Ask Ed Felten About Watermarking Analysis And More 191
Dr. Edward Felten is in a funny position -- or perhaps not so funny. He's the Princeton researcher who took up the challenge posed by the music industry to find flaws in the SMDI watermarking scheme, but didn't enter into the 'no-telling' bargain (here's the click-through agreement [pdf]) which would have made him eligible for a reward, so wasn't bound by non-disclosure terms. When a scheduled academic presentation on the weaknesses [pdf] that he and his colleages found in SDMI became the object of lawsuit threats from the RIAA, and caused him to cancel the planned presentation, Felten decided to turn the tables, and in cooperation with the EFF, sue them instead, for interfering with his scholarly research. Though he did eventually get to present his research, the legal action is still going. Dr. Felten is at a hearing today in Trenton, NJ, but he's agreed to answer questions from Slashdot readers. Please confine your questions carefully (one per post), and we'll pass the highest-moderated ones on for his answers.
Mathematical feasability (Score:4, Redundant)
Re:Mathematical feasability (Score:2)
Question regarding precident (Score:3, Offtopic)
Best case outcome for your lawsuit? (Score:5, Interesting)
What is the best case outcome for the lawsuit that you and the EFF have started. Is it possible that the DMCA (or parts of it) can be found unconstitutional? Or would a "best case" just be a weaking of the DMCA, where for certain purposes people would be allowed to discuss their findings regardless of the DMCA.
Also, how likely (in the opinion of you or your lawyers) are the different possible outcomes of this case?
Re:Best case outcome for your lawsuit? (Score:2)
What is the best case outcome for the lawsuit that you and the EFF have started
Thats easy: the *best case* outcome would be that a fleet of freedom-loving super-model alien beings, in awe of our free operating systems and just legal system, land on Earth and hold a celebration in honor of Dr. Felten and the EFF thereby bringing peace, wealth, flying cars, and of course, love to all of humanity. Unlikely? Perhaps... But definitly the best outcome all around.
What do you further hope to accomplish (Score:3, Redundant)
What do you hope to accomplish further, and in your opinion, what could be the best possible outcome from your lawsuit against the RIAA.
Re:What do you further hope to accomplish (Score:2)
I thought that, when the annoucement was made that he could present the research, that Felton (or his lawyers or someone) came out and said that it was specifically to form a precedent, so that other researchers couldn't be bullied/hassled/hampered by similar attacks.
If you were the RIAA (Score:5, Interesting)
"secure your work?"??? (Score:1)
Re:"secure your work?"??? (Score:1)
Re:If you were the RIAA (Score:1)
Better question (Score:1)
If you were in the position where you were trying to get a handle on rampant piracy of your work, what (digital) means would you pursue to secure your work?
Since your question is so loaded with industry propaganda words, Ive composed a more logical alternative:
"If you were in the position where your outdated business model was poised to become unprofitable as the market began realize that your company was a useless fat layer that provides no added value, what digital algorithm could you deploy to extend your control over distribution while preserving high profit margins?"
A better way (Score:1)
Research and its applications (Score:5, Interesting)
This gets down to a licensing issue, on the public being charged twice for the research and it's benefits.
Eric Gearman
--
Expectations/Precedent (Score:3, Redundant)
Academic Integrity (Score:5, Interesting)
As an academic myself, I am gratified by your colleagues and your decision to publish your findings instead of claiming the $10000 prize (personally, I find the $10000 "prize" for the HackSDMI challenge measly, and even bordering on insulting.).
The fact that you are suing the RIAA for intefering into your academic activities indicates your stance on the issue of academic freedom to research. However, the RIAA has deep-pockets, and the fight has just begun. It is not inconceivable that in the future, the academia may come under the control of rich corporations manipulating research for their own selfish ends.
So, my question is, do you see a bright future for a "free academia" or do you see a academia that willi increasingly be locked down by corporate interests and their lawyers/lobbyists?
Re:Academic Integrity (Score:2, Insightful)
It already has! In fact, I graduated from Pepsi University several years ago. Sure, it wasn't actually called "Pepsi University" but I challenge anyone to find a Coke vending machine anywhere on campus.
Why do professors use different books for each semester of classes? Does the field of calculus really go through revolutionary changes every six months, enough to warrant selecting a whole new book to teach from? Of course not, but if you used the same book year after year, the publishers (who apparently own the professors) wouldn't be able to continuously rake students over the coals for new $100 textbooks.
Re:Academic Integrity (Score:1)
Re:Academic Integrity (Score:2)
Re:Academic Integrity (Score:1)
Re:Academic Integrity (Score:1)
Iv'e got an idea, how's about some poor white trash crackers, like me cause the same kind of trouble that the eminent Professor did? They can't get anything from guys like us, we can gum up the greedy bastards forever. But we need guys like the Prof. for guidance as we are much too busy with drugs, booze and prostitutes to notice anything like this
Lawsuit (Score:3, Interesting)
Or is it more likely that the judge will actually tackle the real issue of the DMCA stifling research (and now foreign visitors presenting papers re: Sklyarov)
-Jerry
Re:Lawsuit (Score:2)
In many ways I see the answers to these questions being more important to us in the long-run than the answers to the lawsuits themselves. If the Judiciary doesn't even give citizens a chance to defend their rights, all of our future battles will be over before they begin.
Flawless technology, how close are we? (Score:1)
Do you think the music industry will ever perfect security measures on cds and other media, or will there always be some flaw to be exploited? Will research such as yours perhaps lead to impregnable copy protection, and is that a good or bad thing in your opinion?
A couple questions (Score:5, Interesting)
First, when you started your research, did you ever expect that you would be at the forefront of a legal battle to keep academic speech free and protected? Do you ever have any misgivings about taking a high profile in this matter? I know there are some researchers (some of my colleauges included) who shy away from anything legal and would rather just do work that might not be as controversial. It's good to see you getting involved and make sure that our rights as academics are preserved.
Secondly, what has it been like working with the EFF? I have a great deal of respect for them and have been a member for a couple of years now. I am just curious as to the 'behind-the-scenes' process that you and the EFF lawyers have been persuing as this case pans out.
Why? (Score:5, Interesting)
Advise For Others In Your Situation (Score:5, Interesting)
Thank you
Was this a trap? (Score:5, Interesting)
I am not talking about breaking the watermark itself, but the planned presentation and then you not presenting because of the RIAA threat?
Re:Was this a trap? (Score:2)
Crypto Protection vs Copyright issues (Score:3, Interesting)
Is watermarking safe? (Score:2, Funny)
Re:Is watermarking safe? (Score:1)
-Derek
Lessons to Learn (Score:1, Insightful)
Academic Freedom (Score:1, Insightful)
Research Disruption vs. Precident Case (Score:4, Interesting)
I understand the reasoning behind countersuing for disruption of research, but why would you choose this option over a direct countersuit to challenge the DMCA? Your victory could theoretically mean the end of the DMCA by setting a valuable precedent.
Lockpicking and decrypting (Score:5, Interesting)
(now to my question)
It seems that if laws against breaking and entering were not enforced, people (particularly those who wanted to protect themselves and their valuables) would be a lot more concerned about lock-picking. What do you think can (or should?) be done to enforce our existing copyright laws so that measures such as the one you are fighting will eventually be unnecessary?
Re:Lockpicking and decrypting (Score:1)
Re:Lockpicking and decrypting (Score:1)
Re:Lockpicking and decrypting (Score:2)
If you think the analogy is flawed, please elaborate. I would be interested to hear any intellegent commentary on the issue.
How to balance circumvention research and security (Score:4, Interesting)
I don't think that anyone on this site would argue for an instant that current law has had a chilling effect on researchers such as yourself. The government has forbidden legitimate research into security circumvention tools, essentially sticking its head in the sand and pretending that crackers and citizens of foreign countries won't continue security research themselves.
That having been said, the events of September 11th really came as a shock to the system for a lot us here. Suddenly, the idea of someone, say, cracking Triple-DES and distributing the crack on the Internet seemed a little more scary than it did on September 10th. If someone (*cough*Al Queda*cough*) were able to read our military secrets, you can bet there would be a real loss of human life associated with it.
Obviously, discussing flaws in SDMI and publishing a Triple-DES crack are two different balls of wax. So, the real question - do you think anti-circumvention legislation is *ever* warranted? Or is any legislation at *all* simply more sticking our heads in the sand?
(proudly wearing my DeCSS t-shirt
Hate to state the obvious but (Score:1)
Re:Hate to state the obvious but (Score:1)
You don't think that would be considered trafficking in a security circumvention device?
Absolutely, I agree that millions of people would want to know. And they should know, but perhaps the research should be classified by law for a reasonable period of time after the discovery, to allow time for a new encryption method to be deployed.
Imagine for a moment that I post the magical Triple-DES crack on the Internet. Wham, bad guys now have access to everything from credit card numbers to troop movements. If we had time to deploy a new encryption scheme, we could minimize the damage that was done.
Now, granted, this won't stop everyone (e.g., foreign citizens) from publishing their research. And any reasonable U.S. citizen probably *would* turn their research into the government before publishing something like this. This would just be a way to keep honest people honest.
Re:Hate to state the obvious but (Score:1)
> You don't think that would be considered trafficking in a security circumvention device?
The DMCA doesn't outlaw the trafficking of a security circumvention device. Only tools which circumvent access to a *copyrighted work*. I agree that it's a bad law, but we should be careful about what it actually covers.
Re:Hate to state the obvious but (Score:1)
Good point, you're right - thanks for catching that.
Re:Hate to state the obvious but (Score:1)
how has this affected you personally ? (Score:4, Redundant)
How has this situation affected you personally ?
Has it increased your level of day to day stress ?
Do you lose sleep over it ?
I'm referring both to your original decision to publish your work and your current legal effort.
RIAA (Score:3, Interesting)
Public research (Score:2, Insightful)
What's your opinion of the RIAA & copy protect (Score:4, Interesting)
One more thing: what do you anticipate will be the end result of the intellectual-property fiasco? Will we be condemned to a world of SDMI and single-use music, or will fair use win out in the end?
How much.... (Score:2, Interesting)
No, really!
Is copy-protection even possible? (Score:3, Interesting)
From a technological standpoint, do you feel the RIAA is wasting thier time or do you think they will reach a certain level of protection that will be worth thier efforts?
Is Copy-Protection Possible? (Score:5, Interesting)
From a scientific point of view, is there any evidence that technologies could be invented which enable producers of digital content to control how this digital content is used, and by whom? Should there be a difference between theory and real life, I'd be interested in an answer under real-world assumptions, that is, there is an Internet and people connect to it using devices fully under their own control.
Re:Is Copy-Protection Possible? (Score:1)
see:
http://slashdot.org/article.pl?sid=01/06/29/202
and check the linked story. it talks about quantum transmission.
note: this may apply more to say, encrypting transmissions for military use that we wouldn't want, say, al-qaida sniffing & decrypting.
Do you think an unbreakable copyprotect can happen (Score:2, Interesting)
In my view it seems that no matter what copy protection technology comes out, someone makes something to circumvent and defeat it.
Do you think there will there ever be an "unbreakable" protection scheme?
And how easy/hard is it to "alter" an image or a sound clip to defeat it's watermark?
Thanks.
The impact of new legislation (Score:3, Interesting)
Advice (Score:5, Interesting)
Do you have advice for the curious student, perhaps someone interested in research or experiments similar to yours, but without any resources to assist him in a court of law? I have had a friend who received threats of a legal nature from a large company and he chose not to continue his research since he did not have the resources for a lengthy legal battle.
To conclude my question, what would you recommend to the student who wishes to do as you have done, but does not have similar resources?
Thank you.
R. Suzuka
Leave the country? (Score:3, Interesting)
And in the same context might foreign scientist refrain from coming to conferences in the US for the same reason.
Rephrasing the above post (Score:1)
Dr. Felton, do you think that a scientist who is working on research that may come into conflict with the DMCA or similar legislature will choose to work at a non-US university to avoid legal trouble?
In the same vein, do you think that laws like the DMCA will prevent scientists from foreign countries from coming to the US to do research?
Regrets? (Score:3, Interesting)
As the old axiom goes, "Hindsight is 20/20". At this point in your battle, having become a public representative of academic freedom and constitutionality, is there anything you regret, any decisions you would have made differently if you could do all of this over again?
As an avid slashdot reader & EFF supporter, I'd like to wish you the best of luck in your fight! I'm sure I speak for the entire slashdot community when I say that you are truly an inspiration to us all.
-Mike
IP and the Law (Score:5, Interesting)
Any security protection will deter 80-90%of the people. Of the remaining people, 1-2% will not be deterred by anything and the rest will take advantage of the work of the 1-2%. Copy protection doesn't work in the digital world as well as it works in the analog world. It would seem that perhaps the laws governing the digitial world ought to be different from the analog world, perhaps even different for different types of digital "ideas".
What is your opinion of the best way to implement copyright, patent, or other Intellectual Property protection for authors while protecting fair use rights of consumers?
What would the realistic impact be? (Score:5, Interesting)
Flanders? (Score:1, Offtopic)
Yes, folks, I am indeed on a roll.
I'll keep the bad jokes coming!
Fair Use (Score:3, Interesting)
Do you ever feel like... (Score:3, Interesting)
MicroSoft, RIAA, DMCA...
You're playing with the big boys.
Where do you see yourself ending up?
What about individual watermarking (Score:3, Interesting)
Is it much more difficult (outside of mass distribution issues) to mark each distinct copy with a unique watermark, than it is to use a single generic watermark?
Use of EFF Donations. (Score:3, Interesting)
Effects of American "IP" laws on a global scale (Score:1, Insightful)
I admire you and your colleagues and consider you part of my group of personal heroes. My questions is this, with technology (namely the internet) serving as a the most accelerated vehicle for globalization, and with America leading the world in many technologies, and especially those concerning entertainment industries -- where IP is king -- how do you see the interests of Private parties such as corporations extending the reach of American law to the entire global market. For example, if it was a Russian, Chinese, Isreali professor who cracked the SDMI would the RIAA still have credible threats. I think they would, but I don't think they should. Can you talk a little about the domain of (US) IP law and the negative effect of IP laws in academic research, which has always benefitted from global networks.
Thanks, Patrick
How did this happen? (Score:5, Interesting)
The RIAA seems clearly out-of-line in their legal attempt to stop the publication of your work. Hopefully your legal case against them will set usable boundaries for Intellectual Property disputes in future.
My question is: How did the RIAA get themselves in this situation? It appears really stupid for an organization of their stature. Didn't they know where to find a good mathematician when they developed SDMI? With all due respect, surely you weren't the only guy out there who could solve this problem. Then to lay it out on the table and bet the world, it couldn't be read. It just all seems like a comedy of bad management.
How did it happen???
The beginning of a new age? (Score:4, Interesting)
Now we have a private entity blazanly attempting to suppress research they didn't even finance because it shows critical weaknesses in their technology (even if they make the weak claim they have a disinterested motivation for their action). Not withstanding the incredible poor taste of telling a professor he can't present his work, after having asked for said research to happen in the first place, because the conclusions the work comes to aren't the ones desired. I am left with the bitter cold feeling that we are slowly slipping into a new era of corporate meddling where all manner of 'unpopular' academic research will find itself the subjects of lawsuits because some crafty lawyer has found a new way to extropolate the clauses of the DMCA in such a way that it protects his clients product in some fashion.
What are your thoughts on this and how do you assess the willingness of america's academia to resist this trend?
Time & Money vs. security (Score:1)
Reverse Engineering (Score:2, Insightful)
If the watermark.. (Score:2)
Credentials (Score:1)
So.... (Score:2)
Who do you blame for the current debacle? Those who drafted the law or those who in an over zealot reach asked for the law (and possibly wrote it)?
And, what's your worst fear of these groups trying to legislate their commercial rights?
Henry
Why doesn't the RIAA hire people like you? (Score:1)
Re:Why doesn't the RIAA hire people like you? (Score:2)
CCC1: "Dude, they want us to come up with something stronger."
CCC2: "Shit, haven't they got it through their thick skulls yet? It won't work."
CCC1: "Let's tell them we need to spend more to come up with an effective system."
CCC2: "Cool, time to buy some more Nerf guns!"
CCC1 & CCC2 (unison): "Man, I love this job."
-Legion
why did you cancel it? (Score:1)
Multimedia content copy-protection and the future (Score:2)
Do you think that, by using cryptography, watermarking or other copy-protection/prevention technologies, the entertainment industry can go back to the past situation when everyone paid (a lot) for having their copies of music/movies or, on the contrary, the technologies don't exist and will never exist to prevent the parallel distribution that we have nowadays?
Isn't intellectual rights a two way street? (Score:1, Interesting)
It has been my experience that academia tries, or atleast pretends to try to protect intellectual property. I think its really cool you stepped up to the challenge of breaking the watermark, but the course of action seems strange. The industry although bloated and corrupt is trying to protect their intellectual rights, and now you to are trying to do the same thing in a legal battle. So my question is then, why did you take this project on? Was it get your name out there (which is important in academia), to help the industry out (which is why they gave you $10,000), or some reason I missed. It seems strange that you would go public with the watermark information if you are worried about your own rights..
Thanks
Do you plan to research future watermark schemes? (Score:1)
Do you plan to try to find weaknesses in newer schemes, or do the current legal headaches discourage you from doing so?
Was it simply the existence of the contest which prompted you to do the research you did, or would you try to work on cracking future schemes even if there were no such contest?
SDMI = Dead? (Score:2)
The future of digital media (Score:4, Interesting)
Involvement (Score:1, Offtopic)
"Gambler's Ruin" and the RIAA lawsuit (Score:4, Interesting)
It seems, from the outside, that you are in a position similar to the "Gambler's Ruin" fallecy.
(For those not familliar with this, it works like this: Bob goes to a casino. He bets $2 on a game of chance. If he loses, he plays again with $4, and with $8, $16, $32 etc, doubling his bet each time he loses. The idea is that if he wins, he wins back all the money he lost up to that point, and the odds of his losing streak continuing very deep - assuming reasonable house advantage - are pretty small.
The "fallecy" par crops up in that the casino has access to far greater resources than Bob. Bob's bet gets pretty big in a hurry (and the amount spent is culmulative, until he wins) so the odds are that for reasonable values of Bob's bankroll, the casino can outlast him and take his money in the end)
The RIAA (and Microsoft, and Hollywood studios, and similar offenders) have very deep pockets, whereas individuals like Dr Felten are close to Bob. The problem seems to be that any of these rich organizations can keep the legal battle going indefinately (spending money on lawyer's fees all the while) and eventually bleed Bob (or Dr Felten) dry.
Dr Felten, based on your recent experience
1) Do you agree with this analogy, and
2) How can you expect not to be bled dry, financially, by the process?
.
Q: SDMI Watermark Enforcement VS. 3rd Amendment (Score:1)
Technically, how well does software that verifies SDMI-watermarks fit into the metaphor of "quartering of soldiers" in terms of privacy? Can we make the argument that SDMI is an invasion of privacy because the cryptographic software extends the influence of publishers into the private domain of users' legally purchased hardware?
Microsoft ruling... (Score:1)
In a slightly related topic, you were very active and instrumental in the DOJ's case against Microsoft. What is your opinion on the settlement talks and the outcome so far?
The University's Role (Score:3, Interesting)
How do I uninstall IE? (Score:1)
Re:How do I uninstall IE? (Score:1)
DMSI and Sound Distortion? (Score:2, Interesting)
watermarking techniques, I was curious about
the effect this has on the quality of the recording--especially in classical music.
Are there any audible artifacts?
(even the SLIGHTEST?)
Do the watermark techniques you've seen affect the timbre or pitch?
thanks,
Bill Klemm
Rice University
How will watermarking (SDMI) affect my DVD/CD/MP3? (Score:1)
Unfortunately, some CDs sold as music may not play on my home sound system using this device, as I understand the implications of watermarking.
Is this a true statement? The watermarking which you researched - is it equivalent to someone selling me a defective game disk? And does it distort any of the frequencies my dog and goldfish enjoy, so that we will not all enjoy the desert trance music in the same way?
-
The release of copyright material after 'x' years. (Score:1)
Do you believe that the corporations that are using copyright laws to protect their works (which make a vast profit for them) will ever permit these works to be available in the public domain once this period of protection has expired?
and how will it be possible to enforce the general public rights at the time of expiration if they are only available in an unbreakable encrypted form?
sorry that's 2 questions, but one is intimately linked to the other.
Simon Wood.
How about Tarjan's watermarking work? (Score:5, Interesting)
Given that you've been so prominent in demonstrating the weakness of watermarking techniques thus far, how do you like his company's chances of succeeding, and has your academic interest in defeating watermarking schemes resulted in some interesting debates in the lunchroom?
Conflicts in Intellectual Property Law (Score:3, Interesting)
Dr. Felten:
Some commentators would characterize the last 25 years or so as a conflict between patent holders (the manufacturers of consumer technology) and copyright holders (the producers of consumer culture). The landmark U.S. Supreme Court case, Sony v. Universal, was set up as typifying this conflict.
However, it would seem that, many years after the movie studios lost their attempt to prevent consumer VCRs from being sold, the VCR has, if anything, benefitted the motion picture industry.
Similarly, in the recent Napster case, it is worthwhile noting that after the RIAA successfully shut down Napster, their sales started to immediately decline, and have continued to decline. Many have argued that Napster provided a vastly superior method of music promotion, especially for older records, than radio, and its shutdown has resulted in music fans not finding out about records they might otherwise buy.
Do you think that this conflict is more imagined than real? In other words, is it more likely to the benefit of the cultural industries to work with technological development, rather than fight it?
Is any protection possible. (Score:2, Interesting)
We keep seeing cryptographic copy control attempted and broken. DVD-CSS, SMDI, the high bandwidth crypto stuff mentioned on slashdot recently.
Do you think it's at all possible to create a true playback control system? Perhaps using public key crypto and un-hackable hardware? Or do you believe that it is truly mathematically impossible to do
Response to dismissal? (Score:3, Interesting)
It appears that until you or some other legitimate researcher goes forward with publication and is sued or prosecuted for it, the courts may think you are just crying wolf to try to get a law you don't like changed. A number of researchers have stated that they now intend to stop working on analyzing content protection. If this court decision is upheld, that will prevent the DMCA from being overturned.
Are you willing to go forward with research and publication in violation of the DMCA? The only way to stop you then will be to actually use the DMCA against you, and it can finally be tested in court. Will you take this risk when so many researchers are backing away?
Watermarking and Jpeg2000 (Score:2, Interesting)
Watermarking on the other hand seems to rely on hiding in the least significant bits of the data. Pretty soon any images that are supplied in Jpeg2000 format or converted to it would have an automagic way of killing any watermarks present.
I think watermarking has already lost. What do you think of this?
t.
Re:Why did you do it? (Score:2)
It's clear to almost everyone that your lawsuit was nothing but an attempt to set up the RIAA. The RIAA has been nothing if not exceptionally clear [riaa.org] about the fact that they never intended nor attempted to suppress anyone's research.
With all due respect, if someone received a "Cease and Desist" letter demanding they stop doing something, such as preset a paper at a conference, or else face litigation from an exceptionally large and well funded organization with a possible (ie. unproven in court) leg to stand on, most people (and I'll grant you may be the exception) would not present the paper. This could have (most would argue would have) a chilling effect on research. I think it is unethical to say the least to demand this sort of thing and then back-peddle once their objectives have been completed (he didn't present the paper as they demanded). To notice that it might not have been in their best interest and claim "Oh we were just kidding", is a tad insulting.
If they had wanted to be exceptionally clear that they wouldn't sue, then they should never have threatened to.
Re:Why did you do it? (Score:2)
My question is for Dr. Felten's legal team, not himself: Is there any precedent in American law for collecting damages for legal threats made without actual intention to sue or any good reason to think a suit could be successful? Would you recommend legislation to make it possible or easier to collect such damages, e.g. for the cost of a lawyer to check out the threat and delays incurred in planned activities while studying the matter?
Re:Water Marks - MOD UP!! (Score:2, Funny)