affidavit, he was sellign it for $99. Accoring to the FBI press release, "The affidavit alleges that the program itself lists Mr. Sklyarov as the copyright holder of the Advanced eBook Processor, and that the program was distributed by ElcomSoft Company, Ltd. of Moscow, Russia, through its website."
>our government feels that its laws should forced upon everyone worldwide
IIRC, he was on US soil.
And you'll probably even win, after you spend a few thousand dollars to defend yourself.
." Etc., etc., etc..
That's the way it works in practice.
In my Bantam Edition of Walden they only claim actual copyright for the original introduction, but if they've used the intentional mistakes trick they'll certainly sick their lawyers on you if directly copy their pages.
The argument is it isn't the *work* that's been violated. That's in the public domain. It's the *image* of the work that's been violated. You copied the *page,* not just the words. The intentional mistakes are put there as fingerprints to show it was *their* page you imaged.
Below the copyright notice in my Walden you'll find:
"No part of this book may be reproduced in any form. .
Look, they aren't concerned with other people printing copies of Walden. What they're concerned about is that someone might print copies of Walden by simply photocopying the pages of "their" book.
Most works "transcribed" for Project Gutenberg are done by *scanning* a book. i.e. making an image of the page, and then running it against an OCR program. It's the scanning part that gives publishers the willies.
Like I said, it's doofey. That's what you get when you go into the public domain. It's not like they paid anything for it. They may have spent some money on legitimate scholarship, making corrected editions and so on, but that's peanuts compared to actual author's rights.
But that's the way things are done in real life.
Ever actually read a Project Gutenberg title? They all start with pages of "small print", legal disclaimers and even a simple EULA. They at least state explicitly that you have the absolute right to use the public domain part of the text however you wish, even printing it in book form and selling it, with no permission needed or royalties due to them * so long as you remove all of their original content and make no claims that it's a Project Gutenberg(tm) text.*
Which is exactly what Adobe did, but then claim rights to.
KFG
Under the DMCA just creating the tool is illegal. It doesn't matter if everyone or no one uses it.
Isn't the DMCA a USA law ??? Sklyarov did all his programming in Russia ..
Is copyright protection realy worth living in a world where a foreign national can sue a individual/company in another country for breaking laws in his country ? Like THIS ?
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc
So ROT-13 is most definitely an effective access control mechanism; you can't read it
Which brings us to an excellent point. It is pretty easy to learn to read ROT-13. And once you do learn it, it's virtually impossible to not do so any time you see it.
I have made zero effort to learn ROT-13, yet it took me about 2 seconds to recognize the phrase "All your base are belong to us" when I saw it posted in ROT-13. I even spotted that there was a typo in it, though I couldn't tell offhand what the typo changed it to.
I'm sure if I really worked at it I could become semi-fluent in reading ROT-13 within a day or so.
What are the DMCA implications of this? Of learning to decrypt something in your head? Because it *IS* possible to do DeCSS this way, though it would be quite an impressive feat.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
His country's government allowed the U.S. to try him for killing the girl after intense pressure from the U.S. government.
Your objection doesn't apply at all. Dmitry didn't go to the US to sell his company's software, he went there to give a talk. So not only did Adobe attack a Russian student for completely legal work he did in his home country, but they also purposefully accused the wrong person. If they had been serious, they would have gone after the *servers* in whatever US colo they happened to reside.
But this case isn't about Dmitry, it's about Elcomsoft. When they arrested Dmitry, I was completely against it, because he was just a programmer working for a company. He didn't do anything but create the program, which was legal where he was. But Elcomsoft is who is on trial now, and they are responsible for marketing/selling the software in the US, which means they are responsible for following American laws.
"Information wants to be expensive" - Stewart Brand, the same guy who said "Information wants to be free"
You obviously aren't a programmer, and don't deal with encryption and digital content as intuitive concepts.
Your ideas of what is "clearly wrong" are themselves clearly wrong to me, and anyone else with half a clue.
Part of the problem is terminology like "breaking encryption", which laypeople consider inherently evil because it sounds bad.
As a programmer, certain things regarding information in my posession seem like natural rights, because I understand and have an intuitive grasp of the material. I could never accept that the act of examining or transforming information that I legally have access to in any way could be criminal or immoral.
Doing certain things with the unencrypted content is obviously wrong, but the act of decrypting the content cannot be immoral, and I will never accept that it could be. I know there are a lot of people who would agree with me, and I hope we don't end up being a rogue group who refuses to accept the validity of stupid laws that are, for some reason, accepted by the majority of people (like cannabis users in most countries today).
Right. And if you're sitting in the US of A, and that's where they send your copy, then the sale was in the USA
So if you sit in the US of A and order some stuff from country 'X' (I.e. you send your CC# to country 'X') , and the company in country 'X' sends the ordered stuff to the US of A, then "the sale was in the USA" ????
No, the *buy* was in the US of A, the *sell* was in Russia. The item was sold *from* Russia, i.e. the seller was in Russia, i.e. the point of *sale* was in Russia. The buyer *requested* and *imported* the software from Russia, it was the *buyer* who initiated the transfer from the *seller* in Russia.
What part of this don't you understand ?
echo '[q]sa[ln0=aln80~Psnlbx]16isb572CCB9AE9DB03273snlbxq' |dc