DeCSS is code. It's not free expression, it's not an Art form. It's simply a useful tool that let's you watch DVDs on your linux box.
Perhaps you should read this. The DeCSS issue is about a whole lot more than cryptography. Some day, the only way to electronically communicate with 90% of the population will involve secret standards. Some day, when you want to point out how the President is breaking his campaign promises, you won't be able to pull an old story out of your archives. Some day, when your car breaks down, you'll have to pay a king's ransom for repairs because only one organization can legally circumvent the copy protection device. Some day, if old content ever enters the public domain, you won't be able to access that content because a few naive judges think this issue is limited to cryptography.
Be wary of 'trusted' protocols
on
Replacing SMTP?
·
· Score: 4, Insightful
I believe we need a trusted protocol. This might be as simple as having all emails PGP signed and everything else being sent to the bit-bucket
That's not the answer either. Microsoft, Yahoo, et al have been lobbying for this approach, and for good reason. They want to function as the certificate authority (CA). They want to determine who can or cannot send email. They can use that power to literally sell the ability to send spam. They can also use that ability to censor their opponents.
Microsoft also wants a new patented standard that can't be legally implement with open source software.
if there were no idiots out there like you trying to justify blatant piracy on any number of grounds...we'd RIGHT NOW have 50c music dowloads as far as the eye could see.
The music is already out there. The record labels have nothing to lose by selling music without DRM, but they still refuse to. It is trivial to copy music through the analog hole. When it comes to music, DRM makes no difference to infringers, yet it still annoys the heck out of legitimate users. More importantly, DRM makes it illegal to distribute a sound system capable of playing the latest and greatest music unless you get permission from the copyright holders. That effectively makes open-source solutions illegal. In the long-run it could allow a monopoly to take over the electronic distribution industry and censor anything they don't like.
we'd have LESS middlemen, MORE choices of artists, and BETTER digital portability
copyright is a government granted monopoly. You can throw out everything you claim to know about competition as it does not apply. A monopolist will demand as much money as the market will bear. A monopolist will cut costs as much as possible. A monopolist will not bother innovating anything.
The copyright industry has done everything they could to stop every technological innovation in the industry. They tried to outlaw the player piano. The tried to stop the radio. They tried to outlaw cassette tapes. They tried to outlaw the VCR. They tried to outlaw MP3 players. Five hundred years ago, publishers even tried to regulate the printing press. Your claim that the industry would allow better digital portability is absurd.
The mass media is an out-of-control monopoly. It's time for congress to rein-in the copyright industry's government granted priviledges.
By the way, if your arguments could stand on their own merit, you wouldn't need to fluff your claims with insults.
if there were no idiots out there like you trying to justify blatant piracy on any number of grounds...we'd RIGHT NOW have 50c music dowloads as far as the eye could see.
The music is already out there. The record labels have nothing to lose by selling music without DRM, but they still refuse to. It is trivial to copy music through the analog hole. When it comes to music, DRM makes no difference to infringers, yet it still annoys the heck out of legitimate users. More importantly, DRM makes it illegal to distribute a sound system capable of playing the latest and greatest music unless you get permission from the copyright holders. That effectively makes open-source solutions illegal.
we'd have LESS middlemen, MORE choices of artists, and BETTER digital portability
copyright is a government granted monopoly. You can throw out everything you claim to know about competition as it does not apply. A monopolist will demand as much money as the market will bear. A monopolist will cut costs as much as possible. A monopolist will not bother innovating anything.
The copyright industry has done everything they could to stop every technological innovation in the industry. They tried to outlaw the player piano. The tried to stop the radio. They tried to outlaw cassette tapes. They tried to outlaw the VCR. They tried to outlaw MP3 players. Five hundred years ago, publishers even tried to regulate the printing press. Your claim that the industry would allow better digital portability is absurd.
The mass media is an out-of-control monopoly. It's time for congress to rein-in the copyright industry's government granted priviledges.
By the way, if your arguments could stand on their own merit, you wouldn't need to fluff your claims with insults.
That was a great interview. I was particularily impressed with your big-picture view of civil rights. You mentioned the DMCA and it's general effect. Why doesn't the EFF do this? Sure, the EFF's literature claims that the DMCA infringes freedom of speech and hampers competition. But the EFF doesn't but it into words that ordinary people can understand.
The 2600 case came down to a legitimate business versus a couple pirates trying to weasel their way out of a lawsuit. The court didn't seem to realize how the DMCA could allow a single organization to regulate speech (it isn't just about code, it is also about movies, etc). The court was oblivious to the way the DMCA outlaws competition. The court didn't even address the argument that section 1201 is really a patent grant.
The EFF needs to do a better job educating the masses. They should put together educational material that articulates the effect various legal precedents will have. Joe Average should be able to go to the EFF's website, click one or two links, and have a good understanding of why the EFF opposes section 1201.
While I'm ranting, the EFF really needs to teach people a thing or two about spam. Recent proposals for authenticated email allow a single organization (the Certificate Authority) to sell the right to send spam, or even to censor ordinary people for arbitrary reasons. Recent proposals put forth patented standards that will block out open source, and even small ISPs. Microsoft, Yahoo, et al have been pushing spam proposals, not to eliminate spam, but to eliminate competition.
To most people, if it isn't on the Web site, it doesn't exist.
By that logic, SCO has no case. To most people, if it isn't Windows it doesn't exist.
They could throw out some nice, Judge-convincing BS like "We only made these files available via the 'FTP' program, which is only for highly advanced technical individuals such as corporate IT managers, for the convenience of our paying customers. It was not intended for download by unlicensed individuals, and in fact doing so constitutes hacking as per the terms of the DMCA..."
Unless reading security advisories from LinuxSecurity.com constitutes "hacking", I don't see that argument as particularily convincing. SCO posted the kernel on their FTP server May 9th. A Linux kernel developer told SCO about it a month ago. Links to the story were posted on manypopularnewssites. The code is still there.
This seems to me that this is probably either barratry, racketeering, or libel. Mostly the third.
If anything, it is copyright infringement.
I see this whole case as a desparate attempt to find a loophole in the GPL. If SCO sells a Linux license which contradicts the GPL, they would presumably violate the GPL. However, the GPL depends on copyright. In order to violate a copyright, you must distribute* the material.
SCO is proposing to sell licenses without actually distributing the software.
*Distribute here means any of the six rights spelled out in copyright law (distribute, perform, copy, display, create a derivative, or perform over a digital transmission).
Under US copyright law, it is only a crime to download copyrighted works if you reproduce more than $1,000 in goods within 180 days. Or if you infringe copyright for financial gain.
It would appear that it is only a felony if you reproduce or distribute 10 or more copies with a total value of at least $2,500.
DRM does protect fair use - it allows copyright holders to mark their content so it can be copied for personal use (between different devices for example) without having to allow it to be distributed illegally.
There is a lot more to fair use than being able to make personal copies. Making personal copies is one of the least justifiable means of exercising fair use. Fair use is so broad it can't even be defined. The law simply lists four criteria for courts to consider when assessing fair use.
Fair use can, for example, involve distributing video clips to analyze a debate. Fair use could involve making a program run on a different computer platform. Fair use could involve real-time resequencing of a movie to eliminate offensive imagery. Someone may exercise their fair-use rights by indexing a website for their search engine. Digital Rights Management doesn't permit any of these. As far as DRM is concerned, fair use only fits into a narrowly proscribed range of activity.
My reading of the Dastar decision was not that Dastar evaded the Latham act by making modifications to the original work, but rather that the point-of-origin provisions of the Latham act cannot apply to origin of creation for patentable or copyrightable ideas and expressions.
IANAL. The ruling was discussed yesterday in the copyright victories story.
On page 2 of the syllabus, the court says, "Held: Section 43(a) of the Lanham Act does not prevent the unaccredited copying of an uncopyrighted work"
On page 7 of the opinion (page 10 of the PDF), the court says:
That [false designation of origin] claim would undoubtedly be sustained if Dastar had bought some of New Line's Crusade videotapes and merely repackaged them as its own. Dastar's alleged wrongdoing, however, is vastly different: it took a creative work in the public domain--the Crusade television series--copied it, made modifications (arguably minor), and produced its very own series of videotapes.
The court then goes on to describe how Dastar became the original source because it produced its own product. The court implies that if Dastar had not made any changes, then it would have been selling Fox's product.
The distinction would be comparable to Coca-Cola taking Pepsi and selling it as a Coke product. If Coke took Pepsi, made some changes, and sold the new product as its own, Coke would presumably be in the clear.
The lawyer representing the copyright holder has to claim under penalty of perjury, that they are authorized to act on behalf of the person they claim to represent. That is the only statement they have to make under penalty of perjury.
The takedown notice needs to describe the allegedly infringing activity, and the lawyers must state that they have a good-faith belief that the "use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law." [17 USC 512(c)(3)(A)(v)]. They do not need a good-faith belief that the described activity is actually occurring.
This RIAA takedown notice is an example of the law being abused.
The ISP is then required to take the content down for a minimum of ten days and no longer than 14 days in such period the plaintiff must file for a court order.
The ISP can only put the material back up if the subscriber files a counter-notice. In that case, the ISP must notify the complainant. Even if the ISP receives a counter notice, they can not restore the material until the complainant has had ten business days to respond to the counter-notice. If, after 14 business days, the complainant does not file suit, the ISP is required to restore the material.
The requirements for a counter-notice are more stringent than the requirements for a take-down notice. To file a counter-notice, the subscriber must state under penalty of perjury that they have a good faith belief that the material was removed by mistake or misidentification. The subscriber must also consent to local federal court jurisdiction.
For those of you thinking you could file a notice to shut down the RIAA's website for ten days, think again. The penalty for an ISP that fails to comply with a takedown notice, is that they cannot claim immunity from the infringing activity. I suspect the RIAA's ISP will take that risk rather than upsetting one of their well-endowed customers.
IANAL
This part of the DMCA is very good and very clear. It is unfortunate that it must give such power to plaintiffs; however, due to the penalty of purjury assumed by the plaintiff illegitimate accusations can easily cause a counter-suit and thus the system is balanced.
I agree that the way you described it, the law would be fairly good (really the ISP shouldn't need to take the material down if they recieve a counter-notice). Unfortnately, the balance you refer to does not exist.
I submitted this story over 24 hours ago. Slashdot still hasn't decided if they will post it.
I don't think Fox really cared about the video. They really wanted to set a precedent to strengthen the commerce clause with respect to copyright. The Supreme Court ruled that if congress wants to expand the rights of authors, it must do so explicitly. The court can't simply take a law under the commerce clause and interpret it to grant new rights to artists.
Dastar is not in the clear yet. The video was based on a book. Doubleday claims to hold the copyright on the book. That's up for debate. If the copyright was a work-for-hire, as the author's tax-claims would indicate, then the copyright may not have been properly renewed. The Supreme Court sent the case back to the district court to determine if the book really is under copyright, and if so, whether or not the video infringes the copyright.
Also of interest, the EFF (along with the ALA, ACM, CCIA, and eight other organizations) filed an Amici Curiae brief in this case. They argued that this case was an attack on the court's rulings in Feist and Railway Labor.
In Feist Publications, Inc. v. Rural Tel. Serv. Co., the court found that a "sweat of the brow" doctrine was not a sufficient basis for copyright protection. Rural Telephone Service claimed a copyright on their phone book. The court ruled that facts were not subject to copyright.
In Railway Labor Executives' Ass'n v. Gibbons, the court ruled that Congress cannot avoid the particular requirements of one enumerated power by relying on another power; Congress cannot avoid the uniformity requirement of the Bankruptcy Clause by relying on the generality of the Commerce Clause.
Copyright holders have countered the Feist ruling using laws for breach of contract, trespass to chattels, and the Computer Fraud and Abuse Act [1]. The EFF argues that the court's ruling in Railway Labor prevents congress from using the commerce clause to lock up public domain material. The Supreme Court did not specifically address the EFF's arguments, but if they had ruled in Fox's favor, as the lower courts did, this case would have been used as precedent to lock up public domain material based on the commerce clause.
------
[1] The EFF illustrated their argument with four court cases:
ProCD uses a click-wrap license to prevent people from copying its white-page listings. This is a direct attack on the Supreme Court's ruling in Feist.
eBay used a trespass to chattels claim to prevent Bidder's Edge from grabbing public domain material from eBay's website and republishing on another site. The contents in question were facts and thus not subject to copyright under Feist.
Explorica used the Computer Fraud and Abuse Act to prevent EF Cultural Travel from republishing public domain material on another web site. Once again, the materials were facts and thus not copyrightable under Feist.
Register.com used a browse-wrap license, trespass to chattels, and the Computer Fraud and Abuse Act to prevent Verio from acquiring facts from Register.com's WHOIS registry. Again, Feist mandated that the facts remain in the public domain.
In all four cases, publishers were able to demand and enforce rights which congress could not constitutionally grant.
A key argument against the DMCA is that the intellectual rights did not permit congress to pass it. In Dastar v. Fox, Fox was trying to establish a Supreme Court precedent of using the commerce clause to grant powers that the copyright clause forbids. It's good to see the Supreme Court didn't fall for it.
Where do you get the idea that MS has to "Sign" trusted software? It's up to the user to decide what rights an application will have. Stop spreading FUD.
What do you think trusted means? It means the software has been digitally signed by a trusted authority (Microsoft), that the operating system has confirmed the software has not changed since it was signed, and that everything the software depends on (operating system, libraries, hardware) is trusted as well.
Whoever controls the private keys controls what is or is not trusted. I can assure you, the user will not control the private keys (that would defeat the whole purpose of trusted software. If the user controlled the keys, they could alter the software in any way they want, including removal of DRM). Since Microsoft can dicate who's keys to trust, I am confident either Microsoft or some entity controlled by Microsoft will control the keys.
In order for software to be 'trusted', Microsoft has to sign it (that's what Palladium is all about. Microsoft has a monopoly over what is or is not trusted). Microsoft is not going to sign software unless it serves Microsoft's agenda. If p2p software hampers Microsoft's plans to monopolize the online media distribution channel, they will either demand the software be crippled before they sign it, or simply refuse to sign it at all.
I found your paper very interesting. I'd like to address a couple things.
1. You point out that MD5 is vulnerable to a brute-force search for bucket collisions. Isn't any deterministic hash-function vulnerable to the same attack? I know you solved the problem using a keyed version of MD5. With Carter and Wegman, you alluded to a randomly chosen constant and vector. I didn't notice you addressing this issue with UMAC.
2. The abstract says, "We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks." The abstract is ambiguous, but it insinuates that you'll provide a proof. I didn't see one. Perhaps it was in the references? Even if it was, certainly your 20 bit Carter-Wegman construction merits a new proof.
3. You said, "When analyzing algorithmic complexity attacks, we must assume the attacker has access to the source code of the application," I disagree. The attacker doesn't need the source code. They can reverse engineer the compiled binary.
Also, I wonder if an attacker even needs the program. An attacker could reasonably guess that a Perl script will store a certain string in an associative array. Many websites automatically process their Apache logs with Perl. Instead of requesting real pages, a blackhat could request strings that will hash to the same bucket (assuming the site uses Perl). When cron starts processing the logs, the website could slow to a crawl. Granted, the attacker knows the hash function from Perl, but they don't have access to the website's custom-made script.
4. You have a spelling error. Your paper should read, "due to the ten times larger queues of unprocessed events".
These plans are awful. Authentication services and trusted senders are a way for the certificate authorities to decide who can or cannot send mail (be it spam or political speech) [1]. Micropayments are a tax on speech. Challenge/response is patented. Opt-out tools depend on a centralized database from which spammers will harvest addresses. Reputation systems are an invasion of privacy.
Most of the proposals are probably patented (as ridiculous as that may sound). No doubt the recent spam proposals are being pushed by folks with an agenda totally unrelated to spam. There is no way they would get this much media attention without a commercial PR department. Which begs the question, who is behind ASRG? The guy in charge has six pending patents on this very subject.
To stop spam, we should use less invasive approaches such as bayesian filtering and common sense legislation (mandatory headers and spam-hunting boundies aren't a bad idea). We do not need privacy-invading, censorship centers which outlaw open-source solutions.
-----
[1] I fully expect that if we adopt authentication systems, the certificate authorities will permit paying marketeers to spam anyone they choose.
This could work only if Linux contains code that violates SCO's IP because otherwise everything is properly GPLed and can be legally distributed regardless of their suit
No. If SCO is distributing Linux while simply refusing to license it under the GPL they are committing both civil and criminal copyright infringment.
Someone should get a statement from the now. Long after discovering the alleged violations, and two months after filing suit, they continued to distribute Linux. Were those copies licensed under the GPL or not? If it was, any infringing code no longer infringes. If it wasn't, SCO was violating copyright law (assuming someone actually purchased or downloaded a copy during that time).
On the other hand, if there is no copyright violation, and it comes down to nothing but trade secrets, SCO already published those "secrets", thus placing them in the public domain.
I'm guessing Linux is safe for another reason. Most likely, everyone in OpenLinux had a cross-licensing agreement. So Suse could legally publish the allegedly infringing code under the GPL (which they most likely have).
I'd rather the video game industry had taken this up themselves and done something reaonable and responsible and respectable, but as they have consistently failed to acknowledge the issue, I guess it has to become a law.
Why don't you take it up yourself? If you don't like the available games, make an open source alternative. Or better yet, why don't the churches and other large groups lobbying for these laws write their own games? As the open source community has demonstrated, writing software is easier than lobbying.
One thing that will make the gaming industry respond, and respond quick, is fierce competition.
"I consider the law prohibiting the sharing of copies with your friend the moral equivalent of Jim Crow. It does not deserve respect."
Richard Stallman, Free as in Freedom, Richard Stallman's Crusade for Free Software: O'Reilly (2002) at p. 72
That quote was taken completely out of context. What Stallman actually said was:
"I'm looking beyond what the existing laws are to what they should be...I'm not trying to draft legislation. I'm thinking about what should the law do? I consider the law prohibiting the sharing of copies with your friend the moral equivalent of Jim Crow. It does not deserve respect."
In the interest of brevity, even that's not in complete context. Stallman is basically saying if you were to thinking about what the law should be, and someone proposed the current copyright law, the current law would not merit much thought.
The final Stallman quote,
"The whole GNU project is really one big hack. It's one big act of subversive playful cleverness..."
Richard Stallman, Revolution OS (DVD)
sounds like meaningless babble. I don't know what the heck that's supposed to mean. Maybe if SCO put it in context it would make more sense.
Bruce Perens
"This is becoming a tradition. I go there and break the law every year in the name of free speech."
Bruce Perens, explaining his plan to demonstrate how to modify DVD technology to attendees of an Open Source convention.
In a show of civil disobedience, Bruce was planning to circumvent the region controls on a DVD player. He was planning to get arrested so he could put the DMCA on trial. His employer, Hewlett Packard, was afraid that they could be held liable for his demonstration, so they asked him not to do it. In the end, Perens cancelled the demonstration since it would defeat his whole purpose of HP was sued.
"We have to remember that Linux is a follow-on to UNIX. It's not just a UNIX clone. It's actually a UNIX successor."
Bruce Perens, mpulse magazine, December 2001.
From the magazine interview:
What does the open source mean to development of devices within the mobile Internet?
We have to remember that Linux is a follow-on to UNIX. It's not just a UNIX clone. It's actually a UNIX successor. UNIX was invented by the phone company and it was very streaming-oriented. No one used the word 'streaming' in 1970, but if you look at the way UNIX works, it's all pipes and filters, and that's streaming.
It's a very good operating system for telecom, and branches out to streaming media and sending video, etcetera, where these things will happen over third generation wireless. Linux fits there very well.
So Perens was referring to the original AT&T UNIX and its stream-oriented foundation. What SCO fails to mention is that they do not have a claim against Linux based on the original AT&T code base. As Eric Raymond pointed out so well in the position paper, AT&T attempted to enforce their intellectual property rights, but ended up settling out of court by paying the defendant's legal fees.
But my understanding of the W3C Recommendation Process (http://www.w3.org/Consortium/Process-20010719/tr. html#RecsW3C)is that the Director is "responsible for assessing consensus"
The term consensus is already clearly defined. There isn't much leeway in the assessment.
But remember, the PAG is already stacked with people sympathetic to B-L's anti-patent beliefs
I don't see it that way at all. My reading is that each new proposed standard has a different PAG. Except for the W3C counsel, everyone in the PAG comes from the Working Group.
The "Working Group" is composed of the people who are working on a particular standard. So there will be one set of organizations working on one standard, another set working on another standard.
If Microsoft, HP, and IBM form a Working Group for a new web music standard, they pretty much dictate whether or not related patents are royalty-free.
Well that was certainly helpful. I suppose I should have read it before-hand.
Weitzner stressed that it's tough to use because the PPWG doesnt want people to use it easily. And remember, Berners-Lee has to sign off on everything, and it would really take a lot for him to sign off on a RAND Recommendation.
I don't see where Berners-Lee has to sign off on anything. According to the latest draft, it is up to the Patent Advisory Group (PAG) to reach a consensus on whether or not to use a non-RF patent. The PAG is composed of:
Advisory Committee Representatives of each W3C Member organization participating in the Working Group (or alternate designated by the AC Rep)
Working Group Team Contact
W3C counsel
Working Group Chair, ex officio
Domain Leader responsible for the Working Group
Others suggested by the Working Group Chair and/or the Team with the approval of the Director
I'm not convinced that it's all that difficult to reach consensus. To reach consensus, Everyone in the PAG has to either agree to the license or abstain. Also, noone in the PAG can object to the license. The most likely person to object is the W3C counsel, and I can easily see him/her mindlessly abstaining. Everyone else has an agenda. That agenda may well involve eliminating competition from the open source community.
Apparently, there's a loophole in the royalty-free standard. Can someone tell me when this happened? From the Computer World article:
But the group also included an exception provision that will make it possible for members to consider alternate licensing terms when it's deemed impossible to meet the royalty-free goal, he said.
...
Don Deutsch, vice president of standards strategy at Oracle Corp., said the provision was a last-minute compromise designed to address the concerns of IBM and Microsoft. Deutsch added that he expects it to be approved.
All the news reports I saw mentioned royalty-free. This is the first I've heard about an exception.
Free Software is great and all, but true freedom comes from not handing control of everything to one faction... something I would think would be obvious to other supporters of open source software. A monopoly over the Internet is just as bad in the hands of OSS developers as it would be in the hands of Microsoft.
What part of the word monopoly do you not understand? A patent is a monopoly granted by the government. The whole purpose of an industry standard is that anybody can implement it. The point of a royalty-free patent standard is to insure that no monopoly power is exercised over W3C standards.
If you allow RAND or other non-royalty-free patent policies, then open source software will be shut out of the standard. You may call that freedom. I call your words doublespeak.
Slashdot Mirror
Perhaps you should read this. The DeCSS issue is about a whole lot more than cryptography. Some day, the only way to electronically communicate with 90% of the population will involve secret standards. Some day, when you want to point out how the President is breaking his campaign promises, you won't be able to pull an old story out of your archives. Some day, when your car breaks down, you'll have to pay a king's ransom for repairs because only one organization can legally circumvent the copy protection device. Some day, if old content ever enters the public domain, you won't be able to access that content because a few naive judges think this issue is limited to cryptography.
That's not the answer either. Microsoft, Yahoo, et al have been lobbying for this approach, and for good reason. They want to function as the certificate authority (CA). They want to determine who can or cannot send email. They can use that power to literally sell the ability to send spam. They can also use that ability to censor their opponents.
Microsoft also wants a new patented standard that can't be legally implement with open source software.
The music is already out there. The record labels have nothing to lose by selling music without DRM, but they still refuse to. It is trivial to copy music through the analog hole. When it comes to music, DRM makes no difference to infringers, yet it still annoys the heck out of legitimate users. More importantly, DRM makes it illegal to distribute a sound system capable of playing the latest and greatest music unless you get permission from the copyright holders. That effectively makes open-source solutions illegal. In the long-run it could allow a monopoly to take over the electronic distribution industry and censor anything they don't like.
we'd have LESS middlemen, MORE choices of artists, and BETTER digital portability
copyright is a government granted monopoly. You can throw out everything you claim to know about competition as it does not apply. A monopolist will demand as much money as the market will bear. A monopolist will cut costs as much as possible. A monopolist will not bother innovating anything.
The copyright industry has done everything they could to stop every technological innovation in the industry. They tried to outlaw the player piano. The tried to stop the radio. They tried to outlaw cassette tapes. They tried to outlaw the VCR. They tried to outlaw MP3 players. Five hundred years ago, publishers even tried to regulate the printing press. Your claim that the industry would allow better digital portability is absurd.
The mass media is an out-of-control monopoly. It's time for congress to rein-in the copyright industry's government granted priviledges.
By the way, if your arguments could stand on their own merit, you wouldn't need to fluff your claims with insults.
The music is already out there. The record labels have nothing to lose by selling music without DRM, but they still refuse to. It is trivial to copy music through the analog hole. When it comes to music, DRM makes no difference to infringers, yet it still annoys the heck out of legitimate users. More importantly, DRM makes it illegal to distribute a sound system capable of playing the latest and greatest music unless you get permission from the copyright holders. That effectively makes open-source solutions illegal.
we'd have LESS middlemen, MORE choices of artists, and BETTER digital portability
copyright is a government granted monopoly. You can throw out everything you claim to know about competition as it does not apply. A monopolist will demand as much money as the market will bear. A monopolist will cut costs as much as possible. A monopolist will not bother innovating anything.
The copyright industry has done everything they could to stop every technological innovation in the industry. They tried to outlaw the player piano. The tried to stop the radio. They tried to outlaw cassette tapes. They tried to outlaw the VCR. They tried to outlaw MP3 players. Five hundred years ago, publishers even tried to regulate the printing press. Your claim that the industry would allow better digital portability is absurd.
The mass media is an out-of-control monopoly. It's time for congress to rein-in the copyright industry's government granted priviledges.
By the way, if your arguments could stand on their own merit, you wouldn't need to fluff your claims with insults.
The 2600 case came down to a legitimate business versus a couple pirates trying to weasel their way out of a lawsuit. The court didn't seem to realize how the DMCA could allow a single organization to regulate speech (it isn't just about code, it is also about movies, etc). The court was oblivious to the way the DMCA outlaws competition. The court didn't even address the argument that section 1201 is really a patent grant.
The EFF needs to do a better job educating the masses. They should put together educational material that articulates the effect various legal precedents will have. Joe Average should be able to go to the EFF's website, click one or two links, and have a good understanding of why the EFF opposes section 1201.
While I'm ranting, the EFF really needs to teach people a thing or two about spam. Recent proposals for authenticated email allow a single organization (the Certificate Authority) to sell the right to send spam, or even to censor ordinary people for arbitrary reasons. Recent proposals put forth patented standards that will block out open source, and even small ISPs. Microsoft, Yahoo, et al have been pushing spam proposals, not to eliminate spam, but to eliminate competition.
By that logic, SCO has no case. To most people, if it isn't Windows it doesn't exist.
They could throw out some nice, Judge-convincing BS like "We only made these files available via the 'FTP' program, which is only for highly advanced technical individuals such as corporate IT managers, for the convenience of our paying customers. It was not intended for download by unlicensed individuals, and in fact doing so constitutes hacking as per the terms of the DMCA..."
Unless reading security advisories from LinuxSecurity.com constitutes "hacking", I don't see that argument as particularily convincing. SCO posted the kernel on their FTP server May 9th. A Linux kernel developer told SCO about it a month ago. Links to the story were posted on many popular news sites. The code is still there.
If anything, it is copyright infringement.
I see this whole case as a desparate attempt to find a loophole in the GPL. If SCO sells a Linux license which contradicts the GPL, they would presumably violate the GPL. However, the GPL depends on copyright. In order to violate a copyright, you must distribute* the material.
SCO is proposing to sell licenses without actually distributing the software.
*Distribute here means any of the six rights spelled out in copyright law (distribute, perform, copy, display, create a derivative, or perform over a digital transmission).
SCO is still distributing kernel 2.4.13. Are they licensing this code under the GPL or not?
Under US copyright law, it is only a crime to download copyrighted works if you reproduce more than $1,000 in goods within 180 days. Or if you infringe copyright for financial gain.
It would appear that it is only a felony if you reproduce or distribute 10 or more copies with a total value of at least $2,500.
There is a lot more to fair use than being able to make personal copies. Making personal copies is one of the least justifiable means of exercising fair use. Fair use is so broad it can't even be defined. The law simply lists four criteria for courts to consider when assessing fair use.
Fair use can, for example, involve distributing video clips to analyze a debate. Fair use could involve making a program run on a different computer platform. Fair use could involve real-time resequencing of a movie to eliminate offensive imagery. Someone may exercise their fair-use rights by indexing a website for their search engine. Digital Rights Management doesn't permit any of these. As far as DRM is concerned, fair use only fits into a narrowly proscribed range of activity.
IANAL. The ruling was discussed yesterday in the copyright victories story.
On page 2 of the syllabus, the court says, "Held: Section 43(a) of the Lanham Act does not prevent the unaccredited copying of an uncopyrighted work"
On page 7 of the opinion (page 10 of the PDF), the court says:
The court then goes on to describe how Dastar became the original source because it produced its own product. The court implies that if Dastar had not made any changes, then it would have been selling Fox's product.
The distinction would be comparable to Coca-Cola taking Pepsi and selling it as a Coke product. If Coke took Pepsi, made some changes, and sold the new product as its own, Coke would presumably be in the clear.
The copyright holder's obligations are spelled out at the Chilling Effect Clearinghouse.
The lawyer representing the copyright holder has to claim under penalty of perjury, that they are authorized to act on behalf of the person they claim to represent. That is the only statement they have to make under penalty of perjury.
The takedown notice needs to describe the allegedly infringing activity, and the lawyers must state that they have a good-faith belief that the "use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law." [17 USC 512(c)(3)(A)(v)]. They do not need a good-faith belief that the described activity is actually occurring.
This RIAA takedown notice is an example of the law being abused.
The ISP is then required to take the content down for a minimum of ten days and no longer than 14 days in such period the plaintiff must file for a court order.
The ISP can only put the material back up if the subscriber files a counter-notice. In that case, the ISP must notify the complainant. Even if the ISP receives a counter notice, they can not restore the material until the complainant has had ten business days to respond to the counter-notice. If, after 14 business days, the complainant does not file suit, the ISP is required to restore the material.
The requirements for a counter-notice are more stringent than the requirements for a take-down notice. To file a counter-notice, the subscriber must state under penalty of perjury that they have a good faith belief that the material was removed by mistake or misidentification. The subscriber must also consent to local federal court jurisdiction.
For those of you thinking you could file a notice to shut down the RIAA's website for ten days, think again. The penalty for an ISP that fails to comply with a takedown notice, is that they cannot claim immunity from the infringing activity. I suspect the RIAA's ISP will take that risk rather than upsetting one of their well-endowed customers.
IANAL
This part of the DMCA is very good and very clear. It is unfortunate that it must give such power to plaintiffs; however, due to the penalty of purjury assumed by the plaintiff illegitimate accusations can easily cause a counter-suit and thus the system is balanced.
I agree that the way you described it, the law would be fairly good (really the ISP shouldn't need to take the material down if they recieve a counter-notice). Unfortnately, the balance you refer to does not exist.
I don't think Fox really cared about the video. They really wanted to set a precedent to strengthen the commerce clause with respect to copyright. The Supreme Court ruled that if congress wants to expand the rights of authors, it must do so explicitly. The court can't simply take a law under the commerce clause and interpret it to grant new rights to artists.
Dastar is not in the clear yet. The video was based on a book. Doubleday claims to hold the copyright on the book. That's up for debate. If the copyright was a work-for-hire, as the author's tax-claims would indicate, then the copyright may not have been properly renewed. The Supreme Court sent the case back to the district court to determine if the book really is under copyright, and if so, whether or not the video infringes the copyright.
Also of interest, the EFF (along with the ALA, ACM, CCIA, and eight other organizations) filed an Amici Curiae brief in this case. They argued that this case was an attack on the court's rulings in Feist and Railway Labor.
In Feist Publications, Inc. v. Rural Tel. Serv. Co., the court found that a "sweat of the brow" doctrine was not a sufficient basis for copyright protection. Rural Telephone Service claimed a copyright on their phone book. The court ruled that facts were not subject to copyright.
In Railway Labor Executives' Ass'n v. Gibbons, the court ruled that Congress cannot avoid the particular requirements of one enumerated power by relying on another power; Congress cannot avoid the uniformity requirement of the Bankruptcy Clause by relying on the generality of the Commerce Clause.
Copyright holders have countered the Feist ruling using laws for breach of contract, trespass to chattels, and the Computer Fraud and Abuse Act [1]. The EFF argues that the court's ruling in Railway Labor prevents congress from using the commerce clause to lock up public domain material. The Supreme Court did not specifically address the EFF's arguments, but if they had ruled in Fox's favor, as the lower courts did, this case would have been used as precedent to lock up public domain material based on the commerce clause.
------
[1] The EFF illustrated their argument with four court cases:
In all four cases, publishers were able to demand and enforce rights which congress could not constitutionally grant.
A key argument against the DMCA is that the intellectual rights did not permit congress to pass it. In Dastar v. Fox, Fox was trying to establish a Supreme Court precedent of using the commerce clause to grant powers that the copyright clause forbids. It's good to see the Supreme Court didn't fall for it.
What do you think trusted means? It means the software has been digitally signed by a trusted authority (Microsoft), that the operating system has confirmed the software has not changed since it was signed, and that everything the software depends on (operating system, libraries, hardware) is trusted as well.
Whoever controls the private keys controls what is or is not trusted. I can assure you, the user will not control the private keys (that would defeat the whole purpose of trusted software. If the user controlled the keys, they could alter the software in any way they want, including removal of DRM). Since Microsoft can dicate who's keys to trust, I am confident either Microsoft or some entity controlled by Microsoft will control the keys.
In order for software to be 'trusted', Microsoft has to sign it (that's what Palladium is all about. Microsoft has a monopoly over what is or is not trusted). Microsoft is not going to sign software unless it serves Microsoft's agenda. If p2p software hampers Microsoft's plans to monopolize the online media distribution channel, they will either demand the software be crippled before they sign it, or simply refuse to sign it at all.
I found your paper very interesting. I'd like to address a couple things.
1. You point out that MD5 is vulnerable to a brute-force search for bucket collisions. Isn't any deterministic hash-function vulnerable to the same attack? I know you solved the problem using a keyed version of MD5. With Carter and Wegman, you alluded to a randomly chosen constant and vector. I didn't notice you addressing this issue with UMAC.
2. The abstract says, "We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks." The abstract is ambiguous, but it insinuates that you'll provide a proof. I didn't see one. Perhaps it was in the references? Even if it was, certainly your 20 bit Carter-Wegman construction merits a new proof.
3. You said, "When analyzing algorithmic complexity attacks, we must assume the attacker has access to the source code of the application," I disagree. The attacker doesn't need the source code. They can reverse engineer the compiled binary.
Also, I wonder if an attacker even needs the program. An attacker could reasonably guess that a Perl script will store a certain string in an associative array. Many websites automatically process their Apache logs with Perl. Instead of requesting real pages, a blackhat could request strings that will hash to the same bucket (assuming the site uses Perl). When cron starts processing the logs, the website could slow to a crawl. Granted, the attacker knows the hash function from Perl, but they don't have access to the website's custom-made script.
4. You have a spelling error. Your paper should read, "due to the ten times larger queues of unprocessed events".
Most of the proposals are probably patented (as ridiculous as that may sound). No doubt the recent spam proposals are being pushed by folks with an agenda totally unrelated to spam. There is no way they would get this much media attention without a commercial PR department. Which begs the question, who is behind ASRG? The guy in charge has six pending patents on this very subject.
To stop spam, we should use less invasive approaches such as bayesian filtering and common sense legislation (mandatory headers and spam-hunting boundies aren't a bad idea). We do not need privacy-invading, censorship centers which outlaw open-source solutions.
-----
[1] I fully expect that if we adopt authentication systems, the certificate authorities will permit paying marketeers to spam anyone they choose.
No. If SCO is distributing Linux while simply refusing to license it under the GPL they are committing both civil and criminal copyright infringment.
Someone should get a statement from the now. Long after discovering the alleged violations, and two months after filing suit, they continued to distribute Linux. Were those copies licensed under the GPL or not? If it was, any infringing code no longer infringes. If it wasn't, SCO was violating copyright law (assuming someone actually purchased or downloaded a copy during that time).
On the other hand, if there is no copyright violation, and it comes down to nothing but trade secrets, SCO already published those "secrets", thus placing them in the public domain.
I'm guessing Linux is safe for another reason. Most likely, everyone in OpenLinux had a cross-licensing agreement. So Suse could legally publish the allegedly infringing code under the GPL (which they most likely have).
Why don't you take it up yourself? If you don't like the available games, make an open source alternative. Or better yet, why don't the churches and other large groups lobbying for these laws write their own games? As the open source community has demonstrated, writing software is easier than lobbying.
One thing that will make the gaming industry respond, and respond quick, is fierce competition.
Stallman didn't say that. He quoted Larry McVoy who said that.
That quote was taken completely out of context. What Stallman actually said was:
In the interest of brevity, even that's not in complete context. Stallman is basically saying if you were to thinking about what the law should be, and someone proposed the current copyright law, the current law would not merit much thought.
The final Stallman quote,
sounds like meaningless babble. I don't know what the heck that's supposed to mean. Maybe if SCO put it in context it would make more sense.
Bruce Perens
In a show of civil disobedience, Bruce was planning to circumvent the region controls on a DVD player. He was planning to get arrested so he could put the DMCA on trial. His employer, Hewlett Packard, was afraid that they could be held liable for his demonstration, so they asked him not to do it. In the end, Perens cancelled the demonstration since it would defeat his whole purpose of HP was sued.
From the magazine interview:
So Perens was referring to the original AT&T UNIX and its stream-oriented foundation. What SCO fails to mention is that they do not have a claim against Linux based on the original AT&T code base. As Eric Raymond pointed out so well in the position paper, AT&T attempted to enforce their intellectual property rights, but ended up settling out of court by paying the defendant's legal fees.
The term consensus is already clearly defined. There isn't much leeway in the assessment.
But remember, the PAG is already stacked with people sympathetic to B-L's anti-patent beliefs
I don't see it that way at all. My reading is that each new proposed standard has a different PAG. Except for the W3C counsel, everyone in the PAG comes from the Working Group.
The "Working Group" is composed of the people who are working on a particular standard. So there will be one set of organizations working on one standard, another set working on another standard.
If Microsoft, HP, and IBM form a Working Group for a new web music standard, they pretty much dictate whether or not related patents are royalty-free.
Well that was certainly helpful. I suppose I should have read it before-hand.
Weitzner stressed that it's tough to use because the PPWG doesnt want people to use it easily. And remember, Berners-Lee has to sign off on everything, and it would really take a lot for him to sign off on a RAND Recommendation.
I don't see where Berners-Lee has to sign off on anything. According to the latest draft, it is up to the Patent Advisory Group (PAG) to reach a consensus on whether or not to use a non-RF patent. The PAG is composed of:
I'm not convinced that it's all that difficult to reach consensus. To reach consensus, Everyone in the PAG has to either agree to the license or abstain. Also, noone in the PAG can object to the license. The most likely person to object is the W3C counsel, and I can easily see him/her mindlessly abstaining. Everyone else has an agenda. That agenda may well involve eliminating competition from the open source community.
All the news reports I saw mentioned royalty-free. This is the first I've heard about an exception.
What part of the word monopoly do you not understand? A patent is a monopoly granted by the government. The whole purpose of an industry standard is that anybody can implement it. The point of a royalty-free patent standard is to insure that no monopoly power is exercised over W3C standards.
If you allow RAND or other non-royalty-free patent policies, then open source software will be shut out of the standard. You may call that freedom. I call your words doublespeak.
Once again, proof that passenger screening is counter-productive.