Slashdot Mirror
Is Microsoft Using RIAA Legal Tactics?
Nom du Keyboard writes, "CNET reports, 'Microsoft has filed a federal lawsuit against an alleged hacker who broke through its copy protection technology, charging that the mystery developer somehow gained access to its copyrighted source code.' Looks to me like since they can't figure out how else he's doing it, they'll sue on this pretense and go fishing for the actual method through the legal system. They clearly have no proof yet that any theft of source code actually happened. This smacks of the RIAA tactics of sue first, then force you to hand over your hard drive to incriminate yourself. Isn't this something the courts should be putting a stop to at the first motion for dismissal?" Viodentia has denied using any proprietary source code, according to CNET.
because windows is so complex not even MS can figure it out. they dont think this dude could.
- Prior to the trial, make sure that the judge realizes that your wife, daughter and grandmother are available for him depending on his age preference.
- Have the only licensed copy of Photoshop in the world installed on your laptop and present at the trial. Ask the defendent for his IP address during questioning and then add it to a BMP screen shot of some file sharing application with "KAZAA" shakily written at the top of the screen. Make sure that you wipe the drool from the judges mouth when you explain to him that this list is dynamic but you're sure the defendent is guilty. Also, throw his IP address on the Berlin Wall, the cover of Chairman Mao's Red Book & Hitler's armband in his 1936 speech just so the judge realizes the pure evil he's dealing with .
- Remind the judge how much you and your industry mean to the American economy. Also remind him who's in charge right now and how important it is that the economy stays in full swing. Carefully explain to him that a successful lawsuit will not help the American economy.
- Bring in Senator Ted Stevens as an expert witness on computers and tubes so the judge can understand how both computers and the internet works.
- Act like the artists (or in Microsoft's case, developers) are the ones being screwed here. They are the ones that this hacker is stealing from and then show pictures of their families living in the cold run down mansions in Redwood. Also show a picture of Lars Ulrich with a measily pile of only 5 million dollars instead of 6.
- Rinse, wash, repeat above card.
- Use legions of lawyers to inundate the individual with accusations about his past and his profession.
- Bottom line: stear clear of the fact that people pay you money for instances of something that's easily instantiated. Try to blur the concept of physical property versus intellectual property and use bad analogies such as grand theft auto or gas station holdups to the case at hand.
- Oh, and stop at nothing to make sure the person is ruined for the rest of their life. Leans on paychecks are a sweel idea as well as restitution through house, car, possessions, etc.
So, as you can see, Microsoft has a ways to go before meeting the RIAA's stringent legal tactics. Don't worry though, I have faith in Microsoft.My work here is dung.
Microsoft has released two successive patches aimed at disabling the tool. The first worked--but the hacker, known only by the pseudonym "Viodentia," quickly found a way around the update, the company alleges. Now the company says this was because the hacker had apparently gained access to copyrighted source code unavailable to previous generations of would-be crackers.
Tenuous grounds -- Microsoft is in effect claiming nobody could have reverse engineered their code, or cracked it, so fast, therefore they must have cheated by having access to Microsoft's original sources. Sounds like a logical assumption, but it's a bit like claiming a driver went from Point A to Point B, 100 miles apart, in one hour must have been speeding, though there was no witness to the driver actually speeding.
I expect what Microsoft really wants is to find if they have an inside man leaking code. Have to get Viodentia to reveal that by poring over his/her drive, which may yield absolutely nothing and be fairly claimed as harrassment.
"FairUse4WM has been my own creation, and has never involved Microsoft source code," the developer wrote. "I link with Microsoft's static libraries provided with the compiler and various platform SDK (software development kit) files."
Sounds almost as if those at Microsoft pursuing this case do not even know what their own library routines may be capapble of.
A feeling of having made the same mistake before: Deja Foobar
Wouldn't this fall under the category of reverse engineering for interoperability? As long as he isn't re-publishing copyrighted code, I don't see what their problem is.
IIRC, The program doesn't even circumvent the DRM, it just waits for WMP to do it, and then reads some of its memory.
...because "hacker" sounds way sexier than "code drone."
What I take from this is the following:
Even WITH the source code microsoft cannot figure out how their code works and issue patches...so how would they be able to tell if some 'hacker' is really hacking their ultra secure corporate network? What do they do when third parties issue unofficial patches for IE? Are they going to start filing lawsuits against the white hats too as they might have figured something out on their own?
I am neither for or against hacking DRM and such, but honestly, assuming somebody hacked their way in and stole source code is a little bit harder to believe than simply figuring out a way around what I'm sure is an elementary DRM code. Poking and testing is easy to do, hacking, finding, downloading, and analysing source code is probably adding a bit more effort to the process than most guys trying to beat DRM are willing to go through.
The simplest explanation is usually the correct one. If he just plain figured it out by trying several different things, I'm inclined to believe him.
Who is this that even the wind and the waves obey Him? Surely this computer must submit also!
Dismissal is only appropriate where the complaint fails to state a claim upon which relief can be granted. There is no evidentiary burden for a motion to dismiss, and before some discovery, a motion for summary judgment (which seems to be what the author is referring to) is premature. If Microsoft has a good faith belief that what they alledge happened actually happened, then they are entitled to discovery to prove their point, so long as they actually have a cause of action (in this case, they do). If discovery information does not support their claim, then the defendant can have summary judgment. Even if they are using the legal system to "find out how he did it," if someone committed a tort against them, they have a right to figure out exactly what happened.
Don't write about law if you know nothing about law, and don't make assumptions or claims about lawsuits based on second-hand information and bias.
"This smacks of the RIAA tactics of sue first, then force you to hand over your hard drive to incriminate yourself."
This smacks of SCO tactics to me. Accuse first, offer no proof, sue so you can fish for evidence...
Say, didn't Microsoft indirectly fund the SCO fishing expedition? Nuff said...
The race isn't always to the swift... but that's the way to bet!
A disassembler.
I mean come on! Really! Read this from TFA:
Microsoft has released two successive patches aimed at disabling the tool. The first worked--but the hacker, known only by the pseudonym "Viodentia," quickly found a way around the update, the company alleges. Now the company says this was because the hacker had apparently gained access to copyrighted source code unavailable to previous generations of would-be crackers.
Um, hello? People have been disassembling code to disable copy protection since the first days of the warez scene. You don't need the source. All the source does is speed things up a bit.
Not that I'd know anything about that. *ahem*
Weaselmancer
rediculous.
...... Can be found here:
o nds-to-microsoft-releases-fairuse4wm-1-3/
http://www.engadget.com/2006/09/27/viodentia-resp
This is my opinion. To make sure you don't steal it, it's covered by the DMCA.
Microsoft is after FairUse4WM, a lone programmer who calls himself Viodentia. FairUse4WMV was first released by Viodentia on the Internet on August 19. Engadget first broke the story on August 25th. Microsoft released its first fix on August 28, but that was thwarted three days later by the release of an updated version of FairUse4WM. As of this posting, no new Microsoft fix has been released. In the mean time broadcaster BSkyB has stopped its broadband movie download service until Microsoft secures its DRM system. Other content download services such as Movielink, RealNetworks and MTVs Urge service use Microsoft's PlayforSure technology and are equally vulnerable!!!
"I don't know how GuyIDontLike did something, therefore he must have cheated."
Some developpers are extremely slow to realize that things which seem nigh impossible to them are in fact, run-of-the-mill easy for talented hackers, crackers, upper-teir skr1pt k1dd13s, and others. Code obfuscation is not by any means adequate protection.
Neither is sticking anti-debugger crap in your code, for that matter.
From an article I just started reading: ...when Mozart was a boy he traveled to the Vatican with his father. Since they happened to be there at Easter, they were able to take in a performance of Allegri's Miserere. The Miserere is considered by many to be one of the most beautiful pieces of music ever composed. It is so beautiful, in fact, that at the time the Pope allowed no copies of the score to be made, and it was only performed at Easter, and only at St. Peter's Basilica in Rome. Only the choir was permitted to see the score, which was otherwise kept under lock and key.
Mozart, being the prodigy he was, heard the piece once and memorized it in its entirety. When he got home he wrote down the score without a single missed note. When Church authorities heard that Mozart had an unauthorized copy of the Miserere they took him to court, accusing him of stealing a copy of the score. The young boy was able to prove that he had not stolen the work only by writing down the piece again, perfectly, from memory in the presence of the court.
Obviously this probably isn't the case here, but isn't this a good example that you should not be allowed to sue somebody for copyright infringement unless you have some proof they obtained what they got thru illegal activity?
The 5th Amendment would not generally apply, since it's a copyright infringement claim and thus not a criminal offense. The 5th Amendment pertains to crimes, not torts. Further, the 5th Amendment is understood to refer to the government compelling you to implicate yourself through testimony, not a third party or through evidence.
That said, the as-of-yet-unchallenged Digital Millennium Copyright Act clearly makes "access" to copyrighted works without a license illegal if they are "digital". Under that law, "access" to "digital" copyrighted works is indeed a crime. In that case, if the government got involved in the prosecution the 5th Amendment may very well apply with regard to whatever testimony you give.
Which makes this more like Apple then the RIAA. Apple sued various rumor sites to try to fish out a leak in their own organization. MS wants to sue to figure out how their information was broken.
Although it's not like MS and Apple aren't, the RIAA is simply interested in money and control, not information. This isn't RIAA style extortion so much as Apple style ass-backwards investigatory tactics.
Excuse my speling.
Making The Bar Project
So, what did I get from this article... There's a new tool available that can strip new Windows Media DRM! Thanks, Microsoft!
:^)
It took a bit of searching but I found the program and mirrored it if anybody's interesting. Please be sparing on my bandwidth.
It's better to vote for what you want and not get it than to vote for what you don't want and get it.
- E. Debs
Microsoft wants to convince its music partners that its DRM is unbeatable. Now that it's been cracked, they're trying to argue that the only way their "unbeatable" DRM could have been cracked would be due to access to the source code.In other words, along with being a fishing expedition, this lawsuit is a PR play to Microsoft's music partners to try to save face over their no-longer-unsinkable DRM scheme.
"Sufferin' succotash."
For those who might think the parent is a troll, MS developers really do have trouble understanding Windows.
"Sufferin' succotash."
DRM can be easier or harder to crack, but it will always be crackable.
You give them the lock, you give them the key, and you hope that they can never figure out how to use them together.
Why the content industries keep believing that this is a good idea is a true mystery.
Powered by Web3.5 RC 2
Shouldn't DRM be uncrackable even with access to source code? Just like open source encryption methods?
I found one claim in there particularly interesting:
I wonder...why is that, exactly? Why is Vista such a massive project?
It's a serious question. I mean, it's not like they're building HAL-9000 here. It's an OS. A microcomputer OS. Which really, as far as I can tell, doesn't do a whole lot more than a bunch of other OSes that are on the market already. What does it do that's so much more complex, fundamentally, than what OS X does? Or Linux? Or any number of other OSes? Why, exactly, is it such a freaking huge project?
If the size estimates I'm reading are accurate, at 50 MLOC, Vista is still smaller than OS X at 80 MLOC (comparisons to Linux are tougher because when someone says "Debian has 160 MLOC," it's not clear if that's just the base system or including all the applications or what). Admittedly, OS X borrowed a lot of code from NeXT, but Microsoft has a lot of code they could steal from previous Windows versions and other projects. If they chose not to, then that was a conscious management decision on their part.
If this guy's characterization of Vista development is true, they have more problems than a slipped schedule; they need to be asking why the damn thing has turned into that much of an epic project in the first place. This is not like IBM building the S/360 here; they're not wandering that far off into uncharted, never-before-attempted territory, based on every description of Vista I've ever seen or heard of. Yet they're making it that much of an effort, either by choice or mismanagement.
Vista, Linux, OS X: it does the same thing. Ultimately, they're both ways of managing the filesystem and the computer's hardware resources, and presenting those resources to programs in a standard manner on one end, and presenting a GUI to the user on the other. Sure, they're different ways of doing things, but they're all solutions to the same basic problem. It's even the same hardware resources and architecture that they're supposed to manage -- it's not as though the premise of each is that different.
Frankly if what that article says is true, Vista might have a second, more dubious distinction: the most wasted effort ever spent on a project since the Russians built that expensive lawn ornament.
If this guy did see the source code and was able to reverse engineer it, Microsoft ought to offer him a job. Apparently, they need the help.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Shouldn't DRM be uncrackable even with access to source code?
Quite the contrary -- all DRM should be crackable even without access to the source code.
Ultimately, if you have the ability to "play" the content, you can beat the DRM -- because that's what playing the content is, decrypting it. If you (your computer) can decrypt the content, then you can decrypt the content. Simple!
The distinction between which program on your computer can decrypt the content is *solely* one of obscurity and not one of encryption at all. You have the encryption key -- you can decrypt the content -- the only thing that's preventing it is obscurity of the location of the key, and the methods of the encryption algorithm. Both of those are Security Through Obscurity and are a bad thing. It's also why DRM will never actually work until the hardware gets on board.
Because you always have the key, you can always decrypt it.
": Vista has to generally remain bug-for-bug compatible with every piece of software written for the overall Microsoft platform since MS-DOS 2.0."
Why? When I go do download some software from MS either it's only available for XP/2000 or it offers different downloads for 98, NT, XP, XP SP2, NT 3.5+, 2000, 2003 etc.
Clearly every version of windows is slightly incompatible with other versions. Even service packs break backwards compatibility requiring separate downloads for XP and XP SP2.
I think vista will not be fully backwards compatible with any other MS operating system. Some things will work but I would expect everything to be either completely or partially borked.
evil is as evil does
"Most software just has one version, and that runs on basically any remotely modern version of Windows. "
.NET 1.1 to 2.0 took over a month for one project alone.
Nonsense. At best software requires win98 or better. Most software I have seen requires XPSP2 or better. Like I said even MS software has different versions for different windows.
"Based on history, I would expect the vast majority of common-use software to work transparently out of the box,"
In that case we are living in a different universe. Where I work every version of windows disrupts our software some way or another. SP2 was especially painful. Migration from
evil is as evil does