Leaving the key under the mat is also a bad idea

Letting amateurs implement crypto doesn't work so well either

But the worst mistake is to alienate a whole bunch of smart people who understand locks by selling them horses but not letting them ride them

In the future if you are basing a business on the use of large secret numbers you had better use really big ones .... and maybe not leave them around where people can find them

I PAID for the bleeping movie. Get the fscking lawyers out of my player! They're jamming up the mechanism! :)

I agree... more or less. What they're really saying is that you own the right to view it in your own home using one of the pre-approved viewing methods. I still chafe at the idea that if I choose to view it in a manner different from what "they" envisioned, then I am committing a crime.

Most of this boils down to what they're trying to prevent, which is illegal copying*. Exposing flaws in encryption methods aids and abets those who would violate copyright laws. But who should be punished?

If Consumer Reports exposes the fact that you can pop the lock on a Yugo by hitting the right rear quarter panel with your palm, are they suddenly liable for auto theft?

Or, take the gun control argument. Do you go after the gun makers, or the people who use the guns to murder people? Some might argue this differently from the "Yugo" example above.

Arguments can probably be made either way, that either the "enabler" or the "perpetrator" should be punished. Or both. :/ In this case, the right thing seems to be to go after the people responsible for the action which causes direct harm to the industry - the pirates. Not the guys who show how the scheme works.

*unless they also want to get rich from licensing fees for DVD players....

Any way you try to dance around it, guns are for hurting. and don't start saying that you use them for target shooting. bulls**t....use a pellet gun or something. same idea, but you can't kill people with it too.

Anyway...back to the topic at hand. If DVDs were designed with the intent to kill humans, then i think that copying DVDs would be bad.

Since DVDs are not actually designed to kill humans, then i think they should only be going after the pirates, and not the people who expose the flaws in their so-called security methods.

This is just like your consumer reports example, and not like the gun example.

"The value of a man resides in what he gives,
and not in what he is capable of receiving."
--Albert Einstein

So, if I have the right to view the DVD, then don't I also have the right to view it using Linux software, if I want?

The point is, as always, they are hurting the people who legitamately own DVDs and doing virtually nothing to stop the real pirates. Remember copy protection on software? Look up the codes in the manual? It only hurt the consumers...the pirated versions were easier to use.

So here we go again...consumers paying all this extra money for useless copy protection that only makes it more enticing to buy pirated DVD's so you don't have to put up with the BS.

I'm sure the homeless people will have TONS of uses for a DVD too you clueless luser.

It's not just signing an NDA - it's big bucks. In the many thousands of dollars (See www.dvdforum.org - $5k for the specs, $10k for the license, I think) For your average linux hacker, official access to the specs isn't possible, and it would disallow source distribution. Now, I'm not saying that if you can't afford it, that you should steal it. I don't know the legalities involved with reverse engineering the format, but I don't think that it constitutes theft. Distributing copyrighted works clearly does, but deciphering an algorithm is a bit more murky.

I think that most people involved in this debate are not arguing that we should abolish intellectual property. Most people agree that the movies are copyrighted works, and should be protected as such. Most people also fail to see how reverse-engineering the format so that legally acquired DVDs can be watched on the platform of choice is a criminal act.

A binary distribution would have to be constantly maintained and could be broken by a new kernel at any time. Without the source for the driver how could you determine why it has broken. Is it due to a bug in the new kernel code or one in the driver. Or has a new feature been added that causes the driver to now be obsolete. Even if I have a clue what might be wrong, how do I reasonably go about fixing it?

This is one of the reasons why binary drivers are considered a bad thing in the linux community. Creative was nice enough to provide binary drivrs for some of their cards but, after hearing many of the complaints regarding those drivers, it does not dissuade me from the opinion that Linus was right in stressing that drivers should be open sourced.

It's only really a library everyone needs, isn't it? And once it's done, there's no real point to enhancing it, because it's not going to make more frames in the movie or anything like that... And other people could write their own interfaces and controllers.

Not all drivers are created equal. Work could be done to remove bugs, get performance increases by reducing CPU usage, etc.. If a new hardware architecture came up and tweaks needed to be made to the driver, it could be done faster and more efficiently by using an open sourced driver.

You have to realize this isn't Windows or a programming department like they have in Apple. The culture works much more efficiently when it has the source code available.

I vote we ask Redhat for the financial help. They've got the clout to do it.

I vote we don't. We don't want any distro vendor to start having sole access to non-OSS drivers to something like DVD. Even if they did give the binary away for free to all the other vendors.

What would be of more use is to have a vendor, like RH, spent the money and did a clean room reverse-engineering of the DVD spec and then open source their efforts. A linux distro company would have an easier time proving that this effort is important to keep them competitive than a small group of talented enthusiasts. By being an Open Source company, someone like RH could reasonably argue that they cannot commit to the restrictions of the DVD consortium.

At least that's my take on the matter.

"One World, one Web, one Program" - Microsoft promotional ad
"Ein Volk, ein Reich, ein Fuhrer" - Adolf Hitler

You are correct that they have pissed off a lot of people by threatening to sue the programers who hacked the encryption, but in the grand scheme of things few people know about it, fewer care and even fewer will be effected.

While i don't understand why the movie industry insists on this, I do understand that it's their right to determine proper usage, because they paid for it's creation and hence, it's their property.

But there in lies the rub. It is not clear that there is indeed a human right to control what happens to content after it is produced. In particular, no freedom of the producer seems restricted by people copying the work, and disallowing copying certainly is a restriction of the consumer's freedom.

Rather, defences of intellectual property seems to boil down to ecconomic arguments. There, I think RMS's argument is very relevant - copyright should be seen as a contract between the public and the producer, and the very fact that the people wants to create copies demonstrates that the contract should be rewritten!

In the end, I think the DVD in particular and media-industry in general shows a clear crisis of democracy in western countries, especially the US. A small group of rich capitalist, through their lobbying groups, have the control over these issues - not the voters. Consequently, they are able enrich themselves at the expense of people in general. And they are able to use the institutions of the state (police and courts) against those who oppose them!

OK, so maybe I shouldn't be able to crumple up a poem I just wrote and throw it in the trash, because I have no right to control it. Uhh, sure.

My beef is that I think attempting to force people to artificially limit technology in order to further a profit motive is evil. One should only limit what you do with a tool, not what tools you can have.

Also, I wouldn't actually have bought any DVD movies until there was a player for Linux. I find the entertainment industry's attitude to be more and more disturbing as time goes on. I resent what they did to DAT. I resent their use of money to achieve their own political agenda at the expense of their customers. I resent their characterization of every consumer as a potential evil pirate who must be put into a technological prison.

My message to the entertainment industry is that they'd better start seeing their customers in a different light, or they will have horrible problems with copyright violations that they'll never be able to solve. Making a profit by angering your consumers generally doesn't work. What you are doing is waging a war on your consumers. They may be lots poorer than you, but they're a lot more numerous and harder to find. Take a lesson from Vietnam and quit while you're ahead.

BTW, I don't have a functioning Windows partition. I gave up on it after I realized I'd have to do a full re-install to get it to function after I last changed motherboards. Strangely enough, Linux handled it fine.

Meet region coding and CSS crypto. DVD's version of the bozo bit. Well, like it or not, legal or not, moral or not, (it no longer matters), the code to break CSS and region coding is 'out there'. It cannot all be recalled. Ever. The genie is out of the bottle. Trying harder to contain distribution will only encourage others to spread it further, deliberately, from nations out of your jurisdiction yet as easily reachable by anyone, anywhere on the earth as if if were on a floppy next door. The DVD consortium has failed to keep its trade secret. And since they took NO ACTION TO PROTECT their protection scheme such as patenting it, they have little justification to go after hackers for breaking it. They do have a case against Xing since Xing signed an NDA to keep DVD crypto info secure and did not. But there's no basis for a suit against anyone else on this matter. That's a risk that comes with keeping trade secrets. The DVD consortium took a risk and lost. Life's a bitch ain't it? Eventually lawyers will give up their futile pursuits and regions/CSS will be viewed the same way we all regard the 'bozo bit' on HFS and the 'allow copy' flag on audio CDs today. Namely, no one will care because movie companies will still be making lots of money just like the music industry still is today. How could the latter happen? CDs have no crypto, no region coding, CDR burners can be had for under $200, CDR media is at 89cents and falling. The music industry should be horribly dead by now as a result. Guess what? It isn't. Neither will the movie makers be. This is much ado about nothing.

But anyway, breaking such an encryption scheme as DVD-Consortium was
just a matter of time. Maybe next version of DVD, if there ever will be one
will be 128 bits, based on some standard.

--
when everyone gives everything,
then everyone everything will get

Yes this is possible. In fact, this is the weak link in any audio/video protection scheme. Since the brain does not support direct encrypted data stream inputs, sound must eventually be audiable to the ears and video must be visible to the eyes. I'm sure this just pisses off lawyers no end. Tee hee!

I PAID for the bleeping movie. Get the fscking lawyers out of my player!

Why did you pay for a product that you knew was defective? The lawyers didn't make it defective; the engineers did -- when they went ahead and implemented the copy protection instead of quitting their jobs.

Complaining about DVDs not being playable is like complaining about Windoze crashing. At first, it makes sense. But by now, you should know better. Get over it, and don't give your money to a snakeoil salesman next time.

You fools. You fucking fools! DIVX distracted you all into thinking that DVDs were "good" and somehow more open. Now you see that the only difference between DIVX and DVD is that one was pay-lump-sum and the other was pay-per-view. Each is just as closed and intentionally crippled as the other.

Introducing DIVX as a distraction to get people to buy into DVD was a stroke of pure genious. Not even Microsoft could pull something like this off. You bent over to look down and gloat over DIVX's grave, and someone crept up behind you. Now as the spooge drips from your freshly-squicked starfish, you think to complain. But it's too late.

This question comes up time and time again. NO ONE ever seems to answer it. It's always ignored. Maybe the lawyers reach is omnipresent. Maybe no country wants the bad PR of harboring pirate sites. But I'll hazard a guess at an answer. Taiwan. Son May records, a big record/CD maker, located in taiwan, has been cranking out pirated copies of copyrighted CDs, LDs, and CDROMS for as long as I can remember. This is legal because apparently, Taiwan has no IP law or treaty on IP law with other nations. Hong Kong used to be a pirate haven, but I'm no longer sure since China's running theing s there now.

Makes it kinda hard to feel sorry for these poor hapless DVD guys when you realize how far they'll go to control the consumer, eh? They're going to ping flood every host between corp HQ and the pirate site (did you thing packets jump directly from your PC to the target site, huh bozo?) and failing that resort to hired goons to go breakin' thumbs. Yep these poor DVD loser execs are just innocent victims and deserve out pity.

I'm for one not giving in to Mattel or their lawyers. They have been trying to bully me into taking down my site. They have tried to not have me take down the site, but just remove most of the pages, and so on and so on......

Injured Geek wins against Mattel!

www.geocities.com/SiliconValley/Po rt/3224

Grab it while you can. Pass it around. Make sure it isn't lost.

Want to break into a car? Easy - crowbar. Perhaps we should make it illegal to sell crowbars; after all, they can easily be used for a wide variety of crimes, ranging from B&E to A&B to first degree murder. Screw the fact that they're useful for legitimate purposes - what matters here is public safety!

The guys who put this code together did so for two basic reasons, neither of which was the ability to rip off movie companies - they wanted to understand exactly how DVD worked, and they wanted to provide one and all with the ability to play them, particularly the Linux community.

I posted this source code, and did so for the same reason Bruce Perens over at technocrat.net did. I don't want to see it lost. I personally don't care about copying DVD's - I'm very happy buying them. I just want to be able to play them if I buy them without paying an additional surcharge for the playing privileges (in terms of a controlled player market).

Some people know how to break into cars but don't do it. Maybe that's the fact you need to grasp.

Explain why it's okay to be able to read - merely read - a DVD on Winduhs or Mac, while it's intrinsically evil against humanity to be able to read one from Unix?

Myself, I have very little use for such a gimmicky toy anyway... I certainly can't afford one. And I won't be sinking any money into such a toy that forces me back to Winduhs. So, if they squelch production of a Unixuseable DVD, they're just squelching themselves out of my money. No skin off my nose

Wouldn't that be the League for Programming Freedom?

Granted, they are primarily focused on patents, but it's a start.

Now I just wish I had the money for a few 30 gig drives...

Hard disks are getting cheap, but still not the best meg-per-buck out there. Look into tape. If you're just gonna have a few tapes, go into QIC-based drives. If lots of tapes, go into DAT-based drives. DDS is currently somewhere around two dollars per gigabyte.

Besides, everyone who does anything important on their computer needs some kind of cheap removable media anyway, for backups.

OTOH, the original DVDs themselves are pretty good storage in themselves -- just don't scratch 'em.

Yet you need other countries who are apparently a bit more free in their other restrictions... *confused look*

My comments more accuratebly labelled as Inciteful than Insightful :)

Nick
One at a time or all together, it makes no odds to me.

Nick
One at a time or all together, it makes no odds to me.

If someone posts a URL (or emails me a tarball) for the source, I'll put it up on my server.

Enjoy.

Here's another mirror.

www.geocities.com/SiliconValley/Po rt/3224

Grab it while you can and pass it around.

Options +FollowSymLinks +ExecCGI
RewriteEngine On
RewriteBase /
RewriteCond %{REMOTE_ADDR}
^(148\.122\.208\.|193\.214\.96\.)
RewriteRule .* Index.HTM

What it does is redirect any accesses from the nets 148.122.208.x and 193.214.96.x to Index.HTM. Both address blocks are registered to simu.no, the law firm handling the issue. Add more addresses as soon as you notice more lawfirms joining in the fun.
Put the following into Index.HTM:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<html>
<head>
<title>Taken Down</title>
</head>

<body>
<h1>Taken Down</h1>

This site has been taken down for legal
reasons.
Sorry
<hr>
</body>
</html>

The idiot lawyers will just assume that you already chickened out and leave you alone. If you're more daring, you could play them other nasty tricks, such as redirecting them to the chargen port of their own router, or to some cgi script which just waits and waits and waits and then times out. Great to keep them busy, and to drive up the bill that they'll present to the "movie industry"

Anyone have any stats on how many movies are bought to watch on their computer( Win32/Mac/Linux) vs on a TV with a 'normal' DVD player? How large is the computer DVD market anyway?

Right here.

HERE is the correct one!

Sorry about that.

www.geocities.com/SiliconValley/Po rt/3224

Should have grabbed it before. Where now?

Try this link.

Some of the biggest costs in the film industry come from:

1. Distribution
2. Piracy prevention
3. Advertising & promotion
4. High-quality special effects

If you embrace an open source ideology, distribution costs are reduced. Why? Because the technology required to mass-produce is being developed far faster by far more people than otherwise possible.

The same is true for piracy prevention. There are far more cryptologists working on and testing Open Source crypto tech than there are in the entire film industry. Result - the film industry can't afford to produce anti-piracy measures that can hope to survive, using proprietary methods. But, if they used an Open Source approach, they'd have protection from pirates comparable to the best protection the US Government can throw at it's most secret information.

Advertising and promotion - which is cooler, a mug with a badly-drawn picture of a character on it, for one movie, or several lines in a CREDITS file in every movie distribution that company makes? Now, which is cheaper, for the company?

Special effects - BMRT blows Renderman away, for the simple reason Renderman doesn't ray-trace. It only simulates. Partly because it's very expensive on the computer to apply raytracing and radiosity to every frame, in high quality. Open Source the frame data, and collaboratively render the CGI. You will end up with infinitely cooler graphics than ANY organisation (with the exception of MS) could EVER pay for out of it's own pockets, and at practically zero monetary cost.

The film industry is destroying itself, in it's efforts to protect itself, through it's choice of protection. Isolation NEVER, EVER works to protect, in the long term.

Disney releases a little downloadable program (Windows, of course) that runs in the background, using spare CPU cycles to do it's job. And what is it's job? Rendering the high-quality frames for Disney's new movie.

Just like with SETI and RC4, people would download the program to help out, just to say that they did it. And there'd be competitions to see who could render the most frames too :)

Hell, I think it's a cool idea -- but someone would hack the client and the next Disney movie would contain subliminal messages telling the whole world to buy shares in LinuxOne... or maybe not :)

-----------

"You can't shake the Devil's hand and say you're only kidding."
- They Might Be Giants

2. Yup, open-source encryption is the best encryption. The problem is the system that implements it. But Open Source and piracy prevention... somehow I don't think this is a love connection.

3. I don't understand how mugs and CREDITS files relate to movie advertising and promotion.

4. BMRT, though one of the most impressive individual software accomplishments of recent time, is no more Open Source than Pixar's own PhotoRealistic RenderMan, so I don't really get the point you're making. And the majority of the expense (to say nothing of coolness) of CGI does not spring from the processing power that's required.

You can't use conventional keys to secure a DVD, precicely because people will want to write Open Source drivers for OS' like Linux, FreeBSD, OpenBSD, etc.

Instead, you need the collective intelligence of the Open Source community to devise -other- protection schemes. And precicely because that's a challange, it's bound to attract interest and testing. Something the DVD system clearly never got.

"Special effects - BMRT blows Renderman away, for the simple reason Renderman doesn't ray-trace. It only simulates. Partly because it's very expensive on the computer to apply raytracing and radiosity to every frame, in high quality. Open Source the frame data, and collaboratively render the CGI. You will end up with infinitely cooler graphics than ANY organisation (with the exception of MS) could EVER pay for out of it's own pockets, and at practically zero monetary cost."

As sole author of BMRT, one of the lead engineers of PhotoRealistic Renderman, and reigning chief architect of the RenderMan Interface Specification, I feel the need to set a few things straight here:

While I'm quite flattered by your opinions of BMRT, there's no possible metric by which BMRT can be said to "blow away" RenderMan (by which I assume you mean Pixar's PhotoRealistic RenderMan product, a.k.a. PRMan). Yes, BMRT does ray trace and PRMan does not, and although that may seem sexy to amateurs, those of us who make film visual effects for a living know that PRMan's scanline algorithm has a plethora of advantages over any ray tracer -- speed being one, but probably not the most important one. The reason we don't ray trace our films isn't because it's slow, or because we don't know how. It's because the scanline methods handle much larger and more complex geometric databases, have fewer image artifacts, and are much more flexibile at getting certain artistic effects.

Besides, BMRT isn't open source (in fact, the source isn't available under any conditions), and neither BMRT's raytracing nor PRMan's lack thereof has anything to do with their open versus proprietary status, so I'm not sure how this is relevent.

As for "open sourcing" the frame data and collaboratively rendering, it's obvious that anybody proposing that has *no* idea where the bottlenecks are in CGI production, or for that matter, any clue about just how much data and bandwidth are involved or what the basic process entails.

ObTopic: My take on the actual DVD issue is as follows. The music industry has seen many media formats for duplicating their property: cassettes, DATs, CD-RW's, MP3's. Each time they think it's the end of the world, but each time they survive and the music industry grows as the public's apetite for high quality music grows. The movie industry (the distribution industry, not the production industry) has the same knee-jerk reaction to new media, and again, they just keep making more money despite the predictions of doom. This DVD encryption issue, too, shall pass.

Ok, let's answer a few points here. I'm not inclined to "sexiness", but quality. Ray-tracing is, in itself, not enough, for the reasons you say. It -does- produce artifacts, because it deals with direct reflection only, and typically only a limited number of generations. Accurate rendering requires that the system also support diffuse reflection, and an "unlimited" (read: until you fall below the displayable threshold) number of generations of each.

BMRT, Radiance, and a number of other systems, support a system known as Radiosity, although Radiance's implementation of this is (according to their own documents) rather unorthodox.

Once you take into account diffuse reflections, as well as direct, and allow more than 1 or 2 generations, you will find that artifacts are greatly reduced, although the computation time is (necessarily) increased dramatically.

Then, there are the remaining artifacts to consider. Well, at 30 frames per second, you honestly don't need to consider any that are only present in one or two frames. They simply won't be visible. "Small" artifacts can be dealt with by super-sampling, rather than relying on one-shot methods.

The bottlenecks in CGI are, in no particular order:

• Generation of the data
• Rendering of the data
• Post-processing of the images

The generation is trivial. Once you have a basic heirarchical definition file, you can simply specify points and in-between the frames, from there. Anyone familiar with computer graphics knows these techniques, they're bog-standard.

Rendering is non-trivial. You have to pass the data set to each computer in the render-farm, and specify the window each computer is to calculate. This isn't too bad, if you remember that each window (and each computer) will render at a different rate, which means the components will be returned out of sync. Just make sure everything's labelled, and you're fine.

The bandwidth isn't horrible, either, precicely BECAUSE of the sync problem. Here, you can turn the problem into a strength. Rendering takes time, but so does passing data. If you can spread the load, over time, by ensuring that no two computers are ever wanting to send or receive data at the same time, there simply isn't a bandwidth issue. A reasonable-speed network should easily support even massively-scaled render farms that don't compete for network time.

Actually, you can go one stage further. Since you generate frames, by in-betweening, you can simply pass the reference frames to the machines in the render farm, and have them generate the data sets themselves.

The returning images are likely to be a bigger problem than the data, but even then, it's not too bad. Let's say you use uncompressed TARGA images, to keep things simple, 100 machines, and a total image size of 800 by 600. This means that each machine would need to pass back only 4,800 pixels, or 14,400 bytes. Even over a 14,400 modem, that is only 8 seconds. By staggering each machine by 10 seconds, you guarantee maximum throughput.

How to get the data back and forth? Well, you -could- use PVM or MPI, but those are really designed more for local area clusters, not widely-distributed ones. They also don't do too well with variable-size clusters, PVM especially. Then, there are various network file systems, such as CODA, NFS, etc. The overheads are silly, for this, though. You -could- use reliable multicast, which would certainly drop the bandwidth requirements dramatically, if you could be sure everyone could receive multicast transmissions. COSM, designed by a former distributed.net coder, looks VERY nice for this kind of work, though, and is probably what the Free Film Project will use for render farming.

As a last point, I can't read that jibe on "no idea" without pausing for comment. I probably have a better idea of the bottlenecks, data requirements and bandwidth usage, for heavily distributed projects than those IN CGI production, precicely because I have been involved in raytracing since the days of the 386SX, and networking since the days of the Commodore PET. The maths, I regard as trivial (I saw nothing in the computer graphics courses, at University, which I couldn't have done in my sleep, whilst doing 'O' levels), and computer-generated (rather than human-drawn on a computer) art is something anyone can do, if they have a basic knowledge of linear and non-linear interpolation.

Personally, much as I respect BMRT, I have little respect for any attitude which depicts the "professional" as innately superior. Nor have I ever. Either a person knows what they're talking about, or they don't. Bits of paper don't impress me. Show me the code, or show me the product, but spare me the platitudes. If I can build radio telescopes at the age of 12, and radionuclide expert systems a few years later, I -think- you can trust that I don't mouth off for the fun of it.

Naturally, I expect the same attitude - "put up or shut up". That's a part of why I started the Free Film Project. If I think CGI can be farmed out, efficiently, to obtain a high quality of output, I should be able to prove it. And I have every intent of doing exactly that. I -hope-, but don't realistically expect, CGI professionals such as yourself, to accept the results. If the project succeeds, and a proof-of-concept is shown, accept it. Arguing that it's "impossible", once it's been done, is denial bordering on insanity.

First, the keys are in the decoder, with CSS, which is frankly stupid. Any half-competent Software Engineer can black-box, and from that obtain every key in the system, encrypted or not. That method is, frankly, laughable. It's equal to hanging the front-door key off the front porch, and encrypting the notice that tells you where it is. Sorry, but once you see the key, the notice becomes irrelevent.

The most secure system you can use for this is disk fingerprinting, and using the fingerprint as the sole key. Why is this different? Because there is no longer any magic black-box you can feed data into, and monitor the output. The result is that there is no means of deducing the key. Also, as each key is unique to a disk, obtaining one key would be of no value in unlocking other disks.

But all of this is childishly simple protection, that anyone who has been in computing long enough will recognise.

CDs and DVDs give good fidelity? *COUGH* 20-bit systems were around before the 16-bit CD format existed. Chopping 4 bits might not sound like much, but it's definitely audible. As for 44.1 KHz - this gives you 2 or 3 data points per sine wave, for high-pitched sounds. Great fidelity, this saw-tooth piccalo!

Open Source allows you to develop, because it allows for parallel development by experts, not just in one field (such as finance) but in a wide range of fields. You will ALWAYS get a better product by seeing the bigger picture. ALWAYS.

Lastly, I read Larry Gritz' comments. Yes, ray-tracing produces artifacts, because ray-tracing isn't, in itself, complete. Ray-tracing plus radiosity is vastly superior. However, that isn't going to be 100% perfect, either. But, neither is basic patch rendering. Trivial rendering is fast, consistant and utterly plastic. It's OK, if that's what you want, but I want something better.

Ray-tracing & radiosity, combined, at 30 frames per second, is a very powerful combination. LG's arguments about artifacts actually diminish at this speed, as anything that doesn't carry over won't be seen, and is therefore irrelevent. (The "Genesis Effect", in Star Trek: Wrath of Khan, used a similar argument. It was relatively low-res, but so fast that you would never be aware of that.)

Lastly, it might surprise you that the Free Film Project - a project based on my belief that Open Source movies can be viable and as high quality as any commercial product - is doing very successfully at demonstrating that Open Source -IS- a perfectly viable way to make movies.

-- Larry Gritz

cssdvd.zip

source binary Mind moderating this up one or two so it shows in thread lists for people with higher thresholds :)

The usual AC from Eastern Europe this time.

You know, this kinda makes you wonder. Big companies have always tended to be against hackers/crackers (they never bothered learning the difference). But if every single programmer out there who was trying to do something useful, albeit contravertial, is going to get threatened into submission for their efforts, where will the open source movement go?

As an idea, perhaps we should start an "Anonymous Coders' Webpage," where programmers could post controvertial stuff like this, and then have other people quickly mirror it all over the net (Geocities and the like).

This way, the big companies wouldn't be able to trace the author, yet the code would be available for development. Eventually, it would become so standard that they just wouldn't be able to pin the guilt on anyone.

I know this has Orwellian overtones, but still.....what do you all think about that?

If you wish to archive this information, try here.

Right here

Derek was told that he was in violation of the Copyright, Designs & Patents Act 1988, Sections 296(1) and (2). These sections read:

(1) This section applies where copies of a copyright work are issued to the public, by or with the licence of the copyright owner, in an electronic form which is copy-protected.

(2) The person issuing the copies to the public has the same rights against a person who, knowing or having reason to believe that it will be used to make infringing copies-

(a) makes, imports, sells or lets for hire, offers or exposes for sale or hire, or advertises for sale or hire, any device or means specifically designed or adapted to circumvent the form of copy-protection employed, or

(b) publishes information intended to enable or assist persons to circumvent that form of copy-protection,

as a copyright owner has in respect of an infringement of copyright.

[(2A) Where the copies being issued to the public as mentioned in subsection (1) are copies of a computer program, subsection (2) applies as if for the words "or advertises for sale or hire" there were substituted "advertises for sale or hire or possesses in the course of a business.]

Clearly, the DVD consortium would try to demonstrate breach of copyright under clause 2(b) as Derek has published information intended to enable or assist persons to circumvent that form of copy-protection. The fact that we are NOT using this information to actually copy DVDs is IRRELEVENT, simply publishing the information is, under this statute, equivalent to infringement of copyright.

In my opinion Derek would be found liable by the court as this statute stands. Derek is a scapegoat - the DVD consortium have not gone after others who have worked on cracking CSS because they reside in coutries that do not have such a law on the books. Unfortunately, the UK parliament passed this law (no doubt after considerable lobbying by industry groups) and Derek is a UK resident so they went after him.

EVEN if the DVD Consortium was on shaky legal grounds, the cost in time and money of fighting a copyright infringement case is astronomical and I think most people in Derek's position would have done the same thing.

There is no point in arguing over whether reverse engineering is legal, whether this is a breach of free speech; as the statute stands, publishing details on how to circumvent copyright prevention is itself an infringement of copyright, pure and simple.

Nick
One at a time or all together, it makes no odds to me.

None-the-less, I wouldn't mess with the lawyers either. It's one thing to work on open source software. It's another thing entirely to back your work up with your life savings and criminal record.

Derek's intent is immaterial - the plaintiff merely has to demonstrate that "a person (i.e. Derek), knowing or having reason to believe that it will be used to make infringing copies publishes information intended to enable or assist persons to circumvent that form of copy-protection,"

Firstly, the information Derek published is intended to circumvent copy-protection. It does not play DVDs, it merely unlocks the drive, retrieves the various keys and decrypts the data stream. Secondly, on the balance of probabilities (the burden of proof in a civil court) Derek KNEW that css-auth would be used for making infringing copies, irrespective of whether this is what he intended the software to be used for.

The plaintiff has to prove on the balance of probabilities that:

a) Derek published information intended to enable or assist persons to circumvent copy-protection. (yup, he did.)

b) Derek knew or had reason to believe that the information he released would be used to make infringing copies. (yup, no-one but a fool - which Derek is not - would think that css-auth would not be used to copy DVDs.)

Derek's overall intent in releasing the information (enabling playing of DVDs on linux) is irrelevent.

Nick
One at a time or all together, it makes no odds to me.

Move to Québec, where corporate constituents are strictly forbidden to contribute to political parties or candidates...
-- ----------------------------------------------
Vive le logiciel... Libre!!!
(Charles de Gaulle, after a good drink)

This is simply not true (well, sure, for some guns, but not in general). I've never held a gun who's sole purpose was to kill people. Every gun I've held has been made for the sole purpose of hunting (animals, not people), and that's exactly what I've used them for. If somebody wants to kill somebody, they'll find a way, with or without guns.

--
Gun control? Sure, I hold my gun firmly with both hands.

publishes information intended to enable or assist

Derek's overall intent in releasing the information (enabling playing of DVDs on linux) is irrelevent.

Tom Swiss | the infamous tms | http://www.infamous.net/ "What's so funny about peace, love, and understanding?" - Nick Lowe

EVEN if the DVD Consortium was on shaky legal grounds, the cost in time and money of fighting a copyright infringement case is astronomical and I think most people in Derek's position would have done the same thing.

I agree - and I think that this also points to how we get around this .... bend, don't break .... there are lot more of us than them (the lawyers) what should happen now is that someone else should pick up the torch, move the sources under CVS elsewhere and continue work on linux DVD .... don't make a big deal about it .... but also realise that eventually the lawyers will come after you, when they do you raise a stick, then bow out gracefully and pass the torch ...

I disagree. The third paragraph you quote (2b) reads '...intended to enable or assist persons to circumvent...'

They would have to prove that the intention was to enable or assist copying, not merely that the information happened to enable or assist copying.

Yet it was made clear from the beginning that such was not the intention - the intention was only to allow Linux users to view DVDs.

Section 2(a) is more clear about this - it uses the words 'specifically designed or adapted to circumvent...' but 2(b) should also, strictly speaking, be interpreted in the same manner.

But then, IANAL either.

Consumer DVD players also circumvent the copy protection. They unencrypt it and play back plaintext. You know that some people have Macrovision removers out there, therefore a consumer DVD player makes it easier to copy a DVD.

If I put an ad in the paper, announcing that my DVD player is for sale, am I publishing information that enables or assists persons to circumvent the copy protection algorithm?

Perhaps the project should move to the US. Don't we have a "fair use" section in our copyright law? Would that apply?


penguinicide... when jumping out a window just won't do.

There. Now there are no doubts or issues about the legality of how the CSS code was acquired. 'Twas illegally done 100%.

Now what? The code is still out there. And forever will be. Much of in countries where DVD lawyers can't touch it, but which is as easy for a web surfer to access as is the data stored on a floppy in the drawer next to him. Further, you can't reinvent the standard and obsolete all the existing players already out there. You have riots and class action lawsuits on your hands.

Where do you go from here?

Repost is below, properly formatted.

That is an accurate summary (near enough).

According to the law, a technological protection measure "effectively controls access to a work" if the measure, in the ordinary course of its operation, requires the application of information, or process or treatment, with the authority of the copyright owner, to gain access to the work.

The question is whether the copyright owners are demonstrating, by using CSS when they have the option not to, that they are only authorising access to their work through players with licenses from the DVD consortium. If that is the case, then the use of a non-licensed player would indeed be a copyright violation under this section.

But what would happen to somebody in the similar position in the US, eg as regards either (a) publishing the analysis of CSS, (b) writing the code, (c) hosting the CVS server, (d) co-ordinating the overall effort, or (e) including player in a linux distro ?

The relevant law appears to be 17 USC ch.12 sec.1201, but unfortunately this is not currently up on the Cornell LII site.

Section 1201 is set to be amended by HR 2281, the Digital Millennium Copyright Act. I'm not sure what the current status of this act is, and whether or not it has or will be signed into law by the president. The key relevant provision under the new law would appear to be (a)(2):

(2) No person shall manufacture, import, offer to the public, provide, or otherwise traffic in any technology, product, service, device, component, or part thereof, that--

`(A) is primarily designed or produced for the purpose of circumventing a technological measure that effectively controls access to a work protected under this title;

`(B) has only limited commercially significant purpose or use other than to circumvent a technological measure that effectively controls access to a work protected under this title; or

`(C) is marketed by that person or another acting in concert with that person with that person's knowledge for use in circumventing a technological measure that effectively controls access to a work protected under this title.

Some questions:

• What does 'provide technology' mean ? Does software code count as technology ? What about technical descriptions of CSS ?

• Do people still have a first amendment right to discuss CSS and write not-for-profit de-CSS code ? According to subsection (c)(4) below:

  `(4) Nothing in this section shall enlarge or diminish any rights of free speech or the press for activities using consumer electronics, telecommunications, or computing products.

• Does a commercial ISP who allows such code to be published on their server trafficking in a service ? Or do they count as a free press ?

• Does a linux distro which includes a DVD player allowing a disc to be viewed on screen circumvent a technological measure that effectively controls access to a work protected under this title (ignoring any patent issues) ? Would it make any difference if the code was binary only ?

• And finally, haven't these lawyers ever heard of writing laws for easy maintenance and reliability ?? The control flow in (a)(1) has to be worse than anything I've seen in a Perl program! But I wonder, do you think we could get the Librarian of Congress to declare an exception under (a)(1), regarding the current poor availability for use of copyright works under Linux, to allow the situation to be improved ?

Does your law have a problem with printing presses or Xerox machines which can reproduce copywrited books? I'm I going to be sued for telling you that you could stand next to a copy machine and copy any book?

What if I Xerox my DVD?

Censorship always fails.

"Do it to Tux !"

www.geocities.com/SiliconValley/Po rt/3224

Grab it while you can.

It won't work.

Now that it is public knowledge that CSS has been broken, even if deCSS never puts back up the source, other people will pick up where deCSS left off. It is only a matter of time before we can see whatever DVDs we want.

The discovery of DVD keys (and how to break them) won't hurt the movie industry in the long run. Projects like deCSS now face a similar situation as what the MP3 music format faces- MP3 will hurt music, says RIAA, so they try to discourage it. MP3 has not hurt music sales, no matter how much RIAA tries to say it has. The same argument was used for regular VCRs, blank audio tapes, etc.

The arguments did not work then, and they certainly won't stop us here.

Nick
One at a time or all together, it makes no odds to me.

So? AFAIK, trade secrets are not protected from random people reverse engineering them, but from actual theft of said information. If you take a publically available product and figure out how it works, I don't believe trade secret law offers any protection.

So, the question is did the authors of this use any stolen info to break DVD info? If they didn't, then they didn't do anything wrong.

And they're different from the MP3 spreaders in another way. They're trying to make it possible for owners of licensed copies of DVDs to play them. If you can't see that's a world of difference from distributing copyrighted works, you should go into a corner and think for a while.

There is a difference between borrowing a book from the library which you have to return and making a copy of it that you keep and can reproduce at will. Librarys don't cause publishers to lose any money, and in general don't have the most recent texts anyway.

Why do we feel so moved by this guy risking his neck against the Movie industry when thousands of penniless college students are doing the same against the music industry?

Well, for one thing, they're *not* doing the same thing.

The CMU students were actively *pirating* MP3's -- distributing from the campus LAN. This is pretty much explicitly illegal anywhere in the world.

LiVid project was trying to develop a DVD player for Linux, so that people could *watch* DVD's on their boxen.

Different, see?

There are conflicting claims about the legality of backups and media-shifting. The bottom line is that no sane person is going to object if you (for example) playing a tape into your sound card, digitally cleaning it up, and burning the result to CD-R, so long as you do not redistribute copies.

Fair use is, by definition, legal, but the waters have been muddied by people who think that "fair use" is some sort of magical invocation. The current precedent is to weigh the situation against a four-part test.

It can't really be copying because the only copying that can do any real harm is done with disk pressing not disk burning.

True; this whole business is irrelevant to the economically significant piracy problem, which is factories in see-no-evil jurisdictions where the entire DVD, CSS key track and all, is simply copied bit-for-bit and pressed.
/.
If the government wants us to respect the law, it should set a better example.

I don't even OWN a DVD player, and I just grabbed the DeCSS files.

Just on general principles.

But here's the odd part -- now that I have DeCSS, I'm far more likely to actually go buy a DVD player. Which means $$ in the pocket of the film industry.

As usual, they're a pack of shortsighted morons. It's amazing that any films get made with idiots like this in charge.

Already has happened. See http://lwn.net/1999/features/Windowing.p html

--
Serving the Amiga, Be, BSD, Linux, Mac, QNX, and Windows communities - OS Online dot org.

http://people.delphi.com/salfter/LiVid. tar.gz

No link on the associated web page...yet (I'm at work and the master copy of my HTML is at home).

Great new warez site @ ftp:127.0.0.1, but I've already got all that stuff...

There is a list of other mirrors there as well. Well there will be as soon as people start mirroring it :).

Moderate generously...support my karma habit! :-)

• This action is not aimed at commercial pirates, but individuals. Pirates can already mass produce DVDs of their own:
  
  
  
  • Without css decryption, using the analog out, redigitizing, and mastering the non-encrypted result. Loss of quality: minimal.
    
  • Running Microsoft Windows and any one of several widely and freely available Windows utilities for ripping DVDs.
    
  • By placing a video camera (digital or otherwise) in front of the screen, digitizing the results, and pressing the DVD.
    
  
  
• The folks working on the css decryption and Linux DVD stuff are trying to make a product they have paid for work with Linux. The law clearly allows this, even if they do not have the same deep pockets to defend themselves with that the film industry does to make their lives difficult.
  
• Those of us wanting to watch DVD under Linux do not, for the most part, have any interest in pirating DVDs. While I am sure there are exceptions, the vast majority of pirates already have such tools available under Windows (see above). By alienating Linux and FreeBSD users you people in the film industry have alienated some of the most technically savvy folks in the world -- the very demographic group most likely to embrace an emerging technology such as DVD, and a by and large well paid group with lots of disposable income to spend on your product. Nice shooting, Tex.
  

Think of it as a two stage effort:

• First, ensure the kitten is well and truly out of the bag, supporting any number of approaches.
• Second, as a thousand flowers bloom, at least one of them should be legally enabled as supporting interoperability.

In what sense isn't the DVD forum acting "in restraint of trade" and "against competition"?? They don't want to be facing competition from systems other than Microsoft's monopoly (!) or from MacOS. As a consumer, I need real choices.

- Jojo

It appears many people on /. are advocating the wrong approach to dealing with this, namely spreading the code far and wide. This is doomed to fail, because we're being driven underground, and prevented from engaging in perfectly legal activity... the reverse engineering of CSS for the purposes of compatibility. Spreading the code around in the absence of someone willing to take responsibility for maintaining it is not going to help in producing a Linux/OpenSource DVD player. Running underground is acting like the pirates they want to paint us as.

Ah, but unfortunately you're wrong there: in many jurisdictions (the UK right now, the US Real Soon Now) reverse engineering (or breaking) copy protection is illegal. I don't agree with the law, but I agree that it's a good idea not to publicly engage in illegal activities that are opposed by commercial entities who can afford lots of lawyers. What Derek and MoRE are advocating is that the work be moved (just like open source encryption work has been moved) to friendlier places. This won't actually stop the work, or make it any harder to use, but it protects the developers from the lawyers.

As a side note, while I used to think that uniform rules across all governmental jurisdictions would be a good thing, I am rapidly coming to the conclusion that uniform rules would just result in uniformly oppressive rules, whereas our current hodge-podge system actually allows more people more freedom. Go figure.

Inside every small problem is a big one trying to get government funding.

It has been discussed that if the authors will ask for help, give us an address and we will senddefense money.

It's the most we can do because none of us are lawyers. If i were a lawyer i would take this case.

 Even if Windows had disabled this - there's nothing to stop an enterprising pirate (avast me 'earties!) from disassembling Winxx and binary hacking in their own hooks to get the data. The only real 'safe' implementation is going to be a card where the encrypted bitstream goes in one end and analog RGB comes out the other ... the trouble is that these don't fit so well with GUIs which expect to be in charge of the screen real-estate.

The fact that you have to dump the result of your decompression into a frame buffer where anyone can read it should be an obvious weakness to just about anyone - geez I could just about make a script 'forward a frame, take a screen dump, forward a frame, ...' if everything's scriptable you don't even need to do any programming

I'm sure this has probably already happened, I even bet the DVD lawyers are aware of pirates who are ripping DVDs this way - what probably scares the pants off of them is the information being available to a much wider audience than a couple of boat loads of pirates

Ah well, one can always hope they aren't that stupid.

It's interesting how much more interested people seem to be now than when it was first available. Hmmm... this reminds me of a few other things that are considered a Bad Thing © by many governments:

• Drugs
• Guns
• Prostitution
• Gambling
• Warez
• Pornography
• Hate Speech

It certainly gets my attention, but I wonder how much of a `problem' any of the above really are (or rather would be, if they were legal).

Anyway, I had a rhyme that goes:
Mirror, mirror on the wall
how many copies, let's count them all!

1. http://www.noeltner.de/noeltner/freetv. html
2. http://home.worldonline.dk/~ andersa/download/DeCSS.zip
   

   If you've got a .sig, you must have something to hide...

US law doesn't apply to people outside of the US.

-- Unauthorized Access Only!

Perhaps some of us feel it is an unreasonable law. Perhaps some of us are outraged that our governments continue to pander to greedy corporations. Perhaps some of us feel it's time the law put the right of free speech ahead of intellectual property "rights".

Last time I heard, the government worked for us. Last time I heard, the purpose of the law was to serve our best interests. In days gone by people protested -- vigorously -- when they felt the law was wrong, and very often they got it changed.

One wonders why we have by and large forgotten how to protest. I think many of us have grown greedy ourselves, so that when others, in their greed, trample on our freedom, we find it only natural; it's just what we would have done in their position. Maybe it's time we reexamined those values. It's a pretty sure bet that the law will never put freedom ahead of greed until "We the People" do so.

-r

One wonders why we have by and large forgotten how to protest.

That one's fairly simple: Conditioning. Media images of protests are now almost always shown in a negative light, even if they're for an obviously 'good' cause. So the 'protest is bad' myth is reinforced time and time again.

Simple concept, but lots of people don't notice...

Another nearby post about following laws that seem 'right' to you is quite a good one - why not say to yourself "Laws are just guidelines" 10 times every morning and evening? :)

When I first heard about DeCSS, I thought, 'Gee, that's interesting. Another weak encryption system broken. *shrug*' and proceed to promptly forget about the entire thing.

Then a few lawyers get involved. Why do I suddenly feel the need to download the source and walk through it line by line?

So far, I haven't heard of any attempt to shutdown the Linux DVD player efforts (please correct me if I'm wrong). It appears that the efforts to date focus only on a tool aimed specifically at facilitating DVD copying. If I am correct, I urge patience.

I find it hard to believe that an effort will be made to block a Linux DVD player. Linux owners are the recording industry's best customers - generally young (15-35) with lots of sending money and an interest in techno-gadgits. The goals of the recording industry are really simple: maximize profits. They really don't want to offend the Linux audience unless their profits are threatened.

If, on the other hand, an attempt is made to block the Linux development efforts, tell me where to contribute to the legal defense fund. $50 * 1k people starts to get interesting.

I was planning to buy a DVD player, but now I have changed my mind.

...richie