DMCA Forces Cox To Censor Changelog? 573
Ross Vandegrift writes: "Alan Cox released 2.2.20pre10 today, which includes security fixes. He is refusing to indicate what security holes have been fixed, as Unix-style permissions could be used as an anti-circumvention device. The thread starts here. " It'd be great if people could read the threads here and try to figure out what is going on. I'm a little lost, but it looks like he's being overzealous.
Re:Maybe he's joking? (Score:3, Insightful)
People! He's Joking! (Score:3, Insightful)
Actions Speak Louder (Score:3, Insightful)
I'm not sure if Alan's actions will get the attention it needs but it is certainly a step in the right direction.
Does DMCA apply here? (Score:3, Insightful)
Thefreeworld.net Re:Overzealous, eh? (Score:5, Insightful)
OTOH, the US outlawing something shouldn't mean that all these good things are suddenly no longer available to the rest of the world. We need a place to publish the things which are outlawed in the US, without getting prosecuted for publishing these things to the US.
Such a site has been started (well, not quite, but we're busy getting it up and running) and we hope there will soon be a place to publish crypto research, security information and other useful tools which are not allowed in the US. The only small gotcha is that in order to publish it legally, some kind of access controll will have to be put in place so US citizens cannot get at the archive. Unfortunate, but so be it.
The site? http://thefreeworld.net/ [thefreeworld.net]
Re:Using the Linux community as pawns (Score:2, Insightful)
Re:Using the Linux community as pawns (Score:4, Insightful)
Re:Using the Linux community as pawns (Score:5, Insightful)
Alan needs to realize that, although the DMCA does have important and evil implications for the freedom to code and speak in the U.S., it would not be used against a legitimate programmer such as himself. The people who have been targeted by the DMCA have been crackers: people who defeat lame encryption schemes and distribute point-and-click software that allows the masses to pirate. Although I fully support 2600 and Dmitri in their efforts (I have been a security engineer and I appreciate the truly talented invididuals in the field), DeCSS and the PDF utility are simply not in the same class as the Linux kernel and the other software Cox has worked on. He is simply a non-target and he needs to stop pretending that the DMCA affects him.
First they came for the Communists,
and I didn't speak up,
because I wasn't a Communist.
Then they came for the Jews,
and I didn't speak up,
because I wasn't a Jew.
Then they came for the Catholics,
and I didn't speak up,
because I was a Protestant.
Then they came for me,
and by that time there was no one
left to speak up for me.
by Rev. Martin Niemoller, 1945
Re:Using the Linux community as pawns (Score:5, Insightful)
it would not be used against a legitimate programmer such as himself
While it is unlikely that Alan would be arrested for fixing security bugs in the Linux kernel, he is quite right in saying that under the letter of the law, he might be. Even if you merely can be arrested for such an activity, then the DMCA is a bad law and must be repealed, or at least modified very substantially. So Alan should be applauded for taking a stand, even if (or exactly because!) that inconveniences some people temporarily.
Re:Thefreeworld.net Re:Overzealous, eh? (Score:4, Insightful)
As Bill Hicks said, "You are free... to do as we tell you". Right now, it seems that US "freedom" means the freedom to bribe (sorry, to fund...) senators et al to get your pet bills passed.
Re:Overzealous, eh? (Score:2, Insightful)
The problem is that most of the real world allies for a DMCA fight tend to be progressive in politics, with the ACLU being the most obvious example.
Civil Obedience (Score:5, Insightful)
Re:Overzealous, eh? (Score:2, Insightful)
I see alot of both libertarian and socialist slants actually. (which are very similar on some fronts - moreso than they want to admit - and vastly different on others)
Who else here remembers when
I dunno about anyone else, but I found myself agreeing about as often and as strongly with the peice by the socialist party candidate as the libertarian one. (and very seldom with others).
In fact on unions, buisness, and government, It seems there are alot of polar views here and few middle of the road ones.
-Steve
Re:Using the Linux community as pawns (Score:5, Insightful)
The DMCA is only one of the many laws which make the USA into a police state. AC's intentions are good but he's got a lot more battles in front of him before the U.S. can be considered safe from authority abuse.
-CT
Re:Using the Linux community as pawns (Score:3, Insightful)
DA: " He released information that broke the DMCA while trying to keep the Linux kernel secure!!!"
defence:" the nature of OSS is to show all changes. the linux kernel does not contain any copyprotected material, however, because of a baddly writen law, making the operating system secure from intruders is now illegal....does that seem right?"
Re:he's just trying to "make a point" (Score:3, Insightful)
On a list that reaches US citizens - no. File permissions and userids may constitute and be used for rights management.
By that theory, telling somebody how to set the root password on their Linux machine constitutes trafficking in circumvention technology.
There are two conclusions from this. One, Alan is being stupid and overzealous, even if he did find a lawyer who told him that posting information about the security fixes could violate the DMCA. Two, the DMCA is a stupid and ridiculous law, and the full level of its stupidity (and the stupidity of our lawmakers and law enforcers) is being demostrated by the DeCSS, Felton, and Sklyarov cases. I am embarassed to be a citizen of a country that has such a law (although it will take the SSSCA to force me to flee the country as a political defector, the DMCA isn't enough to push me that far).
The DMCA has got to go, but I fear I see no way in the world that we'll ever be able to get rid of it short of it being declared unconstitutional, or short of extreme campaign finance reform that remakes Congress into representatives of their constituents.
-Rob
Things to realise about Alan Cox (Score:5, Insightful)
Firstly, he's a Brit. They have a sense of humour which is sometimes very subtle and is usually based on 'irony' (as in the saying something different to what you mean, rather than the more American 'Alanis Morissette' use of the word). Some Americans take ironic statements at face value, as is often seen on Slashdot.
Secondly, he's a clever guy. He's being stubborn about this to make a point. If he wasn't stubborn about it, the point wouldn't be made. He is acting correctly according to an unjust law to highlight the danger of it.
He is not being 'dumb' or deliberately annoying, he's highlighting the potential effects of a worrying development in the American legal which could have significant negative impact on all Open Source software developers.
use the source, luke (Score:2, Insightful)
Would that make diff and vi circumvention devices?
I do beleive that Alan is being overzealous, but do agree that *something* must be done about this and quickly. Unfortunately, I am not in a position of to do much more than wear a Free Dimitry T-shirt. IMHO what Alan has done is illogical. Perhaps the better thing to do would be to cut the US from the linux source code all together.
Now THAT would raise a stink.
Disgusted to be an American (Score:5, Insightful)
--"The refuses to bend, he refuses to fall, he's always at home with his back to the wall" --Bill Joel- Angry Young Man.
Re:Using the Linux community as pawns (Score:2, Insightful)
digital copying != analog copying
copying != timeshifting
Betamax did not break any encrytion and there was no DMCA at the time.
In the Betamx case the decision reflected the fact that "timeshifting" is not a violation, and VCR's have substantial non-infringing uses. The decision did not give VCR owners permission to start copying copyrighted works.
Dimitry wrote and sold software that was designed to violate copyrights. Even without the DMCA the ebooks license specifies you may not make copies and contrary to Slashlore there is no indescriminant "Fair Use Right" that allows this behavior. Had Sony marketed the Betamax as a method of illegal copying protected material they likely would have lost their case as well.
Re:Overzealous, eh? (Score:3, Insightful)
Re:Overzealous, eh? (Score:2, Insightful)
Work to Rule (Score:2, Insightful)
While this current example won't take down the DMCA, the idea is that the DMCA will hurt U.S. corporations in the long run. Specifically, it will hurt the vast majority of corporations that don't get any benefits from the DMCA. We can only hope that these corporations give bigger bribes than the record and movie corporations.
Re:Disgusted to be an American (Score:4, Insightful)
Every country (and I've been to quite a few) has limitations on peoples freedom somehow. As a modern society we are fast approaching big brother if we aren't careful (UK has had big brother for a while hasn't it?).
Instead of being "Disgusted" perhaps you should pay an attorney to help "wage the war". You know we still have the ability to change the law and it has yet to be constitutionally tested. With all the "open source" companies out there I'm suprised there hasn't been a class action lawsuit for damages to the "open source product" caused by the RIAA.
Oh yeah, and next time there is an election, vote.
Re:just making a point (Score:3, Insightful)
Now another good step would be to find an employee of a large company (Microsoft would be nice) who writes about a bug or exploit in their company's product and have them arrested for publishing a circumvention device. Anyone wanna go through the XP Beta groups and try to find an exploit that wasn't fixed and was discovered by a Microsoft employee? If Microsoft or any major company turns their money and legal teams against this law, it will fall faster than a dot com stock.
Simply, real examples of the "chilling effect" need to be documented for the Dimitry trial and other trials that will happen. These will go much further in getting the law overturned than messages to our Congressmen.
Reason behind this. (Score:2, Insightful)
I don't think so. Alan is trying to prove a point. That point being: The US is being rediculous with that DMCA.
There WAS a bug, there is no longer. Publishing the bug means you're providing people with a "circumvention device" (on the older kernels). The DMCA forbids that.
Alan is being rediculous with a purpose. The more people realize that this DMCA is rediculous the more they will be inclined to complain to their senators or whatever means those Americans have to influence their politicians.
Roger.
Re:Using the Linux community as pawns (Score:3, Insightful)
DA: " He released information that broke the DMCA while trying to keep the Linux kernel secure!!!"
defence:" the nature of OSS is to show all changes. the linux kernel does not contain any copyprotected material, however, because of a baddly writen law, making the operating system secure from intruders is now illegal....does that seem right?"
What the jury understands:
DA: This foreign computer programer told other programers how to break into computer systems.
Slashdot Defense: Blah blah non-American blah blah hacker blah blah bad government blah blah fix computer blah blah.
Jury: The defense made no sense. He must be guilty!
Re:Reason behind this. (Score:2, Insightful)
Normal countries state somewhere in their laws that their laws don't apply outside their borders. Somehow the USA is different.
We KNOW that they arrested that russian guy because he did something (violate DMCA) outside the American borders.
If the Americans are desparate enough, they'll come and get you, jurisdiction or not. Otherwise they might let it rest until you set foot on their soil.
Now tell me again, that Alan need not be afraid of American law.
Roger.
The reasons (Score:2, Insightful)
Thinking this through, the DMCA says that you may not publish information that leads to the circumvention of any content security device. Cox has decided that file permissions constitute a content security device (which they do, but normally in a difference sense than the DMCA is applied).
To be honest, going by the letter of the law, this makes some sense. By publishing the flaw's details, earlier kernals are open to exploitation via the flaws, thus unsecuring the content currently protected by the file permissions.
Stupid, yes - but a realistic reading of the letter of the law, if not the intent. But then when did intent matter in law?
Re:Thefreeworld.net Re:Overzealous, eh? (Score:3, Insightful)
How much of the US constitution needs to have been voided before that bit goes?
Alan Cox works for Red Hat. (Score:1, Insightful)
Alan notes that he is acting on legal advice, and does not elaborate.
Perhaps it stands to reason that this is not merely Alan's radical position, but a tool that will aid an incipient Red Hat fight against the DMCA/SSSCA.
If Red Hat wants to fight the DMCA, they must first be able to reasonably claim that the DMCA makes it prohibitively difficult for them to do business.
Think about it. It'll come to you.
--ever wonder why anonymous cowards post anonymously?
unclean hands (Score:2, Insightful)
For example, if I enter into a contract to, oh, sell you illicit drugs, and I provide the drugs, and you don't pay, I can not seek redress from the courts. In this case, if someone produced code designed to harm or otherwise compromise a computer system, I seriously doubt they could cry "copyright infringement" if someone explained how to render such an exploit ineffective.
Though, given the bizarre and insane state of current U.S. legislation, I would still be wary of such a silly charge sticking.
Of course I am not a lawyer, so don't take this as legal advice.
Re:Reason behind this. (Score:5, Insightful)
They harrassed an Norwegian, kidnapped a Russian over this law. A good reason for the rest of the world to take notice...
There's more to it (Score:3, Insightful)
If any of the patches or future patches even touch the handling of DVD-Players, or future FUCK-ware (Futile Unnecessary Control Keping Hard/Software) he'd better present, what US-lawyers consider a clean west to avoid being dragged through courts until hell freezes over because some corporation is then likely to use the DMCA as a lever and make a public example of him.
Since Skylarov this law has become a very real threat to non-US-citizens.
Denying US-Access to Security lists (Score:3, Insightful)
Posting the report to a Site accessible from USA gives anyone who wants the means to sue to their liking, and the only reason Microsoft didn't already sue bug-reporters into submissive silence is the cry of outrage to be expected after such a move. But we'll probably soon see that nevertheless with their hacked Mediaformat.