Re: [nylug-talk] Legal Paper

[Jay Sulzberger <jays@panix.com>]

On Thu, 21 Dec 2000, Michael Sims wrote:

> On Thu, 21 Dec 2000, Ariel Rosa wrote:
>
> > Yeah the need comes when you want to decrypt the dvd to view it. For that
> > there are standard dvd players. The hardware needed to copy a dvd is quite
> > simple if some one wanted to pirate dvd's it is very easy. furnish your own
> > mechanisms to copy the data bit by bit 0 by 0 and 1 by 1 from one disck to
> > another.
> > not at all impossible.
> > take a look at those devices that oems use to mass copy harddrives
>
> > > > I can just set up some hardware to copy a dvd to a dvd as raw data. So
> > > > there is no need for de-encryption.
>
> I'm going to have to take issue here.  The whole debate over copy-protection
> has some very poor arguments thrown around, and this is one of them.
> Copy-protection does not have to be 100.0000000% effective in order to be
> effective.  The mere fact that DVD-duplicating devices exist, somewhere, does
> not mean that DVD copy-protection is ineffective.
>
> There isn't one person on this list who could make a duplicate of a
> commercial DVD within 24 hours.  You don't have the equipment.  And it
> isn't a matter of "I can just set up some hardware, so there's no need
> for de-encryption".  YOU CAN'T DO IT.  Just because someone, somewhere
> in the world, can, doesn't mean the copy-protection was ineffective -
> it's 100% effective against you.
>
> Somehow, somewhere, a meme ingrained itself - if something isn't
> absolutely perfect, it's worthless.  Au contraire.  CSS isn't even
> AIMED at mass-duplication piracy, never was - they explicitly say it
> is intended to prevent consumer-level copying.  And it performs its
> job rather well - 99.9% of the human race will never, ever, in their
> entire lives, copy a DVD.  I could probably add a few more nines to
> that figure and still be accurate.
>
> So, you know, I think it's great that people can pick nits and point
> out that someone, somewhere, isn't stopped from pirating a DVD.  But I
> think it's a hell of lot more accurate, and a hell of lot more useful,
> for people to focus on the fact that CSS is an INSURMOUNTABLE barrier
> to fair use of DVD content for damn near everyone affected by it.

The usual analyses are naive.  The note I passed on about the system of
"trusted hard drives" mentions that the key material is on the order of
one megabyte.  Once one gets over two mistaken assumptions of many
amateurs of cryptology

1.  keys are approximately one K bits long

2.  pairwise interactions dominate

the whole landscape of possibilities expands.  Certainly Microsoft can
produce peecees that will only run code approved of by Microsoft, and
indeed, only code approved of at the moment the code is run.  It is an odd
historical accident that today IBM style peecees can even be loaded with
other than Microsoft OSes.  And we know that Microsoft will start selling
superior peecees before 2002.  The press and the public and the
legislatures and the courts simply have no idea of the questions they will
decide over the next two years.  And neither do users and designers and
coders of free cryptographic stuff.  My bet is we'll win most of the
battles, but we will need to fight harder and smarter than we have to
date.  Luckily we are starting to get the money and allies we need.

oo--JS.