Slashdot Mirror

← Back to Stories (view on slashdot.org)

German Court: Open Source Project Liable For 3rd Party DRM-Busting Coding

Posted by samzenpus on from the damned-by-association dept.

Diamonddavej writes "TorrentFreak reports a potentially troubling court decision in Germany. The company Appwork has been threatened with a 250,000 Euro fine for functionality committed to its open-source downloader (JDownloader2) repository by a volunteer coder without Appwork's knowledge. The infringing code enables downloading of RTMPE video streams (an encrypted streaming video format developed by Adobe). Since the code decrypted the video streams, the Hamburg Regional Court decided it represented circumvention of an 'effective technological measure' under Section 95a of Germany's Copyright Act and it threatened Appwork with a fine for 'production, distribution and possession' of an 'illegal' piece of software."

12 of 178 comments (clear)

  1. "effective technological measure" by mwvdlee · · Score: 4, Insightful

    You keep using that word. I do not think it means what you think it means.

    Doesn't the concept of "effective" mean that code breaking the DRM cannot exist?

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
    1. Re:"effective technological measure" by Kjella · · Score: 5, Insightful

      A book written in Greek and a book written in English using a cipher are both gibberish to me, but understanding one depends on a parser and the other on a decryption key. In short the understanding of "effective technological measure" seem to be that the protocol is trying to use a secret (CSS key, AACS key, HDMI key etc.) to protect the content. So if you took any file format and wrapped it in AES with a static key with no memory protection whatsoever then decrypting it in any other program would be a DMCA violation, geeks all get caught up in "effective" but in context it just means a measure intended to have that effect specifically to exclude all other attempts at interpreting a protocol as "cracking" it.

      --
      Live today, because you never know what tomorrow brings
    2. Re:"effective technological measure" by Anonymous Coward · · Score: 2, Insightful

      Meanwhile in the crypto world, if someone breaks a cipher, the creator will admit defeat like an honorable man, he won't go cry to a judge like a baby.

    3. Re:"effective technological measure" by Kat+M. · · Score: 4, Insightful

      Section 95a (2) of the German copyright law defines specifically what an effective technological measure is. It specifically includes "encryption, scrambling or other transformation". It does not require that the encryption etc. need to be unbreakable, just as a physical lock does not have to pose an unsurmountable barrier in order to make breaking it illegal.

    4. Re:"effective technological measure" by Gr8Apes · · Score: 3, Insightful

      And yet, I can easily hook up a camera and video the TV and hook directly into the sound pickups, and voila - a copy is made without circumventing anything. Depending upon hardware, it may actually be a reasonably good copy. And if I wish to go one step further, I can hook into the screen's display and record the raw video directly too, resulting in a perfect copy. Again - no circumvention required of anything the DCMA protects digitally. IOW, it's ineffective and only causes harm to those that wish to use things legally anyways. Those that wish to do illegal things will never be stopped by something like the DMCA, and as just stated, the DMCA doesn't even need to be circumvented to create a perfect digital copy. That implies that the DMCA itself is ineffective.

      --
      The cesspool just got a check and balance.
  2. contributions to open source products should be by Chrisq · · Score: 4, Insightful

    contributions to open source products should be just like posts to websites. If someone posts something illegal then the authorities should issue a "take down" notice to the project. If they remove it then only the original poster should be liable.

  3. Not 3rd party code by Anonymous Coward · · Score: 2, Insightful

    It stopped being 3rd party code the moment Appwork accepted the contribution and started spreading the code itself. That is the moment they became liable. If they do not like that, they should not spread "just anybody's code" without verification.

    We may not like it, it makes the life of open source projects more difficult, but that is the way it works. For good reasons.

  4. The owner/admin is (broadly) responsble... by Stolpskott · · Score: 4, Insightful

    In the world of athletics, the athlete is responsible for verifying beforehand that any substances entering their body are free from performance-enhancing drugs and a range of other substances. In this case, that same rule seems to have been applied to software - the admins are responsible for code entering the body of the application.
    Aside form anything else, my opinion is that someone on the project should have oversight of new code submissions before they are committed to the main codebase. If that is not happening here, then this is a lesson in stupidity for the admins. If it is happening, then the admins really are facilitating, because they have explicitly allowed that functionality into the application. Flipping the coin again, if the admins explicitly allowed the content without realizing what it does, then they have commited code without understanding the purpose or impact of the code, and we are back to the lesson in stupidity again...

  5. Re:Does the copyright need an owner? by WWJohnBrowningDo · · Score: 3, Insightful

    Easy, public key cryptography. Instead of using "anonymous coward" as the pseudonym, use "anonymous coward who posses the private key to the following public key.

    -----BEGIN PUBLIC KEY-----

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqGKukO1De7zhZj6+H0qtjTkVxwTCpvKe4eCZ0

    FPqri0cb2JZfXJ/DgYSF6vUpwmJG8wVQZKjeGcjDOL5UlsuusFncCzWBQ7RKNUSesmQRMSGkVb1/

    3j+skZ6UtW+5u09lHNsj6tQ51s1SPrCBkedbNf0Tp0GbMJDyR4e9T04ZZwIDAQAB

    -----END PUBLIC KEY-----"

    Oh who am I kidding, we're talking about law makers who criminalized a piece of software. "public key cryptography" probably sounds like "thermonuclear weapons" to them.

  6. unreviewed code by feds · · Score: 5, Insightful

    Actually this is worrisome for the open source community not because they ended up in court but because Appwork accepted code without reviewing it and actually without even knowing what it does. How can they assure users that installing the application they don't become part of a 15 million users botnet?

    1. Re:unreviewed code by Anonymous Coward · · Score: 2, Insightful

      Did they actually accept the code? Is it a fork? We don't seem to know and I suspect that this was more along the lines of code being submitted, not yet reviewed by core contributors, etc. But because it was public... the court decided to convict. The code probably would not have ever gotten into a binary or official / stable release of the code.

  7. Re:Hamburg regional court by hawkinspeter · · Score: 1, Insightful

    And I feel very smart for criticising the critical reasoning of an Anonymous Coward who doesn't understand a joke when he/she sees one.

    --
    You're a temporary arrangement of matter sliding towards oblivion in a cold, uncaring universe