Injunction Against 2600 for DeCSS 466
Vito writes "Figures. Mitnick's free, but now a federal court has issued a preliminary injunction against the 2600 website, and its webmasters have been threatened with immediate imprisonment, over the distribution of the DeCSS source code. Time to start that data haven." This is just the latest in the DeCSS fiasco, and it certainly won't be the last. The difference between this and the DVD CCA battle is that these are federal court cases, which is why terms like 'immediate imprisonment' are being tossed around.
Here's a much better analogy (Score:2)
To prevent people from figuring this out, they include a piece of paper in the box that says "by opening this box, you agree never to try your key on anyone else's lock".
Someone figures out that every key to a CSS door lock is the same, and tells the public, because with that information, hey, the locks are basically worthless as far as security goes.
CSS then attempts to make the government imprison anyone who knows this piece of information, because it would damage their business of selling (defective) locks, and of course they can't go back and change EVERY lock they ever sold to use unique keys.
commercial purposes (Score:2)
So now in considering freedom of speech, we're first looking at how much money is involved.
Information, booze, prohibition, and the Mafia. (Score:2)
Well, information is like booze. People will do anything to get it. Illegal or not. And the internet gives anyone with a computer and a net connection the ability to be an information importer/exporter/distributor. This gives each and everyone of us the potential to become a one-man international Mafia. Stop this? All govt's combined do not stand a chance. Like booze, knowledge, information cannot be suppressed once released into the public realm. The RIAA has taken on a truly impossible mission and will meet with the same success as the Feds did at stopping liquor sales.
The logical thing for the RIAA to do is to officially license distributors of CSS manipulating programs. Tax the licensee a fee and let the programs be sold for profit. Most people will go for the legal product if it's available. The Linux crowd will no longer have an excuse to use "illegal code" to play DVDs. And only then will the RIAA have a stable platform from which to strike out at those making and distributing illegally copied DVDs (I refuse to use the word "pirate") of their product, because legal alternatives were available. In fact, the RIAA would probably make more money from licensees than what they claim to be "losing" as a result of the DVDs that they think are being illegally copied with DeCSS and its ilk.
Not this stupid tactic again! (Score:2)
I quote from "the Bible" on stupid government hacker punishment, Bruce Sterling's The Hacker Crackdown, 4:2 [lysator.liu.se] and a few pages down... (feel free to read more, it's all relevant--in this case, I didn't even quote *enough*.)
The E911 Document was also proving a weak reed. It had originally been valued at $79,449. Unlike Shadowhawk's arcane Artificial Intelligence booty, the E911 Document was not software - it
was written in English. Computer-knowledgeable people found this value - for a twelve-page bureaucratic document - frankly incredible. In his "Crime and Puzzlement" manifesto for EFF,
Barlow commented: "We will probably never know how this figure was reached or by whom, though I like to imagine an appraisal team consisting of Franz Kafka, Joseph Heller, and Thomas
Pynchon."
As it happened, Barlow was unduly pessimistic. The EFF did, in fact, eventually discover exactly how this figure was reached, and by whom - but only in 1991, long after the Neidorf trial was
over.
Kim Megahee, a Southern Bell security manager, had arrived at the document's value by simply adding up the "costs associated with the production" of the E911 Document. Those "costs" were as
follows:
1.A technical writer had been hired to research and write the E911 Document. 200 hours of work, at $35 an hour, cost : $7,000. A Project Manager had overseen the technical writer. 200
hours, at $31 an hour, made: $6,200.
2.A week of typing had cost $721 dollars. A week of formatting had cost $721. A week of graphics formatting had cost $742.
3.Two days of editing cost $367.
4.A box of order labels cost five dollars.
5.Preparing a purchase order for the Document, including typing and the obtaining of an authorizing signature from within the BellSouth bureaucracy, cost $129.
6.Printing cost $313. Mailing the Document to fifty people took fifty hours by a clerk, and cost $858.
7.Placing the Document in an index took two clerks an hour each, totalling $43.
Bureaucratic overhead alone, therefore, was alleged to have cost a whopping $17,099. According to Mr. Megahee, the typing of a twelve-page document had taken a full week. Writing it had taken
five weeks, including an overseer who apparently did nothing else but watch the author for five weeks. Editing twelve pages had taken two days. Printing and mailing an electronic document (which
was already available on the Southern Bell Data Network to any telco employee who needed it), had cost over a thousand dollars.
But this was just the beginning. There were also the hardware expenses. Eight hundred fifty dollars for a VT220 computer monitor. Thirty-one thousand dollars for a sophisticated VAXstation II
computer. Six thousand dollars for a computer printer. Twenty-two thousand dollars for a copy of "Interleaf" software. Two thousand five hundred dollars for VMS software. All this to create the
twelve-page Document.
---
pb Reply or e-mail; don't vaguely moderate [152.7.41.11].
Re:Whacking the mole (Score:2)
--
Is it a trade secret... (Score:2)
It's hardly secret anymore, if you ask me. (Oh, you didn't. Oh well, never mind.)
Then, there's this little matter of encryption. It's basically an XOR function, or very very little more. To the best of my knowledge, the XOR operator has been public domain for some considerable time.
Last, but not least, DeCSS does =NOT= break trade secrets, as it is NOT using the same code as the CSS encoders used by the commercial sector. (This IS important, as it has been a factor in a number of Intel instruction set lawsuits, in the past. Case law beats 4 of a kind.)
Re:Now's a good time... (Score:2)
--
Re:Whacking the mole (Score:2)
Re:At what point do random bits become illegal (Score:2)
About the legal issues, I don't think any such case has come up where someone hides something in a freely available document. If a message is just lists of numbers of bytes in a particular file, then only the message should be illegal. But there is a very fine line to be drawn. Its a tough legal question, and I do not envy the judge stuck with it.
Re:At what point do random bits become illegal (Score:2)
Stenography is a relativly new area for both cryptography and the legal system. As I understand the current law (IANAL), both parts of your system (the carrier and the key) are illegal. Any document used to carry "illegal information" is illegal. At some point, this law will have to be revised (when someone hides info in the text of a supreme court case for example, then sues governemnt for distributing it [this will never happen tho]).
In the meantime, I believe there is a precedent for your home movie to become contraband. I'd love to see that in the media "NSA arrests father for illegal home movie." What is really needed is a way to make the VHS tape still contain the data, because the computer file is subject to restrictions that the video isn't. Like I say, it would be amusing.
--Nick
PS: if you are interested, there are a bunch of really good papers out there on stego that are readable to the non-cryptographer. From the software end there is some really nifty stuff, my favorites being MP3Stego (hides a few hundred k in an MP3 file) and StegFS (compatible with ext2fs, but hides date in 16 "security levels" which are stored in the unused blocks of the ext2fs. And does it in such a way as you cannot prove the existance of the data.) Very fun.
Note that TIME WARNER is one of the plaintiffs! (Score:2)
1) This shows that the AOL-TimeWarner merger is indeed news for nerds, and all the naysayers last week had valid concerns. Big Media are not on our side, and they're invading our space from the inside (the merger) as well as attacking from the outside (the DVD actions).
2) Conversely, maybe Time Warner has a more direct interest in not pissing us off, or at least as much AOL ever did. Does anyone have good contact info for them?
Wired story (Score:2)
Tax deductable, too. (Score:2)
----
The judge was a bit clueless, with an agenda (Score:2)
----
Whacking the mole (Score:2)
Reminds me of a game called "whack the mole". I made a post about this earlier, but I'm too lazy to go dig it up. For now, just post mirrors under this thread. I want to get my name on this lawsuit too... I figure with several thousand defendants we can't lose. :) "Yeah, the RIAA just sued the ENTIRE internet, film at 11!"
I Wish these morons in suits (Score:2)
I'm getting a little fed up with the authorities cracking down on the POTENTIAL to commit a crime, like the Ramsey electronics raid, instead of the criminals themselves. Used to be you could copy, say, 8-track tapes. Whoopdedoo. Some people tried to setup for-profit pirate operations, and a lot of them got busted over it to. Nowadays we're guilty of crimes just because we CAN commit them, jeezus.
The Scarlet Pimpernel
Re:But I like movies dammit! (Score:2)
I say, screw you. These companies are trampling on your rights, and you're paying them to do it every time you buy a DVD or rent a video. I for one refuse to feed the mouth that bites me. I've joined the boycott. If you gave a damn about your freedom of expression, you'll stop giving these people your hard earned money.
I like movies too. But if having movies means paying people to destroy open-source software, then fuck the movies. I'll play Quake instead. At least ID software supports what we're doing.
TOYWAR [toywar.com]!!
List of mirrors is up!! (Score:2)
Another Mirror (Score:2)
ObMirrors (Score:2)
lemuria.org [lemuria.org]
OpenDVD.org [opendvd.org]
--
Re:Encrypted message follows: (Score:2)
Since I did it by hand in "vi" without even needing to analyse the algorithm (a simple sustitution cipher is the first thing anyone wuould check), I guess my brain is illegal, according to the MPAA's viewpoint. Or vi is, though I could just as easily have used a pencil and paper.
I guess you made your point very well. Why can't those dumb lawyers see this>
Consciousness is not what it thinks it is
Thought exists only as an abstraction
Re:I'd like to see the MPAA... (Score:2)
*Use of these products for unauthorized duplication of copyrighted material from DVIX, DVD, VHS or other media is prohibited under federal copyright laws unless the copy qualifies as a far use under the Copyright Laws.
Consciousness is not what it thinks it is
Thought exists only as an abstraction
You are even more moronic than the NY judge (Score:2)
You are truly an idiot.
Others are risking financial ruin and even imprisonment in order to fight for our rights to free expression and fair use which morons like you take for granted, and you can't even get off your lazy ass and find some other way to entertain yourself for the duration of this fight? Words are inadequate for me to express my contempt for both you and the stance you advocate. Go back to eating your pretzels on your beer stained recliner and shut your mouth, for that is precisely the only right to expression you will have left if the attitude you espouse defines our response to this outrage, and it is indeed the only right to expression you have earned.
I suppose the thougt of reading a book instead of watching a movie never occurred to you. Most movies are based on novels, or have book versions of the scripts published at a later date. In the vast majority of such cases the book is vastly superior to the movie. Of course, reading may require a greater level of effort than your capable of, and might require you to occasionally put down your Colt 45 beer or your crack grinder in order to turn the pages.
In the meantime, the rest of us will pay your blithering idiocy the attention it deserves (read: none). In my case, I will no longer purchase any movies of any kind (which will cost the MPAA members a very sizable sum based on prior purchases of Laser Disks and DVDs). I may consider renting a DVD movie instead, as that vastly reduces the profits the movie industry makes. However, seeing a film in the theater or purchasing the media are no longer options for those of us unwilling to spread our ass cheecks for the MPAA.
Re: (Score:2)
You people just don't get it. (Score:2)
No sucessful Open Source product will ever be based on DeCSS because the DVD industry will continue to defend their valid legal right to their trade secrets and impose severe penalties on anyone who dares to defy them.
You say 'the genie is out of the bottle' - wait until the coders of the Linux DVD project get threatened with imprisonment and million dollar fines - we will see how far this project progresses.
You want a Linux DVD player? Get some venture capital together, buy a license for the algorithm, and go to town. Sell it to all the large linux re-packagers (redhat et al.) and laugh all the way to the bank.
-josh
Re:Whacking the mole (Score:2)
The alternative is the lot that just want's to look cool in the eyes of
If you trully believe in what you're doing, then by all means do it. But don't talk the talk when you aren't prepared to walk the walk, please.
Re:Did 2600 have right 2 be heard @ injunct'n hear (Score:2)
The injunction itself is a bad sign. That means that the judge has heard the plaintiffs and believes them enough to try to stop distribution of the product until the issue's resolved. He or she is listening to the industry and believing what they say. And if it goes through, then most of you moles will get whacked.
Time to enlist overseas developers to further this cause.
Re:That was the ONLY intelligent post made! (Score:2)
I'm sure there are plenty of people who would be happy to pay money for a proprietary DVD viewer which runs under Linux. This is the same set of people who would pay for Opera under Linux or for closed-source games, for example. Unfortunately, there are no DVD viewers available for Linux at any price. That is, until some hackers got fed up with the situation and wrote one.
How, exactly, are DVD's not like CD's? Both contain copyrighted material, both are combinations of bits on a physical medium, both are licensed to users for their own home viewing, and as far as the legal system is concerned, up to this point users have exactly the same rights to make a backup copy of a DVD for archival purposes that they have to backup a CD.
I think you need to be a little more specific. Obviously someone is copying DVD's - there's a bunch for rent at the video store down the street :) That was an absurd counterexample, but if this case was as open-and-shut as you say, I don't think we would be seeing nearly the amount of controversy that we are. Please specify the exact law which specifies that it is illegal to copy DVD's for any purpose, at any time. Answer: there is no such law - there are laws which may restrict your rights to copy DVD's for some purposes and at some times, but there is no absolute ban on the practice. The exact interpretation of these restrictions is the real reason the whole issue is in court right now.
There's more than one way to do it(tm): Windows users are happy to pay for their proprietary DVD-viewing software, and I'm sure some Linux users would feel the same. But until such a thing exists for Linux users, it's ridiculous to expect them to wait an indeterminate length of time for that product when there are alternative but completely legal (or at least I assume that they are legal pending a court decision otherwise) means of viewing DVD's under Linux.
I agree with your point that if the law is wrong, fight that first. That's why I'm happy to see the EFF (in another Wired article yesterday) mention that they were planning to challenge the constitutionality of the DMCA during this legal challenge. However, I'm not convinced that the existing law was broken in this case. Now if someone is actually using Linux + DeCSS + a professional-grade DVD writer + a bunch of DVD blanks to bootleg copyrighted DVD's, then I will agree with you that that person is doing something illegal (at least within the U.S.) and I wouldn't be defending them. But just distributing code which could be used for that purpose is not the same thing at all, and linking to a site which distributes that code is no more illegal than a newspaper that prints the street addresses where lots of drug busts occur.
more mirroring (Score:2)
the ribbon page [tripod.com]
You have not researched this. (Score:2)
Injunctions without a trial can't last forever. Assuming the DVD consortium doesn't give up, this will eventually go to trial. And when you follow that case in court, you will learn something that you apparently haven't found out about yet.
DeCSS is not based on stolen or leaked specifications or source code. Instead, DeCSS was constructed from analysis of a DVD player binary. There's no trade secret involved; it's simply a matter of reverse engineering. When those facts are compared to the law, the defendants win.
---
prejudging (Score:2)
Obviously, sleazy plaintiffs can abuse this technique, but if it weren't available, then it would be easier for sleazy defendants to commit other kinds of abuse.
(I'm not defending the MPAA, just defending this particular aspect of legal procedure.)
--
"But, Mulder, the new millennium doesn't begin until January 2001."
Judge Improperly Defined DeCSS!!! (Score:2)
(b) "CSS" means the Contents Scramble System used to encrypt, scramble or otherwise protect the contents of certain DVDs from being copied.
All that needs to be proven is that DVD's can be copied without DeCSS and the entire basis of the injunction can be thrown out. The Judge clearly believes that DeCSS is meant to make it easy to copy DVD's which is definitively not the case.
---
Judge Improperly Defined DeCSS!!! (Score:2)
(b) "CSS" means the Contents Scramble System used to encrypt, scramble or otherwise protect the contents of certain DVDs from being copied.
All that needs to be proven is that DVD's can be copied without DeCSS and the entire basis of the injunction can be thrown out. The Judge clearly believes that DeCSS is meant to make it easy to copy DVD's which is definitively not the case.---
Dear MPAA... (let them feel the /. backlash) (Score:2)
- MPAA.ORG [mailto]
Department of Investor Relations and SalesMCA.Com [mca.com]
Paramount [mailto]
MGM [mgmua.com]
Sony [sony.com]
Disney [go.com]
Fox [mailto]
Dear Sirs:
Just so you know, I will not be buying any DVD products from your company until such time as the MPAA, etc. drop all actions against websites carrying the DeCSS code. In addition, I will not be investing (or further investing) any amount of money in your companies for the same reasons.
Thank you.
Note to Slashdot Readers:
All of the above URLs are active as either email addresses or contact form pages. I would suggest that now would be a good time to exercise the /. effect and your brains (don't just copy my message) on behalf of the websites targeted by the MPAA.
P.S. If any of the URL's don't work, please fix them. I felt like it was more important to get this posted than to triplecheck all the links.
Re: Economic Warfare (Score:2)
And I don't have a set top. So you aren't selling me any DVDs.
Moreover, I quit buying video tapes a year or so ago when I saw that they would be an investment in obsolete technology.
I.e., you aren't selling me anything.
Oh, yeah: my next stop is the EFF page. Gotta join that revolution before you shut down the Web too.
--
It's October 6th. Where's W2K? Over the horizon again, eh?
Re:That was the ONLY intelligent post made! (Score:2)
How do you know this? Are you privy to some information that none of the rest of us are? Did you perhaps ask the designers what their purpose was? The problem is that a great deal of this case hinges upon intent. What did the programmers intend? What is the intended purpose of this program? Do the owners of the websites intend for users to bootleg DVD's?
I highly doubt the original intent was to bootleg. With the current cost of media to copy the DVD to bootlegging appears uneconomical. It seems unlikely that a DVD bootlegging program would be created to utilize a a technology not already at market. If the intention had been to bootleg, why doesn't the program downsample and save at a lower resolution so the DVD can be saved on a CD-R? It's not that much more difficult than writing the DVD to disk. If the honest intent of DeCSS had been to pirate I think it would have been a far more functional program.
DVDs are copyrighted, you have NO right to make any copies of it EVEN for your own private use (this is not like VHS or CDs).
*IANAL* I'm afraid this is quite inaccurate. The DMCA specifically says that it does not invalidate the doctrine of Fair Use which states (in part) that you may make private copies for personal use of a product you own.
Whether you like it or not; agree or not. Today, right now, the law states you cannot make copies of DVDs. Period To create a tool that does so and/or to distribute it is illegal.
Again, wrong. To create a tool whose SOLE or PRIMARY purpose is to copy DVD's is illegal.
Re:Online tyrrany calls for real world activism (Score:2)
Come on everyone - Use the slashdot effect for good. Join EFF! It's a secure site, and it starts at $20! [eff.org]
Come on, go do it now! All that is required for evil to triumph is for good people to do nothing.
As the EFF press release says:
"Today's decision is a major wake up call for the $30 billion Linux community," said EFF Co-founder John Gilmore. "If Judge Kaplan's reading of the DMCA holds, then it will become illegal to build open source products that can interoperate and/or compete with proprietary ones for displaying copyrighted content."
(Yeah, this is redundant. But it's worth repeating.)
Re:You people just don't get it. (Score:2)
Are DVD Players Illegal for 2600 ? (Score:2)
(c) "DeCSS" means any computer program, file or device that may be used to decrypt or unscramble the contents of DVDs that are protected, or otherwise to circumvent the protection afforded, by CSS and that permits the
copying of the contents or any portion thereof.
"any device that may be used to decrypt or unscramblw the contents" hmm, isn't that what any DVD player has to do... (and yes I can copy the content to S-VHS or something)
Does that mean that 2600 have to give back all their DVD players
Frank
karma burning. (Score:2)
"Subtle Mind control? why do html buttons say submit?",
Re:It was never copy protection (Score:2)
The encryption provides NO protection against copying, with or without DeCSS.
A normal DVD player cannot read the entire disk with normal DiskIO functions. Only when the movie is played can the data be recoverd. You can bit-for-bit the encrypted stuff, but it isn't going to do you any good without the key part.
I know this is pretty much common knowledge around here,
Yes it is, witch is weird, beacuse its not true. In order to get a true bit-for-bit copy, you'd need to rewire the DVD player internaly, or build your own.
"Subtle Mind control? why do html buttons say submit?",
German bank chided for 56-bit encryption (Score:2)
It's their job to be serious. (Score:2)
Re:Did 2600 have right 2 be heard @ injunct'n hear (Score:2)
Course, if you've wrongfully siffered financial harm because of the injunction, do you have grounds of a counter-suit?
Re:First Post! (Score:2)
Because of the karma system and the moderators actions on my posts, I have a stupid amount of karma which adds a +1 to every post I make (see my new sig)
Re:karma burning. (Score:2)
Guess it's just time to turn off scores and browse at -1 and not look at my user info page to see what replies to my comments are like. But then that kind of defeats the purpose. Dunno, maybe I just had too much for one day, you know?
Welcome to the revolution (Score:2)
I hope it ends better than this one... but I do wonder less and less about the sentiments.
"When, in the course of human events, it becomes necessary for one people to dissolve the political bonds which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the laws of nature and of nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation."
-- Preamble to the Declaration of Independance [ptw.com]
---------------
Colleen:Its a black-hole.
Hunter:Is that a good thing?
C:It is if you want to be compressed into oblivion.
H:Oh.. coooool.
Re:You people just don't get it. (Score:2)
1) Being a trade secret they have to dilligently protect it, it's not clear that there encryption meets a due dillegence standard
2) The person who broke the encryption was a minor, hence any shrink wrap licensce is unenforcable on them
3) The minor was from a foreign country where reverse engineering was valid
4) reverse engineering is allowed for interoperability, the software makes DVD's interoperable with linux hardware this is the "only" way to software decode DVD's on linux so that they can be watched.
5) this isn' just about DeCSS, there is also that whole freedom of speech thing...
LetterRip
Re:more mirroring (Score:2)
~CalibanDNS
Subscribe to 2600! (Score:2)
Subscribe to 2600! Today
Hell, take just part of the cost of DVD player you've put off buying and buy a lifetime subscription to 2600, then send a copy of the check (with an explanation) to the MPAA!
Re:It was never copy protection (Score:2)
I'm sure the *real criminals* who try to make money from pirate DVDs have factories where they can whack out thousands of copies a day.
cheers,
-pbk
Re:Whacking the mole (Score:2)
If you have the means, here is an action to define "irony"...
Send the package to:
Jack Valenti
c/o Motion Picture Association of America (MPAA)
15503 Ventura Blvd.
Encino, California 91436
Re:It was never copy protection (Score:2)
Despite the prevailing opinion on Slashdot, it's my impression that you can't actually do a bit-by-bit copy of a DVD. The DVD reader hardware simply won't allow you to read the decryption keys off the disc. (It will only use them internally.) So if you tried to simply copy a DVD, you'd end up with a whole lot of encrypted data and no keys to decrypt it.
Of course, this assumes that the hardware enforces the security. I don't know how hard it is to find "rogue" DVD drives, or to modify standard drives to allow copying, but I suspect it's not very easy... Correct me if I'm wrong.
Disclaimer: The MPAA / DVD CCA is still wrong. Illegal copying is by no means the primary purpose of this software, and it certainly isn't the software's only use, which I believe is what the MPAA's lawyers would need to prove. We should just bear in mind that allowing easy copying of DVDs is a necessary side effect of open source DVD playing.
Re:It was never copy protection (Score:2)
Based on the information in the article, it still seems to me that a DVD drive will only provide an encrypted key for a particular player, based on that player's own key, and will not under any circumstances provide the entire key area. (Which you would need to copy an encrypted DVD.)
Actually, as I read Bogk's comment again, it seems that his point is that you do need a "crack" to copy DVDs, it's just that DeCSS is not that crack. The analysis of the key exchange system that appeared anonymously about a year ago was sufficient to break the copy protection.
If my understanding of that is correct, then it may have interesting legal implications for the DeCSS case, but my basic point is still true: Assuming strong encryption and a bug-free implementation (neither of which actually happened), CSS should, in principle, prevent DVD copying.
Re:Copying DVDs (Score:2)
I'm talking out of my ass here, and I'm too tired to lace my comments with the many disclaimers that they deserve, but I haven't seen any information to the contrary yet.
Re:It was never copy protection (Score:2)
My PC is a bit of a mess right now, but I made a cursory attempt to play a segment of Free Enterprise off of my hard drive. (Incredible movie, by the way.) I ran into a lot of unhelpful error messages, although my Creative PC-DVD player did tell me that "This program cannot open a file that is copy protected." So it isn't quite that easy to bypass CSS.
Another mirror (Score:2)
--GnrcMan--
Re:That was the ONLY intelligent post made! (Score:2)
Ummm... CDs don't use CSS.
As for the rest of your point.
At this time, bootlegging DVD is economically unfeasible. 1) No DVD-RAM on the market has enough storage space. 2) It would cost more for 2+ dvd-ram discs than it would for 95% of the commercially availble DVDs.
Seeing that at the time of the creation of this program, there is no market for bootleg DVDs, I think that you would find it hard to prove in a court of law* that DeCSS was made to bootleg DVDs.
If you can't prove that, there is _NO_ _CASE_.
Further, we are defending our right as programmers to play with technology and "see how they did it." At this time (the the befuddlement of many corporations) this is still perfectly legal.
* The concept of "proving" in a court of law, while not as stringent as that of the scientific community, is still very strict. This case is still very much up in the air. (BTW, IANAL (thank god))
Re:Whacking the mole (Score:2)
Here's my mirror! [2trak.com]
======
"Rex unto my cleeb, and thou shalt have everlasting blort." - Zorp 3:16
They made me a criminal! (Score:2)
Even if you never used a search engine at all, how many degrees of separation do you think there are between some random home page, the pages it links to, the pages THEY link to and so until you finally hit what is probably now one of the 5,552,463 pages on the Web hosting DeCSS? I'll bet there aren't that many. And I have links to a bunch of pages.
But wait a minute! This discussion thread has links to the DSS source code in it -- in fact, it has portions of the code itself -- and it's stored in my cache! In fact it's probably in the cache of everyone who uses any kind of browser and didn't specifically disable the cache. That means, my friends, that every single one of us is now in direct violation of the law.
So now I might as well put the code right on my home page on the theory that if you're going to be hung for a lamb, you might as well be hung for a sheep.
--
rules of engagement (Score:2)
(i posted this to an earlier thread, but it seems relevant here too.)
what we need is some geneva conventions here. they should go like this:
industry: you have the right to encrypt your stuff however you want. if you fail, you have the right to prosecute people for illegal distribution, but not for circumventing the encryption.
would be crackers: if you can crack it, you can have it, BUT it is still illegal to sell cracked copies, as it is with other unprotected media.
it should be this way for only one reason: it is the most defensible (read: enforcable) way of drawing the lines! and even with readily available cracks, if there is no real money in piracy, which there won't be, then pirated movies will account for like 1% of the market, as it does with auido CD's.
Re:Whacking the mole (Score:2)
Kintanon
Re:Doesn't this violate restraining order against (Score:2)
(whether I support this particular cause or not is besides the point)
Actually ... (Score:2)
What you are really talking about is stenography.
No, what he was talking about was steganography. "Stenography" is the process of taking shorthand. :-)
Other than that misspelling, your description was accurate and informative.
Movie Execs Don't Understand Issues (Score:2)
Having been in a meeting with some of Sony Pictures corporate types just yesterday, I can tell you they haven't appeared to have read ESR's blurb on the positions of the open source community.
The movie industry is rightfully worried - they make money off of home video, and don't want to see it disappear. They saw all the trouble the record industry had (and is having) with the whole MP3 debacle. They don't want a repeat, and they see DeCSS as something akin to a CD ripper. They don't see DVD on a hard disk as harmless - even if it is prohibitive to download several gigs today, they know it won't be in a few years. And they don't want all their movies out in the clear when that happens.
Thing is, if what's-their-name had just encrypted their key in the first place, this crack never would have appeared. Kind of like NASA mixing up English and metric.
Re:Some truths (Score:2)
Copyright-wise, they have a fully loaded, double-barrel shutgun (and a box of shells.) I'm sure they've had a few words with Xing privately for not adequately protecting the CSS technology, but you cannot put the smoke back in the chip (you fan the smoke away and replace the chip.) It doesn't matter what DeCSS was intended to do; it's only commercially significant purpose (to use the DMCA terms) is to remove the copy protection of a DVD -- it copies files from protected DVDs, descrambling them in the process, to your hard drive. I'd like to see a lawyer convence this judge otherwise. (MPAA's got us on that one.)
DeCSS is a windows program -- that's not very useful to linux developers. Furthermore, DeCSS.zip doesn't contain any actual source code. I've never seen the DeCSS source code. At any rate, as I've been told, it's x86 assemble ripped (almost?) verbatum from the Xing player. (that's a clear copyright violation.) This source code was made available to Derek Fawcus (I hope I spelled that right) who took on the daunting task of turning that stuff into C code. (that's not so clearly a copyright violation.) Now, I'm sure Xing didn't write this stuff in asm -- I'd bet C++. Turning asm into C isn't blindingly simple; turning compiled C++ crypto code back into C is frighteningly complicated.
The css-auth code from Derek is very useful code. It can do the same thing DeCSS does, but that's clearly not its intent nor is that remotely its primary commercially significant purpose. My concern as a LiVid developer is not to decode the crap on the disk but to be able to authenticate the disk so I can see the files and thus present them to the decoder hardware AND be able to broker the titlekeys as the decoder has no direct communication channel to the drive to do it on its own (if it could, I sure as hell would make it do it.)
In my book, software decoding of DVDs is a serious waste of processing. Decoding MPEG-2 data is a very computational task best handled by hardware designed to handle it.
As for your comment on "pay[ing up]"... CSS licensing is free. However, it doesn't happen overnight. When the Matrox DVD add-on is sufficiently functional, then and only then will I make a case for getting an actual license for a player. Until we have a reason to need one, why bother asking? (The driver may be functional tomorrow and it may be six months. And ZORAN will be the first people to be asked for any licensing... we need their microcode -- currently, you have to have the Matrox Zoran SoftDVD software installed.)
Re:Intellectual Property Theft (Score:2)
Then it becomes a rather effective playback protection as you cannot play the movie back without undoing what CSS does to the files. In some cases, the hardware doing the decoding can handle the actual descrambling once it has the appropriate keys (the dxr2 can do this and I'm sure the Vaddis III can too with proper microcode.) BUT, you have to jump through a few hoops to get the titlekeys for the descrambling process.
This is all a bloody mess. I would bet everyone involved with DVD technology knew this crap was crap from the get go -- I'm surprised they weren't better prepared to counter DeCSS.
Our best option (Score:3)
People are going to need all the lawyers our donations to EFF can buy.
Thats just avoiding the problem (Score:3)
At what point do random bits become illegal (Score:3)
So what this is doing is just taking the input stream and rearranging it to construct an output stream. Now suppose the output stream just happened to look an awful lot like a gziped tar file of the DeCSS source code.
Which part of this system is illegal? Is it my home movie? Is it the filter program that simply processes some instructs and transforms a file. Is it the instructions? Or is it the combination of all of the above? What if these pieces are kept on different machines, who is the one providing the illegal content then?
Protection not "compromised" (Score:3)
Can those T-shirt $$ buy Judge Kaplan a clue? (Score:3)
From the Wired article [wired.com]:
The same article also describes the judge complaining about the defendant's lack of preparation, even though he denied their request for a postponement. The 2600 news section bears this out as well, describing how they had just 8 hours to talk to attorneys and prepare their case. This has all the signs of a travesty of justice in the making.
Only a battle, not the war. (Score:3)
1. It's important to understand the difference between the California case and the 2600 case. The California case is a theft-of-trade-secrets suit, which is unlikely IMHO to succeed. The 2600 case is a suit under the Digital Millenium Copyright Act, which specifically prohibits decryption devices, even when they are constructed through proper reverse engineering. It is much less clear IMHO that DeCSS is not in violation under the DMCA--argument for the defense hinges on the question of whether DeCSS is or is not *necessary*, and has as its *sole purpose*, to acheive interoperability with other DVD players.
2. In some ways lower-court rulings in favor of the DMCA are likely to be of benefit in the long run, because they will accelerate the process of getting higher-court review of the constitutionality of the DMCA. Many legal experts believe that the DMCA is not constitutional. It takes court cases lost in the local jurisdictions in order for this to come out in the legal system. Thus, the most important thing now is to support 2600 and the EFF to continue the fight so that eventually the whole DMCA can be thrown out. Somebody has to be the test case, and it's better if it happens sooner rather than later IMHO. If we won every local case brought under the DMCA due to technicalities, the DMCA and its horrible ramifications would remain in force. Better to lose some small and meaningless fights in order to defeat the DMCA.
This particular fight is about as meaningless as one could be, since there is no practical effect on the Linux or DVD world at large from the ruling. Only the defendants and their contacts are enjoined, so DeCSS distribution is not limited in any important way. Plus I'm sure 2600 is happy for the press coverage.
You can read the DMCA here. [cornell.edu]
Injunction applies to electronics stores? (Score:3)
(c) "DeCSS" means any computer program, file or device that may be used to decrypt or unscramble the contents of DVDs that are protected, or otherwise to circumvent the protection afforded, by CSS and that permits the copying of the contents or any portion thereof.
This could be argued to cover anyDVD drive and software, and indeed anyDVD player that has a video-out jack (you can plug it into your VCR to make a copy -- Macrovision may screw it up some, but some portion would be copied).
Now, the injunction applies not just to 2600, but to anyone with contact with them -- so here's what they do: go visit as many retailers as possible selling DVD players (especially those that also sell VCRs, i.e. all of them) or DVD viewing software and talk to the sales folks. That's the contact. The stores thus fall under the injunction. 2600 obligingly reports all this.
Now, I doubt that the judge is gonna throw all those folks in jail, or tell them that they can't sell DVD players anymore. It might (mind, there's no telling about the intelligence of judges, especially in New York) get him to better realize the implications, though.
They're no friends of legitimate DeCSS users. (Score:3)
(And DeCSS can be used in such a way. There is a special part on a DVD which is not normally readable/writable that contains the CSS information. With DeCSS you can presumably write a DVD without getting/altering DVD equipment to allow you to read/write to those areas)
I for one won't be sorry to see them 'sent down'. However what we (via online discussion and articles in tech-friendly and even mainstream media etc) need to do is make clear that the vast majority of DeCSS users (and would be users like myself) simply want to use it to play DVDs on our systems, which amounts to noting more or less than interoperability reasons.
We must make clear that the targets of the recent cases to do not characterise the general DeCSS using (and would be using) community.
We must make it clear that a win in these cases means nothing to the larger DeCSS community. It's just a win against a few individuals whose crime was to abuse, or promote the abuse of DecSS for illegitmiate means.
We must show that there is a distinction between legitimate and illegitimate use of DeCSS, and that the legitimate users far outnumber the illegitimate users, thus the primary purpose for DeCSS is indeed for interoperability.
copyleft.net (Score:3)
It's at copyleft.net
Where? (Score:3)
I work about 4 blocks from the court houses in Manhatten and would definately have dressed up and wandered over if it was likely to help.
When is the actual hearing going to be?
Colleen:Its a black-hole.
Hunter:Is that a good thing?
C:It is if you want to be compressed into oblivion.
H:Oh.. coooool.
a million roaches scramble under the fridge (Score:3)
of course part of the campaign is that 2600 is not your average web site, and if anything, the name alone should be enough to encourage people to setup mirrors all over the nets as soon as possible.
part of me wonders why the industry and their lawyers bother, but another part of me realizes that (digital) democracy doesn't come easy.
so how many of us run servers, and how quickly can we work to ensure that information remains free?
Re:threats, threats threats (Score:3)
I know I was. Welcome to aging in cyberspace. Antigravity, yes. Anti-cranky, no.
But it does bring up a valid point. There's no way on God's increasingly less-green earth they're going to stop this code from proliferating. Why waste the court's time? Isn't there enough ludicrous crap floating through right now?
Like this legislation that (i swear to GOD) just passed, as a result of our great friends, the entertainment industry, that TV listings (tv guide, prevue, that kind of stuff) cannot list whether or not a show is a REPEAT.
It's a good thing our court system has been freed up to worry about things like TV repeats, or making it illegal to list on your dairy products that BGH was not used on the cattle, or that some hacker wrote a program that allows the decoding of extremely insecure video formats.
Fuck the video industry. Fuck the record industry. Fuck these billionaires without enough talent to act, sing, play an instrument or write a screenplay, but who know how to slap their fellow white men on the back and say, "Dammit Bob, let's go have martinis at the witless public's expense. Hell, in 4 years DVD will be obsolete and they'll all buy the same crap on some other medium instead."
Can you say "leeches?"
Re:You people just don't get it. (Score:3)
2600 can't handle the Slashdot effect (Score:3)
01/21/00
Today would have been a very happy day for us here at 2600. After nearly five years in prison, this is the day that Kevin Mitnick is finally being released.
Ironically, that development is overshadowed by a very immediate threat to 2600, the hacker community, and people who value freedom everywhere.
At 5:40 pm on Thursday, the Motion Picture Association of America was granted a preliminary injunction against us - and everyone we've ever had any contact with - prohibiting the distribution of the DeCSS source code. As a result we have had to remove our mirrors of DeCSS, css-auth and related information from the November article. Last week's complaint was filed at the last possible minute on a Friday before a three day weekend. This calculated and bullying move minimized media coverage and ensured that any publicity was only from their perspective. Not to mention of course the fact that the corporations that make up the MPAA collectively own just about every major media outlet in the country. Meanwhile the EFF legal defense team was busy preparing for the Tuesday DVD CCA hearing in California and we were busy preparing for the Mitnick release. We were given a grand total of about eight hours to consult with our attorneys, look for evidence, and write a declaration. Despite our having never been properly served, the judge only granted a continuance of a few hours making it impossible to assemble any evidence in time for the hearing. The judge essentially ignored our arguments and granted the preliminary injunction.
Suing the whole internet (Score:3)
I know Emmanual is gung-ho about fighting this and I support him completely, but I'm just a lowly recent college grad-type guy without the backing of a legion of fans and the EFF, etc. I don't have the time or the $$$ to fight it in court, and I doubt most of us do. Is it really wise for us to be suggesting that people mirror files haphazardly? I'd say mirroring them on "anonymous" sites, like geocities is safer (though not without hazard).
I know a bunch of folks who had their own, personal (thus easily tracable) sites on the 2600 mirror site a few weeks back. I'd hate to see a bunch of people wind up in jail because they got too wrapped up in what they THINK their rights are. In reality, an injunction means your ass belongs to the Man if you don't quit what you're doing. And for 99% of people that would mean a nice fine and some jailtime, rather than a glorious media-filled battle for "Constitutional Rights."
Enough rambling. I'm just worried that we'll wind up with a nice-sized pile of martyrs here if we aren't careful.
Re:Looking good (NOT) (Score:3)
Re:Cripes, they're serious. (Score:3)
This will never get read, but... (Score:4)
This doesn't help. Sounds like the judge never gave the defendants a chance (with comments to the plaintiffs along the lines of "I can give you a runaway train on this one, if you'd like" - see http://jya.com/crypto.htm ) but the quotes above are not the way to go. The whole argument is that CSS is not copy protection, that DeCSS is not intended for privacy, etc, loses credibility due to sites like dvd-copy.com. I actually *support* this type of action against people who are proponents of illegally trading copyrighted material on the DVDs, because it hurts legitimate organizations like LiViD.
----
another idea. (Score:4)
someone [no idea who] replied by pointing out a simpler alternative: simply use the standard GIF comment blocks to distribute the DeCSS code. Distribute a GIF banner image type thing with the DeCSS code in it and have people put it on pages.
everyone who visits the page breaks the law.. -_-
i'd link to the discussion, but it's long gone now.
Now take a moment to remember Martin Luther King Jr., and what he said about peaceful civil disobedience to facilitate change of an immoral system of law..
-mcc
INTELLECTUAL PROPERTY IS THEFT
ok, i did it.. here it is. (Score:4)
well.. i don't know if i like how these came out, but here they are [drowned.cx]. I went ahead and made them for some reason. I don't really like what they say. "This GIF is illegal" maybe isn't the best way to put it. I'm not quite sure. And it may or may not be true depending on your definition of "illegal". (And they maybe oughta have the LZW compression removed via ungif, just so we can all have rhetorical purity.
The idea behind these images (spread public awareness, a la the blue ribbon campaign) only works if it's somehow centralised-- i mean, if images like these wind up in widespread usage, any usage of them should link to some central page that explains what the MPAA is doing and why it's wrong. In which case the "this gif is illegal" should be added to with "click here to find out why". From there it could probably explain what source code is, why it should be considered speech, the purpose of DeCSS, the purpose of CSS, the reason DeCSS does not help piracy (seeing as you can pirate DVDs just as easily without DeCSS just by copying the dvd without decoding or writing a fake video driver before playing it in windows), the reason the MPAA/DVD forum brought this on themselves (by refusal to give any support the unices, the one group most likely to understand how to reverse-engineer), the constitutionality of the Digital Millineum Copyright act with regards to the first amendment and the copyright clause of the constitution, and how the DVD forum in general is basically trying to prevent the spread of information. Y'know, how they are absusing the legal system to try to prevent people from distributing information about how to defeat a copyright protection measure (which sounds to me like it should be covered by freedom of speech and freedom of the press, even if said speech is in the language of C++ and said press is printing on TCP/IP packets instead of paper), or even distributing the location [URLs, links] of that information (which i know is speech, and which there is no basis whatsoever to prevent talking about.) Oh, and maybe some stuff thrown in about monopolies, the sherman antitrust act, and the fact that crushing DeCSS is clearly not to prevent piracy and protect the MPAAs profits and help the artists involved, but simply to preserve the MPAA's power as a political entity/robber baron. And everything else i forgot; what the MPAA/DVD forum is doing is wrong on so many levels you could go on for pages about it. We know all this already, you could do it solely based on compiling slashdot posts, i could write it myself if i weren't so damned tired and i didn't have to go to bed so i can take the SATs tomorrow.
As for the GIFs themselves, the kind of murky colored stuff in the background is actually the DeCSS code itself, with the ASCII interpreted as raw color values. Kinda nifty how the hex values at the end come out as just patterns of lines. On the big one i enlarged it and blurred it over a bit to fit more text, but i wouldn't use that one if i were you cuz the file size is unneccicarily large (like 40k.. i think it's better as small as possible). As promised, both contain the entire source code to DeCSS in their comment fields. If you feel like it (hell, do whatever you want-- they contain GPLed code, so they're GPLed images, so i have no control over what you do with them
Please excuse the poor writing in this post. As i said, i am tired.
making keys analogy not valid (Score:4)
"This is a case of theft. The posting of the de-encryption formula is no different from making and then distributing unauthorized keys to a department store. The keys have no real purpose except to circumvent the locks that stand between the thief and the goods he or she targets."
It's not a valid analogy. It would be more appropriate to compare DeCSS to a set of lockpicks. Lockpicks are legal to buy and to use in your own home. The only thing that's illegal is when you use them to break into someone else's house.
Similarly, DeCSS should be legal for distribution and personal use. The only thing that should be illegal about DeCSS is using it to crack DVDs you don't own for personal gain.
Simon
Call the MPAA and give them your thoughts (Score:5)
Motion Picture Association of America
(MPAA)
Motion Picture Association (MPA)
15503 Ventura Blvd.
Encino, California 91436
(818) 995-6600
*out*
A copy of my email to 2600 (Score:5)
---begin quote---
- From the injunction:
3. Certain terms use in this order are defined as follows:
(a) "DVD" means digital versatile disc.
(b) "CSS" means the Contents Scramble System used to encrypt,
scramble or otherwise protect the contents of certain DVDs from being
copied.
(c) "DeCSS" means any computer program, file or device that may be
used to decrypt or unscramble the contents of DVDs that are protected, or
otherwise to circumvent the protection afforded, by CSS and that permits the
copying of the contents or any portion thereof.
Under the above restraining order, *any* product that can decrypt CSS
and play back its contents is so termed "DeCSS" which means that all
hardware DVD players are "DeCSS" and thus must not be distributed.
Likewise, under this injunction, it seems that Xing, Creative, et.
al. cannot distribute their software DVD players.
For example, my Philips set top DVD player:
1. is a device
2. decrypts CSS encoded DVDs
3. plays them back over a unencrypted output ( the video/audio
connections ), thus allowing me to copy them to any device that
accepts video input e.g. my RCA VCR, my computer via my Pinnacle DC30
capture card, et. al.
and thus , being that it fits the description in 3.(c), is "DeCSS"
Hmmm. Interesting, eh? Contact Circuit City and tell them to cease
and desist selling all DVD players that putput an unencrypted video
feed, otherwise they are violating the restraining order. You might
want to forward this insight on to whoever at the EFF is doing their
defense. This is way too wide and could be overturned quite easily on
the basis that this document includes the licensees of the CSS
decryption method present in DVD players and software.
*Disclaimer*: I am not a lawyer. I never will be. I just thought
through this logically, and saw a large hole.
See Ya
----end quote----
Re:Whacking the mole (Score:5)
/*
* Copyright (C) 1999 Derek Fawcus
*
* This code may be used under the terms of Version 2 of the GPL,
* read the file COPYING for details.
*
*/
/*
* These routines do some reordering of the supplied data before
* calling engine() to do the main work.
*
* The reordering seems similar to that done by the initial stages of
* the DES algorithm, in that it looks like it's just been done to
* try and make software decoding slower. I'm not sure that it
* actually adds anything to the security.
*
* The nature of the shuffling is that the bits of the supplied
* parameter 'varient' are reorganised (and some inverted), and
* the bytes of the parameter 'challenge' are reorganised.
*
* The reorganisation in each routine is different, and the first
* (CryptKey1) does not bother of play with the 'varient' parameter.
*
* Since this code is only run once per disk change, I've made the
* code table driven in order to improve readability.
*
* Since these routines are so similar to each other, one could even
* abstract them all to one routine supplied a parameter determining
* the nature of the reordering it has to do.
*/
#include "css-auth.h"
typedef unsigned long u32;
static void engine(int varient, byte const *input, struct block *output);
void CryptKey1(int varient, byte const *challenge, struct block *key)
{
static byte perm_challenge[] = {1,3,0,7,5, 2,9,6,4,8};
byte scratch[10];
int i;
for (i = 9; i >= 0; --i)
scratch[i] = challenge[perm_challenge[i]];
engine(varient, scratch, key);
}
/* This shuffles the bits in varient to make perm_varient such that
* 4 -> !3
* 3 -> 4
* varient bits: 2 -> 0 perm_varient bits
* 1 -> 2
* 0 -> !1
*/
void CryptKey2(int varient, byte const *challenge, struct block *key)
{
static byte perm_challenge[] = {6,1,9,3,8, 5,7,4,0,2};
static byte perm_varient[] = {
0x0a, 0x08, 0x0e, 0x0c, 0x0b, 0x09, 0x0f, 0x0d,
0x1a, 0x18, 0x1e, 0x1c, 0x1b, 0x19, 0x1f, 0x1d,
0x02, 0x00, 0x06, 0x04, 0x03, 0x01, 0x07, 0x05,
0x12, 0x10, 0x16, 0x14, 0x13, 0x11, 0x17, 0x15};
byte scratch[10];
int i;
for (i = 9; i >= 0; --i)
scratch[i] = challenge[perm_challenge[i]];
engine(perm_varient[varient], scratch, key);
}
/* This shuffles the bits in varient to make perm_varient such that
* 4 -> 0
* 3 -> !1
* varient bits: 2 -> !4 perm_varient bits
* 1 -> 2
* 0 -> 3
*/
void CryptBusKey(int varient, byte const *challenge, struct block *key)
{
static byte perm_challenge[] = {4,0,3,5,7, 2,8,6,1,9};
static byte perm_varient[] = {
0x12, 0x1a, 0x16, 0x1e, 0x02, 0x0a, 0x06, 0x0e,
0x10, 0x18, 0x14, 0x1c, 0x00, 0x08, 0x04, 0x0c,
0x13, 0x1b, 0x17, 0x1f, 0x03, 0x0b, 0x07, 0x0f,
0x11, 0x19, 0x15, 0x1d, 0x01, 0x09, 0x05, 0x0d};
byte scratch[10];
int i;
for (i = 9; i >= 0; --i)
scratch[i] = challenge[perm_challenge[i]];
engine(perm_varient[varient], scratch, key);
}
/*
* We use two LFSR's (seeded from some of the input data bytes) to
* generate two streams of pseudo-random bits. These two bit streams
* are then combined by simply adding with carry to generate a final
* sequence of pseudo-random bits which is stored in the buffer that
* 'output' points to the end of - len is the size of this buffer.
*
* The first LFSR is of degree 25, and has a polynomial of:
* x^13 + x^5 + x^4 + x^1 + 1
*
* The second LSFR is of degree 17, and has a (primitive) polynomial of:
* x^15 + x^1 + 1
*
* I don't know if these polynomials are primitive modulo 2, and thus
* represent maximal-period LFSR's.
*
*
* Note that we take the output of each LFSR from the new shifted in
* bit, not the old shifted out bit. Thus for ease of use the LFSR's
* are implemented in bit reversed order.
*
*/
static void generate_bits(byte *output, int len, struct block const *s)
{
u32 lfsr0, lfsr1;
byte carry;
* initial values are non-zero. Thus when we initialise them from
* the seed, we ensure that a bit is set.
*/
lfsr0 = (s->b[0] b[1] b[2] & ~7) b[2] & 7);
lfsr1 = (s->b[3] b[4];
++output;
carry = 0;
do {
int bit;
byte val;
for (bit = 0, val = 0; bit > 24) ^ (lfsr0 >> 21) ^ (lfsr0 >> 20) ^ (lfsr0 >> 12)) & 1;
lfsr0 = (lfsr0 > 16) ^ (lfsr1 >> 2)) & 1;
lfsr1 = (lfsr1 > 1) & 1)
combined = !o_lfsr1 + carry + !o_lfsr0;
carry = BIT1(combined);
val |= BIT0(combined) 0);
}
static byte Secret[];
static byte Varients[];
static byte Table0[];
static byte Table1[];
static byte Table2[];
static byte Table3[];
/*
* This encryption engine implements one of 32 variations
* one the same theme depending upon the choice in the
* varient parameter (0 - 31).
*
* The algorithm itself manipulates a 40 bit input into
* a 40 bit output.
* The parameter 'input' is 80 bits. It consists of
* the 40 bit input value that is to be encrypted followed
* by a 40 bit seed value for the pseudo random number
* generators.
*/
static void engine(int varient, byte const *input, struct block *output)
{
byte cse, term, index;
struct block temp1;
struct block temp2;
byte bits[30];
int i;
* we alter the seed to the LFSR's used above, then
* generate the bits to play with.
*/
for (i = 5; --i >= 0; )
temp1.b[i] = input[5 + i] ^ Secret[i] ^ Table2[i];
generate_bits(&bits[29], sizeof bits, &temp1);
* select one of 32 different variations on the
* algorithm.
*/
cse = Varients[varient] ^ Table2[varient];
* of these works on 40 bits at a time and are quite
* similar.
*/
for (i = 5, term = 0; --i >= 0; term = input[i]) {
index = bits[25 + i] ^ input[i];
index = Table1[index] ^ ~Table2[index] ^ cse;
temp1.b[i] = Table2[index] ^ Table3[index] ^ term;
}
temp1.b[4] ^= temp1.b[0];
for (i = 5, term = 0; --i >= 0; term = temp1.b[i]) {
index = bits[20 + i] ^ temp1.b[i];
index = Table1[index] ^ ~Table2[index] ^ cse;
temp2.b[i] = Table2[index] ^ Table3[index] ^ term;
}
temp2.b[4] ^= temp2.b[0];
for (i = 5, term = 0; --i >= 0; term = temp2.b[i]) {
index = bits[15 + i] ^ temp2.b[i];
index = Table1[index] ^ ~Table2[index] ^ cse;
index = Table2[index] ^ Table3[index] ^ term;
temp1.b[i] = Table0[index] ^ Table2[index];
}
temp1.b[4] ^= temp1.b[0];
for (i = 5, term = 0; --i >= 0; term = temp1.b[i]) {
index = bits[10 + i] ^ temp1.b[i];
index = Table1[index] ^ ~Table2[index] ^ cse;
index = Table2[index] ^ Table3[index] ^ term;
temp2.b[i] = Table0[index] ^ Table2[index];
}
temp2.b[4] ^= temp2.b[0];
for (i = 5, term = 0; --i >= 0; term = temp2.b[i]) {
index = bits[5 + i] ^ temp2.b[i];
index = Table1[index] ^ ~Table2[index] ^ cse;
temp1.b[i] = Table2[index] ^ Table3[index] ^ term;
}
temp1.b[4] ^= temp1.b[0];
for (i = 5, term = 0; --i >= 0; term = temp1.b[i]) {
index = bits[i] ^ temp1.b[i];
index = Table1[index] ^ ~Table2[index] ^ cse;
output->b[i] = Table2[index] ^ Table3[index] ^ term;
}
}
static byte Varients[] = {
0xB7, 0x74, 0x85, 0xD0, 0xCC, 0xDB, 0xCA, 0x73,
0x03, 0xFE, 0x31, 0x03, 0x52, 0xE0, 0xB7, 0x42,
0x63, 0x16, 0xF2, 0x2A, 0x79, 0x52, 0xFF, 0x1B,
0x7A, 0x11, 0xCA, 0x1A, 0x9B, 0x40, 0xAD, 0x01};
static byte Secret[] = {0x55, 0xD6, 0xC4, 0xC5, 0x28};
static byte Table0[] = {
0xB7, 0xF4, 0x82, 0x57, 0xDA, 0x4D, 0xDB, 0xE2,
0x2F, 0x52, 0x1A, 0xA8, 0x68, 0x5A, 0x8A, 0xFF,
0xFB, 0x0E, 0x6D, 0x35, 0xF7, 0x5C, 0x76, 0x12,
0xCE, 0x25, 0x79, 0x29, 0x39, 0x62, 0x08, 0x24,
0xA5, 0x85, 0x7B, 0x56, 0x01, 0x23, 0x68, 0xCF,
0x0A, 0xE2, 0x5A, 0xED, 0x3D, 0x59, 0xB0, 0xA9,
0xB0, 0x2C, 0xF2, 0xB8, 0xEF, 0x32, 0xA9, 0x40,
0x80, 0x71, 0xAF, 0x1E, 0xDE, 0x8F, 0x58, 0x88,
0xB8, 0x3A, 0xD0, 0xFC, 0xC4, 0x1E, 0xB5, 0xA0,
0xBB, 0x3B, 0x0F, 0x01, 0x7E, 0x1F, 0x9F, 0xD9,
0xAA, 0xB8, 0x3D, 0x9D, 0x74, 0x1E, 0x25, 0xDB,
0x37, 0x56, 0x8F, 0x16, 0xBA, 0x49, 0x2B, 0xAC,
0xD0, 0xBD, 0x95, 0x20, 0xBE, 0x7A, 0x28, 0xD0,
0x51, 0x64, 0x63, 0x1C, 0x7F, 0x66, 0x10, 0xBB,
0xC4, 0x56, 0x1A, 0x04, 0x6E, 0x0A, 0xEC, 0x9C,
0xD6, 0xE8, 0x9A, 0x7A, 0xCF, 0x8C, 0xDB, 0xB1,
0xEF, 0x71, 0xDE, 0x31, 0xFF, 0x54, 0x3E, 0x5E,
0x07, 0x69, 0x96, 0xB0, 0xCF, 0xDD, 0x9E, 0x47,
0xC7, 0x96, 0x8F, 0xE4, 0x2B, 0x59, 0xC6, 0xEE,
0xB9, 0x86, 0x9A, 0x64, 0x84, 0x72, 0xE2, 0x5B,
0xA2, 0x96, 0x58, 0x99, 0x50, 0x03, 0xF5, 0x38,
0x4D, 0x02, 0x7D, 0xE7, 0x7D, 0x75, 0xA7, 0xB8,
0x67, 0x87, 0x84, 0x3F, 0x1D, 0x11, 0xE5, 0xFC,
0x1E, 0xD3, 0x83, 0x16, 0xA5, 0x29, 0xF6, 0xC7,
0x15, 0x61, 0x29, 0x1A, 0x43, 0x4F, 0x9B, 0xAF,
0xC5, 0x87, 0x34, 0x6C, 0x0F, 0x3B, 0xA8, 0x1D,
0x45, 0x58, 0x25, 0xDC, 0xA8, 0xA3, 0x3B, 0xD1,
0x79, 0x1B, 0x48, 0xF2, 0xE9, 0x93, 0x1F, 0xFC,
0xDB, 0x2A, 0x90, 0xA9, 0x8A, 0x3D, 0x39, 0x18,
0xA3, 0x8E, 0x58, 0x6C, 0xE0, 0x12, 0xBB, 0x25,
0xCD, 0x71, 0x22, 0xA2, 0x64, 0xC6, 0xE7, 0xFB,
0xAD, 0x94, 0x77, 0x04, 0x9A, 0x39, 0xCF, 0x7C};
static byte Table1[] = {
0x8C, 0x47, 0xB0, 0xE1, 0xEB, 0xFC, 0xEB, 0x56,
0x10, 0xE5, 0x2C, 0x1A, 0x5D, 0xEF, 0xBE, 0x4F,
0x08, 0x75, 0x97, 0x4B, 0x0E, 0x25, 0x8E, 0x6E,
0x39, 0x5A, 0x87, 0x53, 0xC4, 0x1F, 0xF4, 0x5C,
0x4E, 0xE6, 0x99, 0x30, 0xE0, 0x42, 0x88, 0xAB,
0xE5, 0x85, 0xBC, 0x8F, 0xD8, 0x3C, 0x54, 0xC9,
0x53, 0x47, 0x18, 0xD6, 0x06, 0x5B, 0x41, 0x2C,
0x67, 0x1E, 0x41, 0x74, 0x33, 0xE2, 0xB4, 0xE0,
0x23, 0x29, 0x42, 0xEA, 0x55, 0x0F, 0x25, 0xB4,
0x24, 0x2C, 0x99, 0x13, 0xEB, 0x0A, 0x0B, 0xC9,
0xF9, 0x63, 0x67, 0x43, 0x2D, 0xC7, 0x7D, 0x07,
0x60, 0x89, 0xD1, 0xCC, 0xE7, 0x94, 0x77, 0x74,
0x9B, 0x7E, 0xD7, 0xE6, 0xFF, 0xBB, 0x68, 0x14,
0x1E, 0xA3, 0x25, 0xDE, 0x3A, 0xA3, 0x54, 0x7B,
0x87, 0x9D, 0x50, 0xCA, 0x27, 0xC3, 0xA4, 0x50,
0x91, 0x27, 0xD4, 0xB0, 0x82, 0x41, 0x97, 0x79,
0x94, 0x82, 0xAC, 0xC7, 0x8E, 0xA5, 0x4E, 0xAA,
0x78, 0x9E, 0xE0, 0x42, 0xBA, 0x28, 0xEA, 0xB7,
0x74, 0xAD, 0x35, 0xDA, 0x92, 0x60, 0x7E, 0xD2,
0x0E, 0xB9, 0x24, 0x5E, 0x39, 0x4F, 0x5E, 0x63,
0x09, 0xB5, 0xFA, 0xBF, 0xF1, 0x22, 0x55, 0x1C,
0xE2, 0x25, 0xDB, 0xC5, 0xD8, 0x50, 0x03, 0x98,
0xC4, 0xAC, 0x2E, 0x11, 0xB4, 0x38, 0x4D, 0xD0,
0xB9, 0xFC, 0x2D, 0x3C, 0x08, 0x04, 0x5A, 0xEF,
0xCE, 0x32, 0xFB, 0x4C, 0x92, 0x1E, 0x4B, 0xFB,
0x1A, 0xD0, 0xE2, 0x3E, 0xDA, 0x6E, 0x7C, 0x4D,
0x56, 0xC3, 0x3F, 0x42, 0xB1, 0x3A, 0x23, 0x4D,
0x6E, 0x84, 0x56, 0x68, 0xF4, 0x0E, 0x03, 0x64,
0xD0, 0xA9, 0x92, 0x2F, 0x8B, 0xBC, 0x39, 0x9C,
0xAC, 0x09, 0x5E, 0xEE, 0xE5, 0x97, 0xBF, 0xA5,
0xCE, 0xFA, 0x28, 0x2C, 0x6D, 0x4F, 0xEF, 0x77,
0xAA, 0x1B, 0x79, 0x8E, 0x97, 0xB4, 0xC3, 0xF4};
static byte Table2[] = {
0xB7, 0x75, 0x81, 0xD5, 0xDC, 0xCA, 0xDE, 0x66,
0x23, 0xDF, 0x15, 0x26, 0x62, 0xD1, 0x83, 0x77,
0xE3, 0x97, 0x76, 0xAF, 0xE9, 0xC3, 0x6B, 0x8E,
0xDA, 0xB0, 0x6E, 0xBF, 0x2B, 0xF1, 0x19, 0xB4,
0x95, 0x34, 0x48, 0xE4, 0x37, 0x94, 0x5D, 0x7B,
0x36, 0x5F, 0x65, 0x53, 0x07, 0xE2, 0x89, 0x11,
0x98, 0x85, 0xD9, 0x12, 0xC1, 0x9D, 0x84, 0xEC,
0xA4, 0xD4, 0x88, 0xB8, 0xFC, 0x2C, 0x79, 0x28,
0xD8, 0xDB, 0xB3, 0x1E, 0xA2, 0xF9, 0xD0, 0x44,
0xD7, 0xD6, 0x60, 0xEF, 0x14, 0xF4, 0xF6, 0x31,
0xD2, 0x41, 0x46, 0x67, 0x0A, 0xE1, 0x58, 0x27,
0x43, 0xA3, 0xF8, 0xE0, 0xC8, 0xBA, 0x5A, 0x5C,
0x80, 0x6C, 0xC6, 0xF2, 0xE8, 0xAD, 0x7D, 0x04,
0x0D, 0xB9, 0x3C, 0xC2, 0x25, 0xBD, 0x49, 0x63,
0x8C, 0x9F, 0x51, 0xCE, 0x20, 0xC5, 0xA1, 0x50,
0x92, 0x2D, 0xDD, 0xBC, 0x8D, 0x4F, 0x9A, 0x71,
0x2F, 0x30, 0x1D, 0x73, 0x39, 0x13, 0xFB, 0x1A,
0xCB, 0x24, 0x59, 0xFE, 0x05, 0x96, 0x57, 0x0F,
0x1F, 0xCF, 0x54, 0xBE, 0xF5, 0x06, 0x1B, 0xB2,
0x6D, 0xD3, 0x4D, 0x32, 0x56, 0x21, 0x33, 0x0B,
0x52, 0xE7, 0xAB, 0xEB, 0xA6, 0x74, 0x00, 0x4C,
0xB1, 0x7F, 0x82, 0x99, 0x87, 0x0E, 0x5E, 0xC0,
0x8F, 0xEE, 0x6F, 0x55, 0xF3, 0x7E, 0x08, 0x90,
0xFA, 0xB6, 0x64, 0x70, 0x47, 0x4A, 0x17, 0xA7,
0xB5, 0x40, 0x8A, 0x38, 0xE5, 0x68, 0x3E, 0x8B,
0x69, 0xAA, 0x9B, 0x42, 0xA5, 0x10, 0x01, 0x35,
0xFD, 0x61, 0x9E, 0xE6, 0x16, 0x9C, 0x86, 0xED,
0xCD, 0x2E, 0xFF, 0xC4, 0x5B, 0xA0, 0xAE, 0xCC,
0x4B, 0x3B, 0x03, 0xBB, 0x1C, 0x2A, 0xAC, 0x0C,
0x3F, 0x93, 0xC7, 0x72, 0x7A, 0x09, 0x22, 0x3D,
0x45, 0x78, 0xA9, 0xA8, 0xEA, 0xC9, 0x6A, 0xF7,
0x29, 0x91, 0xF0, 0x02, 0x18, 0x3A, 0x4E, 0x7C};
static byte Table3[] = {
0x73, 0x51, 0x95, 0xE1, 0x12, 0xE4, 0xC0, 0x58,
0xEE, 0xF2, 0x08, 0x1B, 0xA9, 0xFA, 0x98, 0x4C,
0xA7, 0x33, 0xE2, 0x1B, 0xA7, 0x6D, 0xF5, 0x30,
0x97, 0x1D, 0xF3, 0x02, 0x60, 0x5A, 0x82, 0x0F,
0x91, 0xD0, 0x9C, 0x10, 0x39, 0x7A, 0x83, 0x85,
0x3B, 0xB2, 0xB8, 0xAE, 0x0C, 0x09, 0x52, 0xEA,
0x1C, 0xE1, 0x8D, 0x66, 0x4F, 0xF3, 0xDA, 0x92,
0x29, 0xB9, 0xD5, 0xC5, 0x77, 0x47, 0x22, 0x53,
0x14, 0xF7, 0xAF, 0x22, 0x64, 0xDF, 0xC6, 0x72,
0x12, 0xF3, 0x75, 0xDA, 0xD7, 0xD7, 0xE5, 0x02,
0x9E, 0xED, 0xDA, 0xDB, 0x4C, 0x47, 0xCE, 0x91,
0x06, 0x06, 0x6D, 0x55, 0x8B, 0x19, 0xC9, 0xEF,
0x8C, 0x80, 0x1A, 0x0E, 0xEE, 0x4B, 0xAB, 0xF2,
0x08, 0x5C, 0xE9, 0x37, 0x26, 0x5E, 0x9A, 0x90,
0x00, 0xF3, 0x0D, 0xB2, 0xA6, 0xA3, 0xF7, 0x26,
0x17, 0x48, 0x88, 0xC9, 0x0E, 0x2C, 0xC9, 0x02,
0xE7, 0x18, 0x05, 0x4B, 0xF3, 0x39, 0xE1, 0x20,
0x02, 0x0D, 0x40, 0xC7, 0xCA, 0xB9, 0x48, 0x30,
0x57, 0x67, 0xCC, 0x06, 0xBF, 0xAC, 0x81, 0x08,
0x24, 0x7A, 0xD4, 0x8B, 0x19, 0x8E, 0xAC, 0xB4,
0x5A, 0x0F, 0x73, 0x13, 0xAC, 0x9E, 0xDA, 0xB6,
0xB8, 0x96, 0x5B, 0x60, 0x88, 0xE1, 0x81, 0x3F,
0x07, 0x86, 0x37, 0x2D, 0x79, 0x14, 0x52, 0xEA,
0x73, 0xDF, 0x3D, 0x09, 0xC8, 0x25, 0x48, 0xD8,
0x75, 0x60, 0x9A, 0x08, 0x27, 0x4A, 0x2C, 0xB9,
0xA8, 0x8B, 0x8A, 0x73, 0x62, 0x37, 0x16, 0x02,
0xBD, 0xC1, 0x0E, 0x56, 0x54, 0x3E, 0x14, 0x5F,
0x8C, 0x8F, 0x6E, 0x75, 0x1C, 0x07, 0x39, 0x7B,
0x4B, 0xDB, 0xD3, 0x4B, 0x1E, 0xC8, 0x7E, 0xFE,
0x3E, 0x72, 0x16, 0x83, 0x7D, 0xEE, 0xF5, 0xCA,
0xC5, 0x18, 0xF9, 0xD8, 0x68, 0xAB, 0x38, 0x85,
0xA8, 0xF0, 0xA1, 0x73, 0x9F, 0x5D, 0x19, 0x0B,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x33, 0x72, 0x39, 0x25, 0x67, 0x26, 0x6D, 0x71,
0x36, 0x77, 0x3C, 0x20, 0x62, 0x23, 0x68, 0x74,
0xC3, 0x82, 0xC9, 0x15, 0x57, 0x16, 0x5D, 0x81};
Re:You people just don't get it. (Score:5)
> or not the DeCSS software publishes a trade
> secret, the CSS encryption algorithm. This is
> illegal. Plain and simple.
> against the law to publish someone else's trade
> secret without their express permission.
You, sir, are completely wrong. The argument you have just made is the one that has so far FAILED in federal court in California. The argument today in New York had nothing at all to do with trade secrets -- it was a copyright action. And it's not always or even usually illegal to publish a trade secret -- in fact, if you try to keep something a trade secret rather than secure proper patent or copyright protection for it, then it's essentially your responsibility, not the law's, to keep it a secret. If the secret escapes by legitimate means -- such as reverse engineering in Norway, a country where this is explicitly legal -- then it's your problem and you should have done a better job keeping your secret. This is the whole reason we have patents -- to convince people to disclose details of their ideas IN EXCHANGE FOR legal protection of them. If you instead want to keep it a secret, good luck, because the law affords you very limited protection.
You can read much more about how trade secrets apply to this case in the filings from the California case available at http://www.eff.org. But in the meantime you can rest quietly assured that you have absolutely no grasp of the facts or the law.
Cripes, they're serious. (Score:5)
Presto: the protection is compromised, and the DVD coalition is vulnerable to their (erstwhile) partner's legal fury. The content owners could sue the DVD makers right into their pockets for failure to come through on the protection of their content if the DVD coalition doesn't nip this in the bud..
Now, you and me know that there's no way that they can nip this thing in the bud, that they should not have tried to sell disk encryption as part of the DVD package to the content people, but that's moot as far as they are concerned. In the long run, they are screwed, and they just want to take "us" down with them.
Online tyrrany calls for real world activism (Score:5)
2600 is calling for demonstrations against the MPAA, and I for one agree. We need to educate ordinary people on the fact that their right to free speech is in serious jeopardy thanks to the greed and stupidity of an organization (the MPAA) that fell for the DVD-security snake oil and can't admit that it's been had.
This and the Etoy lawsuit are probably the most significant fights to hit our commmunity since the Clipper Chip fiasco. The lines are drawn, ladies and gentlemen; we need to fight with everything we've got to prevent Internet from becoming nothing but a huge, suburban shopping mall. Get involved in an historical fight and have something that you'll be proud to tell your kids and grandkids about, twenty years from now.
TOYWAR [toywar.com]!!
I'd like to see the MPAA... (Score:5)
While they're at it, I'd like to see them sue Sima [simacorp.com], who market this neat little gadget [simacorp.com] that defeats Macrovision I and II (save cash by getting it from these guys [videoguys.com]). It also cleans up the picture my DVD player puts out (tip: use the S-Video inputs whether or not you use S-Video for output; this stops you from using the bypass switch if you use the composite out, but that's a small sacrifice). Let's all watch the MPAA get laughed straight out of court when they go after people who have nothing to do with the WaReZ culture...
(I'd also like them to sue someone who's running for Congress and who's posted several links that apparently violate the DMCA. Bring it on, MPAA; I could use the free publicity...)
Re:You people just don't get it. (Score:5)
It could hardly be more obvious that "the jury is still out" on that one. One judge issued a restraining order, another refused.
Then, if it turns out that that these folks actually do have the law on their side, there is the highly relevant issue of whether the law is constitutional.
Finally, there is the not-so-subtle distinction of having the law on your side and having right on your side. (Opinions will vary: I'm still out on that one, but at least I'm aware that the issue exists.) And for those who do think that right favors 2600 rather than the RIAA, there is always the fallback position of "nonviolent resistance". Thus you may well see people posting the link and going to jail for it, if they believe strongly enough in their own notion of right. It certainly wouldn't be the first time in history that this is happened, and a lot of social good has come from such sacrifices in the past.
And of course... there's the orthogonal issue of how much sway a US judge's ruling holds in other countries. (None, I would hope!) I suspect that what we are seeing is a tiny facet of a decades- or centuries-long trend of the USA turning itself into a technological backwater because the system is set up so that neither innovations nor freedoms can be allowed to stand in the path of corporate profits.
--
It's October 6th. Where's W2K? Over the horizon again, eh?
Re:You people just don't get it. (Score:5)
There are three essential elements to prove the existence of a trade secret: (1) it must be commercially
valuable information, (2) not in the public domain, and (3) the subject of reasonable efforts to maintain
its secrecy. Further, liability for trade secret misappropriation, to be effective, must extend not only to
the actual misappropriator but also to all other persons who know or should know that they are the
recipients of such information obtained by unauthorized acquisition, disclosure or use (third-party
liability). Finally, there must be effective remedies including injunctive relief, damages, and ex parte
seizure orders to prevent infringement and to preserve evidence.
I contest there have not been reasonable efforts taken to maintain it's secrecy according to #3 above. Reasonable efforts would have consisted of using any of the widely available strong encryption algorithms.
What they did would be equivalent to Pepsi including their ingredients list in the can, then telling you not to look. Just SAYING not to do it doesn't mean reasonable measure have been taken.
If any thing, the should be suing Xing.
You can maybe even argue that it's not even commercially valuable information according to #1. Producers of standalone players and DVD publishers still need to license the technology. They have not "lost" anything.
Sounds like time for (Score:5)
Sounds like time for a chain letter.
Any body want to get it started?
Hi! Please send this source code to your ten closest friends. If you do, The Justice Department will search your computer for free!
Better yet - what about an Outlook Express virus that propagates the source code???
(I can't believe I actually just suggested that. Must be the drugs. I had surgery the other week & I'm still in recovery.)
--
Greetings New User! Be sure to replace this text with a
It was never copy protection (Score:5)
It was playback protection.
DVDs must be decrypted to VIEW them. Therefore, only "sanctioned" players - ones that the MPAA had released a decryption key to - could play them. The encryption provides NO protection against copying, with or without DeCSS.
I know this is pretty much common knowledge around here, but more of the mainstream media is starting to read this site. So they should hear it again.
SEAL
Now's a good time... (Score:5)