Slashdot Mirror
German Court: Open Source Project Liable For 3rd Party DRM-Busting Coding
Diamonddavej writes "TorrentFreak reports a potentially troubling court decision in Germany. The company Appwork has been threatened with a 250,000 Euro fine for functionality committed to its open-source downloader (JDownloader2) repository by a volunteer coder without Appwork's knowledge. The infringing code enables downloading of RTMPE video streams (an encrypted streaming video format developed by Adobe). Since the code decrypted the video streams, the Hamburg Regional Court decided it represented circumvention of an 'effective technological measure' under Section 95a of Germany's Copyright Act and it threatened Appwork with a fine for 'production, distribution and possession' of an 'illegal' piece of software."
You keep using that word. I do not think it means what you think it means.
Doesn't the concept of "effective" mean that code breaking the DRM cannot exist?
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Is it legally possible to author and licence an opensource project without disclosing your identity? All the licences I've see have a place for the copyright holder (the person or other entity that is granting the rights detailed in the license). I presume its possible and legal to do this without including your actual name right? If you don't care about getting credit for it (or suing for damages), you can avoid this potential liability by having the project copyright controlled by some nameless entity. As long as you don't need to re-licence it in the future, I think that is safe.
I suppose you could have the copyright in some arbitrary name (your friend's dead pet, whatever), but still require the license to credit you. A lot of opensource projects really don't care who holds the copyright, so if its a liability, the developers shouldn't hold it. GPL type projects have to be careful, since the copyright holder could use it themselves however they want, or reissue it under some other license. This approach makes much more sense for permissive licenses like public domain, or MIT/BSD.
An open source project that doesn't reject and delete every contribution made by outside volunteers? Idiots.
contributions to open source products should be just like posts to websites. If someone posts something illegal then the authorities should issue a "take down" notice to the project. If they remove it then only the original poster should be liable.
is known for its cowtowing to the intellectual property holders. That is why they try to go to that particular court if they sue for copyright infridgement.
"It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
Just post the name of the judge, and be done with it. Other will contribute home address, place where his kids go to school, etc, and from there we can move on.
Maybe it's not great because this time it's about busting DRM, but ofcourse it shouldn't be like an opensource project wouldn't be liable for any illegal activity while a closed source project would be fined.. Open source doesn't mean it doesn't have to obey laws..
It stopped being 3rd party code the moment Appwork accepted the contribution and started spreading the code itself. That is the moment they became liable. If they do not like that, they should not spread "just anybody's code" without verification.
We may not like it, it makes the life of open source projects more difficult, but that is the way it works. For good reasons.
In the world of athletics, the athlete is responsible for verifying beforehand that any substances entering their body are free from performance-enhancing drugs and a range of other substances. In this case, that same rule seems to have been applied to software - the admins are responsible for code entering the body of the application.
Aside form anything else, my opinion is that someone on the project should have oversight of new code submissions before they are committed to the main codebase. If that is not happening here, then this is a lesson in stupidity for the admins. If it is happening, then the admins really are facilitating, because they have explicitly allowed that functionality into the application. Flipping the coin again, if the admins explicitly allowed the content without realizing what it does, then they have commited code without understanding the purpose or impact of the code, and we are back to the lesson in stupidity again...
Actually this is worrisome for the open source community not because they ended up in court but because Appwork accepted code without reviewing it and actually without even knowing what it does. How can they assure users that installing the application they don't become part of a 15 million users botnet?
Burn it!
I rather find fines not to be fine at all !!
We live in a very sad world that such a concept even exists.
You forgot the US & UK.
" any movement, ideology, or attitude that favors dictatorial government, centralized control of private enterprise, repression of all opposition, and extreme nationalism"
Yep, sounds about right although some definitions mention merging of state and corporate power which is possibly more pertinant.
I want a list of atrocities done in your name - Recoil
he Hamburg Regional Court decided
You can stop reading there.
This particular court is the laughing stock of the german legal system, and its decisions are routinely overturned at the higher courts. They are famous for "creative" interpretations of the copyright laws.
Source: I live in Hamburg, Germany and I've been following copyright-related civil rights matters for more than a decade.
Assorted stuff I do sometimes: Lemuria.org
Get the copyright holder to assign copyright of that plugin to the judges.
Then sue them in their own court to MAKE THEM PAY!!!1! and take it all the way up to the highest courts in Europe to make it stick. Sauce for the goose, etc. IIRC it was this Hamburg court that thinks it has world-wide jurisdiction in copyright cases, and that isn't the only... peculiar view they hold. Time to take them down a peg or two.
Code review is good, but a need to waste code-review time to whack DRM moles is a symptom of a diseased legal system that supports DRM in the first place.
You can hold down the "B" button for continuous firing.
I ran Wireshark on it and it does not do the ET phone home crap that most spyware does so it is what the writers say it is.
If you boot it up and do not leave it in the sys tray it does not leave active processes hanging around. HOWEVER you can run it as a background process to snoop your RTMPE and have them automatically download the vids. On youtube it downloads the whole smash including the webM html5 streams and all available vid size pieces of a vid including any mp3 or other audio files.
Best stream ripper out there IMO. EAT MY SHORTS MPAA, RIAA and all your ill begotten drm bullshit nonsense. This video is a great one and as a result I will order her works online she is one hot guitarist! Fantasia la Traviata a little beyond the reach of most musicians, eat your heart out if you like guitar!
This message was not sent from an iPhone because Peter Sellers really was a deviated prevert without a dime for the call
And by turning the ASCII decimal value 32 into the blank glyph, you've decrypted it to plain enlgish.
This problem would be solved if the acceptance of copyright DEMANDING a plaintext only version, since an encrypt never expires, and copyrights do. Therefore something encrypted is a trade secret at best and not copyrightable.
Software is bits and bytes sitting on a computer. How can it be illegal? There are many uses of software... if this is stream ripping software, wouldn't it be completely legal for me to rip a stream that is public domain? Even if the act of "ripping a stream" is illegal (which would be amazingly silly) -- software doesn't run itself. Can't I download the source to study it..? What if I am interested in stream compression technology, and am writing something comparing streaming technologies, and want more information.
This is all just silliness.
You need to decrypt the works.
Since the work is "licensed, not sold", and copyright does not restrict copies for personal use, you need to decrypt it to view the work, fully licensed, on some other application or device, and that requires decryption.
"Piracy" doesn't require decryption. You can sell an encrypted file just fine.
Fair use, turning copies, and personal backups all require decryption.
If the original authors didn't put that feature in and never intended to then just show the different in code revisions from version a -> b. Once the court sees the authors didn't do it they are ( or should be ) off the hook.
DRM isn't effective, it will always be broken, therefor the fact that DRM even exists makes it contributory to copyright violations.
That means, according to this court, that DRM in and of itself is illegal.
Not to mention that DRM, when couple with anti-circumvention laws, extends copyright to infinity, which makes it illegal from the copyright point of view.
All in all, I want to start seeing some very hefty, multi-billion if not trillion dollar fines for the mass produced copyright enabling products like DVD and BluRay discs.
Seriously, stop trying to use the law and wiggle around. It should be abolished.
PS: Yeah, ok, give copyrights a 2-4 years length. No more.
In digital restrictions management cases like this, it's usually not the cipher that ends up broken* but the handling of player keys.
* CSS is the big exception, as it was cryptanalyzed fairly easily, but that's from when the United States didn't allow exporting crypto stronger than 40-bit.
I volunteer Darth Vader as the entity in question.
Do you really want The Walt Disney Company, which represents Darth Vader, owning copyright in your work? On the one hand, Disney was one of the two most prominent supporters of the Copyright Term Extension Act of 1998, the other being the Gershwin estate. On the other hand, it did release OpenSubdiv, which puts it above, say, Alexey "FOSS destroys the market" Pajitnov's Tetris Company.
His point is that there is an extra problem here, beyond the DRM issue. Even if we didn't have evil laws intended to work against the people and their industries, imagine if the unreviewed contribution did rm -rf ~/* rather than playing video. Time spent on code review is not "wasted," regardless of whatever silly laws you have.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Does Adobe really want to go down this route? Has the company suddenly suffered a massive IQ drop?
Everyone knows Germany is so corrupt (the Allies actually kept the police-state powers the Nazis had introduced, including obscene censorship laws, when they took over), and has courts that rubber stamp big business and governmental abuses. Germany is, after all, the sickening racist nation that provides the depraved terrorist state of Israel with FREE submarines designed to carry Israel's genocidal nuclear warheads, while leading the push for sanctions against the peaceful Muslims of Iran for the 'crime' of wanting a domestic civilian nuclear power program.
YES, the OFFICIAL German government position is only Jews are allowed to possess nuclear warheads in the Middle East. The lesson learnt by Germans from WW2 was, apparently, NOT that it is bad to be racist, only that it is bad to be 'racist' (not that Jews are a 'racial' group) to Jews.
With such a twisted, immoral outlook imposed on the people of Germany by both the West and Soviet Union after WW2, it is no wonder big business considers German courts the weak link of the EU.
But Adobe's action is NOT was against AppWork, but war against every ordinary computer user, and stinks just as badly as Oracle's attack against Android, and Microsoft's (via proxies funded by MS) against Linux. If Adobe's DRM video streaming is so easily broken, it is because it is CRAP in design. Adobe should pay to implement proper point-to-point encryption on their protected video material. Courts should not exist to prop up crappy code from crappy, incompetent companies.
Code review is good, but a need to waste code-review time to whack DRM moles...
It could have just as easily been malware. Careful review of outside contributions is a good idea.
Man, that's cold.
Hamburg regional court
is known for its cowtowing to the intellectual property holders. That is why they try to go to that particular court if they sue for copyright infridgement.
And Hamburg is known as the birthplace of the hamburger, which is made from beef, which is raised in large quantities in Texas, and the most prosecution-friendly venue for patent lawsuits in the US is East Texas...
Aha! We've found the causal link!
...
But now I wonder what the basic legal trends are for the Frankfurt regional court. :-P
Cheers,
"What in the name of Fats Waller is that?"
"A four-foot prune."
Is not a crime.
What I think is most disturbing about this is that a company could seed/pay some fly by night person to upload come code to an OSS competitor and basically bring the project to a close, killing a competing product.
Don't mistake a mixed economy for one which is consistently bad. The big difference between the US and the rest of the world is we started out free and are working towards collectivism. Most of the rest of the world started out collectivist and is working toward freedom. Generally the US can killed fewer freedoms than the others have respected. First amendment being the most critical, and tending to keep the rest afloat for longer, here. No Internet access (tweets, FB, etc.) for Olympics spectators is one example of how this is different in Sochi vs say a U.S. or Canadian venue, or even China, right?
Can someone post an appropriate link to explain the streisand-effect to the moro^h^h^h^h judges from hamburg?
So we can just use Rot13 and we are covered?
A court upholds the law, not some moral compass, in making its judgments. According to the law, it did the right thing.
If everybody released everything for free or everybody simply respected copyright then we wouldn't need any of this.
The issue is not everybody wants to release their work for free and that is their choice, if you don't like that choice then you have the choice to not support such works. The problem is so many people want those works and want them to be free and so simply do not respect copyright, they are intolerant of other people's views and do not respect the choices of other people.
If anybody truly believed quality works could be produced for free then they would restrict themselves to only free works, but they don't, which is why we have the current situation. If free works are better then it's time to actually prove it, stop any use of proprietary works and only use free works and if you are right then this whole DRM saga will be a non-issue.