Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Ask Ed Felten About Watermarking Analysis And More 191

Dr. Edward Felten is in a funny position -- or perhaps not so funny. He's the Princeton researcher who took up the challenge posed by the music industry to find flaws in the SMDI watermarking scheme, but didn't enter into the 'no-telling' bargain (here's the click-through agreement [pdf]) which would have made him eligible for a reward, so wasn't bound by non-disclosure terms. When a scheduled academic presentation on the weaknesses [pdf] that he and his colleages found in SDMI became the object of lawsuit threats from the RIAA, and caused him to cancel the planned presentation, Felten decided to turn the tables, and in cooperation with the EFF, sue them instead, for interfering with his scholarly research. Though he did eventually get to present his research, the legal action is still going. Dr. Felten is at a hearing today in Trenton, NJ, but he's agreed to answer questions from Slashdot readers. Please confine your questions carefully (one per post), and we'll pass the highest-moderated ones on for his answers.
This discussion has been archived. No new comments can be posted.

Ask Ed Felten About Watermarking Analysis And More

Comments Filter:
  • by Mdog ( 25508 ) on Wednesday November 28, 2001 @02:34PM (#2625671) Homepage
    Do you believe that what the RIAA is trying to do is mathematically feasable, and that their attempt was merely the wrong way of going about the problem, or do you believe that what is being attempted is fundamentally impossible?
    • Do we believe we can defeat any audio protection scheme? Certainly, the technical details of any scheme will become known publicly through reverse engineering. Using the techniques we have presented here, we believe no public watermark-based scheme intended to thwart copying will succeed. Other techniques may or may not be strong against attacks. For example, the encryption used to protect consumer DVDs was easily defeated. Ultimately, if it is possible for a consumer to hear or see protected content, then it will be technically possible for the consumer to copy that content.
      from here [].
  • by Carmody ( 128723 ) <slashdot AT dougshaw DOT com> on Wednesday November 28, 2001 @02:36PM (#2625690) Homepage Journal
    If you win your lawsuit, what type of precedent will it set? Will it encourage others to sue to regain their freedom of speech? Was this idea something you thought about when you were deciding upon filing charges?
  • by wmshub ( 25291 ) on Wednesday November 28, 2001 @02:37PM (#2625693) Homepage Journal

    What is the best case outcome for the lawsuit that you and the EFF have started. Is it possible that the DMCA (or parts of it) can be found unconstitutional? Or would a "best case" just be a weaking of the DMCA, where for certain purposes people would be allowed to discuss their findings regardless of the DMCA.

    Also, how likely (in the opinion of you or your lawyers) are the different possible outcomes of this case?

    • (Sorry, I had to do it)

      What is the best case outcome for the lawsuit that you and the EFF have started

      Thats easy: the *best case* outcome would be that a fleet of freedom-loving super-model alien beings, in awe of our free operating systems and just legal system, land on Earth and hold a celebration in honor of Dr. Felten and the EFF thereby bringing peace, wealth, flying cars, and of course, love to all of humanity. Unlikely? Perhaps... But definitly the best outcome all around. :)
  • by ruebarb ( 114845 ) <> on Wednesday November 28, 2001 @02:37PM (#2625698)
    As of today, I understand that you are able to give presentations based upon the flaws you've discovered in digital watermarking. In essence, you have won this battle...However, you are still continuing your lawsuit against the RIAA.

    What do you hope to accomplish further, and in your opinion, what could be the best possible outcome from your lawsuit against the RIAA.
    • "What do you hope to accomplish further."

      I thought that, when the annoucement was made that he could present the research, that Felton (or his lawyers or someone) came out and said that it was specifically to form a precedent, so that other researchers couldn't be bullied/hassled/hampered by similar attacks.
  • If you were the RIAA (Score:5, Interesting)

    by Mdog ( 25508 ) on Wednesday November 28, 2001 @02:39PM (#2625710) Homepage
    If you were in the position where you were trying to get a handle on rampant piracy of your work, what (digital) means would you pursue to secure your work?
    • Try the work they contractualy bind artists to create. I might feel sorry for them if they accualy created it, or didn't cheat the artists.
      • Freedom for the people, who or what gave corperations any rights? They don't even have the right to enter in to a contract under the Constitution. They are not even mentioned. Hmm, are corperations uncostituional?
    • Please explain to me how an annual increase in sales of CD's and other media shows a level of "rampant piracy." Despite the fact that Napster, Gnutella, KaZaA, and other P2P networks have millions of copyrighted works flying around on them, there is absolutely no way to definitively put an amount on how many people have illegally profited from these works by reselling them as their own production. I'm pretty sure that the 95% software 'piracy' rates in China and other Eastern Asian countries by big businesses over there, far outweighs a bunch of American teens sharing the latest Britney Spears top-40 hit that they wouldn't buy an entire CD for anyways. Sorry this argument may be a little thin, but your question is just simply irrelevant, given its obvious bias without supporting facts.
    • If you were in the position where you were trying to get a handle on rampant piracy of your work, what (digital) means would you pursue to secure your work?

      Since your question is so loaded with industry propaganda words, Ive composed a more logical alternative:

      "If you were in the position where your outdated business model was poised to become unprofitable as the market began realize that your company was a useless fat layer that provides no added value, what digital algorithm could you deploy to extend your control over distribution while preserving high profit margins?"

  • So, without revealing anything revealing, is there a better way to please the RIAA without sacrificing user-friendly concepts like "fair use" ?
  • by EFGearman ( 245715 ) <> on Wednesday November 28, 2001 @02:41PM (#2625726)
    Do you feel that research, your specific research and/or research in general, should be presented in an 'open' forum, if said research is paid for, in part or in whole, with tax-supplied funds?

    This gets down to a licensing issue, on the public being charged twice for the research and it's benefits.

    Eric Gearman
  • by LaNMaN2000 ( 173615 ) on Wednesday November 28, 2001 @02:42PM (#2625730) Homepage
    I wish you the best with regards to your suit against the RIAA; their intimidation tactics are despised by almost everybody in this community. But, though IANAL, I was wondering what precedent there is for this type of lawsuit. What damages have you suffered as a result of the RIAA's actions (you were ultimately able to present your research) and what resolution do you ultimately hope to attain? Do you really believe that such a goal is within reach, given the DeCSS/Napster rulings?
  • Academic Integrity (Score:5, Interesting)

    by efuseekay ( 138418 ) on Wednesday November 28, 2001 @02:43PM (#2625735)
    Hi Prof Felten,

    As an academic myself, I am gratified by your colleagues and your decision to publish your findings instead of claiming the $10000 prize (personally, I find the $10000 "prize" for the HackSDMI challenge measly, and even bordering on insulting.).

    The fact that you are suing the RIAA for intefering into your academic activities indicates your stance on the issue of academic freedom to research. However, the RIAA has deep-pockets, and the fight has just begun. It is not inconceivable that in the future, the academia may come under the control of rich corporations manipulating research for their own selfish ends.

    So, my question is, do you see a bright future for a "free academia" or do you see a academia that willi increasingly be locked down by corporate interests and their lawyers/lobbyists?
    • by Stiletto ( 12066 )
      It is not inconceivable that in the future, the academia may come under the control of rich corporations manipulating research for their own selfish ends.

      It already has! In fact, I graduated from Pepsi University several years ago. Sure, it wasn't actually called "Pepsi University" but I challenge anyone to find a Coke vending machine anywhere on campus.

      Why do professors use different books for each semester of classes? Does the field of calculus really go through revolutionary changes every six months, enough to warrant selecting a whole new book to teach from? Of course not, but if you used the same book year after year, the publishers (who apparently own the professors) wouldn't be able to continuously rake students over the coals for new $100 textbooks.
      • Pepsi University? Sounds awfully alot like Penn State. PepSi University, Blue and White colors, no coke on campus at all (of course why would I want anything other than my trusty Mountain Dew?).
      • I am completing a degree at UCR which does the same damn thing ... Im alergic to pepsi (but not coke), I've often wondered if I could sue under the Americans with Disabilities Act or something :)
    • The parent is a good question but IMO centers too heavily on just the academic ramifications of what the RIAA is trying to pull. This goes much much deeper. The results of this, if the RIAA were to go unchecked, would touch each and every person in the United States. Fair use rights would be trampled by any person anywhere with even the remotest claim to intellectual property. This is just the beginning. I would like to see this question posted if it were slightly re-phrased to cover the "big picture" of how this will eventually affect EVERYONE... not just researchers or computer geeks like us.
    • Hey!

      Iv'e got an idea, how's about some poor white trash crackers, like me cause the same kind of trouble that the eminent Professor did? They can't get anything from guys like us, we can gum up the greedy bastards forever. But we need guys like the Prof. for guidance as we are much too busy with drugs, booze and prostitutes to notice anything like this
  • Lawsuit (Score:3, Interesting)

    by JASegler ( 2913 ) <(moc.liamg) (ta) (relgesaj)> on Wednesday November 28, 2001 @02:43PM (#2625736)
    In looking at the lawsuit, it looks like to me that it hinges on the facts that the click thru agreement did not apply if you never had any intention to try to collect the reward. If that is held up in court. Does your legal counsel believe that the RIAA's fallback assertion of we (RIAA) never meant to sue you hold up in court?

    Or is it more likely that the judge will actually tackle the real issue of the DMCA stifling research (and now foreign visitors presenting papers re: Sklyarov)

    • I think you bring up possibly the most intriguing point of these lawsuits - How will the Judiciary react if given the option to opt-out of these lawsuits and the heavy hand of the RIAA? Will they give in and buckle to the big industry, or maintain their expected neutral poise and address the issues of civil liberties being threatened by the DMCA and its abuse?

      In many ways I see the answers to these questions being more important to us in the long-run than the answers to the lawsuits themselves. If the Judiciary doesn't even give citizens a chance to defend their rights, all of our future battles will be over before they begin.
  • It seems that whenever a new technology is implemented, there are automatically hackers and every day people finding ways to get around security protocols. For example, in my area digital cable was considered completely secure, that there was no way to pirate free access. Then, of course, people figured out the loopholes and there are illegal boxes all over town.

    Do you think the music industry will ever perfect security measures on cds and other media, or will there always be some flaw to be exploited? Will research such as yours perhaps lead to impregnable copy protection, and is that a good or bad thing in your opinion?

  • A couple questions (Score:5, Interesting)

    by InterruptDescriptorT ( 531083 ) on Wednesday November 28, 2001 @02:44PM (#2625742) Homepage
    Dr. Felten, thanks for your time to answer our questions. We do appreciate it. :-)

    First, when you started your research, did you ever expect that you would be at the forefront of a legal battle to keep academic speech free and protected? Do you ever have any misgivings about taking a high profile in this matter? I know there are some researchers (some of my colleauges included) who shy away from anything legal and would rather just do work that might not be as controversial. It's good to see you getting involved and make sure that our rights as academics are preserved.

    Secondly, what has it been like working with the EFF? I have a great deal of respect for them and have been a member for a couple of years now. I am just curious as to the 'behind-the-scenes' process that you and the EFF lawyers have been persuing as this case pans out.
  • Why? (Score:5, Interesting)

    by joenobody ( 72202 ) on Wednesday November 28, 2001 @02:46PM (#2625752)
    Why'd you do it? I understand why it had to be done - the onerous law can only be harmful - but what made you decide you, personally, should get involved like this to change it? I've kept and eye on the case and you've been very smart about how you're doing everything, so don't try to sneak off with a "it just happened this way."
  • by UberOogie ( 464002 ) on Wednesday November 28, 2001 @02:46PM (#2625753)
    You've had the good fortune to have the support of a major educational research institution in your fight to publish your research. What would your suggestions be to someone in the same legal situation without the resources at your disposal?

    Thank you

  • Was this a trap? (Score:5, Interesting)

    by ( 142825 ) on Wednesday November 28, 2001 @02:47PM (#2625756) Homepage
    Was part of the intent behind your actions to trap the RIAA into making a threat so that you could attack the DMCA? Or was the threat from the RIAA unexpected?

    I am not talking about breaking the watermark itself, but the planned presentation and then you not presenting because of the RIAA threat?

  • by Alien54 ( 180860 ) on Wednesday November 28, 2001 @02:48PM (#2625767) Journal
    Given the attempts of the RIAA to ensure encryption of music products, etc. where do you stand philosophically on the issues of Copyright protections, etc?
  • I was always told in my computer studies that water and electronics do not mix. So if you were to mark data with water wouldn't that actually damage it to the point that it would be useless to the user?
    • I'm pretty sure the water is distilled (so as to NOT conduct electricity) and that the whole watermarking process is carefully implemented by a crack team of RIAA engineers! ;-)

  • Lessons to Learn (Score:1, Insightful)

    by eAndroid ( 71215 )
    Groups such as the MPAA and RIAA are making it a scary time for people invovled with technology. Obviously many decisions made now will have great effects on the future, very possibly in bad ways. From your experiences what do you think is the best way to stop the threat from these organizations?
  • Academic Freedom (Score:1, Insightful)

    by Anonymous Coward
    Dr. Felten, do you believe the big corporations are going to destroy academic freedom within the American education system? I'm currently enrolled in a major university and many big corporations openly participate and fund some of the class projects we do, as part of our education. One major concern of mine whenever we have these projects has always been whether my or my groups work will conflict with the interests of the participating corporation and will summarily result in the cancelation of my/our initial designs.
  • by jgaynor ( 205453 ) <> on Wednesday November 28, 2001 @02:50PM (#2625785) Homepage
    It looks like since you weren't bound by an agreement you have every right to disclose your findings. The RIAA is saying your actions "would subject your research team to enforcement actions under the DMCA and possibly other federal laws."

    I understand the reasoning behind countersuing for disruption of research, but why would you choose this option over a direct countersuit to challenge the DMCA? Your victory could theoretically mean the end of the DMCA by setting a valuable precedent.
  • by rnd() ( 118781 ) on Wednesday November 28, 2001 @02:50PM (#2625788) Homepage
    There are people in the world who can easily pick the kind of lock that most of us have on our front door. Nonetheless, it is illegal to pick the lock in order to gain entry. However it is not illegal to write lock picking instructions, or to present a paper on lock picking.

    (now to my question)

    It seems that if laws against breaking and entering were not enforced, people (particularly those who wanted to protect themselves and their valuables) would be a lot more concerned about lock-picking. What do you think can (or should?) be done to enforce our existing copyright laws so that measures such as the one you are fighting will eventually be unnecessary?
    • Just as a footnote: in most states, it's not actually illegal to pick a lock to gain entry, although in most cases you could be busted for trespassing, I guess. It is illegal to own a lock-pick with the intent of using it illegally, and it is also illegal to use a lock-pick to burgal a house. Not really important, but just to clarify.
    • Your analogy is just as flawed as the analogy (and to often the equation) of copyright priveleges and property rights.
      • The comparison I was making was between things traditionally thought of as property and the stuff that people use encryption to try to protect (if it's not property, what is it?).

        If you think the analogy is flawed, please elaborate. I would be interested to hear any intellegent commentary on the issue.
  • by sid_vicious ( 157798 ) on Wednesday November 28, 2001 @02:51PM (#2625790) Homepage Journal
    Dr. Felten,

    I don't think that anyone on this site would argue for an instant that current law has had a chilling effect on researchers such as yourself. The government has forbidden legitimate research into security circumvention tools, essentially sticking its head in the sand and pretending that crackers and citizens of foreign countries won't continue security research themselves.

    That having been said, the events of September 11th really came as a shock to the system for a lot us here. Suddenly, the idea of someone, say, cracking Triple-DES and distributing the crack on the Internet seemed a little more scary than it did on September 10th. If someone (*cough*Al Queda*cough*) were able to read our military secrets, you can bet there would be a real loss of human life associated with it.

    Obviously, discussing flaws in SDMI and publishing a Triple-DES crack are two different balls of wax. So, the real question - do you think anti-circumvention legislation is *ever* warranted? Or is any legislation at *all* simply more sticking our heads in the sand?

    (proudly wearing my DeCSS t-shirt :-)
    • cracking 3DES is perfectly legal, and if someone did find a way to crack it, its millions of users would definitely like to know! Al Qaeda or no Al Qaeda.
      • cracking 3DES is perfectly legal

        You don't think that would be considered trafficking in a security circumvention device?

        ... if someone did find a way to crack it, its millions of users would definitely like to know! Al Qaeda or no Al Qaeda.

        Absolutely, I agree that millions of people would want to know. And they should know, but perhaps the research should be classified by law for a reasonable period of time after the discovery, to allow time for a new encryption method to be deployed.

        Imagine for a moment that I post the magical Triple-DES crack on the Internet. Wham, bad guys now have access to everything from credit card numbers to troop movements. If we had time to deploy a new encryption scheme, we could minimize the damage that was done.

        Now, granted, this won't stop everyone (e.g., foreign citizens) from publishing their research. And any reasonable U.S. citizen probably *would* turn their research into the government before publishing something like this. This would just be a way to keep honest people honest.

        • > You don't think that would be considered trafficking in a security circumvention device?

          The DMCA doesn't outlaw the trafficking of a security circumvention device. Only tools which circumvent access to a *copyrighted work*. I agree that it's a bad law, but we should be careful about what it actually covers.
          • The DMCA doesn't outlaw the trafficking of a security circumvention device. Only tools which circumvent access to a *copyrighted work*. I agree that it's a bad law, but we should be careful about what it actually covers.

            Good point, you're right - thanks for catching that.
          • Just asking, but is it known that 3DES is not used at all to protect copyrighted works? Also, the fact that the DMCA only applies to digital works reveals the inconsistency in the whole thing.
  • by cats-paw ( 34890 ) on Wednesday November 28, 2001 @02:51PM (#2625795) Homepage
    Everybody likes to talk about standing up for free speech, but many would rather sit on the bench than actually step up to the plate.

    How has this situation affected you personally ?

    Has it increased your level of day to day stress ?

    Do you lose sleep over it ?

    I'm referring both to your original decision to publish your work and your current legal effort.
  • RIAA (Score:3, Interesting)

    by mshomphe ( 106567 ) on Wednesday November 28, 2001 @02:52PM (#2625801) Homepage Journal
    What has been the tenor of the lawsuit with respect to the RIAA, what has their attitude been? For example, has the RIAA offered concessions, or have they been confident in their position?
  • Public research (Score:2, Insightful)

    by Chatterton ( 228704 )
    Research has started as a public research for the good of everybody, everything public researcher discovered was made public. Now, we can see a trend that some public founded researchs get screwed because of some ridiculous patents or laws. Did you try to make some clear ruling about that with your case against the SDMI? What are your hopes about the results?
  • by oooga ( 307220 ) <oooga@usa.nUMLAUTet minus punct> on Wednesday November 28, 2001 @02:55PM (#2625819)
    All of us here have our own opinions of the RIAA, copy protection, fair use, and the legal actions the RIAA has taken (mostly along the lines of Hillary Rosen must be atomized), but, as someone who has been directly affected by the RIAA's hubris, what's your opinion all this? Do you think the RIAA is legitimatly -- albeit illegally -- interested in protecting the interests of musicians, or do you think their loyalties lie with the producers and labels? Do you think they think they are really the good guys? Do you think they are after money or control?

    One more thing: what do you anticipate will be the end result of the intellectual-property fiasco? Will we be condemned to a world of SDMI and single-use music, or will fair use win out in the end?
  • How much.... (Score:2, Interesting)

    by KingAdrock ( 115014 )
    At what point would you have said screw my convictions, I'm taking the money. 100k? a million? five million?

    No, really!
  • by mini me ( 132455 ) on Wednesday November 28, 2001 @02:58PM (#2625840)
    It seems like every time someone creates a new method to protect copyright works, the protection is bypassed, sometimes within days. Everyone on Slashdot always says if you can hear it, you can copy it and that is very much true, it is just the nature of the technology we have today.

    From a technological standpoint, do you feel the RIAA is wasting thier time or do you think they will reach a certain level of protection that will be worth thier efforts?
  • by Sven Tuerpe ( 265795 ) < minus physicist> on Wednesday November 28, 2001 @02:58PM (#2625844) Homepage
    Dear Dr. Felten,

    From a scientific point of view, is there any evidence that technologies could be invented which enable producers of digital content to control how this digital content is used, and by whom? Should there be a difference between theory and real life, I'd be interested in an answer under real-world assumptions, that is, there is an Internet and people connect to it using devices fully under their own control.

    • well, it's not about controlling content, but the idea of a quantum key/signature to control content seems rather feasible if we ever reach that threshold.

      see: 24 2&mode=thread

      and check the linked story. it talks about quantum transmission.

      note: this may apply more to say, encrypting transmissions for military use that we wouldn't want, say, al-qaida sniffing & decrypting.
  • I'm curious to what your take is on copy protections and the history of their circumventions.

    In my view it seems that no matter what copy protection technology comes out, someone makes something to circumvent and defeat it.

    Do you think there will there ever be an "unbreakable" protection scheme?

    And how easy/hard is it to "alter" an image or a sound clip to defeat it's watermark?

  • by f00zbll ( 526151 ) on Wednesday November 28, 2001 @03:01PM (#2625864)
    Since your encounter with RIAA, have you come across other researchers/projects that are hindered in real academic or corporate research? If so, what is the depth and range of the effect? If not, what do you see as potential unintentional implications, which legislators and companies have no considered, but is possible under the new copy protection laws?
  • Advice (Score:5, Interesting)

    by r.suzuka ( 538257 ) on Wednesday November 28, 2001 @03:01PM (#2625865) Homepage
    I am currently a student and my friends and I all have an interest in "hacking", both hardware and software. Many of the laws that have bound you in the United States will also bind us here in Japan due to the multinational nature of many corporations and agreements on Intellectual Property.

    Do you have advice for the curious student, perhaps someone interested in research or experiments similar to yours, but without any resources to assist him in a court of law? I have had a friend who received threats of a legal nature from a large company and he chose not to continue his research since he did not have the resources for a lengthy legal battle.

    To conclude my question, what would you recommend to the student who wishes to do as you have done, but does not have similar resources?

    Thank you.

    R. Suzuka
  • Leave the country? (Score:3, Interesting)

    by mocm ( 141920 ) on Wednesday November 28, 2001 @03:04PM (#2625887)
    Is it possible that scientist like Dr. Felton who are working in areas where they might come in conflict with the DMCA or similar legislature, will choose to work at non-US universities rather than subject themselves to possible lawsuits and imprisonment in the US.
    And in the same context might foreign scientist refrain from coming to conferences in the US for the same reason.
    • Not to step on toes here, but I thought that the above question was good, but phrased a bit awkwardly:

      Dr. Felton, do you think that a scientist who is working on research that may come into conflict with the DMCA or similar legislature will choose to work at a non-US university to avoid legal trouble?

      In the same vein, do you think that laws like the DMCA will prevent scientists from foreign countries from coming to the US to do research?
  • Regrets? (Score:3, Interesting)

    by thesolo ( 131008 ) <> on Wednesday November 28, 2001 @03:05PM (#2625892) Homepage
    Dr. Felten,

    As the old axiom goes, "Hindsight is 20/20". At this point in your battle, having become a public representative of academic freedom and constitutionality, is there anything you regret, any decisions you would have made differently if you could do all of this over again?

    As an avid slashdot reader & EFF supporter, I'd like to wish you the best of luck in your fight! I'm sure I speak for the entire slashdot community when I say that you are truly an inspiration to us all.

  • IP and the Law (Score:5, Interesting)

    by way0utwest ( 451944 ) on Wednesday November 28, 2001 @03:05PM (#2625901)
    Dr Felton,

    Any security protection will deter 80-90%of the people. Of the remaining people, 1-2% will not be deterred by anything and the rest will take advantage of the work of the 1-2%. Copy protection doesn't work in the digital world as well as it works in the analog world. It would seem that perhaps the laws governing the digitial world ought to be different from the analog world, perhaps even different for different types of digital "ideas".

    What is your opinion of the best way to implement copyright, patent, or other Intellectual Property protection for authors while protecting fair use rights of consumers?
  • by DJFelix ( 468187 ) <> on Wednesday November 28, 2001 @03:06PM (#2625907) Homepage
    What do you think the realistic impact on illegal music trading would be if the technology you tested was implemented on a widescale basis now that your research is in the public domain?
  • Flanders? (Score:1, Offtopic)

    by FortKnox ( 169099 )
    Don't you think Flanders is a bad football coach?

    Yes, folks, I am indeed on a roll.
    I'll keep the bad jokes coming!
  • Fair Use (Score:3, Interesting)

    by SirSlud ( 67381 ) on Wednesday November 28, 2001 @03:09PM (#2625927) Homepage
    A social question .. do you feel that the pervasion of technology as a means of security contributes to the number of people who feel comfortable with trying to do something illegal (ie, Napsterize, for example)? Do think disproving the effectiveness of current watermarking schemes is an incentive for the RIAA to combat piracy as a social problem, or simply as an incentive to develop more secure, uncrackable copyright protection schemes?
  • by ( 113202 ) on Wednesday November 28, 2001 @03:10PM (#2625934) Homepage
    ...Don Quixote?

    MicroSoft, RIAA, DMCA...

    You're playing with the big boys.

    Where do you see yourself ending up?

    • Karen Silkwood (dead),
    • Ralph Nader (increasingly an irrelevant parody of himself),
    • ??? (surely somebody was successful at windmill-tilting), or
    • Somewhere else?
  • by imrdkl ( 302224 ) on Wednesday November 28, 2001 @03:10PM (#2625939) Homepage Journal
    I've seen some discussion that leads me to believe that the RIAA will eventually want to sell music with individual watermarks, based on individual's keys. (Possibly from the National Identity Card key).

    Is it much more difficult (outside of mass distribution issues) to mark each distinct copy with a unique watermark, than it is to use a single generic watermark?

  • by bstadil ( 7110 ) on Wednesday November 28, 2001 @03:11PM (#2625945) Homepage
    Assuming that you win the case and the court awards reimbursement of legal cost. I read that it is expected to reach up to $2M. How much of that is covered by donation and what will the money be spend on. Further efforts against DMCA or some of the newer Sept. 11 induced attacks of civil liberites?
  • by Anonymous Coward
    Hi Dr. Felton,
    I admire you and your colleagues and consider you part of my group of personal heroes. My questions is this, with technology (namely the internet) serving as a the most accelerated vehicle for globalization, and with America leading the world in many technologies, and especially those concerning entertainment industries -- where IP is king -- how do you see the interests of Private parties such as corporations extending the reach of American law to the entire global market. For example, if it was a Russian, Chinese, Isreali professor who cracked the SDMI would the RIAA still have credible threats. I think they would, but I don't think they should. Can you talk a little about the domain of (US) IP law and the negative effect of IP laws in academic research, which has always benefitted from global networks.
    Thanks, Patrick
  • How did this happen? (Score:5, Interesting)

    by DaoudaW ( 533025 ) on Wednesday November 28, 2001 @03:14PM (#2625977)
    First, congratulations on a nice piece of work!

    The RIAA seems clearly out-of-line in their legal attempt to stop the publication of your work. Hopefully your legal case against them will set usable boundaries for Intellectual Property disputes in future.

    My question is: How did the RIAA get themselves in this situation? It appears really stupid for an organization of their stature. Didn't they know where to find a good mathematician when they developed SDMI? With all due respect, surely you weren't the only guy out there who could solve this problem. Then to lay it out on the table and bet the world, it couldn't be read. It just all seems like a comedy of bad management.

    How did it happen???
  • by Vicegrip ( 82853 ) on Wednesday November 28, 2001 @03:15PM (#2625984) Journal
    People have long decried the increasing trend in university scientific research whereby private corporations seem to be dictating more and more what should be the subject of academic interest.
    Now we have a private entity blazanly attempting to suppress research they didn't even finance because it shows critical weaknesses in their technology (even if they make the weak claim they have a disinterested motivation for their action). Not withstanding the incredible poor taste of telling a professor he can't present his work, after having asked for said research to happen in the first place, because the conclusions the work comes to aren't the ones desired. I am left with the bitter cold feeling that we are slowly slipping into a new era of corporate meddling where all manner of 'unpopular' academic research will find itself the subjects of lawsuits because some crafty lawyer has found a new way to extropolate the clauses of the DMCA in such a way that it protects his clients product in some fashion.
    What are your thoughts on this and how do you assess the willingness of america's academia to resist this trend?
  • As a developer myself, I have given a lot of thought to protection schemes and what-not, but really feel like it may not be worth the effort at a certain point... Is there a "magical" formula that can approximate the amount of time and money that goes into protecting your software from being copied? I firmly believe that no matter how hard a person/corporation tries, they're never going to come up with something that can't eventually be cracked. I also believe that it is reasonable to spend some time and money on protecting your software, at least from the everyday user. The amount of people that can/do crack some of these protection schemes is small in relation to the total number of users in most cases. If a person/company can at least protect his software from the masses... then maybe that's good enough at a certain point? I tend to believe that's why the RIAA has really been up in arms about all of this... ever since Napster become so popular and so easy to use that all of the non-technical people could also pirate music. I guess my question is mainly "do you think it is worth the RIAA's effort and investment to protect music from being copied? And at what point would/wouldn't it be worth it?" Thanks, thundercatzlair
  • by Coniine ( 524342 )
    Personally I feel very strongly that legislation banning or regulating reverse engineering is wrong in the moral sense. Scientists, mathemeticians and students of literature reverse engineer nature and the human mind. Reverse engineering a few man-made items seems to me to be part of the same pursuit of curiosity. Would you care to comment?
  • If the watermark was of a tree falling in a forest, and no one was around to hear that tree, would it make a sound? Could be a good watermarking scheme ;)
  • The DMCA seems to contains the seeds of a very dangerous concept - that of requiring credentials to perform research into cryptography. My position is that anyone who cares to has a right to perform "research" and to publicize the results. To limit research to guild members is incredibly offensive. Any thoughts or comments?
  • Where do you feel that academic research and law will go from here?
    Who do you blame for the current debacle? Those who drafted the law or those who in an over zealot reach asked for the law (and possibly wrote it)?
    And, what's your worst fear of these groups trying to legislate their commercial rights?

  • Do you think that the RIAA's suit against you implies that they are themselves skeptical that they can create a good security scheme?
    • I'll bet they do hire people like him. Hell, I'd work there if I could. Can you imagine the typical day of a "Content Control Coordinator"?

      CCC1: "Dude, they want us to come up with something stronger."
      CCC2: "Shit, haven't they got it through their thick skulls yet? It won't work."
      CCC1: "Let's tell them we need to spend more to come up with an effective system."
      CCC2: "Cool, time to buy some more Nerf guns!"
      CCC1 & CCC2 (unison): "Man, I love this job."


  • dr, felton. why did you cancel you first presentation. were u afraid of them?
  • After Napster and all the other file-sharing services it seems downloading music (and movies) without paying a cent has become the norm.
    Do you think that, by using cryptography, watermarking or other copy-protection/prevention technologies, the entertainment industry can go back to the past situation when everyone paid (a lot) for having their copies of music/movies or, on the contrary, the technologies don't exist and will never exist to prevent the parallel distribution that we have nowadays? .
  • by Anonymous Coward
    Dr Felten,

    It has been my experience that academia tries, or atleast pretends to try to protect intellectual property. I think its really cool you stepped up to the challenge of breaking the watermark, but the course of action seems strange. The industry although bloated and corrupt is trying to protect their intellectual rights, and now you to are trying to do the same thing in a legal battle. So my question is then, why did you take this project on? Was it get your name out there (which is important in academia), to help the industry out (which is why they gave you $10,000), or some reason I missed. It seems strange that you would go public with the watermark information if you are worried about your own rights..

  • Presumably since the recording industry's current attempts at watermarking schemes have been cracked, they will try to implement new systems.

    Do you plan to try to find weaknesses in newer schemes, or do the current legal headaches discourage you from doing so?

    Was it simply the existence of the contest which prompted you to do the research you did, or would you try to work on cracking future schemes even if there were no such contest?

  • Is my assessment that SDMI is dead as a doornail correct, or not?
  • by mttlg ( 174815 ) on Wednesday November 28, 2001 @03:50PM (#2626199) Homepage Journal
    What do you see as being the future of digital media: a business model based on consumers having little or no control over the information they pay for and consumers willing to put up with this, or something more similar to traditional rules where a company has little control over its product once it is sold, digital or otherwise?
  • Involvement (Score:1, Offtopic)

    by Syberghost ( 10557 )
    Can Wil Wheaton be in your paper?
  • by DG ( 989 ) on Wednesday November 28, 2001 @04:26PM (#2626454) Homepage Journal
    Dr. Felten,

    It seems, from the outside, that you are in a position similar to the "Gambler's Ruin" fallecy.

    (For those not familliar with this, it works like this: Bob goes to a casino. He bets $2 on a game of chance. If he loses, he plays again with $4, and with $8, $16, $32 etc, doubling his bet each time he loses. The idea is that if he wins, he wins back all the money he lost up to that point, and the odds of his losing streak continuing very deep - assuming reasonable house advantage - are pretty small.

    The "fallecy" par crops up in that the casino has access to far greater resources than Bob. Bob's bet gets pretty big in a hurry (and the amount spent is culmulative, until he wins) so the odds are that for reasonable values of Bob's bankroll, the casino can outlast him and take his money in the end)

    The RIAA (and Microsoft, and Hollywood studios, and similar offenders) have very deep pockets, whereas individuals like Dr Felten are close to Bob. The problem seems to be that any of these rich organizations can keep the legal battle going indefinately (spending money on lawyer's fees all the while) and eventually bleed Bob (or Dr Felten) dry.

    Dr Felten, based on your recent experience

    1) Do you agree with this analogy, and

    2) How can you expect not to be bled dry, financially, by the process?

  • I've been thinking about what is fundamentally wrong with SDMI and digital watermarking, and I wonder if a technical expert would object to my characterization of exactly how the stuff works.

    Technically, how well does software that verifies SDMI-watermarks fit into the metaphor of "quartering of soldiers" in terms of privacy? Can we make the argument that SDMI is an invasion of privacy because the cryptographic software extends the influence of publishers into the private domain of users' legally purchased hardware?
  • Hello Dr. Felten,

    In a slightly related topic, you were very active and instrumental in the DOJ's case against Microsoft. What is your opinion on the settlement talks and the outcome so far?
  • by meara ( 236388 ) on Wednesday November 28, 2001 @05:33PM (#2626990)
    How supportive has Princeton been during this process? Have you ever felt any pressure from within not to expose the University to costly lawsuits, or have they been behind you all the way?
  • I can't get rid of this thing!
  • After reviewing the paper on the the DMSI's
    watermarking techniques, I was curious about
    the effect this has on the quality of the recording--especially in classical music.

    Are there any audible artifacts?
    (even the SLIGHTEST?)

    Do the watermark techniques you've seen affect the timbre or pitch?


    Bill Klemm
    Rice University
  • I just bought a set-top box to play DVDs, CDs, CD-R/Ws, CD-Rs, and MP3s.

    Unfortunately, some CDs sold as music may not play on my home sound system using this device, as I understand the implications of watermarking.

    Is this a true statement? The watermarking which you researched - is it equivalent to someone selling me a defective game disk? And does it distort any of the frequencies my dog and goldfish enjoy, so that we will not all enjoy the desert trance music in the same way?

  • Part of the arrangement of the copyright system is, that works that are given copyright protection (by law) are to have that copyright expire after a number of years.

    Do you believe that the corporations that are using copyright laws to protect their works (which make a vast profit for them) will ever permit these works to be available in the public domain once this period of protection has expired?

    and how will it be possible to enforce the general public rights at the time of expiration if they are only available in an unbreakable encrypted form?

    sorry that's 2 questions, but one is intimately linked to the other.

    Simon Wood.
  • by Goonie ( 8651 ) <> on Wednesday November 28, 2001 @07:23PM (#2627609) Homepage
    As well as Sedgewick [] and Kernighan [], Robert Tarjan (major graphs algorithm researcher) is also in your rather star-laden department, and according to a friend of mine is currently working on digital watermarking methods.

    Given that you've been so prominent in demonstrating the weakness of watermarking techniques thus far, how do you like his company's chances of succeeding, and has your academic interest in defeating watermarking schemes resulted in some interesting debates in the lunchroom?

  • by hearingaid ( 216439 ) <> on Wednesday November 28, 2001 @08:37PM (#2627905) Homepage

    Dr. Felten:

    Some commentators would characterize the last 25 years or so as a conflict between patent holders (the manufacturers of consumer technology) and copyright holders (the producers of consumer culture). The landmark U.S. Supreme Court case, Sony v. Universal, was set up as typifying this conflict.

    However, it would seem that, many years after the movie studios lost their attempt to prevent consumer VCRs from being sold, the VCR has, if anything, benefitted the motion picture industry.

    Similarly, in the recent Napster case, it is worthwhile noting that after the RIAA successfully shut down Napster, their sales started to immediately decline, and have continued to decline. Many have argued that Napster provided a vastly superior method of music promotion, especially for older records, than radio, and its shutdown has resulted in music fans not finding out about records they might otherwise buy.

    Do you think that this conflict is more imagined than real? In other words, is it more likely to the benefit of the cultural industries to work with technological development, rather than fight it?

  • We keep seeing cryptographic copy control attempted and broken. DVD-CSS, SMDI, the high bandwidth crypto stuff mentioned on slashdot recently.

    Do you think it's at all possible to create a true playback control system? Perhaps using public key crypto and un-hackable hardware? Or do you believe that it is truly mathematically impossible to do
  • by SiliconEntity ( 448450 ) on Wednesday November 28, 2001 @10:26PM (#2628442)
    The news today [] is that your lawsuit has been dismissed; you have lost this first round. No doubt you will appeal, but it seems that the main legal issue is that the chilling effect has been completely hypothetical. You feared that you would be sued, and you have many statements from other researchers sharing these concerns, but no one has actually been sued yet.

    It appears that until you or some other legitimate researcher goes forward with publication and is sued or prosecuted for it, the courts may think you are just crying wolf to try to get a law you don't like changed. A number of researchers have stated that they now intend to stop working on analyzing content protection. If this court decision is upheld, that will prevent the DMCA from being overturned.

    Are you willing to go forward with research and publication in violation of the DMCA? The only way to stop you then will be to actually use the DMCA against you, and it can finally be tested in court. Will you take this risk when so many researchers are backing away?

  • by t ( 8386 )
    It seems to me that Jpeg2000 will automatically disable watermarking by its very nature. A key aspect of Jpeg2000 is that it encodes images by bitplanes of significance. You have the option of say cutting out the least significant 10% of the data.(It's currently only still images but I'm sure it'll be easy to extend the technology to everything else.)

    Watermarking on the other hand seems to rely on hiding in the least significant bits of the data. Pretty soon any images that are supplied in Jpeg2000 format or converted to it would have an automagic way of killing any watermarks present.

    I think watermarking has already lost. What do you think of this?


A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson