Slashdot Mirror
DVD CCA Applies for Restraining Order
Robert Jones writes "I have just received an email which I think will be of interest to many Slashdotters. Apparently, the DVD CCA [Copyright Control Association] has applied for a restraining order against myself and approximately 70 others to keep us from distributing 'any proprietary property or trade secrets relating to the CSS technology'. The hearing will be at 'the Superior Court of Santa Clara County, State of California, on December 29, 1999, at 8:30 a.m.' This will probably result in the bastards silencing us, but what can you do? If this goes through, I will never purchase a DVD player using current technology." Yes, the e-mail is real. Many people sent copies. We'll post an in-depth story within a day or two.
Is something still a trade secret if it has been reverse engineered? I thought this was the trade off between patenting and keeping something a trade secret. Surely they can't have it both ways?
slashdot is also mentioned in the email, which is mirrored here: http://douglas.min.net/~drw/css-auth/legal-info/ ~spot
"and no, im not the spot working for Transmeta, although i wish i was..." -- ~spot "i'm the epitome of public enemy..."
Anybody ever play "whack the mole"? Watching these lawyers try to stop the flood of information is like playing the game - every time you smack one down with your mallet two more pop up.
If anyone wants the source, contact me. Oh yes, and I'm making a dare to any of the lawyers out there - whack this mole.
The DVD algorithms that were found through some clever hacking were not found by rummaging through propretary documents or other blackops means, but through working with software. The software that they aquired the "method of decryption" from was not found illegally in the country it was found. That technology then was legally exported into the united states. These methods are pretty boring and were quickly incorprated into some nice pieces of software. Wheres the lawsuit, oh yeah, the DVD people DONT WANT YOU TO beable to use the technology yourself. That would give the consumer some rights to a product that could the copied and *gasp* pirated.
Sorry DSS guys, it was too late when you released the format.
-- dieman - Scott Dier
remember the machine-breakers of england?
those were the good old days. if a company tried something like this, their buildings would be burned and the owner tarred and feathered in front of his house. sure it's dangerous, but how dangerous is it to let someone step on your freedom? is it really better to die on your feet than live on your knees?
are these companies paying me to allow their software and data run though MY computer and MY cables in MY house? do I have the right to put a logic analyzer or debugger on my system and look at the registers, memory and I/O or the various hardware and programs? can i use than information in turn for whatever purpose i choose? when will this become a "fair use" issue? reselling someone's app as your own is one issue, but using their protocols and command set should be quite another.
sometimes i think that the only reason corporations get away with this stuff is that we've become so acclimated to greed and selfishness that we have forgotten how to stand together and fight when we see it.
c'mon everyone, join me in a rousing chorus of "BAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
they will lose in the long run. make it sexy, make it warez.
Treatment, not tyranny. End the drug war and free our American POWs.
See my user info for links.
With only a couple of days to go, I think that this, more than anything else, personifies and highlights the fight we have ahead of us. Nothing is such a danger to the values that ANYONE who loves the Internet and the Information age holds highly then this fight of stupidity (armed with guns) against the progress of the mind.
I'm pretty much at a lack for words right now, so I will just send my moral support to anyone targeted by this outrage. However, this is a battle we can fight on our turf and they can fight on their's. The courtroom is definitely theirs.
There was never a revolution without somebody going under wheel, and there was never a meme to go under without a fight. And there has never been a fighter like corporate society.
-
We cannot reason ourselves out of our basic irrationality. All we can do is learn the art of being irrational in a reasonable way.
Look folks, the only way to combat this is for everyone to distribute copies of this software and associated documentation. Go here and download all of the local files and host them in as many locations as you can. If possible mirror the actual page rather than downloading. Just get them in as many public locations as possible any way you can. Lets make 'em play whack-a-mole.
Remember, one ant won't make a bit of difference, nor will two or three, but millions can overcome any obstacle.
Another issue I am reminded of here is that this is a great experiment by the powers that be. It has long been held that you cannot regulate the internet because it is so distributed and decentralized. If they win, it will be proven that it is easier to control the content of the internet than was previously thought...
Good Luck!
-Chuck
--
*Condense fact from the vapor of nuance*
Douglas R. Winslow
Let them try to call a few hundred thousand people into court... I'd like to see that. =)
I cannot be in Santa Clara on that day, but if there are as many activists within reach of this article as one is led to believe, and if they believe so fully in their views, go be heard in the courtroom venue.
If I read on Dec. 29th that the hearing came and went without a standing-room-only courtroom, with all sides of the issue having been clearly heard, I will stop caring about the intellectual property debate.
It's not as if the article was "they applied for AND RECEIVED a restraining order." There is still an opportunity to influence the court. If nothing else, a judge could be made to realize that this matter is not something that should be decided off the cuff, but rather has very significant implications. Simply having a few thousand people on the courthouse steps that day would probably be enough to effect change.
Do I think it will happen? No. Will I be there? No. When the rubber meets the road on these issues, the bottom line is we really don't care. We Email our congress people, but do we snail mail them? Are these issues even worth $.33 to us? Maybe not. History will tell.
-fb Everything not expressly forbidden is now mandatory.
47. On information and belief, this proprietary information was obtained by willfully "hacking" and/or improperly reverse engineering
software created by CSS licensee Xing Technology Corporation ("Xing"). Xing's software is and was licensed to users under a license agreement which
specifically prohibits reverse engineering.
-- The intelligence on this planet is a constant, but the population is growing. --
Yes, of course they/we/whomever has an understanding of the real world.
In the real world, there's this new type of media called DVD, and this format in which it is stored, called CSS. CSS is an encryption format; it's not proprietary, really, as they (the creators) have published papers explaining how it works. What they haven't published, however, are the list of keys that can be used with CSS to decrypt DVD movies.
It is a perfectly feasible option to buy a product which will decrypt DVD movies (so they can be played) without having to know any of the keys.
Such products come in two forms: (a) hardware, or actual physical VCR-like devices that connect to a TV, and (b) software, which decodes the DVD format with the aid of a computer.
Although both schemes require a key to operate, the key is embedded - the end user does not need to know what the key is in order to use the product.
This would work well for any standardized environment; from the hardware point of view, as long as you had a standard 60-hz NTSC television, you could use a NTSC DVD decoder; if you had a 50-hz PAL television, like in Europe, you could use a PAL DVD decoder. Here, there are only two major standards that companies need to produce products for.
In the software world, things are much more complicated. Not only are there different standards for how a software product talks to the operating system, but there are different graphical standards, different standards for talking to the DVD drive, etc.
Software companies so far have fulfilled very few niches in terms of all the standards in use. This means that there is still a demand that is unfulfilled, and in the _real world_, demand and supply go together hand-in-hand.
In other words, in the "real world", by not providing enough supply to make everybody happy, you invite competing products.
The only illegal thing done here is to have reverse-engineered a poorly-written software decoder to extract a key. However, it would also have been possible to brute-force test keys until one was found, although it would have taken a while.
So, here (as I see it) are all the things going on here:
In the case of the company with the poorly-written software, negligence.
In the case of the program crackers, reverse engineering. (but is it really illegal to know what the processor knows? I mean, you *own* the damn processor after all!)
Just my $0.02.
--TheOrangeSquid
The fellow sat down at a bar, ordered a drink and asked the bartender if he
wanted to hear a dumb-jock joke.
"Hey, buddy," the bartender replied, "you see those two guys next to
you? They used to be with the Chicago Bears. The two dudes behind you made
the U.S. Olympic wrestling team. And for you information, I used to play
center at Notre Dame."
"Forget it," the customer said. "I don't want to explain it five
times."
--TheOrangeSquid Is it any wonder things seem so awry? We swim in a sea of confusion and don't have to think to survive
"because there was no
DVD support for *n?x operating systems"
When I mentioned that, I got flamed by people saying that there was in fact DVD support for Linux. What I have yet to see, however, is "enough" DVD support to justify it being a bullet point for what's supported by the OS. At best,
playing a DVD on linux seems to require:
1. Willingness to take a risk in a hardware purchase, for equipment that may not be usable on your OS.
2. Technical savvy enough to run a very experimental system (far beyond the usual requirement for the OS).
3. Willingness to be considered part of a criminal conspiracy by the DVD industry (if this court order goes through and follows to its logical conclusion).
That makes Linux a laughable alternative to Windows9x for the application of playing DVD.
Unless you can give me a cookbook solution (what DVD drive to buy, what software to run it on, works with all titles, totally legal to obtain and use in the USA), don't you dare flame me for saying this. Linux remains an unacceptable solution for the DVD player application.
-fb Everything not expressly forbidden is now mandatory.
The breaking of CSS encryption has absolutely nothing to do with piracy. Think about it for a second: how feasible is it to move around 5- and 6- gigabyte DVDs? How do you store them? Not on your hard drive, that's for sure! How many people do you think can afford a DVD burner capable creating true dual-layer DVDs (and not DVD-RAM discs, which are something completetly different?) And when DVDs can be bought online by a judicious shopper for as little as $5 per title, do you really think anyone's going to go out of his way to pirate them? It's far easier to hook a VCR to the video output of your DVD decoder card and videotape the damned things! The loss of quality is far less than if one were to recompress an MPEG2 stream using a lossier but higher-compression encoding.
No, the issue at hand here is that of free access to information--an issue that has traditionally been very important to the open-source community and very unimportant to the corporations that write your software and, to an increasing degree, control your life.
You see, when the DVD manufacturers came up with CSS, their goal was not to protect the intellectual property contained on DVDs; rather, they were establishing an ironclad grip on the entire DVD market. They control who gets to view DVDs, how, and with what hardware and software. They have accomplished this end through the use of a proprietary encryption scheme (CSS) about which they have released no information. Of course, if they'd bothered to consult with any security professional, they would have been told that security through obscurity simply doesn't work, as has been proven endlessly, usually at the expensive of the implementor of said obscure security.
Now, someone has broken their cute little encryption scheme, which they never patented and never published. In what is basically a panic response, they are wasting millions of dollars and contemplating turning the entire DVD market on its side just so they can maintain total control of the market.
As if this wasn't bad enough, they are threatening legal action against the people who cracked CSS, an activity that never was and still isn't illegal, and they are trying to block them from publishing anything else they find out about the non-patented CSS encryption algorithm. This is a violation of the CSS crackers' right to free speech which, if you'll recall, if a constitutional right.
This is an old story, of course. Those of you who have been around long enough can remember countless other occasions where some company's naive encryption scheme was broken and the corporate response was to attempt a legal assassination of the cracker in order to maintain security.
So, instead of whining irrelevantly about piracy, why don't you boycott DVDs yourself in order to protest the violation of someone's first amendement rights? Somebody might someday do the same thing for you when you find yourself against the wall.
(apologies for the length of post)
/ index.htm e x.htmlgeocities.com/ResearchTriangle/Cam pus/8877/index.html o m/myband/decss/top.html . htmlfortunecity.com/tinpan/tylerbridge/6 79/dvdcss.html c iphers/decss.tar.gze amciphers/decss.tar.gzp hers/decss.tar.gzi phers/decss.tar.gzp hers/decss.tar.gzp hers/decss.tar.gz. zip m
1. www.free-dvd.org.lu
2.josefine.ben.tuwien.ac.at/~david/dvd
3.rockme.virtualave.net/
4.amor.rz.hu-berlin.de/~h0444t2v
5.www.homestead.com/_ksi0701961562917005/avoid...
6.www.anglefire.com/jazz/avoiderman/
7.www.intelcities.com/Main_Street/Avoiderman/
8.www.members.theglobe.com/avoiderman/dvd.htm
9.members.zoom.com/_XMCM/lkjhgfdsa2/index.html
10.www.vexed.net/CSS/
11.www.unitycode.org/
12.batman.jytol.fi/~vuori/dvd/
13.www.zpok.demon.co.uk/
14.www.dvdlinks.co.uk/css/
15.www.twistedlogic.com/archive/dvd
16.www.capital.net/~wooly/
17.geocities.com/ResearchTriangle/Campus/8877/ind
18.www.angelfire.com/mt/popefelix/
19.members.tripod.lycos.nl/jvz/
20.tv.acmecity.com/parody/356/index.html
21.cryptome.org/dvd-free.htm
22.altern.org/bettina/0a0a.html
23.www.crosswinds.net/~valo/DeCSS/
24.info.astercity.net/~nicodem/
25.134.100.185.221/decss/
26.www.dvdripper.videopage.de/
27.Crypto.gq.nu
28.www.humpin.org/decss
29.209.132.25.138/~inkk/DVD/
30.members.brabant.chello.nl/~j.vreeken/main.html
31.dirtass.beyatch.net/
32.therapy.endorphin.org/DVD/
33.www.angelfire.com/in2/mirror/
34.sent.freeserve.co.uk/DeCSS
35.members.tripod.co.uk/bap/css/css.html
36.angelfire.com/myband/decss/top.htmlangelfire.c
37.www.fortunecity.com/tinpan/tylerbridge/679/dvd
38.munitions.vipul.net/software/algorithms/stream
39.munitions.polkaroo.net/software/algorithms/str
40.munitions.dyn.org/software/algorithms/streamci
41.munitions.cifs.org/software/algorithms/streamc
42.uk1.munitions.net/software/algorithms/streamci
43.munitions.firenze.linux.it/algorithms/streamci
44.perso.libertysurf.fr/ortal98/dvd_rip/decss_12b
45.users.drak.net/bemann/software/css/
46.www.geocities.com/SiliconValley/Port/3224/
47.ftp://alma.dhs.org/pub/DVD/
48.decss.tripod.com/index.html
49.discordia.de/decss/DeCss.zip
50.www.dvd-copy.com/
51.dvdtidbits.com/dvd.shtml
52.www.neophile.net/
53.perso.club-internet.fr/ches/dl/rippers/
54.plato.nebulanet.net:88/css/
55.quintessenzs.at/q/mirrors.html
56.www.ceraton.com/decss/
57.slashdot.org/articles/99/11/09/1342207.shtml
58.cryptome.org/dvd-css.htm
59.ftp://dvd:dvd@206.98.63.136/
60.www.deja.com/getdoc.xp?AN=547600297
61.www.brakton.freeservers.com/#downloads
62.www.remco.xgov.net/dvd/
63.www.dvdcracked.tvheaven.com/index.html
64.dvdsite.homepage.com/
65.www.geocities.com/Hollywood/Derby/2659
66.get.to/dvdsite
67.home.worldonline.dk/~andersa/download/index.ht
68.www.ooze.org/dvd.html
69.start.at/dvdsoft
70.mmadb.no/hwplus/DeCSS/decss.html
71.home.sol.no/~espen-b/dvd/css/decss.html
72.o2.uio.no/dvd
_________________________
CmdrTaco
Hemos
Andover
John
DVD Consortium sux
I have discovered a truly marvelous sig, unfortunately the sig limit is too small to contain i
Yeah, I recieved one of those lovely letters also... you can read it here. Contrary to what was written in the email, it's perfectly legal to distribute the notice.
I promptly called my lawyer (actually a close friend) after recieving the email and he said I have nothing to worry about. Firstly, such a notice must be mailed to me, not emailed. And even by post is not legally binding. Secondly, if they do get their little restraining order, it must be delivered to me in person... hehe, I'm in germany right now. Based on what I told him he said (gasp) that they're just trying scare tactics. I forwarded the email to him, he will review it and give me more advice tomorrow morning.
This sure is a fun, isn't it?
-----
Do you even know anything about perl? -- AC Replying to Tom Christiansen post.
We've heard a lot about CSS, its being cracked, and various vult^h^h^h^hlawyers getting involved. DVD is turing out to be a real mess. So, at the risk of getting sued for talking about another way in which DVD is screwed, here goes...
I got a DVD player for Christmas today. It's the regular console-type thing with composite, digital audio and s-video outputs. I have a somewhat older 27" TV that takes only RF input. So, I hooked the DVD player to my VCR, which takes composite in and emits RF out. Problem solved, I thought... but no. The video goes through a cycle of great->flickery color->crap in color->crap in monochrome->great, repeat. Funny enough, in the troubleshooting section of the manual, under "I can't record DVD video to VHS tape," it pretty much says, "that's right." It seems that they have screwed around with the hsync signal coming out of the box, such that any intermediate device, like a VCR, degrades the video. Short of buying a new TV with s-video or composite inputs, or a timebase corrector (which would probably cost more than a new TV), what can I do? This seems to be a common problem with DVD players. I've got a perfectly legal TV, perfectly legal HiFi VCR, perfectly legal DVD player, and a perfectly legal copy of the Matrix ("DVD killer app"), which I can't use together because of a very stupid, artificial problem. Little help here?
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
The hearing will be at 'the Superior Court of Santa Clara County, State of California, on December 29, 1999, at 8:30 a.m.'
It is impossible for the hearing to go ahead with fair consideration and representation on this date, on account of all the defendents being fully occupied getting ready to prevent the collapse of western civilization through the millennium bug. And no geeks ever get up before midday anyway.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
So why don't we patent it? After all, it is possible to get a patent on a procedure, such as windowing, that has been in existance long before you claim to have invented it.
Since we are not suppossed to know how this is done we can claim that there is no legitmate way we could have found this as an example of prior art.
Then, one we have the patent we can sue them!
I love America.
No Zen is good zen
I'm sure we could make a legal argument to a jury that this big corporation is out to screw over the little guy and that the only way to keep this from happening more and more often would be to award substantial damages (Say, $500 Million or more) for the misuse of the legal system.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Taken from The Online Ethics Center for Engineering and Science:
Seems to me (and I'm NOT a lawyer, nor do I play one on TV) that the programmers were completely within their rights here. What really jumps out at this letter at me is that NOWHERE do they reference an actual patent number that I could look up. If they did, I'd be able to pick it apart a bit more; I can only assume that they intentionally left this out of the document because they're hoping a judge isn't smart enough to ask for it. I would think that if the patent helps their cause, they'd certainly quote it or reference it. My understanding of their letter is that they have their panties in a knot over illegal copying and distribution. The fact is, none of these defendants has been accused of either copying or distributing DVD movies. To quote the letter again:
Two things about this scare the living hell out of me. First, this business about "the DeCSS program allows users to illegally pirate the copyrighted motion pictures contained on DVD videos": Sure, it makes such things possible. At the same time, one can mix fertilizer, black powder and some other goodies together such that one could blow a building to hell. A camera makes it possible for one to observe you in the shower. A photocopy machine makes it possible for one to distribute damn near any document. But nobody's sueing Miracle Grow. Nobody's sueing Kodak. Nobody's sueing Xerox. See, the fact that Product X enables one to achieve a nasty objective DOES NOT make Company X liable. This has been established time and time again in the court system. And it holds, so long as Product X's primary purpose is NOT to assist in achieving the nasty objective. The software in question IS NOT written to aid in copying DVDs. It's NOT written to aid distributing illegal copys. It's primary objective was to make DVD's playable on Linux. Quite legal, if ya ask me.
Now, the second thing that really worries me here is that they're going after people who were NOT distributing the software. There are sites on that list who just LINK to the software, or a site that distributes it. Hasn't at least one prior ruling already said that this is a legal activity? If it's not, God help Google, and any other search engine out there. Or anyone who links to anyone who links to the software. And so on.
I'm also completely unsure if this program is anywhere near the stuff used by the licensed friends of the DVD CCA. If they're totally different, and don't make use of the same proprietary algorithms, etc, the case has just grown exponentially weaker. Me thinks that if these guys get shot down, someone oughta rewrite the program such that it doesn't use anything from Xing except the key - and whoops, that can be brute forced in a matter of weeks once a non-proprietary algorithm implementation is in place (see distributed.net efforts w/weak encryption cracking).
Anyways, I highly encourage these defendants to pull together and find a decent defense attorney (anyone out there who is one, and reads slashdot...?), and make sure that DVD CCA doesn't force them to bend over and take this...
--
--
Just lurking, thanks!
which they either obtained by improper means or knew or should have known was obtained by others by improper means
I'm definitely not a lawyer, but the above quote from the letter is very likely the key to their case. Even those IP cases are now pretty much wars of attrition, where whoever can afford to keep fighting wins, Trade Secrets aren't protected unless you can show that they were obtained from the original company. If I independently discover a method of, e.g., organizing a database, another company can't force me to stop using it unless they can show that I got the idea from them. (Well, unless they patent it).
--Kevin
I have that problem too. It turns out that the X10 DVD-Sender has a coax output, and it uses it beautifuly. I bought mine for the sole purpose of outputting it to an older tv. You also get a nifty RF Remote for controlling your computer from across the house (and freaking out relatives)
.sigs in here
-Tim
.sig: Nobody but us
As i remember, Download.com had a copy of this software on their website. I wonder why they haven't been added to the list of "Defendants". Kind of makes you wonder what's going on here.
.sig
-Tim
.Sig: Bah, no
Chris Dibona and myself (and hopefully others!) are planning to meet at the courthouse at 8am. Chris' page for this is at: http://www.dibona.com/social/dvd/index.shtml ... Hope to see you there! D
Chris DiBOna
--
Grant Chair, Linux Int.
VP, SVLUG
Co-Editor, Open Sources
Open Source Program Manager, Google, Inc.
32. Without the commercial music companies' copyrighted content for music recordings, there would be no viable market for computer CD drives and CD players, as well as the related computer chips and software necessary to run these devices and, thus, there would be no CD music industry.
Gee, if music CDs ever could be copied then the music CD industry would just fall apart. Oh, wait. We're doing that. Companies are even selling consumer CD copiers. Did the music industry fall apart and I didn't notice?
Well, based on what's on MTV right now I guess it did fall apart. :-)
This is from: http://www.2600.com/news/1999/1112-files/crypto.gq .nu/ Even if the *can* get all the copies of the sourcecode (not bloody likely) off the net... below is the general crypto system used... Vengence. 0 General disclaimer. This information is provided as is, with no warranties on its accuracy or usability. It is based on a piece of source code claiming to be the css algorithms, and which have since been confirmed to interoperate with the CSS system. The author has not read any official CSS documentation, and any errors in the terminology is a result of this. This information has not to the knowledge of the author been made available through breaches of the DVD consortium Non Disclosure Agreement. 1 System overview. Every DVD player is equipped with a small set of player keys. When presented with a new disc, the player will attempt to decrypt the contents with the set of keys it possesses. Every disk has a disk key data block that is organized as follows: 5 bytes hash of decrypted disk key ( hash ) disk key encrypted with player key 1 (dk1 ) disk key encrypted with player key 2 (dk2 ) ... disk key encrypted with player key 409 (dk409) Suppose the player has a valid key for slot 213, it will calculate (1) Kd = DA( dk213 , Kp213 ) To verify that Kd is correct, the following check is done, if the check fails, it will try the next player key. (2) Kd = DA( hash , Kd ) An obvious weakness stems from this check, by trying all 240 possible Kd, disk key can be deduced without knowing any valid player key. As will be shown later, this attack can be carried out with a complexity of 225, making such an attack feasible in runtime applications. Another obvious attack is that by having 1 working player key, other player keys can be derived through a similar search. This can be done offline, also keys obtained from the former attack can be used as a starting point. To decrypt the contents an additional key tk - the title key is decrypted with the now decrypted and verified disk key. (3) Kt = DB( tk, Kd) Each sector of the data files is the optionally encrypted by a key that is derived from Kt by exclusive or of specified bytes from the unencrypted first 128 bytes of the 2048 bytes sector. The decryption is done with the CSS stream cipher primitive described in section II. 2 CSS streamcipher primitive: The CSS streamcipher is a very simplistic one, based on 2 LFSRs being added together to produce output bytes. There is no truncation, both LFSR are clocked 8 times for every byte output, and there are 4 ways of combining the output of the LFSRs to an output byte. These four modes are just settings on 2 inverter switches, and the modes operation are used for the following purposes. 1.Authentication to DVD drive ( not discussed ) 2.Decryption of Disk key (DA) 3.Decryption of Title key (DB) 4.Decryption of data blocks. LFSR1: 17 bits ? taps, and is initialized by the 2 first bytes of key, and setting the most significant bit to 1 to prevent null cycling. LFSR2: 25 bits 4 taps, is initialized with byte 3,4,5 of the key shifting all but the 3 least significant bits up 1 position, and setting bit 4 to prevent null cycling. As new bits are clocked into the LFSRs, the same bits are clocked in with reversed order to the two LFSRs output bytes. ( With optional inversion of bits. ) The output of LFSR1 is O1(1), O1(2), O1(3) ... Likewise LFSR2 produces O2(1), O2(2), O2(3) ... These two streams are combined through 8 bits addition with carry carried over to the next output. The carry bit is zero at start of stream. (4) O(i) = O1(i) + O2(i) + c where c is carry bit from O(i-1) This streamcipher is very weak, a trivial 216 attack is possible with output bytes known for i = {1,2,3,4,5,6}. Guess the initial state of LFSR1, and clock out 4 bytes. O2(1), O2(2), O2(3), O2(4) can then be uniquely determined, and from them the state at i=4 is fully known. The guess on LFSR1 can then be verified by clocking out 2 or more bytes of the cipher and comparing the result. Another important attack is the case when only O(i) for i = {1,2,3,4,5} is known. Guess the initial state of LFSR1, and clock out 3 bytes. Now O2(1), O2(2) and O2(3) can be found as in the above attack. This will reveal all but the most significant bit of LFSR2s state at i=3. If both possible settings for MSB is tried, and LFSR2 is clocked backwards 24 steps, a state where bit 4 is set at i=1 can always be found. ( This is stated without proof ). Select the setting of the most significant bit for LFSR2 such that LFSR2 is in a legal state at i=1, and clock out two more bytes to verify the guess of LFSR1. For some values of O( i = {1,2,3,4,5} ) multiple start states can be found, and for others none. Selecting the correct start state is not a problem, as this attack is used in situations where only the first five output bytes are of significance ( encryption of keys ). 3 CSS mangling step: When the CSS streamcipher is used to encrypt keys such as in DA(data,key) and DB(data,key), an additional mangling step is performed on the data. This cipher is best illustrated with the following block diagram: A(1,2,3,4,5) are the input bytes (data) C(1,2,3,4,5) are the output bytes (data) ki = O(i) where O(i={1,2,3,4,5}) is streamcipher output from key B(1,2,3,4,5) are temporary stages The cipher is evaluated top down, with exceptions indicated by an arrow.
I'm not aware of any recognition of a "legal notice" being able to be delivered by email. Has anyone verified that this is not a forgery?
There is no obligation on plaintiffs to be "non-discriminatory" in who they sue. It suffices that they sue wrongdoers. If there are more who are left out who owed duties to the sued defendants, they can implead them (defendants turn around and force others in to the case). But if you are part of a gang that beats up Bob, and Bob sues just you, it's no defense to your liability to say that you were part of a gang.
Of course, suing people who are not guilty is a big no-no: "If a claim of misappropriation is made in bad faith, a motion to terminate an injunction is made or resisted in bad faith, or willful and malicious misappropriation exists, the court may award reasonable attorneys' fees to the prevailing party." Cal. Civ.Code 3426.4.
I'm not a California lawyer, and california law has all sorts of strange wrinkles. Plus, the complaint raises a claim for "misappropriation of trade secrets" which sounds like it may have some common law component as wall as a statutory aspect(??). But here, in any case, is an arguably relevant statute, Cal Civil Code sec. 3426.1:
If the above is the law that applies, and if the person who reverse engineered and disclosed had a contractual obligation NOT to, and if the named defendants knew or should have known these facts and if the court has jurisdiction over them, then and only then this statute suggests the judge may grant the injunction.Please don't get me wrong, I'm not advocating that outcome, just reporting. I should also note that sec. 3426.2(a) says that injunctions must be lifted if someone demonstrates that the "trade secret has ceased to exist" and that sec. 3426.2(b) says that "If the court determines that it would be unreasonable to prohibit future use, an injunction may condition future use upon payment of a reasonable royalty for no longer than the period of time the use could have been prohibited."
All that aside, an injuction against "linkers" as opposed to posters would seem to me to be outrageous. But there is a little bit of (ugly) precedent floating around....
Final point: while showing up in numbers can't hurt, it would be a lot better if one of the free software groups could get a lawyer down there and attempt to appear either as an intervenor or as a friend of the court. Much more likely to have some effect. Spectators are not allowed to talk in court.
A. Michael Froomkin,
U. Miami School of Law,POB 248087
Coral Gables, FL 33124,USA
I have a blog.
You're right, a good reading of the injunction makes clear that they're not defending the terrible copy protection in the dvd mechanism. However, this has a lot to do with recent changes in the U.S. copyright laws, I recommend that folks read H.R. 2281 - The Digital Millenium Copyright Act. The Library of Congress has an easier to read summary online.
What it really comes down to is that the defendants were informed that they should have removed the offending materials and refused to do so (it's right at the top... of the injunction right beneath the 69K of MS-XML.) They can't touch the guy who wrote DeCSS because he complied upon notification of transgression.
If you haven't yet actually read anything about the DMCA, you'll find the WIPO/Title I sections useful in understanding what they new laws have to say about reverse engineering of the sort used in DeCSS. WIPO is the World Intellectual Property Organization, and Title I is the U.S. Congress ratifying general new international agreements about intellectual property. Read Educause's summary, particularly the section on: "Prohibitions on Circumvention of Technological Protection Measures ."
Pratik Dave .edu sites. Since we're (academic sites == service providers) monetarily culpable if we don't take "prompt" action upon notification, seems like someone at rpi dropped the ball.
ps: Given the specific burden of proof placed upon service providers and their DMCA agents given by the DMCA, I'm especially shocked that some of the defending sites were
This part doesn't take effect for a few months, but see if you don't find it the slightest bit relevant (and frightening):
''(b) ADDITIONAL VIOLATIONS.--(1) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that--
''(A) is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof;
''(B) has only limited commercially significant purpose or use other than to circumvent protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof; or
''(C) is marketed by that person or another acting in concert with that person with that person's knowledge for use in circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof.
See http://www.hrrc.org/betamax.html
That covers the entire decision. The rest of the
site has a lot of related material to home recording, although not to fair use of DVD's you bought.
I am the original poster of this story; what I had originally done was to remove those files from my website pending the outcome of the hearing. Due to the mammoth support here, I have put them back and put a notice on the front page of my website informing all visitors of what is going on. I urge you to visit my site at http://www.devzero.org now and get the software while you still can. Like someone said in a previous comment, it's like playing bop-a-mole. They may get me and 70 others, but hundreds more will be distributing by then.
And yes, I am on the East coast, and will not be able to be at the hearing. Anyone and everyone who is within range, GO, please, and make your voice heard.
This is about intellectual freedom, not "copyright infringement" or violation of trade secrets.
I believe that the views expressed on Slashdot deserve more of a voice than the archives of a web site... here is their chance. The following are the articles which I have found on Slashdot which go along this theme:
You should never take life too seriously - You'll never get out of it alive.
This is a REALLY cool idea that deserves more discussion. Show up with a duffle bag full of floppies with the DeCSS source code.
Be prepared for some VERY pissed off lawyers.
Unfortunately, I am nowhere near California. Otherwise, I would be cranking out floppies right now.
You see, when the DVD manufacturers came up with CSS, their goal was not to protect the intellectual property contained on DVDs; rather, they were establishing an ironclad grip on the entire DVD market.
This debate is rightly focused on issues of free speech and openess of hardware specifications, but there is another BIG issue that isn't getting much air time: how the heck did we get into a situation where our mass removable storage systems are being designed by the recording industry and movie industry? What is all that encryption hardware doing in there and why does it make my computer work better? To put this another way, why are we being served up hardware that was designed in the best interests of people who aren't us, and why do we accept that?
This kind of market inversion is the same thing that has forced the spectaular rise of the open source movement. Owners of proprietray, closed source, defacto standard software systems ground us under their foot for so long that we had to react. Now what we need is a similar, open hardware movement. Sure, there are problems that are harder - designing hardware requires expensive equipment. Manufacturing it requires even more expensive equipment. But it's not like it used to be - prices are coming down. Money for open projects is abundant. So please, lets have a high-density ROM disk design that's designed according to our needs, not those of the RIA.
I want it to be a smaller format - 5 1/4 should have gone out with 5 1/4 disks, sucks for laptops and won't fit in your pocket. I want it to have current densities - in other words, even higher than what DVD offers. I want it to be completely free of any hardware that isn't directly connected with making it work better and/or cost less.
Who will design my dream ROM disk for me? Who will bankroll them? Who will manufacture it? How would we make it hit critical mass so laptop manufacturers will use it? (hint: make it cheap)
DVD was a bad idea right from the start and still is. Take out the "V", all I want is the Digigital and Disk
Life's a bitch but somebody's gotta do it.
On October 11, 1996, President Clinton signed "The Economic Espionage Act of 1996" into law. The theft of trade secrets is now a federal criminal offense. This is a major development in the law of trade secrets in the United States and internationally. The Department of Justice now has sweeping authority to prosecute trade secret theft whether it is in the United States, via the Internet, or outside the United States.
/. could orgranize a protest and some smart people are trying to do so, the date is far too late for anything major to be planned. I only can hope that they lose this case...
Section 1832 of the Act makes it a federal criminal act for any person to convert a trade secret to his own benefit or the benefit of others intending or knowing that the offense will injure any owner of the trade secret. The conversion of a trade secret is defined broadly to cover every conceivable act of trade secret misappropriation including theft, appropriation without authorization, concealment, fraud artifice, deception, copying without authorization, duplication, sketches, drawings, photographs, downloads, uploads, alterations, destruction, photocopies, transmissions, deliveries, mail, communications, or other transfers or conveyances of such trade secrets without authorization.
The Act also makes it a federal criminal offense to receive, buy or possess the trade secret information of another person knowing the same to have been stolen, appropriated, obtained or converted without the trade secret owner's authorization.The definition of a "trade secret" in the Act generally tracks the definition of a trade secret in the Uniform Trade Secrets Act but expands the definition of a trade secret to include the new technological ways that trade secrets are created and stored.
The term "trade secret" means all forms and types of financial, business, scientific, technical, economic, or engineering information, including patterns, plans, compilations, program devices, formulas, designs, prototypes, methods, techniques, processes, procedures, programs or codes, whether tangible or intangible, and whether or how stored, compiled, or memorialized physically, electronically, graphically, photographically, or in writing if (A) the owner thereof has taken reasonable measures to keep such information secret; and (B) the information derives independent economic value, actual or potential, from not being generally known to, and not being readily ascertainable through proper means by the public.
I am not a lawyer and have no plans to be one, but reading the above and doing some research seems to me that the DVD makers can screw the defendants that are in the US partially. Yes, DVD is wrong on this, but they can still kill the people that tried to make Linux support for DVD.
IMO DVD is going to lose a lot of potential customers and hopefully get bad publicity. What should be done is someone that knows a columist/newsman at a major station is to give this case publicity. If CNN were to get the info for a story on this from us rather than the DVD people they might actually get thier story right (see etoy vs etoys fiasco)
We also ought to patent the decrypter programs or GPL them if they are not already. DVD does not have a patent on its encryption algorithm as far as I am aware. Could some one reply with the feasibility of this option. As for me, I will be busy distributing the decoder via Hotline (www.bigredh.com - if its warez, its hotline) and uploading it to every webserver I find. (I have a far amount of spare time on my hands... so alot of people gonna get deCSS). While
Once I was a drone - Now I am an Engineer
Is it progress if a cannibal uses a fork?
Hey everybody, name your mirror directory structure such that when they summon you they have to put:
m ent/and/we-have-no-legal-grounds-to-do-t his-to-these-people/dvd-source.txt
... and operates an Internet Web Site addressed as http://domain.com/lawyers-suck/and/this-is-harras
Another mirroring suggestion: buy a 50 pack of disks, put the files on, mail to 50 random adressess. if at least 10 people did that there would be another 500 copies floating around off-line. it would be interesting to see them try for that.
---- Sig? What sig? Who needs one, anyway?
... provided they have agreed to keep the secret. If somebody who has NOT entered such a contract with the secret's owner figures out the secret (by himself, with no "guilty knowlege" obtained from someone else who violate such a contract), he is under no obligation to remain silent.
Patents give a government-enforced limited-time monopoly in return for disclosure of the invention. (They exist to encourage the development and disclosure of such ideas.)
Trade secrets can last longer, but they last only as long as the secret is kept. After that they pop like a bubble. The only thing left once the cat is out of the bag is a legal claim against the person who let it out - IF he obtained the secret in violation of an agreement or from an agreement violator.
Caveat: I'm not a lawyer yadda yadda...
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
Once the knowledge protected by a trade secret becomes public (by legal or even illegal means) it is no longer a trade secret. This fact has been verified by a respected patent lawyer with a JD. Therefore, the only way that a trade secret remains intact is by it truly remaining secret. If by any means (including reverse engineering) it becomes public knowledge, then the trade secret ceases to exist.
For a good primer on current US intellectual property laws, head over to my old EE professor's web site at:
http://www.ece.utexas.edu/~kort um/ee302/lecture/IP/
The PDF version of the lecture is available at:
http://www.ece.utexas.edu/~k ortum/ee302/lecture/IP.pdf
This lecture was recently written by a patent lawyer, so I would definitely assume that it is timely and accurate.
If I recall correctly, the EFF is looking for a plaintiff specifically on the DVD reverse engineering issue. I suggest those involved get in touch with them and look into the possibility of coordinating a counter attack on the DVD Forum. I suspect if this ever went to trial with a reasonably well financed plaintiff, the DVD Forum would stand to lose allot of clout when their licensing terms become unenforcable.
This is about intimidation -- the DVD Forum has allot more to lose in a trial than a plaintiff does.
The Future of Human Evolution: Autonomy
Disclaimer: I'm not a lawyer.
And I also can't really speak to the merits of the charge of misappropriation of trade secrets. Note that trade secrets as an area of law is largely defined at the state level, so you'll need to look into California law.
Having said that, there is some case law in the 9th circuit (which includes California) that may be positive.
Although the charge is misappropriation of trade secrets, it seems that the underlying complaint is an enablement of violation of copyright. If this underlying complaint can be answered then the misappropriation is harmless.
I argue that the defendants have a right to possession of the DeCSS software under section 117(a) of Title 17 of the US Code. Briefly, that section of law limits the exclusive right of copyright holders of software; owners have the explicit right to make backup copies for their own archival purposes.
This was has been tested in case law, and unfortunately I don't have my law books handy, but a case in the mid-eighties concerned a maker of a disk-copying software sued by a maker of copy-protection software. The defendant successfully argued that since owners have a right to back up software, and they could not do so without his (or similar) product, his product was legal.
This is the tricky step: DVDs contain software and data. I argue that the right to backup software extends to the entire disk, including data. As a broader claim, we can fall back on fair use; since DSS stops us from fair use of the movie, we have a right to employ software that gives us back those rights.
This theory is discussed in Lessig's excellent book _Code and Other Laws of Cyberspace_. A legal theorist (not related) named Cohen says that we have the right to hack copy-protection schemes that violate fair use. This is known as the Cohen Doctine.
So, let us summarize this:
This is just too obviously bogus. Evidently they are only trying to spread FUD.
They might have had a case against Derek Fawcus, although even that seems dubious. Now that he retracted, they have no case against anyone.
E pur si muove!
http://domain.com/any.lawyer.who/quotes.this.url/g ives.permission/for.his.residence.to.be. searched/any.bootleg.audio/video/tape.found/nullif ies.legal.and.moral.standing/dvd-source. txt