Wednesday, December 15, 2004

More on Aharonian...

Reuters and CNet have covered Greg Aharonian's lawsuit on the unconstitutionality of software copyright, but I know where we can get a copy of his complaint. More information on this lawsuit can be found here:

Now I understand why some of Aharonian's comments about "bad physics" in regards to software copyright case law seem so familiar to me... He's got a Master's Degree in Physics from Cornell and a B.S. in Physics and Computer science from Brandeis University. He's a Physicist (by training)!!! I can identify with that...

Aharonian mentioned something interesting, in correspondence, that he said wasn't covered in the Reuters article (my emphasis):
Finally, one part of my lawsuit not mentioned in the press is that nowhere in the copyright statutes (§ 17 U.S.C.) is software copyright actually authorized. Congress has never voted in a bill that was signed by the President to authorize exclusive rights in software. There is some vague legislative history, vague legislative intent, but no law. So whatever, the first step is to get Congress to pass such a law, which is required by treaty.

Indeed, as the great Nimmer on Copyright states, software copyright is "tacitly assumed" to be a law, which means it isn't.

I wasn't aware that there needed to be a bill passed to authorize software copyrights, but then again I am not a lawyer... I'm not expected to know these things.

One intellectual property lawyer I spoke with didn't think this would be a critical issue, however.
Dozens of courts have already ruled that software qualifies for copyright protection under the existing definitions in § 17 USC 102. There is no need to explicitly implement it under any treaty. As long as US copyright law protects software in practice, there is no need for Congress to pass an explicit law protecting it. Treaties can be abided by through practice and still comply.
As for myself, I'm not going to hold my breath waiting for software copyrights to be overturned on a legislative technicality, but I have a tremendous amount of sympathy for the other issues that Aharonian raises... If a simple misunderstanding of the meaning of "access" can result in rulings like Lexmark and Skylink, then just think of the mess we might have if terms like "idea" and "expression" are equally vague.

Tuesday, December 14, 2004

Should Software by Copyright-able?

The news today is that Greg Aharonian, a famous critic of software patents, has filed a court case trying to overturn the copyright-ability of computer software...

Apparently, he's been working on this for three years! Here's something he wrote back in 2001 that just warms my little physicist heart... Here's the first paragraph, with some added emphasis:
For over thirty years, software copyright has been a succession of court cases and law review articles based on bad law, bad logic, bad mathematics, and/or bad physics (Benson, CONTU, Whelan and Altai being all of these). I have decided to write a critical review arguing that software copyright (and dependents like TRIPS, GPL, Bernstein, Junger) should be abolished in light of 17 USC 102b and its equivalents - for one reason - it is bad law with no logical basis in the mathematics and physics of information processing.
I'm trying to get a copy of the filing he made in San Francisco so I can compare it to the Skylink and Lexmark rulings, but I haven't got it yet.

All I can say at this point is that I strongly support the idea of reformulating copyright and patent law around fundamental principles that are both self-consistent and physically reasonable. It's long overdue.

Wednesday, December 01, 2004

Son of CSS: HD-DVD v. Skylink...

Just as luck would have it, I was doing some research on the new HD-DVD format wars and Ed Felten comes up with a new article on it...

AACS: Son of CSS

AACS is the Advanced Access Content System. It is the next-generation technology that will purportedly solve the "piracy problem" for movies on HD-DVD. AACS basically serves the same function that CSS does for regular, low-def, DVD movies, but it's a lot more complicated. If you want to know all the technical mumbo-jumbo, you need to read the AACS Technical Overview...

I've read it, but I won't bore you with the technical details. There is, however, one very important diagram on page 21 (the next to the last page) that makes everything very very clear.

No Palladium, No HD-DVD

In that figure, you can see two little gray rectangle(ish) boxes labelled "Authenticator in AACS Optical Drive" and "Authenticator in Host". The "Authenticator in Host", on the right, is suppose to be part of your computer. Hmmm, my computer doesn't have one of those yet...

If you look at the diagram a little longer, you'll see that the authenticator in the HD-DVD drive is supposed to talk to the one in the host (your computer). Those two authenticators chat back and forth to make sure they're both "authentic", and once that's decided they continue their conversation over an encrypted link.

The only technology I've read about in the past few years that would allow devices to "authenticate" themselves to each other and allow them to have private, encrypted, conversations would be Palladium.

Palladium, if you remember, is the "new" technology that is supposed to "secure" your computer and make the Internet safe for eCommerce. It also has the effect of enabling all kinds of Big Brother and/or anti-competitive activities. There was a big uproar about this a while back, and that's why nobody calls it Palladium anymore. The new name for Palladium is now NGSCB, the Next Generation Secure Computing Base. Intel just calls it "safe computing"... After all, who's willing to vote against "safety" in this post 9/11 world... Now back to AACS...

AACS is designed so that there will be an unbroken chain of strong cryptography between the HD-DVD media and your video card. As long as that chain remains unbroken, there will be absolutely no possibility for consumers to exercise their traditional fair use rights.

The reason Palladium is necessary is because all that strong-crypto needs to be tamper-proof. Any step of the process that isn't protected by Palladium technology can be hacked, through software, to allow fair use. Without Palladium, there is simply no other way to meet the design goals of AACS.

Obsolete By Design

The other thing Hollywood has learned from DeCSS is that it's a mistake to use a single, permanent, cryptographic key. If I remember correctly, each region-encoded DVD used a different media key. Once that key is compromised, everything is vulnerable to "piracy". Under AACS they have the ability to "revoke" a compromised media key and create a new one.

Revocation is like changing the locks on your house, except that your player is the key and the HD-DVD movie is the house. Once the locks on the house have changed, there's no way to use your old key to get in and grab a beer.

The real kicker is that the AACS Licensing Authority can change those media keys at any time. They don't have to wait for a Jon Johansen to write DeCSS. They can do it any time they want, for any reason whatsoever. For example, they could decide to revoke a media key whenever sales go flat and blame it all on the "piracy" problem.

This is an excellent method for stimulating sales, because once they revoke that media key you won't be able to watch the latest releases on your old HD-DVD player. Now you'll have to go buy a new HD-DVD player. Just remember, don't go buying it on eBay... You'll have to buy a brand-new one because ALL the old players on eBay will have the same revoked keys that yours does.

And how many of you think you'll be able to watch your old HD-DVD movies (you know, the ones with the revoked media keys) on a new HD-DVD player? I'm betting you won't be able to... Why? Because it'd improve Hollywoods' bottom-line if you have to go out and buy new copies of all the movies in your library.

It's in the interests of both the consumer electronics manufacturers, and Hollywood, to revoke these media keys as often as the market will bear... This is the easiest way for both industries to maximize their profits.

Unless we change the law, I predict that fair use isn't going to exist for digital media after 2010. By then, nearly all of our current computers will be dead and the only ones we can replace them with will have Palladium inside. Without the force of law, I don't think we'll ever convince these industries to recognize fair use... Why? Because not recognizing consumers' fair use rights will makes them more money...

Don't Forget the Lawyers

Inevitably, someone will crack AACS. And just as inevitably there will be DMCA lawsuits. But any new DMCA lawsuits will have to take Skylink and Lexmark into account, so it might not end so horribly this time.