Brightnets are Owner Free File Systems

elucido writes "OFF, or the Owner-Free Filesystem is a distributed filesystem in which everything is stored in reference to randomized data blocks, as opposed to a 1:1 copy of the original data being inserted. The creators of the Owner-Free Filesystem have coined a new term to define the network: A brightnet. Nobody shares any copyrighted files, and therefore nobody needs to hide away. OFF provides a platform through which data can be stored (publicly or otherwise) in a discreet, distributed manner. The system allows for personal privacy because data (blocks) being transferred from peer to peer do not bear any relation to the original data. Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random." Their main wiki page discusses a bit of what this means and how it might work as well. I've been saying that we need this for many years now, if only because we all have 10 gigs free on our machines and if we could RAID the internet we'd need fewer hard drives.

Not a Brightnet yet

[InvisblePinkUnicorn]

My network is still on the fence when it comes to the existence of God.

Encryption

[adpsimpson]

Isn't this just a sophisticated form of encryption, using a large, randomly generated key?

If so, does it have any real advantages over conventional encryption? It seems that the disadvantage would be the need to have both the file (large) and the random data (large) instead of, conventionally, just the file (large) and key (small).

Also, I can't be the only one who found the summary, uh, confusing??

Re:Encryption

[iocat]

the wiki explains it a little better. It's sort of cool. It breaks all the data in 128K randomized chunks, and those chunks can also be used as well to represent OTHER data, because it's all about the relationship of the radomized chunks, not just the chunks themselves.

Re:Encryption

[adpsimpson]

Replying to my own post, but this IS just a sort of encryption - their main claim being because the data is encrypted, it's not copyright.

As has been pointed out below, the data transferred is not the thing copyrighted - it's what it represents. So it's an arduous and painful encryption, with high overhead, easy to crack and no plausible benefit. With some hand-wavy 'it annuls all badness from bad things' explanation.

Re:Encryption

[Hal_Porter]

Replying to my own post, but this IS just a sort of encryption - their main claim being because the data is encrypted, it's not copyright.

As has been pointed out below, the data transferred is not the thing copyrighted - it's what it represents. So it's an arduous and painful encryption, with high overhead, easy to crack and no plausible benefit. With some hand-wavy 'it annuls all badness from bad things' explanation.

Except that is probably bullshit to copyright lawyers

There's a great explanation of why in this essay, What Colour are your Bits. It's actually about another system based on the same sort of ideas.

http://ansuz.sooke.bc.ca/lawpoli/colour/2004061001.php

The fallacy of Monolith is that it's playing fast and loose with Colour, attempting to use legal rules one moment and math rules another moment as convenient. When you have a copyrighted file at the start, that file clearly has the "covered by copyright" Colour, and you're not cleared for it, Citizen. When it's scrambled by Monolith, the claim is that the resulting file has no Colour - how could it have the copyright Colour? It's just random bits! Then when it's descrambled, it still can't have the copyright Colour because it came from public inputs. The problem is that there are two conflicting sets of rules there. Under the lawyer's rules, Colour is not a mathematical function of the bits that you can determine by examining the bits. It matters where the bits came from. The scrambled file still has the copyright Colour because it came from the copyrighted input file. It doesn't matter that it looks like, or maybe even is bit-for-bit identical with, some other file that you could get from a random number generator. It happens that you didn't get it from a random number generator. You got it from copyrighted material; it is copyrighted. The randomly-generated file, even if bit-for-bit identical, would have a different Colour. The Colour inherits through all scrambling and descrambling operations and you're distributing a copyrighted work, you Commie Mutant Traitor.

To a computer scientist, on the other hand, bits are bits are bits and it is absolutely fundamental that two identical chunks of bits cannot be distinguished. Colour does not exist. I've seen computer people claim (indeed, one did this to me just today in the very discussion that inspired this posting) that copyright law inescapably leads to nonsense conclusions like "If I own copyright on one thing, and copyright inherits through XOR, then I own copyright on everything because everything can be obtained from my one thing by XORing it with the right file." That sounds profound only if you're a Colour-blind computer scientist; it would be boring nonsense to a lawyer because lawyers are trained to believe in and use Colour, and it's obvious to a lawyer that the Colour doesn't magically bleed to the entire universe through the hypothetical random files that might be created some day. You could create the file randomly, but you didn't. Maybe you could create a file identical to the complete works of Shakespeare by XORing together two files of apparently random garbage. "Why, so can I, or so can any man;" but that doesn't mean that I am William Shakespeare.

Re:Encryption

[smallfries]

It's not a form of encryption, the purpose is not to hide the data but to share representations. The basic idea is let's say that I have files/blocks A,B,C. Instead of storing them directly I will compute shares that merge the information into a new set of blocks. None of the new set of blocks will contain copyrighted info - or if it does then who will own it because there are competing copyright claims. To get file A back out I need to take a selection of the shares and xor them together.

It's an interesting technical approach, but a classic FAIL. Geeks never understand the law, they assume that it is a mechanical system that can be gamed (well, because they're geeks). But no matter how the law it is written, it is interpreted by people. The first time that it was tried is court would be something like this:

Pros: Could you explain to the court what you uploaded to Brightnet?
Def: It was a non-linear combination of the xor of .... .... .... in several parts.
Pros: Did you upload Britney Spears - Chart Slag.mp3?
Def: No, that was never on my computer.
Pros: Did you upload something that allowed the mp3 to be constructed exactly?
Def: Yes
Pros: Copyright infringment through unauthorised distribution, the prosecution rests.
Def: WTF?

Re:Encryption

[crosbie]

Putting it a little more plainly:

Copyright concerns provenance (similarity merely raises suspicion).

Patent concerns similarity (provenance is irrelevant).

However, both are unethical and ineffective anachronisms long overdue for abolition.

Let overpaid lawyers count the angels on a pinhead. It is not something computer scientists should concern themselves with, especially when litigation causes 99% of harm well before any judges get anywhere near investigating the provenance of bits - deciding which side of bread best provides inspiration as to the 'correct' judicial interpretation as to how bits should properly be constrained.

Use the GPL. It's a legal device against litigation.

Using BrightNets is a coder's sophistry, not a lawyer's. A coder may as well wonder why there's so much legal difference between copying an MP3 file and streaming it, when there's marginal technical difference. Conversely, lawyer's won't be fazed by significant technical differences if the end result is the same - they'll sue you first and leave the questions to judges in subsequent decades.

You might as well create a distributed and co-operatively administered 'YouTube' host with anyone legally permitted to upload and download so long as the hosted works were only 'streamed' to the public and taken down upon request (DMCA).

Lex Asinus Est.

Re:Encryption

[Rary]

But then, without copyright there is absolutely no need for the GPL. ... Bear in mind that the GPL is a means to enjoy freedom...

I'm no expert on the GPL, but am I not correct in thinking that the GPL forces restrictions on developers in order to ensure freedoms for users? For example, the requirement that if I build and distribute something that uses GPL code, I must use the GPL on my code and distribute the source code with the binaries.

Without copyright and the GPL, there is absolutely no way to force me to distribute my source code. I can take an open source project, add to it to create something new, hide the source code in a vault and distribute only the binary. You will be able to copy it freely, but good luck modifying it. You, the user of my software, have lost freedom because there is no GPL to force me to provide you with that freedom.

Re:Encryption

[Jake73]

Yes, but the assertion that this somehow circumvents copyright law is pretty ridiculous.

The composite of the entire system allows one to store data in a retrievable fashion, just as the composite of a hard drive, magnetic head, source coding strategy, filesystem, and operating system allow one to store data in a retrievable fashion -- despite the fact that it is fragmented on the drive and source coded.

The scope of the system may be different, but it accomplishes the same.

Sharing the "recipe" for assembling the blocks is the same as sharing the original file. It's just a definition of terms. You could say that a compressed (.zip) version of a text file is really just a recipe for algorithmically creating the original text file. The zip version and the original are treated the same under copyright law, as far as I know.

Re:Encryption

[smallfries]

The point that I was making was that the law operates on intent rather than action. If the sole purpose of your XOR of Britney and someone's holiday photos is to allow reconstruction of the mp3 then it is a defense that the court would see through.

Re:Encryption

[sjames]

It' not a circumvention of every aspect of copyright, it's a system where you can't claim that every single intermediary had some part in any copyright violation.

For example, I rip all my CDs and store them in this system (keeping the list of URLs needed to re-construct/retrieve the files to myself. Since only I can get the files back, I have not distributed anything WRT copyright.

The various nodes can't know what the blocks I stored are. Should I give someone else my list of URLs, I have now distributed, so I have now violated copyright. The nodes storing those blocks still don't know what they are and have no means of re-constructing them, so have not infringed.

Psst. Copyright doesn't work like that!

[91degrees]

As a rule, you don't copyright the exact data (i.e. the sequence of numbers representing a digital file). You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

Data != Information

[Rary]

Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random.

It's not the data that's protected by copyright, it's what the data represents.

No matter how you mangle the data when storing it or transferring it from one location to another, the end result is the same. They're trying to use semantics and technical voodoo to get around copyright law. It won't work.

Re:Data != Information

[larry+bagina]

When the RIAA files a lawsuit, you can testify in court that you were actually downloading kiddie porn.

Re:Data != Information

[iocat]

You're right, but wouldn't this move the 'infringer' to the guy who had the URL to put all the little random chunks together into a Maroon Five file on his PC, not the girl who had one 128K chunk that *could be* used to represent the Maroon Five file -- or a shopping list -- on her PC?

Re:Data != Information

[inviolet]

It's not the data that's protected by copyright, it's what the data represents.

No matter how you mangle the data when storing it or transferring it from one location to another, the end result is the same. They're trying to use semantics and technical voodoo to get around copyright law. It won't work.

Defense: I didn't do it.
Prosecution: We found the body in your apartment, hidden under your bed.
Defense: It is true that I placed a fast-moving bullet into the air adjacent to his chest, but if there happened to be any later consequences, those were not clearly visible from the location of the trigger.
Jury: Hang him.

So yeah, this is no legal defense. But perhaps it wasn't meant to be one. It seems like subterfuge, countersurveillance, and plausible deniability than anything else. But that plausibility won't hold up long, because the courts will soon say "If we find a bunch of random files on your drive, the burden is on *you* to prove that they aren't naughty bits." They'd make you extract the original content from the blocks, which hopefully haven't later disappeared off the internet, and if you couldn't do it then you'd be in hot water.

Re:Data != Information

[Rary]

Granted, you won't fool a (competent) computer scientist with that, but a jury could be confused, to say the least.

Hans Reiser thought he could out-smart the jury. Look how well that worked for him.

Neither judges nor juries like to feel like they're being played. You play a game like that, attempting to confuse them with technology that's over their heads, and you're not exactly going to win them over.

The result of that kind of argument will likely be that they ignore the part that's confusing to them, and focus on the part that's simple to understand: you have the Indiana Jones movie on your hard drive, and that's a copyright violation. Simple.

Re:Psst. Copyright doesn't work like that!

[Richard_at_work]

Yup, and attempted get-arounds like this are stuff courts love to slap down.

From the Wiki

[Lord+Bitman]

"A simple analogy is seen in that every number has an infinite number of representations (3+2=5, 2*2+1=5, 10-5=5, 10/2=5, etc). Even if the number (file) in question can be copyrighted under current legislation, it is practically impossible and unreasonable to state that every other representation of that particular number is copyrighted."

Actually, no, it's not unreasonable or impractical. In fact, that's how it actually works. Star Wars is copyrighted as a DVD, Film, mpeg, script, live performance, song, interpretive dance, etc. ..right?

Re:Psst. Copyright doesn't work like that!

[NickFortune]

Attempting to abstract the law into mathematics is pointless.

Hmmm... I don't think that's the objective, exactly. I didn't read TFA as saying "material distributed in this way is not subject to copyright" but rather "none of the bits we're moving are copyrighted - go pester the people doing the uploading"

I also think there is a useful discussion to be had on the subject of numbers and the digital assets they may or not represent. If I zip up MS Office, for instance, I've turned it into a very long number. Is it reasonable to allow companies to claim ownership of such numbers? With the proper compression and/or encryption scheme, you could use any number (trivially in some cases) to represent a work over which you can claim copyright. Do we then let a corporation privatise the entire integer space? And if not, how do we distinguish between infringing and non-infringing uses of a large number?

Re:Psst. Copyright doesn't work like that!

[adpsimpson]

Once I actually understood what on earth they are on about, it seems like an interesting idea with very little basis in reality. Their main claim seems to be a magic-wand approach to getting round copyright, as opposed to a particularly useful distributed filesystem:

No data passing through the network can be considered copyrighted because the means by which it is represented is truly random

Sure... So if I put in Brittany's latest album, then tell my friend to click on the url that 'reassembles' the 'truly random' data into, well, Brittany's latest album, then do you really think copyright has nothing to say?

Breaking news! Photocopying books is TOTALLY LEGAL if you use yellow paper and/or put the book in the machine upside down!

A correctly encrypted file also appears random. It does not mean it IS random, otherwise it would be, well, not very useful.

Re:The data would change from

[phoenix_nz]

It's not encryption. What you will be downloading is several random files that when combined make up whatever you want.

The cool thing is that the files really are random. They are simply numbers that can be combined to make a copyrighted file but don't have to be.
In other words: (As stated on the wiki) you will infringe on copyright the second the random files are combined. But downloading and sharing the files is not a copyright infringement.

Re:Psst. Copyright doesn't work like that!

[nurb432]

For some of us that isn't a problem, since we don't believe in IP anyway.

Re:Psst. Copyright doesn't work like that!

[Silver+Sloth]

Whether you believe in IP is irrelevant to the law of the country of where you live. As a defence it won't hold up in court.

Re:The data would change from

And how do you know which files to download? You know because from somewhere you got a key that told you WHICH files you need.

The key is where this falls down. The key is an encrypted representation of the original. Trading the key is where the infringement occurs.

Let's take a simple examples. There are 4 files in my "brightnet"- "00", "01", "10", "11". I name these files "a","b","c","d".

Now I have my copyrighted string I want to trade. My string is 01101101001010.

I need to generate the key for the brightnet, which is "bcdbacc". This tells me that I need to take file b, then file c, then file d... to reproduce the original.

Now, you can argue that downloading file a, b, c, or d in itself isn't a violation. That may be true, but it misses the point. The point is that the brightnet is useless without my key file "bcdbacc."

My key file is, in itself, an encryption of the original copyrighted string. Trading in the KEY is the problem, even if downloading the files I'll use to decrypt it isn't.

All this does is let us generate multiple possible encryptions of the same file. And, with large enough brightnet blocks, each one can be shorter than the original. Which is cool for file traders--if there are multiple keys that encode the same file, now all of a sudden it's harder to catch me trading files--I can send the same file to 2 people using 2 different keys, so simply watching for a specific key won't catch me trading a particular file

At best, this makes it easier to trade copyrighted files. But thinking there's no obvious copyright violation here is just silly.

Worrisome...

[zetazentra]

http://wiki.offdev.org/Talk:Why_is_OFF_safe%3F :

Trojan detected with avg free

Another side to the safety issue. I'm hoping this is a false positive, as I like OFF

        * avg free v7.5.516 virus base 269.17.13/1208 finds
                    o Trojan Generic9.AKLU in
                                + offsystem.exe from OFFStystem-0.18.00-win-installer.exe from sourceforge January 3 2008

This is worrisome...

Re:Worrisome...

"Trojan Generic..." Yeah, right. That's not a trojan sig that the antivirus recognized, it's just a heuristic that tags possible malware. Only 3 out of 32 antivirus programs complain. The message "Suspicious Self Modifying File" indicates that it's probably just because they used an uncommon packer.

OFFsystem sez:

That is a false positive. We are still trying to figure out how to tell them about it.

Re:Psst. Copyright doesn't work like that!

[Klaus_1250]

If the copyrighted data can be recovered it's considered distribution - in some cases even if the key itself is not distributed with the encrypted data.

The issue is that any piece of random data can be turned into copyrighted data. With the right key, you can turn John Smith's holiday photo's into copyrighted MP3's. But you can't sue John Smith because someone uploaded a key that can turn his photo's in copyrighted data. OFF stores random blocks of data, which can be used by multiple files. It doesn't store any information in particular, just random blocks. Random blocks that can be used for anything. It is the URL that turnes those random blocks into something.

Re:Psst. Copyright doesn't work like that!

[Firehed]

In this case, though, the law has it right. No matter what you're doing to break up, encrypt, hash, randomize, or distribute files, if the end-goal is to end up with a representation of copyrighted material then you're still breaking the law.

If you don't like the law, then go out there and do something about it. Trying to find a workaround for the law is just going to get the courts mad at you if you get caught. Information may want to be free, but right now it isn't (at least not the information that these kinds of things are being created for). Legitimize it, not strategize about how to avoid the problems that can come with it.

Re:Psst. Copyright doesn't work like that!

[Oktober+Sunset]

feed 'em to the dog and see if it goes bananas?

Short version

[The+Warlock]

What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

Re:Short version

[TubeSteak]

What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

The law is all about technicalities.
Whether it is prosecuting Al Capone for Tax Evasion or successfully defending yourself because of technicalities, finding technical solutions to legal problems is exactly how the Judicial system works.

There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

To make this abundantly clear:
Legal solution to a technical problem - outlawing buffer overflow exploits
Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

Re:Psst. Copyright doesn't work like that!

[bob.appleyard]

Just ignoring the law and breaking it doesn't make you a fearless defender of freedom. It just makes you a criminal. Only if, through your actions, you actually hope to effect real change, can you justify them using your thesis.

Copyright still holds, and here is why

[davidwr]

The song "Happy Birthday" is under copyright.

If I send you two emails, one that contains a numbered list of every word to "Happy Birthday" along with 1000 other words, in alphabetical order, and another email that contains the numbers of the words "Happy Birthday" in the order they appear in the song, the two together constitute a copyright violation.

The same principle applies if I give the page- and line-numbers of a common dictionary, or any other referenced source, even if the referenced source was itself in the public domain.

If two legally independent systems existed to transport this data each one would probably be immune from being prosecuted for "aiding and abetting" copyright violations, particularly if there were other legitimate uses, but a combined infrastructure which encouraged people to use it for copyright violations would be legally problematic.

Let's put it another way:
If I ran a legitimate service that operated this way, and I filtered out "re-assembly URLs" that appeared to be copyright violations, that would be legally defensible.

If, independently of me, you took copyrighted data and put it on my system with bogus re-assembly instructions and labeled the data "random_numbers", and then sent the correct reassembly data through another mechanism, I would be legally off the hook, but if you were ever caught, you would not be.

Legally, this is not much different than copyrighted data encrypted by a one-time pad. Either half can be considered the non-copyrighted pad, and proving which half is the pad and which half is derived from the original can be legally difficult or impossible, but together, it's the same as the original and anyone or any organization that says "I have a safe way for you to use my product to safely transmit both halves to circumvent copyright protection laws" is going to get hauled into court and lose. Anyone or any organization which, through gross negligence, allows such traffic and who could reasonably stop it without shutting down non-infringing uses, or which doesn't have a substantial amount of non-infringing use, is asking for a legally expensive court fight. He might win the fight but he will be financially bruised for it.

If you are going to pull a stunt like this, make sure it's broken into enough organizational pieces that each piece is clearly legally defensible, and make sure both each piece and the overall technology enjoy substantial use by legal users. Also make sure there is no cheap way of segregating infringing from non-infringing use.

You're mixing up your problem spaces.

[Valdrax]

There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

To make this abundantly clear:
Legal solution to a technical problem - outlawing buffer overflow exploits
Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

You just mixed your namespaces.

1st: [Law solution (statutory)] tries to fix [Computer problem]
2nd: [Law solution (procedural)] tries to fix [Law problem]

These aren't equivalent. A technical computer solution to a computer problem is fine, as is a technical legal solution to a legal problem. What's worthy of derision is using a law solution to a computer problem or using a computer solution to a law problem, and that's what this is.

Claiming that you didn't violate someone's copyright because you copied their works without permission in a really nifty way is nonsense. Copyright law doesn't care if you independently produce exactly the same work as somebody; it's a strict liability tort -- "innocent" infringement is still infringement.