Brightnets are Owner Free File Systems

elucido writes "OFF, or the Owner-Free Filesystem is a distributed filesystem in which everything is stored in reference to randomized data blocks, as opposed to a 1:1 copy of the original data being inserted. The creators of the Owner-Free Filesystem have coined a new term to define the network: A brightnet. Nobody shares any copyrighted files, and therefore nobody needs to hide away. OFF provides a platform through which data can be stored (publicly or otherwise) in a discreet, distributed manner. The system allows for personal privacy because data (blocks) being transferred from peer to peer do not bear any relation to the original data. Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random." Their main wiki page discusses a bit of what this means and how it might work as well. I've been saying that we need this for many years now, if only because we all have 10 gigs free on our machines and if we could RAID the internet we'd need fewer hard drives.

Not a Brightnet yet

[InvisblePinkUnicorn]

My network is still on the fence when it comes to the existence of God.

Re:Not a Brightnet yet

[digitig]

It seems some moderators are not aware of the way some atheists use the term "bright"...

Re:Not a Brightnet yet

[A+nonymous+Coward]

My network is still on the fence when it comes to the existence of God.

Are there turtles on the fenceposts?

Underneath, yes; it's turtles all the way down.

Encryption

[adpsimpson]

Isn't this just a sophisticated form of encryption, using a large, randomly generated key?

If so, does it have any real advantages over conventional encryption? It seems that the disadvantage would be the need to have both the file (large) and the random data (large) instead of, conventionally, just the file (large) and key (small).

Also, I can't be the only one who found the summary, uh, confusing??

Re:Encryption

[iocat]

the wiki explains it a little better. It's sort of cool. It breaks all the data in 128K randomized chunks, and those chunks can also be used as well to represent OTHER data, because it's all about the relationship of the radomized chunks, not just the chunks themselves.

Re:Encryption

[adpsimpson]

Replying to my own post, but this IS just a sort of encryption - their main claim being because the data is encrypted, it's not copyright.

As has been pointed out below, the data transferred is not the thing copyrighted - it's what it represents. So it's an arduous and painful encryption, with high overhead, easy to crack and no plausible benefit. With some hand-wavy 'it annuls all badness from bad things' explanation.

Re:Encryption

[Hal_Porter]

Replying to my own post, but this IS just a sort of encryption - their main claim being because the data is encrypted, it's not copyright.

As has been pointed out below, the data transferred is not the thing copyrighted - it's what it represents. So it's an arduous and painful encryption, with high overhead, easy to crack and no plausible benefit. With some hand-wavy 'it annuls all badness from bad things' explanation.

Except that is probably bullshit to copyright lawyers

There's a great explanation of why in this essay, What Colour are your Bits. It's actually about another system based on the same sort of ideas.

http://ansuz.sooke.bc.ca/lawpoli/colour/2004061001.php

The fallacy of Monolith is that it's playing fast and loose with Colour, attempting to use legal rules one moment and math rules another moment as convenient. When you have a copyrighted file at the start, that file clearly has the "covered by copyright" Colour, and you're not cleared for it, Citizen. When it's scrambled by Monolith, the claim is that the resulting file has no Colour - how could it have the copyright Colour? It's just random bits! Then when it's descrambled, it still can't have the copyright Colour because it came from public inputs. The problem is that there are two conflicting sets of rules there. Under the lawyer's rules, Colour is not a mathematical function of the bits that you can determine by examining the bits. It matters where the bits came from. The scrambled file still has the copyright Colour because it came from the copyrighted input file. It doesn't matter that it looks like, or maybe even is bit-for-bit identical with, some other file that you could get from a random number generator. It happens that you didn't get it from a random number generator. You got it from copyrighted material; it is copyrighted. The randomly-generated file, even if bit-for-bit identical, would have a different Colour. The Colour inherits through all scrambling and descrambling operations and you're distributing a copyrighted work, you Commie Mutant Traitor.

To a computer scientist, on the other hand, bits are bits are bits and it is absolutely fundamental that two identical chunks of bits cannot be distinguished. Colour does not exist. I've seen computer people claim (indeed, one did this to me just today in the very discussion that inspired this posting) that copyright law inescapably leads to nonsense conclusions like "If I own copyright on one thing, and copyright inherits through XOR, then I own copyright on everything because everything can be obtained from my one thing by XORing it with the right file." That sounds profound only if you're a Colour-blind computer scientist; it would be boring nonsense to a lawyer because lawyers are trained to believe in and use Colour, and it's obvious to a lawyer that the Colour doesn't magically bleed to the entire universe through the hypothetical random files that might be created some day. You could create the file randomly, but you didn't. Maybe you could create a file identical to the complete works of Shakespeare by XORing together two files of apparently random garbage. "Why, so can I, or so can any man;" but that doesn't mean that I am William Shakespeare.

Re:Encryption

[smallfries]

It's not a form of encryption, the purpose is not to hide the data but to share representations. The basic idea is let's say that I have files/blocks A,B,C. Instead of storing them directly I will compute shares that merge the information into a new set of blocks. None of the new set of blocks will contain copyrighted info - or if it does then who will own it because there are competing copyright claims. To get file A back out I need to take a selection of the shares and xor them together.

It's an interesting technical approach, but a classic FAIL. Geeks never understand the law, they assume that it is a mechanical system that can be gamed (well, because they're geeks). But no matter how the law it is written, it is interpreted by people. The first time that it was tried is court would be something like this:

Pros: Could you explain to the court what you uploaded to Brightnet?
Def: It was a non-linear combination of the xor of .... .... .... in several parts.
Pros: Did you upload Britney Spears - Chart Slag.mp3?
Def: No, that was never on my computer.
Pros: Did you upload something that allowed the mp3 to be constructed exactly?
Def: Yes
Pros: Copyright infringment through unauthorised distribution, the prosecution rests.
Def: WTF?

Re:Encryption

[crosbie]

Putting it a little more plainly:

Copyright concerns provenance (similarity merely raises suspicion).

Patent concerns similarity (provenance is irrelevant).

However, both are unethical and ineffective anachronisms long overdue for abolition.

Let overpaid lawyers count the angels on a pinhead. It is not something computer scientists should concern themselves with, especially when litigation causes 99% of harm well before any judges get anywhere near investigating the provenance of bits - deciding which side of bread best provides inspiration as to the 'correct' judicial interpretation as to how bits should properly be constrained.

Use the GPL. It's a legal device against litigation.

Using BrightNets is a coder's sophistry, not a lawyer's. A coder may as well wonder why there's so much legal difference between copying an MP3 file and streaming it, when there's marginal technical difference. Conversely, lawyer's won't be fazed by significant technical differences if the end result is the same - they'll sue you first and leave the questions to judges in subsequent decades.

You might as well create a distributed and co-operatively administered 'YouTube' host with anyone legally permitted to upload and download so long as the hosted works were only 'streamed' to the public and taken down upon request (DMCA).

Lex Asinus Est.

Re:Encryption

[Hatta]

Well the wiki is down so I can't look.

I don't see how that's any help though. You have to store the data representing the relationship between the chunks somewhere too. Suppose instead of 128K chunks we use 1 bit chunks. We'll store all the 1s on one computer, all the 0s on another computer and the relationship between the data on a third computer. Where is the copyrighted data?

Re:Encryption

[struppi]

However, both are unethical and ineffective anachronisms long overdue for abolition.

[...]

Use the GPL. It's a legal device against litigation.

You do realize that the GPL is absolutely meaningless without copyright law, do you? Did you ever actually read the GPL?

Re:Encryption

[crosbie]

Of course.

But then, without copyright there is absolutely no need for the GPL.

I'm amused by this strange idea that if a society wished to provide its citizens with the right to free speech and free cultural exchange they'd first have to enact a law that would prohibit such freedom.

Bear in mind that the GPL is a means to enjoy freedom, not a means to enjoy the operation of the GPL in a copyright encumbered society.

Re:Encryption

[plasmacutter]

and you realize that without copyright law and software patents, the GPL is unnecessary?

Re:Encryption

Pros: Did you upload something that allowed the mp3 to be constructed exactly?
Def: No

The defendant uploaded only information which was either random or was created to construct a legal file. There is no way to prove that any of the uploaded data had a significance beyond that. If other data exists which can be used in combination with the defendants files to construct illegal files, then that data has not even necessarily existed at the time the defendant uploaded the questionable data. If you do something and there's no law against it at the time, then you have not broken the law. If you upload your holiday photos, I can XOR Britney's works with your files and publish the result. Then you have uploaded something which allows the MP3 to be constructed exactly, or haven't you? WTF indeed.

Re:Encryption

[Rary]

But then, without copyright there is absolutely no need for the GPL. ... Bear in mind that the GPL is a means to enjoy freedom...

I'm no expert on the GPL, but am I not correct in thinking that the GPL forces restrictions on developers in order to ensure freedoms for users? For example, the requirement that if I build and distribute something that uses GPL code, I must use the GPL on my code and distribute the source code with the binaries.

Without copyright and the GPL, there is absolutely no way to force me to distribute my source code. I can take an open source project, add to it to create something new, hide the source code in a vault and distribute only the binary. You will be able to copy it freely, but good luck modifying it. You, the user of my software, have lost freedom because there is no GPL to force me to provide you with that freedom.

Re:Encryption

[crosbie]

The GPL obliges provision of source code because it operates in a copyright encumbered culture, and needs to persuade licensees used to the proprietary software development business model that there is no benefit to withholding source (their inculcated inclination).

There is no need to oblige disclosure of source to derivatives in a culture used to operating without copyright.

Looking at it another way, tell me why in a culture without copyright you'd have to enact a law that prohibited the distribution of binaries without source code? Would you have special stormtroopers that would raid Jimmy's bedroom because he was caught distributing binaries without source code?

No-one's freedom is constrained if the source is withheld or obfuscated in a culture without copyright. However, there is no market for withheld or obfuscated source code in such a culture. Binaries cost nothing to make and could not be sold - they'd only be used to demonstrate that the software had been produced prior to sale.

The GPL is about reproducing the culture that would result if copyright and patent were abolished, i.e. a free culture. But remember, free as in speech, not as in beer. You still buy and sell software in a free culture, just not copies or trivial derivatives such as binaries.

Re:Encryption

[Jake73]

Yes, but the assertion that this somehow circumvents copyright law is pretty ridiculous.

The composite of the entire system allows one to store data in a retrievable fashion, just as the composite of a hard drive, magnetic head, source coding strategy, filesystem, and operating system allow one to store data in a retrievable fashion -- despite the fact that it is fragmented on the drive and source coded.

The scope of the system may be different, but it accomplishes the same.

Sharing the "recipe" for assembling the blocks is the same as sharing the original file. It's just a definition of terms. You could say that a compressed (.zip) version of a text file is really just a recipe for algorithmically creating the original text file. The zip version and the original are treated the same under copyright law, as far as I know.

Re:Encryption

[slim]

[...] lawyer's won't be fazed by significant technical differences if the end result is the same - they'll sue you first and leave the questions to judges in subsequent decades.

The key to this is who the "you" that gets sued is. There are three classes of participant in this data transfer: uploader, downloader, and cloud member.

It seems to me that this scheme makes the uploader and the downloader guilty, but difficult to catch (you'd need to catch them exchanging URLs), and the cloud members not guilty of anything.

Cloud members would have no idea whether they were hosting (chunks of) copyrighted top 40 MP3s, legally redistributable freeware, communications between Burmese freedom fighters or plots to bomb American civilians. I wonder how many people would be comfortable with that.

Re:Encryption

[Yogiz]

As someone nicely said: "GPL takes away the freedom to take freedom away form others".

Re:Encryption

[crosbie]

People involved in file-sharing have already settled litigation out of court - even when they know they're entirely innocent. Guilt is immaterial if you want to avoid the penury of prosecution.

The 'bad actors' who are sued are those the **AA wishes to make an example of to other 'bad actors' - the more naive and apparently unprosecutable the better. After all, file-sharing is a problem precisely because it's engaged in by kids and their apple pie making grannies. If it was only incorrigible pirates that did it, what would be the point of litigated settlement?

In your classes of Brightnet participant, the ones being sued would be random 'participants' irrespective of what particular role classification you'd give them.

A decade later someone might look a little more closely to see if any copies or derivatives of copyrighted works are actually prepared or distributed by participants of Brightnets, and possibly whether only certain participants could be prosecuted (subject to being determinable), but by that time umpteen thousand geeks have missed out on a college education and find themselves on a watch-list of IP thieves along with other cyber-pariahs such as terrorists, paedophiles, and crackers.

If you're going to organise the flouting of copyright then call yourself protestants and martyr yourselves against the catholic maximalism of the modern Spanish inquisition. You still suffer the same, but at least you exhibit the courage of conviction.

Re:Encryption

[Rary]

However, there is no market for withheld or obfuscated source code in such a culture. Binaries cost nothing to make and could not be sold ... The GPL is about reproducing the culture that would result if copyright and patent were abolished, i.e. a free culture.

Imagine we live in that world without copyright, and therefore a world without GPL. Oracle builds and sells an RDBMS. Anyone can copy and use it for free, since there is no copyright preventing that. However, Oracle wants to make money off of their RDBMS. So, they sell support services. Maybe they also offer custom development to tailor the RDBMS for your environment. In order to prevent competitors from providing those services, it makes sense for them to keep their source code hidden and only distribute the binaries.

No-one's freedom is constrained if the source is withheld or obfuscated in a culture without copyright.

According to RMS, withholding source limits user freedom. Therefore, users of GPL software have more freedom than users of Oracle RDBMS in the above example.

Re:Encryption

[smallfries]

The point that I was making was that the law operates on intent rather than action. If the sole purpose of your XOR of Britney and someone's holiday photos is to allow reconstruction of the mp3 then it is a defense that the court would see through.

Re:Encryption

[sjames]

It' not a circumvention of every aspect of copyright, it's a system where you can't claim that every single intermediary had some part in any copyright violation.

For example, I rip all my CDs and store them in this system (keeping the list of URLs needed to re-construct/retrieve the files to myself. Since only I can get the files back, I have not distributed anything WRT copyright.

The various nodes can't know what the blocks I stored are. Should I give someone else my list of URLs, I have now distributed, so I have now violated copyright. The nodes storing those blocks still don't know what they are and have no means of re-constructing them, so have not infringed.

Re:Encryption

[mrsteveman1]

This situation is perhaps similar to torrents. A torrent isn't the real data but does "refer" to it in a way similar to how the "key" in this filesystem refers to the actual pieces needed to reconstruct the file, even though those pieces aren't unique.

One could even say that the "key" in this case is even closer to the real data than a torrent.

Re:Encryption

[telbij]

I didn't say "human rights", which, by the way, is also a human construct just as legal rights are, so if you're going to be a pedant please use accepted definitions instead of redefining them according to your own sociopolitical dogma. I imagine you frown upon the RIAA's use of the term "theft" to describe illegal music downloading... hmmm.

Anyway, you're being blinded by the abuse of copyright.

Do you really not see the public benefit of intellectual property? Do you not see how in the absence of those "privileges" creatives would be even more at the mercy of businessmen then they are now? Why would someone write a book if the minute they submitted a transcript to a publisher, the publisher could simply publish the book under their own name? Why would someone sink the time and creativity into pushing the envelope of web design with something incredibly unique if the first person that likes it can co-opt the whole thing for their own use?

Even though you seem to think that these exist solely for the benefit of corporations, they are actually the only thing guaranteeing any kind of reward for the creator. Sure corporations wield these laws more effectively and have twisted them around over the years, but that's what businesses do. They'll exploit creativity for profit no matter what the law is, but if we abolish copyright they won't have to pay for it at all. Eventually more and more creatives will get the picture that it's a sucker's game to create anything. You can argue that the situation has gotten so bad that we'd be better off without copyright, but that is an unnecessarily extremist position. Abolishing intellectual property rights can do nothing but reduce the amount of creativity and research and development going on.

Re:Encryption

[crosbie]

Human rights are legally protected, self-evident, natural rights. Copyright and patent are mercantile privileges, thus unnatural and unethical.

Copyright infringement is the unauthorised copying of a work protected by copyright.

Intellectual property theft is the unauthorised removal of someone's intellectual property from their private premises.

Copyright is an unethical privilege and an ineffective anachronism and should be abolished. Patent similarly, especially as applied to software.

Intellectual property rights are entirely natural and to be protected, especially from interference by the unnatural privileges of copyright and patent.

No-one has a right to publish someone else's work as their own. In any case, copyright is about protecting a commercial reproduction monopoly, not about preventing plagiarism.

Re:Encryption

[Rary]

You are endangering the public welfare because you are distributing something without any assurances that it is what you claim it is.

But that only truly matters in any real sense if there's potential harm to those who use it.

You don't like the ramifications. That's fine.

Actually, I don't give a shit about the ramifications. This is all hypothetical, anyway. And I'm not the "retard" (as you so eloquently put it) who refuses to address the difference between a product that has safety concerns, such as toys, food, or medicine, and a product that does not, such as a Tetris clone, despite your own use of the phrase "endangering public welfare" with respect to that Tetris clone.

All I can say is that I'd much rather live in a world with copyright and the GPL, as well as other licenses to choose from (choice is a wonderful thing), than a world without copyright that has your proposed mandatory source code forfeiture, where I could go to jail for putting a link on a website to a binary without source, all because you think that people are somehow in danger if they don't get to see the source code.

Re:Encryption

[maraist]

I read all the wiki had to offer. I agree that this is a problem - I'm going to see if I can post to their complaint forum as well.

Basically you have a URL that contains 4 pieces of information.. A file name (largely meaningless except to the end user), a file-size, and 3 30-Byte SHA-1 hashes, referred to here as a 3-tuple (represented in HEX). You search the local disk cache for file names that match each of the SHA-1 digests. For every digest file not found, search the local network for a match and download the block locally (this is the peer-to-peer part).

You XOR the contents of the 3 blocks (which happen to be sized at 128K - no significance) to produce the decoded data.

The first decoded block (provided from the URL) is a sequential-list of 90 byte 3-tuples (similar to the original URL). The contents of all of these 3-tuples are the desired data, except the last 3-tuple which is a chain to the next descriptor block.

The file-size tells you when to stop obviously.

The 'theory' is that highly randomized data should be randomly reused by completely unrelated data.. .mp3 and .txt files, for example. Moreover, there is 'no way to reconstruct' useful data w/o the 3-tuple AND the file-size. However, small files will have a high probability of SHA-1 collisions (and thus corrupted data - they only talk about virus corruption, but there's the more important inadvertant collsions which overwrite valid data - BackupPC resolves this by creating MD5;1 MD5;2 file-names). The large 128K should alleviate this, but also assures a low probability of block reuse.

The problem I see is that data-blocks are not inherently random by default.. In order to be practically random, you'd have to take the recommended 1TB file-system, randomize it - produce approx 8 million SHA-1 digests, then for each real-data insert, delete in an LRU fashion. Otherwise, if you only had a hundred-thousand blocks - It would not be THAT difficult to grab the first 30 bytes of every block and XOR them with several of the most recently inserted blocks until you found something that matched an existing file-name. If matched, try the next 30B, etc. Now you have a starting point AND the appropriate 3-tuple. You're only missing the file-size.. But if it spits out music in one of like 5 codecs, you've got a winner. Shouldn't be able to do statistical analysis to find random-noise or invalid media format. Many files contain internal end-of-file signifiers (.zip, .gz for example).

With 8 million records, that becomes hard(er) to do. But how long does it take to initialize that?

Now with respect to the network, there's no need to actually store the file-descriptor block remotely, Thus for highly sensitive files, you can probably encrypt the descriptor block and keep it locally (sharing on a private trusted network). But for text-based files, you'd probably still be weary of having network stored timestamp ordered data-blocks - as the contents of the last 100 blocks could easily be determined, (text files are not as order sensitive as mp3s and zip files).

The stated goal is purely open, freely shared, perfectly legal data-store... Which allows the occasionally masked sensitive data. Though the RIAA/MPAA would read it as, a front for illegal data.

They say they have better bandwith than obscured P2P networks, since you can allow open download by the RIAA as well as your clients, and it's all meaningless w/o the starting points/blocks. You do have a 3x bandwidth over a pure HTTP/FTP download - as you have to download 3 blocks to XOR against each other to produce 1 block of data. They suggest that once you have a descriptor block you 'should download the tuples in random order to reduce pattern matching by ISPs' which furthers the notion that this is for illicit purpose.

I'm highly suspicious that the SHA-1 digests produce useful collisions and provide you bandwidth reduction via your local disk-cache for the above comments.

I'm also

Psst. Copyright doesn't work like that!

[91degrees]

As a rule, you don't copyright the exact data (i.e. the sequence of numbers representing a digital file). You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

Data != Information

[Rary]

Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random.

It's not the data that's protected by copyright, it's what the data represents.

No matter how you mangle the data when storing it or transferring it from one location to another, the end result is the same. They're trying to use semantics and technical voodoo to get around copyright law. It won't work.

Re:Data != Information

[larry+bagina]

When the RIAA files a lawsuit, you can testify in court that you were actually downloading kiddie porn.

Re:Data != Information

[iocat]

You're right, but wouldn't this move the 'infringer' to the guy who had the URL to put all the little random chunks together into a Maroon Five file on his PC, not the girl who had one 128K chunk that *could be* used to represent the Maroon Five file -- or a shopping list -- on her PC?

Re:Data != Information

[inviolet]

It's not the data that's protected by copyright, it's what the data represents.

No matter how you mangle the data when storing it or transferring it from one location to another, the end result is the same. They're trying to use semantics and technical voodoo to get around copyright law. It won't work.

Defense: I didn't do it.
Prosecution: We found the body in your apartment, hidden under your bed.
Defense: It is true that I placed a fast-moving bullet into the air adjacent to his chest, but if there happened to be any later consequences, those were not clearly visible from the location of the trigger.
Jury: Hang him.

So yeah, this is no legal defense. But perhaps it wasn't meant to be one. It seems like subterfuge, countersurveillance, and plausible deniability than anything else. But that plausibility won't hold up long, because the courts will soon say "If we find a bunch of random files on your drive, the burden is on *you* to prove that they aren't naughty bits." They'd make you extract the original content from the blocks, which hopefully haven't later disappeared off the internet, and if you couldn't do it then you'd be in hot water.

Re:Data != Information

[Ed+Avis]

The idea of a chunk that 'could' be used to represent part of a copyrighted work is specious. Using XOR encryption, a copy of Madonna's latest video 'could' just be my weekly shopping list, encrypted with a particular one-time pad. Anything could be anything, and therefore the concept of 'could be' is useless.

Re:Data != Information

[Urkki]

I thought it was innocent until proven guilty?

You're thinking of the wrong century.
A common mistake in these post 911 days.

Re:Data != Information

[Rary]

Granted, you won't fool a (competent) computer scientist with that, but a jury could be confused, to say the least.

Hans Reiser thought he could out-smart the jury. Look how well that worked for him.

Neither judges nor juries like to feel like they're being played. You play a game like that, attempting to confuse them with technology that's over their heads, and you're not exactly going to win them over.

The result of that kind of argument will likely be that they ignore the part that's confusing to them, and focus on the part that's simple to understand: you have the Indiana Jones movie on your hard drive, and that's a copyright violation. Simple.

Re:Data != Information

[Yvanhoe]

The result of that kind of argument will likely be that they ignore the part that's confusing to them, and focus on the part that's simple to understand: you have the Indiana Jones movie on your hard drive, and that's a copyright violation. Simple.

"The big guy nobody likes (RIAA/MPAA) don't like this technology because they can't control it. They framed me while I was downloading Knoppix linux because they don't like this software." Big guy vs small guy. Easy to understand as well. Really, I think that could work.

Re:Psst. Copyright doesn't work like that!

[Richard_at_work]

Yup, and attempted get-arounds like this are stuff courts love to slap down.

The data would change from

[OeLeWaPpErKe]

"copyrighted data"

to

"encrypted copyrighted data"

The first is merely infringement. The second is conspiracy to commit infringement, and you will have lost any chance of defending with "I didn't know it was copyrighted".

Curiously enough things like this are exactly why "conspiracy to commit" crimes exist.

Furthermore, unless I'm making a stupid mistake, it doesn't actually distribute the data, the key to find the data in the P2P net is the same length as the original data, in the random case, which buys you exactly ... nothing. You have to download the file twice.

This thing does not evade copyright law, and it's inconvenient to boot. I don't think I'll be placing a second look.

Re:The data would change from

[phoenix_nz]

It's not encryption. What you will be downloading is several random files that when combined make up whatever you want.

The cool thing is that the files really are random. They are simply numbers that can be combined to make a copyrighted file but don't have to be.
In other words: (As stated on the wiki) you will infringe on copyright the second the random files are combined. But downloading and sharing the files is not a copyright infringement.

Re:The data would change from

[nurb432]

The second is conspiracy to commit infringement, and you will have lost any chance of defending with "I didn't know it was copyrighted"

Unless you don't know what is stored where.

Re:The data would change from

And how do you know which files to download? You know because from somewhere you got a key that told you WHICH files you need.

The key is where this falls down. The key is an encrypted representation of the original. Trading the key is where the infringement occurs.

Let's take a simple examples. There are 4 files in my "brightnet"- "00", "01", "10", "11". I name these files "a","b","c","d".

Now I have my copyrighted string I want to trade. My string is 01101101001010.

I need to generate the key for the brightnet, which is "bcdbacc". This tells me that I need to take file b, then file c, then file d... to reproduce the original.

Now, you can argue that downloading file a, b, c, or d in itself isn't a violation. That may be true, but it misses the point. The point is that the brightnet is useless without my key file "bcdbacc."

My key file is, in itself, an encryption of the original copyrighted string. Trading in the KEY is the problem, even if downloading the files I'll use to decrypt it isn't.

All this does is let us generate multiple possible encryptions of the same file. And, with large enough brightnet blocks, each one can be shorter than the original. Which is cool for file traders--if there are multiple keys that encode the same file, now all of a sudden it's harder to catch me trading files--I can send the same file to 2 people using 2 different keys, so simply watching for a specific key won't catch me trading a particular file

At best, this makes it easier to trade copyrighted files. But thinking there's no obvious copyright violation here is just silly.

Re:The data would change from

[mdmkolbe]

The random blocks don't infringe the copyright, but the key would likely be considered a derivative work and thus the key infringes the copyright.

Re:The data would change from

[OeLeWaPpErKe]

Actually the algorithm is not performing a search through truly random blocks, but rather generating new 'random"* blocks by combining old blocks with the copyrighted file.

So the blocks AND they key are derivative works, meaning even users of this app who are just researching it become liable for copyright infringement if any of the users puts even a single copyrighted file on it.

DESPITE not being able to read said file.

The law does not specify what comes out, only what goes in. Copyrighted files go in -> duplication of what comes out is prohobited without copyright owner's permission.

It's like leaving your car without the handbreak on the top of a hill. Nothing has to go wrong, but one little blow of wind, one single individual who brushes the car and *bang*.

* this is a totally unprecedented definition of the term random, by this definition anything not recognizeable is random. So a rot-13 encrypted stream of zeros will be random under this definition ... it's not. At all. These blocks contain in reality a huge amount of entropy.

Re:The data would change from

[merreborn]

And how do you know which files to download? You know because from somewhere you got a key that told you WHICH files you need.

The key is where this falls down. The key is an encrypted representation of the original. Trading the key is where the infringement occurs.

That's not immediately clear. The Pirate Bay's entire purpose is distributing "keys" that point to external resources where copyrighted data can be found.

Similarly, a HTTP URL of a copyrighted file is a "key" that instructs your browser where it can fetch copyrighted data.

At the very least, under Swedish law, neither of these have been demonstrated to be illegal. IANAL, but IMO, this is the legal equivalent of bittorrent, with the added benefit that the "seeds" never actually store copyrighted data.

As the GP said, the only infringement occurs when you actually reconstruct the file after downloading.

If "keys" are illegal to distribute, then let's make everyone who reads this thread an infringer:
http://rapidshare.com/files/58489700/Metallica-TheEarlyDays.rar

How is this different to Tahoe?

[Spiv]

Doesn't Tahoe already do this?

From the Wiki

[Lord+Bitman]

"A simple analogy is seen in that every number has an infinite number of representations (3+2=5, 2*2+1=5, 10-5=5, 10/2=5, etc). Even if the number (file) in question can be copyrighted under current legislation, it is practically impossible and unreasonable to state that every other representation of that particular number is copyrighted."

Actually, no, it's not unreasonable or impractical. In fact, that's how it actually works. Star Wars is copyrighted as a DVD, Film, mpeg, script, live performance, song, interpretive dance, etc. ..right?

Re:Psst. Copyright doesn't work like that!

[NickFortune]

Attempting to abstract the law into mathematics is pointless.

Hmmm... I don't think that's the objective, exactly. I didn't read TFA as saying "material distributed in this way is not subject to copyright" but rather "none of the bits we're moving are copyrighted - go pester the people doing the uploading"

I also think there is a useful discussion to be had on the subject of numbers and the digital assets they may or not represent. If I zip up MS Office, for instance, I've turned it into a very long number. Is it reasonable to allow companies to claim ownership of such numbers? With the proper compression and/or encryption scheme, you could use any number (trivially in some cases) to represent a work over which you can claim copyright. Do we then let a corporation privatise the entire integer space? And if not, how do we distinguish between infringing and non-infringing uses of a large number?

Re:Psst. Copyright doesn't work like that!

[tomtomtom777]

As a rule, you don't copyright the exact data (i.e. the sequence of numbers representing a digital file). You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

That's not the point. The point is that if someone downloads blocks from me to be used for copyrighted material, I cannot know what it is used for. Maybe these block also encode legal stuff. Because the same block encodes multiple files, and because a request does not state what the data is gonna be used for, I (probably) cannot be holded responsable for sharing copyrighted material.

Re:Psst. Copyright doesn't work like that!

[Richard+W.M.+Jones]

You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

You're dead right. What is interesting is that if you're "caught" with some of these random blocks on your disk, they're just random blocks of data. You can't decode them unless you have the key, hence there's no charge of copyright infringement.

One problem with the proposal (which, by the way, is very obvious, and is how FreeNet and other systems work) is that their key length needs to be the same length as the data, because it's effectively a One Time Pad. If it's any shorter than the original data, then there will be a way to unencrypt the data without the key (proof by a simple counting argument).

Rich.

Re:Psst. Copyright doesn't work like that!

[adpsimpson]

Once I actually understood what on earth they are on about, it seems like an interesting idea with very little basis in reality. Their main claim seems to be a magic-wand approach to getting round copyright, as opposed to a particularly useful distributed filesystem:

No data passing through the network can be considered copyrighted because the means by which it is represented is truly random

Sure... So if I put in Brittany's latest album, then tell my friend to click on the url that 'reassembles' the 'truly random' data into, well, Brittany's latest album, then do you really think copyright has nothing to say?

Breaking news! Photocopying books is TOTALLY LEGAL if you use yellow paper and/or put the book in the machine upside down!

A correctly encrypted file also appears random. It does not mean it IS random, otherwise it would be, well, not very useful.

Summary Misleading

[Fieryphoenix]

While individuals are not passing copyrighted files to each other, the copyright violation does occur. The URL with the instructions of how to assemble the file is actually an encoded version of the file. Downloading those instructions is just as much a copyright violation as downloading a digital version of the file, or a zipped archive from which the file can be extracted. So, "nobody shares any copyrighted files, and therefore nobody needs to hide away" is erroneous. Both the person offering the URL and the person accessing it need to hide if it's a work someone's going to exercise copyright over.

From the main site: "It must be noted that up until the point of retrieval of content from the OFFSystem, storage and transfer of a so-called copyrighted file is completely legal. However, the act of re-assembling a file may be considered copyright infringment in some cases, and users should be aware of legislation regarding copyright law which applies to their jurisdiction before doing so."

I think this analysis is flawed because it assumes that the instructions to construct a file are not a file, and that only when you have the end file have you copied the work. In fact, if the instructions contain all the information of a work, they are the work, in exactly the same way that any digital representation of a work is the work. "Y'onor, I didn't copy no files, look, this is just instructions to make the files" will not fly any more than "Y'onor, this isn't a music recording, it's ones and zeros."

Insane lengths to go to

[cliffski]

Look, I totally get how encryption and plausible deniabiltiy is great if you people are circulating dangerous information about government conspiracies, or organising the resistance in Burma or Zimbabwe, but lets face facts, this will be used to share torrents of Hollywood movies and top 40 albums.

This is stupid.

Either accept the fact that all the political posturing about free being a better business model is true, in which case, just go enjoy all the free music/software/games/movies out there, or admit its just smokescreens to justify getting Hollywood movies for free, whilst your entertainment is subsidised by everyone who paid to see that stuff, and thus allow it to be made.

People seem to have this attitude that this kind of thing is cool because it lets you escape prosecution for copyright infringement. If copyright is such a fucked-up system, then why is it all the stuff people want to share is produced under that system? Surely all the cool movies/software/music/games is being produced under the free model right? Or could it be that the free model isn't viable, or popular with content producers, big and small...

Re:Psst. Copyright doesn't work like that!

[nurb432]

For some of us that isn't a problem, since we don't believe in IP anyway.

A lot of misinformation floating around...

[Sheafification]

There's a lot of misinformation floating around here (RTFA please). Here's what happens: you want to upload a file. The program makes up a bunch of random numbers - really random numbers that have nothing to do with the original file. The original file is not consulted to make the random blocks - they could be pre-generated even.

Also generated is a URL that has the instructions on how to get the original file back from the random blocks. Anyone that shares this part is going to be guilty of copyright infringement (assuming the work in question is copyrighted).

It's basically a substitution cipher - with a unique way of substituting real data for the random blocks, as determined by the URL. So really, it's a one-time pad of sorts.

Re:Psst. Copyright doesn't work like that!

[Silver+Sloth]

Whether you believe in IP is irrelevant to the law of the country of where you live. As a defence it won't hold up in court.

Worrisome...

[zetazentra]

http://wiki.offdev.org/Talk:Why_is_OFF_safe%3F :

Trojan detected with avg free

Another side to the safety issue. I'm hoping this is a false positive, as I like OFF

        * avg free v7.5.516 virus base 269.17.13/1208 finds
                    o Trojan Generic9.AKLU in
                                + offsystem.exe from OFFStystem-0.18.00-win-installer.exe from sourceforge January 3 2008

This is worrisome...

Re:Worrisome...

"Trojan Generic..." Yeah, right. That's not a trojan sig that the antivirus recognized, it's just a heuristic that tags possible malware. Only 3 out of 32 antivirus programs complain. The message "Suspicious Self Modifying File" indicates that it's probably just because they used an uncommon packer.

OFFsystem sez:

That is a false positive. We are still trying to figure out how to tell them about it.

Re:Psst. Copyright doesn't work like that!

[nurb432]

Who said im going to court? I adjust my activities to compensate which avoids that situation.

Doesn't change my belief, or disregard.

Re:Huh?

[ZeroExistenZ]

If what they claimed is true doesn't that make a zip file of a dvd image downloaded via bit-torrent ( and everything ) legal?

Only if you zip it twice and shake your laptop (or wiggle your PC) during the process for randomizing some bits.

Re:Psst. Copyright doesn't work like that!

[NickFortune]

$ sudo apt-get install common-sense && man common-sense

The problem I have with that, is I that don't think those commands work in a court of law.

Come to think of it, but I'm fairly they wouldn't work under Ubuntu either. (I wouldn't know about Debian)

Context matters.

[JustinOpinion]

You're quite right.

Like it or not, copyright doesn't apply to bit-streams, but rather to particular instantiations of ideas (and derivatives thereof). No one can copyright a number. But in a particular context, a certain bit-stream can be considered protected by copyright.

This whole "you can't copyright a number!" is a red herring. No one seriously claims that particular numbers are copyrighted. But in a certain context, a particular chunk of data (a number!) can be reasonably shown to be a copy (or derivative) of a particular copyrighted work. If the same number appears in a totally unrelated context, and it's apparent that it is not being used to distribute a copyrighted work, then no court would find that instance of the number to be infringing.

Another way to say this is that copyright law is more concerned with the action of copyright violation (distributing a copy or derivative of a work without authorization), and is not concerned with maintaining a catalog of copyrighted bit-streams.

Re:Psst. Copyright doesn't work like that!

[IgnoramusMaximus]

Whether you believe in IP is irrelevant to the law of the country of where you live. As a defence it won't hold up in court.

"Whether you believe in Allah is irrelevant to the Sharia law of the country of where you live. As a defense it won't hold up in the Religious court."

There, fixed it for you. Since the evidence for existence of Allah is pretty much on the same level as that for the so-called "Intellectual Property" (i.e. the concept of 'ownership' of large integer numbers and the like) and the relationship between such belief and laws passed based on it is strikingly similar, the statement you made is pretty much equivalent to the one below: arbitrary bullshit based on whatever nonsense happens to deliver power and money to whatever "law makers" and their associates happen to be at the top at the time, logic, science and reason be damned.

Re:Psst. Copyright doesn't work like that!

[Klaus_1250]

If the copyrighted data can be recovered it's considered distribution - in some cases even if the key itself is not distributed with the encrypted data.

The issue is that any piece of random data can be turned into copyrighted data. With the right key, you can turn John Smith's holiday photo's into copyrighted MP3's. But you can't sue John Smith because someone uploaded a key that can turn his photo's in copyrighted data. OFF stores random blocks of data, which can be used by multiple files. It doesn't store any information in particular, just random blocks. Random blocks that can be used for anything. It is the URL that turnes those random blocks into something.

Re:Psst. Copyright doesn't work like that!

[Firehed]

In this case, though, the law has it right. No matter what you're doing to break up, encrypt, hash, randomize, or distribute files, if the end-goal is to end up with a representation of copyrighted material then you're still breaking the law.

If you don't like the law, then go out there and do something about it. Trying to find a workaround for the law is just going to get the courts mad at you if you get caught. Information may want to be free, but right now it isn't (at least not the information that these kinds of things are being created for). Legitimize it, not strategize about how to avoid the problems that can come with it.

Re:Psst. Copyright doesn't work like that!

[Oktober+Sunset]

feed 'em to the dog and see if it goes bananas?

What colour are your bits?

[vyrus128]

For an excellent explanation of why this is legally stupid, see What Colour Are Your Bits?

Re:Psst. Copyright doesn't work like that!

[IgnoramusMaximus]

As long as we live in society we have to pay some regard to the rules of that society whether they make sense to us or not.

If all people were as pathetic as you, feudal lords and slavery would be the norm in all societies today. USA would not even exist, merely a colony ruled by the unchallengeable laws of the King of Britain, because as you so aptly said: "we have to pay some regard to the rules of that society whether they make sense to us or not". Luckily for us all, some of our ancestors took somewhat more enlightened view, sometimes even involving sticking a sword up the "divine lawmakers" asses.

Laws are only to be respected if they are a) logical and b) just. All others are just tools of tyranny and usurpation of power to be ignored and resisted. If all else fails, violently and with deadly force. It is a difference between principled courage and spineless slavery.

A solution in search of a problem

[bradley13]

First off, these people don't do themselves any favours with descriptions like this:

"No data stored or transferred in OFF is copyrighted because all data is random..."

and

"...the randomized blocks do not represent the original data inserted to begin with"

Of course the data is not random. And of course it represents the original data. If either of these two nonsensical statements were true, then it would be impossible to reconstruct the original data. They may randomly generate the blocks, but the selection of blocks and parts of blocks to represent data is anything but random. What they mean is that the distrubution across many blocks in complex relationships means that a happenstance collection of blocks alone is not of any use in reconstructing the content. Sure, private storage of copyrighted data would be acceptable in this sort of encoded, distributed format. But if you publish the URL required to decode the content, you will be every bit as much in violation of copyright law as with any other form of file-sharing.

In the end, the only possible response to this technology is "so what?". If you want online storage, you can buy it by the terabyte from Amazon S3, or for that matter from your ISP. If you want P2P, this is no better than BitTorrent - and at first glance not nearly as robust.

Plus: how many people are going to be willing to put their extra disk-space permanently online, and drill a hole in their firewall so that the world can access it? Heck, I don't even do things like Seti-Online anymore - even if I trust the application, it's extra work that I just don't have time for.

Re:A solution in search of a problem

[slim]

If you want P2P, this is no better than BitTorrent - and at first glance not nearly as robust.

If you're a seeder, it is "better" in the sense that (arguably) the chunks you're serving are not illegal to share.

Let's say you're serving just one chunk - A. A on its own is useless, and very difficult to demonstrate as illegal. Other people are serving B, C, D, E, F. A XOR B is a chunk of project_gutenberg_king_james_bible.txt. A XOR C is a chunk of britney_spears_toxic.mp3. A XOR D is a chunk of terrorist_plans.pdf. A XOR E is a chunk of lolita_rape.avi. Just to mix it up a bit, E XOR F is a chunk of wikipedia_dump.tar.Z

So, are you sharing PD text, top 40 pop, terrorist plans, pedophile porn, or none of the above? Is A the key to E or vice versa? Is F the key to E or vice versa? Every one of these chunks can *simultaneously* be part of a completely innocuous file, and part of something illegal or immoral.

It seems that there is a certain sort of person who likes to facilitate illegal filesharing. The advantage to those guys is that you can deny knowingly sharing copyrighted material. It's not just plausible deniability - you'd actually be telling the truth.

The downside is you don't get to choose what to share. I get the impression that many sharers rather like to know what it is they're distributing. Here you could be facilitating terrible things, and you'd never know..

Short version

[The+Warlock]

What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

Re:Short version

Exactly.... This is all petty semantics from a legal standpoint. When you're in civil court attempting to defend yourself, you can not argue about the law like you argue about DnD rules.

Re:Short version

[TubeSteak]

What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

The law is all about technicalities.
Whether it is prosecuting Al Capone for Tax Evasion or successfully defending yourself because of technicalities, finding technical solutions to legal problems is exactly how the Judicial system works.

There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

To make this abundantly clear:
Legal solution to a technical problem - outlawing buffer overflow exploits
Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

Re:Psst. Copyright doesn't work like that!

[logfish]

Willingly facilitating in the distribution of copyrighted material is illegal. So although running a brightnet client may be legal by itself (as is hosting most web pages) as soon as you use it to distribute copyrighted material you have a problem.

It's just like piratebay.org, they don't host the data but in most countries what they are doing is considered illegal.

Re:Psst. Copyright doesn't work like that!

[bob.appleyard]

Just ignoring the law and breaking it doesn't make you a fearless defender of freedom. It just makes you a criminal. Only if, through your actions, you actually hope to effect real change, can you justify them using your thesis.

Re:Big load of BS

[js_sebastian]

how is this junk different from encryption or plausible deniability file systems - distributed or localized?

Congratulation to the moderators, for moderating +4 insightful a post which is a one line question titled "Big load of BS", written by someone who clearly did not RTFA.

Reinventing the wheel

[kenp2002]

I love kids these days, always thinking they are clever.

A long time ago a man wrote a book, he then made an index of all the words in the book and listed them in alphabetical order.

He then re-copied the book as a reference to the index.

Original: "I am the king of scotland"

Index: AM,I,KING,OF,SCOTLAND

Story: 2-1-3-4-5

Now this idea is nothing more then seeding a network with the index of data then to rebuild a particular file you pass is an index reference.

They would simply bust people for passing the index reference.

Ironical that old book became the foundation for modern day text compression schemes that used indexes and many of the key concepts that cryptography was born from.

Clever kids, if it was still the 1500's and you were trying to smuggle banned books under the nose of the inqusition. They just burned people with the indexes just as if they had the books themselves.

Honestly do they really thing that people are that stupid? If I use a pencil to stab someone I am going to jail just the same if I had used a knife. If someone is smuggling something across the border, but I don't know what, I am still an accomplice to some degree.

Plausable deniability is a great idea but the moment one of those indexes lands on you PC your gonna get dinged for whatever the index points too.

Re:Psst. Copyright doesn't work like that!

[Klaus_1250]

Brightnets don't distribute material. They distribute random blocks. The URL distributes the material, by combining the random blocks in the Brightnet to something none-random. That none-random part can be anything, it could be something that is copyright-infringing or it could be something innocent like holiday photo's. If I'm storing random blocks for a Brightnet, I'm doing just that. Storing Random blocks of data. Nothing more nothing less. I have not clue, and can't know, how people are going to use those random blocks. It all depends on the URL, not on the Random Data.

What OFF does

[miketheanimal]

Rather than reply to a load of (seemingly to me misguided) postings about OFF being clever encryption or whatever, here is my take on it: Suppose I have a file I want to upload. I do something like this. I split it into blocks (128Kbytes in this case). Then for each "original" block I create a set of "new" blocks such that, if the "new" blocks are (say) XOR'd together, they create the "original" block. I then upload the "new" blocks to various servers. The URL for the file lists which "new" blocks to get from which servers; anyone with the URL can retrieve the "new" blocks, do the XOR and regenerate the original file. Now, the "new" blocks cannot be copyright. If there are N "new" blocks for each "original" block then I can generate the first N-1 randomly, and then generate the Nth to give the right result. The Nth block is random in the sense that it is generated as a result of an "original" block and N-1 randome "new" blocks. The URL itself cannot be copyright; if it was then it I give someone instructions on how to get to some place where there is a copy of a book, and the PIN number for a photocopier, then that would be copyright as well. It seems to me that copyright is only infringed when someone gets the "new" blocks and recreates the file. So, the OFF does not magically get around having a dodgy copy of a copyright work, but it does get around storing that work,

Re:Psst. Copyright doesn't work like that!

[Henry+V+.009]

If it's any shorter than the original data, then there will be a way to unencrypt the data without the key (proof by a simple counting argument).

Maybe I've misunderstood you, but that sentence seems to suggest that you don't understand how public key cryptography works.

Re:Psst. Copyright doesn't work like that!

[adpsimpson]

Wait, are you calling me a debian newbie, or a human-geek-slashdot newbie?

Either way, I'm fairly sure the output would actually be more like:

$ sudo apt-get install common-sense && man common-sense
common-sense is a meta package
The following NEW packages will be installed:
RMS-logic RMS-common_sense RMS-IP_thoughts
The following currently installed package(s) will be removed:
human_society
Do you want to continue [Y/n]?

Copyright still holds, and here is why

[davidwr]

The song "Happy Birthday" is under copyright.

If I send you two emails, one that contains a numbered list of every word to "Happy Birthday" along with 1000 other words, in alphabetical order, and another email that contains the numbers of the words "Happy Birthday" in the order they appear in the song, the two together constitute a copyright violation.

The same principle applies if I give the page- and line-numbers of a common dictionary, or any other referenced source, even if the referenced source was itself in the public domain.

If two legally independent systems existed to transport this data each one would probably be immune from being prosecuted for "aiding and abetting" copyright violations, particularly if there were other legitimate uses, but a combined infrastructure which encouraged people to use it for copyright violations would be legally problematic.

Let's put it another way:
If I ran a legitimate service that operated this way, and I filtered out "re-assembly URLs" that appeared to be copyright violations, that would be legally defensible.

If, independently of me, you took copyrighted data and put it on my system with bogus re-assembly instructions and labeled the data "random_numbers", and then sent the correct reassembly data through another mechanism, I would be legally off the hook, but if you were ever caught, you would not be.

Legally, this is not much different than copyrighted data encrypted by a one-time pad. Either half can be considered the non-copyrighted pad, and proving which half is the pad and which half is derived from the original can be legally difficult or impossible, but together, it's the same as the original and anyone or any organization that says "I have a safe way for you to use my product to safely transmit both halves to circumvent copyright protection laws" is going to get hauled into court and lose. Anyone or any organization which, through gross negligence, allows such traffic and who could reasonably stop it without shutting down non-infringing uses, or which doesn't have a substantial amount of non-infringing use, is asking for a legally expensive court fight. He might win the fight but he will be financially bruised for it.

If you are going to pull a stunt like this, make sure it's broken into enough organizational pieces that each piece is clearly legally defensible, and make sure both each piece and the overall technology enjoy substantial use by legal users. Also make sure there is no cheap way of segregating infringing from non-infringing use.

Sorry guys, the law doesn't work that way

[CokeJunky]

IANAL, but my understanding of copyright law and law in general is that it is typically performance based.
That means that If it is used and appears to have the purpose of distributing copyrighted material, no mathematical slight of hand in the middle changes the fact that copyrighted material is being moved. It may, however, offer some protection to the people operating the network, but anyone at the end points (providing/retrieving) is still likely to run into trouble. At the very least, it will be a costly argument to someone in court.

If the system offered substantial benefits to non-infringing users (and was used that way) over traditional ways of transferring files, then maybe they are ok, but if it looks like a duck, walks like a duck and talks like a duck, it must be a duck.

Long story short: Seek legal advice!

You're mixing up your problem spaces.

[Valdrax]

There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

To make this abundantly clear:
Legal solution to a technical problem - outlawing buffer overflow exploits
Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

You just mixed your namespaces.

1st: [Law solution (statutory)] tries to fix [Computer problem]
2nd: [Law solution (procedural)] tries to fix [Law problem]

These aren't equivalent. A technical computer solution to a computer problem is fine, as is a technical legal solution to a legal problem. What's worthy of derision is using a law solution to a computer problem or using a computer solution to a law problem, and that's what this is.

Claiming that you didn't violate someone's copyright because you copied their works without permission in a really nifty way is nonsense. Copyright law doesn't care if you independently produce exactly the same work as somebody; it's a strict liability tort -- "innocent" infringement is still infringement.

Mathematical sophistry does not trump the law.

[Valdrax]

Brightnets don't distribute material. They distribute random blocks. The URL distributes the material, by combining the random blocks in the Brightnet to something none-random. That none-random part can be anything, it could be something that is copyright-infringing or it could be something innocent like holiday photo's. If I'm storing random blocks for a Brightnet, I'm doing just that. Storing Random blocks of data. Nothing more nothing less. I have not clue, and can't know, how people are going to use those random blocks. It all depends on the URL, not on the Random Data.

In other words, it's distributing liability for infringement to all the people holding the bits you use to assemble the file. Wow. That's great.

No court is going to rule that centuries of legal tradition are meaningless before mathematical sophistry. The way you store the file is just as irrelevant to infringement as whether you've got music in MP3 format or AAC format.

You may think it's mathematically clever, but the court's aren't going to be interested in the logic of the math as much as the social and economic costs of allowing the creator's interpretation of copyright law to have any meaning. Courts will also look to the difficulty of enforcement if they limit liability to only those who uploaded the original file (which would be untraceable pretty quickly) and to those who downloaded the file via the URL (which is also nigh impossible to trace). The only easily identifiable contributors to the act left are those people holding the pieces.

The most likely result of a case like this is an extension of Grokster to create liability for just running the software since it doesn't have (per Grokster) "substantial noninfringing uses," and the software actively takes steps to make it impossible for the users not to have derivative portions of copyrighted works on their system. Efforts to make the transaction untraceable (via this randomized block encryption) and open advocacy of this as a means to defeat copyright would also count as "clear expression or other affirmative steps taken to foster infringement."

I can't see this software as accomplishing anything more than distributing liability for copyright infringement. The only saving grace for it is that you have no idea whose rights you're violating or how many violations you've committed, so you can't be on the hook (civilly) for every file you share pieces of since there's no way of identifying all the victims.

However, all it takes is for the RIAA or MPAA to hire MediaSentry or some other firm to download a single file and copy down the IP addresses of every person they get a chunk from, and it's lawsuit city!

At least you're safe from criminal copyright violation since that requires willful infringement which I don't think can be proven, though again the fact that you ran a service that you can't not infringe with might be damaging, but given that the only practical means of enforcing the laws would be to make the people running data stores liable, that's exactly what the courts will do, all your protests of holding "random" data be damned.

No. Try think this through from the court's side.

[Valdrax]

I made a longer winded post about this here, but I'll summarize for you.

That's not the point. The point is that if someone downloads blocks from me to be used for copyrighted material, I cannot know what it is used for.

That's the problem. You have absolutely no way of knowing that you're not sharing infringing blocks, you have no way to prevent it, and yet you've still willingly installed and ran the software on your system.

How are the courts going to preserve copyright law in the face of this technical challenge? Make no mistake, courts aren't going to just throw up their hands in the air and say, "Wow! Centuries of legal tradition and entire sectors of the US economy have now been made obsolete by a very clever way of copying data. Let's call the whole thing off!" Somebody has to be held to account.

What can they do?
1) Make the person who uploaded the file liable?
2) Make the person who downloaded the file liable?
3) Make the people holding chunks of the file liable?
4) Treat the URL itself as a derivative work?

The first option is technically unfeasible. So is the second, unless you run your own data-store containing pieces of your own files as a sting operation, and you know what each chunk downloaded from you is. The third is feasible, because all it requires is that an authorized agent (like MediaSentry) download the file and track the IPs of all people who give them chunks -- every one of those people had an infringing piece, after all. The fourth has some real problems with not overreach and would create massive hassles for search engines, so I doubt the courts would go with that.

I think the most likely solution is to treat the software like that in Grokster as software that aids in infringement and doesn't have substantial noninfringing uses and to extend the decision to hold users liable for contributing to infringement. It's the most practical solution (from the court's perspective) to the situation.

All this accomplishes is getting them to turn another screw. So, thanks to all the people who invented this idea. Thanks a lot. (With friends like these, who needs enemies?)

Re:Psst. Copyright doesn't work like that!

[NickFortune]

So your concern of privatising the entire integer space isn't really valid

The thing is, with the right archiving algorithm, you could encrypt a given piece of data into any integer desired. For instance, XOR an MS Office zip against a tar file of the linux kernel. Take the output and go to the judge and ask for a Cease and Desist order, on the grounds that the kernel tar is in fact a representation of MS Office.

You'd need to be a bit more subtle than that, but I expect you make a reasonably convincing spoof encryption program without too much effort. You probably wouldn't go after something with such a solid provenance as the kernel, either, but you could probably shut down a lot of smaller legitimate online distributors.

Re:Psst. Copyright doesn't work like that!

[IgnoramusMaximus]

Words can be exchanged for ones of sufficiently close meaning, the edges of a picture cropped, sections of a tune repeated and so on in ways which do not significantly change the information a human would extract, but which would defeat a simple binary comparison.

All of those are examples of binary data and mathematical manipulation of thereof. Picture can be represented, to an arbitrary degree of precision, as binary data. The operation of "cropping" is a mathematical transform on such. Repetition is a mathematical transform. Words are equivalent to numbers. "Close meaning" is a concept representable by numbers (a pair of concepts in a table with a number indicating "cloeseness" between them). Etc. Information and numbers (and thus binary numbers) are one and the same. Furthermore, the information inside human brain is represented in a form of electrical discharges and chemical states, all of which are equivalent to numbers. There is no escape from this. All information and numbers are interchangeable. This is one of the fundamental properties of information.

While we can represent information as binary data, we just don't know how to represent the nuances of human interpretation as mathematical operators on binary data.

All of these are already numbers (represented by electrical discharges and protein assemblies). That is what information is.

That's not a failing of copyright law, but of mathematics and biology.

No it is not. Science has dealt with this long ago, whole scientific theories were developed and tested dealing with properties of information and its transmission. It is the brain-dead lawyers and politicians who refuse to listen, primarily because this scientific knowledge gets in the way of Lord Greed. And we all know that Greed will trump science every time.

It's not encryption

[znerk]

From what I am reading (I know, WTF am I doing actually R'ing TFA?), this isn't encryption in any sense of the word. It's hash comparison using random data. The blocks of data are not, in any way, related to the "stored" data. From what I can understand, a hash is generated using XOR against a random file block, based on some portion of the file you are "uploading". These blocks are then stored all over the place, and reused if they match someone else's (and it would seem they must, eventually... 128k is not an overwhelmingly huge address space). Each "node" (storage place) has its own unique identifier, and the blocks stored on it are referenced by other nodes to "store" the "inserted" data in the OFF.

From what I'm reading, this is either a really cool method of using up all those extra few gigs of space on everyone's hard drives (although "inserted" files triple in size, according to the wiki) which has nothing to do with copyright stuff (assuming you're not sharing the locator info), or this is just one more hoop to jump through in an attempt to keep the MAFIA (Movie And Film Industries of America) from noticing that your Brittney Spears collection is growing again. If the former, it's less than ideal. If the latter... well, at least Deep Packet Inspection (is that like a colonscopy for data?) won't be able to tell that you're pulling down mixes of "Oops I did it again" again. And, as other posters have stated... if you can show that the data you downloaded is actually a linux ISO and a video of you playing with your new dog in your own back yard, why does it matter that you can also convert it into a copy of that new blockbuster movie?

Obfuscation of a ubiquitous behavior seems like a poor solution, too.
If the majority of people are doing it, why is it still a legal issue?

On the other hand, the wiki has this bit about how game patches could be distributed using just a little more bandwidth than the executable itself. I'm wondering if that's per download, or if it's a one-time bandwidth chunk.

In summary, the concept of a global network of data storage is pretty neat, but I think we will find in the end that this particular implementation is flawed... assuming it doesn't turn out to be just a hack to hide illegal activites from the authorities. Paradigm-changing new tech I'm interested in. Arms race, not so much. Fight copyright, not enforcement.

Reductionism vs the law

[Loki+P]

The OFF argument is akin to this: take a copyrighted work, let's say it's a novel. Cut it in half. Is that half still under copyright? Yes. OK, cut it half again, and again, and again. At some point you'll get down to individual words, letters, or single bits. These do not have copyright in themselves, and so can be joined together with other words, letters or bits from other places and stored in 128K chunks which likewise don't themselves have any copyright. These chunks can then be distributed because they are just random-looking chunks of data.

The problem with this argument is it's reductionist. If you blend up 5 copyrighted works and pour them into 10 shot-glasses (the network), sure you can claim each individual shot-glass doesn't fall under the same copyright of any single one of the original works. But since you can extract each of the 5 original works from the collective set of the 10 shot-glasses, then the network as a whole does contain the copyrighted works, and does fall under copyright protection. In a sense, they have smeared each copyright out over many (possibly overlapping) chunks, but it's still there because the originals can still be retrieved. Banning the whole network seems a possible legal outcome, since non-infringing uses may still involve moving chunks which contain a partial copyright.

As much as the creators of OFF might claim their work is different to a darknet, actually it relies on very similar principles of obfuscation.

Re:Reductionism vs the law

[BronsCon]

So, then, since a (good) dictionary contains all of the words in a language, it is violating the copyright of each and every creative work done in that language?

By your logic, it would seem so. I can recreate all of the works of Shakespear from a single Webster's Dictionary.

Not quite Encryption, not quite Good either

[ancientt]

Maybe, maybe not. It sounds like somebody was thinking about removing duplicate data from file systems in a significant way. They appear to have gotten side tracked by this idea of avoiding responsibility for copyright infringement, but the original concept is interesting. At least what I hope was the original concept.

Lets pretend I know the original concept, as I suspect I do, due to convergent thought processes. Essentially it is this, you get a large number of people to store chunks of indexed data and as more and more people add to the list, you remove duplicate entries beyond what is required for resiliency. For a couple thousand files, there is no significant improvement over regular existing compression algorithms, but over hundreds of millions, perhaps a couple billion, you end up with needing very little additional storage for your entire library of files. You can do backups of your entire system requiring additional storage of perhaps a couple hundred megabytes. Data is compressed on the end blocks with traditional algorithms, decompressed on the fly.

There are two problems with the implementation as I read it. First, they are randomizing the data rather than the distribution alone. I should be able to fearlessly store a couple gigabytes for anonymous users since I am gaining from the service a distributed resilient and redundant file system. However, the savings in storage are negated since two copies of the same file with different origins would have different (essentially encrypted) segments requiring double the storage of unencrypted versions.

Second, the system described in the only page I read doesn't adequately deal with data collisions. I'd be happy to make backups onto such a system if it were dependable, but leaving aside the nature of a voluntary anonymous Internet system, the possibility of data corruption would cut my desire down to practically nil.

Yes nitpickers, I do know that it isn't really encryption, but it is like enough for the purposes of my point. As to technical merits, I've done it at file level backups and it was hugely significant and reliable, I did md5.sha1 which was good enough for my purposes, but add more as fits your personal paranoia level. I was explaining my closest theory on a method that does almost this to coworkers complete with mysql database and whiteboard two weeks ago, i.e. convergent thought processes.