There was a researcher at CMU (of all places) who developed a system that used a small camera pointed at the user to track where they were looking based on the pupil of the eyes. The relative width and height and distance from the
center point between the eyes gave it the position the person was looking at. A simple smoothing algorithm and a calibration utility allowed it to work without absolute reference points. The biggest problems were with tracking the head (it needed to zoom in on the eyes) and keeping even lighting. If you sit still enough, then a Quickcam (or similar) may work (it did not need high resolution, just a good look at the eyes). Also, the eye mussels evolved to do the quick, fine motions that the neck mussels do not handle well, you do not need a little dot (which needs to be shared between users, and can be lost), and does not depend on specialized hardware.
Pax Draconis
> Everyone seems to be harping on the fact that CSS isn't a "good" encryption sceme, and therefore should be ignored. What does constitute a "good" encryption scheme?
A good encryption scheme is one that is more trouble then the information it is protecting is worth, but not much more. Which is what really makes CSS an insult on top of injury. The encryption scheme is so bad, it wasn't even worthy of protecting videos on DVD.
> And who gets to decide?
Unfortunetly, the courts. They are the body that decides all cases like this. It is a preception of legality.
> Does anything that gets cracked automatically become a "bad" encryption scheme? Is PGP "bad" because it has been cracked? Sure, it took longer than CSS but it was cracked nonetheless.
Almost. It depends on how much trouble the information is to decrypt. If, once an encryption scheme is cracked, it still takes more effort then the information is worth, then the scheme is still good. CSS is a particularly bad case for this, because the only people who would decrypt it don't profit from it. DVDs can be (easily) copied without decrypting them, and the only real reasons to decrypt it is 1: political statement 2: play it on a system that you can't afford to put a hardware decryptor into 3: prove that you have the technical prowess and 4: build a collection of media you don't think is worth buying. Otherwise, you would either buy a bootleg or an original. The prices are low enough that they are easy enough to afford for the one you really want.
> Does it have to take a certain number of days to get cracked before it is "good"?
It is not a matter of days. It is more a matter of willpower.
> They made an honest encryption attempt, figuring on the fact that is is illegal to crack it. Seems thats good enough to fit under the DMCA, like it or not
Well, that is the problem. The DMCA is trying to do the impossible (namely, providing legal restriction over who can posses knowledge when the people benefiting from the restriction are not willing to implement adequete restrictions themselves), and, by forcing the issue, damaging alot of solical structured assumed and taken for granted, such as free speech. CSS is not an honest attempt, it is a half-assed attempt, and should not be afforded the protection of the courts. The point is that this is not the sort of thing that should be left up to the courts, and you can not legislate the type of activities behind DeCSS out of existence. All it took was someone asking a couple of questions, and a desire to see how the world works. And they are trying to make that illegal?
Slashdot Mirror
There was a researcher at CMU (of all places) who developed a system that used a small camera pointed at the user to track where they were looking based on the pupil of the eyes. The relative width and height and distance from the center point between the eyes gave it the position the person was looking at. A simple smoothing algorithm and a calibration utility allowed it to work without absolute reference points. The biggest problems were with tracking the head (it needed to zoom in on the eyes) and keeping even lighting. If you sit still enough, then a Quickcam (or similar) may work (it did not need high resolution, just a good look at the eyes). Also, the eye mussels evolved to do the quick, fine motions that the neck mussels do not handle well, you do not need a little dot (which needs to be shared between users, and can be lost), and does not depend on specialized hardware. Pax Draconis
> Everyone seems to be harping on the fact that CSS isn't a "good" encryption sceme, and therefore should be ignored. What does constitute a "good" encryption scheme?
A good encryption scheme is one that is more trouble then the information it is protecting is worth, but not much more. Which is what really makes CSS an insult on top of injury. The encryption scheme is so bad, it wasn't even worthy of protecting videos on DVD.
> And who gets to decide?
Unfortunetly, the courts. They are the body that decides all cases like this. It is a preception of legality.
> Does anything that gets cracked automatically become a "bad" encryption scheme? Is PGP "bad" because it has been cracked? Sure, it took longer than CSS but it was cracked nonetheless.
Almost. It depends on how much trouble the information is to decrypt. If, once an encryption scheme is cracked, it still takes more effort then the information is worth, then the scheme is still good. CSS is a particularly bad case for this, because the only people who would decrypt it don't profit from it. DVDs can be (easily) copied without decrypting them, and the only real reasons to decrypt it is 1: political statement 2: play it on a system that you can't afford to put a hardware decryptor into 3: prove that you have the technical prowess and 4: build a collection of media you don't think is worth buying. Otherwise, you would either buy a bootleg or an original. The prices are low enough that they are easy enough to afford for the one you really want.
> Does it have to take a certain number of days to get cracked before it is "good"?
It is not a matter of days. It is more a matter of willpower.
> They made an honest encryption attempt, figuring on the fact that is is illegal to crack it. Seems thats good enough to fit under the DMCA, like it or not
Well, that is the problem. The DMCA is trying to do the impossible (namely, providing legal restriction over who can posses knowledge when the people benefiting from the restriction are not willing to implement adequete restrictions themselves), and, by forcing the issue, damaging alot of solical structured assumed and taken for granted, such as free speech. CSS is not an honest attempt, it is a half-assed attempt, and should not be afforded the protection of the courts. The point is that this is not the sort of thing that should be left up to the courts, and you can not legislate the type of activities behind DeCSS out of existence. All it took was someone asking a couple of questions, and a desire to see how the world works. And they are trying to make that illegal?