November 24, 2024

Archives for 2002

Pro-Tinkering Speech from White House Cybersecurity Czar

Richard Clarke, the White House cybersecurity czar, in a speech today at the Black Hat conference, called for legal protection for tinkering by security researchers.

According to an Associated Press article by D. Ian Hopper, Clarke “encouraged the nation’s top computer security professionals and hackers Wednesday to try to break computer programs, but said they might need protection from the legal wrath of software makers.” The article also quotes Clarke as saying that security researchers “have an obligation to find the vulnerabilities.”

This is just common sense. Still, it’s refreshing to hear that somebody in official Washington understands the value of tinkering and open debate about technology.

Vaidhyanathan: Copyright as Cudgel

Nice article on copyright abuses by Siva Vaidyanathan in the latest Chronicle of Higher Education. The Chronicle is read mostly by professors, so the article talks at length about the harm to scholarship caused by the recent copyright expansion.

Vaidhyanthan identifies two common arguments used by those opposed to copyright expansion. The first, which he calls commons talk promotes the value of the ever-shrinking public domain. The second (unnamed) strategy is to enlist public support by pointing out how routine and accepted activities of Joe Public, such as backups and party mixes, are endangered.

As the scope of “intellectual property” continues to expand, I think we’ll see a third argument, based on collateral damage. The idea is that new laws, while apparently intended to protect the flank of copyright by giving copyright holders or technology makers new powers to restrict their competitors’ activities, will increasingly choke off beneficial and clearly-legal innovations.

Berman-Coble Bill: Green Light for Cyber-Attacks

In the current climate of concern about cyber-attacks, it’s astonishing that Congress is considering a bill that would legalize a wide range of cyber-attacks – yet that is just what the proposed Berman-Coble bill would do.

The bill allows the owner of a copyright to interfere with the computer or network of anybody who is thought to be using the copyrighted material without authorization. The bill allows any attack, so long as it does not mess with any files on the victim’s computer (other than copyrighted ones). For example, they can cut off your network connection, or even crash your computer.

I am not totally opposed to the idea of self-help for parties whose legal rights are being violated. But this bill goes way, way too far. For example, the bill allows attacks on anybody making “unauthorized” use of a work, even if that use is legal. (Under copyright law, if you own a legimate copy of a work, there are certain things you can do with that work whether the copyright holder likes it or not; so a use can be unauthorized but still legal) And the bill doesn’t do much to hold the attackers accountable for any collateral damage they cause.

Text of the proposed bill is available at http://www.politechbot.com/docs/berman.coble.p2p.final.072502.pdf

Australian DMCA Does Not Prohibit Mod Chips

An Australian judge has ruled that the Australian version of the DMCA does not apply to the sale of “mod chips” for Sony PlayStation game consoles.

Technological background: Sony PlayStation is a game console that plugs into the back of a TV. PlayStation games come on a compact disk that is plugged into a CD drive on the PlayStation console. The disk contains a kind of authentication code that can be verified by the console, and the console refuses to play games that lack the authentication code. The “mod chips” sold and installed by Mr. Stevens change the console so that it will accept CDs that lack the authentication code.

I read the judge’s ruling as saying that under Australian law, mechanisms that merely authenticate content, as opposed to preventing it from being copied or from being accessed on standard CD drives, are not really copy control devices, and thus the Australian DMCA does not apply to them. Under the judge’s reasoning, a scheme that encrypted the CD’s contents (as opposed to merely authenticating them) would be covered. So this decision appears to be of limited application.

Laws like this are often vague about what they cover and what they don’t. I suspect that this vagueness reflects the drafters’ confusion about what they were trying to do. (Sometimes vaguely worded statutes reflect an artful compromise between legislative factions, but I don’t think that’s the case here.)

Edelman, ACLU File Anti-DMCA Suit

Ben Edelman, a soon-to-be law student at Harvard, has filed, with help from the ACLU, a lawsuit challenging restrictions on his right to disassemble and study a Web censorware product from a company called N2H2. The suit challenges the validity of an anti-tinkering clause in N2H2’s license agreement, and of the DMCA provisions that apply to Edelman’s proposed research. The complaint filed by Edelman and the ACLU is light on technical details about N2H2’s product.

Edelman says he wants to tinker with N2H2’s product, in order to determine the list of Web sites that it blocks, and to create and distribute a software tool that lets others extract the list (in case the list changes).

It looks like the main event will be the challenge to the license agreement, with the DMCA issues more remote and hence less likely to be ruled upon by the court. It seems to me that if the Court upholds the validity of the license provisions, then the DMCA issue is moot. And the DMCA’s prohibition on acts of circumvention doesn’t apply, because there is an exception that protects efforts to extract the blocking lists of censorware products. That exception doesn’t apply to the dissemination of technologies for extracting blocked-site lists, so Edelman’s distribution of his proposed list-extraction tool would appear to be prohibited by the DMCA.