Here we'll explore the nexus of legal rulings, Capitol Hill
policy-making, technical standards development, and technological
innovation that creates -- and will recreate -- the networked world as we
know it. Among the topics we'll touch on: intellectual property
conflicts, technical architecture and innovation, the evolution of
copyright, private vs. public interests in Net policy-making, lobbying
and the law, and more.
Disclaimer: the opinions expressed in this weblog are those of the authors and not of their respective institutions.
Among the latest tech proposals for content tracing is "forensic watermarking". This idea, which I discussed with SiDi, allows a production company to introduce subtle changes into media. These changes form a "fingerprint" - an identifying signature that lets someone with the right viewing technology tell the origin of a copy, since the watermark is carried from copy to copy.
Watermarking is not precisely DRM, in that it doesn't attempt to prevent the act of copying, but it is forensic in that it allows someone examining a copy to determine where the copy is generated from. Like DRM, watermarking can also be broken and removed, creating clean copies. This results in an increasing arms race where technologists attempt to embed harder-to-find and harder-to-remove watermarks, and other people work to crack these marks.
To the general end-user, a watermark has generally been harmless. Since it doesn't block action, you tend not to notice it. That may be changing. In the Register's deep dive on high-definition 4k watermarking it appears like the new standard will be used to block playing of content that doesn't have watermarks, or could even block playing of content that doesn't have a device-specific watermark. This would enable locking a specific copy of media to a specific player, possibly even preventing sharing within a household or across devices inside a consumer house.
In the next version, I hear there will be straps for your chair and comfortable eyelid-management capabilities.
If you've been in the Copyright Wars long enough, you may remember the analog hole - the idea that you could extract the bits from a DRM-locked item when they were rendered out for display and then recapture those bits in a DRM-free format.
Purgathofer's homebrew analog hole-maker targeted Amazon's Kindle, but the concept applies to pretty much any e-reader. The issue is not with the Kindle per se, but with what Purgathofer correctly describes as "a “dramatic loss of rights for the book owner." Yep, e-books still suck, just in case you had any illusions to the contrary.
I name this test in honor of Greg Aharonian of PATNEWS who has been raging about the crap coming out of the USPTO for longer than I've been blogging. The test is simple: if it fails at its most basic function, it's not suitable material for patent discussion.
In an email sent out today Greg has pointed out that the PTO's database of its own patents fails this test. The patent database is both accessible to the public and used by examiners. As I noted last time, one reason we might point to for bad patents being issued by the PTO is that examiners do not have adequate tools to do their jobs properly.
This query asks for patents where (at least one of) the inventors are in the country of Panama. Go ahead, give it a try. I'll wait.
Right, so if you're like Greg and me you'll notice that the PTO's database fails to perform even this simple query properly. Some of the answers appear to be because of substring matching (bad implementation of the search algorithm); others appear to be because of incorrect data in the patent records themselves (bad quality control). Regardless of the cause, it's clear that this tool fails here, which leads one to wonder how badly it fails on other queries. If patent examiners aren't finding relevant prior art maybe we ought to give them the right (tested) tools and (quality supervised) data to make that possible, eh?
An "epic and surreal legal battle" is slowly taking shape out there in IP-land. If you are as ancient as I am, you remember days before photocopiers made it possible to reproduce any book or printed page quickly, cheaply, and en masse. When photocopiers got cheap enough and widely enough distributed the inevitable happened - people photocopied their butts. Wait, no. I mean, yes, they did that, but they also did stuff that had IP owners tearing their hair out in frustration. Nobody photocopies novels and resells them, but teachers would put together course packets containing hundreds of pages of material photocopied from a variety of sources.
At first, nobody thought about paying for all that copying, even though getting the important chapters for free in your course packet meant you didn't then have to buy the book. There was a time when mass photocopying was seen as the worst threat to publishing. Eventually, things settled out. Universities and others worked out licensing deals. Students had to pay for course packets and some of that money flowed back to publishers who didn't get as much as if everyone had to buy every book, but they did get something. Copying went from being an unholy terror to an understood devil we live with.
Fast forward to the 21st century, and along comes Makerbot, and a hundred more like them. These home machines let you print new objects, some of which didn't exist before. Others, depending on the digital models you load in, can be exact replicas of existing objects that are covered by things like patents. This is almost certain to engender a nightmare similar to that of the early photocopy machines, particularly as new versions of 3-D manufacturing machines are going to have scanners that let you start with an object and generate a copyable model file on the spot. Three-D printing will become the new photocopying.
As Clive Thompson describes in the above-linked article for WIRED, the problem right now isn't so much the machines: it's that people create and share their design files. Those files allow one person to empower other people to make many copies. Even though those copies may be used only for individual purposes, the people whose objects are being copied claim infringement. If I can print up my own Warhammer figures for cheap, why would I buy the Games Workshop originals? You can see why GW and others want this stopped.
The question, then, is who is at fault for infringement. The answer is not obvious and as with all new technologies I expect this one to be thrashed out in court. One possible target would be the person who created the file. Another would be the sites (e.g. 3D Model Sharing) where the files are posted. In the case Thompson describes, the site Thingiverse received a DMCA takedown notice. I'd bet you could make a good case that this was an inappropriate use of the DMCA.
The problem is that the file isn't itself a copy of anything. It's an original work. Posting a design file isn't the same as posting a track I ripped from a CD. The file, if used in a certain way, can produce an infringing object, but I cannot see how Games Workshop could claim patent protection for that file. I'm reminded of the many faces of DeCSS where the movie industry tried to put a stop to every possible way that the DeCSS code could be expressed. Model files are code and code is infinitely malleable. Maybe GW claims some kind of contributory copyright infringement and that's the basis of their DMCA notice, but that's new legal territory as far as I know.
If you accept that the file (code) itself isn't a violation of the object IP owner's trademarks, patents, or copyrights then you're left with two options: go after the machines or the end users. Going after the machines is a losing plan; it would essentially recapitulate the Betamax argument and it would be trivially easy to show that these machines have substantial non-infringing uses. Finally, you don't want to be in the business of going after the end users, unless you're batshit insane like the Cartel and think that suing your customers is a winning business model. Given that most people are not that level of insane, I think we're going to see a continued targeting of (easily intimidated) model-makers and reluctant cooperation by the sites that post the files. Nobody wants to be the next Megaupload test case.
This may discourage or slow the growth of some sites, but since there's already model-sharing on the P2P networks I don't think it's likely to have a huge impact. There needs to be some kind of grand agreement and that's not likely to come soon. Thus, court cases.
(Full disclosure: I'm friends with Sindrian Arts, a company that is trying to bring industrial-scale machinery (a CNC router) down to personal size and price. This machine, like Makerbot and others, could be involved in this brewing legal battle.)
At this point it looks like all the major browser-makers will support this proposal either in current or near-future releases, and since the proposal comes from W3C it's likely to be completely compatible with the CSS rendering standards that browsers also support. In order to promote further compatibility, WOFF positions itself as a container (envelope, or wrapper) that can be put around the currently standard TrueType, OpenType and Open Font Format fonts. This means that existing fonts can be folded into the system with relatively little extra work, and the browser-makers don't have to write whole new decoders to handle WOFF-compliant font files.
In order to limit unwanted sharing, the WOFF spec says that the user agents (browsers, commonly) that implement the WOFF standard should not pull the fonts from other sites, unless explicitly allowed, and should not make the pulled font available to other programs on the end user's computer. That's slightly inefficient but probably the minimal compromise necessary to help font designers/publishers feel that they can trust their wishes will be respected.
As a matter of technology it's trivially true that a specification and plain-text metadata aren't strong protection. However, this practice follows the social conventions and customs used in things like Creative Commons licenses and given that it is in the interest of both the browser makers and most Web content designers to see this succeed I believe this is the right approach. It's much more important to make it easy for the good guys to do the right thing than to divert resources to stopping bad guys from doing the wrong things.
The Copyright Clearance Center sent out a blurb announcing that they've upgraded their Rightslink tool, a set of software and services that is designed to help creators figure out what they want to license, to whom, and on what basis. There are a variety of tools that creators need if they're going to get their content out inside of a for-pay infrastructure. I'm not in the business of promoting one tool over another but I'm happy to list resources and encourage users to share their experiences.
In the blog entry from March, Richard Fink points out some clear evidence that Typekit either isn't working as designed or is putting up misleading copyright information. Fink uses the word "fraud" but in the comment back and forth with Typekit's Jeffrey Veen, Fink admits that he may be guilty of unnecessary hyperbole. Veen's defense, that he (and Typekit) don't know how to write licenses and so may be guilty of bad wording at worst, may be true but seems like sloppy work. Is there no one at Creative Commons or other organization that could help out here?
One other tech link I saw in Fink's post is worth surfacing here: The League of Moveable Type, an organization dedicated to the production and distribution of free and open fonts for use on the Web and elsewhere.
First, a bit of background - bear with me here. It's an ongoing frustration for Web designers to try and get the things that show up on peoples' screens to look like what the designer wants. I vividly remember going to visit a customer who complained that my product looked terrible on her screen and discovering that she had somehow jiggered her Web browser settings to map the colors I had chosen into some hideous chemical green and pink.
For most of the history of the Web, designers have fought to take back control of the appearance of their product through techniques such as embedding text in images or using other technologies such as Flash that permit much more rigid and detailed settings than most browsers' HTML. Unfortunately these technologies tend to produce bad user experiences by being inaccessible to blind users, taking a long time to load, requiring constant updating of plug-ins, and so on. Over the past few years, the evolution of CSS (Cascading Style Sheets) has allowed designers to do more of what they want without locking up their content. Most critically, freeing text makes page indexing more accurate, which helps findability.
One of the more recent additions to the CSS arsenal has been the ability to link to a specific display font. Without such links the designer is at the mercy of whatever fonts are loaded into the user's browser. Depending on the browser is at best an imperfect solution as fonts may be missing or have bugs in them. If you want your HTML-encoded text to be properly read everywhere by everyone, the best bet is to say "render it in THAT font" and then test the heck out of it to make sure it works.
(Full disclosure: Jeffrey Veen and I overlapped in time at the MIT Media Lab. I did not speak to him for this article.)
The amount of text copied that is necessary to trigger this seems to vary by which browser you start in.
The idea is that you upload a picture to it and it tells you where else on the Web it has seen that picture. One obvious use would be sourcing material - I have this picture, who might it have come from - and another would be finding people who are using your images. Imagine a widget that would let you feed a full Flickr stream or Picasa album to it, rather than trying to upload one image at a time...
First, though, the Post has it completely right - newspapers screwed the pooch and are killing themselves as a result. As good a paper as the Rocky Mountain News was - and by all accounts it was first class - it could not change the basic fact that people are no longer relying on newspapers for... well, "news." As the social concept of what it means to be up to date and informed changes, the medium has to change. Evolve or die.
Which is not to say he's recommending that the Times do such a thing; he's just pointing out the economics of newspaper delivery are heavily weighted against the current model and continuing to push it is pretty likely to fail. See, for example, his column from today on "The Next 9 Newspapers To Die."
Of course, we've had DVD rippers forever; the problem is that they're technically a no-no, since they tend to strip off the copy protection. The question of whether or not this is a legal backup copy of software you legally own is best left for another time. RealDVD leaves the copy controls in place by, effectively, locking your copy to the hard drive onto which it was burned. All the bits from the DVD platter are transferred, once, and no further. At 5G+ per burned copy it's still pretty huge and even with the plummeting prices of large thumb drives I can't see a whole lot of value here.
PC World previewed the program as well and didn't come away much more impressed than I.
I had a nice chat last week with Mike O'Donnel of iCopyright about their new service for small and independent publishers. The company has a large for-pay service that is used by large publishers, including news wires, to track the digital progress of copyrighted materials and they're reusing some of that technical infrastructure for the new offering.
O'Donnell noted that previous attempts to let individuals control how their intellectual property is used, particularly Creative Commons, lack a number of useful features. iCopyright is promoting itself as an alternative that is free to small-scale creators, and supported by advertising and partner revenue.
But back up a step - what's wrong with CC and how can it be fixed? Well, some of the lacks are that there is no loopback to the creator. If I put a CC license on my works I have no way to track how those works are being used, or to confirm that something is in compliance with my CC license terms. CC also has no enforcement system and if I wish to charge a fee for use (a term specified in CC licenses) there's no mechanism to help me collect these fees.
As a free-to-creators service this seems like a step forward - we definitely need more active and more powerful tools to turn copyright flexibility and fair use ideas into actionable entities. It's far from the last word, I'm sure.
The report's site contains a summary of the report's findings, a downloadable PDF of the full report and an online FAQ describing their research methods and key findings. I haven't digested the full thing yet, but the three basic conclusions are stated pretty bluntly:
Anyone can be framed for copyright infringement. The remote and automated generation of complaints shifts the burden significantly onto the accused to prove their innocence.
In addition to malicious framing, innocent people can still be erroneously fingered, even if they've never run a P2P program
Privacy in P2P networks is partial or illusory at best
Unfortunately, the feature is buried by default under a collapsed page region. It's one click to expand, but I wonder if many people - even advanced search users - will go that extra step. Most searchers I know are in a hurry to get results.
The search form provides a link to an explanation of Usage Rights, which includes a further link to Creative Commons. It's not exactly the kind of feature that will drive awareness and publicity, but it's a small step forward.
Earlier this week I had a chat with Jason Nazar of docstoc.com. The company had contacted me a while back suggesting the chat. They're a beta-level software startup dealing with professional, legal, and business documents.
I was initially dubious that there was a Copyfight angle to this story. As Nazar himself pointed out, there's not a lot of illicit traffic on the P2P nets in business content, particularly when compared to the volume of entertainment-oriented content (music and movies primarily). That said, docstoc does have some points of interest for this blog, particularly in thinking about new business models that could be built around sharing.
First, back up a few steps. Docstoc is a hosting, sharing, and community site. Like YouTube it produces no original content bur rather holds and shares content (documents) uploaded by people. There's no membership fee and anonymous uploading is allowed. If you want to download a document, then you have to have a site login.
Since the point of the site is to share documents, everything placed on the site is in some sense free. Docstoc takes advantage of several Creative Commons licenses so when you upload files you can specify varying degrees of free - free to view and free to download being the two most popular I saw. The site uses a proprietary Flash program to embed the content for viewing, which allows them to encapsulate most of the popular business document formats (PDF, Word, Excel, PPT, and so on) in a uniform UI. In addition, they allow the player itself to be embedded; for example, here is a TechCrunch blog entry on WikiMedia's financials that contains an embedded docstoc player. Paradoxically, their use of an encapsulating player may both protect documents from casual copying while thwarting automated scanners like Attributor, which attempt to detect reposting of private content.
Docstoc is what I'd call a 'data cloud' play. Like Google Documents and other applications, there is an appeal to upload your content and access it from anywhere you have a net link, not just the hard disk on which the document currently resides. Like YouTube it also has nascent community features, including ratings, view counts, and personal blogs. Though these seem to be de rigeur in today's apps I'm not sure of their value here.
So, if everything is free, how does anyone make money? Well, from an individual point of view, docstoc is at worst free advertising. Many small companies and sole proprietorships put free samples, white papers, and other business-related downloads on their sites, which then languish in obscurity. These same files, uploaded to docstoc, become indexed and searchable both on the docstoc site and on major search engines that crawl the docstoc pages. When Google searches start to return hits into docstoc's cloud there's a good chance the uploader is going to see higher SERP placement than he could manage on his own.
Docstoc itself has to figure out how to make money on this and so far they don't have a solid model in place. Obviously there are advertising possibilities. As with any kind of targeted search, docstoc has the chance to generate high-quality sales leads to advertisers. There's also an option to partner with high-end paid content providers. These providers (think Gartner Group) are never going to put up their expensive paid research on docstoc. But they could put up teasers and previews, then kick back a piece to docstoc for sales leads and link referrals.
Finally there's the idea that documents + service are more valuable than just documents alone. This is similar to the open-source notion that software+service is better than only raw code. If I've just downloaded a business plan template it might behoove me to sit down with a consultant in my area to flesh that plan out. Again, docstoc is positioned to know what I've downloaded and possibly where I'm located so they can hook me up with a service professional, taking a small slice of the business referral revenue.
It's an unproven model, but that's true for most anything you can say about trying to make a legitimate business around freely sharing information. I don't know if I'm convinced enough that I would invest my own cash in the business, but I'll probably upload some documents and see how they fare.
The story begins with "The Antipiracy Inquisition" and moves from there to DRM. Unfortunately Arar doesn't go much beyond the surface annoyances to talk about why these developments have happened and how they became so widespread. The result is an amusing and light piece, quickly read and probably just as quickly forgotten.
Last Friday I had a phone conversation with Rich Pearson and Matt Robinson of Attributor, a Redwood City, CA, startup. The nominal reason for the call was that Attributor announced this week that it has signed up Reuters as its second big customer using the company's content-tracking platform. In actuality, we had a wide-ranging conversation on the company's products and philosophy.
People who've been reading me for a while will know that I feel we desperately need new business models - the old dinosaurs aren't going to survive. Attributor wants to make the case that they provide a technology platform on which new models can be built, based on the ability to find out quickly where content is appearing on the Web.
Attributor's own business model is that a content creator signs up with them and identifies content to be tracked - so far they have announced deals with news syndication giants AP and Reuters and are in "closed beta" with 15-20 other content creators, including bloggers. The Attributor platform monitors Web pages and identifies instances of use of the tracked content.
The "secret sauce" (as they put it) has two parts: one is they claim to be able to track billions of Web pages in near-real time; the other is that their idetification algorithms are claimed to be able to identify the amount of content reuse, down to about the paragraph level within a text document.
The first is interesting in that it's a claim about the value of the long tail. Does AP care that its story appears on someone's blog or MySpace page? Does it care as much as it cares when that story appears on your local NBC affiliate's Web site? Maybe, maybe not. One of the arguments Pearson and Robinson made is that their customers care about the "reach" of certain messages. It's one thing to see your stuff show up at all on Digg or Slashdot; it's another thing to know that within a week of that appearance the story was found on 300 other blogs. From just a simple marketing perspective, it would be useful to know which types of content propagate in which ways. Attributor claims that people care about the long tail into time as well - not just the the first 72 hours.
The second point is truly key to discussion around fair use. If we believe that anyone in the Cartel still respects the principles of fair use doctrine, then it makes a huge difference whether I've copied a whole AP story or am just quoting a paragraph in a Copyfight posting. And of course once a "hit" has been found it's simple to analyze the page for the presence of paying ads, giving prima facie evidence of whether someone using a piece of content is making money off that use.
So if the technology works - they claim 99th percentile accuracy in both precision and recall - what can you do with it? Well, one of the services Attributor offers is automated DMCA takedown notices. It's up to the customer to decide to send them, but they're there. This led me immediately to wonder how they plan to avoid fiascos like SFWA created with its spurious takedown notices. To wit, what prevents me from using Attributor to generate improper DMCA notices?
The answer is "not a whole lot." Attributor have some identity-checking capability, as do most online Web companies. And they provide linkbacks so that takedown notice targets can see what content specifically is claimed to be infringing as well as who generated the notice. But the DMCA remains a blunt, clumsy instrument and Attributor isn't going to fix that. Pearson and Robinson want to focus more on the notion of "multiple remedies". If I know who's using my content in what quantity how often for what purpose I have much more information to go into a business negotiation. They believe their customers are more forward-thinking and interested in new revenue opportunities more than locking down use.
Speaking of lockdowns, what about DRM? Attributor paints itself as "the opposite of DRM" and on this point I agree. The fundamental notion of DRM is control over action by people with content - it's necessarily a preemptive strategy since you can't attach DRM to content post facto. The fundamental notion of Attributor is "know what's going on then decide what to do". By providing visibility into how, where, and when content gets used, they believe they can open up opportunities for new product development, such as use-based licensing.
Will this really happen? Magic 8-ball says "ask again later". It's quite clear we need new tools and new ways of thinking about managing digital content, but I don't see any guaranteed winners this early in the game.
Georgia Tech is touting some new research for its film industry sponsors on ways to disable digital cameras in small spaces, such as movie theaters. I'm reasonably confident that by the time this makes it into commercial production the camera technology will have gotten smarter and pirates will be able to hide their cameras from simple scanners.
However, more troubling is this as evidence that the Cartel hasn't swayed from its "we are the law" mentality. Remember, these are the guys who tried to get their Congressional sock puppets to pass a law allowing them to break into and cripple your computer if they thought you were sharing music without permission.
Also problematic are some of the other proposed uses, such as stopping people taking pictures of their own kids in spaces like malls. When, exactly, did we cede THAT right to the Cartel?
First, the authors claim that the two DRM systems analyzed - MediaMax and XCP - are more complex than usually described. Secondly, they claim the systems suffer from "a diverse array of flaws" and that these flaws in turn lead to both security and privacy risks for consumers of the audio disks. I have not had time to read the report in depth; if one of you has, please give us a review?
'Tis the season for miracles, and it looks like Diebold, the company that tried to gag college kids with specious copyright claims for revealing potential flaws in its voting machine technology, is the happy beneficiary. In less than 24 hours, the North Carolina Board of Elections inspected and chose to certify Diebold equipment for use in real elections. That's after the Electronic Frontier Foundation, my beloved former employer, dragged the company, kicking and screaming and grabbing desperately onto door frames, into the courtroom. Where company lawyers insisted, repeatedly, that Diebold could not possibly meet the basic requirements for such an inspection.
Explains e-voting superhero Matt Zimmerman at Deep Links:
Diebold pleaded with the court for an exemption from the statute's requirement to escrow "all software that is relevant to functionality, setup, configuration, and operation of the voting system" and to release a list of all programmers who worked on the code because... well... it simply couldn't do it. It would likely be impossible, said Diebold, to escrow all of the third-party software that its system relied on (including Windows).
What a difference a few days make.
Despite Diebold's asserted inability to meet the requirements of state law, the North Carolina Board of Elections today happily certified Diebold without condition. Never mind all of that third-party software. Never mind the impossibility of obtaining a list of programmers who had contributed to that code.
And never mind the Board of Election's obligation to subject all candidate voting systems to rigorous review before certification...
It's not sexy these days to talk about the battle over transparency and accountability in voting technology. It's the wrong November, and there's no "rootkit" in e-voting. But this kind of outrage continues to happen. If you value hearing about things Diebold and other companies really wish you wouldn't, pass the word along and join EFF today.
For years, the entertainment industry's DRM strategy has seemed to follow the old story about how to boil a frog: Start it going in a pan of cold water and gradually turn up the heat.
So it is with digital rights management: Start consumers off with restrictions only the techiest edge-cases among them will notice, then quietly increase control. Apple's iTunes, for example, has downgraded the behavior of already-purchased music files. One day you could burn a playlist 10 times, the next day only seven.
Once you've accepted that "your" music comes with only a set of pre-defined uses -- and not any personal use you can invent -- you might not notice as you lose the ability to do your own format-shifting. Just as fans once re-purchased music as it moved from 45 to LP to CD, perhaps they could be conditioned not to complain if they were made to re-license when they replaced computers and stereo components. Instead of selling CDs, then, marketers will then be able to slice up the "music experience" and license pieces back to the fans whose rights they've taken, ideally for more than the one-time profit on a CD.
Given that Sony has taken to installing spyware to protect their music, you may be wondering why this episode in the DRM struggle has been good for the consumer. Simple: consumer awareness. For the past several years, much has been made of viruses and spyware and their adverse effects on our computers. The industry designed to stop these threats brings in tens of millions of dollars every year to stop these vicious pieces of software. The average consumer understands what a virus or spyware is. However, stop most consumers and ask them to explain DRM and you'll probably get a blank stare. Up until now, the consumer has been uneducated on what DRM is and how it will affect their daily lives. The major music and movie studios have been fine with this; and now that awareness is changing.
The average fan, who may never have been blocked from playing music from the (new) Napster music store on an iPod; who may never have tried to create her own version of the Daily Show from a TiVo-to-Go'd evening news program but been stymied by copy controls; suddenly has a vivid example of how DRM takes your music -- and your computer -- away from you. CERT, the US Computer Emergency Response Team, is advising
users, "Do not install software from sources that you do not expect to contain software, such as an audio CD."
In the wake of an explicit warning from the United States Computer Emergency Readiness Team (US-CERT) never to install "software from sources that you do not expect to contain software, such as an audio CD," Princeton's Alex Halderman and Jeff Dwoskin have developed a vaccine for those of us already infected by Sony-BMG rootkit DRM:
To install the tool, download this file to a temporary location, then double click on the file's icon in Windows. (Windows may ask you to confirm that you wish to add the information in the file to the system registry -- choose "Yes.") After the tool has been applied, you may delete the file. The tool will take effect as soon as you close and restart Internet Explorer.
"Stewart Baker, recently appointed by President Bush as the Department of Homeland Security's assistant secretary for policy, made a comment that suggested that some anti-piracy efforts introduced by the industry could have profound and unexpected effects on the security of the nation's critical infrastructures. ...
'I wanted to raise one point of caution as we go forward, because we are also responsible for maintaining the security of the information infrastructure of the United States and making sure peoples' [and] businesses' computers are secure. ...There's been a lot of publicity recently about tactics used in pursuing protection for music and DVD CDs in which questions have been raised about whether the protection measures install hidden files on peoples' computers that even the system administrators can’t find.'...
'It's very important to remember that it's your intellectual property -- it's not your computer. And in the pursuit of protection of intellectual property, it's important not to defeat or undermine the security measures that people need to adopt in these days.'"
Edward Felten has decided that in the battle to save innocent victims from Sony's reckless, self-destructive DRM bender, the time has come to start calling a spyware a spyware: "In all the discussion of the SonyBMG software, I’ve been avoiding the S-word. But now it’s clear that this software crosses the line. It's spyware."
He also suggests that Sony now recognizes how badly it has stumbled, but continues to publicly defend itself for strategic reasons. In other words, it's gathering the tatters of respectablity tightly around its shoulders as the winds of public disgust grow stronger, hoping that someone, somewhere, still believes it's doing the right thing. Because sometime soon, it's got to shave the beard, tuck in the shirt, and appear before a court of law.
Now the Legalese Rootkit: Sony-BMG's EULA helps you understand what Sony-BMG will no doubt claim you "agreed" to when you bought, opened, and inserted the CD into your computer. Example: "Sony-BMG can install and use backdoors in the copy protection software or media player to 'enforce their rights' against you, at any time, without notice. And Sony-BMG disclaims any liability if this 'self help' crashes your computer, exposes you to security risks, or any other harm."
Yesterday, the companies released a software update that they say “removes the cloaking technology component that has been recently discussed in a number of articles”. Reading that statement, and the press statements by company representitives, you might think that that’s all the update does. It’s not.
The update is more than 3.5 megabytes in size, and it appears to contain new versions of almost all the files included in the initial installation of the entire DRM system, as well as creating some new files. In short, they’re not just taking away the rootkit-like function — they’re almost certainly adding things to the system as well. And once again, they’re not disclosing what they’re doing.
Speaking of disclosure, Felten also responds to law professor Eric Goldman, who argues that regardless of how people feel about DRM, Sony/BMG's EULA appears to cross all the t's and dot the i's. Writes Felten [emphasis, mine]:
While the legal question is beyond my expertise, it’s awfully hard to see how, from a common-sense viewpoint, SonyBMG could be said to have disclosed that they might be installing rootkit-like software. Surely the user’s consent to installing “a small proprietary software program … intended to protect the audio files embodied on the CD” does not give SonyBMG free rein to do absolutely anything they like to the user’s computer.
Surely not. And that's where (much of) the anger and outrage is coming from.
(1) Admit that there is a problem. The companies can admit that the software uses rootkit-like methods and may expose some consumers to increased security risk.
Step two? Admit to the Higher Power, to yourself, and to other human beings the exact nature of your wrongs.
(2) Modify product packaging, company websites, and EULA language to disclose what the software actually does.
Three? Make a list of all persons you have harmed, and become willing to make amends to them all.
(3) Release a patch or uninstaller that lets any consumer easily remove or disable the rootkit-like functions of the software. Having caused security problems for their users, the least the companies can do is to help users protect themselves.
Finally, come to believe that a Power greater than yourself can restore you to sanity. Computer security experts can expose you to ridicule by the entire Internet community -- or help you climb out of the gutter and start anew in the world of respectable, trustworthy computing.
(4) Make clear that the companies support, and give permission for, research into the security implications of their products. Saying “trust us” won’t cut it anymore. Having betrayed that trust once, the companies should publicly welcome the Mark Russinoviches of the world to keep studying their software and publishing what they find. If you act like you have something to hide -- and you have had something to hide in the past -- the public will be smart enough to conclude that you’re probably still hiding something. This is especially true if you announce that you are trying to find new ways to do the thing that you were just caught doing!
This is a picture of interoperability. It was on the nightstand when I checked into a hotel recently: a clock-radio with a headphone plug and a button on top labeled "MP3." Simple, but clever. Travelers can plug into their own music players or computers and hear music through the radio's speakers; they can set the clock to wake to tunes from their iPods.
Open standards mean they can do this without telling the hotel in advance all the brands of music devices they might be bringing. Standardization and uncontrolled outputs let any music player interoperate with any pair of headphones -- including a clock-radio plug shaped like a pair of headphones -- with only an adapter to make them fit.
This is one face of what technology mandates like the broadcast flag will kill.
While I can bring my music collection to any pair of headphones or speakers, a broadcast flag would prevent me from doing the same with my collection of recorded television. Why shouldn't the hotel's HDTV have a similar universally interoperable plug on the front? Because instead of one open standard, there will be multiple proprietary and non-interoperable standards for HDTV under a broadcast flag. It won't stop the pirates, but it's bound to frustrate lawful users.
Welcome to the Hotel FCC, home to the latest in HDTV. Of course you'd like to watch your recorded programs.
Did your digital video recorder produce WMV files? I'm sorry, our only TV capable of displaying that is in room 1201, which is already occupied.
TiVo-to-go? Sorry again, the gentleman last staying in room 512 reported that TV broken but we haven't been able to get a certified technician in to repair it.
Yes, you're welcome to down-rez your videos, room 230, but I'm afraid guests have reported that the pixellation just doesn't meet their quality expectations. We do have some old movies on pay-per-view...
Jennifer Granick's story in Wired about a cell phone company using copyright law and technology to lock customers into their service:
Last week, I was contacted by a small company that I'll call Unlocko. Unlocko sells software that "unlocks" mobile phones so owners can select different cellular providers on the same handset. The company had received a cease-and-desist letter from a large mobile phone provider, which I'll call CellPhoneCo.
Like most U.S. cellular providers, CellPhoneCo electronically locks the handsets it sells so the phones can only be used with CellPhoneCo's service. CellPhoneCo claims that the sale of unlocking software is illegal.
The financial motive behind this claim is obvious. Companies have been using the razor blade business model to guarantee a steady stream of revenue ever since, well, the razor blade.
...with this article in which the Trusted Computing Group (TCG), a group developing specifications for cell phone-lockdown, implies people have nothing to fear because these "security" features will be optional, whilst a TCG-friendly analyst calls concerns about its anti-consumer applications "extremely paranoid."
Edward Felten, responding to the news that Hollywood is funding its own lab to cook up a new form of DRM that will finally, finally keep its content safe from infringement on the Internet:
When MovieLabs fails, expect the spinners to emerge again, telling us that MovieLabs has a great technology that it cant tell us about, or that theres a great technology that isnt quite finished, or that the goal all along was not to stop P2P copying but only to reduce some narrow, insignificant form of copying. Expect, most of all, that MovieLabs will go to almost any length to avoid independent evaluation of its technologies.
This is a chance for Hollywood to learn what the rest of us already know -- that cheap and easy copying is an unavoidable side-effect of the digital revolution.
Opines Mike over @ Techdirt: "The industry would be much better off taking that $30 million and spending it on creative new ways to embrace what people are doing with their content."
If you're a relative newbie to digital music downloading, you may be growing increasingly impatient with shrill diatribes from Internet pundits who rant about how digital rights management (DRM) is bad without explaining why -- or rather, without explaining why in language you can actually understand.
Apple iTunes Music Store Says..."Own it Forever and a Day" and "Just 99 Cents, Plus Generous Personal Use Rights"
The Facts: You Bought It, But They Still Own It
Imagine if Tower Records sold you a CD, but then, a few months later, knocked on your door and replaced the CD with one that you can't play in your car. Would you still feel like you "owned" the CD? Not so much, eh?
But Apple reserves the right to change at any time what you can do with the music you purchase at the iTunes Music Store. For instance, in April 2004, Apple decided to modify the DRM so people could burn the same playlist only 7 times, down from 10. How much further will the service restrict your ability to make legal personal copies of your own music? Only Apple knows.
Another hallmark of ownership is the right to give away or sell your property. That's called "first sale," and it's explicitly protected under copyright law. Yet Apple's DRM frustrates first salejust ask George Hotelling, who had to give away the login and password to his iTunes Music Store account in order to resell a single song.
As the table below shows, there are many other ways that Apple's DRM limits what you can do with a song you "own." Many other a la carte download services choose to impose similar restrictions. How "generous" of them.
The guide also covers RealNetworks, Napster 2.0, and Microsoft's "Plays For Sure" DRM campaign. Check it out and pass the word along.
Is CNET recycling stories? Today's blip from John Borland claims that the latest offensive in the Cartel jihad against its customers is "the first time using peer-to-peer companies' own data to track down individuals accused of trading movies online."
That didn't seem right to me, not least because I've read and blogged stories from Borland in May (MPAA vs. TV Lovers) and February (Sue your customers...) on previous rounds of lawsuits that appeared to have been spawned out of the takedown of the LokiTorrent site, which included a handover of the site's log files. The MPAA sounds like it's being coy (it has no reason I can see to reveal its sources) and Bram Cohen (creator of BitTorrent) continues to warn people not to use the software for swapping since it doesn't contain anonymity features. Sure, but I bet there's a config file option somewhere that lets you set logfilelength = 0.
That's the consensus at EFF after we took a look at Sun Microsystem's plans for an open DRM project perplexingly called "Open Media Commons":
Yesterday, Sun Microsystems announced its new "Open Media Commons," with a goal of "[s]pecify[ing] open, royalty-free digital rights management and codec standards" to "ensur[e] intellectual property protection." The problem with this approach is that making DRM "open" and "royalty-free" doesn't make it any less damaging and counter-productive.
People have the legal right to make fair uses of content. They have the legal right to use materials in the public domain. They have the legal right to use publicly owned works, such as government-gathered facts. Any software system, open or not, that blocks us from making these legal uses of our digital content is bad, especially when the Digital Millennium Copyright Act (DMCA) makes it illegal for us to circumvent the copyright protection to make these legal uses.
This "Open Media Commons" says a lot about fostering sharing and so forth, but there's precious little to indicate that it will be any less threatening than the Microsoft DRM that it's supposed to challenge.
Using "commons" in the name is unfortunate, because it suggests an online community committed to sharing creative works. DRM systems are about restricting access and use of creative works. We wish that Sun's announcement brought better news for people worried about DRM taking away their rights, but it doesn't.
There's even a semi-public project, the OSx86 Project. The entire affair would appear to be massively illegal, not least because enabling the OS to run has required explicitly bypassing a software module (kernel extension) and associated Infineon hardware chip called TPM that is explicitly designed to stop OS X from running on ordinary PC hardware. If that's not a blatant DMCA violation I don't know what is.
That said, Apple's response to date has been muted. It may be that they're considering their options, or they may calculate that, on balance, this kind of experimentation and publicity is going to help their bottom line more than hurt it. I have no insider info.
(*) Full disclosure: I work for EMC, which also owns VMWare; I have no direct connection with that subsidiary.
You might imagine that copyfighters are exaggerating when they talk about technologists asking Hollywood for permission to innovate. You'd be wrong.
Over at Freedom to Tinker, Edward Felten has posted snippets from a Microsoft white paper on the forthcoming "Windows Vista" operating system. They show Microsoft giving Hollywood explicit veto power over parts of the operating system functionality. For instance:
Content industry acceptance
The evidence must be presented to Hollywood and other content owners, and they must agree that it provides the required level of security. Written proof from at least three of the major Hollywood studios is required.
What are the implications? As Derek Slater writes at Deep Links:
With its entertainment industry accomplices, Microsoft is turning your general-purpose computer into a toaster -- a content-vending appliance that obeys copyright holders, not you. As Felten explains, your PC will cost more and do less.
It will also make criminals out of more and more legitimate technology tinkerers and average users. To modify practically any part of your PC and use the software or hardware of your choice, you'll have to circumvent DRM in ways that may violate the DMCA.
Meanwhile, Microsoft's new DRM will do nothing to prevent widespread infringing distribution of copyrighted content -- the illegal activity that the restrictions are supposed to target.
So why should Microsoft give in to Hollywood's demands? According to Linux guru Don Marti, Microsoft isn't caving. It's just doing what's best for the company:
Isn't it time to drop the polite fiction that MSFT and other incumbent IT and CE vendors are only doing DRM because of big, bad Hollywood? ...[Having] "Hollywood" clamoring for harsh DRM (based on technical facts from the IT industry) actually helps the current market leaders. ...
With DRM, MSFT and Apple can keep their customers from switching back and forth (or maybe to Linux), and CE vendors can't lock out $39 Chinese DVD players, but can at least collect a tax on them.
In other words, this isn't about stopping mass copyright infringement or pleasing Hollywood. It's about keeping "consumers" locked in and people who develop potentially competing products locked out.
Textbook is locked to the computer where you downloaded it from;
Copying and burning to CD is prohibited;
Printing is limited to small passages;
Unless otherwise stated, textbook activation expires after 5 months (*gasp*);
Activated textbooks are not returnable;
Buyback is not possible.
There an official press release from the publishers for download here. It talks up price discrimination as a feature -- cash-strapped students won't have to pay as much for hobbled textbooks that disappear from their computers and can't be returned or resold to recoup costs. Isn't that nice?
I'm envisioning students taking Internet law and technology classes conducting their own experiment with these textbooks: documenting the ways they block the traditional activities associated with learning and scholarship.
Update: Professor Felten, who has been deluged with requests for comments: "First, a correction. As far as I can tell, Princeton University has no part in this experiment. The Princeton University Store, a bookstore that is located on the edge of the campus but is not affiliated with the University, will be the entity offering DRMed textbooks. ...
In any case, I don't see a reason to object to the U-Store offering these e-books, as long as students are informed about the DRM limitations and can still get the dead-tree version instead. ...
I don't object to other people wasting their money developing products that consumers wont want. ...The problem with DRM is not that bad products can be offered, but that public policy sometimes protects bad products by thwarting the free market and the free flow of ideas. The market will kill DRM, if the market is allowed to operate."
A friend pointed me toward Rabble, a product from Intercasting Corp, itself founded by three ex-MP3.com execs. Rabble is an application for cell phones and similar handheld devices that is integrated with popular blogging applications. "Sort of like myspace, but for your telephone," he says. It's also got some integrated local search capabilities to give you access to nearby blogs.
The target market is the ever-popular 14- to 25-year olds, for whom cell phones are a far more integrated social device than they are for older cell users.
Something is very wrong. While Microsoft may consider itself only helping out by providing facilities to aid and abet such stifling control they are doing damage by thwarting the dynamics of the marketplace. Sadly, both Microsoft and Intel seem to be determined to undermine Moore's law by saddling it with fatal complexity in the hope of insuring their incumbency and the incumbency of other industries that are past their prime. ...
Microsoft is going to prevent what they call "hardware attacks" (as well as "software attacks") on premium content. Such attacks include what others call fair use. My attempt to watch content on my own screen is an example of just such as "hardware attack."
For years, Hollywood has responded to criticism of the effects of digital rights management (DRM) on fair use by suggesting that the public can still use analog outputs to make (possibly lower-quality) copies of works for fair use purposes. Because of the prospect of using analog outputs in this way, say studios, lawful personal copying is not completely eliminated by DRM. Even as they made this argument, however, the studios pursued a campaign to restrict such recording by characterizing it as a "loophole" -- the so-called "analog hole" or "analog reconversation problem." The same recording techniques that movie studios hailed as the protection for fair use were also stigmatized as an intolerable escape from the supposedly perfectly controlled world of DRM. ...
CGMS-A compliance is one of Hollywood's top priorities. A lack of transparency in the copyright industry's negotiations with technology companies makes it unclear precisely what sorts of threats and incentives are winning the technologists over. Yet these negotiations appear to be accomplishing what Congress declined to do: making devices that obey CGMS-A ubiquitous, arranging for recording equipment to comply with the studios' and broadcasters' copying policy preferences, even to the point of refusing to record certain programming at all. Once again, this outcome is not the law; it is simply the technologists' decision to side with the studios against end users.
For a more comprehensive view of what it really means for Microsoft to forge an "alliance" with Hollywood, check out Seth's previous three posts:
Microsoft Trusted Computing Updates: "Microsoft's NGSCB project, although delayed, remains troubling because of its ability to strengthen DRM-like applications and facilitate software lock-in."
The Dangers of Device Authentication: "Major hardware vendors are now taking giant steps toward several sorts of device authentication. These steps ultimately threaten...PC users' interests.... Why would hardware vendors do this? One major source of motivation for device authentication is Microsoft's Protected Media Path (PMP) project, a successor to the Secure Audio Path (SAP)."
Protected Media Path, Component Revocation, Windows Driver Lockdown: "In the near future, when you try to install software to time-shift your favorite Real Audio webcast, your PC might disable all media player applications. Until you remove the software, your PC will remain crippled. Or perhaps you want to watch a downloaded movie on a wide-screen TV, but your PC might turn off its video card's analog output. Welcome to the world of Windows Longhorn (now known as Vista) and the Protected Media Path, where Microsoft, copyright holders, and DRM licensors may grant or revoke permission to use your own computer and digital media."
Via Dave Farber's IP list comes Bob Frankston's excellent essay on "why DRM can be problematic rather than simply annoying." Explains Frankston to the list (emphasis, mine):
The juxtaposition of Microsoft's effort to build the control of content into basic hardware and the comments on the Discovery Institute's Intelligent Design agenda gives insight to the problem -- if you believe you can design the future then why not lock in the incumbent's control?
One reason "why not": you risk sacrificing future economic dividends. From the piece itself:
DRM is a way of assuring that the "content owner" can maintain control. That seems innocuous in itself but it has the effect of limiting the marketplaces' ability to change. This makes sense in limited cases as it allows investors to recoup the cost of their investment and make a profit but if DRM works too well it prevents growth. A marketplace is a dynamic system that keeps changing. Why doesn't the marketplace simply devolve into chaos? The reason is that it is an evolutionary process -- one that provides opportunity for creating new results. We can think of this opportunity in terms of Chris Anderson's long tail -- it represents the value to be discovered rather than what is obvious.
A little bit of informal Web surfing tells me that there's no official torrent plug-in for Mozilla yet, but that several are in development. Of course the browser itself has been distributed as a torrent for some time but given the rapid rise in Mozilla's popularity, a torrent plug-in there would be significant.
Sling are stepping into an extremely gray legal area. They claim that "place shifting" ought to be protected by the same legal doctrine that protected time shifting. But as we learned last year, when TiVo introduced features to permit sending programs from one TiVo to another, the Cartel got up in arms as did other business that depend on breaking "proximity control," such as major league sports and local TV stations. On the flip side, cable operators can easily see the extra revenue potential for something like a Slingbox in getting more subcribers to hook up to new channels and services. Like DVR functionality, it's easy to see how this kind of capability could be built into a set-top box.
For now Sling are trying to play nice with the Cartel and have limited their device to only transmitting to one other device at a time. But that's a hacker-snipped resistor away from being a rebroadcast device and then it's Grokster all over again. Jason Schultz called these things "me2me" applications and that's what the manufacturer's seem to want (no inducement here, nope!). But I'm quite sure the street will find its own uses for the Slingbox, too.
UPDATE: A creative reader suggested that it's not necessary to break the 1:1 feature of these devices, if the receving "1" is a BitTorrent site somewhere "offshore" (from the US perspective). The result would be a fairly fast worldwide distribution of any broadcast content. The Cartel still has at least three avenues of attack against such a system, but it's an interesting intellectual exercise. Nothing in the preceding should be construed as an attempt to induce anyone to actually do this or any other copyright-violating activity.
There's a sense that podcasting may soon break into the mainstream world as big media companies like Clear Channel seem willing to invest money in the distribution channel. If iTunes turns out to also be the place that big media companies want to direct people for their podcasts, it's going to place additional pressure on companies that are lining up behind deliberately iTunes-incompatible DRM.
Want to watch the street find its own uses for things? Start at this story about CVS selling "one time use" digital camcorders. The gist is you buy it, record video on it, preview on a tiny on-camera screen, then bring it back to them and for another fee they'll put your video on DVD. This is a very typical "how people who value control above all else" think business model.
It's important to remember that no matter who you are - CVS, Microsoft, the Cartel, whoever - most of the smart people in the world don't work for you. It really would be better all around if more people would keep that in mind.
Princeton computer science professor/freedom fighter Ed Felten and trusted computing expert/freedom fighter Seth Schoen each weigh in on Apple's switch to Intel, which has everyone wondering whether we'll see more DRM in future Macintosh computers:
Ed says no: "Though theyre not talking much about it, savvy people in the computer industry have already figured out that hardware DRM support is a non-starter on general-purpose computers. ...If DRM is any part of Apples motivation which I very much doubt the reason can only be as a symbolic gesture of submission to Hollywood."
...but Seth isn't so sure: "We don't know yet. Using Intel platform features for DRM requires software support; since Apple appears set to continue its strategy of close control over both Macintosh hardware and the MacOS operating system, it has a lot of choices to make. Apple's current position on DRM in iTunes doesn't offer a lot of encouragement."
While supposedly backed by "[t]he research and development arm of a major automaker," it will be interesting to see how such innovations are received. Our current copyright system has nothing to accommodate such personal retransmission capabilities. Are these reproductions, distributions, or public performances? Are they fair use? Is this essentially the same as turning up your car stereo super-loud with the windows down, or is it like running your own radio station?
Interestingly, the system is currently limited to streaming, which makes it almost identical to Apple iTunes' "sharing" feature. It will be interesting to see the RIAA's reaction. Monitoring P2P networks is one thing; spying on us in our cars and on our daily commutes would be something quite different.
The original papyri were found, literally in a garbage dump, over 100 years ago. They've been stored in boxes in Oxford's Sackler Library. Apparently they're completely illegible to the naked eye, but someone had the foresight to save them in hopes they could later be read.
Reading the text is only the first step. Since most of the "documents" are actually fragments there's another task of putting together pieces of a jigsaw puzzle to rebuild actual wholes, estimated to run to about five million words in five or six languages.
The project has been sponsored by by the London-based Egypt Exploration Society whose Web site doesn't appear to contain any information on plans for the recovered material. I also checked around Oxford's site but didn't see anything relevant. The papyri themselves have their own Web site.
Interesting report out of Beki Grinter's lab at Georgia Tech showing that co-workers sharing digital music in the workplace form impressions based on others' musical libraries. What's interesting is not just that this happens, but there's an awareness of this process. People are consciously shaping what they share in an effort to build a favorable portrait of themselves, even with coworkers they don't know and don't interact with that much. As part of a conscious process, music-sharing is acting as part of the community-building practice in the workplace.
Once again, this is an example of user repurposing devices. Apple built in the sharing features so that people in a home setting - a family - could share music off an iPod. I doubt they intended people to set up image-building jukeboxes in the workplace.
Hellweg's article focuses more on what response Sony may have to these hacks. The PSP is selling well and Sony doesn't want to lose sales by engendering negative publicity. On the other hand, they didn't respond well to Aibo hacking.
Mark Cuban is fast approaching alpha-geek status. Check out his recent post on why he can't and won't buy CDs anymore:
MP3 players are changing peoples listening habits. We dont carry folders filled with CDs anymore. We carry our library in our MP3 players. We dont listen to CDs. We listen to playlists that we adjust all the time. We dont burn CDs anymore, its too time consuming. We copy all our music to our MP3 players so its all available at our fingertips.
As a copyfighting lawyer, I loved the spirit of tinkering in the air. The whole event was brimming with the spirit of exploration, interoperation, and user-driven innovation. The more people who catch that excitement, the more people we'll have fighting laws that restrict our ability to open boxes and re-use the contents.
I rarely agree with the intentionally sloppy Andrew Orlowski, but he's right about what's happening to Apple's iTunes. Any "upgrade" to the service likely means paying more (and more) for less (and less).
Jon Johansen (yes, that Jon Johansen) is doing something about it. He's been working on what he calls PyMusique, the "fair" interface to the iTunes Music Store. Explains Jon (via email):
PyMusique is an interface to the iTunes Music Store that lets you preview songs, sign up for an account and buy songs. It is somewhat interesting from a DMCA/EUCD perspective. The iTunes Music Store actually sells songs without DRM. While iTunes adds DRM to your purchases, PyMusique does not. Another difference is that signing up for an account using PyMusique does not require you to sign/click away any of your rights.
But here's the question: How "interesting" is it? Does it stay in the free and clear, or does it brush up against the DMCA or EUCD? This is a tough one.
To learn more, a tech-savvy friend of mine is examining how PyMusique works -- you might want to do the same before this tool becomes yet another Endangered Gizmo.
The target audience is still designers but the article gives some good insights for the general reader into how content aggregators (including blogs) change our experience of information particularly on the Web. Also has some practical tips for those who want to design to accommodate this behavior rather than fighting it. Are you listening, New York Times Company?
(Disclosure: the founder and principal of UIE is a friend and professional colleague of mine. I don't know Joshua Porter and am not blogging this for any benefit of my own.)
A virtual who's-who of Free/Open Source software (FOSS) names have signed a letter and called for a boycott of the OASIS (Organization for the Advancement of Structured Information Standards) standards, on account of their promotion of RAND (reasonable and nondiscriminatory) licensing terms for patents.
I'm a big fan of RF, having worked at more than one startup that would have died a painful death in a RAND world. However, it's really unclear to me why these big guns have chosen to take on OASIS, particularly at this point. For one thing (as OASIS CEO Patrick Gannon has pointed out) OASIS has revised its IP terms to permit RAND, RF, or RAND-but-free.
Second, the last time I looked, IETF was also promoting RAND and nobody was calling for a boycott of them. What gives, guys?
Google's Auto-Link adds links to certain kinds of content that appears on web pages (like a link to Google Maps for addresses, or Amazon for ISBNs).
Some people (like Dan Gillmor) are viewing this with suspicion. (The Trademark Blog has collected the commentary.) They shouldn't. The issue is simple: Who owns your desktop? You, or the owner of whatever webpage you happen to be browsing?
A meatspace analogy should make this clear: Imagine I have a butler whom I task with going through what drops into my mail slot each morning. His job? To annotate my snail mail. He goes through the advertising circulars and researches whether better prices are available anywhere else. He gets me a map of every return address. Maybe I ask him to anticipate needs I don't even know I have yet. If he does something I don't like, I replace him.
When I visit your website, and you send me a page in response, I should be able to do whatever I like to manipulate it on my end. Display it in purple, suppress images, block pop-ups, compare prices from other vendors, whatever. In the words of my colleague, Cory Doctorow, "it's my screen, and I should be able to control it; companies like Google and individuals should be able to provide tools and services to let me control it."
Let's leave aside whether time-shifting television with an off-brand counterpart to TiVo is "stealing." A more important problem with the article is that it gives a false impression of the normal user experience of BitTorrent. [According to the article,...] "On the kind of peer-to-peer site that gave the music industry night sweats, an episode of 'Desperate Housewives' that some fan copied and posted on the Internet can take hours to download; on BitTorrent, it arrives in minutes."
That hasn't been my experience of BitTorrent, and I doubt many other ordinary users routinely experience the downloading of TV programs in "minutes." On the off chance that BitTorrent speeds had suddenly improved since I had last used the application, I conducted an experiment...downloading Episode 13 of "Huff"...took six hours...An HDTV version of the episode, in full resolution, might have taken ten times longer.
Don't get me wrong: BitTorrent is a significant advance over last-generation file-sharing programs, especially in terms of maximizing use of bandwidth. What it doesn't do, at least for ordinary broadband users, is enable the kind of rapid downloading of TV content that the Motion Picture Association of America believes it must attack.
We've had quite a few dicussions in the space about Hollywood's attempts to rob you of your fair use rights in order to sell them back to you (see here, here, and here). Today Fred von Lohmann has published a review of Elgato's EyeTV -- a Mac product that allows people to make fair uses of high-definition digital television broadcasts. One such fair use might be recording a clip of a movie like "The Lord of the Rings: Fellowship of the Ring" to use in the context of discussion/review -- and that's precisely what Fred has done [500 MB+ Bit Torrent download].
In only seven months, the FCC's "broadcast flag" regulatory regime will go into effect -- and the regime does not recognize the right to fair uses like this one. But if you make like Fred and purchase devices that aren't hobbled now, you'll be able to keep making perfectly legal uses of recorded broadcasts despite the flag.
What benefits does "competition" in the digital video recorder (DVR) market bring consumers in the post-ReplayTV litigation world? If the details in this USA Today piece on DirecTV's DVR-in-planning are any indication, not many.
We knew we couldn't expect to see a major breakthrough in functionality; after all, the copyright cartel has stuck a fork in the DVR, and it wouldn't take very kindly to anyone daring to innovate "outside the TiVo." Here's what we get instead:
identical functionality (surprise!);
except not really, because you won't be able to jump over commercials entirely using the 30-second hack;
video-on-demand included as part of the service; and
it'll be cheaper to get video-on-demand + "TiVo" -- nice if you're already purchasing both separately.
And finally, the most exciting new feature of all (at least according to Abe Peled, the CEO in charge): you get to pay for your pay-per-view movie when you watch it, rather than when you first select it for purchase. So you can, you know, change your mind and stuff.
News.com reports the comments of a founder of the MP3 standard, saying what we've all known all along: the number one roadblock to growth in the online music biz is not piracy, but DRM.
"It has slowed the download business for sure, and it's doing the same for the gadget makers," said Karlheinz Brandenburg, director of electronic media technologies at the Fraunhofer Institute in Ilemenau, Germany.
Consumers nowadays can store thousands of songs in a pocket-size device, play music and videos on their mobile phones, and buy albums at the click of a button.
But to their chagrin, a bewildering number of competing playback compression technologies and antipiracy software options determine which songs play on which devices.
Apple Computer, RealNetworks and Sony each have developed proprietary playback and DRM (digital rights management) antipiracy technologies. Songs bought on Apple's iTunes music store can play only on Apple iPods. Ditto for Sony.
The alphabet soup of technologies is meant to prevent fans from rampantly duplicating and transferring songs to others.
Via Ren Bucholz @ miniLinks, a fascinating article on the UK's digital radio market and the products that will let listeners copy/pause/replay anything they can tune:
More than 20 years after MTV aired "Video Killed the Radio Star," the original broadcast medium is moving to reclaim the cutting edge of technology with music downloads over the radio.
...A digital radio already on the market, the 'Bug' from the UK's Pure Digital, lets users record programs -- including songs that would be flawless except for DJ chatter -- and export them to a computer, where they can be loaded onto a portable music player like Apple's iPod or burned to a disc.
The debate on DRM technology Audible Magic's CopySense continues, with Ed Felten adding his thoughts to Chris Palmer's and Ernest's. Felten wonders if it isn't even possible to defeat CopySense without resorting to encryption. "It may turn out -- and I suspect it would, if independent experts were able to study Audible Magic's technology -- that copyrighted music files could be tweaked in a way that made them undetectable to Audible Magic's algorithms, while still sounding fine to typical human listeners." Ah, the hand is quicker than the eye.
The RIAA has been touting technologies offered by Audible Magic as the cure for peer-to-peer (P2P) file sharing on university campuses. The company has also been making the rounds of congressional offices in Washington, DC, talking up its technologies as a silver bullet for P2P infringement.
It's critical that universities take steps to educate staff and students about copyright law, as well as to control excessive bandwidth usage. At the same time, it's important that universities are not sold expensive, ineffective solutions simply to appease the public relations needs of the RIAA. My EFF colleague Chris Palmertook a close look at how Audible Magic's "filtering" technology works and argues that it's no silver bullet.
"Session encryption for file transfers based on ephemeral keys represents a cheap, easily implemented countermeasure that would effectively frustrate Audible Magic's filtering technology," writes Palmer. "Based on publicly available information, it does not appear that this vulnerability can be easily remedied. Should Audible Magic's technology be widely adopted, it is likely that P2P file-sharing applications would be revised to implement encryption. Accordingly, network administrators will want to ask Audible Magic tough questions before investing in the company's technology, lest the investment be rendered worthless by the next P2P 'upgrade.'"