November 24, 2024

Posts Comments

Too Stupid to Look the Other Way

October 29, 2002 by

David Weinberger explains the value of “leeway,” or small decisions not to enforce the rules in cases where enforcement wouldn’t be reasonable.

Imagine that your mother were visiting your apartment, and she got sick, so you let her stay overnight because she wan’t well enough to travel home. If this happened, no reasonable landlord would enforce a no-overnight-guests rule against you. Weinberger says:

Leeway is the only way we manage to live together: We ignore what isn’t our business. We cut one another some slack. We forgive one another when we transgress.

By bending the rules we’re not violating fairness. The equal and blind application of rules is a bureaucracy’s idea of fairness. Judiciously granting leeway is what fairness is all about. Fairness comes in dealing with the exceptions.

And there will always be exceptions because rules are imposed on an unruly reality. The analog world is continuous. It has no edges and barely has corners. Rules at best work pretty well. That’s why in the analog world we have a variety of judges, arbiters, and referees to settle issues fairly when smudgy reality outstrips clear rules.

The problem, Weinberger says, is computers don’t give leeway. Would the computer toss your sick mother out on the street, or cancel your lease because you let her stay?

Of course, you can always change the rules to add exceptions, such as a sick-mother allowance. Doing this would cover some cases, but you would be left with a more complex set of rules that was still enforced inflexibly. You can change the rules, but you can’t teach a computer to give leeway.

Weinberger goes on:

Which brings us to “digital rights management” which implements in code a digital view of rights. Yes, vendors and users should have a wide variety of agreements possible, but the nature of those agreements is necessarily digital….

If we build software that enables us to “negotiate” usage rules with content providers, the rules can be as favorable as we’d like but their enforcement will necessarily be strict, literal and unforgiving. Binary, not human.

DRM raises very difficult leeway issues. Fair use is an officially sanctioned leeway mechanism, designed to prevent enforcement of certain rules when the particular circumstances would make enforcement unwise. Fair use is just the kind of subtle and context-dependent leeway mechanism that computers can’t handle.

Weinberger’s message can be summed up in a quote attributed to him by Jon Udell:

That’s the problem with DRM. Computers are too stupid to look the other way.

Filed Under: Uncategorized Tagged With: ,

Wiley's Super-Worm

October 29, 2002 by

Brandon Wiley writes about the possibility of a “super-worm” that would use sophisticated methods to infect a large fraction of Internet hosts, and to maintain and evolve the infection over time. This is scary stuff. I have two comments to add.

First, the worst case is probably even worse than Wiley suggests. His paper may only scratch the surface of what a really sophisticated bad guy could do.

Second, Wiley’s paper points out the double-edged nature of basic security technology. The methods we use to protect ourselves against attacks – encryption, redundancy, decentralization, code patching – are the same methods that Wiley’s bad guy would use to protect himself against our counterattacks. To counterattack, we would need to understand the flaws in these methods, and to know how to attack them. If we ban or stigmatize discussion of these flaws, we put ourselves at risk.

Filed Under: Uncategorized Tagged With:

Wishful Thinking

October 29, 2002 by

In recent debates about copyright and technology, pro-regulation people have started using an interesting rhetorical tactic. Rather than trying to rebut challenges to the workability of their proposed solutions, they talk instead about how intensely they want their proposals to be workable.

For example, my Fritz’s Hit List series points out a serious flaw in Sen. Hollings’ regulatory proposal. Here is the response from the Senator’s office (from the Oct. 21 New York Times):

Andy Davis, a spokesman for Mr. Hollings, said the technology-minded critics of the bill were “missing the thrust of the senator’s argument,” which is that there is need for more protection of copyright works if online content and broadband Internet access are to flourish.

I don’t doubt that Senator Hollings wants very badly for there to be a solution to this problem. But wishing for a solution is not the same thing as having one.

The same phenomenon is at work when pro-regulation people “debate” the regulation issue by repeating statistics about copyright infringement. By now, everybody knows that there is a serious problem with copyright compliance, and (almost) everybody wishes for a solution to that problem.

Again, saying that you want a solution doesn’t imply that a solution is possible. And it certainly doesn’t imply that the “solution” you are currently peddling is any good.

Filed Under: Uncategorized Tagged With: ,

Fritz's Hit List #27

October 29, 2002 by

Today on Fritz’s Hit List: talking dog collars.

These devices allow you to record a brief audio clip on your dog’s collar, so that your dog can be returned to you if it wanders off. Since these devices record (possibly copyrighted) audio in digital form, they qualify for regulation as “digital media devices” under the Hollings CBDTPA. If the CBDTPA passes, any newly manufactured talking dog collars will have to incorporate government-approved copy restriction technology.

Fight piracy – regulate dog collars!

[Thanks to Sean Lytle for suggesting this item.]

Filed Under: Uncategorized

Schoen vs. Stallman on "Trusted Computing"

October 28, 2002 by

Seth Schoen raises two interesting issues in his response to Richard Stallman’s essay on “trusted computing.” (To see Seth’s posting, click here and scroll down to the “Trusted computing” heading.)

Stallman says

[Trusted computing] is designed to stop your computer from functioning as a general-purpose computer.

Schoen responds:

Neither of these concerns is applicable at all to Palladium (as Microsoft has described it to us) or to TCPA (as the TCPA has specified it and as it has been implemented). While Microsoft could be misleading us about Palladium, the TCPA specification is public and implementations of it have already been made.

It’s possible that some other trusted computing system could have such a misfeature, but the design of TCPA and Palladium doesn’t require these properties at all, as far as I can tell, and they seem to be more or less independent.

Schoen is right here – Palladium and TCPA do not do what Stallman says it does. Stallman seems too eager to blame Microsoft for the sins of others.

The conversation then moves on to the connection between Palladium and the Hollings CBDTPA. The Hollings bill mandates that some kind of “trusted computing” restrictions be made mandatory in essentially all digital devices. But what kind of restrictions would be mandated?

Stallman implies strongly that the CBDTPA would mandate the use of Palladium. Schoen disagrees, saying that he is “not convinced that something like Palladium is the infrastructure contemplated by the CBDTPA.”

Here I don’t know who is right. The CBDTPA is cleverly constructed so that it doesn’t say what it is mandating – it leaves that to be decided later, either by the FCC or by a vaguely-specified industry consortium. This gives CBDTPA advocates a way to dodge hard questions about the bill’s effects, by invoking a hoped-for perfect technical solution that is just around the corner. Given the track record of copy restriction and its advocates, I think we should insist on taking a test drive before we buy this used car.

Filed Under: Uncategorized Tagged With: ,