Death to DRM, we'll kill it in a decade, chants EFF

Anti-piracy mechanisms block reverse-engineering and security studies


DEF CON 23 The Electronic Frontier Foundation (EFF) has used the DEF CON hacking conference to launch a campaign to stamp out digital-rights management (DRM) technology.

In an ironic twist, the cyber-rights warriors hope to use the hated Digital Millennium Copyright Act (DMCA) to kill off mechanisms that attempt to thwart piracy and reverse-engineering.

One of the DMCA's most pernicious parts is Section 1201, which makes it a criminal offense to circumvent technological controls on copyrighted products, or to distribute tools to do so. In the past this has been used to prosecute 2600 magazine after it published the secret to breaking the anti-copying technology in DVDs. Cory Doctorow, who rejoined the EFF to get behind this, thinks Section 1201 can be used for good.

There's very little case law on Section 1201, he said, because the industry is very careful about when it prosecutes. It went after 2600 because the case would be heard in New York, where judges aren't tech savvy, and because most members of the judiciary aren't keen on hackers.

But there have been successes. In 2004, Lexmark brought a Section 1201 case [PDF] against a company that was refilling its ink cartridges and resetting the chip inside to fool the printer into accepting them. The judge ruled against them on the grounds that the only copyrighted work in the cartridge was the DRM itself.

But now, with the internet of things, huge numbers of devices have copyrighted material inside, and there's no way to check the security of them because of Section 1201. As a result, we have devices like insulin pumps and home security systems that have never been scrutinized because researchers don't want to break the law.

"Section 1201 is deadly for security," Doctorow said. "We have one methodology for security that works, and that's disclosure and adversarial peer review. It's the same methodology that we used to go from the dark ages to the enlightenment."

But, he pointed out, security researchers break Section 1201 all the time – they just don't talk about it. So the EFF wants to change that.

One of the advantages America has is that there's a constitution and an independent judiciary, so stupid laws can get struck down if they are ruled unconstitutional, Doctorow said. That's how strong encryption was legalized, and he thinks it can do the same on DRM. "We want to know about the work you're doing and want to structure research so it's as litigation-proof as possible," he said. We also want to ensure that research is optimized to make sure any court judgement is a shining beacon on the hill, not a terrifying icon of how bad it is to go up against the machine.

Once you eliminate Section 1201, then DRM will die out, he posited. If DRM goes in the US, then other countries will follow suit, he predicted, because "when one party in a suicide pact pulls out, the other one does too." ®


Other stories you might like

  • China is trolling rare-earth miners online and the Pentagon isn't happy
    Beijing-linked Dragonbridge flames biz building Texas plant for Uncle Sam

    The US Department of Defense said it's investigating Chinese disinformation campaigns against rare earth mining and processing companies — including one targeting Lynas Rare Earths, which has a $30 million contract with the Pentagon to build a plant in Texas.

    Earlier today, Mandiant published research that analyzed a Beijing-linked influence operation, dubbed Dragonbridge, that used thousands of fake accounts across dozens of social media platforms, including Facebook, TikTok and Twitter, to spread misinformation about rare earth companies seeking to expand production in the US to the detriment of China, which wants to maintain its global dominance in that industry. 

    "The Department of Defense is aware of the recent disinformation campaign, first reported by Mandiant, against Lynas Rare Earth Ltd., a rare earth element firm seeking to establish production capacity in the United States and partner nations, as well as other rare earth mining companies," according to a statement by Uncle Sam. "The department has engaged the relevant interagency stakeholders and partner nations to assist in reviewing the matter.

    Continue reading
  • California's attempt to protect kids online could end adults' internet anonymity
    Websites may be forced to verify ages of visitors unless changes made

    California lawmakers met in Sacramento today to discuss, among other things, proposed legislation to protect children online. The bill, AB2273, known as The California Age-Appropriate Design Code Act, would require websites to verify the ages of visitors.

    Critics of the legislation contend this requirement threatens the privacy of adults and the ability to use the internet anonymously, in California and likely elsewhere, because of the role the Golden State's tech companies play on the internet.

    "First, the bill pretextually claims to protect children, but it will change the Internet for everyone," said Eric Goldman, Santa Clara University School of Law professor, in a blog post. "In order to determine who is a child, websites and apps will have to authenticate the age of ALL consumers before they can use the service. No one wants this."

    Continue reading
  • Is computer vision the cure for school shootings? Likely not
    Gun-detecting AI outfits want to help while root causes need tackling

    Comment More than 250 mass shootings have occurred in the US so far this year, and AI advocates think they have the solution. Not gun control, but better tech, unsurprisingly.

    Machine-learning biz Kogniz announced on Tuesday it was adding a ready-to-deploy gun detection model to its computer-vision platform. The system, we're told, can detect guns seen by security cameras and send notifications to those at risk, notifying police, locking down buildings, and performing other security tasks. 

    In addition to spotting firearms, Kogniz uses its other computer-vision modules to notice unusual behavior, such as children sprinting down hallways or someone climbing in through a window, which could indicate an active shooter.

    Continue reading
  • Arm says its Cortex-X3 CPU smokes this Intel laptop silicon
    Chip design house reveals brains of what might be your next ultralight notebook

    Arm has at least one of Intel's more capable mainstream laptop processors in mind with its Cortex-X3 CPU design.

    The British outfit said the X3, revealed Tuesday alongside other CPU and GPU blueprints, is expected to provide an estimated 34 percent higher peak performance than a performance core in Intel's upper mid-range Core i7-1260P processor from this year.

    Arm came to that conclusion, mind you, after running the SPECRate2017_int_base single-threaded benchmark in a simulation of its CPU core design clocked at an equivalent to 3.6GHz with 1MB of L2 and 16MB of L3 cache.

    Continue reading

Biting the hand that feeds IT © 1998–2022