Slashdot Mirror
Is Microsoft Using RIAA Legal Tactics?
Nom du Keyboard writes, "CNET reports, 'Microsoft has filed a federal lawsuit against an alleged hacker who broke through its copy protection technology, charging that the mystery developer somehow gained access to its copyrighted source code.' Looks to me like since they can't figure out how else he's doing it, they'll sue on this pretense and go fishing for the actual method through the legal system. They clearly have no proof yet that any theft of source code actually happened. This smacks of the RIAA tactics of sue first, then force you to hand over your hard drive to incriminate yourself. Isn't this something the courts should be putting a stop to at the first motion for dismissal?" Viodentia has denied using any proprietary source code, according to CNET.
Why is it so hard to believe that he read the assembly and figured out how to crack the DRM from that?
Avoid Missing Ball for High Score
- Prior to the trial, make sure that the judge realizes that your wife, daughter and grandmother are available for him depending on his age preference.
- Have the only licensed copy of Photoshop in the world installed on your laptop and present at the trial. Ask the defendent for his IP address during questioning and then add it to a BMP screen shot of some file sharing application with "KAZAA" shakily written at the top of the screen. Make sure that you wipe the drool from the judges mouth when you explain to him that this list is dynamic but you're sure the defendent is guilty. Also, throw his IP address on the Berlin Wall, the cover of Chairman Mao's Red Book & Hitler's armband in his 1936 speech just so the judge realizes the pure evil he's dealing with .
- Remind the judge how much you and your industry mean to the American economy. Also remind him who's in charge right now and how important it is that the economy stays in full swing. Carefully explain to him that a successful lawsuit will not help the American economy.
- Bring in Senator Ted Stevens as an expert witness on computers and tubes so the judge can understand how both computers and the internet works.
- Act like the artists (or in Microsoft's case, developers) are the ones being screwed here. They are the ones that this hacker is stealing from and then show pictures of their families living in the cold run down mansions in Redwood. Also show a picture of Lars Ulrich with a measily pile of only 5 million dollars instead of 6.
- Rinse, wash, repeat above card.
- Use legions of lawyers to inundate the individual with accusations about his past and his profession.
- Bottom line: stear clear of the fact that people pay you money for instances of something that's easily instantiated. Try to blur the concept of physical property versus intellectual property and use bad analogies such as grand theft auto or gas station holdups to the case at hand.
- Oh, and stop at nothing to make sure the person is ruined for the rest of their life. Leans on paychecks are a sweel idea as well as restitution through house, car, possessions, etc.
So, as you can see, Microsoft has a ways to go before meeting the RIAA's stringent legal tactics. Don't worry though, I have faith in Microsoft.My work here is dung.
Microsoft has released two successive patches aimed at disabling the tool. The first worked--but the hacker, known only by the pseudonym "Viodentia," quickly found a way around the update, the company alleges. Now the company says this was because the hacker had apparently gained access to copyrighted source code unavailable to previous generations of would-be crackers.
Tenuous grounds -- Microsoft is in effect claiming nobody could have reverse engineered their code, or cracked it, so fast, therefore they must have cheated by having access to Microsoft's original sources. Sounds like a logical assumption, but it's a bit like claiming a driver went from Point A to Point B, 100 miles apart, in one hour must have been speeding, though there was no witness to the driver actually speeding.
I expect what Microsoft really wants is to find if they have an inside man leaking code. Have to get Viodentia to reveal that by poring over his/her drive, which may yield absolutely nothing and be fairly claimed as harrassment.
"FairUse4WM has been my own creation, and has never involved Microsoft source code," the developer wrote. "I link with Microsoft's static libraries provided with the compiler and various platform SDK (software development kit) files."
Sounds almost as if those at Microsoft pursuing this case do not even know what their own library routines may be capapble of.
A feeling of having made the same mistake before: Deja Foobar
Wouldn't this fall under the category of reverse engineering for interoperability? As long as he isn't re-publishing copyrighted code, I don't see what their problem is.
IIRC, The program doesn't even circumvent the DRM, it just waits for WMP to do it, and then reads some of its memory.
...because "hacker" sounds way sexier than "code drone."
What I take from this is the following:
Even WITH the source code microsoft cannot figure out how their code works and issue patches...so how would they be able to tell if some 'hacker' is really hacking their ultra secure corporate network? What do they do when third parties issue unofficial patches for IE? Are they going to start filing lawsuits against the white hats too as they might have figured something out on their own?
I am neither for or against hacking DRM and such, but honestly, assuming somebody hacked their way in and stole source code is a little bit harder to believe than simply figuring out a way around what I'm sure is an elementary DRM code. Poking and testing is easy to do, hacking, finding, downloading, and analysing source code is probably adding a bit more effort to the process than most guys trying to beat DRM are willing to go through.
The simplest explanation is usually the correct one. If he just plain figured it out by trying several different things, I'm inclined to believe him.
Who is this that even the wind and the waves obey Him? Surely this computer must submit also!
> Tenuous grounds -- Microsoft is in effect claiming nobody could have reverse engineered their code, or cracked it, so fast, therefore they must have cheated by having access to Microsoft's original sources.
Sounds more like SCO's tactics than the RIAA's...
-- OpenVerse Visual Chat: http://openverse.com
Dismissal is only appropriate where the complaint fails to state a claim upon which relief can be granted. There is no evidentiary burden for a motion to dismiss, and before some discovery, a motion for summary judgment (which seems to be what the author is referring to) is premature. If Microsoft has a good faith belief that what they alledge happened actually happened, then they are entitled to discovery to prove their point, so long as they actually have a cause of action (in this case, they do). If discovery information does not support their claim, then the defendant can have summary judgment. Even if they are using the legal system to "find out how he did it," if someone committed a tort against them, they have a right to figure out exactly what happened.
Don't write about law if you know nothing about law, and don't make assumptions or claims about lawsuits based on second-hand information and bias.
"This smacks of the RIAA tactics of sue first, then force you to hand over your hard drive to incriminate yourself."
This smacks of SCO tactics to me. Accuse first, offer no proof, sue so you can fish for evidence...
Say, didn't Microsoft indirectly fund the SCO fishing expedition? Nuff said...
The race isn't always to the swift... but that's the way to bet!
A disassembler.
I mean come on! Really! Read this from TFA:
Microsoft has released two successive patches aimed at disabling the tool. The first worked--but the hacker, known only by the pseudonym "Viodentia," quickly found a way around the update, the company alleges. Now the company says this was because the hacker had apparently gained access to copyrighted source code unavailable to previous generations of would-be crackers.
Um, hello? People have been disassembling code to disable copy protection since the first days of the warez scene. You don't need the source. All the source does is speed things up a bit.
Not that I'd know anything about that. *ahem*
Weaselmancer
rediculous.
...... Can be found here:
o nds-to-microsoft-releases-fairuse4wm-1-3/
http://www.engadget.com/2006/09/27/viodentia-resp
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
Our congressmen and senators look after the welfare of their constiuancy (sp?), and the courts come to a fair and balanced ruling which takes the best interests of the citizens into account and comes to a verdict which is most just for their citizenry.
It's just that now corporations are the only real citizens-- a situation no different than the late 1700's/early 1800s when only the rich white landowners were considered citizens.
Again, I'll ask --the system works; why are you bitching?
because it was there.
The Kruger Dunning explains most post on
Microsoft is after FairUse4WM, a lone programmer who calls himself Viodentia. FairUse4WMV was first released by Viodentia on the Internet on August 19. Engadget first broke the story on August 25th. Microsoft released its first fix on August 28, but that was thwarted three days later by the release of an updated version of FairUse4WM. As of this posting, no new Microsoft fix has been released. In the mean time broadcaster BSkyB has stopped its broadband movie download service until Microsoft secures its DRM system. Other content download services such as Movielink, RealNetworks and MTVs Urge service use Microsoft's PlayforSure technology and are equally vulnerable!!!
DRM is an arms race that the defender is going to eventually lose. Microsoft realizes this and is using the legal system to try to intimidate their NEXT adversary in the DRM battle. If they can successfully make an example of the person who bypassed their DRM this time, the next person may think twice. And yeah - it stinks.
[Insert pithy quote here]
The 5th Amendment typically only applies in "criminal cases" (i.e. jail time and/or fine) but can be invoked in civil cases (i.e. injunction and/or damages suffered) when the testimony the witness is asked to offer would be incriminating against him.
Additionally, the production of physical evidence (gun, blood sample, computer, etc.) is not considered to be "testifying." Under the 5th, you cannot be forced to "testify" (verbally) against yourself. However, the government (in criminal cases) and parties (civil cases) can still obtain all physical evidence which is relevant OR is likely to lead to relevant evidence.
"I don't know how GuyIDontLike did something, therefore he must have cheated."
Some developpers are extremely slow to realize that things which seem nigh impossible to them are in fact, run-of-the-mill easy for talented hackers, crackers, upper-teir skr1pt k1dd13s, and others. Code obfuscation is not by any means adequate protection.
Neither is sticking anti-debugger crap in your code, for that matter.
despite their DRM being yet another monopolistic trap.
It's about DRM being like gun control (don't get me wrong, I HATE guns and private gun ownership):
DRM punishes the honest, and does nothing about people who are going to steal.
Make 'legal' online music consumption easy for the consumer, and they will be happy, and you will make money.
Treat them like criminals, and... well, you'll just be cultivating this behaviour.
Personally this is another great M$ beta test. They can't hope to find the flaws in their DRM design, and Windows Media software, so they get users to do it. If the flaw is not obvious and no one will volunteer the info M$ needs to correct it, they send in the lawyers. Makes me wonder if they will take HP's lead and get some PI to do a black bag job on someone's house. Hey, computers get stolen all the time :)
If they do end up in court, at the very least only third party investigators should have access so as to protect the defendents trade secrets and IP. Afterward, to top it off, M$ should open itself up to verify that it isn't secretly using anything it learned in the trial without paying compensation.
Hacker just needs to countersue, saying Microsoft could not have issued a patch that undid his DRM-removal without access to his source code. The arguement is the same, and with the time for Vista to ship as evidence that Microsoft cannot turn around updates quickly, source-code or no.
From an article I just started reading: ...when Mozart was a boy he traveled to the Vatican with his father. Since they happened to be there at Easter, they were able to take in a performance of Allegri's Miserere. The Miserere is considered by many to be one of the most beautiful pieces of music ever composed. It is so beautiful, in fact, that at the time the Pope allowed no copies of the score to be made, and it was only performed at Easter, and only at St. Peter's Basilica in Rome. Only the choir was permitted to see the score, which was otherwise kept under lock and key.
Mozart, being the prodigy he was, heard the piece once and memorized it in its entirety. When he got home he wrote down the score without a single missed note. When Church authorities heard that Mozart had an unauthorized copy of the Miserere they took him to court, accusing him of stealing a copy of the score. The young boy was able to prove that he had not stolen the work only by writing down the piece again, perfectly, from memory in the presence of the court.
Obviously this probably isn't the case here, but isn't this a good example that you should not be allowed to sue somebody for copyright infringement unless you have some proof they obtained what they got thru illegal activity?
The 5th Amendment would not generally apply, since it's a copyright infringement claim and thus not a criminal offense. The 5th Amendment pertains to crimes, not torts. Further, the 5th Amendment is understood to refer to the government compelling you to implicate yourself through testimony, not a third party or through evidence.
That said, the as-of-yet-unchallenged Digital Millennium Copyright Act clearly makes "access" to copyrighted works without a license illegal if they are "digital". Under that law, "access" to "digital" copyrighted works is indeed a crime. In that case, if the government got involved in the prosecution the 5th Amendment may very well apply with regard to whatever testimony you give.
So, what did I get from this article... There's a new tool available that can strip new Windows Media DRM! Thanks, Microsoft!
:^)
It took a bit of searching but I found the program and mirrored it if anybody's interesting. Please be sparing on my bandwidth.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
that by forcing someone into the courtroom and accusing him of stealing the source code, his probable defense as everyone has pointed out is "I didn't steal the code, I reversed engineered it."
Guess what else is against the law? His/her best defense is an admission of guilt to breaking the system/scheme of protection. It is probably a win win for Microsoft.
And regardless if you are for or against the law(s), it seems as if some law has been broken.
I wouldn't say Microsoft is adopting RIAA tactics because that would be crediting RIAA for inventing the use of the courts to stop something they don't like. Companies have doing that for a long time.
slashdot troll = you make a compelling argument I do not like the implications of.
Microsoft wants to convince its music partners that its DRM is unbeatable. Now that it's been cracked, they're trying to argue that the only way their "unbeatable" DRM could have been cracked would be due to access to the source code.In other words, along with being a fishing expedition, this lawsuit is a PR play to Microsoft's music partners to try to save face over their no-longer-unsinkable DRM scheme.
"Sufferin' succotash."
How someone did something to know they did something wrong. A lawsuit has to be started so they can do things like subpeona the hard drive. Once they can get the hard drive, they can figure out the "how". This is common legal tactics, and frankly is required. WIthout things like a subpeona there is no legal mechanism to force someone to hand over their material (with some exception like the patriot act).
I mod down so you can mod up. Your welcome.
DRM can be easier or harder to crack, but it will always be crackable.
You give them the lock, you give them the key, and you hope that they can never figure out how to use them together.
Why the content industries keep believing that this is a good idea is a true mystery.
Powered by Web3.5 RC 2
Destroying evidence of a crime is also a crime. The best thing to do is to encrypt your data as a matter of course. They can't ask you to decrypt it for them because that would potentially ask you to incriminate yourself. And if they're so wonderful at DRM, let them figure out how to get at it.
I found one claim in there particularly interesting:
I wonder...why is that, exactly? Why is Vista such a massive project?
It's a serious question. I mean, it's not like they're building HAL-9000 here. It's an OS. A microcomputer OS. Which really, as far as I can tell, doesn't do a whole lot more than a bunch of other OSes that are on the market already. What does it do that's so much more complex, fundamentally, than what OS X does? Or Linux? Or any number of other OSes? Why, exactly, is it such a freaking huge project?
If the size estimates I'm reading are accurate, at 50 MLOC, Vista is still smaller than OS X at 80 MLOC (comparisons to Linux are tougher because when someone says "Debian has 160 MLOC," it's not clear if that's just the base system or including all the applications or what). Admittedly, OS X borrowed a lot of code from NeXT, but Microsoft has a lot of code they could steal from previous Windows versions and other projects. If they chose not to, then that was a conscious management decision on their part.
If this guy's characterization of Vista development is true, they have more problems than a slipped schedule; they need to be asking why the damn thing has turned into that much of an epic project in the first place. This is not like IBM building the S/360 here; they're not wandering that far off into uncharted, never-before-attempted territory, based on every description of Vista I've ever seen or heard of. Yet they're making it that much of an effort, either by choice or mismanagement.
Vista, Linux, OS X: it does the same thing. Ultimately, they're both ways of managing the filesystem and the computer's hardware resources, and presenting those resources to programs in a standard manner on one end, and presenting a GUI to the user on the other. Sure, they're different ways of doing things, but they're all solutions to the same basic problem. It's even the same hardware resources and architecture that they're supposed to manage -- it's not as though the premise of each is that different.
Frankly if what that article says is true, Vista might have a second, more dubious distinction: the most wasted effort ever spent on a project since the Russians built that expensive lawn ornament.
If this guy did see the source code and was able to reverse engineer it, Microsoft ought to offer him a job. Apparently, they need the help.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
So, by filing this suit, Microsoft admits that someone stole the source code. If that's the case, how can they ever guarantee that the same thief(s) didn't also plant code in their repository as well?
In the course of every project, it will become necessary to shoot the scientists and begin production.
": Vista has to generally remain bug-for-bug compatible with every piece of software written for the overall Microsoft platform since MS-DOS 2.0."
Why? When I go do download some software from MS either it's only available for XP/2000 or it offers different downloads for 98, NT, XP, XP SP2, NT 3.5+, 2000, 2003 etc.
Clearly every version of windows is slightly incompatible with other versions. Even service packs break backwards compatibility requiring separate downloads for XP and XP SP2.
I think vista will not be fully backwards compatible with any other MS operating system. Some things will work but I would expect everything to be either completely or partially borked.
evil is as evil does
If it's part of an SDK, then how the hell can a developer NOT include it in his application. When you link against a library (and what do you think an SDK is?) you are included the (necessary) functions in that library in your application. Holy Shit Batman. Don't use SDKs or you'll get sued by the company that wrote (and then copyrighted) the SDK. So even if Microsoft finds copyrighted code, how can they be sure that this code was manually taken out by the "hacker" (I prefer the term "liberator")?
It has been a nervous year, with people beginning to feel like Christian Scientists with appendicitis.
"Most software just has one version, and that runs on basically any remotely modern version of Windows. "
.NET 1.1 to 2.0 took over a month for one project alone.
Nonsense. At best software requires win98 or better. Most software I have seen requires XPSP2 or better. Like I said even MS software has different versions for different windows.
"Based on history, I would expect the vast majority of common-use software to work transparently out of the box,"
In that case we are living in a different universe. Where I work every version of windows disrupts our software some way or another. SP2 was especially painful. Migration from
evil is as evil does
"Uh, yeah, my point exactly. See that "remotely modern" part ? >8 year old PCs don't really fall into that category."
Were you the one that claimed that windows vista had to keep compatiblity for everything between dos 2.0 and windows xp? If so then you were lying.
"For example ?"
IE for one.
"In-house or third party software ?"
Both.
"The list of software SP2 broke wasn't particularly big, relatively speaking."
Even if it broke one application that proves that it's not 100% bug for bug compatible. So once again you have been proven wrong.
"The list of software it broke that wasn't already broken by virtue of being badly written, vanishingly small."
Even if just one application broke that proves that it wasn't 100% bug for bug compatible and you have been proven wrong.
So you admit that SP2 was not bug for bug compatible. That's a service pack update to the same version of the operating system.
evil is as evil does