Brightnets are Owner Free File Systems

elucido writes "OFF, or the Owner-Free Filesystem is a distributed filesystem in which everything is stored in reference to randomized data blocks, as opposed to a 1:1 copy of the original data being inserted. The creators of the Owner-Free Filesystem have coined a new term to define the network: A brightnet. Nobody shares any copyrighted files, and therefore nobody needs to hide away. OFF provides a platform through which data can be stored (publicly or otherwise) in a discreet, distributed manner. The system allows for personal privacy because data (blocks) being transferred from peer to peer do not bear any relation to the original data. Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random." Their main wiki page discusses a bit of what this means and how it might work as well. I've been saying that we need this for many years now, if only because we all have 10 gigs free on our machines and if we could RAID the internet we'd need fewer hard drives.

Encryption

[adpsimpson]

Isn't this just a sophisticated form of encryption, using a large, randomly generated key?

If so, does it have any real advantages over conventional encryption? It seems that the disadvantage would be the need to have both the file (large) and the random data (large) instead of, conventionally, just the file (large) and key (small).

Also, I can't be the only one who found the summary, uh, confusing??

Re:Encryption

[adpsimpson]

Replying to my own post, but this IS just a sort of encryption - their main claim being because the data is encrypted, it's not copyright.

As has been pointed out below, the data transferred is not the thing copyrighted - it's what it represents. So it's an arduous and painful encryption, with high overhead, easy to crack and no plausible benefit. With some hand-wavy 'it annuls all badness from bad things' explanation.

Re:Encryption

[smallfries]

It's not a form of encryption, the purpose is not to hide the data but to share representations. The basic idea is let's say that I have files/blocks A,B,C. Instead of storing them directly I will compute shares that merge the information into a new set of blocks. None of the new set of blocks will contain copyrighted info - or if it does then who will own it because there are competing copyright claims. To get file A back out I need to take a selection of the shares and xor them together.

It's an interesting technical approach, but a classic FAIL. Geeks never understand the law, they assume that it is a mechanical system that can be gamed (well, because they're geeks). But no matter how the law it is written, it is interpreted by people. The first time that it was tried is court would be something like this:

Pros: Could you explain to the court what you uploaded to Brightnet?
Def: It was a non-linear combination of the xor of .... .... .... in several parts.
Pros: Did you upload Britney Spears - Chart Slag.mp3?
Def: No, that was never on my computer.
Pros: Did you upload something that allowed the mp3 to be constructed exactly?
Def: Yes
Pros: Copyright infringment through unauthorised distribution, the prosecution rests.
Def: WTF?

Re:Encryption

[crosbie]

Putting it a little more plainly:

Copyright concerns provenance (similarity merely raises suspicion).

Patent concerns similarity (provenance is irrelevant).

However, both are unethical and ineffective anachronisms long overdue for abolition.

Let overpaid lawyers count the angels on a pinhead. It is not something computer scientists should concern themselves with, especially when litigation causes 99% of harm well before any judges get anywhere near investigating the provenance of bits - deciding which side of bread best provides inspiration as to the 'correct' judicial interpretation as to how bits should properly be constrained.

Use the GPL. It's a legal device against litigation.

Using BrightNets is a coder's sophistry, not a lawyer's. A coder may as well wonder why there's so much legal difference between copying an MP3 file and streaming it, when there's marginal technical difference. Conversely, lawyer's won't be fazed by significant technical differences if the end result is the same - they'll sue you first and leave the questions to judges in subsequent decades.

You might as well create a distributed and co-operatively administered 'YouTube' host with anyone legally permitted to upload and download so long as the hosted works were only 'streamed' to the public and taken down upon request (DMCA).

Lex Asinus Est.

Re:Encryption

[Rary]

But then, without copyright there is absolutely no need for the GPL. ... Bear in mind that the GPL is a means to enjoy freedom...

I'm no expert on the GPL, but am I not correct in thinking that the GPL forces restrictions on developers in order to ensure freedoms for users? For example, the requirement that if I build and distribute something that uses GPL code, I must use the GPL on my code and distribute the source code with the binaries.

Without copyright and the GPL, there is absolutely no way to force me to distribute my source code. I can take an open source project, add to it to create something new, hide the source code in a vault and distribute only the binary. You will be able to copy it freely, but good luck modifying it. You, the user of my software, have lost freedom because there is no GPL to force me to provide you with that freedom.

Re:Encryption

[Jake73]

Yes, but the assertion that this somehow circumvents copyright law is pretty ridiculous.

The composite of the entire system allows one to store data in a retrievable fashion, just as the composite of a hard drive, magnetic head, source coding strategy, filesystem, and operating system allow one to store data in a retrievable fashion -- despite the fact that it is fragmented on the drive and source coded.

The scope of the system may be different, but it accomplishes the same.

Sharing the "recipe" for assembling the blocks is the same as sharing the original file. It's just a definition of terms. You could say that a compressed (.zip) version of a text file is really just a recipe for algorithmically creating the original text file. The zip version and the original are treated the same under copyright law, as far as I know.

Re:Encryption

[Yogiz]

As someone nicely said: "GPL takes away the freedom to take freedom away form others".

Re:Encryption

[Rary]

However, there is no market for withheld or obfuscated source code in such a culture. Binaries cost nothing to make and could not be sold ... The GPL is about reproducing the culture that would result if copyright and patent were abolished, i.e. a free culture.

Imagine we live in that world without copyright, and therefore a world without GPL. Oracle builds and sells an RDBMS. Anyone can copy and use it for free, since there is no copyright preventing that. However, Oracle wants to make money off of their RDBMS. So, they sell support services. Maybe they also offer custom development to tailor the RDBMS for your environment. In order to prevent competitors from providing those services, it makes sense for them to keep their source code hidden and only distribute the binaries.

No-one's freedom is constrained if the source is withheld or obfuscated in a culture without copyright.

According to RMS, withholding source limits user freedom. Therefore, users of GPL software have more freedom than users of Oracle RDBMS in the above example.

Re:Encryption

[smallfries]

The point that I was making was that the law operates on intent rather than action. If the sole purpose of your XOR of Britney and someone's holiday photos is to allow reconstruction of the mp3 then it is a defense that the court would see through.

Re:Encryption

[sjames]

It' not a circumvention of every aspect of copyright, it's a system where you can't claim that every single intermediary had some part in any copyright violation.

For example, I rip all my CDs and store them in this system (keeping the list of URLs needed to re-construct/retrieve the files to myself. Since only I can get the files back, I have not distributed anything WRT copyright.

The various nodes can't know what the blocks I stored are. Should I give someone else my list of URLs, I have now distributed, so I have now violated copyright. The nodes storing those blocks still don't know what they are and have no means of re-constructing them, so have not infringed.

Re:Encryption

[mrsteveman1]

This situation is perhaps similar to torrents. A torrent isn't the real data but does "refer" to it in a way similar to how the "key" in this filesystem refers to the actual pieces needed to reconstruct the file, even though those pieces aren't unique.

One could even say that the "key" in this case is even closer to the real data than a torrent.

Psst. Copyright doesn't work like that!

[91degrees]

As a rule, you don't copyright the exact data (i.e. the sequence of numbers representing a digital file). You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

Data != Information

[Rary]

Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random.

It's not the data that's protected by copyright, it's what the data represents.

No matter how you mangle the data when storing it or transferring it from one location to another, the end result is the same. They're trying to use semantics and technical voodoo to get around copyright law. It won't work.

Re:Data != Information

[Rary]

Granted, you won't fool a (competent) computer scientist with that, but a jury could be confused, to say the least.

Hans Reiser thought he could out-smart the jury. Look how well that worked for him.

Neither judges nor juries like to feel like they're being played. You play a game like that, attempting to confuse them with technology that's over their heads, and you're not exactly going to win them over.

The result of that kind of argument will likely be that they ignore the part that's confusing to them, and focus on the part that's simple to understand: you have the Indiana Jones movie on your hard drive, and that's a copyright violation. Simple.

Re:Psst. Copyright doesn't work like that!

[NickFortune]

Attempting to abstract the law into mathematics is pointless.

Hmmm... I don't think that's the objective, exactly. I didn't read TFA as saying "material distributed in this way is not subject to copyright" but rather "none of the bits we're moving are copyrighted - go pester the people doing the uploading"

I also think there is a useful discussion to be had on the subject of numbers and the digital assets they may or not represent. If I zip up MS Office, for instance, I've turned it into a very long number. Is it reasonable to allow companies to claim ownership of such numbers? With the proper compression and/or encryption scheme, you could use any number (trivially in some cases) to represent a work over which you can claim copyright. Do we then let a corporation privatise the entire integer space? And if not, how do we distinguish between infringing and non-infringing uses of a large number?

Re:Psst. Copyright doesn't work like that!

[adpsimpson]

Once I actually understood what on earth they are on about, it seems like an interesting idea with very little basis in reality. Their main claim seems to be a magic-wand approach to getting round copyright, as opposed to a particularly useful distributed filesystem:

No data passing through the network can be considered copyrighted because the means by which it is represented is truly random

Sure... So if I put in Brittany's latest album, then tell my friend to click on the url that 'reassembles' the 'truly random' data into, well, Brittany's latest album, then do you really think copyright has nothing to say?

Breaking news! Photocopying books is TOTALLY LEGAL if you use yellow paper and/or put the book in the machine upside down!

A correctly encrypted file also appears random. It does not mean it IS random, otherwise it would be, well, not very useful.

Insane lengths to go to

[cliffski]

Look, I totally get how encryption and plausible deniabiltiy is great if you people are circulating dangerous information about government conspiracies, or organising the resistance in Burma or Zimbabwe, but lets face facts, this will be used to share torrents of Hollywood movies and top 40 albums.

This is stupid.

Either accept the fact that all the political posturing about free being a better business model is true, in which case, just go enjoy all the free music/software/games/movies out there, or admit its just smokescreens to justify getting Hollywood movies for free, whilst your entertainment is subsidised by everyone who paid to see that stuff, and thus allow it to be made.

People seem to have this attitude that this kind of thing is cool because it lets you escape prosecution for copyright infringement. If copyright is such a fucked-up system, then why is it all the stuff people want to share is produced under that system? Surely all the cool movies/software/music/games is being produced under the free model right? Or could it be that the free model isn't viable, or popular with content producers, big and small...

Re:Psst. Copyright doesn't work like that!

[nurb432]

For some of us that isn't a problem, since we don't believe in IP anyway.

Re:The data would change from

[nurb432]

The second is conspiracy to commit infringement, and you will have lost any chance of defending with "I didn't know it was copyrighted"

Unless you don't know what is stored where.

Re:Psst. Copyright doesn't work like that!

[Silver+Sloth]

Whether you believe in IP is irrelevant to the law of the country of where you live. As a defence it won't hold up in court.

Re:The data would change from

And how do you know which files to download? You know because from somewhere you got a key that told you WHICH files you need.

The key is where this falls down. The key is an encrypted representation of the original. Trading the key is where the infringement occurs.

Let's take a simple examples. There are 4 files in my "brightnet"- "00", "01", "10", "11". I name these files "a","b","c","d".

Now I have my copyrighted string I want to trade. My string is 01101101001010.

I need to generate the key for the brightnet, which is "bcdbacc". This tells me that I need to take file b, then file c, then file d... to reproduce the original.

Now, you can argue that downloading file a, b, c, or d in itself isn't a violation. That may be true, but it misses the point. The point is that the brightnet is useless without my key file "bcdbacc."

My key file is, in itself, an encryption of the original copyrighted string. Trading in the KEY is the problem, even if downloading the files I'll use to decrypt it isn't.

All this does is let us generate multiple possible encryptions of the same file. And, with large enough brightnet blocks, each one can be shorter than the original. Which is cool for file traders--if there are multiple keys that encode the same file, now all of a sudden it's harder to catch me trading files--I can send the same file to 2 people using 2 different keys, so simply watching for a specific key won't catch me trading a particular file

At best, this makes it easier to trade copyrighted files. But thinking there's no obvious copyright violation here is just silly.

Re:Psst. Copyright doesn't work like that!

[NickFortune]

$ sudo apt-get install common-sense && man common-sense

The problem I have with that, is I that don't think those commands work in a court of law.

Come to think of it, but I'm fairly they wouldn't work under Ubuntu either. (I wouldn't know about Debian)

Re:Psst. Copyright doesn't work like that!

[IgnoramusMaximus]

Whether you believe in IP is irrelevant to the law of the country of where you live. As a defence it won't hold up in court.

"Whether you believe in Allah is irrelevant to the Sharia law of the country of where you live. As a defense it won't hold up in the Religious court."

There, fixed it for you. Since the evidence for existence of Allah is pretty much on the same level as that for the so-called "Intellectual Property" (i.e. the concept of 'ownership' of large integer numbers and the like) and the relationship between such belief and laws passed based on it is strikingly similar, the statement you made is pretty much equivalent to the one below: arbitrary bullshit based on whatever nonsense happens to deliver power and money to whatever "law makers" and their associates happen to be at the top at the time, logic, science and reason be damned.

Re:Psst. Copyright doesn't work like that!

[Klaus_1250]

If the copyrighted data can be recovered it's considered distribution - in some cases even if the key itself is not distributed with the encrypted data.

The issue is that any piece of random data can be turned into copyrighted data. With the right key, you can turn John Smith's holiday photo's into copyrighted MP3's. But you can't sue John Smith because someone uploaded a key that can turn his photo's in copyrighted data. OFF stores random blocks of data, which can be used by multiple files. It doesn't store any information in particular, just random blocks. Random blocks that can be used for anything. It is the URL that turnes those random blocks into something.

Re:Psst. Copyright doesn't work like that!

[Firehed]

In this case, though, the law has it right. No matter what you're doing to break up, encrypt, hash, randomize, or distribute files, if the end-goal is to end up with a representation of copyrighted material then you're still breaking the law.

If you don't like the law, then go out there and do something about it. Trying to find a workaround for the law is just going to get the courts mad at you if you get caught. Information may want to be free, but right now it isn't (at least not the information that these kinds of things are being created for). Legitimize it, not strategize about how to avoid the problems that can come with it.

Short version

[The+Warlock]

What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

Re:Short version

[TubeSteak]

What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

The law is all about technicalities.
Whether it is prosecuting Al Capone for Tax Evasion or successfully defending yourself because of technicalities, finding technical solutions to legal problems is exactly how the Judicial system works.

There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

To make this abundantly clear:
Legal solution to a technical problem - outlawing buffer overflow exploits
Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

Re:Psst. Copyright doesn't work like that!

[logfish]

Willingly facilitating in the distribution of copyrighted material is illegal. So although running a brightnet client may be legal by itself (as is hosting most web pages) as soon as you use it to distribute copyrighted material you have a problem.

It's just like piratebay.org, they don't host the data but in most countries what they are doing is considered illegal.

Re:Psst. Copyright doesn't work like that!

[bob.appleyard]

Just ignoring the law and breaking it doesn't make you a fearless defender of freedom. It just makes you a criminal. Only if, through your actions, you actually hope to effect real change, can you justify them using your thesis.

Copyright still holds, and here is why

[davidwr]

The song "Happy Birthday" is under copyright.

If I send you two emails, one that contains a numbered list of every word to "Happy Birthday" along with 1000 other words, in alphabetical order, and another email that contains the numbers of the words "Happy Birthday" in the order they appear in the song, the two together constitute a copyright violation.

The same principle applies if I give the page- and line-numbers of a common dictionary, or any other referenced source, even if the referenced source was itself in the public domain.

If two legally independent systems existed to transport this data each one would probably be immune from being prosecuted for "aiding and abetting" copyright violations, particularly if there were other legitimate uses, but a combined infrastructure which encouraged people to use it for copyright violations would be legally problematic.

Let's put it another way:
If I ran a legitimate service that operated this way, and I filtered out "re-assembly URLs" that appeared to be copyright violations, that would be legally defensible.

If, independently of me, you took copyrighted data and put it on my system with bogus re-assembly instructions and labeled the data "random_numbers", and then sent the correct reassembly data through another mechanism, I would be legally off the hook, but if you were ever caught, you would not be.

Legally, this is not much different than copyrighted data encrypted by a one-time pad. Either half can be considered the non-copyrighted pad, and proving which half is the pad and which half is derived from the original can be legally difficult or impossible, but together, it's the same as the original and anyone or any organization that says "I have a safe way for you to use my product to safely transmit both halves to circumvent copyright protection laws" is going to get hauled into court and lose. Anyone or any organization which, through gross negligence, allows such traffic and who could reasonably stop it without shutting down non-infringing uses, or which doesn't have a substantial amount of non-infringing use, is asking for a legally expensive court fight. He might win the fight but he will be financially bruised for it.

If you are going to pull a stunt like this, make sure it's broken into enough organizational pieces that each piece is clearly legally defensible, and make sure both each piece and the overall technology enjoy substantial use by legal users. Also make sure there is no cheap way of segregating infringing from non-infringing use.

You're mixing up your problem spaces.

[Valdrax]

There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

To make this abundantly clear:
Legal solution to a technical problem - outlawing buffer overflow exploits
Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

You just mixed your namespaces.

1st: [Law solution (statutory)] tries to fix [Computer problem]
2nd: [Law solution (procedural)] tries to fix [Law problem]

These aren't equivalent. A technical computer solution to a computer problem is fine, as is a technical legal solution to a legal problem. What's worthy of derision is using a law solution to a computer problem or using a computer solution to a law problem, and that's what this is.

Claiming that you didn't violate someone's copyright because you copied their works without permission in a really nifty way is nonsense. Copyright law doesn't care if you independently produce exactly the same work as somebody; it's a strict liability tort -- "innocent" infringement is still infringement.