Is Microsoft Using RIAA Legal Tactics? 239
Nom du Keyboard writes, "CNET reports, 'Microsoft has filed a federal lawsuit against an alleged hacker who broke through its copy protection technology, charging that the mystery developer somehow gained access to its copyrighted source code.' Looks to me like since they can't figure out how else he's doing it, they'll sue on this pretense and go fishing for the actual method through the legal system. They clearly have no proof yet that any theft of source code actually happened. This smacks of the RIAA tactics of sue first, then force you to hand over your hard drive to incriminate yourself. Isn't this something the courts should be putting a stop to at the first motion for dismissal?" Viodentia has denied using any proprietary source code, according to CNET.
Why is it so hard? (Score:3, Interesting)
Re: (Score:2, Insightful)
Re:Why is it so hard? (Score:5, Insightful)
Although it's not like MS and Apple aren't, the RIAA is simply interested in money and control, not information. This isn't RIAA style extortion so much as Apple style ass-backwards investigatory tactics.
The real reason for this lawsuit (Score:5, Insightful)
Re:Why is it so hard? (Score:5, Insightful)
Shouldn't DRM be uncrackable even with access to source code? Just like open source encryption methods?
Re:Why is it so hard? (Score:5, Informative)
Quite the contrary -- all DRM should be crackable even without access to the source code.
Ultimately, if you have the ability to "play" the content, you can beat the DRM -- because that's what playing the content is, decrypting it. If you (your computer) can decrypt the content, then you can decrypt the content. Simple!
The distinction between which program on your computer can decrypt the content is *solely* one of obscurity and not one of encryption at all. You have the encryption key -- you can decrypt the content -- the only thing that's preventing it is obscurity of the location of the key, and the methods of the encryption algorithm. Both of those are Security Through Obscurity and are a bad thing. It's also why DRM will never actually work until the hardware gets on board.
Because you always have the key, you can always decrypt it.
Re:Why is it so hard? (Score:5, Interesting)
Re:Why is it so hard? (Score:5, Insightful)
You'd think they were building killer cyborgs... (Score:5, Interesting)
I found one claim in there particularly interesting:
I wonder...why is that, exactly? Why is Vista such a massive project?
It's a serious question. I mean, it's not like they're building HAL-9000 here. It's an OS. A microcomputer OS. Which really, as far as I can tell, doesn't do a whole lot more than a bunch of other OSes that are on the market already. What does it do that's so much more complex, fundamentally, than what OS X does? Or Linux? Or any number of other OSes? Why, exactly, is it such a freaking huge project?
If the size estimates [wikipedia.org] I'm reading are accurate, at 50 MLOC, Vista is still smaller than OS X at 80 MLOC (comparisons to Linux are tougher because when someone says "Debian has 160 MLOC," it's not clear if that's just the base system or including all the applications or what). Admittedly, OS X borrowed a lot of code from NeXT, but Microsoft has a lot of code they could steal from previous Windows versions and other projects. If they chose not to, then that was a conscious management decision on their part.
If this guy's characterization of Vista development is true, they have more problems than a slipped schedule; they need to be asking why the damn thing has turned into that much of an epic project in the first place. This is not like IBM building the S/360 here; they're not wandering that far off into uncharted, never-before-attempted territory, based on every description of Vista I've ever seen or heard of. Yet they're making it that much of an effort, either by choice or mismanagement.
Vista, Linux, OS X: it does the same thing. Ultimately, they're both ways of managing the filesystem and the computer's hardware resources, and presenting those resources to programs in a standard manner on one end, and presenting a GUI to the user on the other. Sure, they're different ways of doing things, but they're all solutions to the same basic problem. It's even the same hardware resources and architecture that they're supposed to manage -- it's not as though the premise of each is that different.
Frankly if what that article says is true, Vista might have a second, more dubious distinction: the most wasted effort ever spent on a project since the Russians built that expensive lawn ornament [nasa.gov].
If this guy did see the source code and was able to reverse engineer it, Microsoft ought to offer him a job. Apparently, they need the help.
Re:You'd think they were building killer cyborgs.. (Score:4, Informative)
Why? When I go do download some software from MS either it's only available for XP/2000 or it offers different downloads for 98, NT, XP, XP SP2, NT 3.5+, 2000, 2003 etc.
Clearly every version of windows is slightly incompatible with other versions. Even service packs break backwards compatibility requiring separate downloads for XP and XP SP2.
I think vista will not be fully backwards compatible with any other MS operating system. Some things will work but I would expect everything to be either completely or partially borked.
Re:You'd think they were building killer cyborgs.. (Score:4, Insightful)
Nonsense. At best software requires win98 or better. Most software I have seen requires XPSP2 or better. Like I said even MS software has different versions for different windows.
"Based on history, I would expect the vast majority of common-use software to work transparently out of the box,"
In that case we are living in a different universe. Where I work every version of windows disrupts our software some way or another. SP2 was especially painful. Migration from
Re: (Score:3, Insightful)
Were you the one that claimed that windows vista had to keep compatiblity for everything between dos 2.0 and windows xp? If so then you were lying.
"For example ?"
IE for one.
"In-house or third party software ?"
Both.
"The list of software SP2 broke wasn't particularly big, relatively speaking."
Even if it broke one application that proves that it's not 100% bug for bug compatible. So once agai
gnireenignE (Score:3, Interesting)
Wouldn't this fall under the category of reverse engineering for interoperability? As long as he isn't re-publishing copyrighted code, I don't see what their problem is.
IIRC, The program doesn't even circumvent the DRM, it just waits for WMP to do it, and then reads some of its memory.
Re: (Score:2)
Oh come on
"I didn't even circumvent the security system. I just cut the blue wire and the alarm happened to not go off."
Re:gnireenignE (Score:5, Interesting)
I dunno...there was a slashdot discussion with an argument similar to this. He did not technically crack or break any DRM. The WMP by nature decrypts the file, in order to play it. Now, right after WMP decrypts it...it is a file in memory just like any other file/code, and I don't know of any rules or laws out there that say what you can or cannot do to any bit of data in memory...especially if it is in a decoded, freely readable format. Are you 'forced' to play it through the speakers? What legally keeps you from directing that data to another file, or hell...to the printer if you saw fit?
It seems the legalese people try to argue this kind of crap to the letter of the law. And from what the DMCA seems to rule against is cracking the DRM on a file...but, I see nothing in it saying what you can or cannot do with the data once the DRM has been legally removed.
I think by definition, while yes you may have circumvented the way someone intended you to use the system...you in fact have not circumvented the DRM itself, and I think that is what the DMCA specifically tries to outlaw.
At the very least..like another poster said, couldn't this be defended as a way to allow interoperability with other applications/oses and the like, which DMCA does allow?
Re: (Score:2)
RIAA's Legal Tactics (Score:5, Funny)
- Prior to the trial, make sure that the judge realizes that your wife, daughter and grandmother are available for him depending on his age preference.
- Have the only licensed copy of Photoshop in the world installed on your laptop and present at the trial. Ask the defendent for his IP address during questioning and then add it to a BMP screen shot of some file sharing application with "KAZAA" shakily written at the top of the screen. Make sure that you wipe the drool from the judges mouth when you explain to him that this list is dynamic but you're sure the defendent is guilty. Also, throw his IP address on the Berlin Wall, the cover of Chairman Mao's Red Book & Hitler's armband in his 1936 speech just so the judge realizes the pure evil he's dealing with .
- Remind the judge how much you and your industry mean to the American economy. Also remind him who's in charge right now and how important it is that the economy stays in full swing. Carefully explain to him that a successful lawsuit will not help the American economy.
- Bring in Senator Ted Stevens as an expert witness on computers and tubes so the judge can understand how both computers and the internet works.
- Act like the artists (or in Microsoft's case, developers) are the ones being screwed here. They are the ones that this hacker is stealing from and then show pictures of their families living in the cold run down mansions in Redwood. Also show a picture of Lars Ulrich with a measily pile of only 5 million dollars instead of 6.
- Rinse, wash, repeat above card.
- Use legions of lawyers to inundate the individual with accusations about his past and his profession.
- Bottom line: stear clear of the fact that people pay you money for instances of something that's easily instantiated. Try to blur the concept of physical property versus intellectual property and use bad analogies such as grand theft auto or gas station holdups to the case at hand.
- Oh, and stop at nothing to make sure the person is ruined for the rest of their life. Leans on paychecks are a sweel idea as well as restitution through house, car, possessions, etc.
So, as you can see, Microsoft has a ways to go before meeting the RIAA's stringent legal tactics. Don't worry though, I have faith in Microsoft.Re: (Score:2)
Also show a picture of Lars Ulrich with a measily pile of only 5 million dollars instead of 6.
Lars said he was sorry. Poor man. Being bald is enough punishment for him. Leave him be.
Re: (Score:2)
"Your honor, your home computer came up in our search, so if this case doesn't go well, we'll be searching your hard drive next."
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Insightful)
10. File suit against 5 month old infants, senile great grandmothers, and the deceased.
Tenuous Grounds, IMHO (Score:4, Insightful)
Microsoft has released two successive patches aimed at disabling the tool. The first worked--but the hacker, known only by the pseudonym "Viodentia," quickly found a way around the update, the company alleges. Now the company says this was because the hacker had apparently gained access to copyrighted source code unavailable to previous generations of would-be crackers.
Tenuous grounds -- Microsoft is in effect claiming nobody could have reverse engineered their code, or cracked it, so fast, therefore they must have cheated by having access to Microsoft's original sources. Sounds like a logical assumption, but it's a bit like claiming a driver went from Point A to Point B, 100 miles apart, in one hour must have been speeding, though there was no witness to the driver actually speeding.
I expect what Microsoft really wants is to find if they have an inside man leaking code. Have to get Viodentia to reveal that by poring over his/her drive, which may yield absolutely nothing and be fairly claimed as harrassment.
"FairUse4WM has been my own creation, and has never involved Microsoft source code," the developer wrote. "I link with Microsoft's static libraries provided with the compiler and various platform SDK (software development kit) files."
Sounds almost as if those at Microsoft pursuing this case do not even know what their own library routines may be capapble of.
SCO? (Score:3, Insightful)
Sounds more like SCO's tactics than the RIAA's...
Re: (Score:3, Interesting)
Re:Tenuous Grounds, IMHO (Score:5, Insightful)
Re: (Score:3, Interesting)
Re: (Score:3, Interesting)
I see where you're going with this, and I agree that Microsoft's assertion is invalid, but your assertion would, in fact, be pretty darned compelling evidence. It's called the Mean Value Theorem [wikipedia.org].
Re: (Score:3, Funny)
You haven't been to an airport lately, have you? The speed limit through the security line is up to ~1 meter/hour.
Re:Tenuous Grounds, IMHO (Score:5, Insightful)
That's nearly right.
More accurately, it's like claiming someone who managed to cover the distance from Point A to Point B, 100 miles apart, in one hour must have been driving and is therefore guilty of speeding.
Re:Tenuous Grounds, IMHO (Score:5, Interesting)
Anyone want to explain the logic behind that statement?
MS gives out the SDK
The SDK contains source code that is "not easily accessible"
Someone accesses the source code.
MS cries foul!
Re: (Score:2)
How is that contradictory? (Score:2)
Linux and the networking applications that run on it are widely and freely available, but that does not mean it is legal for Linksys to include it in their products without following the licenses on that software.
Re: (Score:2)
Re: (Score:3, Interesting)
'Analysts say that "Viodentia" hasn't proved that Microsoft's DRM tools are fundamentally flawed
Sounds like it's not Microsoft's DRM tools that are flawed, but DRM itself.
Well, duh, guys.
Re:Tenuous Grounds, IMHO (Score:4, Interesting)
Re: (Score:2)
This is not far off - 2-3 years at most.
Excellent! I can almost guarantee that when this happens, that when DRM gets to be such a pain in the ass that regular people are bitching about it, a simple phrase uttered in earshot will move mountains:
"You know... Linux doesn't have any of this DRM shit infecting it"
... could be a whole new lease on life for that OS
Re: (Score:2)
The path of least resistance (Score:2)
Hacking and pirating has always taken the path of least resistance. When it can be done in software, that is great, nice and cheap. When it can't, people will pay for the modified ha
Re: (Score:2)
You have no idea how deep the rabbit hole goes. The BIOS is signed as well so it can be flashed, but unless the mobo company signed it, no TCPA content for you. There's strong digital
DRM's fatal flaw (Score:4, Insightful)
You give them the lock, you give them the key, and you hope that they can never figure out how to use them together.
Why the content industries keep believing that this is a good idea is a true mystery.
Re: (Score:2)
Well, assuming no weird configurations (it's 100 miles by land but 4 miles by Ferry; points A nd B are airports; etc...), the laws of reality sort of confirm the guy has been speeding. I believe the French police just look at the time on your entrance/exit tickets on their equivalent of (pay-for
Re: (Score:3, Funny)
I have a better solution: hire a private investigator to call his phone company pretending to be him, and get them to release his phone records. Do the same for all of your employee's phone records then match them up.
It's so simple, I'm surprised no one has thought of it already.
Re: (Score:2)
Re: (Score:2)
Unless he took a plane, or a fast train.
Re: (Score:2)
Unless said driver can prove he was flown there (chopper, or plane), or they develop teleporting technology...if you go form Point A to point B in 60 minutes, and said points are 100 miles apart, then yes you had to have been driving at LEAST 100 mph, if not moreeee (due to traffic and lights).
Re: (Score:2)
Well, in the case of one, there are physical limitations on how you could transport someth
Re: (Score:2)
What if the road in question was the Autobahn, where they have stretches that have no speed limits?
You can drive well over 100 mph....and not be breaking any speed laws there.
well... (Score:5, Insightful)
Even WITH the source code microsoft cannot figure out how their code works and issue patches...so how would they be able to tell if some 'hacker' is really hacking their ultra secure corporate network? What do they do when third parties issue unofficial patches for IE? Are they going to start filing lawsuits against the white hats too as they might have figured something out on their own?
I am neither for or against hacking DRM and such, but honestly, assuming somebody hacked their way in and stole source code is a little bit harder to believe than simply figuring out a way around what I'm sure is an elementary DRM code. Poking and testing is easy to do, hacking, finding, downloading, and analysing source code is probably adding a bit more effort to the process than most guys trying to beat DRM are willing to go through.
The simplest explanation is usually the correct one. If he just plain figured it out by trying several different things, I'm inclined to believe him.
sounds about right. (Score:2)
or didn't know aught, but found the section of code or the registry points and routed them to his own routine, which could be as simple as
NOP
NOP
NOP
NEXT
to settle a timing issue.
the judge should get both explainations side by side on his bench and make a summary ruling. I expect it would take about 51 seconds to dismiss with prejudice. meaning MS can
5th amendment? (Score:2)
This smacks of the RIAA tactics of sue first, then force you to hand over your hard drive to incriminate yourself.
Wouldn't that violate the 5th amendment [wikipedia.org]?
I'm not trolling about the RIAA violating the constitution, I'm really interested in knowing if the 5th would apply here.
Re: (Score:2)
Re: (Score:2, Informative)
Additionally, the production of physical evidence (gun, blood sample, computer, etc.) is not considered to be "testifying." Under the 5th, you cannot be forced to "testify" (verbally) against yourself. However, the government (in criminal cases) and parties (ci
Re:5th amendment? (Score:5, Interesting)
That said, the as-of-yet-unchallenged Digital Millennium Copyright Act clearly makes "access" to copyrighted works without a license illegal if they are "digital". Under that law, "access" to "digital" copyrighted works is indeed a crime. In that case, if the government got involved in the prosecution the 5th Amendment may very well apply with regard to whatever testimony you give.
Re: (Score:2)
Re: (Score:2)
I think you may be mistaken...I do believe in the US, it has already been ruled that refusing to give up your password/encryption key, etc is not covered under the 5th amendment.
I'd personally think it should be...but, I believe the US courts have already ruled on this a fe
Dismissal? (Score:5, Informative)
Don't write about law if you know nothing about law, and don't make assumptions or claims about lawsuits based on second-hand information and bias.
Re: (Score:2)
Actually dismissal is also appropriate when the complaintant states a claim upon which relief can be granted but that claim isn't against the defendant. For example, if a store sues me for breaking in after hours and claims they've got video of a car in the parking lot so I must've been the perp, I can note that DMV records show I don't own a car matching that in the video and request a dismissal and I'll likely get it.
Re: (Score:3, Insightful)
in other words.. this is a legal support framework for wealthy interests or outright trolls to go on fishing expeditions..
I think it's time to change this, because it's fundamentally opposed to the founding premises of the american system, the most pertinent in this case being protection of privacy and property unless concrete probable cause can be provided otherwis
visual studio tattler (Score:2)
In away I'm simply amazed that
Re: (Score:2)
Re: (Score:2)
Sounds a lot like SCO tactics to me... (Score:3, Insightful)
This smacks of SCO tactics to me. Accuse first, offer no proof, sue so you can fish for evidence...
Say, didn't Microsoft indirectly fund the SCO fishing expedition? Nuff said...
Re: (Score:3, Insightful)
How about... (Score:2)
Re: (Score:2)
FTA:"Our own intellectual property was stolen from us and used to create this tool," said Bonnie MacNaughton, a senior attorney in Microsoft's legal and corporate affairs division. "They obviously had a leg up on any of the other hackers that might be creating circumvention tools from scratch."
See, even MS is concerned that the pirates are all on level ground..
Re: (Score:2)
and signing that document is likely a very bad idea, unless they changed it recently. it only offers protection from a lawsuit filed by the RIAA. it offers no protection from lawsuits filed by the individual labels (the RIAA members).
Exhibit A, for the defense... (Score:5, Insightful)
A disassembler.
I mean come on! Really! Read this from TFA:
Microsoft has released two successive patches aimed at disabling the tool. The first worked--but the hacker, known only by the pseudonym "Viodentia," quickly found a way around the update, the company alleges. Now the company says this was because the hacker had apparently gained access to copyrighted source code unavailable to previous generations of would-be crackers.
Um, hello? People have been disassembling code to disable copy protection since the first days of the warez scene. You don't need the source. All the source does is speed things up a bit.
Not that I'd know anything about that. *ahem*
Re: (Score:2)
Re: (Score:2)
That's fantastic. =)
Best one I've personally spent any time with is IDA. Check out all the stuff this thing can do. [datarescue.com] I'm especially fond of those wingraph charts in the large gif they have there.
Source code? Pfft. Who needs it?
Re: (Score:2)
Another Interview with Viodentia (Score:4, Informative)
http://www.engadget.com/2006/09/27/viodentia-resp
The system works. Why are you bitching? (Score:3, Insightful)
It's just that now corporations are the only real citizens-- a situation no different than the late 1700's/early 1800s when only the rich white landowners were considered citizens.
Again, I'll ask --the system works; why are you bitching?
Re: (Score:2)
You answered your own question:
In the United States, individuals are supposed to be citizens as well. I'd like to remain one since I pay taxes into a bunch of services I'll never see a return from. The least my government can do is still consider me a citizen, even if only a second-class one.
If I write something in hex... (Score:2)
It means.. (Score:2)
Part of the MS DRM strategy (Score:3, Interesting)
Arrogance. (Score:5, Insightful)
Some developpers are extremely slow to realize that things which seem nigh impossible to them are in fact, run-of-the-mill easy for talented hackers, crackers, upper-teir skr1pt k1dd13s, and others. Code obfuscation is not by any means adequate protection.
Neither is sticking anti-debugger crap in your code, for that matter.
Re: (Score:2)
This is not really about Microsoft (Score:3, Interesting)
It's about DRM being like gun control (don't get me wrong, I HATE guns and private gun ownership):
DRM punishes the honest, and does nothing about people who are going to steal.
Make 'legal' online music consumption easy for the consumer, and they will be happy, and you will make money.
Treat them like criminals, and... well, you'll just be cultivating this behaviour.
Re: (Score:3, Insightful)
When I buy a song that uses DRM that ultimately ties me to a platform I'd rather not be using, I feel that the DRM is restricting my fair use rights. In this case, I agree that DRM punihes the honest and does nothing about people who are going to steal.
However, Microsoft's PlaysForSure is in some cases used by rental services. Personally I don't want to rent music, but some people might, and it needs to be enfo
Users are beta testing M$'s DRM implentation (Score:3, Insightful)
If they do end up in court, at the very least only third party investigators should have access so as to protect the defendents trade secrets and IP. Afterward, to top it off, M$ should open itself up to verify that it isn't secretly using anything it learned in the trial without paying compensation.
Microsoft are so arrogant. (Score:2)
Even though they have a perfect track record of inability to develop a single truly secure product, they presume this guy must have stolen the source in order to use any of their gaping holes.
Microsoft's own track record on security is this guy's own perfect legal defense.
Solution: Countersue (Score:3, Interesting)
Re: (Score:2)
Mozart's Memory (Score:5, Insightful)
Mozart, being the prodigy he was, heard the piece once and memorized it in its entirety. When he got home he wrote down the score without a single missed note. When Church authorities heard that Mozart had an unauthorized copy of the Miserere they took him to court, accusing him of stealing a copy of the score. The young boy was able to prove that he had not stolen the work only by writing down the piece again, perfectly, from memory in the presence of the court.
Obviously this probably isn't the case here, but isn't this a good example that you should not be allowed to sue somebody for copyright infringement unless you have some proof they obtained what they got thru illegal activity?
Re: (Score:2)
Just because it wasn't through printed medium, but rather through memorization, doesn't mean he wasn't copying it.
In professional music, it is a requirement to learn how to write down a piece of music upon hearing it -- musical dictation. Writing down a piece that you heard on the radio is still an act of making a
Re: (Score:2)
Nope. For one, there wasn't "copyright" back then. For another, this work wouldn't have been considered under modern copyright. It would have been a trade secret. One of the fun things with a trade secret is that if someone were to independently come up with the same answer, they can not be found to be infringing. Current law doesn't allow for something to be both a trade secret and pu
Re: (Score:3, Insightful)
Another good reason not to have anything to do wit (Score:2)
Did you need another? Don't worry, they'll come up with one for you.
Download - Thanks, Microsoft! (Score:5, Funny)
It took a bit of searching but I found the program and mirrored it [uberm00.net] if anybody's interesting. Please be sparing on my bandwidth.
The bottom line might be (Score:3, Insightful)
Guess what else is against the law? His/her best defense is an admission of guilt to breaking the system/scheme of protection. It is probably a win win for Microsoft.
And regardless if you are for or against the law(s), it seems as if some law has been broken.
I wouldn't say Microsoft is adopting RIAA tactics because that would be crediting RIAA for inventing the use of the courts to stop something they don't like. Companies have doing that for a long time.
You dont need to know (Score:3, Insightful)
Lose-lose (Score:2)
This lawsuit is bizarre... (Score:2)
Also, if Microsoft can't prove that "Viodentia" had access to Microsoft source code (which presumably breaks the law if he/she did - hence the lawsuit), then can Viodentia sue Microsoft for libel? Also, if Microsoft is allowed to sue this John Doe called "Viodentia", then can Viodentia sue Microsoft whilst r
BULLET DUP3 * GUN LOAD FOOT AIM TRIGGER PULL BANG! (Score:3, Funny)
Re: (Score:3, Insightful)
Re: (Score:3, Informative)
Two Wrongs... (Score:2, Insightful)
For you and MS: (Score:2)