Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Has Digg Dug a Legal Hole for Itself?



 By: Brian Prince
2007-05-03
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
The change of course by Digg.com has not settled anything.

Call it the Internets version of a bloodless coup. A revolt by users of Digg.com led the administrators of the Web site to reverse a decision to remove stories containing code used to circumvent digital rights management for HD-DVDs.

But the change of course by Digg.com has not settled anything; instead the latest flare up regarding the now-infamous code highlights both legal and security issues facing HD-DVD technology and the Internet itself.

Digg.coms initial decision to take down the stories was spurred by a cease and desist letter earlier this week from the AACS LA (Advanced Access Content System Licensing Administrator).

The AACS LA licenses the encryption technology meant to protect HD-DVDs from illegal copying. The move by Digg.com angered many of its users, who quickly mounted a campaign to get the information back up on the site. Faced with the overwhelming opposition, the company caved and users who opposed the takedowns won out.

But the decision by the company could open it up to legal action by the AACS LA for a possible violation of the Digital Millennium Copyright Act, a series of provisions that prohibit the production or distribution of technology that circumvents DRM.

Intellectual property attorney Ian C. Ballon said case law on the issue is clear.

Resource Library:
"Were not talking about a work of great literature…we are talking about a small segment of code thats only used to crack copyright protection," said Ballon, who works at the law firm Greenberg Traurig LLP in Silicon Valley.

Ballon cited Universal City Studios Inc. v. Corley, where the defendant, Eric Corley, posted the code for DeCSS—a program that decrypts DVDs— to his Web site. A federal court ruled his actions were not protected under the First Amendment.

Ben Riley, an attorney for Howrey LLP in San Francisco, said the situation centers on a number of important questions. For example, he said, the question of how much responsibility Digg.com has regarding such content needs to be resolved, particularly since the company tried repeatedly to remove the posts about the code and was overwhelmed.

Also, its questionable whether simply posting the code is enough to constitute a violation because the hack requires additional software and technical know-how, he said.

Click here to read more about the Digg-AACS controversy.

"If someone gives me the code, I dont know what to do with it," Riley said.

Ballon said that part of the problem is there are certain urban myths about what the law provides.

Many people in the libertarian community believe certain actions are protected just because they think they should be, Ballon said. Instead of throwing up their hands and yielding, Digg.com owners should have taken this opportunity to educate their user-base, he added.

Digg.com CEO Jay Adelson said the company had not received any further communication from the AACS LA and was not worried.

"There is a risk, [but] I wouldnt say it keeps us awake right now," he said.

Adelson said the incident is not about copyright infringement, and added the key code in question had been in the public domain since it was first discovered a few months ago.

But that, Ballon countered, is not the point.

"The fact that it is available on multiple places on the Internet doesnt make it legal," he said.

AACS LA officials would not comment on whether they were planning any further action.

Given the difficulty of the hack, it is unlikely many people will use it, Forrester Research analyst James McQuivey noted. However, from a piracy perspective, it only takes one clean copy on a file-sharing network to do the damage the content owners are afraid of, he added.

Alec Main, chief technology officer of security vendor Cloakware of Vienna, Va., said that when it comes to thwarting hackers manufacturers of HD-DVDs are simply going to have to do more.

"They need to make sure that their products dont allow for hacks where keys are grabbed in memory, or the keys are extracted from their device, or their firmware is patched," Main said.

"This is a license requirement they sign up to. If they dont follow the rules—and we expect some of them not to do it right at the beginning, or not have the expertise to do it right—then these devices can be revoked so they dont work anymore on new HD discs."

"This," Main contended, "should be pretty powerful incentive for the manufacturers or software developers to do it right if they hope to build a good business and want to protect their brand."

In the end though, every content protection scheme is hackable, McQuivey said.

"The hope on the film studios part is that high-definition video will save them from watching the DVD market dry up as digital downloads erode traditional in-store DVD purchases and even rentals," McQuivey said.

"But if high definition disc formats are cracked this quickly, it will make studios less confident in putting their content on HD, which ultimately will slow down legitimate HD distribution, thus giving piracy a chance to flourish."

McQuivey said that the only long-term antidote to this kind of hacking is to make your content available widely in any format consumers are interested in using.

"If content were available on PSP, on disc, online, via x-box, on VOD, in short, anywhere, the desire to steal content would leave the minds of all but the most dedicated pirates," he said.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.



  Reader Comments: Has Digg Dug a Legal Hole for Itself?
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Brian Prince
 


x}ks6*Q3{L=RJ64ԭRQ$$1H-IV8_N?q9g&-`h F;> IM ל۔O]sSãw$5C2I=*_rdz&9%G jL7R}f]S kkL|Aშ :':@.Pk< Z535ԗoˏ~e0.ڎIQ6*6Oմ,lZ P8$H.( fwm<"a}# $aT6O(L|@ɤ:ģzr(˺79h4öۼCٰo4TiUE9*TR9?Wcm9 U;[޾޹RV5MQjU0> n0up;܀RrLEess^_ad}+1UJ Z. G$_::^'N{_ xZԊhGZAArIja̳|3+i*5$NߒM-~k~>EF,[sAT4 行ĠK`Wk2^tܜn/9n:MvIs!)|q!5M0\ܱ8֪V7`Kk'ޮC燩M[CyC0-ߕRMRs?#1\$>wNHN‰,-90omYn_H.T|Y|ěy30si2).ߦI[ atBjm҄& )B:%ϹuWϝ5>Hr Ca)#8?%Wi8@r5)6K .wR<? dz!CCZ9nVȨUSA%EI7CD r23~B(PHQ>z%Kus7p@WMcrjNTʊ0Wr{gH .uƍv"e.ڽ^cT364>P ,I!eݴ%稫V)b1WJPX=*‹JMU~ _q-~~b2B cgLt tA`::)~ҧ#|>5և$!|emxq=Z.3+ЍEXn`Nt&HQp{4ڭm= K!PI}xXS9&z(tH h&r=kIׇ.[?? ; G`r]ɝ5y0fkwCPb(զπCρY\7 >)@}>g )nвc@Ѥ7=YKܺym&,@PCb;*=sy?&4ğ;n'=׾d +Zsξ : jkab恄7_ƅ/Љk`{:[:P[%,Y^W꺰+]65e&A>0|p$'Z>pd`/Rݷ&٤ bJ ,䧢\R ~D[d"vd\6˰@e9ִ &;rm۽F z4,HҜЧȅ@s@M~N!3pPQ@1"NOu/+_.sz>UF>3 $hDc4e2f-4_\0-cJD%hXPr&S4Z0@yvG0$t`m\>(cpFl`^\|<ׇ> B K'"Z``Ek ǖYCǖbT۔І[|P*'8~Ò?DBQcG=ܴ>?CU^oVw"JPVblxcC+jrTT+ 7;|~~{ F  *|}1@Mf?Sc`9{RJo?0t*tɕ`s|Oi_LFbT~\yRglסڳi22󓫻玾Z+U c ׃nc>֍Ln~Uc6~zzi0bZ`(n<0{L3wJ> in4rd2~6PZMm"Y"N_ %{$2Z9p驔rgPWtY/sO6qDzGTUe@5yH3k9 =EЋqc*&jخOl8oy U8e3 S`e3˕2~^`3X Z>2~ ti6tЋ­7*6P#I+*~ EGQպi2TBE-) Co 9 ^M LKf?lͥZ57g X~sBx) 2wI$y0ŗ!%Kg O@lXC=B3SnIoΛZx\ XҌh;yX^5eH$f~`MٸUZS%uZU ՂV'sٞE(FߋCWeRԣo{{C4}óf?"X7P)~39Ȕ:C\Դ"Hw ضRsG%D.,ӄ1ZbQ"Y @rvjT Gr2RDBZNBq<:N+tSN\+T'.n\&#I q`w0DB*nLGFDssb^n>A*@/I6]C.:;Ղ_ ݘ`3axք-$QԕºƶO}y9rGLЫH;~x;C:(#r|KM $(XCOճ"ju.?J6yx0\m6SB&T ˓$-I^O eqj ieʒ~ j'1ۡ ґۓ]5/G8 (OLkrwisy/Psq%1sgKU  KQk Ia)-#*VZRZ-V6yʏxi: a!]9$gy/гOZEbݩcscE)v6x}y:b1ݞne)ܱ?jw{操~{Oj9ЛS}AԢnLq;Xz} H{O,˜j8;_=?P.zZTrcܙXn ˳0q!~xGM{@uS棏g 95gNy ZwN{},da3n/c_ ?-m-8t砞CTϏ%ɘNBAWU-u+lko(jY9sJeOVr{d,'Qd1 0dƛq+=#tzo=ȥֻq?*~Ϻ7]f+wB%mJK{9nhp;D%ýqQ#y∶K`#j>b{k&bi4W;Tn{sֈu'|ȞFcԶفE|yg,d9a}4ؖrbLd<$J;mmݭn T v_!O!%FJ-cm!_Ц õcVǴ p8|+؊wf/'Ɏ?e{kA|;-e\1kp௩7/__B !]sѴg=.00S/sK[^}:lQߏo%~!ө*Ͷ.CN_X6 ؝aA*5&u%o.ܧ?únC(9<:u~{/ NDj#rߣɎ- \S a_tLEuIq `֜Բ/q n@oZ^tǔzݦ|bz݋ՉRFBsNߴݩevwgihKA- 8+xNhЮ6ۏ!sM˜|]f0ߨ7>?w%%?9y JbF2maxh/`˖Y-y1^qSIћGɒ p畅F¼cyJkE%b1)tg@8[NBb&:L~q ]\60G|K}wjB{ L@- tF$6|JKauL$"UGv<c>V j9}ԏvZ;fuI*qIM(+Vc~&2'%KR$]q"q/.+q=PnI%Nt`>s.U j)ι4KҬ1$$Zy5DJZ&rLyvdv} ){r:`[gーlP Q_m 8?sqBim¥LDSk}j<(8?n!7#pz6C&3>; ?u j=NX,VKb%E @{NLm5BAŤR0!R^v7A'n;Ŧ'g#DPeIOƝ,8TL$?sIC,4Mo/GDv)єL}6z%X;ஊ$>y,.j#mBtLi`Nuv(_% a5%-HX23,$\0K xu o^4d8cj}|%mk/8ëa:xs?gH͡;nO K"X j ´t0x#^nx[BቸѰ߉jJjm[*YuRy:70FH<եt kJg.˪%uڗE!_0D!̛ b"? K  (ek*AUYs'Ia8vI}@]N@n~gHeX-+ IH"@b+ ayH87Ag/h |4Ze[*̪Rc̥/] 땧DΡcDsB ƭ/YtzFbP.)Q>R֔, kI0ȥy{Բu/ y#kb62^#Kl.(Xe6p픏7Wʼn0^\]Riw=,+hl/sѰ`LtWAx7JG]Ot'}Y4Shg 1-Gغꖔ} 'ZI¤RQ>iJ,a\`u\" xVa0D`4|L޶]"b4%研۟;))FUcM l^ e(rm˟HZXm!-l` $l+H;[x+ 8hj-) veH_,7ĂpZ(,H:/]ٕR/'`yіzb*gXdg(s4>aqPk#/x6- ڄ)ON;*le֘:^w.Gޓ01mtl&ac6 Qd=k%%tFǘ#?:aL'b \IH iK? -%{nO~uK*DIqXb}~:xS%c5>RҲ|y=W/!_if#e։ V(b2X5skxz(0J7z |pL`I|`u1 נ 8we/ ~髢WHgb=[_Ukr2$M [({8S[xz1̾C1= aL:XTl3;CԸl`tq"o(RwkʁV=P, xC߸֊[NiΞCm,%f| 4Ґtr'u8xJ8뽰) ̰.$,Sy=a9ͿG)4E;Loto7Hb䭽d?$b5ß}^~ J5?+O|dQ?$(p+BOq'H|#}E<춖DQ#=t{7 Uhul?LGT8K[,z+pf$5d _M ,v؉a/)ȁ;[ 9(яTmSO&7܊sJN(a?4>(CZPBZ]%’M=Is9ꚚrMm @`~PDZC@ O^a)qc) kpx΃L,[7 $?87핡6ǜMEfA7uT9ޛUs\:$VG ]J1xy[O֘0HtL'f<::BMĂE7mWBhx#-F55Rhsܴ5̈Gbv \mz^CJ;7^\6.W@O[jkwhDP"ͪND`h:z 1z1[TvXSm6w4%" pAƮ8M/k瓔KPI ף6:F̽O$MDF0U 2; JI-Gy=0|/]YjJEU0=j2ˍZ+@=(Urs<2paz`{g`z%E[Sb|rO}K;TQ`o3_跔cg% fl9 sXx[Mw5=x zt3!>r$B]0_ ; m HX#NNhBZtl&nUZ TJ z'W[ ByFsgyo?qbS{-5r1 %'e~f6Wlfm?ڒVo5JzK(ӘALL@9ݱX t ތjg~RߊMX{070r-x+jO;DTg Lo\Č\>fF+iASKOW1h?k[{F+PSC,6M$AeЃ5T?0Խ' )( 5 >U@8AnKeT6 _|L`߄7>FSS. Arj$p ?>>|6ژyiF$YcMr'\Ix#Oĥ)׀!gxRWH7}H['鍀I5䏖+62sjl /uhߴۿ =4;};ozxX2+u..)a >ΐi0 0ߣSCO좺tW}Yr*?Dr6Б`5A1HSP+|k7\_R0FDu2t083*%U&cP <"m Gg^q79m[ 45A!,^C. Q? ogqbZ#v:0 w5,ǰL#&|x\`}\16Faŷ^(l8*wxcF||>+0m/ (ZU,%@S"V21n Q@J ͍$ '\Zon㑃) &.X`3Yej xpƧX<> 4S rVp͒wgy6t0^Q1e& > sXDeb@Ԕ0(VIB qXR~DB(s s$c 36ú~6 _fy@p),f,TՊR &uUu]j)q^]{ YV^"_ӄ\I \A] / PIZ W}G`frOtv ͫ/{M&OǽUӽ$ x¶-r5uw[_NW_N;e?8F;6M&ƋBrfde(AN/mf)NT3\H^Eƒ<^;OKvEGcqy^ ̠;'a?)Qe;̋ QW~4A7[vec+t_?gg:^Z3rROmj7~\>sMދp4ħyO\#4[E9yF/PKFPkF5_o.?i63ʻP(GJo.oZ(?\~ 9Gnj6urN+2ʡsQd^K/ \~3k\d"c" >" \/2yA@s\ȜHǣqi@B" D4{HO8=\zI[F$Q=7]6pqSn$/M 5O } .omG;yh#62f;w S췡\|#ه^V՟p3lc}k|W;}}<\5?Cg>'[_u}MoMg:RNw ߽,R+tAc,>(NBhعO>vЍ 5zȪoQF#{41K$:́a[CR'|(VT+[-WJr=LAqz@ b3jJUNmJTL3DAzg l]fJLZCO4 DX)f⸇}Ll-FG R1=:jǬ*ۼx0l{yN؛ڎy@ ?o ;X j-$R1W!+Bfx;ϩc 61bn41|u¿z:'e@R5ǝarV4@8vh#xqKSÏYF T |BO%/F|&߲5zOGE U2AlZhq_1(|s˸ [5FdX#jXMr3 9;9_bZ$l#KFUxk0 #C0LtJpI{׻s (*-c8]tin`wƨ*&&] "!𼙄׌/<›L IU?莏틷D#˙Z#Nrlu ZQ'8݈83xwZf$]Hnz-˖w>'ąlۨ\wvnCkvu7Le'/T3| _xc3vtAu<8z!_L 8$2*n]KLt7?u 61-dt{x$[eKV;rs[`&<{-YRcm^S%&aBc I=X`u/DrNL=cOai%BAWd]& A_&|NbOhSx*5gmҵCuhB .\~yW,XwkPX#e vMgA۹"=מ 7X?_0~L\Ќ븀R(K9م՚u8:\5m$$&b3@ gYlVBHQ۝aZm& ¬s]q =c"1bi?v"酰xZ^y-:l#,߃ |w,C䷧cS֒_/gwcǁyvԷeE&PL1)Žc#U%$tnRbtw|7(6؎|%Og ϻ#J>)n9wa3o"7*ePީ|_v܅eNUhJm;:d2֭0kc'pg !MX|wVulg8G d9a7r.KH|nTȂUf2{{:з57d(a|ӽ^4(NAeRb0yMvųFc ?dtK&b[pQ@ lӟѮR`nlPP`Olԙj3w6E}2\XGx kyf#ŧS+o[wt-(5x>;n6m˟~HױQ5¶`:#Vڕ*zYD1e~}=3Ӳg(q2,@zPpPхk+We$ցi)>.*ZF#$Wd-ԭ典<P0߀~c.vQeNܔMF.D]hT)*ʢ6M /ߵ3qݼg®,vyX\FtX3' cgb@xO=f_qxN|0ؙ9uOUt g)dv̅2 !Nyyu~ҕ^)I&acQd+8*)ؐrkO`LbO1, Tv7}MA 'Ɣ ϰO" s+׶),w`O|eٍ1}arrYW`2-.<'̳(`),dv"V9rsh{h۟sT*Ha$ R3 [Ev z.t3\04xqϢa0SSQ2+JѬd;j 9_yrϸȅ^`\YJ^y{nB(O}y9rC*gꙺUN'Ў7z_a}B}FBl4*7dzy:n/.[RXF^ZP$Du $zWVs1Y7L~c Whc<[Wy&F2V*wNVtƦI21qzRSV}p0v&bBmP?-۔̡r&s.#KMfZ)ҦG(ϙc>tg Mt )>)vml-6C-{CW*