DMCA

By choosing Joe Biden as their vice presidential candidate, the Democrats have selected a politician with a mixed record on technology who has spent most of his Senate career allied with the FBI and copyright holders, who ranks toward the bottom of CNET's Technology Voters' Guide, and whose anti-privacy legislation was actually responsible for the creation of PGP.

That's probably okay with Barack Obama: Biden likely got the nod because of his foreign policy knowledge. The Delaware politician is the chairman of the Senate Foreign Relations committee who voted for the war in Iraq, and is reasonably well-known nationally after his presidential campaigns in 1988 and 2008.

The Industry Standard, which reports that the Associated Press has filed DMCA takedown notices against news site 'The Drudge Retort' for excerpting portions of AP news releases. The site's creator, Rogers Cadenhead, has posted his analysis of the letters sent to him by the AP. Employees of the AP have defended the notices in posts on various blogs, saying, "We get concerned when we feel the use is more reproduction than reference, or when others are encouraged to cut and paste. That's not good for original content creators; nor is it consistent with the link-based culture of the Internet that you and others have cultivated so well."

Gever Tulley, founder of the Tinkering School, talks about our new wave of overprotected kids -- and spells out 5 (and really, he's got 6) dangerous things you should let your kids do. Allowing kids the freedom to explore, he says, will make them stronger and smarter and actually safer.

Local mirror of Gever Tulley's talk, 5 Dangerous Things To Do With Your Kids

There's some precedent for newsgroup providers finding shelter in the DMCA's Safe Harbor. In 2000, author Harlan Ellison filed a lawsuit against Stephen Robertson, who allegedly posted a number of Ellison's works to alt.binaries.e-book. One of the codefendants was AOL, which provides Usenet access to its subscribers. AOL argued that it was not liable for infringement due to the Safe Harbor provision, and the Ninth Circuit Court of Appeals agreed. One of the factors in the decision, however, was AOL's 14-day retention policy, which the court deemed was sufficient to qualify for the DMCA's "transitory communications" Safe Harbor protection. AOL later lost that protection, however, when it was discovered that the ISP went months without checking the infringement notification inbox.

This agrees with what I've said earlier about usenet providers being deemed a safe harbor.

The Recording Industry Association of America is suing usenet.com, decrying it as the next Napster, Kazaa and other peer-to-peer, illicit file-sharing sites.

"Defendant provides essentially the same functionality that P2P services such as Napster, Aimster, Grokster and Kazaa did (prior to being enjoined by the federal courts) -- knowingly providing the site and facilities for users to upload and download copyrighted works -- except that defendant goes further than even the P2P services to facilitate and encourage copyright infringement by its users," said the lawsuit in U.S. District Court for the Southern District of New York. "Defendant customizes its service to make it as convenient and seamless as possible for subscribers to distribute and obtain copyrighted music without authorization and without paying for that music."

The suit (huge .pdf), comes two weeks after the RIAA won its first pirating jury trial targeting an individual. A Duluth, Minnesota jury ordered Jammie Thomas to pay the RIAA $222,000 for pirating 24 songs on the Kazaa system in 2005.

Except that, as Ellison v. Robertson confirmed, usenet providers are a safe harbor under 17 USC §512(a). (Except when you change your email address, in which case, the courts will hold you "out as an example to prevent future willful blindness on the part of ISPs.")

Local copy of RIAA's Complaint against Usenet.com.

Reader Hanji alerts us to a hack pulled off when Randall Munroe, author of the popular webcomic XKCD, spoke at MIT by invitation of the Lab for Computer Science. MIT hackers dropped hundreds of labelled playpen balls onto the audience from hatches in the ceiling. The labels bore XKCD's logo as well as the recently discovered 16-byte AACS processing key. At another point in Munroe's talk he was stalked by remote-controlled mechanical velociraptors; but fortunately he had been supplied with a squirt gun full of grape juice.

The AACS key, an MIT hack and xkcd all at once? Sweet.

The user revolt at Digg and elsewhere, over attempts to take down the now-famous "09 F9" number, is now all over the press. Many non-techies, including some reporters, wonder why users care so much about this. What is it about "09F9" that makes people willing to defend it by making T-shirts, writing songs, or subjecting their dotcom startup to lawsuit risk?

The answer has several parts. The first answer is that it’s a reaction against censorship. Net users hate censorship and often respond by replicating the threatened content. When Web companies take down user-submitted content at the behest of big media companies, that looks like censorship. But censorship by itself is not the whole story.

The second part of the answer, and the one most often missed by non-techies, is the fact that the content in question is an integer — an ordinary number, in other words. The number is often written in geeky alphanumeric format, but it can be written equivalently in a more user-friendly form like 790,815,794,162,126,871,771,506,399,625. Giving a private party ownership of a number seems deeply wrong to people versed in mathematics and computer science. Letting a private group pick out many millions of numbers (like the AACS secret keys), and then simply declare ownership of them, seems even worse.

...

The third part of the answer is that the link between the 09F9 number and the potential harm of copyright infringement is pretty tenuous. AACS LA tells everyone who will listen that the discovery and distribution of the 09F9 number is no real threat to the viability of AACS or the HD-DVD/Blu-ray formats. A person getting the 09F9 number could, if he or she is technically skillful, invest a lot of work to get access to movies. But there are easier, less tech-intensive ways to get the same movies. Publishing the number has approximately zero impact on copyright infringement.

Which brings us to the civil disobedience angle. It’s no secret that many in the tech community despise the DMCA’s anticircumvention provisions. If you’re going to defy a law to show your disagreement with it, you’ll look for a situation where (1) the application of the law is especially inappropriate, (2) your violation does no actual harm, and (3) many others are doing the same thing so the breadth of opposition to the law is evident. That’s what we see here.

Diggers are revolting because Digg began to seek out new examples of the key and delete them immediately, instead of waiting for notice from the AACS-LA. A palette of colors for the key has been created. You can get a HD-DVD t-shirt or a tattoo. This is, as mentioned, outright civil disobedience and rebellion. Putting this genie back in its bottle is just plain futile.

I long for the day when the industry will learn that take down notices get you no place, the information and content is out there and isn't coming back and that trying to squelch fair use is a waste of time (so is trying to stop piracy, but lets not go there today).

As of this writing, there are 683,000 results according to Google (it is worth noting that MSN only has 1,902, they should get some quick bots). I'd bet that there will be over a million by the end of the week. How large of a legal team do you need to prepare a million DMCA take downs? How large of an investigative unit do you need to put names to IP addresses? Besides, there's already a vulnerability that cannot be fixed even if every key is revoked:

Despite the technical difficulty of performing this hack, it does offer some advantages in the race to beat AACS copy protection. "They cannot revoke this hack," said forum member arnezami, who has been at the center of much of the AACS cracking recently. "No matter how many Private Host Keys they revoke we will still be able to get Volume IDs using patched xbox 360 HD DVD drives."

In addition to being irrevocable, the hack has the potential to make future decryption even easier. "This hack/technique enables us to figure out how the Volume ID is stored on the disc," arnezami explained. "It's very possible we would figure out [...] how the KCD is stored on the disc. Knowing that and being able to teach a PC drive how to read a KCD will open the door for what I called third-generation decryption."

While this type of decryption (reading keys directly off a PC drive by sidestepping part of the encryption process) is still not a reality, it may not be too far off. The main issue is the cost of purchasing standalone high-def players by the hackers, but as prices for these come down, this problem will slowly go away.