Hacker News new | comments | show | ask | jobs | submit login
Technology to circumvent online copyright enforcement (adamsmith.cc)
23 points by adamsmith on Jan 8, 2010 | hide | past | web | favorite | 28 comments



Classic geek-misunderstanding-that-mathematical-ambiguity-is-not-legally-interesting post.


There are an infinite set of mathematical tricks available here, some of them so obfuscated that enforcement would probably need a few years to catch up. Not to forget that printing a hard copy of the bytes of an MP3 may even warrant you free speech protection (remember the reaction to the DeCSS legal issues, like printing it in T-shirts).


Encryption and obfuscation barely slows down enforcement at all.

1. Install the P2P software du jour.

2. Download some infringing content.

3. Notice what IP addresses the software talks to. (e.g. using Wireshark)

4. Send "pre-settlement" extortion letters to the people behind those IP addresses.

5. Profit. (Seriously.)


This doesn't work because some of the bits the software downloads couple be "innocent" bits. E.g. the firefox installer or some random looking piece of data. Any bits can be brought into involvement by the system, hence the denial of service.


Note that due process doesn't apply to extortion. Mike Freedman gets a ton of inaccurate nastygrams from copyright enforcers, but they don't care. They keep sending them. This situation may be evil, but it exists today and it generates significant revenue. (It doesn't seem to deter much infringement, though; I guess people think it won't happen to them.) http://www.freedom-to-tinker.com/blog/mfreed/inaccurate-copy...

Also, any P2P system that downloads a significant amount of extra data won't become popular anyway, since it will be slower than non-deniable P2P. Freenet suffered from this, since all the pirates switched to the more efficient BitTorrent.


Not new, Jason Rohrer even wrote a proof-of-concept implementation:

http://en.wikipedia.org/wiki/Monolith_%28computer_program%29


There is a really good rebuttal to said implementation entitled "What Colour are your Bits?" at http://ansuz.sooke.bc.ca/lawpoli/colour/2004061001.php (http://news.ycombinator.com/item?id=506986).


The rebuttal is indeed good but I believe that the following quote is a bit strawman-like: "When it's scrambled by Monolith, the claim is that the resulting file has no Colour - how could it have the copyright Colour? It's just random bits!"

The claim is not that the file has no Colour. The claim is that there is no way to distinguish it from one that has no Colour. I am not convinced about the implications, this way or another. Just saying that it is not as simple as in the quote above.


Quoted from the article:

> Under the lawyer's rules, Colour is not a mathematical function of the bits that you can determine by examining the bits. It matters where the bits came from.

Unless one end of the bits source is from blackbox countries, like China. If you finally get some international cooperation done perhaps the work is already unpopular and no one really cares. Enforcement takes time, and technically in today's unpefect world copyright can be dragged to an unworthy degree.


Thanks for the link!

I wrote a new section called "Possible Extensions" under that article, including a subsection for the "Plausible Deniability" angle that cookingrobot came up with!


A lot of mis-thinking here.

> it’d be strange for Firefox to be found guilty in any way

How could they be? They are completely uninvolved. Take another example: if you film [maliciously] someone being, say, raped using a Sony camcorder are Sony party to the offence? (the metaphor isn't quite right but I cant think of a better one off hand, it serves)

The other mistake, I think, is in believing the data in it's particular form is what means he is breaking the law. Because I'm sure every sane person agree's it is impossible to impose laws on a specific string of bits - if you happened to randomly "type" the bits that, when parsed as an MP3, sounded exactly like the Lady GaGa song would you call that a violation?

However the intent to provide the copyrighted material to someone whatever the form you hand it out in is what's important. right?

(I make no comment on whether such law is right/wrong etc.)


This reminds me of when Richard Stallman cracked down on CLISP (before it went open-source) for being distributed with, and linking to, a GPL-protected library of some sort. The legal argument of the distributor was that he was providing the library, and it was the user that was linking it. Stallman checked with a lawyer, and apparently the law treats that as a "subterfuge" and that you're "really" distributing only one program, which has only been "disguised" as two (quotes from [1]). IANAL, but I would assume that judges would follow similar lines of reasoning in this implementation, that for practical effects you are "really" distributing a copyrighted file, even if the distribution process at one point happens to involve only a pair of statistically random data[2]. In the limiting case, they can just say that the two files comibined constitute a distribution method, and you'd be hard-pressed to argue that.

[1] http://clisp.cvs.sourceforge.net/*checkout*/clisp/clisp/doc/...

[2] Note that while either file on its own is technically random in a statistical sense, they are not independently random. Even if you XOR in Firefox, the data is only pairwise-independently random, not completely-independently random. So the random argument actually falls on its face.

[N] It also made me think of this, even if it's not directly related: http://xkcd.com/538/


Stallman was on shaky ground with CLISP. The reason CLISP became GPL is because the author eventually decided he liked the FSF's philosophy.


Since the OP is talking about XOR, why not use Information Dispersal Algorithms ?

I asked a similar question on #askreddit the other day, what if I put the odd bits of a movie on a server in Ukraine and the even bits on a server in Sweden, a special kind of media player live steam the content, reassemble small chunks in memory on the fly and playback it on a monitor directly? Technically I am not pirating the movie unless I was caught watching it right now.

The #askreddit people suggested me consulting a lawyer :)


This is just a more obfuscated version of the incorrect "BitTorrent isn't infringing" argument.

Distributing half of a copyrighted work is probably still infringement, so whoever is operating those servers would be in trouble.


> Distributing half of a copyrighted work is probably still infringement, so whoever is operating those servers would be in trouble.

Which leads to a natural but important question: to what degree of information means copying? Does 1's and 0's also means part of copyrighted work so nobody can use binary?

Also, mathematically, can we build something like probability of copyright?


This also allows some good plausible deniability. If someone knows you're using this sytem and forces you to decode your collection of random bit files, you can arrange 9 out of 10 of them to get a harmless plausible result (a bunch of harmless pictures / private tax files etc). Only by adding the last bit file does it turn into what you're trying to hide.

If you only show part of the solution, it looks like you've unlocked it and the result is harmless.


This is a brilliant point!

I added your idea to an edit I made on the Monolith wikipedia page, which now describes three variations of the Monolith protocol: Pseudorandom Basis Files, Lawsuit Denial of Service, and Plausible Deniability.

http://en.wikipedia.org/wiki/Monolith_(computer_program)

Thanks!


Thanks - the incredibly strange thing is that I was thinking about exactly this idea this morning, just a few hours before reading your post. I just couldn't believe the coincidence! Love Xobni btw.


Music is hex-data which is complicated to discuss, let's talk about copyrighted code.

here's the scenario: What if some deductive programs (like prolog) happens to compile another piece of code to your code?

First you can't sue a system like prolog (assume the system itself is copyright free)

Secondly you can't sue some deductive code since it's totally different thing, which went through some process and happens to be the exact same as your code.

A perfect example to make myself clear: http://news.ycombinator.com/item?id=911331

This applies to music as well. Let's talk about .midi files first. I have a sequence of notes which is still playable music, went through a magical convert formula, and produce the exact same midi as copyrighted ones, which step is liable?

In one word, copyright just a label, for a certain static combination of information. And this static state can be generated by infinite alternative legal means, which is why copyright system is ridiculous. The only thing copyrighted in this universe is time. You can't reverse time (at least for now).

So copyright is really a moral issue. People are doing you a favor for your copyrighted works' publicity.


Wow, you're way overthinking this. If you are responsible for getting a copy of some copyrighted material into the hands of people who don't deserve it, then you are almost certainly liable. It doesn't matter how obfuscated the process or where the bits live.

If you have a copy of Copyright File A and through some actions cause another copy of it to be simultaneously possessed by someone else, then you distributed it.


What about fair use?

It is theoretically legal for me to write an article about a song, and include a ten second clip of that song. It is also legal for another person to do the same thing, but with a different part of the song.

At some point, the entire song becomes downloadable, but without any party distributing it outside of their fair use rights.

Now what?


Now all of you are liable for infringement since what you did was clearly a convoluted yet deliberate scheme to distribute the song.


No, this all happened without organization. For any moderately popular song, this is likely to happen.


There's a P2P system that uses a similar idea: http://offsystem.sourceforge.net/


Sounds a lot like what Freenet has always been trying to do.

http://en.wikipedia.org/wiki/Freenet

If I recall correctly, files are split up, passed around and encrypted so you don't know what your serving up


This is brilliant.


I think it will be easier to just host a bunch of MP3s in a country that's unfriendly to the US.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: