Follow Slashdot stories on Twitter


Forgot your password?
The Courts Government News

Injunction Against 2600 for DeCSS 466

Vito writes "Figures. Mitnick's free, but now a federal court has issued a preliminary injunction against the 2600 website, and its webmasters have been threatened with immediate imprisonment, over the distribution of the DeCSS source code. Time to start that data haven." This is just the latest in the DeCSS fiasco, and it certainly won't be the last. The difference between this and the DVD CCA battle is that these are federal court cases, which is why terms like 'immediate imprisonment' are being tossed around.
This discussion has been archived. No new comments can be posted.

Injunction Against 2600 for DeCSS

Comments Filter:
  • by Anonymous Coward
    CSS is like a manufacturer of door locks that uses the same key for every lock that they sell.

    To prevent people from figuring this out, they include a piece of paper in the box that says "by opening this box, you agree never to try your key on anyone else's lock".

    Someone figures out that every key to a CSS door lock is the same, and tells the public, because with that information, hey, the locks are basically worthless as far as security goes.

    CSS then attempts to make the government imprison anyone who knows this piece of information, because it would damage their business of selling (defective) locks, and of course they can't go back and change EVERY lock they ever sold to use unique keys.
  • by Anonymous Coward
    Here's the real heart of the matter. Here's one criteria for what they were banned from distributing: "has only limited commercially significant purposes ". (See the injunction at for complete text.)

    So now in considering freedom of speech, we're first looking at how much money is involved.
  • In 1919, "the manufacture, sale, or transportation of intoxicating liquors within, the importation thereof into, or the exportation thereof from the United States and all territory" was prohibited. Did this get rid of alcohol? Nope. It just drove it underground where it was still widely available and made the Mafia into one of the nation's most profitable "businesses". Legal or not, people still wanted alcohol. And gov't learned that it cannot go against the will of the people (from whom their power truly derives). The Prohibition amendment was repealed in 1933. The only other option was to incarcerate well over 50% of the population. Is there any point to maintaining law and order if it means that EVERYONE is a criminal? This was not an option.

    Well, information is like booze. People will do anything to get it. Illegal or not. And the internet gives anyone with a computer and a net connection the ability to be an information importer/exporter/distributor. This gives each and everyone of us the potential to become a one-man international Mafia. Stop this? All govt's combined do not stand a chance. Like booze, knowledge, information cannot be suppressed once released into the public realm. The RIAA has taken on a truly impossible mission and will meet with the same success as the Feds did at stopping liquor sales.

    The logical thing for the RIAA to do is to officially license distributors of CSS manipulating programs. Tax the licensee a fee and let the programs be sold for profit. Most people will go for the legal product if it's available. The Linux crowd will no longer have an excuse to use "illegal code" to play DVDs. And only then will the RIAA have a stable platform from which to strike out at those making and distributing illegally copied DVDs (I refuse to use the word "pirate") of their product, because legal alternatives were available. In fact, the RIAA would probably make more money from licensees than what they claim to be "losing" as a result of the DVDs that they think are being illegally copied with DeCSS and its ilk.

  • This means the movie company feels that it has "lost" $50,000,000, which has been "stolen" from them, since obviously no one will ever see this movie in the theatre or buy their own copy again now that someone has managed to play it under Linux...

    I quote from "the Bible" on stupid government hacker punishment, Bruce Sterling's The Hacker Crackdown, 4:2 [] and a few pages down... (feel free to read more, it's all relevant--in this case, I didn't even quote *enough*.)

    The E911 Document was also proving a weak reed. It had originally been valued at $79,449. Unlike Shadowhawk's arcane Artificial Intelligence booty, the E911 Document was not software - it
    was written in English. Computer-knowledgeable people found this value - for a twelve-page bureaucratic document - frankly incredible. In his "Crime and Puzzlement" manifesto for EFF,
    Barlow commented: "We will probably never know how this figure was reached or by whom, though I like to imagine an appraisal team consisting of Franz Kafka, Joseph Heller, and Thomas

    As it happened, Barlow was unduly pessimistic. The EFF did, in fact, eventually discover exactly how this figure was reached, and by whom - but only in 1991, long after the Neidorf trial was

    Kim Megahee, a Southern Bell security manager, had arrived at the document's value by simply adding up the "costs associated with the production" of the E911 Document. Those "costs" were as

    1.A technical writer had been hired to research and write the E911 Document. 200 hours of work, at $35 an hour, cost : $7,000. A Project Manager had overseen the technical writer. 200
    hours, at $31 an hour, made: $6,200.
    2.A week of typing had cost $721 dollars. A week of formatting had cost $721. A week of graphics formatting had cost $742.
    3.Two days of editing cost $367.
    4.A box of order labels cost five dollars.
    5.Preparing a purchase order for the Document, including typing and the obtaining of an authorizing signature from within the BellSouth bureaucracy, cost $129.
    6.Printing cost $313. Mailing the Document to fifty people took fifty hours by a clerk, and cost $858.
    7.Placing the Document in an index took two clerks an hour each, totalling $43.

    Bureaucratic overhead alone, therefore, was alleged to have cost a whopping $17,099. According to Mr. Megahee, the typing of a twelve-page document had taken a full week. Writing it had taken
    five weeks, including an overseer who apparently did nothing else but watch the author for five weeks. Editing twelve pages had taken two days. Printing and mailing an electronic document (which
    was already available on the Southern Bell Data Network to any telco employee who needed it), had cost over a thousand dollars.

    But this was just the beginning. There were also the hardware expenses. Eight hundred fifty dollars for a VT220 computer monitor. Thirty-one thousand dollars for a sophisticated VAXstation II
    computer. Six thousand dollars for a computer printer. Twenty-two thousand dollars for a copy of "Interleaf" software. Two thousand five hundred dollars for VMS software. All this to create the
    twelve-page Document.
    pb Reply or e-mail; don't vaguely moderate [].
  • Here's mine [] as well.


  • When the code has been splashed over most of the Internet, for a significant period of time?

    It's hardly secret anymore, if you ask me. (Oh, you didn't. Oh well, never mind.)

    Then, there's this little matter of encryption. It's basically an XOR function, or very very little more. To the best of my knowledge, the XOR operator has been public domain for some considerable time.

    Last, but not least, DeCSS does =NOT= break trade secrets, as it is NOT using the same code as the CSS encoders used by the commercial sector. (This IS important, as it has been a factor in a number of Intel instruction set lawsuits, in the past. Case law beats 4 of a kind.)

  • You actually BOUGHT fscking STOCK in LinuxOne? What a complete jacka... erm, wait, that's LINX. I stand corrected ;)

  • Here's my mirror [] in case there are someone here who don't have it yet :)
  • The whole point of Stego is that you cant say if something is or isn't there. In MP3Stego, it changes around the LSB of each frame. yes, there is a slight change in the music, but its almost subliminal. You cant tell which is the original music and which is the Stego file.

    About the legal issues, I don't think any such case has come up where someone hides something in a freely available document. If a message is just lists of numbers of bytes in a particular file, then only the message should be illegal. But there is a very fine line to be drawn. Its a tough legal question, and I do not envy the judge stuck with it.
  • What you are really talking about is stenography. The process of hiding data in other data. Usually you also encrypt the hiden data such that it is impossible to prove (with the decryption key) that there is even hidden data in the first place.

    Stenography is a relativly new area for both cryptography and the legal system. As I understand the current law (IANAL), both parts of your system (the carrier and the key) are illegal. Any document used to carry "illegal information" is illegal. At some point, this law will have to be revised (when someone hides info in the text of a supreme court case for example, then sues governemnt for distributing it [this will never happen tho]).

    In the meantime, I believe there is a precedent for your home movie to become contraband. I'd love to see that in the media "NSA arrests father for illegal home movie." What is really needed is a way to make the VHS tape still contain the data, because the computer file is subject to restrictions that the video isn't. Like I say, it would be amusing.


    PS: if you are interested, there are a bunch of really good papers out there on stego that are readable to the non-cryptographer. From the software end there is some really nifty stuff, my favorites being MP3Stego (hides a few hundred k in an MP3 file) and StegFS (compatible with ext2fs, but hides date in 16 "security levels" which are stored in the unused blocks of the ext2fs. And does it in such a way as you cannot prove the existance of the data.) Very fun.
  • According to 2600's page, Time Warner is one of the plaintiffs. Given their impending merger with AOL, two things come to mind:

    1) This shows that the AOL-TimeWarner merger is indeed news for nerds, and all the naysayers last week had valid concerns. Big Media are not on our side, and they're invading our space from the inside (the merger) as well as attacking from the outside (the DVD actions).

    2) Conversely, maybe Time Warner has a more direct interest in not pissing us off, or at least as much AOL ever did. Does anyone have good contact info for them?

  • Wired [] is carrying the story here []. This is the part that really scared me: after hearing only three hours of argument, judge Louis A. Kaplan pronounced, "I don't think there's the slightest question that the plaintiffs have a very good chance of success." If we can't count on a judge not to prejudge.....

  • Count me in.
  • Sounds like the judge was on the side of the industry from the beginning, and was also not terribly competent in the technical department. A few quotes from a Wired Article []:

    "I don't think there's the slightest question that plaintiffs have a very good chance of success," Judge Kaplan said in issuing his decision.
    "Now really, Ms. Gross, I think it's a mistake for you to assume you're talking to a moron," said the judge, who pronounced Linux with a long "i" (the correct pronunciation is LIH-nix), and required a short briefing on the concept of linking.
    In addition, the judge was exceptionally hard on the EFF lawyers:
    The judge scoffed at these arguments and others, frequently interrupting Gross and Levy and chiding them for a lack of preparation. On Tuesday, Judge Kaplan had denied a request by the EFF legal team for a postponement.
    This article [] also offers some insight into the way the trial went:
    Judge Kaplan offered a speedy trial for the suit, "as early as next Tuesday if you want it," he said to MPAA counsel. "I would like this tried as soon as possible. I offer you a runaway train if that's what you want. My schedule is clear for this." Defendants' counsel requested a delay and the judge agreed to accept an application for an alternate date. [SNIP] The order and Judge Kaplan's decision should provide First Amendment advocates with a lot of tough meat to chew on. He seems to have to decided to try to put an end to overuse and abuse of the First Amendment for inappropriate defense of the indefensible, as he put it. He specifically ordered that links to sites which offered DeCSS be prohibited, even though Proskauer tried to get that changed in his order to prohibit only links to download DeCSS itself.

  • Just mirror the code, guys. Here's mine [].

    Reminds me of a game called "whack the mole". I made a post about this earlier, but I'm too lazy to go dig it up. For now, just post mirrors under this thread. I want to get my name on this lawsuit too... I figure with several thousand defendants we can't lose. :) "Yeah, the RIAA just sued the ENTIRE internet, film at 11!"

  • would get a clue - they keep acting like they're afraid of their own shadows and jumping in fright at the littlest thing (kinda like the whole Y2K business all over again). These existance of VCR didn't drive theaters out of business; the existance of the web isn't driving print media out of business; and the ability to play back/copy media - which has existed since media was invented - doesn't automatically lead to rampant piracy and loss of "billions and billions" in revenue, digital or not. Leave people alone, just give us the facts, and we'll do the right thing. Beleive it or not, people are NOT so innately criminal in nature that they need a noose around their necks to keep them honest.

    I'm getting a little fed up with the authorities cracking down on the POTENTIAL to commit a crime, like the Ramsey electronics raid, instead of the criminals themselves. Used to be you could copy, say, 8-track tapes. Whoopdedoo. Some people tried to setup for-profit pirate operations, and a lot of them got busted over it to. Nowadays we're guilty of crimes just because we CAN commit them, jeezus.

    The Scarlet Pimpernel
  • It's one thing to be pissed off at the studios. It's another thing to boycott them! DVD's are great, and these companies make most of them. So screw this boycott!!!

    I say, screw you. These companies are trampling on your rights, and you're paying them to do it every time you buy a DVD or rent a video. I for one refuse to feed the mouth that bites me. I've joined the boycott. If you gave a damn about your freedom of expression, you'll stop giving these people your hard earned money.

    I like movies too. But if having movies means paying people to destroy open-source software, then fuck the movies. I'll play Quake instead. At least ID software supports what we're doing.

    TOYWAR []!!
  • Ok folks, the list of the mirrors posted in this thread that I promised is running here. [] Please email me at [mailto] if you would like to be added to the list.
  • Here's [] my mirror. Alright folks, here's an idea, everyone post their mirrors here (if you don't have one, go to one of the links and get it), and I'll create a link page based off of this thread. I encourage others to do the same. To be honest, I think whacking the mole is a bit of a weak analogy, I think "putting the shit back in the horse" is a bit more analogous.
  • See : [] []



    Since I did it by hand in "vi" without even needing to analyse the algorithm (a simple sustitution cipher is the first thing anyone wuould check), I guess my brain is illegal, according to the MPAA's viewpoint. Or vi is, though I could just as easily have used a pencil and paper.

    I guess you made your point very well. Why can't those dumb lawyers see this>

    Consciousness is not what it thinks it is
    Thought exists only as an abstraction
  • I see this product allows the copying of DVD's. I noticed at the bottom of that page, the following warning:

    *Use of these products for unauthorized duplication of copyrighted material from DVIX, DVD, VHS or other media is prohibited under federal copyright laws unless the copy qualifies as a far use under the Copyright Laws.

    Consciousness is not what it thinks it is
    Thought exists only as an abstraction
  • (Apologies to the reader in advance for some more offensive imagery employed. If your world is G rated, do not continue reading.)

    You are truly an idiot.

    Others are risking financial ruin and even imprisonment in order to fight for our rights to free expression and fair use which morons like you take for granted, and you can't even get off your lazy ass and find some other way to entertain yourself for the duration of this fight? Words are inadequate for me to express my contempt for both you and the stance you advocate. Go back to eating your pretzels on your beer stained recliner and shut your mouth, for that is precisely the only right to expression you will have left if the attitude you espouse defines our response to this outrage, and it is indeed the only right to expression you have earned.

    I suppose the thougt of reading a book instead of watching a movie never occurred to you. Most movies are based on novels, or have book versions of the scripts published at a later date. In the vast majority of such cases the book is vastly superior to the movie. Of course, reading may require a greater level of effort than your capable of, and might require you to occasionally put down your Colt 45 beer or your crack grinder in order to turn the pages.

    In the meantime, the rest of us will pay your blithering idiocy the attention it deserves (read: none). In my case, I will no longer purchase any movies of any kind (which will cost the MPAA members a very sizable sum based on prior purchases of Laser Disks and DVDs). I may consider renting a DVD movie instead, as that vastly reduces the profits the movie industry makes. However, seeing a film in the theater or purchasing the media are no longer options for those of us unwilling to spread our ass cheecks for the MPAA.
  • Watching the OSS community squirm is amusing.

    Actually, just about everyone I know (online and real life) who is into OSS is posting mirrors and laughing all the way. I really haven't seen any squirming.

    Please don't pretend to be stupid enough to claim it's anything to do with legal copies of your own DVDs. Crap and you know it and we know it.

    Perhaps you haven't been paying attention at all. Or perhaps you are just really dense. It is EASIER to make a copy of a DVD without decrypting it. Understand that? I didn't think so. The only reason you would want to decrypt it is to VIEW it. A perfectly reasonable use of your own DVD disk, now isn't it?

    DVDs are copyrighted, you have NO right to make any copies of it EVEN for your own private use (this is not like VHS or CDs).

    Oh really? Explain the what is different. The content in DVDs ARE copywrited, but I'm still allowed to view it if I own it. However, the encryption method WAS NOT copywrited, therefor, I may publish it at will. Others in this thread have touched upon this more than I.

    Josh's post is right on the money.

    Actually it contains many factual errors, again disputed elsewhere in the thread.

    To create a tool that does so and/or to distribute it is illegal.

    It's illegal for me to copy VHS tapes or record movies off HBO, but I can sell my VCR (which, believe it or not, can do this)
    The funny thing is, DVD-CSS DOES NOT HELP you in copying DVDs. It's easier (and possible) to just do a bit by bit copy onto another disk. No decryption is needed.

    Please read what others have written and follow the links to revelant information before making statements that serve only to make you look silly.


    Bill Gates: "Innovation"
  • These folks have the law on their side. Like it or not the DeCSS software publishes a trade secret, the CSS encryption algorithm. This is illegal. Plain and simple. Doesn't matter what you are going to use it for - piracy or viewing, if you plan to profit from it or not - it's just plain against the law to publish someone else's trade secret without their express permission.

    No sucessful Open Source product will ever be based on DeCSS because the DVD industry will continue to defend their valid legal right to their trade secrets and impose severe penalties on anyone who dares to defy them.

    You say 'the genie is out of the bottle' - wait until the coders of the Linux DVD project get threatened with imprisonment and million dollar fines - we will see how far this project progresses.

    You want a Linux DVD player? Get some venture capital together, buy a license for the algorithm, and go to town. Sell it to all the large linux re-packagers (redhat et al.) and laugh all the way to the bank.

  • 95% of (but not all, so don't remind me) Slashdots readers are posturing, or else they're just doing it for the "me too" effect. Yes, they'll put the code on a site, but when push comes to shove, and the FBI shows up at their house and explains to their mom that their computer is being used for illegal activites, there goes that website.

    The alternative is the lot that just want's to look cool in the eyes of /. But as soon as they get a letter that explains that they're criminally liable if this issue gets cleared up in such a way that DeCSS is illegal, they'll drop it too.

    If you trully believe in what you're doing, then by all means do it. But don't talk the talk when you aren't prepared to walk the walk, please.
  • Because they have reason to believe that you could cause real and permanent harm against the plaintiff. Just as eMachines and whoever else injunctions placed against them by Apple, which prevented them from shipping their copycat machines until the issue came to trial. Of course, eMachines realized that they were either in the wrong or simply didn't have the funds to fight the fight and backed off completely.

    The injunction itself is a bad sign. That means that the judge has heard the plaintiffs and believes them enough to try to stop distribution of the product until the issue's resolved. He or she is listening to the industry and believing what they say. And if it goes through, then most of you moles will get whacked.

    Time to enlist overseas developers to further this cause.
  • Linux needs a DVD player (among other things) then it should pay for the license just like everyone else.

    I'm sure there are plenty of people who would be happy to pay money for a proprietary DVD viewer which runs under Linux. This is the same set of people who would pay for Opera under Linux or for closed-source games, for example. Unfortunately, there are no DVD viewers available for Linux at any price. That is, until some hackers got fed up with the situation and wrote one.

    DVDs are copyrighted, you have NO right to make any copies of it EVEN for your own private use (this is not like VHS or CDs).

    How, exactly, are DVD's not like CD's? Both contain copyrighted material, both are combinations of bits on a physical medium, both are licensed to users for their own home viewing, and as far as the legal system is concerned, up to this point users have exactly the same rights to make a backup copy of a DVD for archival purposes that they have to backup a CD.

    Today, right now, the law states you cannot make copies of DVDs. Period.

    I think you need to be a little more specific. Obviously someone is copying DVD's - there's a bunch for rent at the video store down the street :) That was an absurd counterexample, but if this case was as open-and-shut as you say, I don't think we would be seeing nearly the amount of controversy that we are. Please specify the exact law which specifies that it is illegal to copy DVD's for any purpose, at any time. Answer: there is no such law - there are laws which may restrict your rights to copy DVD's for some purposes and at some times, but there is no absolute ban on the practice. The exact interpretation of these restrictions is the real reason the whole issue is in court right now.

    Linux could have a DVD player (like Windows has) - they just had to do what anyone else has to do.

    There's more than one way to do it(tm): Windows users are happy to pay for their proprietary DVD-viewing software, and I'm sure some Linux users would feel the same. But until such a thing exists for Linux users, it's ridiculous to expect them to wait an indeterminate length of time for that product when there are alternative but completely legal (or at least I assume that they are legal pending a court decision otherwise) means of viewing DVD's under Linux.

    I agree with your point that if the law is wrong, fight that first. That's why I'm happy to see the EFF (in another Wired article yesterday) mention that they were planning to challenge the constitutionality of the DMCA during this legal challenge. However, I'm not convinced that the existing law was broken in this case. Now if someone is actually using Linux + DeCSS + a professional-grade DVD writer + a bunch of DVD blanks to bootleg copyrighted DVD's, then I will agree with you that that person is doing something illegal (at least within the U.S.) and I wouldn't be defending them. But just distributing code which could be used for that purpose is not the same thing at all, and linking to a site which distributes that code is no more illegal than a newspaper that prints the street addresses where lots of drug busts occur.

  • Here's a gif graphic that has the code in the comment blocks:
    the ribbon page []
  • No sucessful Open Source product will ever be based on DeCSS because the DVD industry will continue to defend their valid legal right to their trade secrets and impose severe penalties on anyone who dares to defy them.

    Injunctions without a trial can't last forever. Assuming the DVD consortium doesn't give up, this will eventually go to trial. And when you follow that case in court, you will learn something that you apparently haven't found out about yet.

    DeCSS is not based on stolen or leaked specifications or source code. Instead, DeCSS was constructed from analysis of a DVD player binary. There's no trade secret involved; it's simply a matter of reverse engineering. When those facts are compared to the law, the defendants win.

  • The whole point of filing this kind of motion is to ask the judge to prejudge. The plaintiffs are saying, "The defendants are doing so much irreparable damage to us that if we wait for the end of the trial to collect damages, it will be too late. So please make the defendants stop doing This Bad Thing temporarily, and then we can spend the rest of the trial proving our case in more detail."

    Obviously, sleazy plaintiffs can abuse this technique, but if it weren't available, then it would be easier for sleazy defendants to commit other kinds of abuse.

    (I'm not defending the MPAA, just defending this particular aspect of legal procedure.)
    "But, Mulder, the new millennium doesn't begin until January 2001."

  • And I quote:

    (b) "CSS" means the Contents Scramble System used to encrypt, scramble or otherwise protect the contents of certain DVDs from being copied.

    All that needs to be proven is that DVD's can be copied without DeCSS and the entire basis of the injunction can be thrown out. The Judge clearly believes that DeCSS is meant to make it easy to copy DVD's which is definitively not the case.


  • And I quote:

    (b) "CSS" means the Contents Scramble System used to encrypt, scramble or otherwise protect the contents of certain DVDs from being copied.

    All that needs to be proven is that DVD's can be copied without DeCSS and the entire basis of the injunction can be thrown out. The Judge clearly believes that DeCSS is meant to make it easy to copy DVD's which is definitively not the case.


  • To:Department of Investor Relations and Sales

    Dear Sirs:

    Just so you know, I will not be buying any DVD products from your company until such time as the MPAA, etc. drop all actions against websites carrying the DeCSS code. In addition, I will not be investing (or further investing) any amount of money in your companies for the same reasons.

    Thank you.

    Note to Slashdot Readers:

    All of the above URLs are active as either email addresses or contact form pages. I would suggest that now would be a good time to exercise the /. effect and your brains (don't just copy my message) on behalf of the websites targeted by the MPAA.

    P.S. If any of the URL's don't work, please fix them. I felt like it was more important to get this posted than to triplecheck all the links.

  • On the off chance that any MPAA execs are surfing the slash and see this post, I just want you to know that I bought a nice new computer a few months back, but I opted out of the DVD drive because it didn't have Linux support.

    And I don't have a set top. So you aren't selling me any DVDs.

    Moreover, I quit buying video tapes a year or so ago when I saw that they would be an investment in obsolete technology.

    I.e., you aren't selling me anything.

    Oh, yeah: my next stop is the EFF page. Gotta join that revolution before you shut down the Web too.

    It's October 6th. Where's W2K? Over the horizon again, eh?
  • DeCSS was designed from the word go to bootleg CDs.

    How do you know this? Are you privy to some information that none of the rest of us are? Did you perhaps ask the designers what their purpose was? The problem is that a great deal of this case hinges upon intent. What did the programmers intend? What is the intended purpose of this program? Do the owners of the websites intend for users to bootleg DVD's?

    I highly doubt the original intent was to bootleg. With the current cost of media to copy the DVD to bootlegging appears uneconomical. It seems unlikely that a DVD bootlegging program would be created to utilize a a technology not already at market. If the intention had been to bootleg, why doesn't the program downsample and save at a lower resolution so the DVD can be saved on a CD-R? It's not that much more difficult than writing the DVD to disk. If the honest intent of DeCSS had been to pirate I think it would have been a far more functional program.

    DVDs are copyrighted, you have NO right to make any copies of it EVEN for your own private use (this is not like VHS or CDs).

    *IANAL* I'm afraid this is quite inaccurate. The DMCA specifically says that it does not invalidate the doctrine of Fair Use which states (in part) that you may make private copies for personal use of a product you own.

    Whether you like it or not; agree or not. Today, right now, the law states you cannot make copies of DVDs. Period To create a tool that does so and/or to distribute it is illegal.

    Again, wrong. To create a tool whose SOLE or PRIMARY purpose is to copy DVD's is illegal.
  • I want to encourage everyone to follow Maxmenos' suggestions above. I don't have words for how appalled I am. However, I just joined the EFF 5 minutes ago.

    Come on everyone - Use the slashdot effect for good. Join EFF! It's a secure site, and it starts at $20! []

    Come on, go do it now! All that is required for evil to triumph is for good people to do nothing.

    As the EFF press release says:

    "Today's decision is a major wake up call for the $30 billion Linux community," said EFF Co-founder John Gilmore. "If Judge Kaplan's reading of the DMCA holds, then it will become illegal to build open source products that can interoperate and/or compete with proprietary ones for displaying copyrighted content."

    (Yeah, this is redundant. But it's worth repeating.)
  • No, its only illigal to give and accept trade secrets if they where aquired by illigal means. For example if I broke into the Pepsi factory (or given recipe under an NDA) and found their recipe then gave it away, I would be violating the law. Now if I am a really good chemist and I derive the recipe from its base chemicals so that I can make myself, then give/sell the recipe that is perfectly legal.
  • Here's part of the definition given in the injunction, what constitutes deCSS :

    (c) "DeCSS" means any computer program, file or device that may be used to decrypt or unscramble the contents of DVDs that are protected, or otherwise to circumvent the protection afforded, by CSS and that permits the
    copying of the contents or any portion thereof.

    "any device that may be used to decrypt or unscramblw the contents" hmm, isn't that what any DVD player has to do... (and yes I can copy the content to S-VHS or something)

    Does that mean that 2600 have to give back all their DVD players ;-)

  • If you don't think your posts are worth +2, then check the box that says "No Score +1 Bonus", Check my user info, and you'll see that most of my posts are +1, but this one is not... see?

    "Subtle Mind control? why do html buttons say submit?",
  • What is wrong with you?

    The encryption provides NO protection against copying, with or without DeCSS.

    A normal DVD player cannot read the entire disk with normal DiskIO functions. Only when the movie is played can the data be recoverd. You can bit-for-bit the encrypted stuff, but it isn't going to do you any good without the key part.

    I know this is pretty much common knowledge around here,

    Yes it is, witch is weird, beacuse its not true. In order to get a true bit-for-bit copy, you'd need to rewire the DVD player internaly, or build your own.

    "Subtle Mind control? why do html buttons say submit?",
  • Yes, 56-bit encryption called not safe enough by German court []. But a skeleton lock is not safe enough, but does not make lockpicking legal where it is illegal. Unfortunately, common sense is not common enough.
  • The DVD CCA's purpose is to stop anyone from bypassing their efforts. Control is their business. You can only alter their behavior if you join the DVD CCA and change their purpose. Or if their other members tell them.
  • I guess that's a good question, but isn't an injunction different than a final judgement? I thought the idea was to stop whatever is going on because you convinced the judge you are suffering irreparable harm, yet to be proven -BTW, so they shut you down until you have your day in court. Sucks, but I think that's the idea, knock it off for now until we decide if you're really breaking the law because if you are wrong, there's no way to stuff the shit back in to horse that comes out for the two years that it takes to decide the case. If you end up winning, and you've been shut down all this time, oh well- too bad.

    Course, if you've wrongfully siffered financial harm because of the injunction, do you have grounds of a counter-suit?
  • >and, just why is this post rated score:2 ?

    Because of the karma system and the moderators actions on my posts, I have a stupid amount of karma which adds a +1 to every post I make (see my new sig)
  • Thanks Chad, I do know that. My problem lately is I'm too lazy to click that box and frankly I'm a little tired of the whole karma/moderation thing. I'm just going though a period of civil disobedience after being accused of being a karma whore when all I'm doing is posting relevant comments and questions instead of just being an ass like everyone else seems to be around here anymore.

    Guess it's just time to turn off scores and browse at -1 and not look at my user info page to see what replies to my comments are like. But then that kind of defeats the purpose. Dunno, maybe I just had too much for one day, you know?
  • This seems (someone please correct me if I'm wrong) to be the first real 'butting of heads' between the 'Internet' and 'The Real World'. At the very least its the first time that it is effecting enough people that your average power-user cares, and is taking both an interest and a stand.

    I hope it ends better than this one... but I do wonder less and less about the sentiments.

    "When, in the course of human events, it becomes necessary for one people to dissolve the political bonds which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the laws of nature and of nature's God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation."

    -- Preamble to the Declaration of Independance []


    Colleen:Its a black-hole.
    Hunter:Is that a good thing?
    C:It is if you want to be compressed into oblivion.
    H:Oh.. coooool.
  • Well, to be about the billionth person to explain this...

    1) Being a trade secret they have to dilligently protect it, it's not clear that there encryption meets a due dillegence standard

    2) The person who broke the encryption was a minor, hence any shrink wrap licensce is unenforcable on them

    3) The minor was from a foreign country where reverse engineering was valid

    4) reverse engineering is allowed for interoperability, the software makes DVD's interoperable with linux hardware this is the "only" way to software decode DVD's on linux so that they can be watched.

    5) this isn' just about DeCSS, there is also that whole freedom of speech thing...

  • Now if I could just get one of these to tie onto my car....

  • Several other people have called for people to join the EFF and ACLU, but they forget the most obvious connection.

    Subscribe to 2600! Today

    Hell, take just part of the cost of DVD player you've put off buying and buy a lifetime subscription to 2600, then send a copy of the check (with an explanation) to the MPAA!
  • AFAIK, it *IS* possible to bit copy DVDs, in principle. Reading Andreas Bogk's comments, ( html) duplication of DVDs was possible without DeCSS). Of course, the copied content isn't plaintext, (its still encrypted) but saleable to an unsuspecting consumer.

    I'm sure the *real criminals* who try to make money from pirate DVDs have factories where they can whack out thousands of copies a day.



  • If you have the means, here is an action to define "irony"...

    Send the package to:

    Jack Valenti
    c/o Motion Picture Association of America (MPAA)
    15503 Ventura Blvd.
    Encino, California 91436

  • IE just ate my original lengthy response to your comment, so I'll be brief. (I typed an URL in a different window, and it decided to open it in this one for no apparent reason... Grumble.)

    Despite the prevailing opinion on Slashdot, it's my impression that you can't actually do a bit-by-bit copy of a DVD. The DVD reader hardware simply won't allow you to read the decryption keys off the disc. (It will only use them internally.) So if you tried to simply copy a DVD, you'd end up with a whole lot of encrypted data and no keys to decrypt it.

    Of course, this assumes that the hardware enforces the security. I don't know how hard it is to find "rogue" DVD drives, or to modify standard drives to allow copying, but I suspect it's not very easy... Correct me if I'm wrong.

    Disclaimer: The MPAA / DVD CCA is still wrong. Illegal copying is by no means the primary purpose of this software, and it certainly isn't the software's only use, which I believe is what the MPAA's lawyers would need to prove. We should just bear in mind that allowing easy copying of DVDs is a necessary side effect of open source DVD playing.
  • From the link you posted (which was generally very informative):
    ...the decryption key is stored on the disk, at a place where it isn't directly readable on an ordinary PC DVD drive.
    ...sufficient for copying a DVD: just copy all of the sectors and the key information.

    Based on the information in the article, it still seems to me that a DVD drive will only provide an encrypted key for a particular player, based on that player's own key, and will not under any circumstances provide the entire key area. (Which you would need to copy an encrypted DVD.)

    Actually, as I read Bogk's comment again, it seems that his point is that you do need a "crack" to copy DVDs, it's just that DeCSS is not that crack. The analysis of the key exchange system that appeared anonymously about a year ago was sufficient to break the copy protection.

    If my understanding of that is correct, then it may have interesting legal implications for the DeCSS case, but my basic point is still true: Assuming strong encryption and a bug-free implementation (neither of which actually happened), CSS should, in principle, prevent DVD copying.
  • Assuming that someone has the physical capability to make DVDs, they don't need the CSS decoder.
    No, that's precisely the point. It doesn't matter if you're a warez dood or a commercial authoring house, DVD reading hardware cannot be used to copy encrypted data. The only way I can see to copy a DVD would be to use DeCSS to gain access to the decrypted data, or to use DVD hardware that does not enforce the protection. (And such hardware would obviously not be granted a key by the DVD Powers That Be, making it useless as a general purpose DVD reader. I don't know if cracked drives like these exist, but I'm inclined to think that I would have seen them by now if they did.)

    I'm talking out of my ass here, and I'm too tired to lace my comments with the many disclaimers that they deserve, but I haven't seen any information to the contrary yet.
  • I've seen this too, on a lot of discs. The DVD standard doesn't require that anything be encrypted at all. In my experience, only the main feature is ever encrypted (as opposed to trailers, menus, etc.), and even then it's usually only used on Hollywood movies.

    My PC is a bit of a mess right now, but I made a cursory attempt to play a segment of Free Enterprise off of my hard drive. (Incredible movie, by the way.) I ran into a lot of unhelpful error messages, although my Creative PC-DVD player did tell me that "This program cannot open a file that is copy protected." So it isn't quite that easy to bypass CSS.
  • My mirror is still here []

  • DeCSS was designed from the word go to bootleg CDs

    Ummm... CDs don't use CSS.

    As for the rest of your point.
    At this time, bootlegging DVD is economically unfeasible. 1) No DVD-RAM on the market has enough storage space. 2) It would cost more for 2+ dvd-ram discs than it would for 95% of the commercially availble DVDs.

    Seeing that at the time of the creation of this program, there is no market for bootleg DVDs, I think that you would find it hard to prove in a court of law* that DeCSS was made to bootleg DVDs.

    If you can't prove that, there is _NO_ _CASE_.

    Further, we are defending our right as programmers to play with technology and "see how they did it." At this time (the the befuddlement of many corporations) this is still perfectly legal.

    * The concept of "proving" in a court of law, while not as stringent as that of the scientific community, is still very strict. This case is still very much up in the air. (BTW, IANAL (thank god))

  • Here's my mirror! []

    "Rex unto my cleeb, and thou shalt have everlasting blort." - Zorp 3:16

  • Gee, I could be a criminal already without having done anything I wouldn't normally be doing. (That was probably true before all this started, but we'll bypass that for now.) See, my web page has links to about half-a-dozen search engines. That means I'm at most two clicks away from the DeCSS code -- put "DeCSS code" in the text entry box I set up to do direct Google searches, click the Search button, and one of the 100 links that shows up will probably take me straight to the code.

    Even if you never used a search engine at all, how many degrees of separation do you think there are between some random home page, the pages it links to, the pages THEY link to and so until you finally hit what is probably now one of the 5,552,463 pages on the Web hosting DeCSS? I'll bet there aren't that many. And I have links to a bunch of pages.

    But wait a minute! This discussion thread has links to the DSS source code in it -- in fact, it has portions of the code itself -- and it's stored in my cache! In fact it's probably in the cache of everyone who uses any kind of browser and didn't specifically disable the cache. That means, my friends, that every single one of us is now in direct violation of the law.

    So now I might as well put the code right on my home page on the theory that if you're going to be hung for a lamb, you might as well be hung for a sheep.

  • (i posted this to an earlier thread, but it seems relevant here too.)

    what we need is some geneva conventions here. they should go like this:

    industry: you have the right to encrypt your stuff however you want. if you fail, you have the right to prosecute people for illegal distribution, but not for circumventing the encryption.

    would be crackers: if you can crack it, you can have it, BUT it is still illegal to sell cracked copies, as it is with other unprotected media.

    it should be this way for only one reason: it is the most defensible (read: enforcable) way of drawing the lines! and even with readily available cracks, if there is no real money in piracy, which there won't be, then pirated movies will account for like 1% of the market, as it does with auido CD's.
  • thank you, I just downloaded it and will have it up on a server of some kind this evening with a massive FUCK YOU to the MPAA/RIAA and anyone else who thinks they can supress any and all information that they think might somehow take power out of their hands.

  • It's interesting though. It brings to light some facets of the internet that are uncontrollable. People mirroring and posting code like this as an act of civil disobedience can not be stopped. All they can do is sue the larger bodies involved to try and recover "damages".

    (whether I support this particular cause or not is besides the point)
  • What you are really talking about is stenography.

    No, what he was talking about was steganography. "Stenography" is the process of taking shorthand. :-)

    Other than that misspelling, your description was accurate and informative.

  • Having been in a meeting with some of Sony Pictures corporate types just yesterday, I can tell you they haven't appeared to have read ESR's blurb on the positions of the open source community.

    The movie industry is rightfully worried - they make money off of home video, and don't want to see it disappear. They saw all the trouble the record industry had (and is having) with the whole MP3 debacle. They don't want a repeat, and they see DeCSS as something akin to a CD ripper. They don't see DVD on a hard disk as harmless - even if it is prohibitive to download several gigs today, they know it won't be in a few years. And they don't want all their movies out in the clear when that happens.

    Thing is, if what's-their-name had just encrypted their key in the first place, this crack never would have appeared. Kind of like NASA mixing up English and metric.

  • Trademark-wise, they have no legs to stand on (and I think they knew that to begin with, but lawyers need practice :-))

    Copyright-wise, they have a fully loaded, double-barrel shutgun (and a box of shells.) I'm sure they've had a few words with Xing privately for not adequately protecting the CSS technology, but you cannot put the smoke back in the chip (you fan the smoke away and replace the chip.) It doesn't matter what DeCSS was intended to do; it's only commercially significant purpose (to use the DMCA terms) is to remove the copy protection of a DVD -- it copies files from protected DVDs, descrambling them in the process, to your hard drive. I'd like to see a lawyer convence this judge otherwise. (MPAA's got us on that one.)

    DeCSS is a windows program -- that's not very useful to linux developers. Furthermore, doesn't contain any actual source code. I've never seen the DeCSS source code. At any rate, as I've been told, it's x86 assemble ripped (almost?) verbatum from the Xing player. (that's a clear copyright violation.) This source code was made available to Derek Fawcus (I hope I spelled that right) who took on the daunting task of turning that stuff into C code. (that's not so clearly a copyright violation.) Now, I'm sure Xing didn't write this stuff in asm -- I'd bet C++. Turning asm into C isn't blindingly simple; turning compiled C++ crypto code back into C is frighteningly complicated.

    The css-auth code from Derek is very useful code. It can do the same thing DeCSS does, but that's clearly not its intent nor is that remotely its primary commercially significant purpose. My concern as a LiVid developer is not to decode the crap on the disk but to be able to authenticate the disk so I can see the files and thus present them to the decoder hardware AND be able to broker the titlekeys as the decoder has no direct communication channel to the drive to do it on its own (if it could, I sure as hell would make it do it.)

    In my book, software decoding of DVDs is a serious waste of processing. Decoding MPEG-2 data is a very computational task best handled by hardware designed to handle it.

    As for your comment on "pay[ing up]"... CSS licensing is free. However, it doesn't happen overnight. When the Matrox DVD add-on is sufficiently functional, then and only then will I make a case for getting an actual license for a player. Until we have a reason to need one, why bother asking? (The driver may be functional tomorrow and it may be six months. And ZORAN will be the first people to be asked for any licensing... we need their microcode -- currently, you have to have the Matrox Zoran SoftDVD software installed.)
  • Actually, it's both. In all seriousness, CSS is copy protection, albeit damned weak. You cannot access the disk (assuming the DVD drive follows the rules) without going through the first phase of CSS to authenticate yourself to the drive. Beyond that, "copy away." (files are files, to the computer, it's just a bunch of bits.) Of course, this is just as effective as the copy protection of playstation disks.

    Then it becomes a rather effective playback protection as you cannot play the movie back without undoing what CSS does to the files. In some cases, the hardware doing the decoding can handle the actual descrambling once it has the appropriate keys (the dxr2 can do this and I'm sure the Vaddis III can too with proper microcode.) BUT, you have to jump through a few hoops to get the titlekeys for the descrambling process.

    This is all a bloody mess. I would bet everyone involved with DVD technology knew this crap was crap from the get go -- I'm surprised they weren't better prepared to counter DeCSS.
  • by Anonymous Coward on Friday January 21, 2000 @08:19AM (#1350416)
    Join EFF []. Join now.

    People are going to need all the lawyers our donations to EFF can buy.
  • by Yarn ( 75 ) on Friday January 21, 2000 @08:43AM (#1350417) Homepage
    If you dont fight this sensibly how long is it before international providers are required to delink countries because they dont follow these stupid american laws?
  • by smartin ( 942 ) on Friday January 21, 2000 @08:43AM (#1350418)
    I've always wondered at what point a set of random bits become a piece of illegal or forbidden information? Suppose for example I had an large data file that is entirely legal, say a mpeg of my kid's birthday party. Then I wrote a program that is capable of taking the mpeg file plus a file containing a sequence of commands and creating an output file. Suppose the commands looked like this:

    1. print byte 59821
    2. print (byte 33 + 1)
    3. print bit 12

    So what this is doing is just taking the input stream and rearranging it to construct an output stream. Now suppose the output stream just happened to look an awful lot like a gziped tar file of the DeCSS source code.

    Which part of this system is illegal? Is it my home movie? Is it the filter program that simply processes some instructs and transforms a file. Is it the instructions? Or is it the combination of all of the above? What if these pieces are kept on different machines, who is the one providing the illegal content then?
  • by John Whitley ( 6067 ) on Friday January 21, 2000 @08:52AM (#1350419) Homepage
    Presto: the protection is compromised, and the DVD coalition is vulnerable to their (erstwhile) partner's legal fury. The content owners could sue the DVD makers right into their pockets for failure to come through on the protection of their content if the DVD coalition doesn't nip this in the bud..

    Please be careful on statements like this. The protection WAS NOT compromised by DeCSS. There was simply no protection in the first place. As the OpenDVD fact sheet [] indicates, CSS' has no copy protection functionality -- it only controlled who could produce player software/hardware for legitimately owned DVDs. Anyone with a DVD-ROM drive, no player software, a hideously expensive DVD-R burner ($5-6k), and equally uneconomical blank DVD-R media (~$50 ea) can copy a DVD. (Oh, yeah, and Linux too. ;-)

    That said, the essence of your comments takes on a different light. The DVD coalition made copy protection assurances to the content producers that were not broken by Evil-{Cr,H}acker-People, but rather, were never true in the first place. "Liability Is."

  • by ethereal ( 13958 ) on Friday January 21, 2000 @08:53AM (#1350420) Journal

    From the Wired article []:

    "Now really, Ms. Gross, I think it's a mistake for you to assume you're talking to a moron," said the judge, who pronounced Linux with a hard "i" and required a short briefing on the concept of linking.

    The same article also describes the judge complaining about the defendant's lack of preparation, even though he denied their request for a postponement. The 2600 news section bears this out as well, describing how they had just 8 hours to talk to attorneys and prepare their case. This has all the signs of a travesty of justice in the making.

  • by Eric_Scheirer ( 14197 ) on Friday January 21, 2000 @09:21AM (#1350421) Homepage
    Two comments (I am not a lawyer and always appreciate being corrected if I get something wrong):

    1. It's important to understand the difference between the California case and the 2600 case. The California case is a theft-of-trade-secrets suit, which is unlikely IMHO to succeed. The 2600 case is a suit under the Digital Millenium Copyright Act, which specifically prohibits decryption devices, even when they are constructed through proper reverse engineering. It is much less clear IMHO that DeCSS is not in violation under the DMCA--argument for the defense hinges on the question of whether DeCSS is or is not *necessary*, and has as its *sole purpose*, to acheive interoperability with other DVD players.

    2. In some ways lower-court rulings in favor of the DMCA are likely to be of benefit in the long run, because they will accelerate the process of getting higher-court review of the constitutionality of the DMCA. Many legal experts believe that the DMCA is not constitutional. It takes court cases lost in the local jurisdictions in order for this to come out in the legal system. Thus, the most important thing now is to support 2600 and the EFF to continue the fight so that eventually the whole DMCA can be thrown out. Somebody has to be the test case, and it's better if it happens sooner rather than later IMHO. If we won every local case brought under the DMCA due to technicalities, the DMCA and its horrible ramifications would remain in force. Better to lose some small and meaningless fights in order to defeat the DMCA.

    This particular fight is about as meaningless as one could be, since there is no practical effect on the Linux or DVD world at large from the ruling. Only the defendants and their contacts are enjoined, so DeCSS distribution is not limited in any important way. Plus I'm sure 2600 is happy for the press coverage.

    You can read the DMCA here. []

  • by AJWM ( 19027 ) on Friday January 21, 2000 @08:57AM (#1350422) Homepage
    Here's a quote from the injunction:
    (c) "DeCSS" means any computer program, file or device that may be used to decrypt or unscramble the contents of DVDs that are protected, or otherwise to circumvent the protection afforded, by CSS and that permits the copying of the contents or any portion thereof.

    This could be argued to cover anyDVD drive and software, and indeed anyDVD player that has a video-out jack (you can plug it into your VCR to make a copy -- Macrovision may screw it up some, but some portion would be copied).

    Now, the injunction applies not just to 2600, but to anyone with contact with them -- so here's what they do: go visit as many retailers as possible selling DVD players (especially those that also sell VCRs, i.e. all of them) or DVD viewing software and talk to the sales folks. That's the contact. The stores thus fall under the injunction. 2600 obligingly reports all this.

    Now, I doubt that the judge is gonna throw all those folks in jail, or tell them that they can't sell DVD players anymore. It might (mind, there's no telling about the intelligence of judges, especially in New York) get him to better realize the implications, though.

  • Indeed, sites like that are no friends of the legitimate users of DeCSS. If they've been actively promoting DeCSS as a tool to aid piracy then they've lost their case.

    (And DeCSS can be used in such a way. There is a special part on a DVD which is not normally readable/writable that contains the CSS information. With DeCSS you can presumably write a DVD without getting/altering DVD equipment to allow you to read/write to those areas)

    I for one won't be sorry to see them 'sent down'. However what we (via online discussion and articles in tech-friendly and even mainstream media etc) need to do is make clear that the vast majority of DeCSS users (and would be users like myself) simply want to use it to play DVDs on our systems, which amounts to noting more or less than interoperability reasons.

    We must make clear that the targets of the recent cases to do not characterise the general DeCSS using (and would be using) community.

    We must make it clear that a win in these cases means nothing to the larger DeCSS community. It's just a win against a few individuals whose crime was to abuse, or promote the abuse of DecSS for illegitmiate means.

    We must show that there is a distinction between legitimate and illegitimate use of DeCSS, and that the legitimate users far outnumber the illegitimate users, thus the primary purpose for DeCSS is indeed for interoperability.
  • by Le douanier ( 24646 ) on Friday January 21, 2000 @08:43AM (#1350424) Homepage

    It's at

  • by powerlord ( 28156 ) on Friday January 21, 2000 @08:27AM (#1350425) Journal
    Okay, I know this was rather rapid but did anyone publish the where and when for this case?

    I work about 4 blocks from the court houses in Manhatten and would definately have dressed up and wandered over if it was likely to help.

    When is the actual hearing going to be?

    Colleen:Its a black-hole.
    Hunter:Is that a good thing?
    C:It is if you want to be compressed into oblivion.
    H:Oh.. coooool.
  • by ( 40816 ) on Friday January 21, 2000 @08:14AM (#1350426) Homepage
    well in some respects this isn't much of a surprise. if its one thing lawyers (and their clients) like to do is make (serious) threats.

    of course part of the campaign is that 2600 is not your average web site, and if anything, the name alone should be enough to encourage people to setup mirrors all over the nets as soon as possible.

    part of me wonders why the industry and their lawyers bother, but another part of me realizes that (digital) democracy doesn't come easy.

    so how many of us run servers, and how quickly can we work to ensure that information remains free?
  • by AugstWest ( 79042 ) on Friday January 21, 2000 @09:21AM (#1350427)
    I've got $5 that in the 80s you were an elite "kiddy" as well.

    I know I was. Welcome to aging in cyberspace. Antigravity, yes. Anti-cranky, no.

    But it does bring up a valid point. There's no way on God's increasingly less-green earth they're going to stop this code from proliferating. Why waste the court's time? Isn't there enough ludicrous crap floating through right now?

    Like this legislation that (i swear to GOD) just passed, as a result of our great friends, the entertainment industry, that TV listings (tv guide, prevue, that kind of stuff) cannot list whether or not a show is a REPEAT.

    It's a good thing our court system has been freed up to worry about things like TV repeats, or making it illegal to list on your dairy products that BGH was not used on the cattle, or that some hacker wrote a program that allows the decoding of extremely insecure video formats.

    Fuck the video industry. Fuck the record industry. Fuck these billionaires without enough talent to act, sing, play an instrument or write a screenplay, but who know how to slap their fellow white men on the back and say, "Dammit Bob, let's go have martinis at the witless public's expense. Hell, in 4 years DVD will be obsolete and they'll all buy the same crap on some other medium instead."

    Can you say "leeches?"
  • by sumner ( 99758 ) on Friday January 21, 2000 @08:54AM (#1350428) Homepage
    Like it or not the DeCSS software publishes a trade secret, the CSS encryption algorithm. This is illegal. Plain and simple. IANAL, but your summary here is just plain wrong. Trade secrets stand in contrast to patents. It is illegal to use patented information without a license, but the patented method must be published for all to see. Trade secrets don't have to be published, but if someone figures them out then they are free to use the information. There are exceptions (NDA violations, illegal methods of discovery, etc), but in general if you figure out a trade secret then it's (by definition) not a trade secret anymore and there is not legal protection on that information. Sumner
  • by spaceorb ( 125782 ) on Friday January 21, 2000 @08:25AM (#1350429)
    Here is a quick pasting of the article:


    Today would have been a very happy day for us here at 2600. After nearly five years in prison, this is the day that Kevin Mitnick is finally being released.

    Ironically, that development is overshadowed by a very immediate threat to 2600, the hacker community, and people who value freedom everywhere.
    At 5:40 pm on Thursday, the Motion Picture Association of America was granted a preliminary injunction against us - and everyone we've ever had any contact with - prohibiting the distribution of the DeCSS source code. As a result we have had to remove our mirrors of DeCSS, css-auth and related information from the November article. Last week's complaint was filed at the last possible minute on a Friday before a three day weekend. This calculated and bullying move minimized media coverage and ensured that any publicity was only from their perspective. Not to mention of course the fact that the corporations that make up the MPAA collectively own just about every major media outlet in the country. Meanwhile the EFF legal defense team was busy preparing for the Tuesday DVD CCA hearing in California and we were busy preparing for the Mitnick release. We were given a grand total of about eight hours to consult with our attorneys, look for evidence, and write a declaration. Despite our having never been properly served, the judge only granted a continuance of a few hours making it impossible to assemble any evidence in time for the hearing. The judge essentially ignored our arguments and granted the preliminary injunction.
  • by funtax ( 126661 ) on Friday January 21, 2000 @09:00AM (#1350430) Homepage
    Hehe. I doubt they'll do that, but I'm a bit concerned about anyone "affiliated" with 2600. I run the Maryland 2600 page and we had been mirroring the DVD files, as per Emmanual's request. I'm still waiting to hear clarification, but the initial response from 2600 makes it sound like the injunction is aimed at 2600 and it's affiliates. I am a bit concerned that this could mean inclusion in the suit.

    I know Emmanual is gung-ho about fighting this and I support him completely, but I'm just a lowly recent college grad-type guy without the backing of a legion of fans and the EFF, etc. I don't have the time or the $$$ to fight it in court, and I doubt most of us do. Is it really wise for us to be suggesting that people mirror files haphazardly? I'd say mirroring them on "anonymous" sites, like geocities is safer (though not without hazard).

    I know a bunch of folks who had their own, personal (thus easily tracable) sites on the 2600 mirror site a few weeks back. I'd hate to see a bunch of people wind up in jail because they got too wrapped up in what they THINK their rights are. In reality, an injunction means your ass belongs to the Man if you don't quit what you're doing. And for 99% of people that would mean a nice fine and some jailtime, rather than a glorious media-filled battle for "Constitutional Rights."

    Enough rambling. I'm just worried that we'll wind up with a nice-sized pile of martyrs here if we aren't careful.
  • by Trilliumjs ( 130864 ) on Friday January 21, 2000 @08:28AM (#1350431)
    According to the Wired article here,1283,33816,00 .html The judge said "I don't think there's the slightest question that plaintiffs have a very good chance of success," Judge Kaplan said in issuing his decision.
  • by nahal ( 140825 ) on Friday January 21, 2000 @08:29AM (#1350432)
    Here's my worry: DVDs will be judged as *software*, and not as *movies*. Why not? DVDs have a UI, APIs, input devices (remote control!), and a sorta-OS. Legally it could be good enough. This could be positive: If DVD movies are shown to be software, then reverse-engineering the software is no problem for interoperability. The downside: End User License Agreements for DVDs. I really, really think it's critical that the Judge in the case be well-educated on this: the DVD movie is the at-issue copyrightable content, but the CSS encryption system is *software*, and the deCSS utility is being used to provide for interoperability of said software, not a a means to harm the copyright rights owned by their respective holders. Otherwise, in the future... *everything* could be considered software. DVDs... eBooks... how about that electronic newspaper? And everything will have shrinkwrap rules governing the use of what's been judged as software, and THEN free speech is in real trouble. There are some very serious, broad issues at hand here. --Neil
  • by Booker ( 6173 ) on Friday January 21, 2000 @09:50AM (#1350433) Homepage
    Too far down the message chain to be read, I suppose, but some of the defendants in this case were NOT smart about the whole thing, and hurt the cause, I believe. Take, for example "" which tells you "What you need to trade Moviez online" and "Bastard Greedy Companies - eBOMB their servers!" and "Yes, you can trade DVD movie files over the Internet . . . You can break the encryption on any DVD and allow users to copy the contents of a DVD onto the a [sic] hard drive or alternative media! Notice: The DVD Copy Control Association are cocksuckers!"

    This doesn't help. Sounds like the judge never gave the defendants a chance (with comments to the plaintiffs along the lines of "I can give you a runaway train on this one, if you'd like" - see ) but the quotes above are not the way to go. The whole argument is that CSS is not copy protection, that DeCSS is not intended for privacy, etc, loses credibility due to sites like I actually *support* this type of action against people who are proponents of illegally trading copyrighted material on the DVDs, because it hurts legitimate organizations like LiViD.
  • by mcc ( 14761 ) <> on Friday January 21, 2000 @11:33AM (#1350434) Homepage
    i was posting something last month suggesting we start some kind of blue ribbon campaign-style thing, where everyone put up a little logo image and a mirror of decss.

    someone [no idea who] replied by pointing out a simpler alternative: simply use the standard GIF comment blocks to distribute the DeCSS code. Distribute a GIF banner image type thing with the DeCSS code in it and have people put it on pages.
    everyone who visits the page breaks the law.. -_-
    i'd link to the discussion, but it's long gone now.

    Now take a moment to remember Martin Luther King Jr., and what he said about peaceful civil disobedience to facilitate change of an immoral system of law..

  • by mcc ( 14761 ) <> on Friday January 21, 2000 @05:40PM (#1350435) Homepage

    well.. i don't know if i like how these came out, but here they are []. I went ahead and made them for some reason. I don't really like what they say. "This GIF is illegal" maybe isn't the best way to put it. I'm not quite sure. And it may or may not be true depending on your definition of "illegal". (And they maybe oughta have the LZW compression removed via ungif, just so we can all have rhetorical purity. :P)

    The idea behind these images (spread public awareness, a la the blue ribbon campaign) only works if it's somehow centralised-- i mean, if images like these wind up in widespread usage, any usage of them should link to some central page that explains what the MPAA is doing and why it's wrong. In which case the "this gif is illegal" should be added to with "click here to find out why". From there it could probably explain what source code is, why it should be considered speech, the purpose of DeCSS, the purpose of CSS, the reason DeCSS does not help piracy (seeing as you can pirate DVDs just as easily without DeCSS just by copying the dvd without decoding or writing a fake video driver before playing it in windows), the reason the MPAA/DVD forum brought this on themselves (by refusal to give any support the unices, the one group most likely to understand how to reverse-engineer), the constitutionality of the Digital Millineum Copyright act with regards to the first amendment and the copyright clause of the constitution, and how the DVD forum in general is basically trying to prevent the spread of information. Y'know, how they are absusing the legal system to try to prevent people from distributing information about how to defeat a copyright protection measure (which sounds to me like it should be covered by freedom of speech and freedom of the press, even if said speech is in the language of C++ and said press is printing on TCP/IP packets instead of paper), or even distributing the location [URLs, links] of that information (which i know is speech, and which there is no basis whatsoever to prevent talking about.) Oh, and maybe some stuff thrown in about monopolies, the sherman antitrust act, and the fact that crushing DeCSS is clearly not to prevent piracy and protect the MPAAs profits and help the artists involved, but simply to preserve the MPAA's power as a political entity/robber baron. And everything else i forgot; what the MPAA/DVD forum is doing is wrong on so many levels you could go on for pages about it. We know all this already, you could do it solely based on compiling slashdot posts, i could write it myself if i weren't so damned tired and i didn't have to go to bed so i can take the SATs tomorrow.

    As for the GIFs themselves, the kind of murky colored stuff in the background is actually the DeCSS code itself, with the ASCII interpreted as raw color values. Kinda nifty how the hex values at the end come out as just patterns of lines. On the big one i enlarged it and blurred it over a bit to fit more text, but i wouldn't use that one if i were you cuz the file size is unneccicarily large (like 40k.. i think it's better as small as possible). As promised, both contain the entire source code to DeCSS in their comment fields. If you feel like it (hell, do whatever you want-- they contain GPLed code, so they're GPLed images, so i have no control over what you do with them :) ) you can go ahead and put either on any web page you may have with a little note about how the person viewing the page has just broken the law by storing illegal information about defeating copy protection in their browser caches. But, i still think this needs to be more organized.

    Please excuse the poor writing in this post. As i said, i am tired.
  • From the MPAA's Jan 14 press release []:

    "This is a case of theft. The posting of the de-encryption formula is no different from making and then distributing unauthorized keys to a department store. The keys have no real purpose except to circumvent the locks that stand between the thief and the goods he or she targets."

    It's not a valid analogy. It would be more appropriate to compare DeCSS to a set of lockpicks. Lockpicks are legal to buy and to use in your own home. The only thing that's illegal is when you use them to break into someone else's house.

    Similarly, DeCSS should be legal for distribution and personal use. The only thing that should be illegal about DeCSS is using it to crack DVDs you don't own for personal gain.


  • by SgtPepper ( 5548 ) on Friday January 21, 2000 @08:46AM (#1350437)
    Main Office Address:

    Motion Picture Association of America
    Motion Picture Association (MPA)

    15503 Ventura Blvd.
    Encino, California 91436
    (818) 995-6600

  • by XenoWolf ( 6057 ) on Friday January 21, 2000 @09:01AM (#1350438) Homepage
    Here's a copy of what I sent to the 2600 guys. What do you guys think? Is my logic correct?
    ---begin quote---
    - From the injunction:

    3. Certain terms use in this order are defined as follows:

    (a) "DVD" means digital versatile disc.

    (b) "CSS" means the Contents Scramble System used to encrypt,

    scramble or otherwise protect the contents of certain DVDs from being


    (c) "DeCSS" means any computer program, file or device that may be

    used to decrypt or unscramble the contents of DVDs that are protected, or

    otherwise to circumvent the protection afforded, by CSS and that permits the

    copying of the contents or any portion thereof.

    Under the above restraining order, *any* product that can decrypt CSS
    and play back its contents is so termed "DeCSS" which means that all
    hardware DVD players are "DeCSS" and thus must not be distributed.
    Likewise, under this injunction, it seems that Xing, Creative, et.
    al. cannot distribute their software DVD players.

    For example, my Philips set top DVD player:

    1. is a device
    2. decrypts CSS encoded DVDs
    3. plays them back over a unencrypted output ( the video/audio
    connections ), thus allowing me to copy them to any device that
    accepts video input e.g. my RCA VCR, my computer via my Pinnacle DC30
    capture card, et. al.

    and thus , being that it fits the description in 3.(c), is "DeCSS"

    Hmmm. Interesting, eh? Contact Circuit City and tell them to cease
    and desist selling all DVD players that putput an unencrypted video
    feed, otherwise they are violating the restraining order. You might
    want to forward this insight on to whoever at the EFF is doing their
    defense. This is way too wide and could be overturned quite easily on
    the basis that this document includes the licensees of the CSS
    decryption method present in DVD players and software.

    *Disclaimer*: I am not a lawyer. I never will be. I just thought
    through this logically, and saw a large hole.

    See Ya
    ----end quote----
  • by fatboy ( 6851 ) on Friday January 21, 2000 @09:19AM (#1350439)
    Is this what all the fuss is about??? Sure looks like speech to me ;)

    * Copyright (C) 1999 Derek Fawcus
    * This code may be used under the terms of Version 2 of the GPL,
    * read the file COPYING for details.

    * These routines do some reordering of the supplied data before
    * calling engine() to do the main work.
    * The reordering seems similar to that done by the initial stages of
    * the DES algorithm, in that it looks like it's just been done to
    * try and make software decoding slower. I'm not sure that it
    * actually adds anything to the security.
    * The nature of the shuffling is that the bits of the supplied
    * parameter 'varient' are reorganised (and some inverted), and
    * the bytes of the parameter 'challenge' are reorganised.
    * The reorganisation in each routine is different, and the first
    * (CryptKey1) does not bother of play with the 'varient' parameter.
    * Since this code is only run once per disk change, I've made the
    * code table driven in order to improve readability.
    * Since these routines are so similar to each other, one could even
    * abstract them all to one routine supplied a parameter determining
    * the nature of the reordering it has to do.

    #include "css-auth.h"

    typedef unsigned long u32;

    static void engine(int varient, byte const *input, struct block *output);

    void CryptKey1(int varient, byte const *challenge, struct block *key)
    static byte perm_challenge[] = {1,3,0,7,5, 2,9,6,4,8};

    byte scratch[10];
    int i;

    for (i = 9; i >= 0; --i)
    scratch[i] = challenge[perm_challenge[i]];

    engine(varient, scratch, key);

    /* This shuffles the bits in varient to make perm_varient such that
    * 4 -> !3
    * 3 -> 4
    * varient bits: 2 -> 0 perm_varient bits
    * 1 -> 2
    * 0 -> !1
    void CryptKey2(int varient, byte const *challenge, struct block *key)
    static byte perm_challenge[] = {6,1,9,3,8, 5,7,4,0,2};

    static byte perm_varient[] = {
    0x0a, 0x08, 0x0e, 0x0c, 0x0b, 0x09, 0x0f, 0x0d,
    0x1a, 0x18, 0x1e, 0x1c, 0x1b, 0x19, 0x1f, 0x1d,
    0x02, 0x00, 0x06, 0x04, 0x03, 0x01, 0x07, 0x05,
    0x12, 0x10, 0x16, 0x14, 0x13, 0x11, 0x17, 0x15};

    byte scratch[10];
    int i;

    for (i = 9; i >= 0; --i)
    scratch[i] = challenge[perm_challenge[i]];

    engine(perm_varient[varient], scratch, key);

    /* This shuffles the bits in varient to make perm_varient such that
    * 4 -> 0
    * 3 -> !1
    * varient bits: 2 -> !4 perm_varient bits
    * 1 -> 2
    * 0 -> 3
    void CryptBusKey(int varient, byte const *challenge, struct block *key)
    static byte perm_challenge[] = {4,0,3,5,7, 2,8,6,1,9};
    static byte perm_varient[] = {
    0x12, 0x1a, 0x16, 0x1e, 0x02, 0x0a, 0x06, 0x0e,
    0x10, 0x18, 0x14, 0x1c, 0x00, 0x08, 0x04, 0x0c,
    0x13, 0x1b, 0x17, 0x1f, 0x03, 0x0b, 0x07, 0x0f,
    0x11, 0x19, 0x15, 0x1d, 0x01, 0x09, 0x05, 0x0d};

    byte scratch[10];
    int i;

    for (i = 9; i >= 0; --i)
    scratch[i] = challenge[perm_challenge[i]];

    engine(perm_varient[varient], scratch, key);

    * We use two LFSR's (seeded from some of the input data bytes) to
    * generate two streams of pseudo-random bits. These two bit streams
    * are then combined by simply adding with carry to generate a final
    * sequence of pseudo-random bits which is stored in the buffer that
    * 'output' points to the end of - len is the size of this buffer.
    * The first LFSR is of degree 25, and has a polynomial of:
    * x^13 + x^5 + x^4 + x^1 + 1
    * The second LSFR is of degree 17, and has a (primitive) polynomial of:
    * x^15 + x^1 + 1
    * I don't know if these polynomials are primitive modulo 2, and thus
    * represent maximal-period LFSR's.
    * Note that we take the output of each LFSR from the new shifted in
    * bit, not the old shifted out bit. Thus for ease of use the LFSR's
    * are implemented in bit reversed order.
    static void generate_bits(byte *output, int len, struct block const *s)
    u32 lfsr0, lfsr1;
    byte carry;

    /* In order to ensure that the LFSR works we need to ensure that the
    * initial values are non-zero. Thus when we initialise them from
    * the seed, we ensure that a bit is set.
    lfsr0 = (s->b[0] b[1] b[2] & ~7) b[2] & 7);
    lfsr1 = (s->b[3] b[4];


    carry = 0;
    do {
    int bit;
    byte val;

    for (bit = 0, val = 0; bit > 24) ^ (lfsr0 >> 21) ^ (lfsr0 >> 20) ^ (lfsr0 >> 12)) & 1;
    lfsr0 = (lfsr0 > 16) ^ (lfsr1 >> 2)) & 1;
    lfsr1 = (lfsr1 > 1) & 1)

    combined = !o_lfsr1 + carry + !o_lfsr0;
    carry = BIT1(combined);
    val |= BIT0(combined) 0);

    static byte Secret[];
    static byte Varients[];
    static byte Table0[];
    static byte Table1[];
    static byte Table2[];
    static byte Table3[];

    * This encryption engine implements one of 32 variations
    * one the same theme depending upon the choice in the
    * varient parameter (0 - 31).
    * The algorithm itself manipulates a 40 bit input into
    * a 40 bit output.
    * The parameter 'input' is 80 bits. It consists of
    * the 40 bit input value that is to be encrypted followed
    * by a 40 bit seed value for the pseudo random number
    * generators.
    static void engine(int varient, byte const *input, struct block *output)
    byte cse, term, index;
    struct block temp1;
    struct block temp2;
    byte bits[30];

    int i;

    /* Feed the secret into the input values such that
    * we alter the seed to the LFSR's used above, then
    * generate the bits to play with.
    for (i = 5; --i >= 0; )
    temp1.b[i] = input[5 + i] ^ Secret[i] ^ Table2[i];

    generate_bits(&bits[29], sizeof bits, &temp1);

    /* This term is used throughout the following to
    * select one of 32 different variations on the
    * algorithm.
    cse = Varients[varient] ^ Table2[varient];

    /* Now the actual blocks doing the encryption. Each
    * of these works on 40 bits at a time and are quite
    * similar.
    for (i = 5, term = 0; --i >= 0; term = input[i]) {
    index = bits[25 + i] ^ input[i];
    index = Table1[index] ^ ~Table2[index] ^ cse;

    temp1.b[i] = Table2[index] ^ Table3[index] ^ term;
    temp1.b[4] ^= temp1.b[0];

    for (i = 5, term = 0; --i >= 0; term = temp1.b[i]) {
    index = bits[20 + i] ^ temp1.b[i];
    index = Table1[index] ^ ~Table2[index] ^ cse;

    temp2.b[i] = Table2[index] ^ Table3[index] ^ term;
    temp2.b[4] ^= temp2.b[0];

    for (i = 5, term = 0; --i >= 0; term = temp2.b[i]) {
    index = bits[15 + i] ^ temp2.b[i];
    index = Table1[index] ^ ~Table2[index] ^ cse;
    index = Table2[index] ^ Table3[index] ^ term;

    temp1.b[i] = Table0[index] ^ Table2[index];
    temp1.b[4] ^= temp1.b[0];

    for (i = 5, term = 0; --i >= 0; term = temp1.b[i]) {
    index = bits[10 + i] ^ temp1.b[i];
    index = Table1[index] ^ ~Table2[index] ^ cse;

    index = Table2[index] ^ Table3[index] ^ term;

    temp2.b[i] = Table0[index] ^ Table2[index];
    temp2.b[4] ^= temp2.b[0];

    for (i = 5, term = 0; --i >= 0; term = temp2.b[i]) {
    index = bits[5 + i] ^ temp2.b[i];
    index = Table1[index] ^ ~Table2[index] ^ cse;

    temp1.b[i] = Table2[index] ^ Table3[index] ^ term;
    temp1.b[4] ^= temp1.b[0];

    for (i = 5, term = 0; --i >= 0; term = temp1.b[i]) {
    index = bits[i] ^ temp1.b[i];
    index = Table1[index] ^ ~Table2[index] ^ cse;

    output->b[i] = Table2[index] ^ Table3[index] ^ term;

    static byte Varients[] = {
    0xB7, 0x74, 0x85, 0xD0, 0xCC, 0xDB, 0xCA, 0x73,
    0x03, 0xFE, 0x31, 0x03, 0x52, 0xE0, 0xB7, 0x42,
    0x63, 0x16, 0xF2, 0x2A, 0x79, 0x52, 0xFF, 0x1B,
    0x7A, 0x11, 0xCA, 0x1A, 0x9B, 0x40, 0xAD, 0x01};

    static byte Secret[] = {0x55, 0xD6, 0xC4, 0xC5, 0x28};

    static byte Table0[] = {
    0xB7, 0xF4, 0x82, 0x57, 0xDA, 0x4D, 0xDB, 0xE2,
    0x2F, 0x52, 0x1A, 0xA8, 0x68, 0x5A, 0x8A, 0xFF,
    0xFB, 0x0E, 0x6D, 0x35, 0xF7, 0x5C, 0x76, 0x12,
    0xCE, 0x25, 0x79, 0x29, 0x39, 0x62, 0x08, 0x24,
    0xA5, 0x85, 0x7B, 0x56, 0x01, 0x23, 0x68, 0xCF,
    0x0A, 0xE2, 0x5A, 0xED, 0x3D, 0x59, 0xB0, 0xA9,
    0xB0, 0x2C, 0xF2, 0xB8, 0xEF, 0x32, 0xA9, 0x40,
    0x80, 0x71, 0xAF, 0x1E, 0xDE, 0x8F, 0x58, 0x88,
    0xB8, 0x3A, 0xD0, 0xFC, 0xC4, 0x1E, 0xB5, 0xA0,
    0xBB, 0x3B, 0x0F, 0x01, 0x7E, 0x1F, 0x9F, 0xD9,
    0xAA, 0xB8, 0x3D, 0x9D, 0x74, 0x1E, 0x25, 0xDB,
    0x37, 0x56, 0x8F, 0x16, 0xBA, 0x49, 0x2B, 0xAC,
    0xD0, 0xBD, 0x95, 0x20, 0xBE, 0x7A, 0x28, 0xD0,
    0x51, 0x64, 0x63, 0x1C, 0x7F, 0x66, 0x10, 0xBB,
    0xC4, 0x56, 0x1A, 0x04, 0x6E, 0x0A, 0xEC, 0x9C,
    0xD6, 0xE8, 0x9A, 0x7A, 0xCF, 0x8C, 0xDB, 0xB1,
    0xEF, 0x71, 0xDE, 0x31, 0xFF, 0x54, 0x3E, 0x5E,
    0x07, 0x69, 0x96, 0xB0, 0xCF, 0xDD, 0x9E, 0x47,
    0xC7, 0x96, 0x8F, 0xE4, 0x2B, 0x59, 0xC6, 0xEE,
    0xB9, 0x86, 0x9A, 0x64, 0x84, 0x72, 0xE2, 0x5B,
    0xA2, 0x96, 0x58, 0x99, 0x50, 0x03, 0xF5, 0x38,
    0x4D, 0x02, 0x7D, 0xE7, 0x7D, 0x75, 0xA7, 0xB8,
    0x67, 0x87, 0x84, 0x3F, 0x1D, 0x11, 0xE5, 0xFC,
    0x1E, 0xD3, 0x83, 0x16, 0xA5, 0x29, 0xF6, 0xC7,
    0x15, 0x61, 0x29, 0x1A, 0x43, 0x4F, 0x9B, 0xAF,
    0xC5, 0x87, 0x34, 0x6C, 0x0F, 0x3B, 0xA8, 0x1D,
    0x45, 0x58, 0x25, 0xDC, 0xA8, 0xA3, 0x3B, 0xD1,
    0x79, 0x1B, 0x48, 0xF2, 0xE9, 0x93, 0x1F, 0xFC,
    0xDB, 0x2A, 0x90, 0xA9, 0x8A, 0x3D, 0x39, 0x18,
    0xA3, 0x8E, 0x58, 0x6C, 0xE0, 0x12, 0xBB, 0x25,
    0xCD, 0x71, 0x22, 0xA2, 0x64, 0xC6, 0xE7, 0xFB,
    0xAD, 0x94, 0x77, 0x04, 0x9A, 0x39, 0xCF, 0x7C};

    static byte Table1[] = {
    0x8C, 0x47, 0xB0, 0xE1, 0xEB, 0xFC, 0xEB, 0x56,
    0x10, 0xE5, 0x2C, 0x1A, 0x5D, 0xEF, 0xBE, 0x4F,
    0x08, 0x75, 0x97, 0x4B, 0x0E, 0x25, 0x8E, 0x6E,
    0x39, 0x5A, 0x87, 0x53, 0xC4, 0x1F, 0xF4, 0x5C,
    0x4E, 0xE6, 0x99, 0x30, 0xE0, 0x42, 0x88, 0xAB,
    0xE5, 0x85, 0xBC, 0x8F, 0xD8, 0x3C, 0x54, 0xC9,
    0x53, 0x47, 0x18, 0xD6, 0x06, 0x5B, 0x41, 0x2C,
    0x67, 0x1E, 0x41, 0x74, 0x33, 0xE2, 0xB4, 0xE0,
    0x23, 0x29, 0x42, 0xEA, 0x55, 0x0F, 0x25, 0xB4,
    0x24, 0x2C, 0x99, 0x13, 0xEB, 0x0A, 0x0B, 0xC9,
    0xF9, 0x63, 0x67, 0x43, 0x2D, 0xC7, 0x7D, 0x07,
    0x60, 0x89, 0xD1, 0xCC, 0xE7, 0x94, 0x77, 0x74,
    0x9B, 0x7E, 0xD7, 0xE6, 0xFF, 0xBB, 0x68, 0x14,
    0x1E, 0xA3, 0x25, 0xDE, 0x3A, 0xA3, 0x54, 0x7B,
    0x87, 0x9D, 0x50, 0xCA, 0x27, 0xC3, 0xA4, 0x50,
    0x91, 0x27, 0xD4, 0xB0, 0x82, 0x41, 0x97, 0x79,
    0x94, 0x82, 0xAC, 0xC7, 0x8E, 0xA5, 0x4E, 0xAA,
    0x78, 0x9E, 0xE0, 0x42, 0xBA, 0x28, 0xEA, 0xB7,
    0x74, 0xAD, 0x35, 0xDA, 0x92, 0x60, 0x7E, 0xD2,
    0x0E, 0xB9, 0x24, 0x5E, 0x39, 0x4F, 0x5E, 0x63,
    0x09, 0xB5, 0xFA, 0xBF, 0xF1, 0x22, 0x55, 0x1C,
    0xE2, 0x25, 0xDB, 0xC5, 0xD8, 0x50, 0x03, 0x98,
    0xC4, 0xAC, 0x2E, 0x11, 0xB4, 0x38, 0x4D, 0xD0,
    0xB9, 0xFC, 0x2D, 0x3C, 0x08, 0x04, 0x5A, 0xEF,
    0xCE, 0x32, 0xFB, 0x4C, 0x92, 0x1E, 0x4B, 0xFB,
    0x1A, 0xD0, 0xE2, 0x3E, 0xDA, 0x6E, 0x7C, 0x4D,
    0x56, 0xC3, 0x3F, 0x42, 0xB1, 0x3A, 0x23, 0x4D,
    0x6E, 0x84, 0x56, 0x68, 0xF4, 0x0E, 0x03, 0x64,
    0xD0, 0xA9, 0x92, 0x2F, 0x8B, 0xBC, 0x39, 0x9C,
    0xAC, 0x09, 0x5E, 0xEE, 0xE5, 0x97, 0xBF, 0xA5,
    0xCE, 0xFA, 0x28, 0x2C, 0x6D, 0x4F, 0xEF, 0x77,
    0xAA, 0x1B, 0x79, 0x8E, 0x97, 0xB4, 0xC3, 0xF4};

    static byte Table2[] = {
    0xB7, 0x75, 0x81, 0xD5, 0xDC, 0xCA, 0xDE, 0x66,
    0x23, 0xDF, 0x15, 0x26, 0x62, 0xD1, 0x83, 0x77,
    0xE3, 0x97, 0x76, 0xAF, 0xE9, 0xC3, 0x6B, 0x8E,
    0xDA, 0xB0, 0x6E, 0xBF, 0x2B, 0xF1, 0x19, 0xB4,
    0x95, 0x34, 0x48, 0xE4, 0x37, 0x94, 0x5D, 0x7B,
    0x36, 0x5F, 0x65, 0x53, 0x07, 0xE2, 0x89, 0x11,
    0x98, 0x85, 0xD9, 0x12, 0xC1, 0x9D, 0x84, 0xEC,
    0xA4, 0xD4, 0x88, 0xB8, 0xFC, 0x2C, 0x79, 0x28,
    0xD8, 0xDB, 0xB3, 0x1E, 0xA2, 0xF9, 0xD0, 0x44,
    0xD7, 0xD6, 0x60, 0xEF, 0x14, 0xF4, 0xF6, 0x31,
    0xD2, 0x41, 0x46, 0x67, 0x0A, 0xE1, 0x58, 0x27,
    0x43, 0xA3, 0xF8, 0xE0, 0xC8, 0xBA, 0x5A, 0x5C,
    0x80, 0x6C, 0xC6, 0xF2, 0xE8, 0xAD, 0x7D, 0x04,
    0x0D, 0xB9, 0x3C, 0xC2, 0x25, 0xBD, 0x49, 0x63,
    0x8C, 0x9F, 0x51, 0xCE, 0x20, 0xC5, 0xA1, 0x50,
    0x92, 0x2D, 0xDD, 0xBC, 0x8D, 0x4F, 0x9A, 0x71,
    0x2F, 0x30, 0x1D, 0x73, 0x39, 0x13, 0xFB, 0x1A,
    0xCB, 0x24, 0x59, 0xFE, 0x05, 0x96, 0x57, 0x0F,
    0x1F, 0xCF, 0x54, 0xBE, 0xF5, 0x06, 0x1B, 0xB2,
    0x6D, 0xD3, 0x4D, 0x32, 0x56, 0x21, 0x33, 0x0B,
    0x52, 0xE7, 0xAB, 0xEB, 0xA6, 0x74, 0x00, 0x4C,
    0xB1, 0x7F, 0x82, 0x99, 0x87, 0x0E, 0x5E, 0xC0,
    0x8F, 0xEE, 0x6F, 0x55, 0xF3, 0x7E, 0x08, 0x90,
    0xFA, 0xB6, 0x64, 0x70, 0x47, 0x4A, 0x17, 0xA7,
    0xB5, 0x40, 0x8A, 0x38, 0xE5, 0x68, 0x3E, 0x8B,
    0x69, 0xAA, 0x9B, 0x42, 0xA5, 0x10, 0x01, 0x35,
    0xFD, 0x61, 0x9E, 0xE6, 0x16, 0x9C, 0x86, 0xED,
    0xCD, 0x2E, 0xFF, 0xC4, 0x5B, 0xA0, 0xAE, 0xCC,
    0x4B, 0x3B, 0x03, 0xBB, 0x1C, 0x2A, 0xAC, 0x0C,
    0x3F, 0x93, 0xC7, 0x72, 0x7A, 0x09, 0x22, 0x3D,
    0x45, 0x78, 0xA9, 0xA8, 0xEA, 0xC9, 0x6A, 0xF7,
    0x29, 0x91, 0xF0, 0x02, 0x18, 0x3A, 0x4E, 0x7C};

    static byte Table3[] = {
    0x73, 0x51, 0x95, 0xE1, 0x12, 0xE4, 0xC0, 0x58,
    0xEE, 0xF2, 0x08, 0x1B, 0xA9, 0xFA, 0x98, 0x4C,
    0xA7, 0x33, 0xE2, 0x1B, 0xA7, 0x6D, 0xF5, 0x30,
    0x97, 0x1D, 0xF3, 0x02, 0x60, 0x5A, 0x82, 0x0F,
    0x91, 0xD0, 0x9C, 0x10, 0x39, 0x7A, 0x83, 0x85,
    0x3B, 0xB2, 0xB8, 0xAE, 0x0C, 0x09, 0x52, 0xEA,
    0x1C, 0xE1, 0x8D, 0x66, 0x4F, 0xF3, 0xDA, 0x92,
    0x29, 0xB9, 0xD5, 0xC5, 0x77, 0x47, 0x22, 0x53,
    0x14, 0xF7, 0xAF, 0x22, 0x64, 0xDF, 0xC6, 0x72,
    0x12, 0xF3, 0x75, 0xDA, 0xD7, 0xD7, 0xE5, 0x02,
    0x9E, 0xED, 0xDA, 0xDB, 0x4C, 0x47, 0xCE, 0x91,
    0x06, 0x06, 0x6D, 0x55, 0x8B, 0x19, 0xC9, 0xEF,
    0x8C, 0x80, 0x1A, 0x0E, 0xEE, 0x4B, 0xAB, 0xF2,
    0x08, 0x5C, 0xE9, 0x37, 0x26, 0x5E, 0x9A, 0x90,
    0x00, 0xF3, 0x0D, 0xB2, 0xA6, 0xA3, 0xF7, 0x26,
    0x17, 0x48, 0x88, 0xC9, 0x0E, 0x2C, 0xC9, 0x02,
    0xE7, 0x18, 0x05, 0x4B, 0xF3, 0x39, 0xE1, 0x20,
    0x02, 0x0D, 0x40, 0xC7, 0xCA, 0xB9, 0x48, 0x30,
    0x57, 0x67, 0xCC, 0x06, 0xBF, 0xAC, 0x81, 0x08,
    0x24, 0x7A, 0xD4, 0x8B, 0x19, 0x8E, 0xAC, 0xB4,
    0x5A, 0x0F, 0x73, 0x13, 0xAC, 0x9E, 0xDA, 0xB6,
    0xB8, 0x96, 0x5B, 0x60, 0x88, 0xE1, 0x81, 0x3F,
    0x07, 0x86, 0x37, 0x2D, 0x79, 0x14, 0x52, 0xEA,
    0x73, 0xDF, 0x3D, 0x09, 0xC8, 0x25, 0x48, 0xD8,
    0x75, 0x60, 0x9A, 0x08, 0x27, 0x4A, 0x2C, 0xB9,
    0xA8, 0x8B, 0x8A, 0x73, 0x62, 0x37, 0x16, 0x02,
    0xBD, 0xC1, 0x0E, 0x56, 0x54, 0x3E, 0x14, 0x5F,
    0x8C, 0x8F, 0x6E, 0x75, 0x1C, 0x07, 0x39, 0x7B,
    0x4B, 0xDB, 0xD3, 0x4B, 0x1E, 0xC8, 0x7E, 0xFE,
    0x3E, 0x72, 0x16, 0x83, 0x7D, 0xEE, 0xF5, 0xCA,
    0xC5, 0x18, 0xF9, 0xD8, 0x68, 0xAB, 0x38, 0x85,
    0xA8, 0xF0, 0xA1, 0x73, 0x9F, 0x5D, 0x19, 0x0B,
    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
    0x33, 0x72, 0x39, 0x25, 0x67, 0x26, 0x6D, 0x71,
    0x36, 0x77, 0x3C, 0x20, 0x62, 0x23, 0x68, 0x74,
    0xC3, 0x82, 0xC9, 0x15, 0x57, 0x16, 0x5D, 0x81};
  • by daw ( 7006 ) on Friday January 21, 2000 @09:14AM (#1350440)
    > These folks have the law on their side. Like it
    > or not the DeCSS software publishes a trade
    > secret, the CSS encryption algorithm. This is
    > illegal. Plain and simple. ... it's just plain
    > against the law to publish someone else's trade
    > secret without their express permission.

    You, sir, are completely wrong. The argument you have just made is the one that has so far FAILED in federal court in California. The argument today in New York had nothing at all to do with trade secrets -- it was a copyright action. And it's not always or even usually illegal to publish a trade secret -- in fact, if you try to keep something a trade secret rather than secure proper patent or copyright protection for it, then it's essentially your responsibility, not the law's, to keep it a secret. If the secret escapes by legitimate means -- such as reverse engineering in Norway, a country where this is explicitly legal -- then it's your problem and you should have done a better job keeping your secret. This is the whole reason we have patents -- to convince people to disclose details of their ideas IN EXCHANGE FOR legal protection of them. If you instead want to keep it a secret, good luck, because the law affords you very limited protection.

    You can read much more about how trade secrets apply to this case in the filings from the California case available at But in the meantime you can rest quietly assured that you have absolutely no grasp of the facts or the law.
  • by Lemmy Caution ( 8378 ) on Friday January 21, 2000 @08:17AM (#1350441) Homepage
    One reason why the DVD coalition and the MPAA are so panicked - and why they are bringing their massive financial and personal resources (i.e., good old boy's network) to bear on this case - is that the DVD makers had assured the content producers that there would be no risk of piracy or unauthorized copying, that they had created a 'hack proof' technology and that the studios had no reason to fear moving their content over to DVD.

    Presto: the protection is compromised, and the DVD coalition is vulnerable to their (erstwhile) partner's legal fury. The content owners could sue the DVD makers right into their pockets for failure to come through on the protection of their content if the DVD coalition doesn't nip this in the bud..

    Now, you and me know that there's no way that they can nip this thing in the bud, that they should not have tried to sell disk encryption as part of the DVD package to the content people, but that's moot as far as they are concerned. In the long run, they are screwed, and they just want to take "us" down with them.

  • 2600 is calling for demonstrations against the MPAA, and I for one agree. We need to educate ordinary people on the fact that their right to free speech is in serious jeopardy thanks to the greed and stupidity of an organization (the MPAA) that fell for the DVD-security snake oil and can't admit that it's been had.

    • If you're not a member of EFF [] or the ACLU [], join now.
    • If you are a member, or want to be more active, contact your local 2600 cell or Linux User's Group and help to organize a demonstration.
    • If you have a DVD player, and you're too sick to even look at it, consider donating it to a local Geeks with Guns [] outing, in exchange for plenty of photos. Post them on a website, and mail them to DVD CAA and the members of the MPAA (listed on the 2600 announcement of the injunction []).
    • Consider buying a DeCSS source shirt []; or if you're really radical, consider becoming a DOE [] (one of the 500+ anonyous people mentioned in the first injunction hearing).
    • Boycott movies and videos until the MPAA drops the lawsuit!
    • Most importantly: SPREAD THE WORD to other geeks and non-geeks. This is too important for us to keep silent!

    This and the Etoy lawsuit are probably the most significant fights to hit our commmunity since the Clipper Chip fiasco. The lines are drawn, ladies and gentlemen; we need to fight with everything we've got to prevent Internet from becoming nothing but a huge, suburban shopping mall. Get involved in an historical fight and have something that you'll be proud to tell your kids and grandkids about, twenty years from now.

    TOYWAR []!!
  • by lordsutch ( 14777 ) <> on Friday January 21, 2000 @08:49AM (#1350443) Homepage
    I can hardly wait for the MPAA to try to go after a legitimate site (sorry, I don't think 2600 counts) or company. For example, VA Linux Systems hosts, which posts a copy of the DeCSS code, yet oddly enough VA hasn't been a defendant yet. Who cares about VA taking over SGI? I'd rather see them sue the pants off the MPAA; maybe they'd give up Disney to settle ;-).

    While they're at it, I'd like to see them sue Sima [], who market this neat little gadget [] that defeats Macrovision I and II (save cash by getting it from these guys []). It also cleans up the picture my DVD player puts out (tip: use the S-Video inputs whether or not you use S-Video for output; this stops you from using the bypass switch if you use the composite out, but that's a small sacrifice). Let's all watch the MPAA get laughed straight out of court when they go after people who have nothing to do with the WaReZ culture...

    (I'd also like them to sue someone who's running for Congress and who's posted several links that apparently violate the DMCA. Bring it on, MPAA; I could use the free publicity...)
  • by Black Parrot ( 19622 ) on Friday January 21, 2000 @09:04AM (#1350444)
    > These folks have the law on their side.

    It could hardly be more obvious that "the jury is still out" on that one. One judge issued a restraining order, another refused.

    Then, if it turns out that that these folks actually do have the law on their side, there is the highly relevant issue of whether the law is constitutional.

    Finally, there is the not-so-subtle distinction of having the law on your side and having right on your side. (Opinions will vary: I'm still out on that one, but at least I'm aware that the issue exists.) And for those who do think that right favors 2600 rather than the RIAA, there is always the fallback position of "nonviolent resistance". Thus you may well see people posting the link and going to jail for it, if they believe strongly enough in their own notion of right. It certainly wouldn't be the first time in history that this is happened, and a lot of social good has come from such sacrifices in the past.

    And of course... there's the orthogonal issue of how much sway a US judge's ruling holds in other countries. (None, I would hope!) I suspect that what we are seeing is a tiny facet of a decades- or centuries-long trend of the USA turning itself into a technological backwater because the system is set up so that neither innovations nor freedoms can be allowed to stand in the path of corporate profits.

    It's October 6th. Where's W2K? Over the horizon again, eh?
  • by SheldonYoung ( 25077 ) on Friday January 21, 2000 @08:52AM (#1350445)

    There are three essential elements to prove the existence of a trade secret: (1) it must be commercially
    valuable information, (2) not in the public domain, and (3) the subject of reasonable efforts to maintain
    its secrecy. Further, liability for trade secret misappropriation, to be effective, must extend not only to
    the actual misappropriator but also to all other persons who know or should know that they are the
    recipients of such information obtained by unauthorized acquisition, disclosure or use (third-party
    liability). Finally, there must be effective remedies including injunctive relief, damages, and ex parte
    seizure orders to prevent infringement and to preserve evidence.

    I contest there have not been reasonable efforts taken to maintain it's secrecy according to #3 above. Reasonable efforts would have consisted of using any of the widely available strong encryption algorithms.

    What they did would be equivalent to Pepsi including their ingredients list in the can, then telling you not to look. Just SAYING not to do it doesn't mean reasonable measure have been taken.

    If any thing, the should be suing Xing.

    You can maybe even argue that it's not even commercially valuable information according to #1. Producers of standalone players and DVD publishers still need to license the technology. They have not "lost" anything.
  • by porkchop_d_clown ( 39923 ) <> on Friday January 21, 2000 @08:25AM (#1350446) Homepage

    Sounds like time for a chain letter.

    Any body want to get it started?

    Hi! Please send this source code to your ten closest friends. If you do, The Justice Department will search your computer for free!

    Better yet - what about an Outlook Express virus that propagates the source code???

    (I can't believe I actually just suggested that. Must be the drugs. I had surgery the other week & I'm still in recovery.)


    Greetings New User! Be sure to replace this text with a
  • by SEAL ( 88488 ) on Friday January 21, 2000 @09:01AM (#1350447)
    Repeat after me: it was never copy protection.

    It was playback protection.

    DVDs must be decrypted to VIEW them. Therefore, only "sanctioned" players - ones that the MPAA had released a decryption key to - could play them. The encryption provides NO protection against copying, with or without DeCSS.

    I know this is pretty much common knowledge around here, but more of the mainstream media is starting to read this site. So they should hear it again.

  • by Mark F. Komarinski ( 97174 ) on Friday January 21, 2000 @08:23AM (#1350448) Homepage
    to join the EFF []. I just did. Time to put those RHAT, CORL, and LNUX profits to good use.

He's like a function -- he returns a value, in the form of his opinion. It's up to you to cast it into a void or not. -- Phil Lapsley