He was arrested for talking about defects in code. Corporate programming code is now considered infallible like the Bible, thanks to the DMCA. There are no such things as bugs; thise are features. Talking or writing about defects to corporate programs, especially its copy protection, is blashphemy. Dimitri should be burned to the stake for saying blashphemous things about Adobe e-books and how to get around its noble, pure encryption protection.
Also, the guy in Norway who invented DeCSS should be drawn and quartered for that blasphemy, 2600.org as well, for making that tool that allows DVD’s to be played in that bastard language Linux.
And that treacherous Princeton professor, for betraying SDMI, and saying it is worthless, should be hanged, burned, and drawn and quartered.
And those who download mp3’s from Napster or Gnutella, you’re next!!! You’re next!!!
No, he was arrested for producing, selling, and publicly describing methods to exploit those defects, in direct defiance of the current law, and solely to promote his own profit-making ventures.
And I contend, Chas E that the “cryptography”, circumvents the consumer’s fair use rights, among them to have the product they bought in multiple formats and to be played in multiple platforms for home use only.
I think this commentary sums it up pretty well. If anyone should be in jail it’s Adobe and other eBooks encryption vendors that are selling weak encryption services for hundreds and even thousands of dollars. C’mon, rot13?
I absolutely agree with you, capacitor, but Dmitry is bad publicity for the forces against the DMCA. He’s the worst thing that ever happened to movement against the DMCA. How are we supposed to get any credibility when the current martyr is a spamware vendor and pirate? There’s even a hacker jargon for the rights that people like Dmitry scream about, they call it “frea speach” to distinguish the “right” to free speech via spamming and property theft from real 1st amendment rights.
Until Dmitry screwed things up, the leader in the DMCA challenge was Ed Felten, distinguished CompSci professor at Princeton, security expert, and witness for the Government in DoJ V. Microsoft. Felten responded to the RIAA’s “Crack SDMI challenge,” defeated the problem, and then sued the RIAA for permission to publish the results. He’s on sabbatical at Stanford CyberLaw Institute for the next year, so he can work solely on this case.
So take your pick. You’ve only got one leader here. It can either be a scumbag spamware vendor who makes money on the side from cracking ebooks, or a distinguished professor with no financial interest in the problem, only an intellectual interest. I think only ONE of these people has a snowball’s chance in hell of overturning the DMCA. The other one will probably rot in jail for being such a goddam idiot with bad karma.
Chas, I just want to commend you on your total objectivity.
But I wonder… if I could ask for your opinion on the way I’m looking at the matter. The link OneChance provided says it rather well: “While publishers fret over the potential of illegal copies of their books, Sklyarov’s presentation reveals that they could be ripped off in an unexpected way: by producers of astonishingly inept cryptography software.” I mean, how much would you pay for a safe that can be picked with a paper clip, so to speak? I am not aware of the russian’s intentions-- you say its pure greed-- but it seems that he’s brought to light a legitimate concern.
For Eris’s sake, one of the programs used a simple cypher to protect the data! Hell, might as well lock my door by tying a rope across it, and leaving the knife on the stoop. What is your opinion of these companies that he “exposed”?
Frankly, taking up the choice you made above, I’ll take the “scumbag.” He had a whole lot more than hot air on his side; the same cannot be said of his detractors.
erislover, I am aware of Dmitry’s presentation and AFAIK none of the weak crypto systems are in general use. I’m no fan of security through obscurity, but he could easily have described the problem without demonstrating how to crack them to a group of programmers.
You really should go read the Felten case. He’s done everything you described. He’s shown that SDMI publishers can be ripped off due to their weak crypto and he forced the RIAA to abandon that cryptosystem. And he informed the authors without getting arrested. Now he wants to publish and will devote himself to the lawsuit until he wins. And he will probably win and overturn the DCMA.
The difference is that Felten didn’t brag of his exploits to hackers, he worked the system. You have to overturn this corrupt system from within, and that’s what he’s doing.
Actually, if that’s the case, then why did they wait until after his presentation to arrest him? If sales were the real issue, then they should have nabbed him beforehand. I think it’s telling that they let him give the speech before arresting him, even though they knew exactly where he was.
He was, it seems, arrested for talking about the defects.
He that would make his own liberty secure must guard even his enemy from oppression; for if he violates this duty he establishes a precedent that will reach to himself.
Sorry, Sua, I don’t see how he can, since American laws have jurisdiction only where the U.S. rules. Our laws don’t extend or apply to other countries. You can’t take local legislation and apply it globally. Otherwise, Iran could have American beachgoing women extradited to be executed for showing flesh in public. We could all be extradited to Saudi Arabia for prosecution under their laws as heretics.
Get it? We aren’t violating their laws because we don’t live within their jurisdiction. And Dmitri Sklyarov didn’t violate any American laws, because the actions he’s being prosecuted for didn’t take place in anyplace where American laws apply.
Except for giving a speech at DEFCON. Which I’m sure falls under the protection of the First Amendment, being speech and all… Hopefully the DMCA will be struck down as unconstitutional by the time both of these cases come to fruition.
Chas, I agree that Felton’s case has more going for it, and that Felton is a more admirable human being, but it doesn’t matter. The Bill of Rights protects assholes just as it protects nice guys. The law is supposed to be objective, and both cases are trying the same point. Both cases are about a law being used for prior restraint of speech, which is unconstitutional. Period.
By exporting kiddie porn to the U.S., Joe Schmo has “availed” himself of the U.S. market, and thereby comes under U.S. law. Turn it around a second - Joe Schmo exports a legal product into the U.S., under a shipping contract that holds the product (and the liability) is his until it reaches the customer. If the product is damaged en route (inside U.S. jurisdiction), Joe Schmo is entitled to come into a U.S. court and sue the shipper for damages. If you can avail yourself of the benefits of U.S. law, you can be hit for liability under U.S. law.
In the Iranian and Saudi examples you give, the beachgoers and heretics have taken no action that puts themselves within the reach of the laws of those countries. They have not “availed” themselves, and thus are not subject to foreign criminal action.
And Joe, the fact of the matter is that he was arrested for the creation of the software, not for giving the speech. If I were to guess why he was arrested after the lecture, it would be twofold. First, simplicity. He’s scheduled to be at place X - the Feds would know exactly where he is, and so it’s easy to grab him, rather than going to his hotel room and discovering he’s wandered down to the casino floor for a quick game of craps.
Second, and more important, his speech provided evidence of intent. He publicly discussed the weaknesses in the Adbode system, and (I’m guessing) likely mentioned how his program defeats it. With this open admission of intent, he won’t be able to use the defense that he had no intent when creating the software that it could be used in such a manner.
The Feds could have proven intent themselves by demonstrating the working of the program at trial, but now their job is easier - all they need to do is call a few witnesses who attended the speech, rather than potentially confusing the jury with technical explanations.
I would agree with Sua on this one, Joe. One element of national sovereignty is that the nation can make laws with extra-territorial effect. The important point is to distinguish between the fact that a country has passed a law with extra-territorial effect, and the practical difficulties of enforcing it. The law only has legal effect within the domestic legal system of the nation that enacted it, and other nations may choose to ignore it completely.
So, you could have someone who’s in another country, breaching a U.S. law. There may be a warrant out under U.S. law, but if the host country does not view the offence as subject to extradition, the person is immune. As long as he stays out of the U.S., he can’t be prosecuted. But if he ever wanders into U.S. jurisdiction, or is taken there forcibly (think General Noriega), then the U.S. could try him. (For example, if the U.S. ever manages to get its hands on bin Laden, I’ll bet the feds will try him on terrorism charges, even if all the events in question, like the bombing of the U.S.S. Cole, occurred outside the U.S.)
Generally speaking, international law frowns on excessive reliance on extra-territorial law, unless there is some clear connexion between the individual and the country in question. (e.g. - citizenship, acts being completed partially in the country, and so on). As a result, most countries are generally restrained in their use of extra-territorial laws.
There are some exceptions, like piracy. Because of the nature of the offence, most countries make piracy an offence and give their courts full jurisdiction to try someone accused of piracy, regardless of nationality, circumstances of the offence, ship’s registry, and so on. International law has long recognizes piracy as a universal offence.
The fact that an act is committed by a corporation does not automatically immunise the corporation’s employees/directors from criminal liability. Otherwise, to take an extreme example, it would be too easy to incorporate “Murder, Inc.,” whose business is to arrange contract killing, being the middleman between the person wanting the hit, and the hitman. It’s no defence for the director of the company to argue that all his/her actions were taken solely as a director/employee of the company. Corporate personality may create civil immunity, but not criminal.
That doesn’t mean that every employee/director of a corporation that commits a criminal offence is automatically liable. It always depends on factors such as the individual’s knowledge of the offence and participation in it. So the “cog-in-the-wheel” type of employee would typically not be affected by criminal charges against the company, other than possibly being called as a witness.
So, if Chas.E is correct and Mr. Sklyarov is essentially Elcomsoft, then he may be criminally liable for the actions of the company. If, on the other hand, Mr. Sklyarov can show that he had no personal participation in the sale of the software in the U.S., he may have a defence. I would expect that this will be one of the issues that will be debated if the charges ever come to court.
It is worth noting that the individuals who end up pushing the envelope of freedoms against government intrusion are frequently not posterchildren for all that is good and noble.
Now, I’ve been an antispammer for a long time (think Cantor and Seigel), and I’d like to see Dmitri rot in jail as much as the next guy, but not for this. There is more at risk here than just karmic retribution for a ratware vendor. Indeed, if one takes a few moments to reflect upon the spam wars of the past six years, and where things are going, and what this law entails, one can find ample reason to defend Elcomsoft.
