Slashdot Mirror
Software To Stop Song Trading
Shippy writes "Palisade Systems is about to launch new software that can identify and block copyrighted songs as they are being traded online. However, the article fails to mention that it will also stop legal song downloads. The software blocks anything that's copyrighted, whether you already own the song in another format or not. Here's some snippets from the article: 'If installed in a university, for example, it could look inside students' emails, instant messages and peer-to-peer transfers...', and 'Jacobson said the identification process would not work on an encrypted network, such as is used in several newer file-swapping programs. However, the Palisade software could also act to block those applications from using the network altogether.' Great."
Encrypted protocols increase in popularity.
to spend money and give students a paid subscription for music downloads (some colleges have) then spend money tracking file sharing?
I guess it's time to start bridging those WiFi networks around the world. If you can't beat em, fuck em. I start file sharing over WiFi networks. I look forward to the days of local BBSes again. (WiFi BBS?)
Life is not for the lazy.
Encrypt IM encrypt file sharing encrypt your email
404
How does this effect pay-for programs like iTunes?
Also, is this RIAA-only songs being blocked, or other songs? Copyrighted doesn't always mean "undistributable". Someone may hold the copyright to something but may actually let people distribute it-- am I wrong there?
---
Never criticize religion on Slashdot. You will be modded down for "Troll" no matter how factual it is.
how do i tell this software that i want people to trade MY copyrighted music? if they block my file swapping would that be some sort of anticompetitive thing? just because the RIAA and its labels own the majority of music being traded doesnt mean that all the music being traded belongs to them.
If I send my friend an mp3 of me playing some music how can it tell that from me sending a copyrighted work? Is it reading the 'finger print' and then checking byte by byte? Isn't that going to kill traffic... But couldn't it be beaten by adding one extra byte to the file? Sending in another format?
Funny, on slashdot GPL violators are on step below Charles Manson, while copyright infringers of music, movies, and software are somewhere below jaywalkers.
Wait... it did say that it can look into student's emails and instant messages right? So basically it is giving the University free right to look into student's messages and claim that they are merely looking for illegal songs. There has got to be something that can be done by the students at these universities to block this. This is a total invasion of privacy. If any university tries to impose this onto the students attending, the students must do something. Hopefully we haven't lost all of our rebellious nature.
I wonder how this technology will hold up against stenography. Let me think about it for a moment. Hmm...
..is a P2P app that can run over an SSL connection, disguised as web traffic. I'd bet that could beat this thing. Does such a thing exist?
From the article:
"seeking audio "fingerprints" that could be compared with information in Audible Magic's database."
We've tried database-oriented filters to stop spam in the form of keyword lists and the like for years, yet spam is more of a problem today than it was 5 years ago. Why won't the same techniques that let spam slip past our filters let content slip past these filters? Add a byte here or there, run a very light encryption routine over a file and bam - one broken filter.
Even if the networks that use encryption in the protocol itself are stopped - encryption on the file level can be used on insecure networks and this software becomes useless.
Josh
How many roads must a man walk down? 42.
...of an SSH tunnel? :)
What has *science* done?!? -- Dr. Weird (ATHF)
The university I attend has explicit privacy rules, available for everyone to read. If I recall correctly this sort of thing would violate those rights awarded by the school and as soon as someone brings it up it'll disappear.
Is this software going to intercept any archives (.rar, .tar.gz, .zip etc.), unarchive them and check them? I'm not against such software - Universities have a right to disallow file trading on their networks, just as I have a right to use an ISP which doesn't use such software for my home connection. However, I just think that this won't work, at least not without blocking or hindering so much legitimate use that everyone revolts against it.
sig under construction...
Microsoft founder Bill Gates is scheduled to make a press release Friday morning to announce his partnership with the MPAA and RIAA to release a product that he guarantees can block all illegal file sharing 100%.
The solution will be called "Knife". This aptly named solution will entail taking a sharp pointed object to cut a network connection cable in half. Knife is to be released in a Home ($99 - straight edge) and Professional ($199 - serrated) version.
Rumors are circulating about a WiFi solution Gates has pondered entitled "Complete Technological Annihilation via Nuclear Bomb Generated EMP fields".
Both are expected with a Fall 2004 release date.
> They want to take the position of not filtering out all peer-to-peer [traffic], stopping copyrighted works but not the other content."
Here's the problem: how do RIAA and MPAA distinguish, legally, between copyrighted material that is permitted (fair-use), and that which is not? I'm talking about articles, fair-use media vs. illegal-to-distribute-or-possess copyright media. How do these watchdogs inform the public of such differences? The onus is truly on the RIAA/MPAA if you ask me. The story, strangely, is "Copyright © 2004 CNET Networks, Inc. All Rights Reserved," which begs to question... how can a twelve-year-old truly understand this discombobulated law?
That's the problem with the whole thrust of the RIAA argument against P2P (that the illegal trading of this copyrighted material hurts business). What about Internet articles? These articles are copyrighted works, published to the Internet by their respective owners, but quite often articles are mirrored by websites like Slashdot. Sometimes the copyright owners like this mirroring, and other times they do not (they seem to flip flop on it, depending on the source). Therefore, the lack of consistancy *should* make it extremely difficult to win a copyright case, although somehow the owners always win.
IANAL, yet my argument is that two distinct laws ought govern copy protection, because this fork-in-the-road is quite ambiguous. Firstly, how are any of us to know the status of copyrighted materials downloaded? What if we download a song over P2P, expecting the song to be one of the songs that are fair-use, and we pass the song along to a ton of other people? Secondly, how do we distinguish between the legality copyrighted articles that are online and music, and the fair-use music?
Because there exists no truly accurate copyright-status repository, I think all the people under suit from a watchdog might have some ammunition.Without a bona fide/impartial database of illegal filenames and md5 checksums to verify your current P2P files, how can you be responsible for these files?
Furthermore, if you downloaded a song from P2P, you should legally be able to upload it back to that P2P, if you truly believed the files to be fair-use, which could truly be any file.
The dangers of knowledge trigger emotional distress in human beings.
Uh, correct me if I'm wrong, but how can one stop all "secure" file swapping communications w/o killing off unrelated important stuff? I tunnel through anonymizer.com when I surf, and I imagine any file sharing program worth its salt could do a similar type thing through the same port (22). Wouldn't they end up not only killing file sharing but also people checking their bank accounts, registering online, buying stuff on Ebay, etc?
As for looking into email, sheesh! Public key encryption will avoid that, and any attempt to block those types of communications would be rather stupid and overreaching.
-- Fugacity: Confusing chemists since 1908
If this is based on fingerprinting technology it would be pretty trivial to cutoff the Type 1 and Type 2 tags, reverse the content and stick'em back on. Reverse the process after downloading. Of course you could always UUencode the song and add a zip extension to it or a multitude of other tricks to hide what your doing.
Never underestimate the power of broke, bored, determined college students.
Sig (appended to the end of comments you post, 120 chars)
it will also stop legal song downloads. The software blocks anything that's copyrighted, whether you already own the song in another format or not.
Uhm... no. That's not a legal download. That's a rationalization that some people have tried to claim, but it's not exactly one the courts have confirmed. You can format-shift your own copy of a song, but you can't take somebody else's copy of a song you happen to own a copy of in another format.
Unless you're the copyright holder, you don't really "own the song", you own a "copy of the song" that you're allowed to use. If all you've done is just buy the overpriced CD, you're still not allowed to distribute a copy of your copy under any conditions...
neither RIAA nor Audible Magic had given them a demonstration of the filtering tools. Industry trade group P2P United says it has repeatedly contacted the company asking to see the filters in action.
Ikezoye said he still has not demonstrated the technology for the peer-to-peer companies.
This brings up a ton of questions:
- What are they looking for in the content of P2P traffic?
- What defines copyrighted or 'controlled' material? Bootlegs won't be in there...
- If it ain't installed in the client, where is it installed?
- Will this work on server based P2P like soulseek?
- What possible gain is to be had by filtering this?
Studies have already shown that CD sales increase where there is a market of 'try before you buy'. (Australia, for example) When is the RIAA going to wake up and realize that the biggest marketing tool in history is at their command and they don't have to do a damn thing to prevent it?
Radio killed the vinyl star? Nope.
Video killed the radio star? Um, nope.
MP3 killed the video star? Maybe, but absolutely to the artists' benefit and not some fat f*ck from Clear Channel.
Filtering is way too invasive to even be considered an option. Sheesh.
"Look, Smithers! I'm Davy Crockett!"
If they've got software that can "name that tune" as it passes by in MP3... isn't that the holy grail for legalizing P2P?
All it would take is some authorizing legislation, and every time a P2P song passes through the toll booth, a few pennies (quanity specified in the law) get transfered to the song owner. Those pennies can either be asorbed by the ISP as part of their service, or they can pass it along to the customer as part of their bill.
There you go. If it can block it, it can log it too...
seeking audio "fingerprints" that could be compared with information in Audible Magic's database
I think they will get a database from the RIAA of copyrighted songs to compare against. I doubt garage bands will be in the database.
You know, I'm not one to break out the Star Wars quotes lightly, but : "The more you tighten your grip, Tarkin, the more star systems will slip through your fingers." What a dopey system. Everyone knows that the only way you're going to stop this kind of thing is through draconian legislation! :)
The following IM conversation is brought to you by the fUtUrE between two hormonal college freshmens:
;-)
AeFr4tb0y69: Damn babe, you were so hot last night!
CutIeyPiEKit86: ya know I gots da bounce
CutIeyPiEKit86: oh papi
CutIeyPiEKit86: baby hit me one more time
>: This Instant Message session has been detected to contain copyrighted materials. The network administrators here at {INSERT SCHOOL_NAME} has been made aware at {INSERT TIME_STAMP} a copyright violation was detected and all parties including copyright holder(s) has been notified. Thank-you for using {INSERT INSTANT_MESSAGE_CLIENT_NAME} and have a wonderful day.
I suspect the ACLU will not be very far behind.
.. and that's the HAM bands. Encryption is verbotten. Of course, the government doesn't follow it's own laws, witness, it's "legal" to broadcast without their "speech license" if we are in a state of emergency.
*But*, we are *always* under several overlapping "states of emergency"(one of the main reasons we do not have constitutional government-side isue), YET they still bust microbroadcasters whenever they feel like it for not having their license or paying their fees. In short, liars.
See, their laws mean nothing, they are there for THEIR convenience and THEIR profit, to be used ON you when they see fit..whether it's their own little idea or some lobbying force bribes them into it.. so don't be surprised if encryption on the net is made illegal, or to sort of slide into it first, they might make you register, pay a fee, get yet again another government "license" permission, and make you hand over your private key first before you use it. They already have gone on record saying they want that, various alphabet goon agencies, and eventually they get what they want. All they need to do is drop the buzzword "terrorism" now.
So - this software will block my VPN to work and not allow me to work from home?
Methinks that this software will die a quick death.
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
So this software would make backing up your data illegal? I have all my CDs ripped, and I ftp them to another drive at another location frequently. This would stop any student from sending any of his MP3's to a computer at home for back up. That sounds fair.
Is it just me or does this sound like RIAA bought their own version of Carnivore?
If this actually comes to pass, this will set a horrible precident for the future. To be allowed to intrude into private computers should be against the law, unless a search warrant is granted. Allowing this to be implemented in an actual setting would be disastrious. Not to mention that THEY get to decide what is copyrighted and what is not protected. --Those who would trade in freedom for security deserve neither. -- Jefferson
OMG OMG OMG WTF OMG WTF BBQ STFU RTFM, OMFG OMG OMG OMG ROFL LMAO OMG WTF STFU ROFLMAO
gathers GREEDY RECORD EXECUTIVES from all over America and abroad for one common goal - being GREEDY RECORD EXECUTIVES.
Are you GREEDY ?
Are you a RECORD EXECUTIVE ?
Are you a GREEDY RECORD EXECUTIVE ?
If you answered "Yes" to all of the above questions, then RIAA (RECORDING INDUSTRY ASSOCIATION OF AMERICA) might be exactly what you've been looking for!
Join RIAA (RECORDING INDUSTRY ASSOCIATION OF AMERICA) today, and enjoy all the benefits of being a full-time RIAA member.
RIAA (RECORDING INDUSTRY ASSOCIATION OF AMERICA) is the fastest-growing GREEDY RECORD EXECUTIVE community with FOUR OR FIVE members all over United States of America. You, too, can be a part of RIAA if you join today!
Why not? It's quick and easy - only 4 simple steps!
First, you have to obtain a copy of THE COMPLETE WORKS OF METALLICA and listen to it. (You can download the music (~280mb) using BitTorrent, by clicking here.
Second, you need to succeed in posting an RIAA "first post" on slashdot.org, a popular "news for thieves" website
Third, you need to join the official RIAA irc channel #RIAA on irc.riaa.com, and apply for membership.
Fourth, you need to pay the nonrefundable RIAA MEMBERSHIP FEE of FIVE MILLION UNITED STATES DOLLARS (US$5,000,000)
Talk to one of the ops or any of the other members in the channel to sign up today!
If you are having trouble locating #RIAA, the official RECORDING INDUSTRY ASSOCIATION OF AMERICA irc channel, you might be on a wrong irc network. The correct network is lawsuitnet, and you can connect to irc.riaa.com as our official server. If you do not have an IRC client handy, you are free to use the RIAA Java IRC client by clicking here.
If you have mod points and would like to support RIAA, please moderate this post up.
______________$*________________________________
| _____________&@_______________________._a,____ |
| _________._______a_______aj#0s_____aWY!400.___ |
| __ad#7!!*P____a.d_______#!-_#0i___.#!__W#0#___ |
| _j#'_.00#,___4#dP______j#,__0#Wi___*00P!_"#L,_ |
| _"#ga#9!01___"#01______"4Lj#!_4#g_________"01_ |
| __"#,_________*@`_________`___-!^_____________ |
| __#1_,%________$^_____________________________ |
| __J1__$%______________________________________ |
| __jk___58___RECORDING INDUSTRY_ASSOCIATION____ |
| _______________OF_AMERICA_____________________ |
| ______________________________________________ | (c) RIAA 2003, 2004
` _______________________________________________'
Hear recorded Slashdot headlines on your phone! New service beta testing. Just call (248) 434-5508
I was working for Palisade when they developed the first version of PacketHound.
Actually, I should say when they stole PacketHound, since it was actually created by a coworker in his off hours, outside of Palisade. The CEO at the time fired this guy and sued the developer to gain the rights to PacketHound. Kind of ironic that they stole something that is supposed to prevent stealing!
Like Palisade's original product, called ScreenDoor, PacketHound is just a packet sniffer that sends out TCP RST packets to disrupt connections. Palisade (and Iowa State University) actually have a patent on this, even though there have been firewalls and other programs (like Snort) which do the same thing, and predate the patent.
Palisade itself is a tiny company that is milking this one patent/idea for most of its products. But they are somehow good at getting press...
Simple. Ever heard of a man-in-the-middle? You make an SSH connection to a computer on the other side of this software. It detects you are using SSH, and steps in during the key negotiation protocol. Your client complains that the host key has changed. You either refuse the new host key and you're SOL, or you accept it and the software can still look for copyrighted material. You complain about security, but they claim your connection is still "secure" as it is reencrypted on both sides by this software.
If I can be modded down for being a troll, can I be modded up for being an orc, or a balrog?
as someone noted before, encrypt everything. It is not just good idea for file swapping, also, it is good practice incase of information leak.
anyway, that's not my point, I think it would be good idea if people can change the software slightly so that it block different thing, *cough*spam*cough*, it might be more constructive than blocking `any` kind of copyrighted material. Well of course, it would be nice there is no censoring of information, but we are too far away from that.
if you like this, thank you. If you don't, sorry I took your time to read this.
maybe we just need to rename songs as .doc or .jpg. If that crap can still catch them, cram the song into real images or insert them into real office documents.
One may insert them into icmp packets (ping still allowed??). What if i encrypt all my email, will encryption be outlawed? The war on file sharing is turning into a war on drugs, we all know how effective it is.
I think anyone can still get packets and or out a given network can download and upload songs or anything. those big 5 labels are causing real damage trying to police the internet and deserves to die real fast
Music is shared. The industry finds way to block it, but in doing so pisses people off. New P2P app. Random corporate ups ante, finds new way to find out identity of P2P user. New P2P program that blocks ID. People post about it on slashdot. People make funny comments, and get modded up. Piracy increases, RIAA makes new blocking program. Cowboy Oneal finally decides that he's sick of it all and declares a ban on P2P relating articles.
Anyways, down to real business: The more people try to stop people from downloading files, the more it becomes damaging to themselves. Not only are they blowing money on quick fix solutions that do nothing but piss people off and force them to resort to other methods, but in the end their problem is that people are going to download their crap no matter what. If they stop them from downloading, they sure as hell won't buy it, so they might as well let them be.
Now, I'm not saying that's the right solution, or there is a solution, but I think trying to stop it and potentially messing people up all over the board is just a haphazard and dangerous way of doing things. Go back to the drawing board... And as much as I hate to admit it, but I feel by the time they solve P2P, Mac will be in control of the market, we'll be insectoid alien slaves, and Elvis will have returned, and will have posted a story on the truth about aliens here.
GMail looking inside e-mails? Isn't this just doing the same thing? What is to stop them from releasing a "new, improved" version of this software to allow universities to look inside e-mails for other things? Phrases that look like part of a term paper, that I *may* be plagarizing (sp?)
FUD off
At least not going to college anymore, I don't (for now) have to worry about this. What I can see is this software is automaticly presuming you are guilty of music swapping, and searching your e-mail without due process (BTW, IANAL)
If the courts want to use an e-mail as evidence, do they not have to get a warrant? Why should this be any different?
harumph.
Jason A.
Do you see the FNORDS? I refuse to post anonymously, as I am fireproof!
The article says that personal e-mail will be ran through this as well, as a student about to go to college in the fall, this is truly disturbing. Is anyone else angry about the idea of their school looking through their e-mail? What if i'm sending a legal copy?
... this software cannot block file sharing.
If I decide to encode a song as a text file containing the bit-string of a song and slap that on a web server, what is this software going to do? Oh, sure, the size of that MP3 just jumped by a factor of sizeof(char), but its out there. Maybe it'll be smar t and read the first X bytes of any file it passes? What if the file is multiple parts? I can serve it on my web server. I can toss it up on NNTP.
In short, the only way this software can stop filesharing is to block the network connection entirely. This is perfectly obvious even to a dimwit like me.
404 Error:
The wargame company that makes Combat Mission does this to their save game files. The files are encoded not encrypted and the data read in/out into the file is true plain text, but unreadable. You cannot tell this is an encoded file by any means I am aware, but the file loads up smoothly and quickly.
Seems to me iffin you wanted to defeat this new drive to invade privacy, making a software module that will allow you to store and transport music (and many other kinds of files as well ) files as plain text would be a tremendous blow to those efforts.
Dawn of the Dead
I don't think that simply testing the fingerprint of the actual data in the file would work very well, since there isn't a very good chance that an mp3 of a track encoded by Person A will match an mp3 of that same track as encoded by Person B. Aside from the obvious changes such as higher or lower bitrates, the actual data is likely to be different depending on the encoder used (though producing basically the same sound).
I assume a more complex system involving actual analysis of the sound would be necessary in order to detect illegal audio files.
Please direct all fan mail to the head of Palisade, Doug Jacobson. dougj@iastate.edu
Check out his senate testimony(Google Cache). This guy makes a living spooking the spooks.
bash-2.04$
bash-2.04$yes "Don't you hate dialup connections?"| write USERNAME
Obligitory: You must be new here.
really, what's overplayed? the various cop shops want to be able to intercept any net trafic, they are on the record of desiring everyone's private keys. The FCC violates it's own laws on little guys, yet lets the fatcats skate most of the time and rip billions from the public. It's just data. The discussion evolved to "using encryption" and to me, starting with the one verified example I brought up, it's not far fetched to assume that sometime in the not so distant future it will be illegal, or highly regulated. They already made copyright infringement be a felony punishable by jail time and fines if the feel like it. Anyone see that one coming even 3 years ago?
If anything, I think more people need to get more upset over it, because a too-casual outlook towards this whole... creeping big brotherism and being a serf in your own nation afraid to enjoy life won't be stopped by ignoring it.
I don'thave a dog in the file sharing fight, don't do mp3's or movies, but I can smell a conjob when I see one, and the record and movie ghouls been pulling a rip of massive proportions for decades now. There's laws on the books and then there's laws that beg to be broken. Prohibition was one that went on way too long until it was a national embarassment. They started another stupid buncha laws, and not enough people spoke up and fought to stop it,so now we have the war on some drugs, that got us 1/2 way to a full-bore police state.
Sometimes ya just got to say no to stupid stuff. I walked with people who got refused service in restaurants because of their skin color,and it was "legal" for that to happen to them at the time. I took the gas when we tried to stop a stupid war that wasn't legal and was a scam based on a whopper lie, yet they called it "legal" and killed millions of people over it, both "our guys" and some other people, and they didn't care. And on and on, stupid things big AND little, but they all add up, and they all apply to everyone sooner or later. Even when you think this latest stupidity don't apply to you, eventually it will, because their job is to think of stupid things to make life more complicated and to make it harder to avoid "offending" them so they can "crack down" on you for..whatever. Just think of all the things they are gonna "crack down" on. Believe me, they won't run out of nouns to target. Eventually they'll get to something really important to you, "general you' I mean.
Now we got all sorts of stuff like that going on, PLUS we got this cyber world to deal with, and some things are just as stupid as the others. I say it's righteous to say NO to obviously stupid things. And the deal is, with government and their corporate pimps, it's the death of a thousand cuts with those people,they just keep coming and they ain't got no pity, you got to say "NO! quit cutting me" everytime they try it,no matter how small the cut is, and be quick with the bandaids and iodine.
If you keep taking the little cuts, because "oh well, it's just one little cut", pretty soon it adds up to be the equivalent of a meat cleaver in it's effects. It's like, what's the line, how far do you eat it when they are trying to make you eat it constantly?
In short, it's not tin foil hat if it's real,and if you can step back and look at the bigger picture and not get hung up on minutiae, and realise that they WILL cut you as often as they can think of a new way to do it.
I don't think that stuff like this comes along with the intent to actually use it in the long term...
It's kind of like shopping at a place like Walmart. They have those stupid little detector things at the doors that go off and are supposedly to catch shoplifters. The fact that they are there is the deterrent. I have yet to see one person caught shoplifting, but have seen countless people doing some shopping, pay for the item(s), and walk out the door. Everyone stops and looks.
The music industry is doing much the same thing. They don't really think they are going to catch anyone doing serious damage, they just count on the deterrent factor, and they count on publicity. We need to stop making such a big fucking deal of everything the RIAA, et. al. does. It only empowers them.
iRATE is a program that downloads music that artists have put on the net. These downloads are also taylored to your own tastes, based on comparing what you like with other users. With this, there isn't a need for P2P music file sharing, and risking being sued by the RIAA, as copying this music is sanctioned by the artist. (Unsurprisingly, not much of this music is made by RIAA labels)
I would LOVE to see a university try to block that. A small private one might (and I emphize might) be able to get away with it but a big one? Forget about it.
Hell, our university REQUIRES SSH for many things. You can't telnet to the e-mail cluster any more, it's SSH only. Likewise the webmail is SSL only. You just don't have a choice, you'll use the encryption or you'll not use the system. My department is working on going to that. Going to be no telnet, no FTP, no unencrypted IMAP or pop. Everything will be SSH, SFTP (which is also SSH), or SSL. Unencrypted communications will be in-building only, or for things like the main website. You want to access any systems, you'll do it with an encrypted protocol, or use an encrypted VPN tunnel to get a local address.
So either SSL or SSH would work well. They are just too useful and used for too many things. Try and shut that down and you'll find backlash like you can't believe.
Not every college says their computing resources are for academic use only. Honestly, such a policy is kind of ridiculous - with such an agreement, you've suddenly said your students aren't allowed to do a whole host of things, such as use their campus network connection (or campus e-mail account) to keep in touch with family and friends. You've also said your students can't use the campus network to download games and all sorts of other stuff that you really shouln't be disallowing people who live on campus from doing.
At the college I went to, the computer center understood that the campus network and internet connection weren't just an academic tool. They were also a student entertainment service and a way to attract kids. A college with a TOS that doesn't allow this or has a generally crappy low-bandwidth internet connection in the dorms stands to lose a lot of good applicants to well-wired schools. Which isn't to say that the network was totally unrestricted - there were bandwidth caps on traffic going through all the popular filesharing ports, for example, and all non-port-80 traffic in the dorms was restricted during peak hours.
I have seen such policies on computer labs (with the understanding that e-mail is okay), and that does make sense.
Just plain old text, can't be something bad with that.
> 'If installed in a university, for example, it could look inside students' emails, instant messages and peer-to-peer transfers...'
Damn, someone comes up with a piece of software that will snoop into your e-mails, im's and p2p, violating your privacy in an even bigger way than GMail and not a single person even mentions the fact that this program could be hijacked to snoop for things such as credit card numbers, passwords, etc. Atleast with GMail you have a choice whether or not you use the service. The people this software would effect don't exactly get the choose whether or not they participate in it's use.
Heh, some universities (cough*mine*cough) don't care if there are legal uses. We were the subject of this wonderful article from the beginning of the year about schools to avoid.
Basically all file sharing programs are blocked, along with all bittorrent (say goodbye to Linux ISO's and any other legitimate use) and most recently they've blocked off IRC. Yes, all of IRC. It still works on the campus wireless network, but you can't get any wireless signal in the dorms where these restrictions take place. As much as I love the dorm life, I'm getting an apartment next year.
So legal uses or not, if someone thinks it'll solve a problem, they don't care what else gets in the way.
Now, if people are already leery about the government, which is notionally accountable to them, doing this sort of thing, what on Terra makes these private entities think that their doing it will be accepted?
Quite aside from the insulting and inexcusable assumption that is at the root of such a program ('guilty until proven innocent'), what reassurances do people have that this capability will not be abused? For instance, it's quite easy to destroy someone's reputation by planting child pornography on their hard drive, then 'anonymously' tipping the FBI...
- White Knight of the Order of Mihoshi Enthusiasts
All you would have to do is write the song out in binary, scan it in, save as a jpg and pgp the email.
Problem solved!
For starters, I'll be damned if your fscking spybot will ever acess my hard drive. Block all ports by default, opening as needed.
How, exactly, does a remote program ruffle through my files without my permission, anyway? Mandated backdoors? Screw them.
If it looks for an audio "fingerprint," how will it react if some 10-year-old wrote a 5K program to insert a random byte every N bytes of the MP3 (or any file)? If I do something as idiotic as flipping all the bits? The ways to foil things that search based on fingerprints are too many to name.
Who the hell gave you permission to look at my private e-mails? Oh, yeah... I DIDN'T!
Amendment IV: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
How exactly will it react to a file named "Britney-Spears.mp3" that contains nothing but static? Did I mention the violation of privacy?
They've already admitted that it's completely impotent against encrypted traffic, and there are already encrypted p2p clients.
For the love of God, don't these control freaks realize when they're beaten?
OK, I think I've got most of the obvious replies out of the way. It's obvious that the current control freaks "up there" see the Internet, and realize quite well what it can and will do them if they can't nip it in it's budding stages. Kid yourself not: They will wage an all-out war against privacy on the Internet. And as always, all that is needed for evil to win is for good to do nothing.
Contact your congressperson. Have all your friends do the same. Snail-mail them. E-Mail them. Donate money to their campaigns. Get the word out!
Actually they are more interested in keeping music off the internet in order to prevent bands from going independant, the internet makes them far less important than they once were.
Snowden and Manning are heroes.
Encryption only works if other people do it too.
I use GPG. Nobody else that I know does, and so I cannot encrypt email to them.
How many people really use WASTE?
As for AIM encryption, how many people are using gaim, have the encryption plugin compiled in (which frequently doesn't work with the latest version of gaim), and don't mind the occasional compatibility problems the encryption plugin causes with other AIM clients? I've come to the conclusion that the *only* instant-messaging protocol that I know of with effective and widespread encryption is Jabber, but few people use Jabber -- sure, it's great for talking to your techie friends, but not everyone in the world is a techie.
May we never see th
"There's no way that any piece of software would be able to peek into encrypted sessions... so the only option this software would have would be a "deny all"."
Actually there's one very simple but obvious thing they could do. Proof of which I will write in the margins of this post.
Why bother with encryption? Just set up some phony malformed files (and keep your mp3s rared whatever) and share all your bandwidths worth.
The system is supposed to work on audio-finger printing. I can imagine how easy a system like this could be DOSed. Now imagine all P2P users worldwide doing this (P2P-app prepares this stuff). It'd be the biggest DDOS of all time.
This censorship mayhem is so ambitious it's bound to fail.
Not Buzzword 2.0 compliant. Please speak english.
I think you've got the problem absolutely right. This is a direct consequence of two things: big media business abusing its monopoly, and a certain type of Joe Public breaking the law. In both cases, these are not good things, but they are done because the perps think they can get away with it.
As has often been said (but rarely heard) in these parts, the correct solution to this situation is to fix the problem, not to try to circumvent it by ever more devious means. The music industry should be compelled by the legal system to stop its price fixing practices, under the threat of having its business made seriously unprofitable by the courts. That will lead to reasonable competition in the market, and fairer prices and better distribution methods will naturally follow.
At the same time, I have no sympathy for the song-swappers who have been taking the piss for years because the tech was ahead of the law. You brought this upon yourselves. Copyright law is there for a reason. If you don't like the law, the solution is to seek to have it changed. If as many people agree with you as you think, that shouldn't be difficult, now should it? Of course, in this case, the widely-flouted law actually is reasonable, it's the failure of the authorities to enforce the flip-side of the law and smack the media outfits down that is causing the problem.
By carrying on with the current approach, all the oh-so-clever, we'll-just-use-encryption song swappers in this thread are simply inviting the inevitable: legislation to ban encryption in electronic transmissions, together with draconian enforcement rules and mandatory monitoring. This is a fight you cannot win. Wake up and start fighting the fight you can, or the world will be a worse place for your selfish actions.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
Who needs encryption? Just move from Songname.mp3 to Songname.mp3.zip/rar/ace/lzh/whatever. The compression should remove any 'fingerprint'.
Makes for a few challenges but it would easily defeat the system by the sounds of it.
I've built up so much character I have an alter-ego
The trend among content-filtering firewalls is to filter SSL sessions by splitting them in two - one from the client to the firewall and another from the firewall to the server. If the session cannot be split, it's rejected.
Eventhough it's client-friendly man-in-the-middle attack, which defeats the whole purpose of SSL, there is a demand for this functionality.
--
The way it works is the client installs extra root CA certificate, and the firewall is given its own CA-enabled certificate derived from the former. Whenever it sees SSL connection coming from the client, it accepts its on behalf of the server, handshakes with the server, then replicates server's certificate signing with its own key and proceeds handshaking with the client. And the client accepts this forged peer's certificate, because it traces back to 'trusted' firewall CA. Pure magic.
3.243F6A8885A308D313