Read: [next] [previous] message
[Fwd: DeCSS and imminent harm ...]
From: Sandy Harris <sandy _-at-_ storm.ca>
An old message of mine, from another forum, forwarded here in case anyone can use the ammunition. Sandy Harris wrote: > > Kevin Blanchard wrote: > > > > In fact I think spreading the DeCSS is a GREAT idea. If they are trying to > > stop people from posting it, I think an email circulation is also in order. > > > > I do not believe it should be down as a rebellion but history has shown the > > technology advances happen more often because of hackers, crackers,etc. As it > > pertains to encryption, if they develop a way to encrypt data, and then a way > > is found to crack it, then a newer, better way is developed and so goes the > > evolution of technology. > > However, in this case they were seriously incompetent so nothing new was > learned. > > First, they claim their encryption is intended to stop copying. Either they > are lying (That would be my guess) or they've completely misunderstood. > Their encryption has **absolutely zero** effect on copying. Anyone with > the right hardware can make a bit-for-bit copy of an encrypted disk. It > will play on every device the original did. > > Second, they used 40-bit encryption, presumably to comply with US > export laws. This is obscenely weak. Assume you can try a million > keys a second. 10^6 ~= 2^20 so you need 2^20 seconds. 3600 seconds > in an hour, somewhat < 2^12 so total time is somewhat > 256 hours. > A week or a month on a single machine, depending how fast it is. > > Then they muffed the design so there are faster attacks; they don't > even have 40 bits of actual strength. In one brief to the court, > Dave Wagner from Berkeley said breaking this system was about the > right level of difficulty for him to assign it as undergraduate > homework next term. Wagner's brief in the first round of the California DeCSS case, archived on eff.org. > Lastly, one of their customers muffed something else and the disks > have one unencrypted key, which makes it easier to attack the others. > > > Instead of wasting money going on a wild goose chase to try to stop > > these "internet violators" which will never happen, > > The scary part is that to some extent is is happenning and, given some > of the awful laws in place like DMCA, may continue to. These guys are > actually getting away with molesting Norwegian teenagers and with suing > webmasters over links. They had Norwegian police arrest 16-year-old Jon Johannsen who originally posted the DeCSS code. > > they should > > take the money and put it towards RnD of a better way to encrypt that data, > > which would be the best way to solve their problem of people decrypting > > material they do not want decrypted. > > I'm not certain their stated goal -- protection against unauthorized copying -- > is even possible. Certainly nothing they've done to date is even slightly > relevant to it. > > > > It is not about copyright law. It is about power. > > As for their actual goals -- controlling the market in viciously unethical > ways -- I devoutly hope they don't implement better encryption for that. -- For (un)subscription information, posting guidelines and links to other related sites please see http://www.flora.org/dmca/
Read: [next] [previous] message
List: [newer] [older] articles
You need to subscribe to post to this forum.