Full Disclosure mailing list archives
Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Thu, 16 Oct 2003 19:53:51 +1300
Valdis.Kletnieks () vt edu wrote:
No person shall circumvent a technological measure that effectively controls access to a work protected under this title. The prohibition contained in the preceding sentence shall take effect at the end of the 2-year period beginning on the date of the enactment of this chapter. Note the word "effectively". Also note that Adobe managed to make the case that rot-13 was effective......
This raises two interesting (at least to me) points: 1. How pathetic were the "expert witnesses" for the defense that they could not show that suitably trained chimpanzees could break ROT13 simply by eyeballing -- a "technology" so "weak" is clealry no technology... 2. Recalling the recent case of the "Shift-key subverts audio CD copy protection" (or whatever) thread, could similarly miserable lack of technology (aka the "solution" developed by the shysters who sold that rubbish to BMG, etc) _ever_ be successfully defended under the claims of the DMCA? It strikes me that a "technology" so miserable as to be "defeated" by a normal, well-known, albeit non-default, but available through MS-provided tools (TweakUI...), mechanism as disabling autorun for CD drives could never have stood up in any "sensible" court. Perhaps the makers of this bogus "technology" recognized this very early in the piece and that is why they withdrew the DMCA-inspired action they (reputedly) planned against the discoverer/publisher opf this information. OK -- there's a thiurd point; more a question... 3. On this latter issue (the bogus copy-protection system), imagine a US citizen who just happened to have two systems which were "normally" (by their definition of the typical uses of the machines) configured with CD autorun off and on respectively. On noting that the reputed "copy-protection" of said discs did not work on the "autorun off" machine and did work on the "autorun on" machine, would their actions to that point, or their subsequent publicizing of their observation, count as "circumventing a technological measure..." under the act?? Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Supposed SaS "encryption" weak - Coments and Infor about wrong claims Lorenzo Hernandez Garcia-Hierro (Oct 15)
- Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims petard (Oct 15)
- Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims Lorenzo Hernandez Garcia-Hierro (Oct 15)
- Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims KF (Oct 15)
- Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims Valdis . Kletnieks (Oct 15)
- Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims Nick FitzGerald (Oct 16)
- Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims Valdis . Kletnieks (Oct 15)
- Re: Supposed SaS "encryption" weak - Coments and Infor about wrong claims petard (Oct 15)