November 25, 2024

Posts Comments

ARDG Bans the Press

March 24, 2003 by

Several groups, including the EFF, Consumers Union, DigitalConsumer, and PublicKnowledge, have sent a letter objecting to the Analog Reconversion Discussion Group (ARDG), objecting to ARDG’s policy of refusing journalists access to its “open” meetings.

Despite its confusing name, ARDG is an important process, reflecting the efforts of some to promote, and perhaps eventually to mandate, the use of technical restrictions to close the “analog hole” (i.e., to make it impossible to capture and copy non-digital media). ARDG’s no-press policy is not just theoretical – Drew Clark of the National Journal’s Tech Daily was actually ejected from an ARDG meeting.

ARDG allows note-taking, discussions with the press afterwards, and even web-posting of accounts of their meetings. They claim their process is open. And yet they insist on the no-press policy.

The policy is particularly hard to understand in today’s media world. Am I a member of the press? I publish commentary and/or news content to the public on most days, with a readership of a few thousand. By traditional standards I am a member of the press. If I tried to attend an ARDG meeting, would they kick me out too?

Filed Under: Uncategorized Tagged With:

We're Back

March 22, 2003 by

We’re back on the air after roughly thirty-six hours of downtime. Apparently the server that brings you Freedom to Tinker (along with many unrelated sites hosted by the same web hosting provider) has had its hard drives impounded by the authorities as part of a cyberterrorism investigation. The last week or so of backup tapes were impounded too, so everything I had written since March 14 was apparently lost.

But thanks to the efforts of several readers (including Chris Smith, Joe Barillari, Eszter Hargittai, and Dave Provine), I have now recreated the missing postings, and everything should be back to normal.

UPDATE (March 24): On a related note, you may have noticed a glitch or two over the past few days as we moved to a new hosting provider. (You’re reading this on the new provider.)

Filed Under: Uncategorized

Verizon Files Briefs in Subpoena Case

March 19, 2003 by

Verizon has filed another brief (with supporting papers) in its battle with the RIAA, in Verizon’s continuing effort to protect the anonymity of one of its customers, who has been accused of copyright infringement. Verizon’s press release, with copies of the filings, is here.

(Thanks to Jim Tyre for the pointer.)

Filed Under: Uncategorized Tagged With:

Needlepoint Piracy: An Exclusive Interview!

March 19, 2003 by

Here at Freedom to Tinker, we are relentless in our quest to bring you the finest in pseudo-journalism. And so when Frank Field lifted the lid on needlepoint piracy, our staff sprang into action to bring you an exclusive newsmaker interview with the ultimate insider source on this story, a source who was President of the authoritative American Needlepoint Guild (ANG) at the time the story first broke. This source, reached at an undisclosed location in the southwestern United States, will be identified only as “my mother.”

She writes:

The active needlepointers are generally members of [ANG] and its chapters. One of the things stressed on our [i.e., ANG’s] mail list (with more than 1200 needlepointers – not all members – but all active including designers, stitchers, shop owners, etc.), in our every other month magazine for members, with our chapters in their rules and regulations, and other places where we can – [is] that needlepoint charts and other materials from books, etc. can be copied only for your own personal use. They cannot be swapped.

[…]

Anyway, this article came out when I was President of ANG (at the end of my term) and caused quite a lot of discussion. [Swapping] is, and has always been, a problem – just think it may be among a wider group than previously because of the Internet. But among heavy users of patterns, I would suggest it is not commonly done. At least among the people I know, everyone is concerned about the decline in the number of stores selling these kinds of materials making it much more difficult to find patterns. For most people, attending a national seminar where a large store is available, or purchasing things by mail order or more likely on line, is what is happening now in the industry. Because we are trying to support the outlets still available for material, plus the manufacturers, many people are almost fanatics [about respecting copyright].

I would suggest that the decline in pattern sales for [some publishers] may be [because] there are fewer stores that carry their materials, and perhaps their patterns are not of such interest when you have no way to see the pattern in person.

Filed Under: Uncategorized Tagged With:

DRM, and the First Rule of Security Analysis

March 19, 2003 by

When I teach Information Security, the first lecture is dedicated to the basics of security analysis. And the first rule of security analysis is this: understand your threat model. Experience teaches that if you don’t have a clear threat model – a clear idea of what you are trying to prevent and what technical capabilities your adversaries have – then you won’t be able to think analytically about how to proceed. The threat model is the starting point of any security analysis.

Advocates of DRM (technology that restricts copying and usage) often fail to get their threat model straight. And as Derek Slater observes, this leads to incoherent rhetoric, and incoherent action.

If you’re a copyright owner, you have two threat models to choose from. The first, which I’ll call the Napsterization model, assumes that there are many people, some of them technically skilled, who want to redistribute your work via peer-to-peer networks; and it assumes further that once your content appears on a p2p network, there is no stopping these people from infringing. The second threat model, which I’ll call the casual-copying model, assumes that you are worried about widespread, but small-scale and unorganized, copying among small groups of ordinary consumers.

If you choose the Napsterization threat model, then you fail if even one of your customers can defeat your DRM technology, because that one customer will inject your content into a p2p network and all will be lost. So if this is your model, your DRM technology must be strong enough to stymie even the most clever and determined adversary.

If you choose the casual-copying threat model, then it’s enough for your DRM technology to frustrate most would-be infringers, most of the time. If a few people can defeat your DRM, that’s not the end of the world, because you have chosen not to worry about widespread redistribution of any one infringing copy.

Many DRM advocates make the classic mistake of refusing to choose a threat model. When they complain about the problem, they seem to be using the Napsterization model – they talk about one infringing copy propagating across the world. But when they propose solutions they seem to be solving the casual-copying problem, asking only that the technology keep the majority of customers from ripping content. So naturally the systems they are building don’t solve the problem they complain about.

If you’re a DRM advocate, the first rule of security analysis says that you have to choose a threat model, and stick to it. Either you choose the Napsterization model, and accept that your technology must be utterly bulletproof; or you choose the casual-copying model, and accept that you will not prevent Napsterization. You can’t have it both ways.

Filed Under: Uncategorized Tagged With: ,