Blogger Threatened For Publishing JS Hack

An anonymous reader writes "Internet radio station Atlanta Blue Skye LLC has warned a Romania-based technology enthusiast that his blog has been 'copied' and turned over to its lawyers. The issue stems from his posting of a widely known workaround for bypassing JavaScript functions that try to disable a mouse's right-click context menu functionality, and the radio stream information gathered from the Properties function of Windows Media Player."

Lets just hope that

[zappepcs (820751)]

the Atlanta Blue Skye LLC company are irreparably harmed financially when they are hit with the clue stick. There is NO way to suppress information on the Internet globally, and those who try to are more ignorant of the facts than should be believable.

I'd like to think that's true

[ebbomega (410207)]

But the DMCA has other ideas:

http://www.eff.org/IP/Video/MPAA_DVD_cases/ [eff.org]

Attention Americans:

[Rix (54095)]

Your laws do not apply outside your borders.

Re:Attention Americans:

[Joebert (946227)]

Dems fightin' words !

Re:

[trianglman (1024223)]

Which is why internet law needs to be moved to a more global organization. As it stands now, when you break an American law online, do American laws apply because the law is being broken in America, or not because the person breaking it is out of America? AFAIK, all of Blogger's hosting happens inside the US, which, depending on interpretation, could mean that this blogger committed a crime in the US, and just happens to be currently outside of the country (like if I robbed a bank and ran to Mexico).

Re:Attention Americans:

[dheera (1003686)]

in this case, though, publishing a javascript hack isn't a crime even in the US. if i'm legally provided with data, i'm free to render the data to myself however i want, and others are free to publish tips on how to render data.

Re:Attention Americans:

[trianglman (1024223)]

depending on the DMCA and how it gets applied, or more appropriately how the lawyers attempt to apply it. IANAL, but it could be argued that the JS protections built into the site to keep this information obfuscated falls under DCMA protections against hacking around protections.

As an aside, I am against the DCMA and think lawsuits like this are complete BS. Unfortunately, I am not in charge and so I have to deal with the laws as is until an appropriate opportunity to really affect change presents itself (those who would yell "Vote!" at me (either with my pocket book or in an election) simplify the issue and don't realize that it goes deeper than that.)

Re:Attention Americans:

[shellbeach (610559)]

Your laws do not apply outside your borders.

Actually, they sadly apply within Australian borders [slashdot.org], too.

Re:

[falconwolf (725481)]

Your laws do not apply outside your borders.

The current US admin certainly seems to think US laws apply everywhere, er make that their idea of what the law should be.

Falcon

You'll change your mind

[HangingChad (677530)]

Your laws do not apply outside your borders.

You'll change your mind when our fully operational Death Star is orbiting over your crapass country. Lord Cheney will deal with you personally with his Light Shotgun.

It's as if thousands of people cried out all at once...but since they don't speak English we didn't understand a word they said. They're fereners anyway. It's the price of Democracy.

Re:Lets just hope that

[rook2pawn (1104379)]

Suppose the Atlanta blue Skye LLC knew they were launching a claim that ignored basic realities, including basic realities of the internet, that is distribution of information and how-to; If this can be shown to be the case, then the Atlanta Blue Skye LLC should be open to frivoulous lawsuit charges. Here are the merits of such a case: 1) There are 1,420 web pages that include the term "Bypass Javascript" (from google.com) 2) As the other posts have mentioned, even major browsers have ways of disabling script. This clearly represents the realm of basic technical understanding. To not know this, and then suppose that doing so would be illegal, is to ignore what has long been established by the major shapers and designers of the modern internet. This is what counts for frivolousness.

Re:Lets just hope that

[FLEB (312391)]

Still, though, just as a crackable WEP WiFi point is no longer a "open invitation", circumventing an access-control device that is easily circumvented does not mean that it was open.

I think a better argument would be that there was no "hacking" of a poorly-made access-control mechanism, because the mechanism was flat-out not an access control device in the first place.

Interpretation and execution of the JavaScript language that the right-click blocking used is an optional browser feature, so the blocking itself is inherently optional. Furthermore, the feature of JS that they were trying to exploit (the modality of the alert() box) is not specified as an access control feature, nor is it specified (and it's certainly not guaranteed) to function in a manner that would control access.

Shift key DMCA strikes again?

[Aereus (1042228)]

Isn't this kinda equivilent to the guy who received a DMCA notice for holding down the shift key while inserting a CD in order to not load the DRM installed on it?

Oh noes

[Dachannien (617929)]

Maybe they should turn this [mozilla.org] over to their intrepid band of lawyers.

Re:Oh noes

[arodland (127775)]

Or the entire Opera browser, which has a preference (enabled by default) that disallows scripts from handling right-click events.

Re:Oh noes

[duguk (589689)]

So does firefox... Tools, Options, Content, Javascript - Advanced

Re:Oh noes

[Kadin2048 (468275)]

True. However, it's easy to find out if a user has completely disabled JavaScript -- browsers like Firefox let you selectively disable various "features" of JS, so you can keep doing scripts from annoying things (resizing windows, eliminating the address / tool bars, right-click context menus, etc.) without disabling script behavior. This makes sure that your browser looks like one that's using JS, so it won't fail any "JavaScript is required to view this page!" asshattery, but you'll still be able to retain control of your browser.

They broke the law

[by Anonymous Coward]

They copied his blog? That's copyright infringement - and that's against the law. It's no different to walking into a store and stealing a CD.

BY-NC-SA

[reality-bytes (119275)]

Mr Radu-Cristian Fotescu appears to have licensed his work under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 [creativecommons.org] license which would allow the radio station to copy his work.

However, it does not allow for commercial exploitation of his work so we enter a grey-area. Is the use of his work to prosecute a lawsuit for monetary damages a commercial exploitation of his work?

Re:BY-NC-SA

[byolinux (535260)]

3. License Grant. Subject to the terms and conditions of this License, Licensor hereby grants You a worldwide, royalty-free, non-exclusive, perpetual (for the duration of the applicable copyright) license to exercise the rights in the Work as stated below:

      1. to reproduce the Work, to incorporate the Work into one or more Collective Works, and to reproduce the Work as incorporated in the Collective Works;
      2. to create and reproduce Derivative Works;
      3. to distribute copies or phonorecords of, display publicly, perform publicly, and perform publicly by means of a digital audio transmission the Work including as incorporated in Collective Works;
      4. to distribute copies or phonorecords of, display publicly, perform publicly, and perform publicly by means of a digital audio transmission Derivative Works;

You may not exercise any of the rights granted to You in Section 3 above in any manner that is primarily intended for or directed toward commercial advantage or private monetary compensation.

"Enthusiast"

[antic (29198)]

"Romania-based technology enthusiast"

Is that what we're calling them now? ;)

Re:They broke the law

[AlgorithMan (937244)]

They copied his blog? That's copyright infringement

yes, WE laugh about that joke, because its such a ridiculous idea
but if he did the same thing vice versa, he'd be facing another lawsuit...

It wasn't Javascript the issue...

[Midnight Thunder (17205)]

The fact that he worked out a 'Javascript hack' wasn't the issue. The issue was that people actually wanted to listen to their radio stations ;)

I don't want to license my stuff from anyone.

[headkase (533448)]

My electricity, my computer, my browser, my choice. If I don't want my browser to disable the context menu then that's my decision. And some company disabling the browser's context menu without Law to back them up really pisses me off. In the IP gold rush the US initiated, people are trying to own every little facet of information that we used to just take for granted being free. Locking everything up may or may-not benefit the economy but it sure-as-hell prunes cultural-enjoyment (ie. a more limited musical taste due to finite resources to acquire content) and development (ie. remixes and interpretations) in the long-term.

Fuck them.

[by Anonymous Coward]

I don't know if there's anything more annoying then some shitty website that tries to block secondary mouse button clicks (maybe those shitty websites that use the word-highlighting advertising that pops up some fucking shit when your roll over the words). For all the cool stuff that JavaScript can enable, sometimes I think it might be worth it to get rid of it if we could wipe stupid fucking shit like this off the face of the planet.

Re:

[DrSkwid (118965)]

The browser you use is clearly not written with end users in mind, try a different one. There are plenty to choose from.

The web is about the user

[by Anonymous Coward]

The user is in control of web content or any code a website decides to run on the client, clueless bullshit like this isn't even funny.

In other news, the recent js dependent google.com facelift is less useful to me because I have javascript disabled. It seems that most sites expect users have javascript enabled these days, sad that google deliberately broke their site. If I don't know if I can even be bothered hacking a functional interface when there are other search engines that work perfectly.

The user is in control of their machine, not the web site!

Re:

[Joe The Dragon (967727)]

the spyware people are doing that.
http://yro.slashdot.org/article.pl?sid=07/05/19/03 51234 [slashdot.org]

Oh yea?

[Wonko the Sane (25252)]

I have a method for bypassing advertisements on all forms of television currently in existence:

When the commercials start: go to the bathroom, get a snack/drink, perform small errands, talk to other people in the room.

Be careful, not scrupulously watching every single advertisement makes you a criminal pirate thief.

Re:Oh yea?

[QuantumG (50515)]

talk to other people in the room.

Be careful, some people get upset and tell you to be quiet, they're watching the ads.

Female people.

Stealing!!!!

[bill_mcgonigle (4333)]

When the commercials start: go to the bathroom, get a snack/drink, perform small errands, talk to other people in the room.

You're violating your contract [2600.com], don'cha know?

"Hacker Calisthenics"

[The Wicked Priest (632846)]

Possibly the best thing to come out this will be the complainant's phrase "hacker calisthenics". Let's all use it!

Hey, let's all do the time warp...again!

[XahXhaX (730306)]

What year is this, 1998? Trying to block right clicking as a means of 'protection'? That puts you on par with Geocities members pre-2000, and about one minor step above using js to spoof the status bar or hide the address bar. I suppose next they'll be petitioning the ISPs for surveillance to see who's been viewing their page source, claiming it as violation of 'trade secrets'.

Re:Hey, let's all do the time warp...again!

[Ajehals (947354)]

I suppose next they'll be petitioning the ISPs for surveillance to see who's been viewing their page source, claiming it as violation of 'trade secrets'.

FBI -> ISP: We need information on any individual who has had access to the html or js source of these websites
ISP -> FBI: Well, ahem, everybody who views the site has access to the html or js source
FBI -> ISP: Everyone?
ISP -> FBI: Well yeah, you see when the user visits a site the browser requests the page, and the server hosting the page will send the html source, then the browser will render the source to look nice for the viewer... you can hide some of the logic with php, jsp or asp and other server side...
FBI -> ISP: But if they can see the source then could they make copies...?
ISP -> FBI: Well yes but...
FBI -> ISP: They would know all the secret techniques used to make the site?
ISP -> FBI: Well yes, but as I was going to say...
FBI -> ISP: Well that makes it easier thanks. Bye

1 week later:

'The BBC has learned that a large number of extradition requests from the US government relating to British subjects and other non US-nationals breaching Trade Secret, Copyright and Terrorism laws, this is after it was alleged that people are illegally viewing web pages.

This comes after the US issued Arrest Warrants for 3.7 billion individuals globally on Monday. A Spokesman for the DHS is quoted as saying:

  "Well if everyone can see how stuff works, they could copy it, and if they copy it they could use it, and if they could use it they could mislead people. Misleading people is not nice and causes angst, angst is like fear, and fear is a bit like terror. Terror is caused by terrorists, therefore viewing web pages is terrorism. Also children may be harmed in some way."'

Umm...

[The MAZZTer (911996)]

View -> Page Source? I mean, that's the main thing they usually wanna block by blocking the context menu anyways. Or how about CTRL+U? Let's see you block that!

Or how about Tools -> Options -> Content -> JavaScript -> Advanced -> Disable or replace context menus? That's even a more direct way to stop it!

Of course this is Firefox. I'm sure none of the other major browsers such as IE7 (Page -> View Source / View -> Source) or Opera 9 (View -> Source / CTRL+F3) have easy ways around this, thus the cause for concern over the "hack".

Let's also not forget that any JavaScript is essentially open source, since it can't be compiled (obfuscated, maybe, but even then you can usually figure it out) and new JavaScript functionality can be added and existing functionality changed (or "hacked" as it is so ineloquently put) and tweaked to suit a user's needs through tools such as Greasemonkey.

Re:

[partenon (749418)]

Let's also not forget that any JavaScript is essentially open source

Hold on, Cowboy... The fact that javascript can easily be viewed doesn't make it open source. Don't mess the things up :-)

Re:Umm...

[coaxial (28297)]

Actually, it doesn't.

"Open source" means you have the right to redistrubute the original work, or make derivitive works from the the original and redistribute those. "Free software" is open source software with the additional restriction that you must distribute the source code of any derivitive work made from similarly licensed work.

However, merely possessing, the source code, does not make it open source. It never has, and it never will.

I can make (and actually have made) proprietary Perl scripts. I simply tag them "Copyright 2007 ALL RIGHTS RESERVED." In order to run this code, you must have the source code. (Yeah I could obfuscate it, but let's say I didn't.) While you may have the source code, you are not allowed to redistrbute it, you are not allowed to make derivative works from it (i.e. hack it), and you can not copy portions of it into your own work (another kind of derivative work). Practically speaking, you could, but legally you are not allowed to. And if I found out that you did, I could bring a whole world of legal hurt down upon you.

Since the beginning of UNIX, source code was the prefered distribution method of all software, open and closed. The reason was that each environment was so different, it was simply impossible to distribute binaries for every permutation, so you just sent the source code and compiled it. Open source was just removing the artifical barriers to what many were already doing.

Anyway copyright is on the software itself, not the specific form it takes, source or binary. It's just a like a book. The story is what is copyrighted, not the fact that it's the story packaged in 6" x 7" pages filled with 10 point Times.

Might not even be a legitimate email

[Evets (629327)]

The original email message is posted here [beranger.org]. The message headers are as follows:

X-Originating-IP: [209.86.89.64]
Return-Path:
Received: from 209.86.89.64 (EHLO elasmtp-curtail.atl.sa.earthlink.net)
  (209.86.89.64)
by mta103.mail.re3.yahoo.com with SMTP; Mon, 14 May 2007 05:09:00 -0700
Received: from [65.37.133.42] (helo=NewLaptop.eathlink.net)
by elasmtp-curtail.atl.sa.earthlink.net with asmtp (TLSv1:AES256-SHA:256)
(Exim 4.34) id 1HnZMJ-0001Gv-Hd for xxxxxxxxxxx@yahoo.ca;
Mon, 14 May 2007 08:08:59 -0400
Message-Id:
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Mon, 14 May 2007 08:08:58 -0400
From: "Jazz Colors"

The Text of the message:

Your Blog, which we have copied, has been turned over to our lawyers.
You should plan on a response from them shortly and a visit to
Atlanta to be present in court. I am not allowed to make any further
statement regarding this matter at this time.

This doesn't look like a legitimate email to me in the least - from the earthlink origination to the cheesy wording of the message. Sounds like Slashdot has either been blog-spammed, or this guy is another chicken little [slashdot.org].

What the... heck?

[ZorinLynx (31751)]

You'd think a station would be all for something that brings it more listeners and thus more advertising revenue.

Are they completely out of their minds? If someone told me that the way my site is implemented prevented some people from listening, the FIRST thing I would do would be to fix my site, and the second would be to thank the person for getting me more listeners!

Idiots. Yet I'm still listening to their station, on my Mac, because they're actually playing pretty good music. :)

-Z

Right mouse button?

[noidentity (188756)]

What's this "right mouse button" you speak of?

Sincerely,
Mac user

Re:

[Skapare (16644)]

It's an illegal anti-DRM device outlawed by the DMCA. If you ever see one, be sure to stay far far away.

Message is a fake

[knarf (34928)]

Check the Received: header and see for yourselves:

Received: from 209.86.89.64 (EHLO elasmtp-curtail.atl.sa.earthlink.net) (209.86.89.64)
by mta103.mail.re3.yahoo.com with SMTP; Mon, 14 May 2007 05:09:00 -0700
Received: from [65.37.133.42] (helo=NewLaptop.eathlink.net)
by elasmtp-curtail.atl.sa.earthlink.net with asmtp (TLSv1:AES256-SHA:256)
(Exim 4.34) id 1HnZMJ-0001Gv-Hd for xxxxxxxxxxx@yahoo.ca;

A lawsuit announced through an earthlink account? With a typo in the domain name? helo=NewLaptop.eathlink.net? Eathlink?

Sure. Nice try. Next time don't be so gullible.

Re:Sympathetic Defendant?

[KokorHekkus (986906)]

Word of advice to those who blog about corporate enterprises... if you get a notice from a company threatening suit for whatever you said, take it seriously and get some legal advice...

Yeah... like checking if the legal notice actually applies to your jurisdiction. EU laws don't apply to the US and US laws don't apply the the EU.

Re:

[KokorHekkus (986906)]

Any legal notice still needs to be issued within respective jurisdiction. Otherwise it carries no legal weight.

Re:Sympathetic Defendant?

[QuoteMstr (55051)]

Rude assholes deserve protection of the law as much as anyone else.

Re:Sympathetic Defendant?

[A beautiful mind (821714)]

Repeat after me: Romania is not part of the USA. Defamation, jury and other shit like that doesn't apply.

Re:

[Skapare (16644)]

YOU also need to take this case in context. For many other cases, what you say makes sense. For this one, not so much. To start with, what he is "revealing" is already well known. So it could well be argued that the company is specifically targeting him just because he happens to like their music.

But the really big issue here is that so many companies are just so utterly clueless about several things. They are clueless about technology. They are clueless about security. They are clueless about the i

Re:Romania?

[Joebert (946227)]

Is that like one of those less known states in the USA?

Kinda like Idaho, but with lettuce instead of potatoes.

[offtopic] Lisp

[QuoteMstr (55051)]

Lisp is actually doing quite well -- check out cliki.org, as well as the SBCL project.

It's not so obsolete a language as you seem to imply.

In further idiocy...

[cbhacking (979169)]

They at least hid the actual embed in an iframe, so you can't just see the stream URL by selecting View Source (which doesn't need right-click at all!). Of course, the iframe URL is in the page source, so you can navigate to that page DIRECTLY and voila! there is your player (without any ads) and, of course, you can view source that page and see the embedded player's URL (again, without right-click, which is still disabled in IE). The URL for the player (128kbps) is http://www.atlantabluesky.com/jazz/DISPLA [atlantabluesky.com]