Re: FW: FEEDBACK: Testing Microsoft and the DMCA

["Hotmail" <se_cur_ity () hotmail com>]

so i understand this...

 ITS ILLEGAL TO TAKE ANYTHING APART AND STUDY IT AND TALK ABOUT IT ???? I
belive I can do whatever it is I choose to do with a product that I
purchase. Next it will be illegal to throw away your xbox because someone
might get it out of the rubbish and use it.. or heaven forbid.. LOOK INSIDE.

MY2BITS

----- Original Message -----
From: "Jason Coombs" <jasonc () science org>
To: <full-disclosure () lists netsys com>
Sent: Friday, April 18, 2003 8:01 PM
Subject: [Full-disclosure] FW: FEEDBACK: Testing Microsoft and the DMCA


> -----Original Message-----
> From: Jason Coombs [mailto:jasonc () science org]
> Sent: Friday, April 18, 2003 4:58 PM
> To: david.becker () cnet com
> Subject: FEEDBACK: Testing Microsoft and the DMCA
>
>
> I'm an author and computer forensics/infosec expert who recently authored
a
> book about information security and Microsoft Internet Information
Services
> (IIS) that Microsoft Press was planning to publish... They opted not to
> publish my book after they got a chance to read it; perhaps fearing that
> acknowledging flaws and pointing out weaknesses in their own products
would
> undermine their position with respect to prosecuting DMCA violators.
>
> After reading your article concerning "Hacking the XBox" I thought you
might
> be interested in my story as well. My literary agent pitched my book to
Wiley
> and it was rejected rather abruptly and with no discussion (odd,
considering
> that I've been published by both Wiley and Hungry Minds/IDG Books in the
> past).
>
> My plan, if I can't find a publisher willing to take the 'risk' of
exposing
> details of vulnerabilities in IIS, is to give away my book as an open
source
> manuscript/electronic book in order to educate people who use Windows
Server
> operating systems and IIS on critical security countermeasures. There's no
> reason for Microsoft customers to be kept in the dark about necessary
security
> precautions simply because publishing the forensic details threatens to
result
> in prosecution of those responsible, or in the case of Microsoft Press,
> threatens to take Microsoft's DMCA teeth out of their big fat head.
>
> Sincerely,
>
> Jason Coombs
> jasonc () science org
>
> --
>
> Testing Microsoft and the DMCA
> By David Becker
> Staff Writer, CNET News.com
> April 15, 2003, 4:00 AM PT
>
>
> newsmakers Taking a break from working on his doctoral thesis,
Massachusetts
> Institute of Technology (MIT) graduate student Andrew "Bunnie" Huang
decided
> that it might be fun to poke around the security systems protecting
> Microsoft's Xbox game console.
>
> With a little creative tinkering and a measure of precision soldering,
Huang
> quickly isolated the main public security keys. Although legally prevented
> from sharing the keys with the world, he described his methods in detail
in a
> widely distributed research paper, helping spur a wave of Xbox-hacking
that
> has led to the development of Xbox versions of Linux and other homemade
> software.
>
> After graduating from MIT last year, Huang set up his own consulting
business,
> specializing in reverse engineering. But he still has some more Xbox
insights
> that he'd like to share with the world--that is, if only he can find a
way.
> Click Here.
>
> Huang's recently completed book, "Hacking the Xbox" was recently dropped
by
> Wiley subsidiary Hungry Minds, citing possible legal issues under the
> controversial Digital Millennium Copyright Act (DMCA). The Department of
> Justice recently used the DMCA to shut down ISOnews.com, a Web site partly
> used to distribute Xbox-hacking tools, and to imprison the site's owner.
>
> Plans to self-publish the book hit another snag a couple of weeks ago when
> Americart, a provider of online shopping cart services, declined to sell
the
> book because it feared getting sued. But Huang remains determined to press
> this project through to completion.
>
> "The thing I have to emphasize is that the book itself is not criminal,"
Huang
> said. "It'd be like saying that breaking and entering is illegal, so you
can't
> write a book on how locks work."
>
> Huang spoke with CNET News.com about the book, the importance of hardware
> hacking and his willingness to serve as a DMCA guinea pig, if necessary.
>
> Q: What have you learned to do with the Xbox since your research paper was
> published?
> A: I did a lot of work but if I talked about it I'd get in a lot of
trouble. I
> did some work with a few people who were trying to figure out alternate
> methods to get to the Xbox hardware without necessarily involving the
> copyrighted code Microsoft has--basically finding backdoors in the
> initialization and boot sequence.
>
> I helped out one guy in particular who was critical in figuring out the
method
>  that's used by everyone today. It is basically a flaw in the system
> initializer that lets you put code anywhere in the system that you want
it.
> From there, I backed off and got kind of quiet. Things were starting to
heat
> up, and a lot of people were starting to move into piracy and other very
> controversial issues. I sort of became a fly on the wall and gave people
> advice in some key areas.
>
> And then Wiley approached you about writing a book?
> Yeah--Wiley has the "Dummies" series, and wanted to create a similar line
of
> introductory hacking guides: hacking TiVo, hacking the Xbox, hacking your
DVD
> player. The book overall is an education book. I try to teach people as
much
> as possible how to do hacks on their own and try to avoid as much as
possible
> the really cookie-cutter, boring stuff.
>
> So it's not just, "Here's how you install this mod chip?"
> There are a few pictures of mod chips installed...but it's more like
here's
> how a mod chip works, and here's how people used reverse engineering to
figure
> out how Xbox security works. It's trying to give a novice hacker or
someone
> who has very little experience the confidence he or she needs to open up
the
> box and start playing around with the stuff on the inside. And there's
sort of
> a running dialogue about the experiences that I had getting into the Xbox,
> including the legal issues.
>
> It ends with a brief section on where things are today. That's where I
mention
> mod chips. But the book is really encouraging people to learn their own
way.
> Was there much discussion of legal concerns with the publisher?
> When I first started working with them, they realized that it was a touchy
> subject. They had me develop an outline, and when I went over it with
their
> lawyers, they said, "Yeah, this should be OK."
>
> Then I got a call (a few months later) during which they basically said
they'd
> had some turnover in the legal department and weren't feeling so good
about
> the book now. I don't know if this had anything to do with it, but right
> around the time that they gave me they call, the Department of Justice
shut
> down ISOnews.com and they were sort of beating on the doors of a lot of
mod
> chip guys.
>
> Has the ISOnews.com case had a chilling effect beyond your work?
> I think that it's had a major chilling effect. Maybe the reason that
companies
> started (backing out of such publishing deals) this is that the DMCA has
> become such a hot topic. A lot of companies aren't willing to really push
> their content directly through a public trial. The whole idea of taking a
> person and making an example of him seems to have backfired. They tried
that
> with a few guys and it didn't work.
>
> I think a lot of companies are starting to take more indirect attacks. To
use
> a really bad analogy, instead of going for the mafia boss, you take out
the
> guys in the street, the little mod chip vendors.
> I want to put a stake in the ground and say, "Hey, I strongly believe what
I'm
> doing is legal.
> They're trying other techniques within the word of the law to put a damper
on
> this activity without getting bad press.
>
> If they were to go ahead and take any Xbox-Linux guys and crucify them for
> running Linux on the Xbox, they'd have the whole open-source crowd really
up
> in arms. There'd be a really big negative mark on the Xbox.
>
> So even though Microsoft has said, "You guys can't run Linux on the Xbox,"
> they're not going to really do anything about it in the short term. It's
not
> hurting their revenue enough to have them fight a battle on principle.
>
> Are you afraid personally of the possible consequences of publishing the
book?
> Oh yeah. Lately it's been really day-to-day. I get a lot of e-mail from a
lot
> of people, and sometimes you see the subject line and freeze for a moment,
> thinking, "This is it, they're coming to get me." And then it just turns
out
> to be an innocent question. But the fact that Americart felt it had to
reject
> my book shows how jittery people are.
>
> So how are you going to sell the book now?
> There's always PayPal, I guess...Although someone pointed out to me that
> PayPal has an explicit clause that says you can't use the service to sell
mod
> chips. Even though this isn't a mod chip per se, it might be construed as
a
> technology or a tool under the wording of the DMCA.
>
> The big question that I had when I published my paper at MIT was whether
this
> would be considered a copyright circumvention tool under the DMCA. I think
> it's wildly unrealistic to think that a court would agree with such an
> expansive interpretation of a tool. But to a limited degree, they might go
> along with it.
>
> Beyond the question of what's a tool, there are still a lot of questions
about
> whether mod chips are copyright circumvention devices at all, since they
do
> other, legitimate things. Would it be useful to have a court opinion on
that?
> It would be. I think that part of the reason I decided to go ahead with
the
> book is that I'm really tired of hearing, "Well, there's three cases that
> never went to court, but here's the direction in which they kind of
leaned."
> There's no real stakes in the ground about this.
>
> There's a lot of fear, uncertainty and doubt. And the longer the people
who
> want to enforce these laws can cast the shadow of fear without ever having
to
> bring something to court, the more effective they are. This type of
publishing
> is kept underground and under control.
>
> I want to put a stake in the ground and say, "Hey, I strongly believe what
I'm
> doing is legal and it's beneficial for people to know about this stuff."
If we
> don't know about it, then the bad guys are going to figure it out and
they're
> going to take our lunch. Maybe I'm being a fool by saying this, but if
someone
> wants to challenge me on this, I think it's something we need to talk
about in
> a court of law. I don't know where I'd find the resources to defend
myself. If
> I am taken to court, then I'll figure it out.
>
> The big game companies seem to paint all hacking as enabling software
piracy.
> What's your rationale for why it's useful to hack the hardware?
> There's this thing called fair use that pretty much had been protected
until
> the DMCA came out. It says that if I take my hard-earned money and buy a
piece
> of hardware--whether it's a hammer or a razor or a computer--I can take it
> home and do what I want.
> The real critical issue is if it turns out that Microsoft can put a ban on
> people running their own code on a piece of hardware.
> I don't have to just use a hammer to pound nails. Same goes for a computer
or
> a video game machine.
>
> The real critical issue is if it turns out that Microsoft can put a ban on
> people running their own code on a piece of hardware. That'd enable people
to
> develop monopolies over hardware by simply securing the hardware to
something
> cryptographic in the software base. Microsoft could start offering
incentives
> to hardware makers to install a Palladium chip that only runs Windows on
it,
> and people who remove it are guilty under the law. Eventually, you just
lock
> up the whole world.
>
> That's the whole crux. We're going to investigate this hardware and run
Linux
> on it and push things a little. We need to figure out really soon what
this is
> going to do to the industry and whether this is something of which we need
to
> be afraid.
>
> Right after I did the paper, I worked with a guy to find the avenues to
> completely bypass the Xbox security systems. And what we ended up with was
> amazing. It was a concatenation of four bugs from various vendors that
allowed
> it to happen.
>
> It's a real-life example of why I think Palladium isn't going to
work--every
> vendor is going to have some small bug that individually doesn't mean
much,
> but when you stack 'em together, it becomes a big security hole. And once
you
> commit it to silicon, it becomes a billion-dollar bug.
>
> So it sounds like a big part of your motivation is educational?
> Oh yeah, a very large part of it is educational. When I first started
doing
> this, I asked my professor if he thought there was academic merit to it.
He
> was really positive. The security community has been debating for a long
time
> about how we secure chip buses--do we just make it really fast and take it
out
> of the realm of hackability? This sets a data point for what it takes to
> extract data out of a high-speed bus. It's a real meat-and-potatoes
example of
> security--what can go wrong and what can be done about it.
>
> Do you expect your work to be reflected in the design of Xbox 2?
> I think it will be. Nvidia had to scrap a bunch of chips because Microsoft
> rotated the (security) code, and I think that was at least, in part,
> specifically because of what I'd done.
>
> With the Xbox 2, there's a couple of different directions they could take.
> They could say, "Fair use is fair use. Go ahead and run Linux on it, but
if I
> catch you copying games, I'm going to nail you good." Or they'll try to
tie it
> down even more cryptographically.
>
> There are things that they can try. But there's a dozen attacks that I've
kept
> in my back pocket and that other hackers have kept in their back pockets
that
> nobody's even talked about. Those will come out if Microsoft tries to
secure
> the hardware again.
>
> What do you think of the James Bond hack for running unsigned software on
the
> Xbox?
> That looks really promising for freeing Linux to the mainstream. It either
> spells the beginning for a new age in Xbox hacking, or it's the demise.
Either
> it's such a potent weapon against the Xbox that Microsoft will have no
choice
> but to start enforcing stronger policies on hacking, or they may have to
> change the hardware. Or they could decide to back off and let Linux
flourish.
> But I think it's going to tip the scale somehow.
>
> And this is just one exploit. There are probably a lot of others. The
thing
> that I'm looking for a is network attack, where you just plug it into the
> network, run a script on the PC and send a specially formed packet to the
> Xbox, and voila, you've got your code in the Xbox. That's the kind of
thing
> I'd look out for being an incredibly huge problem for Microsoft.
>
> Has the rationale for running Linux on an Xbox been diluted, now that you
can
> buy a $200 Linux PC from Wal-Mart?
> People talk and joke about that a lot. But there are a couple of things to
> realize. One is that those $200 PCs don't have anything close to the
graphics
> power that the Xbox has. And most of the Linux applications for the Xbox
have
> not been geared toward turning it into a Web server or a word processor.
They
> want to turn it into a media center and have the box under their stereo
system
> that stores videos, digital audio and other stuff. The Xbox is really
pretty
> handy for that. And they use Linux because it has all these great tools
for
> working with media.
>
> What the appeal for you to doing reverse engineering work?
> I think it's an important area and it's fun. I really like security more
than
> anything else, so I've been working on TEMPEST-style surveillance
equipment,
> looking for security holes that should be fairly obvious, trying to raise
> awareness for the public that information isn't as safe as it is thought
to
> be.
>
> Something like a public service job?
> I guess you could say it's public service. What it boils down to is either
> someone's going to write a paper and say there's this vulnerability, or
you're
> going to find out the hard way. One of my goals as I do this exploration,
more
> for my own fun than anything else, is to be able to say it was this easy
or
> this hard to break your hardware, and here's what you can do to remedy it.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html