July 10, 2020

Archives for November 2002


Lots of buzz lately about the DarkNet paper written by four Microsoft Research people.

The paper makes a three-part argument. First, there is really no way to stop file sharing, as long as people want to share files. Second, in the presence of widespread file sharing, a copy-prevention technology must be perfect, for the presence in a file sharing environment of even a single uncontained copy of a work enables anyone who wants to infringe its copyright to do so. (This is what I call the “break once, infringe anywhere” model.) Finally, there is little if any hope that a copy-prevention (or “DRM”) technology can be strong enough to prevent the creation of single uncontained copies of works. So the conclusion is that the current DRM approach will not work.

This paper has gotten attention in the policy community because it is well written and makes a compelling argument. But its argument is far from new. Indeed, the paper’s claims have been the consensus of independent security experts for a few years already. You can see this, for instance, in Bruce Schneier’s writing on DRM.

So why has the DarkNet paper gotten this much attention? My guess is that there are two reasons. First, the paper was written by guys from Microsoft Research, and Microsoft has previously taken a pro-DRM position. The paper includes a standard disclaimer saying that it is the opinion of the authors and not of Microsoft. But still it reflects a change. In past years, conference presentations from industrial researchers, both at Microsoft and elsewhere, have shied away from anti-DRM statements, so as to keep their employers happy (although vigorous anti-DRM language could often be heard at dinner afterwards). So non-techies will put more weight on the paper because of its authors’ affiliation.

The second reason for the buzz around this paper is that the “DarkNet” terminology has a certain persuasive power, evoking a subterranean world of illicit activity, a sort of criminal underground of the Net. Although compelling, the “DarkNet” concept is misleading, if it is understood as implying that one can draw a neat line between the “legitimate Net” and the illegal “DarkNet”.

In practice, the same technologies are used to conceal both legal and illegal activity. You can use a safe to lock up either criminal plans or business data. You can use encryption to conceal either copyright infringement or love letters. You can use “sneakernet” (which is a DarkNet technology, according to the paper) to share software illegally with your neighbor, or to give baby pictures to grandparents. Attempts to regulate or ban the DarkNet often affect legitimate networking. Examples of this include both the Hollings CBDTPA, which would have regulate many innocuous devices (as documented in Fritz’s Hit List), and the Berman-Coble “P2P Hacking” bill, which would affect ordinary websites.

On balance, the DarkNet paper will be valuable not because it breaks new ground technically but because of its persuasive power. If it can move the policy debate forward, and onto sounder technical ground, that will be a major achievement.

Crackdown at the Naval Academy

According to The Capital, which appears to be a local newspaper in Annapolis, officials at the Naval Academy have seized the computers of nearly 100 midshipmen (i.e., students at the Academy) because of suspected file sharing activity.

Some people paint this as an “RIAA goes after the Navy” story. But based on the newspaper article, it looks like a “Naval Academy goes after its students” story. It appears that the RIAA sent the Naval Academy the same letter that it sent to many universities, and the Academy then decided on its own to take this action.

Will this put pressure on other universities to do the same thing? Perhaps not, because of the special status of the Naval Academy. Students are members or quasi-members of the Navy and hence have less privacy and autonomy than most students do; and the computers in question arguably belong to the Navy anyway. In any case, it will be interesting to see how the Navy proceeds.

Blog Comment Spam

I saw my first blog-comment spam today. David Weinberger’s posting on open spectrum had one comment: a standard-issue Nigerian scam message. How much longer before we see Trackback spam?