DeCSS Loses Free Speech Shield 613
JohnGrahamCumming writes "BusinessWeek/CNET is reporting that the California Supreme Court has ruled that 'a Web publisher could be barred from posting DVD-copying code online without infringing on his free speech rights.' They also say that 'the state Supreme Court ruled that property and trade secrets rights outranked free speech rights in this case.'" According to the article, this "...overturned an earlier decision that said blocking Web publishers from posting the controversial piece of software called DeCSS, which can be used to help decrypt and copy DVDs, would violate their First Amendment rights."
Still a shot (Score:5, Informative)
What's next? Arrest Securityfocus folks? (Score:5, Informative)
Err... trade secret rights?? (Score:5, Informative)
Re:What is this DeCSS? (Score:5, Informative)
It's not hard to copy DVDs (Score:5, Informative)
That's balogna, and everyone on Slashdot knows it. Just because the orginization is called the DVD Copy Control Association doesn't mean that the encryption used has anything to do with copying the DVDs. I can easily and full "cp /dev/dvd ~/copied-dvd.iso" without DeCSS. But you need DeCSS to access the content, which has nothing to do with copying (well, permenantly), only playing.
illegal prime (Score:5, Informative)
8565078965 7397829309 8418946942 8613770744 2087351357
9240196520 7366869851 3401047237 4469687974 3992611751
0973777701 0274475280 4905883138 4037549709 9879096539
5522701171 2157025974 6669932402 2683459661 9606034851
7424977358 4685188556 7457025712 5474999648 2194184655
7100841190 8625971694 7970799152 0048667099 7592359606
1320725973 7979936188 6063169144 7358830024 5336972781
8139147979 5551339994 9394882899 8469178361 0018259789
0103160196 1835034344 8956870538 4520853804 5842415654
8248893338 0474758711 2833959896 8522325446 0840897111
9771276941 2079586244 0547161321 0050064598 2017696177
1809478113 6220027234 4827224932 3259547234 6880029277
7649790614 8129840428 3457201463 4896854716 9082354737
8356619721 8622496943 1622716663 9390554302 4156473292
4855248991 2257394665 4862714048 2117138124 3882177176
0298412552 4464744505 5834628144 8833563190 2725319590
4392838737 6407391689 1257924055 0156208897 8716337599
9107887084 9081590975 4801928576 8451988596 3053238234
9055809203 2999603234 4711407760 1984716353 1161713078
5760848622 3637028357 0104961259 5681846785 9653331007
7017991614 6744725492 7283348691 6000647585 9174627812
1269007351 8309241530 1063028932 9566584366 2000800476
7789679843 8209079761 9859493646 3093805863 3672146969
5975027968 7712057249 9666698056 1453382074 1203159337
7030994915 2746918356 5937621022 2006812679 8273445760
9380203044 7912277498 0917955938 3871210005 8876668925
8448700470 7725524970 6044465212 7130404321 1826101035
9118647666 2963858495 0874484973 7347686142 0880529443
extract it with:
#!/usr/bin/perl
use LWP::Simple;
use Math::BigInt;
my $html = get("http://www.utm.edu/research/primes/curios/48
my($prime) = $html =~ m{
Re:Err... trade secret rights?? (Score:5, Informative)
For this reason trade secret law is, in many ways, much more powerful (and restrictive to the general population) than copyright.
Story also on SF Gate (Score:2, Informative)
Determination by Who? (Score:3, Informative)
Now that there is another trump suit over the right to free speech (I guess that "national security", "libel", "slander" and no "Fire! in a crowded theatre are additional reasons), I have to wonder whether there will be cases where free speech is suppressed for less than reasonable cause.
For example, the Co$ has maintained that certain of its documents are trade-secrets.
Corporations could shield a great deal of signficant information under the guise of trade-secrets, such as advice that Enron executives gave to VP Cheney concering energy policy (the US federal government has already dismissed attempts to release those conversation under the FoIA).
Judges pretty much try to interpret law. What this ruling indicates is the need for legislative review, debate, and possible modification of the law:
If IP is taken to an extreme, there will be issues cropping up where information, as coded in genetic expressions, will become someone's intellectual property and "reading" it by overcoming some supposed obstacle would be a crime.
As I explain to my non-techie friends (Score:4, Informative)
Re:The solution (Score:3, Informative)
Jason
ProfQuotes [profquotes.com]
Re:illegal prime (Score:3, Informative)
Re:Trade secret case depends on Norway (Score:5, Informative)
But they might decide to drop the whole case because the possibility for failure.
The case will anyway only (in Norway) be off historical interest since Norway anyway probably will addopt the new Infosoc directive from EU planned to take affect from January 2004.
But the way it is today, Johansen is not sentenced for anything and per se not guilty according to Norwegian laws.
Re:The solution (Score:2, Informative)
Our legal system has already tested it's power
abroad. Anyone offering our citizens something
that is illegal in this country can be tried in the US.
As well, if you are a US citizen, and are
currently living in the US, you can not host a
website on a, say Australian server, that hosts
content that is illegal in the US, since you
yourself are uploading the data from the
US as an origin.
Re:Err... trade secret rights?? (Score:2, Informative)
You're wrong. ;)
Trade secret law is generally a state law issue, although there is a Federal anti-espionage law on the books, too, I believe.
Generally, something's a trade secret if it was secret initially, you made reasonable efforts to keep is secret, and it's commercially valuable. The formula for Coke, for example, is a trade secret.
Of course, if you let it out into the public domain, there's nothing you can do. Liability can only arise if there's a breach of confidence or if improper means were used to discover the trade secret. Continuing with the Coke example, if someone who was given the formula in confidence gives it away, they're liable. Similarly, if somebody breaks into the Coke building and takes the formula, they're liable.
However, people other than those who breached the confidence or used improper means can still be liable if they knew it was a trade secret. So if Generic Cola Maker buys the formula, knowing that it was stolen, and starts selling soda made with the Coke formula, they're liable too. You can be liable even in the absence of knowledge, although the remedy in that case is often an injunction against using the trade secret, rather than damages.
Not saying that this body of law sits well with me, but hey, there's a poor summary of it.
Re:Mod Parent Down (Score:2, Informative)
Unfortunatly this isn't funny, it is true.
The trade secret status is still doomed (Score:5, Informative)
My licensees then start to sell boxes that contain my idea inside of them. The boxes are difficult, but not impossible, to open. They sell these boxes far and wide, to anyone who wants them, without any contractual terms. You can walk into a store and anonymously buy one of these boxes with cash.
Someone eventually opens one of the boxes and peeks inside to see how it works. He happens to have picked one of the easier-to-open boxes, but really, all of the boxes were openable. It was just a question of how hard someone was willing to work.
Did I exercise due dilligence in keeping my idea a secret?
That's about how solid DVDCCA's trade secret is: not at all. The widespread publication of the already-reverse-engineered DeCSS isn't what screwed them. The sale of DVD players themselves is what doomed them. As soon as the first DVD player was sold to an end-user without any contractual obligation to keep the inner workings a secret, the DVDCCA had lost control of their secret. Anyone could have opened their box, even here in USA. Some guy in Norway just happened to be the first to get the glory.
That this loss of control was known about in advance (the whole point was that consumer electronics would implement the algorithm) rather than one of their licensees surprising them by producing a DVD player, is devestating.
If they wanted to keep CSS as a trade secret, they should have made it so DVDs could only be played in theaters, with the descrambling happening on equipment that was under control of people with whom they had secrecy agreements.
Screw that. (Score:3, Informative)
Permission granted to spread this link around.
Cry me a river (Score:1, Informative)
I think its safe to say that this guy is a flight risk.
Its also safe to say that this guy's fate in the US wouldnt have been any better except for the chance of prison rape which is highest in the US.
Hey, whenever we cross the border to get some cheap cigs in the US, we have the inside of our windows scraped. Getting your car taken away because the asinine War on Drugs' zero tolerance is only one of the stupid things that can happen to you.
The WOD sucks everywhere but no matter how bad the french and the swedes are, NO ONE is remotely close to the gulag down south....says the man whose 'democratic' country next door already knows who the next leader will be even though the leadership races arent even finished.
zack
Prof (Score:3, Informative)
He also has the scientology documents that slashdot censors [theregister.co.uk], which you can read here [cmu.edu]
Dr Touretsky also received a cease and desist letter [cmu.edu] from COS in an attempt to remove the material, but I guess he wasn't more worried about spending his dot com millions than setting a horrible precedent by caving.
Re:It's not hard to copy DVDs (Score:2, Informative)
Re:Something I've always wondered about.... (Score:3, Informative)
Furthermore, various forms of CD/DVD copy protection entail putting necessary data on the media that violates checksums or table of contents information, so your CDROM drive will "correct" those errors, leaving you with a bad "copy". It is the player, since this whole DeCSS controversy arose because the Norweigian kid wanted a DVD player for Linux when there were none commercially available, so wrote one himself.
Re:Here's what the court really wants ... (Score:3, Informative)
Revealing a trade secret is only illegal if you either obtained knowledge of the secret by illegal means or if you are breaking a contract (NDA or similar) by revealing it.
The big question in this case is whether reverse engineering is obtaining a trade secret by illegal means. It is fairly obvious that it shouldn't be (and earlier cases have confirmed this), but there is a risk that courts may decide that under current legislation (DMCA etc.) it is.
Re:Err... trade secret rights?? (Score:3, Informative)
The encryption was broken because of the stupidity of a particular company. One key was found because of the stupidity and the rest were figured out because of the low-strength of the keys. (40 bit?)
Re:Which came first? (Score:3, Informative)
United States Constitution, Article I, Section 8:
Clause 8: To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
Re:Good. (Score:3, Informative)
The issue is about protecting snake-oil. Look at the patterns of these laws - from Felton to Sklyarov - refuting claims of "being secure" is becoming illegal; any business model, no matter how far-fetched, is protected. The people creating the flaws are held harmless; the people who point them out are crucified.
Case and point - find an open WAP in the parking lot of a large retail store. Walk inside, and see the "PC Cash Registers" are using it, broadcasting credit card info etc. free and clear. You don't know this, but the jerk who set it up believes a MAC filter is adequate to prevent harvesting.
You gonna tell the people in the store? You sure as hell cannot tell the customers.
Re:Outrageous Outranking (Score:4, Informative)
Article I, Section 8:
Clause 8: To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;
Re:Good. (Score:3, Informative)
Source code is protected speech under US law I believe. From Dave Touretzky's gallery of DeCSS scramblers [cmu.edu]:
The Clock Is Ticking for DVDCCA (Score:3, Informative)
This is still bad news for the DVDCCA becuase their trade secret is no more. In the dissent, one CA Justice was ready to declare it then and there. The majority of justices thought it better to let the Court of Appeals make that determination. It is appealable again after that.
The opinion says that this is a narrow decision. All it says is that there are some circumstances when the courts can order non-disclosure against some individuals.
Re:It's not hard to copy DVDs (Score:3, Informative)
CSS was a way to enforce 'region controls'. Belive it or not this sort of thing is actually illegal in many countries. Now however they positioned it in such a way that it was for 'copyright' control. To keep those nasty pirates at bay. Like they say follow the money and you will find who benifits the most from this system being in place. I can tell you it is not the consumer.
It was never about stoping people from copying. It was about makeing sure they get your last dollar out of you.
Now the 'unlock the drive' is a way they have tried to continue to enforce the CSS schema. The drive actually looks at the data on the DVD and decides after so many plays its a 'region x' type drive. It will show up as data that does not read correctly for 'unknown regions'.
All DeCSS does is remove the region controls and the encryption they used for it. ANY dvd drive can read any disk. The software (players) and firmware (drives) is the only thing that enforces the 'read error' problem. That is why they do not like DeCSS. As there are drives out there that just ignor the region control part and just shovel data like they should.
There are people out there that have access to the ablity to make dvd18 disks. Do you think they care one iota about DeCSS? They can blast the whole disk bit for bit and still sell them. And the disk will work just fine in any properly regioned dvd player. There are also players out there that are 'region free'. Meaning they can play any disk from any part of the globe.
Re:It's not hard to copy DVDs (Score:1, Informative)
Re:Laws laws laws. (Score:3, Informative)
You not only own the disk, but you own the data as well. What you don't own is the right to duplicate that data for most reasons. The reason this is important is that you don't need a license to use something that you own.
It's like a book. They don't put after-sale restrictions on books because the courts ruled that they could not.
As copyright law has special provisions for copying that is required in use (copy a game to the HD, or a movie into RAM and into video RAM, etc) there's no unlawful access involved in decrypting a DVD and copying it to the HD for viewing.
Doing anything with it after this, re-encoding it for instance, might be problematic, but the actual use of DeCSS to decrypt it and make it watchable is perfectly legal.
btw, because you're perfectly entitled to use copyrighted works that you bought, including copying them as necessary, you don't need to agree to EULAs. They're after-sale contracts which have never been valid.
Re:Why is it a bad precedent? (Score:3, Informative)
Absolutely nothing. But what does this have to do with this case?
Your analogy is not apropos. The author of DeCSS did not break into anything, nor steal anything, nor copy anything. He did a bit of clever reverse-engineering, nothing more.
Now, could this still constitute revealing a trade secret? Maybe. The real trade secret is in the encoding algorithm itself, which a decoding algorithm cannot help but reveal. So I will agree that there is a trade secret issue here, but the tone of your example makes it sound like it was done for malicious intent and thus should be the sole grounds to stop it.
From an ethical point of view, we have to consider the fact that the programmer did not do this for personal gain, other than to be able to play legally purchased DVDs on a system not normally supported for such playback. Might be a stretch, but one could argue that this is legal under the DMCA as it involves interoperability.
Re:It's not hard to copy DVDs (Score:5, Informative)
I'm glad someone else caught this. It's a bit disturbing when even the Slashdot posting describes DeCSS as "DVD-copying code". DeCSS would not be necessary to make exact copies, and while it could be useful for other types of copies (like downsampling), its main use is not for copying, but playback.
Obviously, this is not the way the RIAA wants people to think of DeCSS. It's much harder to demonize a DVD playing program than some kind of copying tool used by Nasty Evil Pirates. The fact that when DeCSS is mentioned the latter comes to mind, even for a Slashdot poster or tech journalist shows just how effective the RIAA's propaganda really is.
To win this battle, it has to be recast not as a fight for our right to bootleg movies, but put the focus on the legitimate questions that have nothing to do with copying anything.
Re:Something I've always wondered about.... (Score:4, Informative)
I dont quite get how DVDs are protected. Its more complex than just saying use DeCSS as I understand it. or maybe I dont understand it.
There are two layers of "protection".
First, the player and drive perform a mutual authentication process [tinyted.net] (although one has to wonder why a player would ever care to verify that the drive is an "authentic" DVD drive). A "proper" drive should refuse to operate until after this authentication process has been performed. Also, after the authentication sequence, the drive will provide the disk key, if asked.
Second, after the drive is unlocked, the actual data streams must be decrypted. Normally (i.e. with an authorized player) the way this works is that the player retrieves a set of encrypted copies of the disk key, one of which is encrypted with it's player key. After retrieving the disk key, it can then decrypt the title keys, which are then used to decrypt the data stream.
However, that's not how most unauthorized players work. They still do the authentication step, but when it comes to decryption they don't bother with using a player key to get the disk key to get the title keys... instead they just attack the data streams and compute the title keys. This is possible because CSS really, really sucks. It's vulnerable to a known-plaintext attack with a trivial amount of known plaintext and there's plenty of known plaintext in the DVD sector headers.
The "just attack it" approach is why open source DVD players are a little slow to play a DVD the first time they see it. Most (all?) of them use libdvdcss which caches the keys so that the next time it sees the disk it won't have to do it again (on my box, the caches are in ~/.dvdcss). However, on modern machines, the crack time is almost negligible, so users may not notice the difference, given that it takes a few seconds for the DVD to spin up anyway.
For example, on my 800MHz PIII laptop, libdvdread (with libdvdcss) reports that it took seven seconds to decrypt all 8 title keys for a DVD I had handy. My laptop actually starts playing a movie much *sooner* than either of my "real" DVD players.
Seven seconds to crack all of the keys on a three year-old laptop. Sheesh. I guess as a user I should be glad the cryptography is so bad, but the security geek in me really wants to slap the creator(s) of CSS around some.
I really, really want to meet the guys who designed WEP.
Re:Mod Parent Down (Score:2, Informative)
Not according to the Saudi Embassy [saudiembassy.net]:
"Forbidden items include alcohol, narcotics, weapons, ammunition, pork and pornography. Prescription drugs must be documented. Makkah and Madinah hold special religious significance and only persons of the Islamic faith are allowed entry."
Re:Your order seems backwards (Score:3, Informative)
The Bill of Rights enumerates specific rights not defined in the original 1787 Constitution and are additions. They modify neither articles, sections nor clauses of the Constitution.
The 17th Amendment modifies (actually, supercedes) the text of Article I, section 3 of the Constitution. As an Amendment, it has precedence over the text of the original document.
Amendments may also modify other Amendments. The 18th Amendment allowed for laws to prohibit the manufacture, sale, transportation, importation and exportation of intoxicating liquors. That one was so big a failure it was specifically repealed by the 21st Amendment.
Re:Trade secret case depends on Norway (Score:2, Informative)