Quotes of the week:
Last Week: “If users truly have the right to speak anonymously on the Internet, as the court held, then their ISPs must protect that right.” - Julie Hilden
This Week:“Sooner or later we will need to know who everyone on the Internet is, and who confirmed their identities. Internet access providers who admit unauthenticated users will have to be shut out, even if that means shutting out whole countries. - Daniel Akst
Things Change
Insistent winds blow through the Berkshires bringing touches of fire to the Maples of New England. The days grow shorter and the nights more resolute. My thoughts travel back to Falls past and the people I knew, so impossibly young, so full of promise. Bundles of potential desperate to burst forth - barely contained within bodies perfect and powerful, Autumn just another page on a silly calendar marking time for adults. I used to hate the Fall. It meant the end of faultless, brilliant days and the beginning of darkness and solitude. It meant decay and the start of Winter.
I look at Fall as differently now as I look at Western culture. Where once I saw the passing of endless private afternoons I now see an intimate chance to spend rare moments with people precious to me. And where once I saw an amazing cornucopia of recorded plenty I see an anti-democracy - and a smothering of views and opinions by out of control media megaliths.
A few years ago if Warner Bros. sued a twelve year old for sharing a tape they might have been denounced on the floors of Congress as greedy purveyors of filth preying on the young. They would have been the butt of jokes throughout the country. Instead it’s Congress who now supports them and far from laughing at any jokes people instead are worrying. Things change. It’s not fiction, it’s real. When a company can use a law Congress passed to shove you in jail for talking about a button on your computer it’s not just some Halloween fright fest. It’s some seriously bad voodoo.
Elections are fast approaching. Register, vote, and get rid of them all.
Enjoy,
Jack.
Student Faces Suit For Using His Computers Shift Key
John Borland
SunnComm Technologies, a developer of CD antipiracy technology, said Thursday that it will likely sue a Princeton student who early this week showed how to evade the company's copy protection by pushing a computer's Shift key.
Princeton Ph.D. student John "Alex" Halderman published a paper on his Web site on Monday that gave detailed instructions on how to disarm the SunnComm technology, which aims to block unauthorized CD copying and MP3 ripping. The technology is included on an album by Anthony Hamilton that was recently distributed by BMG Music.
On Thursday, SunnComm CEO Peter Jacobs said the company plans legal action and is considering both criminal and civil suits. He said it may charge the student with maligning the company's reputation and, possibly, with violating copyright law that bans the distribution of tools for breaking through digital piracy safeguards.
"We feel we were the victim of an unannounced agenda and that the company has been wronged," Jacobs said. "I think the agenda is: 'Digital property should belong to everyone on the Internet.' I'm not sure that works in the marketplace."
The cases are already being examined by some intellectual-property lawyers for their potential to test the extremes of a controversial copyright law that block the distribution of information or software that breaks or "circumvents" copy-protection technologies.
Several civil and criminal cases based on the Digital Millennium Copyright Act have been filed against people who distributed information or software aimed at breaking through antipiracy locks. In one, Web publisher Eric Corley was banned by a federal judge from publishing software code that helped in the process of copying DVDs.
In a criminal case, Russian company ElcomSoft was cleared of charges that it had distributed software that willfully broke through Adobe Systems' e-book copy protection.
Both of those cases dealt with software or software code, however. The issue in Halderman's case is somewhat different.
In his paper, published on the Princeton Web site on Monday, the student explained that the SunnComm technique relies on installing antipiracy software directly from the protected CD itself. However, this can be prevented by stopping Microsoft Windows' "auto-run" feature. That can be done simply by pushing the Shift key as the CD loads.
If the CD does load and installs the software, Halderman identified the driver file that can be disabled using standard Windows tools. Free-speech activists said the nature of Halderman's instructions--which appeared in an academic paper, used only functions built into every Windows computer, and were not distributed for profit--meant they would not fall under DMCA scrutiny.
"This is completely outrageous," said Fred von Lohmann, an attorney for the Electronic Frontier Foundation, a group that has previously represented computer academics concerned that copyright law would impair their ability to publish. "This is not black hat (hackers') exploits he's revealing. This is Windows 101...It is relatively hard to imagine any better example of how the DMCA has been misused since it was passed five years ago."
Jacobs said SunnComm's attorneys would refer the case to local federal authorities, who could make the decision on how to proceed on the DMCA issue. He said the company was also exploring a civil suit based on damage to the company's reputation, since Halderman concluded that the technology was ineffective without knowing about future enhancements.
Future versions of the SunnComm software would include ways that the copy-protecting files would change their name on different computers, making them harder to find, Jacobs said. Moreover, the company will distribute the technology along with third-party software, so that it doesn't always come off a protected CD, he added.
The damage to SunnComm's reputation, while not necessarily permanent, was quickly seen in a drop in its market value, totaling close to $10 million over several days, Jacobs said. No final decisions about legal action have been made, he added.
Halderman said he's not overly worried about the legal threat. The EFF represented his advisor, Princeton professor Edward Felten, in a lawsuit dealing with academic freedom to publish computer security information, and Princeton University supported Felten in that case.
"I expect I will be well-represented in the case of a lawsuit," Halderman said. "If pressing the Shift key is a violation of the DMCA, then the law needs to be changed."
http://news.com.com/2100-1025-5089168.html?tag=nefd_hed
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
House Votes To Lock Out P2P Threat
Reuters
The U.S. House of Representatives voted on Wednesday to require the government to set up its computers so they are not exposed to security risks associated with peer-to- peer networks.
U.S. government agencies that use such decentralized networks to exchange data would have to ensure they do not accidentally expose classified material or allow hackers into their systems under the bill, which passed by voice vote.
Peer-to-peer networks such as Kazaa and Grokster allow users to copy music and other material directly from each others' hard drives, drawing millions of enthusiastic users and the legal wrath of the recording industry.
Federal agencies have begun to use peer-to-peer technology as well. The
www.fedstats.gov page, for example, uses peer-to-peer techniques to pull statistics and information from computers in more than 100 different U.S. government agencies.
But if configured improperly, peer-to-peer networks can expose tax returns, medical records and other sensitive documents that users do not want to share. Worms and viruses can spread through the networks, and some also contain hidden "spyware" to track users' activities, according to testimony at a committee hearing earlier this year.
Bill sponsor Rep. Henry Waxman, a California Democrat, said some peer-to-peer systems were in use in the Los Alamos National Laboratory, a nuclear laboratory.
The bill, also sponsored by Virginia Republican Rep. Tom Davis, would require government agencies to come up with a plan to minimize such security risks through technical measures and employee training. The House and the Senate already have such measures in place for their own offices.
The bill "closes a loophole in the federal government's efforts to protect the security and privacy of its computers," Davis said.
A Waxman aide said the Senate plans to take up the same version of the bill.
http://zdnet.com.com/2100-1105-5088598.html
Rapper Ludacris surveys his songs on the Napster 2.0 site. Users will have access to more than a half-million
songs from all the major music labels.
NYT
UK File-Swappers Could Face Jail Under New Law
Matthew Broersma
UK file swappers face up to two years' imprisonment under new copyright regulations, which implement the provisions of a European directive, that are expected to take effect in the UK this month.
The Copyright and Related Rights Regulations 2003 was laid before Parliament on Friday after nearly a year's delay. It is expected to be passed in time to come into force by the end of October, according to legal experts.
The Copyright Directorate, a Patent Office department, had a deadline of 22 December last year to implement the European Copyright Directive of 2001 (known as EUCD), but delayed doing so several times under pressure from groups representing copyright holder interests as well as civil liberties and consumer rights organisations.
The EUCD is intended to aid copyright holders in cracking down on counterfeiting and piracy, but organisations such as UK think tank the Foundation for Information Policy Research (FIPR) argue that it is likely to tighten the grip of large companies on consumers, because of the way it is being implemented across the European Union.
In a recent analysis of the EUCD, FIPR found that most countries were failing to protect researchers, business competition and consumers in their implementations of the directive, while giving full force to measures that criminalise the circumvention of copyright controls.
Critics argue that such measures will be used by corporate interests to block competition for such products as printer cartridges and garage-door openers -- two cases that have already surfaced under the DMCA in the US.
FIPR director Ian Brown said that although the UK law compares favourably with the implementations in some other European states, it did not appear that consumer-rights groups' criticisms had been taken into account. "I don't think there has been much change since the first draft," he said.
The UK's music industry also lobbied against the law -- but on the grounds that it was too lenient, and would drive the music industry out of the country.
Brown said that an exemption had been built in allowing cryptographic researchers to circumvent copyright protections, but said the language of this provision was "perhaps less clear than it should be". One of the DMCA-like provisions of the EUCD is the criminalisation of circumventing copyright protections, in other words cracking anti-piracy technology on DVDs, CDs, printer cartridges and the like.
Other observers noted that the new UK law could be used to imprison file-swappers on peer-to-peer (P2P) networks such as Kazaa for up to two years.
One of the law's provisions states that "A person who infringes copyright in a work by communicating the work to the public... to such an extent as to affect prejudicially the owner of the copyright... commits an offence."
Struan Robertson, editor of the newsletter Out-Law, produced by UK law firm Masons, noted that this could be used to fine P2P users or send them to prison for up to two years. "By making a music file available for download for any other users of your chosen P2P network, you are communicating the work -- potentially at least -- to millions, i.e. to an extent that the music industry could say is prejudicing its rights," he said in a statement.
FIPR's Brown agreed the UK regulations allowed scope for abuse, but said that on this provision, the UK was bound by the provisions of the EUCD itself.
"It's the directive that's the problem," he said. "The groups who are concerned have to make sure their voices are heard next year when the European Commission reviews [the EUCD], and suggest changes."
http://news.zdnet.co.uk/business/leg...9117002,00.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Standing Tall Against Recording Industry
Johna Till Johnson
I usually don't say nice things about telcos. And I almost never say nice things about their lawyers. But here I'll do both: Kudos to the lawyers at Verizon and SBC for opposing the Recording Industry Association of America's request that the telcos compromise the privacy of their customers. Way to go, guys.
Here's the deal: the RIAA has asked the regional Bell operating companies, including Verizon and SBC, to monitor customers' usage of their DSL services and report downloads of copyrighted material. To their everlasting credit, the telcos have refused to comply and are fighting the RIAA in federal court.
"The recording industry is essentially granting itself more power than law enforcement has under the Patriot Act," Sara Deutsch, Verizon vice president and associate general counsel, said in one report.
The RIAA doesn't believe that civil rights are the issue.
"[The phone companies' position] doesn't pass the laugh test or the smell test," Matt Oppenheim, RIAA senior vice president of legal affairs reportedly says.
With all due respect, Mr. Oppenheim, that's horsepucky.
The former RBOCs have a long and distinguished track record of protecting their customers' privacy, even at the expense of the telcos' own interests. I worked with RBOCs in the mid-'90s on the development of quality of service that would have required IP packet inspection. RBOC executives ultimately rejected these services because they conflicted with customer privacy.
What doesn't pass the smell test is the RIAA's own position with respect to copyright enforcement. Ultimately, its approach is outdated, impractical and Orwellian - and benefits neither the artists whose interests the RIAA supposedly represents, nor the fans whose dollars fuel the entire music industry.
Don't get me wrong: I believe in copyright protection. Artists, software developers and other content creators have the right to be compensated for their efforts and deserve protection of their intellectual property.
But that's not what the RIAA is really fighting for. The RIAA acts on behalf of record companies, not artists. And record companies are fundamentally distributors and promoters - not creators - of content.
What's going on is that the Internet has dramatically cut the costs and enhanced the efficiency of distribution and promotion mechanisms, in the process is making obsolete many of the core business processes of record companies. In other words, record company executives are in approximately the same position that manufacturing workers were in during the '80s and '90s: Their jobs have been made redundant by technology.
The real reason the RIAA is attempting to force telcos to drag their customers into court is to protect the jobs of record executives, not the rights of artists, who benefit from less expensive and more effective distribution mechanisms.
What the RIAA needs to do is wake up and develop cost-effective distribution and promotion models that serve fans and artists well. If it can't, the organization should be replaced by one that does.
Regardless, kudos to Verizon and SBC for standing up to the RIAA's encroachment of our civil rights.
http://www.nwfusion.com/columnists/2...29johnson.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Crackdown On File Sharing Has Unintended Effects
Secrecy grows with better encryption
AP
Just as Prohibition drove drinkers underground , the music industry's crackdown is pushing many song swappers away from the open Internet and into what amount to cyberspace speakeasies. These high-tech Cotton Clubs usually require users to be trusted or at least know someone inside. The files being traded, instead of out in the open, are encrypted -- the 21st-century equivalent of hiding gin under a fake floorboard.
Internet file-sharers are operating much like any society that falls under attack. And the very technologies they are using as shields have long been employed by legitimate businesses to protect their data from prying eyes and hackers.
"The software that users are moving toward, it has characteristics that businesses need -- which is a high degree of privacy, a high degree of security and the ability to handle large files," said Clay Shirky, a professor of interactive telecommunications at New York University.
Three years after the Recording Industry Association of America's lawyers succeeded in shutting down the Napster file-trading service, the music industry's battle against unauthorized digital music distribution is reaping an unintended consequence: better, easier-to-use software for exchanging data securely -- and even anonymously -- on the Internet.
"Thanks to the RIAA, ease of use surrounding encryption technologies ... is a big deal now," Shirky said.
The decentralized peer-to-peer technology that enables a computer user to share his or her music collection with strangers remains an unbottled genie. And it is now likely to evolve, so that more traffic becomes invisible not just to the entertainment industry's copyright cops but also to repressive governments, inquisitive employers and snooping relatives.
On the file-swapping front, current favorites Kazaa, Morpheus and iMesh are more decentralized and harder to sue than Napster. They are breeding more sophisticated stepchildren just as the RIAA goes after the swappers themselves with lawsuits filed against 260 alleged file sharers.
An upcoming release of the file-sharing program Blubster, for instance, not only makes users more difficult to identify. It also seamlessly encrypts files before they are transferred and decrypts them for the end user.
Another program, called Waste, can be used to set up an encrypted instant-messaging and content-sharing network of up to 50 users. Unlike traditional instant-messaging programs, Waste messages don't pass through a central server.
Waste was pulled by America Online shortly after its release by the company's Nullsoft division, but is still circulating online. Neither AOL nor Nullsoft programmer Justin Frankel returned calls seeking comment.
http://www.newsobserver.com/business...-2690946c.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Music Industry To Recoup Alleged File-Sharing Losses One 12-Year-Old At A Time
John Paczkowski
Does the Recording Industry Association of America really believe that suing millions of file-sharers is going to inspire them to buy more CDs? Apparently so. On Monday
the RIAA, hardened by years of CD price fixing, made good on its threat to sue alleged file swappers, charging 261 of them with "egregious" copyright infringement, potentially worth millions of dollars. Among them, a 12-year-old New York City girl. The lawsuits were filed in federal courts throughout the country and are likely to be followed by thousands more in the coming months. "Nobody likes playing the heavy and having to resort to litigation," said RIAA President Cary Sherman. "But when your product is being regularly stolen, there comes a time when you have to take appropriate action."
The first rule of life is also the first rule of business: Adapt or die. And if you choose the latter, be sure to sue your customers first...Today, many are looking askance at the RIAA's latest action. Some say the recording industry itself is to blame for the sharp decline in CD sales (see "Decline in CD sales apparently unrelated to proliferation of lousy music"). Others believe there are better ways to solve the peer-to-peer dilemma than alienating customers. "They're resorting to these kind of bullying tactics where they're suing individuals, families, threatening them with bankruptcy, and trying to intimidate them into coming back and being customers," EFF staff attorney Jason Schultz told Tech TV. "The real question will be: Are they serious about continuing to wage this war? I think this first effort will shock some people, but I don't think it'll stick unless they're willing to keep it up over the long haul...It's kind of a false trade in some ways," he said. "They agree not to spend their own money suing you on behalf of copyright owners, and you end up giving up your privacy. You end up confessing your sins, but it leaves all the actual recording companies... and all these people to come after you anyway if they want to, and sue you."
Amnesty irrational: Meanwhile, as expected, the RIAA unveiled its much discussed amnesty program, which will apply only to alleged infringers who have not yet been sued by the trade group and are foolhardy enough to use it. "For those who want to wipe the slate clean and to avoid a potential lawsuit, this is the way to go," RIAA chairman/CEO Mitch Bainwol said. "We want to send a strong message that the illegal distribution of copyrighted works has consequences, but if individuals are willing to step forward on their own, we want to go the extra step and extend them this option." Bainwol failed to note that the "extra step" to which he refers WILL NOT PROTECT YOU from other potential litigants.
One final note: If the RIAA's lawsuit orgy does inspire a mass exodus of KaZaA users, you can be sure that at least some of them will turn to anonymous, encrypted P2P networks for their music. And among those networks are a few that won't cave so easily to the RIAA's heavy-handed methods. Take Earth Station 5, for example. If its stealth technology doesn't prevent copyright owners from subpoenaing its users, dealing with a venture headquartered in Palestine might.
http://www.siliconvalley.com/mld/sil...printstory.jsp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File-Sharing Services Have Plan to Pay
Group Says It Can Protect Music Industry
Frank Ahrens
A group representing the Internet's most popular free music-sharing service has come up with a business plan that it says would stop piracy by allowing consumers to legally buy copyright-protected music, though the music industry remains skeptical.
Distributed Computing Industry Association, a trade group formed in July by the parent companies of song-sharing services Kazaa and Altnet, rolled out the plan at its Arlington headquarters yesterday, saying it could earn the music industry up to $900 million per month in Internet music sales.
The group characterized the plan as a starting point for peacemaking discussions with a music industry hostile toward free file-sharing Web sites, which it says rob musicians and record labels of billions of dollars in royalties and revenue they would otherwise get through music sales.
The trade group said its plan would work only if it were joined by other file-sharing sites, such as Grokster and Morpheus -- which have formed their own trade group -- the music industry and Internet service providers, or ISPs. The music industry's trade group, the Recording Industry Association of America (RIAA), has waged a legal campaign to shut down free file-sharing sites such as Kazaa.
"We are in an earn-your-trust mode," said Marty Lafferty, chief executive of the trade group. "This plan is kind of like looking at a concept car at a car show," the first of three to five business plans the group will roll out in coming months.
More than 4 million users per week employ Kazaa, many to illegally swap copyrighted songs for free, the music industry says. The RIAA sued to shutter Kazaa, as it did Napster in the past, but a federal court ruled in April that Kazaa and other song-sharing Web sites are not responsible for the actions of their users.
The trade group is meant to equally represent three interests -- file-sharing services such as Kazaa, content providers such as music labels, and digital pipelines such as ISPs, Lafferty said. Thus far, however, the only announced members are Kazaa and Altnet, the two file-sharing services that funded the group's start-up.
The RIAA maintains it wants consumers to be able to legally buy digital songs on the Internet, but it favors Web sites such as Apple's iTunes music store, as opposed to peer-to-peer services such as Kazaa.
The plan from the trade group representing Kazaa and Altnet would roll out in stages, starting with the record companies allowing their songs, protected with copyright tools rendering them unlistenable, to be distributed on networks such as Kazaa. Consumers would pay Kazaa to unzip the copyright-protection shroud, enabling their computer to play the song.
Later stages of the plan would shift the billing to Internet service providers, which would be required to monitor which songs users are listening to, raising potential privacy concerns and putting ISPs into a business they may not want to enter.
"For us to somehow be responsible for monitoring and tacking every download that might flow through our system is extremely unrealistic, and the ISP would turn into the Internet police," said Sarah B. Deutsch, associate general counsel for Verizon Communications Inc., the nation's largest phone company and a top ISP. "And it would also create the world's most complicated billing system."
The RIAA reacted coolly to the plan.
"It's nice to hear that a couple of the [peer-to-peer] services are actually interested in finding a business solution," said RIAA spokesman Jonathan Lamy. But "it is hard to take seriously proposals to turn [peer-to-peer] systems into legitimate businesses when they continue to induce users to violate the law and willfully refuse to use available technologies to stop the rampant infringement of copyrighted works on their networks."
Meanwhile, the name of Napster, the service that first popularized online song swapping, will be revived today as a legal Internet music store that will go head to head with such competitors as iTunes, the Associated Press reported, citing sources familiar with the plans.
http://www.washingtonpost.com/wp-dyn...-2003Oct8.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Recording Industry Misses Beat In Battle Against File Sharing
Doug Bandow
The recording industry seems to believe all that is good and wonderful in the world have no greater enemy than peer-to-peer file-sharing technologies.
Thus explains the Recording Industry Association of America's campaign to sue grandchildren and grandparents who violate copyrights by swapping songs.
The association is within its rights to challenge lawbreakers, no matter how minor. Not legitimate is its lobbying campaign to shut down the P2P (peer-to-peer) business. Ultimately individuals, not technologies, such as the KaZaA Media Desktop, are to blame for copyright violations.
Copyright-cheaters have been around since copyrights were created. New technologies - photocopiers, tape recorders, VCRs, DVDs and P2P software - have simply made it easier to illicitly copy protected works.
Industry has occasionally demanded heavy-handed restrictions on and even prohibitions of technological innovation, but more often has worked to increase awareness of and compliance with the law. Firms also have cut prices and developed new markets, such as Apple's iTunes Music Store, which charges for music online.
However, the association blames a one-third decline in music sales over the last three years on file-sharing. In contrast, Forrester Research places the drop at about 15 percent, only a third of which can be attributed to file sharing.
Still, old-fashioned enforcement has its place. Of course, the association's efforts might antagonize potential customers.
And the campaign might be doomed over the long term. After all, we live in a downloading culture, observes Katie Hafner of the New York Times.
Moreover, some systems already try to shield their users from outside prying eyes. Further, programmers are working to improve their file-sharing software through use of encryption, among other techniques. Nevertheless, the association is entitled to try.
But large recording firms have not stopped trying to enforce the law. They want to destroy a technology simply because it is used by some cheaters.
The recording industry might be able to build a case if the technology served no function other than criminal. Yet, explains American University law professor Peter Jaszi, "It's far too early in the day to conclude that everything everyone does with peer-to-peer, even when it comes to copyrighted MP3 files, is conclusively infringing."
Even now, P2P is used to share government publications and private works in the public domain or where the copyright holder has granted permission. The potential is vast for file sharing to further improve computer communication and networking.
"Music was just the first killer app, but I think it will be the first of many," said Lance Cottrell, president of a software firm.
The recording industry also might be justified in targeting technology designed to facilitate lawbreaking. For instance, the old Napster maintained a directory of users whose files were being shared. That is not the case with technology like KaZaA (the most popular file-sharing software), Gnutella, Grokster, iMesh and Morpheus, where there is no central server.
Unable to win its case on copyright grounds, the recording industry has resorted to demagoguery, claiming that P2P technology promotes child pornography. Andrew Lack, President of Sony Music, says "P2P stands for piracy to pornography."
It's a ludicrous argument. The National Center for Missing and Exploited Children says that P2P accounts for just two percent of referrals regarding child pornography, compared to 77 percent for Web sites.
Indeed, as Alan Morris, executive vice president of Sharman Networks Ltd., recently told the Senate Judiciary Committee, some porn merchants create sites to take advantage of misspellings, such as dinseyland.com, "so that individuals making common typing mistakes, including children, would be connected to advertising sites, including those for pornographic materials, from which they could not easily exit."
And even the most casual e-mail user is deluged with invitations to watch the most carnal activities.
Nor is P2P particularly useful for pedophiles. Explains Morris: "To make their 'collections' publicly available on P2P is counter to their cloak of secrecy. Law enforcement agencies quickly picked them off and so they retreated back to their sordid encrypted sites, news groups and the like."
http://www.townhall.com/columnists/d...20031006.shtml
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
New Napster To Play By Industry's Rules
The fee-based version faces tough competition from online music stores and free networks
Jon Healey
Having launched one revolution in the music industry, Napster comes back to life this week in a bid to foment a counterrevolution: persuading people who download songs free to start paying again.
Like the original, the new version of Napster being launched Thursday by Roxio Corp. offers music fans a way to build their collections that's very different from buying CDs. This time, it's an industry-authorized mix of music rentals and pay-as-you-go downloads.
But the competition is much fiercer now than it was in 1999, when 18-year-old Shawn Fanning unleashed the pioneering Napster file-sharing service. Roxio not only faces a growing number of rivals licensed by the record labels but also a slew of free file-sharing networks that attract an estimated 63 million people in the U.S. alone.
Meanwhile, advocates of file sharing are pushing ways to legitimize networks that allow users to swap tens of millions of songs a day from computers all over the world.
One such plan, expected to be unveiled Wednesday, would automatically bill file sharers for their downloads and compensate the industry for its music. Backers say the plan would generate $900 million a month for the music industry within three years, boosting revenues for labels, artists and music publishers.
The proposal has been endorsed by the company behind Kazaa, the most popular file-sharing network. But to succeed, it must be embraced by the recording industry, as well as rival file-sharing companies, Internet service providers and users.
Analyst Michael McGuire of GartnerG2, a technology research firm, said all the changes in the online music business have made this a great time for risk-taking music distributors — but not necessarily for record companies, which have watched CD sales plummet in recent years.
"If you're still trying to protect what amounts to a 100-year-old business model," McGuire said, "things must look pretty bleak right now" because music fans have voted en masse in favor of free file sharing. The issue, he said, is "how do you get them back in the corral?"
The major record labels shut down the original Napster in 2001 with a federal court injunction that barred its users from violating copyrights. Roxio, which bought the Napster name and technology at a bankruptcy auction last year, is reviving the brand just as a host of major competitors are jumping into the field with the labels' blessing.
Those businesses include online music stores that charge about $1 for each downloadable song and subscription services that charge about $10 a month to hear or rent an unlimited number of tracks. Roxio's Napster will offer both a store and a subscription service, as will soon-to-be-launched alternatives from RealNetworks Inc. and AOL Time Warner Inc.'s America Online.
Although they mimic the traditional way of buying music, the stores offer one significant improvement for music fans: Customers can buy individual songs, not just full CDs or singles chosen by the record label. But there are downsides too. Not every artist or song is available, and the tracks are wrapped in electronic locks that limit their ability to be copied or transferred.
Subscription services are a more radical departure from conventional music buying. They offer an unlimited amount of music for a flat monthly fee, but most require that the music be played on a computer. And they typically cut off access to those songs if a customer cancels a subscription.
The technology behind Roxio's Napster was built around an overhauled version of Pressplay, the online music service that Vivendi Universal's Universal Music Group and Sony Corp.'s Sony Music Entertainment sold to Roxio in May. Subscribers of the new Napster would pay $10 a month to play an unlimited number of songs from an Internet jukebox or download "tethered" versions to be played when they're not online. It would cost about $1 to move a tethered song to a portable device or burn it onto a CD.
By this time next year, Napster executives hope to enhance the service by allowing subscribers to move an unlimited number of songs onto selected portable devices and take them wherever they go. But that depends on Microsoft Corp. delivering the necessary technology.
The concept of tethered songs is so alien to music buyers that some online services don't offer them. For example, RealNetworks' Rhapsody service has no downloadable songs, just music that subscribers play from an online jukebox.
File-sharing advocates say the most direct approach is to give file sharers an easy way to pay for music on the networks they already use.
The plan being revealed Wednesday, from Distributed Computing Industry Assn., a trade group for peer-to-peer file-sharing networks, will offer a two-step method for the music industry to collect for works shared online.
First, the labels would offer song files wrapped in electronic locks to enforce payment and deter piracy. Then, they would work with Internet service providers to track and bill for every song downloaded. Whoever owned the copyrights to a song would be able to register and collect if the track was shared online.
The group projected that revenue would grow from $200,000 in the first month to $900 million by the 30th month, assuming that the labels charged 50 cents per song and that downloading did not drop sharply when fees were imposed. By contrast, a plan floated by the now-defunct Napster Inc. in 2001 would have paid the record companies and music publishers $200 million per year.
The association's plan faces significant hurdles. It wouldn't work unless all the file-sharing networks and their users participated — a potentially huge challenge, given the outlaw spirit of the file-sharing world. Similarly, to ensure that the music industry and Internet providers participated and set fair prices, it may require the kind of government regulation that entertainment and technology companies have long resisted.
Still, the plan is backed by Sharman Networks Ltd., the firm that distributes the Kazaa software, and its partner, Woodland Hills-based Altnet, even though it would eliminate the free — and often illegal — downloading that drew many users to file sharing in the first place.
"This new business model offers great hope for the entertainment industry, and we look forward to discussing it with the record labels, DCIA members and others," said Sharman Chief Executive Nikki Hemming. "It's clear that selling music directly to consumers within the [peer-to-peer] marketplace is the most logical solution for curbing copyright infringement online."
Analyst Phil Leigh of Inside Digital Media, an independent consulting firm, said the proposal reminded him of a famous cartoonist who drew elaborate contraptions to accomplish simple tasks. "In principle, it might be workable, but it's going to end up being a Rube Goldberg kind of thing," he said.
Chief Executive Eric Garland of Big Champagne, a firm that monitors file-sharing traffic, added that Internet service providers weren't equipped to monitor all their customers' downloads. Nor would they necessarily want to. As one record company executive noted, Internet providers care only about the amount of traffic they handle, not what it is.
Marty Lafferty, chief executive of the Distributed Computing Industry Assn., said the point of the plan was to provide a starting point for discussions. "This is the first specific business model with robust details and assumptions, timelines with milestones and thoughtful consideration of all the technologies and parties that need to be involved," he said.
Other file-sharing advocates are exploring ways to enable people to continue downloading without having to pay directly for the activity, while compensating copyright holders. Proposals by Neil W. Netanel, a law professor at the University of Texas, and Harvard Law School professor William Fisher III would create a multibillion-dollar royalties fund by taxing Internet services and digital devices.
The major record companies have strongly opposed such ideas as these, mainly because they generate a fixed amount of money that doesn't grow even if people download more music.
Sean Ryan, vice president of RealNetworks' RealOne Music division, said the idea of requiring copyright holders to authorize the same activity that they blame for billions of dollars in lost sales was both unrealistic and strangely familiar.
Referring to the now-defunct file-sharing pioneers, he said, "This is the same type of argument that Napster essentially used two or three years ago: 'We will make the pain high enough that they'll have to negotiate with us.' "
http://www.sunspot.net/technology/ba...logy-headlines
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Targeting Porn on Pirate Sites
Police Seek Traders of Illicit Images on Song-Swap Networks
Ron Scherer
District Attorney Tom Spota does not download Britney Spears songs. But he thinks it's likely his college-aged daughter exchanges tunes from Internet file-sharing programs.
So he was incensed when a confidential source told his office that there was child pornography — lots of it — to be found by simply typing Britney's name on such services as KaZaA or Morpheus, Internet sites known for facilitating music-file trading. The Suffolk County, N.Y., district attorney then mounted an investigation, which led to the indictment of 12 people for possessing and promoting child pornography.
"I could have used the full resources of my 150 prosecutors working eight hours a day to prosecute because there is so much of it," says Spota.
The problem is just now coming to the attention of law enforcement officials from Wyoming to Long Island, N.Y. Prosecutors are serving up indictments. Federal agents are actively working on leads and anticipating their own indictments.
Last month, the Senate Judiciary Committee heard testimony that the programs represent "a major growth area" for the distribution of child porn. And grass-roots groups are clamoring for more controls, especially a requirement that file-sharing software providers obtain parental permission before minors can download.
Because of the nature of the Internet, it's hard to quantify the problem. But reports of child porn in shared files have jumped up to 400 percent a year recently, according to National Center for Missing and Exploited Children (NCMEC) in Washington, D.C., which acts as a clearinghouse for child-porn tips. And since 2001 the center has received 1,500 reports of child porn in shared files, out of 152,000 leads annually.
"The titles [of shared files, such as 'Britney'] are bad enough, but when you combine that with the natural curiosity of kids, there is a real risk of what they are exposed to," says Robbie Callaway, chairman of the NCMEC.
Indeed, investigators say many of the keywords that bring up pornographic files include names such as J. Lo and Mandy Moore, or words like "young" and "play." Callaway, who is also president of the Boys and Girls Clubs of America, recently saw a dramatic demonstration of those cues. An agent typed in "Boys and Girls Clubs" on a file-sharing site. "It had nothing to do with us," Callaway says of the pornography that came up.
Police are preparing to track down offenders. Last month in Connecticut, computer expert Detective Michael Sullivan of Naperville, Ill., taught colleagues from Portland, Ore., South Bend, Ind., Cape Cod, Mass., New York City, and elsewhere how to understand the "peer-to-peer" (P2P) shared files and identify offenders.
The file-sharing networks have attracted pedophiles because of a perception that it's harder to be identified through them. "They think there is far less risk, they leave fewer fingerprints," says Callaway.
But trained investigators say they can find offenders. Recently the Wyoming division of criminal investigation arrested a man trading child porn on a file-sharing network. "One of the comments he made was that he uses P2P because there are a lot of cops out there on chat rooms and he thought it provided some extra anonymity," says Flint Waters, the lead agent for the state's Internet Crimes Against Children unit.
Law-enforcement officials are hoping the suppliers of services will help. For example, many Internet service providers (ISPs) maintain logs of users for only a few days. "The longer the better," says Tatum King, section chief at the CyberCrime Center at U.S. Immigration Customs Enforcement.
Two weeks ago, police in Germany broke up one of the biggest international child-porn rings, with 26,500 users in 166 countries. But there are still plenty of traditional child-porn Web sites, including pay sites and chat rooms.
http://abcnews.go.com/sections/scite...re_031006.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A CD Burner to Go, Size XS
J.D. Biersdorfer
People who are burning up the miles can also burn DVD's on the go without needing to haul around another hefty piece of hardware. The new Digistor UltraSlim DVD Multi Burner from Sunland International, which weighs less than a pound, can record and play DVD discs in three formats (DVD-R, DVD-RW and DVD-RAM) and record on CD-R and CD-RW discs for data backup, archiving and video needs on the road (or on different computers around the house).
The external slot-loading drive offers a choice of high-speed connections to the computer, with both FireWire and U.S.B. 2.0 compatibility; cables are included. When connected to a six-pin powered FireWire port, the recorder can draw enough juice from the computer to function without being plugged into an outlet. An AC adapter is supplied for use with unpowered ports.
The drive records DVD-R and DVD-RAM at a speed of 2x and DVD-RW at a speed of 1x. For compact discs, the UltraSlim records CD-R at 12x and CD-RW and 8x.
The Digistor UltraSlim DVD Multi Burner works with Windows Me and later and sells for $399. (More information is available at
www.digistor.com.) The drive comes with plenty of software, including Ulead's MovieFactory 2, VideoStudio 7, DVD PictureShow and DVD Player
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Broadband At The Price Of Dial-Up
BBC
Tiscali are to offer broadband net access at the same price as dial-up connection.
For £15.99 a month, the service provider will offer a 150Kbps connection, three times faster than dial-up.
"The new offer gets rid of the price gap between narrowband and broadband," said Steve Horley, Tiscali's net service director.
But analysts and net providers are sceptical that the low speed will offer the broadband experience people expect.
'Bonsai' broadband
Most people can get a standard broadband connection of 512Kbps for about £30 a month, although there are higher speed products available at a price.
Tiscali's recently appointed Chief Executive Mary Turner told BBC News Online that their new product was for people who want a faster connection that what they get with their dial-up 56kbps modem.
"There is a whole section of the population who want the broadband experience but do not require the 512Kbps speed or do not want to pay £30 for it."
She added that many cable net access providers offer the broadband speeds of 150Kbps, so Tiscali were opening up the choice for ADSL (Asynchronous Digital Subscriber Line) customers.
Tiscali hope the cut-price package will attract about 20% of the UK net access market, which BT Openworld, Freeserve and AOL currently dominate.
With 80% of the UK able to access broadband services, Tiscali say their move will inject more competition into the high-speed net access market.
But BT were sceptical of the announcement.
"Tiscali are really just dressing up a basic product launch with spin," a spokesperson told BBC News Online.
"All they are doing is announcing yet another product, which other companies are already offering."
He added that competition between high-speed net service providers was already healthy.
http://news.bbc.co.uk/1/hi/technology/3174644.stm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Time Warner Whacks Wi-Fi Users
Jo Maitland
Time Warner Cable, based in New York City, has filed a lawsuit in federal court against iNYC Wireless Inc., an ISP it alleges has tapped into its cable network, stolen its signal, and resold it for profit (see Time Warner Sues WiFi Provider).
The suit also names the cooperative board, managing agent, and superintendent of the London Terrace Towers, one of Manhattan’s largest residential apartment buildings, located in Chelsea, where iNYC Wireless is said to have been reselling the service.
The lawsuit alleges that from May of this year iNYC Wireless illegally intercepted Time Warner Cable’s Road Runner cable lines and, using the exposed lines running through the hallways and common spaces of this building, fed the intercepted signal into a network of wireless LAN, or "Wi-Fi," transmitters, amplifiers, and repeaters installed in London Terrace’s stairwells. Once the Road Runner signal reached this Wi-Fi network, iNYC wirelessly transmitted and resold it -- as its own proprietary service in return for a monthly fee -- to building residents who were apparently unaware they were paying for a service that originates with Time Warner.
”iNYC does not have an agreement to retransmit or resell our Road Runner service, nor has it ever requested permission to use the service or informed Time Warner Cable of its use of the service,” says Keith Cocozza, spokesman for Time Warner Cable.
The lawsuit seeks an order barring further interception and redistribution in any building by iNYC, as well as monetary damages from the accused. Time Warner did not disclose the financial details.
Wireless LAN services -- or “hotspots” -- are created by hanging wireless access devices off DSL or cable networks. The access device bridges one medium to the other by converting the fixed line signal to a radio signal. These hotspots are thought to be in at least 15 million homes and offices throughout the U.S.
The problem is that one paying subscriber can set up a wireless network that allows several other people, within a radius of 100 to 300 meters, to access the Internet for free, or for profit.
”It’s a problem for the cable companies when people resell the service, but it becomes an interesting question when they are sharing their connection for free,” says Richard Stiennon, analyst, Gartner Inc.. “If a customer has paid for bandwidth, they should within reason be allowed to do whatever they want with it.”
Analysts say the crackdown by cable companies is reminiscent of the industry's attempts to target cable thieves in the 1980s who would open up cable modems and “chip them” or use unauthorized decoders to get extra channels for free. Satellite providers have been through the same thing with people climbing onto roofs and tampering with dishes to increase their coverage.
Time Warner isn’t the only cable company defending its turf against wily Wi-Fi users. AT&T Broadband (NYSE: T) has sent angry letters to customers threatening to cut them off if they continue to extend their service to neighbors. And Comcast Corp. (Nasdaq: CMCSA, CMCSK) makes a point on its Website of noting that it neither endorses nor supports home networking. Under its terms and conditions of use it states that customers are prohibited from:
(ix) Reselling the service or otherwise make available to anyone outside the premises the ability to use the service (i.e. wi-fi, or other methods of networking), in whole or in part, directly or indirectly, or on a bundled or unbundled basis. The service is for personal and non-commercial use only and you agree not to use the service for operation as an Internet service provider or for any business enterprise or purpose, or as an end-point on a non-Comcast local area network or wide area network.
Not everyone is taking such a prohibitive stance. Verizon Communications Inc. (NYSE: VZ) for example, offers a Wi-Fi extension package with its Internet service; and Speakeasy, an ISP based in Seattle sells a Wi-Fi product called NetShare that enables its customers to share their connections with neighbors. If those customers charge their neighbors for the service, Speakeasy takes its cut of the profit in exchange for taking care of the billing and authentication of those users. Speakeasy does not charge its customers if they are sharing the connection for free.
”Prohibiting users from sharing a service with neighbors is eroding a market opportunity… It’s too early to say 'no you can’t do this,' and then turn around and complain that broadband isn’t growing fast enough,” says Mike Apgar, Speakeasy's founder and chairman.
Anthony Townsend, a spokesman for wireless hotspot advocacy group NYCWireless (not to be confused with iNYCwireless) says it’s shortsighted of the cable companies to be adopting such a hostile attitude to their customers. “They need to find a way to harness this demand, not cut it off,” he says.
http://www.boardwatch.com/document.asp?doc_id=40441
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Popular File Sharing Software Now Available Without Adware, Pop Ups & Banners
Press Release
ThinDivide.com has released ThinDivide v3.65, the first advertisement free and adware free file-sharing application that is being offered FREE despite its $19.99 retail value. ThinDivide v3.65 can be downloaded at
http://www.thindivide.com.
ThinDivide.com has released ThinDivide v3.65, the first advertisement free and adware free file-sharing application that is being offered FREE despite its $19.99 retail value. ThinDivide v3.65 can be downloaded at
http://www.thindivide.com. The release of ThinDivide v3.65 comes as a competitive response to increase installations and market share as more and more users continue to demand a file sharing application that is void of pop-up advertisements and the cluster of optional software programs that accompany all of the other major peer-to-peer software applications on the market today. ThinDivide enables seamless connection to the Gnutella Network, which includes LimeWire, BearShare, Morpheus and Gnucleus users, making one of the largest peer-to-peer networks on the Internet. With ThinDivide v3.65 you can download the hottest music, games, software, movies, pictures and more.
In addition to being connected seamlessly to the Gnutella Network, ThinDivide v3.65 is fully integrated with a built in file-sharing accelerator to ensure maximum sharing speeds, enables users to communicate through IRC chat, interacts with LimeWire, BearShare, Morpheus and Gnucleus users and much more. ThinDivide v3.65 is an advanced peer-to-peer file-sharing program that enables users to share any digital file including images, audio, video, reports, documents and more. Content developers and owners may now easily broadcast their files through the ThinDivide Network. You can now publish your works and easily share it with a global audience. ThinDivide v3.65 makes it easy to publish your work, your family photos, home videos, academic reports, travel journal, diary, recipes, music from your own band - your imagination is the limit. The only action you have to do is put your files into a folder on your own hard disk and you're published!
http://www.emediawire.com/releases/2...prweb83438.htm
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4 Plead Guilty In National Software Piracy Scheme
AP
Four men have pleaded guilty for their roles in an online piracy ring that illegally distributed tens of thousands of copyrighted materials through the Internet, authorities said.
Federal prosecutors said Thursday the guilty pleas are part of a national probe into pirated video games, movies, music files and computer software. Some of the file servers were located at the State University of New York at Albany, authorities said.
The investigation is continuing, and authorities say they expect to charges others in the scheme.
"The magnitude of this problem is serious and can't be underestimated," U.S. Attorney Kevin O'Connor said. "Stealing the intellectual property of others is no different from any other form of thievery."
The defendants -- three from New York and one from Washington state -- pleaded guilty this week in New Haven to federal counts of conspiracy to commit criminal copyright infringement.
Prosecutors said three of the defendants were actively involved in the "warez" scene, in which copyright-protected material is "cracked" and made available illegally through the Internet. They face up to five years in prison if convicted.
The fourth defendant helped maintain the Albany university servers, and if convicted faces a one-year maximum sentence.
The prosecutions stem from Operation Safehaven, a 15-month investigation that in April resulted in the seizure of thousands of pirated CDs and DVDs and dozens of computers and servers.
http://www.cnn.com/2003/TECH/biztech....ap/index.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Group Takes Nonstandard Try At Antipiracy Standard
John Borland
Frustrated by the lack of a copy protection standard that might help the digital content business reach the mainstream, a high-profile digital media group is taking matters into its own hands.
MPEG LA (MPEG Licensing Association), a group of companies that hold patent rights that are related to the MPEG 4 audio and video standard, has created its own description of what features it thinks that digital rights management (DRM) technology should include. It's asking patent holders who think that their technologies might fit the bill to submit them for review. And it's serving as a licensing clearinghouse to make elements of those technologies readily available to other developers and manufacturers.
The group isn't trying to recreate copy protection products such as those sold by Microsoft or IBM--but it hopes to simplify the legal, technological and licensing chaos that has helped keep an antipiracy standard from evolving.
"Without a strong digital rights management system, digital content providers have limitations on their ability--and really their desire--to provide content," Lawrence Horn, spokesman for MPEG LA, said Thursday. "This is our effort to give people some level of comfort."
The group's announcement marks an end run around traditional standards-setting practices, reflecting the media community's continuing impatience for the unsettled state of the copy protection business.
During the past few years, Microsoft's products have risen to the point of a near-standard in the nascent business of digital film and music distribution, aided by the financial collapse of several potential rivals. But media companies aren't ready to cede full control of the market to a single company, particularly one as powerful as Microsoft.
As a result, they've continued experimenting with Microsoft and other rivals while watching closely for signs of open standards such as those created under the auspices of the Moving Picture Experts Group (MPEG). To date, that body's recommendations have lacked copy protection components, but it is now slowly starting to address the issue.
MPEG LA isn't waiting, though.
The group's description of an acceptable DRM technology isn't intended as a traditional standard. It hasn't been vetted over time by panels of industry experts. It doesn't describe how to do or build anything specific. It just provides a "high level" outline of the features MPEG LA thinks should be included in an average acceptable content protection system.
The group is asking any company that has patented copy protection technologies to submit them. If the licensing coalition thinks that a given technology fits the description, the technology will be placed, with the patent holder's permission, on a list of patents that can be licensed all at once. The list will be made available to people or companies that want to create their own devices or software that include an element of content protection. MPEG LA will simply provide the list of all the DRM technologies available, with a listed price, and serve as a one-stop shop for anyone who's interested.
If Samsung, for example, wanted to build a new mobile video player that included DRM support, it could come directly to MPEG LA for the licenses it needed instead of researching and licensing a myriad of others' patents.
If enough companies in the business join the coalition, MPEG LA's generic description may even take on some of the influence of a standard, driving what people expect from DRM without ever having gone through the drawn-out standards process, industry insiders say.
At least a few digital media companies are excited about the idea.
"I believe this will remove the roadblock to DRM implementations," said Talal Shamoon, CEO of InterTrust Technologies, a company that owns large numbers of rights- management patents. "Once you have nondiscriminatory published rates--history teaches (that) this is a market-enabling thing to do."
However, the effort could rise or fall on the participation of larger companies such as Microsoft. InterTrust is suing Microsoft, contending that virtually all of the software giant's content protection technologies violate its patents. But Microsoft's market position would clearly make it a key player in any central DRM clearinghouse, regardless of the outcome of the suit.
MPEG LA's Horn said the clearinghouse could launch even with big holes in its portfolio, although that would be less convenient for potential customers. A Microsoft representative had no immediate comment on the MPEG LA plan.
http://news.com.com/2100-1025-5085867.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Digital-Rights Group Knocks 'Trusted' PCs
Robert Lemos
A high-profile digital civil liberties group is criticizing a component of the "trusted computing" technology promoted by Microsoft, IBM and other technology companies, calling the feature a threat to computer users.
The paper, which was set to be released late Wednesday by the Electronic Frontier Foundation, analyzes the promised features of several different trusted computing initiatives. The efforts aim to develop next-generation hardware and software that can better protect data from attackers, viruses and digital pirates.
Applauded in the paper are three features of the best-known trusted computing technology, Microsoft's Next-Generation Secure Computing Base, that may be positive ways of securing consumers' computers. However, the EFF criticized a fourth feature--known as remote attestation--as a threat that could lock people into certain applications, force unwanted software changes on them and prevent reverse engineering.
Remote attestation allows other organizations that "own" content on a person's computer to ascertain whether the data or software has been modified. Such technology could easily be at odds with a computer owner's interests, said Seth Schoen, staff technologist for the EFF and the primary author of the paper.
"We have a technology that doesn't exist today, which computer users are being asked to adopt," Schoen
said. "If the new technology can be used in many ways that run counter to the interest of the people, then I think asking them to adopt it doesn't make any sense."
Microsoft, IBM, Intel and other companies have teamed to create hardware that would secure the world's personal computers and win the trust of service and digital-content providers. Microsoft initially proposed a software-hardware system, called Palladium, that would enhance security, while IBM and Intel formed a group called the Trusted Computing Platform Alliance to work on a hardware system.
The companies have formed a new group, the Trusted Computing Group, to work on a single hardware design that will be supported by a number of software programs, including Microsoft's controversial security prototype.
Many critics of the proposal have warned that such systems will wrest computer control from consumers and place it in the hands of software companies and digital-content owners.
The EFF proposes amending the trusted computing initiative to include a feature called "owner override," which would allow computer owners, whether individuals or companies, to essentially lie to an organization that attempts to ascertain the integrity of their content.
Refusing to provide the information required by remote attestation won't work, Schoen said, because such a refusal is still giving something away. "In criminal cases, you can take the Fifth Amendment," he said. "While the jury is not supposed to infer anything from that, the general public certainly infers that the person is guilty or has something to hide."
Only the ability to lie to remote software or a content owner will allow the PC user's rights to be protected, Schoen said.
A representative from Microsoft, which has spearheaded much of the development behind trusted computing, wasn't immediately available to comment on the paper or the proposed feature.
http://news.com.com/2100-7355-5085442.html
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Trusted Computing: Promise and Risk
Seth Schoen
[
Download PDF 44k]
Introduction
Computer security is undeniably important, and as new vulnerabilities are discovered and exploited, the perceived need for new security solutions grows. "Trusted computing" initiatives propose to solve some of today's security problems through hardware changes to the personal computer. Changing hardware design isn't inherently suspicious, but the leading trusted computing proposals have a high cost: they provide security to users while giving third parties the power to enforce policies on users' computers against the users' wishes -- they let others pressure you to hand some control over your PC to someone else. This is a "feature" ready-made for abuse by software authors who want to anticompetitively choke off rival software.
It needn't be this way: a straightforward change to the plans of trusted computing vendors could leave the security benefits intact while ensuring that a PC owner's will always trumps the wishes of those who've loaded software or data onto the PC.
http://www.eff.org/Infra/trusted_com...0031001_tc.php
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Meditations on Trusted Computing
Fred von Lohmann
In 1641, in his Meditations on First Philosophy, mathematician and philosopher Rene Descartes asked how it is that we can trust our senses. What if, he asked, everything we experience is actually part of a delusion created by an omnipotent demon bent on deceiving us?
It turns out that a similar question has been weighing on the minds of Microsoft, Intel, and a number of other computer companies. How do you know that your computer is actually what it seems? After all, hackers could have broken into your computer and replaced the software on it with software that imitates, in every particular, the software that was on your computer before. To you, things would appear unchanged. But now your computer is under the hacker's control, logging your every keystroke, copying your most sensitive information, and sending it out over your Internet connection.
This points to another nagging epistemic doubt-how can any software on your computer trust any other software running on your computer? For example, when you run an anti-virus program, how can it be sure that the operating system hasn't been subverted somehow? After all, software installed by the hackers could intercept any warnings before they were output to your display, replacing them with screens announcing "no problems detected."
In short, how can you be sure that everything you experience on your computer is not part of a delusion created by hackers bent on deceiving you?
These are not idle questions. Today, computer users are increasingly besieged by malicious, hard- to-detect software designed to subvert computers-viruses, Trojan horses, worms, and spyware, to name just a few. This specter haunts not only individuals, but also a wide variety of companies, including health care providers, movie studios, intelligence agencies, and others who routinely entrust valuable or sensitive information to computers.
Enter the Trusted Computing Group, comprised of Microsoft, Intel, AMD, and several other large computer technology companies. The TCG companies are working on technology that will let you trust that your computer is what it appears to be.
http://www.eff.org/Infra/trusted_com...editations.php