Keep It Legal To Embarrass Big Companies 148
Bennett Haselton is the founder and head of Peacefire, an activist group to support the free-speech rights of young people. He suggests that you might want to download the X-Stop "smoking gun" evidence (4MB) before the company has a chance to remove it from their server.
The feature below was written by Mr.Haselton.
X-Stop is an Internet censoring program with an encrypted database of 370,000 URL's blocked under various categories: Sex, Drugs, Rock `n' Roll, etc. Their competitors like SurfWatch and Cyber Patrol also do not publish their blocked site lists; the officially given reason is to keep kids from using the lists to find smut on the Internet. This is silly, given how easy it is to find Internet porn without the aid of X-Stop's secret database (although if you still want to, you can download our codebreaker, follow the instructions to get the X-Stop list and decrypt it, and help yourself). But for the next part of our report, after we decoded the URL list, we looked at the first 50 URL's in the .edu domain that were still valid, and found that 34 of them were regular student home pages with nothing offensive (hence the "68% error rate" t-shirt slogan). None of those 34 students who responded to our e-mails could think of why X-Stop would want to block their pages.
X-Stop admits on their Web site that their database is put together by a Web spider called "Mudcrawler" and not by human reviewers, but even for a machine, a 68% error rate is pretty bad. And even though the real reason why these lists are encrypted is obviously to keep competitors from stealing them, this also makes it much harder for third parties to find out what the programs really block. In fact, X-Stop had once claimed that every URL on their list was reviewed by a human before getting blocked, but cyber lawyer Jonathan Wallace called them on it when he published "The X-Stop Files" in 1997, asking why X-Stop blocked several sites like the Quakers home page, the AIDS Quilt, and parts of Jonathan's own e-zine, The Ethical Spectacle. Peacefire also put up a page in 1998 about sites blocked by X-Stop, including an affirmative action site and a blind children's hospital. But these examples were all found through trial and error; today is the first day that the entire list of URL's has been made public. And to determine the 68% figure, it was necessary to have a copy of the entire list, so that the first 50 blocked sites could be used as a random sample.
So far, this is more or less the same story that took place in 1997 with another blocking program, CYBERsitter, right down to Jonathan Wallace posting a page about CYBERsitter and getting his site blocked. First, several people posted articles criticizing CYBERsitter's policies, and slowly CYBERsitter's public image deteriorated as word got out that they were blocking sites which criticized their company (even Time magazine got blocked, and then posted an article about how they found themselves on CYBERsitter's list). Then in April 1997, Peacefire released a program that broke the encryption on CYBERsitter's list of blocked URL's. CYBERsitter sent Peacefire a threatening letter demanding that we take down the program and remove all of our links to CYBERsitter's Web page. Jim Tyre, a volunteer lawyer and future founding member of the Censorware Project, sent CYBERsitter a reply telling them they had no case, and we never heard from them again. But UCITA, the Digital Millennium Copyright Act, and the two court injunctions against the right to post DeCSS, didn't exist in 1997. If we had released the CYBERsitter codebreaker today, would CYBERsitter actually file a lawsuit?
The outcome of the DeCSS court cases could, in fact, determine the rights of a private citizen to embarrass a big software company by reverse engineering their products and catching them in a lie. It's easy to forget the importance of legal protection for reverse engineering, because sometimes public opinion is enough: RealNetworks never sued Richard Smith when he revealed that copies of RealPlayer included a "globally unique identifier" to track user's listening habits, and Microsoft never sued Andrew Schulman when he discovered that Windows 3.1 threw up fake error messages about DR-DOS. These were large companies that would have been crucified if they had tried to sue someone for discovering something that the public thought they had a right to know anyway. But legal protections are still important, because sometimes public opinion isn't enough - when the software company doesn't have much of an online reputation to worry about, or when then they have a reputation but they don't care about it.
The RIAA, with their campaigns against MP3 technology and reverse-engineering SDMI, is an example of an organization that doesn't care about their online image - and why should they, since we all download our music for free anyway. CYBERsitter is another good example - they do care about their reputation, but in 1997 their image was that of a children's guardian angel and an ally in fighting government censorship, almost immune to criticism. It took an enormous amount of bad press - letters from CYBERsitter's CEO threatening ISP's and flaming people in general, and at one point actually mail-bombing a lady who sent them a complaint - before even advocates of blocking software started distancing themselves from the company. Even today, CYBERsitter's public image is fairly rosy, and their campaigns of legal harassment hardly affected their reputation at all. (What had you heard about CYBERsitter before you read this article?) It's hard to imagine Microsoft, for example, filing a similar lawsuit without embarrassing themselves and turning their intended target into a martyr. The real threat to "reverse engineering for the public good" is from medium-sized companies, small enough that not everything they do will get in the news, but still big enough to afford lots of lawyers.
This threat affects not just programmers, but even journalists who get anonymous tip-offs - like Brock Meeks and Declan McCullagh, who were threatened with an FBI investigation by CYBERsitter in 1996, after they published their "Keys to the Kingdom" article about sites that CYBERsitter and other "censorware" programs blocked. The part of the article that got them in so much trouble was this excerpt from CYBERsitter's bad- word file:
[up][the,his,her,your,my][ass,cunt,twat][,hole]
[wild,wet,net,cyber,have,making,having,getting,giving,phone][sex...]
[,up][the,his,her,your,my][butt,cunt,pussy,asshole,rectum,anus]
[,suck,lick][the,his,her,your,my][cock,dong,dick,penis,hard on...]
[gay,queer,bisexual][male,men,boy,group,rights,community,activities...]
[gay,queer,homosexual,lesbian,bisexual][society,culture]
[you][are][,a,an,too,to][stupid,dumb,ugly,fat,idiot,ass,fag,dolt,dummy]
If this now counts as a "trade secret" under the Digital Millennium Copyright Act, then our list of the 50 .edu sites blocked by X-Stop - and the study that found the 68% error rate - could be declared illegal. And under UCITA, CYBERsitter could even claim the enforceability of these excerpts from their license agreement:
Reverse Engineering Prohibited
Unauthorized reverse engineering of the Software, whether for edcucational, fair use, or other reason is expressly forbidden. For the purposes of this license the term "reverse engineering" shall apply to any and all information obtained by such methods as decompiling, decrypting, trial and error, or activity logging.Non-Disclosure
Unauthorized disclosure of CYBERsitter operational details, hacks, work around methods, blocked sites, and blocked words or phrases are expressly prohibited.
So any CYBERsitter user who even discusses what the program blocks, would be in violation. Not that CYBERsitter would enforce this against everybody, but they probably would have liked to enforce it against Brock and Declan.
At this point, we don't know how X-Stop will respond to our report. But we do know that for all of their bluster, CYBERsitter never actually sued Brock, Declan or Peacefire. Given that CYBERsitter pursued the matter for months (and the fact that Brock and Declan had actual money), if CYBERsitter gave up, it's because they had no case. If the Digital Millennium Copyright Act, UCITA, or the DVD court rulings change that situation, then it will become much harder to criticize blocking software - or any kind of software - except for the user interface and other things that users can "see" without looking under the hood.
Like I've said before... (Score:4)
(Those with keywords on the brain have a rare, but fortunately treatable, disease called Greperitus. The cure for this is to hit yourself over the head with a salami sandwich, repeating "Grep is not all-powerful. Grep does not out-rank The Great Linus.")
Nor does it make any sense to filter everything for every user of the software. What is wanted, IMHO, is an ability to selectively control what is filtered and what isn't, maybe by nature, relying on volunteer-maintained databases and/or filters of what fits into the category you don't want. (Sort of like a super-Junkbusters, but not restricted to just banner ads.)
I e-mailed a couple of organisations involved in promoting filter software, to see why they promoted such packages. I did NOT get the usually claimed line of "it's for the children". What I DID get was "if you go into a bicycle shop, you expect to see bicycles. Why should public Internet terminals be any different?" Now, -that- is a line of argument I can have some sympathy for, which is why I think self-selective censorship makes much more sense than blanket, keyword stuff.
To make sure this is on-topic, I can't say I sympathise with companies that provide encrypted dictionaries with network software. If they didn't want you to have access to the dictionary, they could just as easily have the filter software connect to a database at THEIR end. Ergo, they are not -really- serious about not letting you access their dictionaries. Ergo, reverse-engineering is being implicitly permitted, because they are not taking obvious, simple measures to prevent it.
Embarassing such companies, IMHO, is a good idea. Force them to declare where they stand, and make them act on their beliefs. The more these companies are forced to actually -occupy- the moral high ground, rather than merely claim it, the better. Anyone can claim anything, but morality cannot co-exist with dictatorship. The sooner these companies are made to be moral, the sooner they will stop trying to be thought-police.
Cacheflow! (Score:2)
209.137.141.68
...
cacheflow1.direcpc.com
cacheflow.tcg.sgi.net
206.49.216.243
ch2smc.bellglobal.com
ch1blm.bellglobal.com
Re:Future? (Score:1)
Xerox (Score:1)
If words were wisdom I'd be talking even more
Re:What qualifies as Europe...? (Score:2)
> in Sweden from my home here in the US of A,
> and do all my hacking there, then what?
Hmm interesting question actually.
If you used ssh to connect to the server in
the other country...it could get very interesting.
I would imagine you would still be under US law
sinc eyou were in the US when you did it (at
least according to the authoritarians who run
the US maff^H^H^H^HGovernment.
However, assuming you do not do this...then it
would require them finding out it was a person in
the US who did it...and ALL of the evidence would
be on a machine in another country...
This of course means requesting that either
A) The sysadmins of the machine volunteer to
cooperate with US authoritiarians or B) The
US Authoritarian regime contacting the regime
where the server is located and asking them to
go through their process for forcing the admins
to cooperate and give up the info.
Basically...if you were smart about it...and
released any reverse engineered info in a
fairly anonymous way...it would make prosecution
nearly impossible.
Hmmm who else likes the idea of running fiber
lines from 5 or 6 countries out into the middle
of the ocean and setting up a platform in
international waters just full of servers?
allow anyone to get an account for free and have
a policy of not cooperating with ANY government
wrt identitfication of acounts...support only
ssh connections to the server...even add an
anonymous remailer.
Course...I imagine within a year or so...all the
governments would be pissed off to the point that
they would just send a few ships out and sink the
damned platform but...hey...its a nice idea....
perhaps some satilites....
too bad its all to expensive to offer accounts
for free. I don't think people should have to pay
to hide their identity.
In any case...it would make any discussion of
making reverse engineering illegal a moot point...
since anyone would have a safe place to do it and
publish from.
Re:Blocking by /keywords/ ?!?! (Score:1)
That sentence sounded quite funny at first to me because in French "con" can mean (among other things) the women genitals, which reminds me of the questions of how do they to keyword-block foreign porn site, let say an other-alphabet-language porn site with no english language (except for the navigation maybe?). Maybe it's time to create your porn site entirely in Klingon ;)
Re:Rights (Score:1)
Judges, like legislators, are elected: until the public is intelligent, the government will never be.
Re:Rights (Score:1)
When they took the sixth amendment, I was quiet because I was innocent.
When they took the second amendment, I was quiet because I didn't own a gun.
Now they've taken the first amendment, and I can say nothing about it."
-----
Re:Ahh... So naive you are. (Score:2)
*But* with some luck I might bring the law down with me. If the UCTIA gives the little guy a chance to screw with the big boys, the big boys will make sure that it goes away.
Re:Brave New World? (Score:2)
In fact, I bet most of the people pushing this case actually believe CSS does something to prevent copying.
Reverse Engineering (Score:1)
Uh, yup. Check this out, from the CYBERsitter license agreement (quoted near the end of this article):
You'd be interested in the bold part. But also, I think it's interesting that they think they can prevent "fair use." Would this really hold up in a court? How can this specific license overrule "fair use," which is a federal law, right?
Re:Open Source Censorware? (Score:1)
If the KKK and NAACP put up lists, take your pick. Or choose neither or both.
Maybe that way parents who don't want to take responsibility for supervising their children can at least take responsibility for choosing who they trust to take responsibility.
And maybe it will help the common folk realize that the open source community aren't just anarchists, but are really trying to help people get control of technology.
Re:Maybe sell smut files? (Score:2)
Cyber Patrol is a strictly opt-in deal. Parents get it to "protect" their children from filth and smut. Employers get it to "protect" their employees from distractions. Those are both definetly within their rights - they supply the computer for a certain set of tasks (homework, games, research (games doesn't apply to employers
IF you take objection to libraries and other public resources using internet filters, take it up with them, your local government or your state rep. Don't sabotage their property because you don't like the way some of their clients use it.
Re:blocking software (Score:1)
Same goes for parents and kids. Kids aren't "real" people until they're 18. They aren't afforded the same rights as adults (and that's a good thing, in terms of things like penalties for crimes and such).
The only way it would be a violation of free speech is if the government mandated that every ISP have such and such installed and to disallow eeryone from accessing a certain black list of sites.
UCITA Circumvention (Score:2)
Save your work on a foreign server. If they try to say you worked on it here, disclose that the server where the work exists is located in Holland. They will say "you were located here while you typed it."
"No, I called my friend in Holland and repeated my program verbatim to him and HE typed it in."
Soon, you will be seeing laws passed that say "Intellectual property cannot be exported" (ala crypto) and the security guards doing mind-scans in the airport for any programming knowledge.
You can expand this via paranoia to any length. IANAL.
Way too hopeful (Score:1)
For most politicians though, the question isn't what makes sense, what is practical, or even what is right, it's "what will get me (re-)elected?" Freeer distribution of pornography is not an issue they would like to, or even could, take on in America. No matter how you well you wrap your opposition to censorware in the first amendment a large quantity of prigs and prudes in this country will not vote for such a politician. Ironically I think this is often because they must deny their own attraction to pornography, but that is another subject...
Then there is a small set of politicians that fully realize that a populace that thinks about issues and is well-informed is not good for their little games with pork, and their power brokering. These critters would like nothing better than a controlled media that didn't criticize the government, and a repealed 1st amendment would garner only crocodile tears, if that.
Finally, there is the constituency of our government, the mega corporations. These guys simply aren't going to care until you show them a bottom line effect. Unfortunately, what they see is that unless the smut is cleaned off the net they stand to lose billions in potential revenue from those that stay away or are kept away by restrictions on net usage. Look what happened with TV, we all have to view children's fare so that no potential product buyers will be offended. Advertising money looks to drive the net too.
Its a good fight, I believe it matters greatly. Pornography is being used as a wedge against the 1st amendment in the same way that pedophiles and terrorists are used to keep crypto restricted. But I do not see any organized body of people or interest group with the sway to win the fight. Kudos to the ACLU but they are more reviled than respected today, unfortunately. I see a *lot* of very organized opposition. Depressing. Only by educating at the grass roots is there any chance, and that's a long one.
Can't these utilities protect themselves? (Score:3)
1) continue, and forfeit any right to pursue the hosting site;
or 2) exit, without evidence that the program contravenes the DMCA;
leaving only the option of reverse-engineering the access control mechanism itself to prove anything?
Hamish
Re:The Internet and Democracy (Score:1)
Wpoliticians collecting more and more money over the internet you'd think they would pass more clueful laws about it.
--
Be insightful. If you can't be insightful, be informative.
If you can't be informative, use my name
Satire impaired (Score:1)
[you][are][,a,an,too,to][stupid,dumb,ugly,fat,i
...matches the official Onion motto, which not a little bit of irony relating to Cybersitter's error rate:
You are dumb.
Cybersitter: saving the world from the dolts of the net. (tm)
Easy Solution (Score:1)
not a random sample (Score:1)
Re:Open Source Censorware? (Score:2)
If the KKK and NAACP put up lists, take your pick. Or choose neither or both.
Maybe that way parents who don't want to take responsibility for supervising their children can at least take responsibility for choosing who they trust to take responsibility.
And maybe it will help the common folk realize that the open source community aren't just anarchists, but are really trying to help people get control of technology.
Reposted at Score:2 because I can't moderate today. If you're going to mod this down as redundant, then please mod up the parent coment and give GreyMatter [slashdot.org] the credit that he's due for this great idea.
Re:Open Source Censorware? (Score:2)
Rights (Score:3)
until you don't have the right to complain that they have taken away your rights.
Re:Up Europe! (Score:1)
FWIW, the significance of 625 lines -- aside from the specific number, which was chosen to provide a convenient set of divide ratios -- was that the active line period was essentially identical to that of the established 525-line NTSC system, so that 525-line and 625-line TV sets could use the same deflection yokes and horizontal output transformers. (Today this happy fact also allows conversion between the two standards without having to resample the image horizontally.)
Future? (Score:1)
Re:Rights (Score:2)
Maybe sell smut files? (Score:5)
Of course, it did not get far beyond the joking stage. I do suspect that a few people at the company kept copies of the porn lists for their own use. ;). And no, I was not one of them.
It's a little hard for a company to keep a straight face when selling a list of porn site (or publishing porn themselfs) and selling an internet filter or blocker. It's along the line of a virus protection software company also selling a virus writing kit.
CyberPatrol does have a page to check their list [cyberpatrol.com] to see if a site is on it. It does not do much good for seeing how good their list is, but at least you can check if your own site is on it.
User-agent "Mudcrawler" (Score:3)
Do you get the feeling that even the programmers know that their software is pretty much useless?
Try this. (Score:2)
Re:Future? (Score:1)
Lots of companies do this. (Score:2)
Remember when Consumer Reports rated a small SUV by Mitsubishi or Suzuki "unacceptable" because it tended to roll over in hard turns (the kind you would make trying to avoid a child or a deer)? The magazine is being sued for slander. The January issue has more details (it's on the web, for a fee).
PR Watch [prwatch.org] has an eye-opening series of articles about SLAPP (Strategic Lawsuit Against Public Participation) suits. Companies file them to bankrupt, and effectively silence, people who speak out against them (which is not the same as libel or slander). Oprah Winfrey was SLAPPed by the National Beef Council when she disparaged beef during the Mad Cow outbreak in Britain. An environmentalist in West Virginia was SLAPPEd by a coal mining company when he highlighted environmental abuses by the company.
Free Speech is becoming very expensive.
Re:User-agent "Mudcrawler" (Score:5)
Have fun if you have brains. If you do not you shall be filtered. Resistance is futile. Isn't technology wonderful?
Almost forgot - the described technologies do not consititute reverse engineering and as such do not fall under the provisions of the UCITA and the DMCA.
So this is how we must do... (Score:4)
On a web site hosting, for example, deCSS. Put the words "Any similarity between this program and any commercial products is purely coincidental. Reverse enginering of this program, wether by looking at the source or observing the operations of the program, for the sole purpose of finding such similarities is not permitted"
Let the system fight itself!
Re:User-agent "Mudcrawler" (Score:1)
Do you get the feeling that even the programmers know that their software is pretty much useless?
My guess would be that if Mudcrawler couldn't access your page, it would be assumed to be smut and blocked.
Ye gods! (Score:4)
DOH! Color me porn!
Funnily enough airwindows.com is not on any list I've ever checked. I say that because in the fiction section is at least one completed novel with adult themes, one short story with adult themes, and an unfinished novel with even more adult themes. All are basically sci-fi or fantasy and none are really gratituous- the closest that I get to gratituous is the last one mentioned, 'Aquarius', which is sci-fi and deals with a society so advanced in genetic engineering that you have 'races' of cat-people, dog-people, wolf and fish and fox ad infinitum people- and the springboard for the adult theme is this: what if humans went into heat? More, what if this was socially unacceptable and got fixed through surgery and medication, but the untreated condition also brought the ability for sharper concentration and fits of intensely hard work? (not to mention the obvious 'private benefits'- and even here, there's a dark side, as in heart attack risks and added stress)
I don't know how many Slashdotters have done serious literary writing, or how many people with 'geek values' are also writers. I _do_ know that I've walked a fine line of MY OWN CHOOSING in writing these things- wanting to deal with the fascinating concepts (it's a very geeky trait of mine that even sex is something to intellectually study in fascination rather than just wallow in), but not wanting to be pigeonholed as a tacky porno writer. As a result, I've had to work quite hard (but am pleased to do so), because if you're writing decently about this subject it _must_ be sensed and felt. Fiction is not a HOWTO, but neither is it a scholarly essay. If I'm setting up tensions they must be felt, they must involve- and interestingly, there seems to _never_ be any reason to use 'dirty keywords' or phrases- it's a lot more effective to take the time and energy to write up such a scene properly. And 'effective' does mean inflaming the imagination- that's what fiction is _for_.
It's ironic- I've never been a particularly prurient writer. I've never written outright porn (this despite the fact that I know where I could sell it for a damned decent price, I might add). My fine line of decency is discreet enough that, even when I write about adult topics, I tend to delicately slip away from the focus of the matter. And yet, every time I read about this damn censorware nonsense, I am more inclined to take my existing approach and really _run_ with it. There's no reason I have to show such decorum. I'm quite capable of taking my SF/fantasy stuff, dealing with the adult topics that do interest me, absolutely going for the throat (or, uh, other areas :) ) and STILL not using any Dirty Keywords.
I consider this the hidden cost of what the censorware people are doing. Eventually they may just have to _read_ my fiction writing and ban me on _content_ alone despite my tendency to not use dirty words. If they are capable of banning 'gay culture', then they are capable of banning the adult situations of entirely fictional characters which aren't even human in the normal everyday sense. But to do so they'll have to actually read it- and they'll also have to really drop the pretense and stand revealed as the bookburners they are.
In conclusion: censorware people? "You are stupid". Pardon my _obscene_ _words_. furrfu.
maybe the parents should get a clue (Score:2)
IMHO, blocking websites from children should not be done by software but by the parents. If they can't sit down with the kid for a few hours a week to browse disney.com, they probably shouldn't have had children.
Of course, not every parent will sit with a child while they're looking information about volcanos for a school project. This is what history/cookies/cache/ip logs are for - you can *always* find a way to monitor what your kids did.
The best analogy I can think of is not allowing children to watch porn on tv. Sure, they'll still do it on occasion (and they should, eventually), but it won't be done on every day basis.
As for public access from libraries, maybe it's time to face the fact that "CLICK HERE IF YOU ARE UNDER 18" rarely gets pressed. Maybe the public terminals could only be accessed by people of legal age.
On the other hand, I wouldn't want to be checking out porn in *any* public place...
Food for thought. Now it's time to put on my anti-flame suit.
Cheers,
Bart
Re:not a random sample (Score:1)
Sure it is! Flip a coin. It comes up heads. Is there a better chance for the next flip to be tails? No, the chances for tails are still 50-50. Selecting the first 50 URLs is just as random as selecting the last 50, or 50 arbitrary ones in the middle. It's even conceivable that a purely arbitrary method of selecting 50 URLs could, in fact, select the first 50. In this case, would you suggest resampling so as not to get those certain first 50? In that case, you would in fact be making the sampling less random. You never know. Statistically, though, selecting the first 50 still constitutes a random sampling.
Re:not a random sample (Score:2)
Actually, I just went through all of the "geocities.com/SiliconValley/*" sites listed as a quick test. Most didn't exist, and of those that did, only 4 (out of 20 or so) actually had pr0n on them. I might put together a quick test utility to pull down 1000 pages and look them over. That would probably give a more accurate percentage of invalid blocks. Keep selecting random URLs from the list until I've got 1000.
Anti-slapp (Score:1)
In my case [sorehands.com] with Mattel, I am arguing that their countersuit violates the anti-retsliation provisions of the FMLA, ADA, etc. This opens them up for unlimited puntive damages.
.
Legalese translation of software licenses. (Score:1)
Stoplists don't work (Score:2)
Ahh, another example of why stoplists don't work, especially on something as nebulous as the Internet.
My new iMac came with a web blocking package, so I decided to see how it works. I don't recall the name of the package, but they do it the right way -- there is a list of "approved" sites, and the person in control (parent, teacher, etc.) can add sites.
The software blocked RedHat [redhat.com], for example, but it was trivial to go in and say, "Naw, it's ok for my kids to go there" and add it to the "ok" list.
Interestingly, Dav Pilkey [pilkey.com] is on the default "ok" list. So apparently being dangerously subversive isn't enough to prevent approval.....
Re:Blocking by /keywords/ ?!?! (Score:2)
Then, the parents could tell the proxy server which other reviewers they trusted, and the proxy would block access to any URL that had been flagged by either the parents or their trustees.
The technology for doing all this seems pretty simple ... the biggest programming challenge, I think, would be the interface.
--
"But, Mulder, the new millennium doesn't begin until January 2001."
Re:Open Source Censorware? (Score:1)
Your idea should be very effective, if done right.
Here are a set of "rules" that could be used in conjunction with a proxy to moderate a web site in a public library;
Don't filter "adult" users or younger people who have been allowed access by a parent/guardian.
Log all data retrieved from a web site.
Keyword and pattern match 'suspect' sites/pages.
Have a real, live, human check the 'suspect' pages.
If sensitive/offensive, tag the page with a set of labels and/or levels.
Submit the tags to an organization that maintains the database of all tagged sites.
Intentional mis-labeling -- to censor political views or because of excessive prudishness -- will revoke previous entries by that person in the database without review.
(The last item will give a level of checks and ballences to prevent zealous groups or individuals from forcing an agenda.)
In the case of grade school (pre-college), the students would be told that it's OK to innocently bring up a page. Since what they read will be tracked *individually*, don't do it intentionally. If a pattern of pages that deal with inappropriate content are pulled up, they can be added to the local list, submitted, and/or the *individual* can get a preverbial "note to the parrents".
The idea here is to provide an open, public, and *distributed* method of using a proxy...and one that could be taylored to "community standards" without pestering 100% of normal people. :)
Problems, gripes, call me an idiot, but it seems like this problem is not too hard to solve reasonably...without giving up all the rights the bigots want to have us give up.
Surf with your kids (Score:3)
The web forces us to make decisions about who's spin is valid something kids didn't have to deal with in the days of the one way media monolith. Perhaps it will force us to be better and more involved parents.
Re:Every large company is guilty... (Score:2)
No it's not. The only thing that even remotely forbids this is the provision in most EULA's that prohibits it, but most companies with a reasonable legal budget will have no problem getting that shot down should the need arise.
I think the big thing here is that the software industry wants an exception to law that no other industry gets; reverse engineering is actually protected by law in this country. The software industry is still just trotting out the tired old 'software is different' mantra that keeps them out of trouble with things like the consumer protection laws, and unfortunately, people are still falling for it.
Re:Every large company is guilty... (Score:1)
Re:Blocking by /keywords/ ?!?! (Score:2)
Re:Building smut file (Score:2)
Re:Can't these utilities protect themselves? (Score:2)
If my understanding of copyright law is correct (IANAL!), DeCSS is copyrighted by the author(s), even if the function of the program may be illegal.
If the MPAA/whoever ignores the license agreement and decides to crack the encryption on the self-extracting archive anyways, you can simply turn around and file a countersuit against them under the auspices of the DMCA for unauthorized circumvention of a technological means for controlling access to a copyrighted work.
Re:User-agent "Mudcrawler" (Score:2)
Given the ones I've interviewed for articles on this subject (for Network World Canada), yes. The people who produce these products are fairly aware that they're playing on parental and school board insecurity to sell something.
That's why many of these products spend less effort on blocking pages (since kids can get around them, often just by using numerical IP addresses) and focus instead on logging everything the user does. That way, mommy and daddy can check the log later and see that little Timmy was looking at porn and little Susie was reading about wicca (a common target of censorware).
This is, of course, even more insidious, because a confused kid looking for honest information on sexual orientation, diseases, etc. can think they're safe, only to have someone come down on them later. What better way to pry into your kid's life than give them a false sense of privacy?
The people making the software exude an attitude of giving parents control, not of protecting children. And proudly so.
-- Kimberly "evil liberal" Chapman
Re:Like I've said before... (Score:2)
They shouldn't. If you go out into the world, you should expect to see the world.
Re:Anti-slapp (Score:1)
And civilised countries have a loser-pay system.
Re:not a random sample (Score:1)
Re:blocking software (Score:1)
Not as long as people are not forced by the government to use this software, which is why the library thing is a big deal. Example: You don't have to go to a bookstore and buy a copy of Hustler. And Barnes and Noble might choose not to carry that kind of magazine. Free speech is the ability to make your own decisions about what you look at or listen to or even sell. This software does not violate that right unless you are forced to use it. A violation of free speech would be if bookstores that sold Hustler were closed down and you couldn't buy it whether you wanted to or not.
You can get around that (Score:2)
Instead of the dialup, you can go through an anonymizer or URL rewriter. Many of those are also blocked by SurfWatch, but not fr0.idzap.com. It's free, but you have to have look at an extra banner ad. It also doesn't require you to change your proxy setting. Any site that's in their blocked site list will go through (like TheOnion) but URL's that have keywords in them still get blocked.
Re:Open Source Censorware? (Score:2)
Quis custodiet ipso custodes? (Score:1)
I find it irritating that censorware companies suggest this as a suitable means to find whether a site is blocked or not. These are just fine if the address is known, but what about hyperlinks that don't show the address? In those cases, all you can do is click and hope it doesn't give a 403 error.
The other question that I have is this: what keeps the proxy server from substituting a 403 (forbidden) error return with a 404 (page not found) error code? "I don't know what you're so upset about - it's obvious that this page just doesn't exist any more..."
Or am I just being paranoid?
Re:Can't these utilities protect themselves? (Score:2)
Better yet, encrypt it.
That's what I said! ( "self-extracting encryption wrapper" ).
My main concern is that another party (i.e. not the person who accepts the license agreement) could bring charges against the author / hosting site.
Anyone got any ideas how to ensure that this could not happen?
Hamish
Re:Lots of companies do this. (Score:2)
Due to this 'undocumented feature' it got the nickname "Suzuki Suicide" (vs. Suzuki Samuri(sp?) which I believe was the vehicles original name).
They can't burn books so they go after the WWW (Score:2)
But because it's the Internet rather than books it's ok. I never could grok this attitude.
It's as though any media that has popular appeal is to be feared and attacked. With a few exceptions art exhibitions are not censored, but every cinema film is in most countries and TV is constantly redefining the lowest common denominator. It's such a poodle the censors don't even need to threaten it.
What qualifies as Europe...? (Score:3)
More importantly, how does/will law deal with the Zen koan that is the Internet -- it being both everywhere and nowhere all at once?
Re:User-agent "Mudcrawler" (Score:1)
Damn, my server is down! Oops! Looks like my billion dollar DotCom site is now listed as smut!
Re:not a random sample (Score:1)
Mmm, not really. What if the list is alphabetical, and entries in the "a" section correlate with porn? Or not porn? The first 50, last 50, or middle fifty are all clusters -- decidedly not random. While you're right that it's possible, but highly unlikely, that a random sample would select the first 50 .edu sites, intentionally selecting the first 50 .edu sites is certainly not random.
Besides, it's easy to pull out all the .edu's and do a truly random sample. That's probably what they should do to be methodologically precise.
-schuss
Re:Up Europe! (Score:1)
Then all the remaining viable innovation will go overseas.
This is precisely what they are attempting to do: choke the flow of information. If you can accuse anyone of "reverse engineering" if they decrypt a "trade secret", then all MS would have needed to do is rot13 the Halloween documents [opensource.org] and noone but the government could legally investigate their activities.
--
Re:Blocking by /keywords/ ?!?! (Score:1)
The general public ... (Score:2)
But then again, let the software moguls à la M$ have their way, and let us go ahead with UCITA. It will only put off more people who will turn to open source instead.
Responsibility (Score:2)
People need to realize that by not taking responsibility for your actions (or inactions) you are giving up your right to make decisions and causing others to make them for you. If you don't make your own decisions on what is good for your children to see and what's not... don't complain when someone else does for you and you don't get any say.
As far as reverse engineering goes do you think Apple would have sued Microsoft? Almost every major computer company got where it is today by reverse engineering something someone else already did. If the government wants to stop the technology boom I see no better way of doing it.
If words were wisdom I'd be talking even more.
GIGO (Score:1)
There output(votes) is based on there input(lobbyists). Our representitives can not read and interpet every piece of legislator that comes there way, it is just too much stuff.
Now the good thing is YOU can be a lobbiest. Just Fax or Write them why you feel something is wrong. Form a group of concerened people, A good place to start is A local Linux user group(LUG) or any user group will do. In my experience, two people who vehamently oppose each other in a BSD/Linux debate, still have the same opinion about freedom on the internet.
Take time to explain to your boss why this is bad for the company. Tell your parents why it is bad for them, you, and there grandchildren. Most people want to keep there freedom, but it's up to us to let them know when there losing it.
Contrary to public opinion, You can make a diffrence.
It also helps if you, at least, register to vote.
There are some generalities in the above statement, but my point is still valid.
I mentioned the Linux/bsd debate. It was used as an example, please don't use this post as an excuse to flame each other.
Orwell was very close, but he thought it would be the goverment, when it should have been big business. And if you think things like this can't happen in our country, remember MaCarthism.
Great ironies -- Codebreaker is censored! (Score:2)
Slashdot itself may soon be censored, after all, for harboring open discussion of the propriety of censorship, or the reverse engineering of censor listings. Such censorship censorship is useful for censors who would avoid review of the "quality" of their censorship.
At any rate, I am sad to report that, at least, our Novell BorderManager improvidently censors the link. Are there others?
It was a joke. (Score:1)
But besides that, by putting in a small wait, would make it the slowest distributed system in the world.
Re:"trial and error" is reverse engineering? (Score:1)
If I simply watch how something works I can design another thing that works in the same way. The internal components may be different or not, but if both the first designer and I followed the current engineering practice, there is a strong chance that we will arrive to similar designs
From what I know, if you examine how it works without examining the internal components (ie by treating the item as a black box and analysing patterns in its input and output) then this is known as a "clean room implementation" and is not classed as reverse engineering. Am I correct?
Phillip.
Re:Legalese translation of software licenses. (Score:2)
this software comes with no warrantee. its not my fault if it breaks your computer, deletes your files, orders pizza in your name, or tries to sleep with your girlfriend. its just not my damned fault - ok?
;-)
--
blocking software (Score:1)
Aren't their actions a direct violation of Free Speech? Not that we _really_ still retain our free speech rights, now it all hasta be 'p.c.'
How is it that corporations and companies get away with saying whatever they want, and shutting down the poor sods that disagree with them?
I thought the bill of rights was for citizens, not companies.
This is just another example that the time is nigh to rear up our collective head, and grab these jokers in our maw and not let go until they lie twitching on the ground.
Its no longer a joke, folks. It's time to get up, stand up, and fight for the right to
wake up and smell the napalm.
and lob a few funky bombs where it hurts.
"trial and error" is reverse engineering? (Score:3)
From my point of view, the law should say: "reverse engineering is permitted. 'Reverse engineering' is hereby defined as any method by which someone may gather information about how a software or hardware works".
Anything else is ridiculous. If I simply watch how something works I can design another thing that works in the same way. The internal components may be different or not, but if both the first designer and I followed the current engineering practice, there is a strong chance that we will arrive to similar designs.
If a design is original, and the owners want to protect it, they should *patent* it.
Moderators, take note:
1)Read the moderation guidelines before moderating anything
Up Europe! (Score:2)
Although all these restrictions will be a pain for the time being, I can't see how the law can continue to fly in the face of progress for ever. I remember reading "The Hacker's Handbook" (remember that?) in the 80s and all the controversy that caused. Back then, computer 'crimes' were being dealt with by analogy to existing laws. People in the UK were prosecuted for 'theft of electricity' and 'trespassing' until such a time as the law caught up. Now it seems like the law is getting ahead of things and listening to corporations rather than Real People.
As long as the flow of information continues, this can't go on forever.
Mattel wants it illegal to embarass them! (Score:1)
For those who don't know, I posted the information about my lawsuit [sorehands.com] against them. They filed a countersuit for libel, saying the information on the site is not true. They still continue with this countersuit after they paid over $140k to me in a judgment. If the information on the site was not true, why would they pay so much money for a lawsuit which is detailed on the site?
Mattel Threatened one kid who put some Barbie jokes up at school [nmt.edu]. I was informed that Mattel also is going after Barbie Benson and her site Barbie's Sin Circus [barbiebenson.com] for using the name Barbie. It has nothing to do with the doll (except, when you see her pic, you'll see she's a doll ;).
Make sure parents are informed (Score:2)
For Google, the way to improve peacefire's exposure is to link it from your own personal web pages and make sure those pages are indexed. I dunno about other search engines.
-jwb
Don't forget compartmentalization of knowledge (Score:1)
--
Re:Blocking by /keywords/ ?!?! (Score:1)
That's a great idea. However, I read something here yesterday (on jamie's [slashdot.org] library story) that makes this a bad idea.
If you're a kid, and your parents are abusive, you don't want them to see you researching how to [run away|get help| remove yourself from their control]. If you're a fifteen year-old girl, you may not want your dad to see that you accessed Planned Parenthood looking for information on contraceptives.
There are other examples as well. These are situations where complete disclosure could potentially put someone's life at risk (especially the first example).
Any suggestions as to how to get around this problem, while still implementing this idea?
Here's my [redrival.com] copy of DeCSS. Where's yours?
Trade Secret? (Score:1)
--Hephaestus_Lee
Filtering software (Score:1)
I am not condoning this product in any way, but the company I work for uses Websense [websense.com] to do it's filtering of the company Internet feed. Now they at least let you see what category a site is blocked under and you can tell them they got it wrong and they will review the URL. You can even suggest new sites they don't have yet.
Now I guess they figure (correctly IMHO) that you pay for the service or correlating all these URLS and the actual list should be open and as much controlled by users (suggest updates, suggest corrections) as the company.
Censorship is wrong and not letting customers participate in the list management is even more blatent giving up your rights.
Scorched earth! (Score:1)
Re:Lots of companies do this. (Score:2)
CU has expressed the opinion that SUVs are frivolous, gas-hungry, clumsy and wasteful. As a motorcycle rider in SUV-saturated Atlanta, I am inclined to agree with their assessment (and add further opinion on the typical driving abilities of their owners), but if there is a hidden editorial agenda which is influencing their testing methods, this is clearly cause for concern.
Is this a SLAPP suit? Sales of the Isuzu Trooper, which several contemporary offroad and 4WD magazines praised, suffered horribly after the Consumer Reports article. But it's worth noting what the Isuzu/Suzuki lawsuit tries hard to ignore--while the Trooper and Sidekick failed the lane-swerve test by rolling, that the Chevrolet Tahoe, Nissan Pathfinder, and Toyota 4Runner in the same article all passed the test acceptibly.
--
Re:What qualifies as Europe...? (Score:1)
I'm not a lawyer, though, so what do I know? At any rate, I think this isn't so much a legal question than a practical question of 'whose cops patrol my neighborhood?'
--
Re:Like I've said before... (Score:3)
Good point. Though the sandwich should be replaced by a baseball bat dipped in glue and broken glass a few times.
Continuing my previous post on SMUTSITE-miniHOWTO which was kind of vague. The following cause a well defined smut site to be greperitus resistant:
These are only antipattern matching HTML techniques. Pure networking intentionally omitted:
- The discussion on Java script injection in HOTMAIL on Bugtraq is a very good guide on masqing characters. Specifying a character as an escaped HEX, specifying it by HTML code, specifying it inside JavaScript Function, etc ad naseum. In order to match these the search engine will have to start interpreting HTML as a browser. Guess how much resources does this take.
- Though brilliant the BUGTRAQ discussion is highly limited. Javascript is more sensistive than pure HTML to bastardizing. In order to bastardize HTML the following options are also available: insert non-breakable spaces, tabs, backspaces, etc through their HTML encoding equivalents.
- Best of all use a pattern matching algorithm yourself and whenever you find smut in a page you shall display replace all "offending" f...oids, s...oids, etc with a mixture of randomly selected escaped alternatives. Ala stealth virus techniques.
And best of all make your smut site to operate via post style CGI's filling form values via JavaScript. There is no robot designed for these. And it is least likely to be designed beacuse this will require the robot to go as far as running javascript.If smut filter vendors had a clue on how evasive their subject is they would have been in a different business by now.
A little off-topic, but related. (Score:3)
going to outlaw all reverse-engineering? Do the major software companies really want this?
If you go into any major software program they almost all support importing/exporting into some competitors format. Are these competing formats open standards? I doubt it; they were probably reverse-engineered. Or what about Microsoft reverse-engineering of the AOL messenger protocol? That would now be illegal?
Is this the end of interoperability between proprietary packages?
Re:Rights (Score:2)
Methinks you missed the point.
He was talking about solving the problems of corruption in the government that allows legislation like UCITA to become law, not solving the problem of buggy software. If the government decides that it would rather serve its own interests and those of its biggest financial backers, then it is the duty of the people to remind them that it just ain't so. If this requires force, then it's the government that brought it on itself.
Re:Blocking by /keywords/ ?!?! (Score:2)
--
"But, Mulder, the new millennium doesn't begin until January 2001."
that would suck... (Score:2)
And civilised countries have a loser-pay system.
I doubt that would work well. You'd have to find really good lawyers to represent you in order to even have a chance at standing up against the lawyers that a big corporation can field. You wouldn't have a choice. The corp is going to spend a ton of money fighting you, whether you hire the best lawyers you can get or not. If you don't get good lawyers, the corp will probably win and you'll be in debt for life. If you do get really good lawyers, then your financial future is entirely dependent on the outcome of the case, because you will end up paying not only your own legal bills, but also the corp's legal bills if you lose. As we've seen in many cases, being right doesn't mean you'll win, especially if you have a case related to technology (the courts haven't been real impressive in their grasp of technology issues). Such a system would probably destroy a lot of people.
THE X-STOP FILES: The Truth Isn't Out There (Score:2)
THE X-STOP FILES: The Truth Isn't Out There [spectacle.org]
Brave New World? (Score:2)
Every large company is guilty... (Score:2)
How many times has a programmer been told to duplicate a competitors feature and started by looking at how the competitor has done it. Often the next logical stage is to reverse engineer that feature to get a better understanding of it, especially if the method used is not obvious. Yes this is illegal, it probably should be as well but without doubt a programmer in every large organisation has done it.
Of course they don't tell the world they did it...but if they can't stop it being done for corporate profit should they really stop it for community awareness?
X-Stop is amazing great technology (Score:2)
From their website (emphasis added):
Here's what DAB has to do:
1.User requests a URL through a browser
2.Before the computer even gets the keystrokes, the URL is translated (if necessary) and compared to the URL list. Because this is done with numbers instead of letters (there are only 10 digits! There are 255 characters...) the response is nearly instantaneous. If the site is on the blocked list, the screen is covered, and the violation message is displayed.
You little wankers just can't understand that. Go back hacking your silly kernels toys and let real people transfer keystrokes to base-10 number before the computer get it.
Blocking by /keywords/ ?!?! (Score:4)
Good grief. I mean, according to those bits of search file, doesn't having the phrase "you are too stupid" on a page sucessfully match?
Maybe we need a publicly accessed "blocker"... kind of like NoCeMs in usenet - you basically pick a set of "trusted" people who you rate as being able to block stuff. The christian fundies can all subscribe to christian fundie blockers for all the categories, whereas a merely concerned parent might just go with someone a bit less radical.
Having a centralised system just seems hugely open to all kinds of manipulation: right from the naive bozoness that seems to permeate the industry these days to corruption, bribery and even actual criminal intent. Distributing the system removes a large amount of that failure.
I mean personally, I kind of think it would be nice to trust sites to rate themselves as "porn" or "unsuitable for minors" or "religious content", but I can see why people wouldn't trust it. The porn sites include "perl" in meta-tags and stuff. Honesty doesn't exactly seem to come hand-in-hand with web businesses. (Business models built on hit-counts seem basically flawed to me. Would you want to advertise on a page whose basic method of getting people to go there was to con them? Great chance they'll read the ads then...)
Distribution has to be the way to go. Undermine the obviously broken corporate approach with an open standard that ends up being free.
Legal risks led to one programmer quitting (Score:3)
Re:Try this. (Score:2)
That means anybody can set up an anti-censorship proxy. It's easy to block one or two proxies (a lot of filters already block Anonymizer and Rewebber), but when everyone with bandwidth to spare runs a proxy, the censors can't possibly keep up.
... (Score:2)
NOTE: This story is licenced under the GPL version 2.
It is a dark and stormy night in a dark and stormy town. Tonight we find
ourselves looking apon Dick and Jane, two programmers bundled up by the fire
discussing current events:
"So, Jane, how was your day?" says Dick.
"Oh, fine. You know, I just heard about this interesting program that is
creating quite a fuss." says Jane, "It is called 'css_descramble.c'.".
"Wow," Dick enthused, "I have heard of it. My buddy kept talking about it.
He couldn't stop mentioning how it was...how did he put it? Ah yes, 'Released
under the version 2 of the GPL and Copyright 1999 Derek Fawcus'".
Jane jumped with joy. "I am so glad you have heard of it. I happen to
have
a copy. Here, look. The very first thing it does is '#include '
then
it has '#include '."
"You are right, but you forgot '#include "css-descramble.h"'" Dick
admonished.
Jane blushed, "Silly me. Well, we should have a look at the code. It
seems to start with 'typedef unsigned char byte;'. Then it moves right
along
to an array. What is that? Oh, 'static byte csstab1[256]={'"
"I know!" Dick blurted, "lets play a number game! I will say a bunch of
numbers, then you can repeat the numbers. Ready?
'0x33,0x73,0x3b,0x26,0x63,0x23,0x6b,0x76,0x3e,0
0x7b,'"
"Hmmm...that is one long list of numbers...let me see. Was it, '
0xd3,0x93,0xdb,0x06,0x43,0x03,0x4b,0x96,0xde,0x
x9b,'?"
Dick frowned, "That is completely wrong! Well, let me try again,
'0x57,0x17,0x5f,0x82,0xc7,0x87,0xcf,0x12,0x5a,0
0x1f,'"
Jane furrowed her brow, "I think I can do this one,
'0xd9,0x99,0xd1,0x00,0x49,0x09,0x41,0x90,0xd8,0
0x91,'?"
"Wow!" dick exclamed, "You suck! Third time is the charm:
'0x3d,0x7d,0x35,0x24,0x6d,0x2d,0x65,0x74,0x3c,0
0x75,'. Got it?
"I think so," Jane said, "Is it
'0xdd,0x9d,0xd5,0x04,0x4d,0x0d,0x45,0x94,0xdc,0
0x95,'?"
Dick scowled, "No, no, no! It is,
'0x59,0x19,0x51,0x80,0xc9,0x89,0xc1,0x10,0x58,0
0x11,' or is it,
'0xd7,0x97,0xdf,0x02,0x47,0x07,0x4f,0x92,0xda,0
0x9f,'? That is not right. It could have been,
'0x53,0x13,0x5b,0x86,0xc3,0x83,0xcb,0x16,0x5e,0
0x1b,0xb3,0xf3,0xbb,0xa6,0xe3,0xa3,0xeb,0xf6,0x
xe6,0xfb,0x37,0x77,0x3f,0x22,0x67,0x27,0x6f,0x7
2a,0x62,0x7f,'. No that is too many letters...."
"I remember!" Jane interupted "It is
'0xb9,0xf9,0xb1,0xa0,0xe9,0xa9,0xe1,0xf0,0xb8,0
0xf1,0x5d,0x1d,0x55,0x84,0xcd,0x8d,0xc5,0x14,0x
xc4,0x15,'. Well, either that or
'0xbd,0xfd,0xb5,0xa4,0xed,0xad,0xe5,0xf4,0xbc,0
0xf5,0x39,0x79,0x31,0x20,0x69,0x29,0x61,0x70,0x
x60,0x71,0xb7,0xf7,0xbf,0xa2,0xe7,0xa7,0xef,0xf
aa,0xe2,0xff'"
"Boy, that was harder than I thought." Dick sighed. Where were we in
the
code? Ah yes, '};static byte lfsr1_bits0[256]={'".
"You skipped a bunch" said Jane, "Besides, I am still not ready to look
at
that again. I feel like counting. In hex!
'0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x09,0
0x0e,0x12,0x13,0x10,0x11,0x16,0x17,0x14,0x15,0x
x1d,0x1c,0x24,0x25,0x26,0x27,0x20,0x21,0x22,0x2
28,0x2b,0x2a,0x36,0x37,0x34,0x35,0x32,0x33,0x30
b,0x3a,0x39,0x38,0x49,0x48,0x4b,0x4a,0x4d,0x4c,
,0x44,0x45,0x46,0x47,0x5b,0x5a,0x59,0x58,0x5f,0
0x51,0x56,0x57,0x54,0x55,0x6d,0x6c,0x6f,0x6e,0x
x66,0x67,0x60,0x61,0x62,0x63,0x7f,0x7e,0x7d,0x7
77,0x74,0x75,0x72,0x73,0x70,0x71,0x92,0x93,0x90
b,0x9a,0x99,0x98,0x9f,0x9e,0x9d,0x9c,0x80,0x81,
,0x89,0x88,0x8b,0x8a,0x8d,0x8c,0x8f,0x8e,0xb6,0
0xb1,0xbf,0xbe,0xbd,0xbc,0xbb,0xba,0xb9,0xb8,0x
xa2,0xa3,0xad,0xac,0xaf,0xae,0xa9,0xa8,0xab,0xa
de,0xdd,0xdc,0xd2,0xd3,0xd0,0xd1,0xd6,0xd7,0xd4
d,0xcc,0xcf,0xce,0xc0,0xc1,0xc2,0xc3,0xc4,0xc5,
,0xfb,0xfa,0xf9,0xf8,0xf6,0xf7,0xf4,0xf5,0xf2,0
0xee,0xe9,0xe8,0xeb,0xea,0xe4,0xe5,0xe6,0xe7,0x
When jane finished she looked exausted. As she collapsed, she uttered
the
cryptic phrase, '};static byte lfsr1_bits1[512]={'.
Dick slapped Jane back to consciousness. "You counted wrong. You are
delerious. Repeat these numbers until you feel better,
'0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,'"
Jane smiled, "Numbers always make me feel better. I will repeat those
numbers,
'0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
b6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb
2,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,
,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0
0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x
x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6
24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49
0,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,
,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
b6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb
2,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,
,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0
0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x
x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6
24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49
0,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,
,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
b6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb
2,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,
,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0
0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6d,0x
x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49,0x6
24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,0x49
0,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0x24,
,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x00,0
0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xff,0x
xdb,0xff,0x00,0x24,0x49,0x6d,0x92,0xb6,0xdb,0xf
"'};static byte bit_reverse[256]={'," Dick swore. "That gave me a
headache."
But Jane still continued to repeat the numbers, So Dick was forced to
drown Jane out with his own numbers, "Two can play at that game,
'0x00,0x80,0x40,0xc0,0x20,0xa0,0x60,0xe0,0x10,0
0xf0,0x08,0x88,0x48,0xc8,0x28,0xa8,0x68,0xe8,0x
x78,0xf8,0x04,0x84,0x44,0xc4,0x24,0xa4,0x64,0xe
b4,0x74,0xf4,0x0c,0x8c,0x4c,0xcc,0x2c,0xac,0x6c
c,0xbc,0x7c,0xfc,0x02,0x82,0x42,0xc2,0x22,0xa2,
,0x32,0xb2,0x72,0xf2,0x0a,0x8a,0x4a,0xca,0x2a,0
0xda,0x3a,0xba,0x7a,0xfa,0x06,0x86,0x46,0xc6,0x
x56,0xd6,0x36,0xb6,0x76,0xf6,0x0e,0x8e,0x4e,0xc
9e,0x5e,0xde,0x3e,0xbe,0x7e,0xfe,0x01,0x81,0x41
1,0x91,0x51,0xd1,0x31,0xb1,0x71,0xf1,0x09,0x89,
,0x19,0x99,0x59,0xd9,0x39,0xb9,0x79,0xf9,0x05,0
0xe5,0x15,0x95,0x55,0xd5,0x35,0xb5,0x75,0xf5,0x
x6d,0xed,0x1d,0x9d,0x5d,0xdd,0x3d,0xbd,0x7d,0xf
a3,0x63,0xe3,0x13,0x93,0x53,0xd3,0x33,0xb3,0x73
b,0xab,0x6b,0xeb,0x1b,0x9b,0x5b,0xdb,0x3b,0xbb,
,0x27,0xa7,0x67,0xe7,0x17,0x97,0x57,0xd7,0x37,0
0xcf,0x2f,0xaf,0x6f,0xef,0x1f,0x9f,0x5f,0xdf,0x
At this, Jane opened her eyes wide, she began shaking and speaking in
tounges. "Bloogle said, '};static void css_titlekey(byte *key, byte *im,
byte invert){unsigned int lfsr1_lo,lfsr1_hi,lfsr0,combined;byte o_lfsr0,
o_lfsr1;byte k[5];int i;lfsr1_lo = im[0] | 0x100;lfsr1_hi = im[1];lfsr0 =
((im[4] >8)&0xff] >16)&0xff]>24)&0xff];'" Jane
said as she rolled her eyes. "Lograth
told Jane, 'combined = 0;for (i = 0; i >1;lfsr1_lo = ((lfsr1_lo&1)>8)^lfsr0)>>1)^lfsr0)>>3)^lfsr0)>>7)
(lfsr0>>8)|(o_lfsr0>= 8;}'" His voice cresendoed as he reached the height of
the epic
function,
'key[4]=k[4]^csstab1[key[4]]^key[3];key[3]=k[3]
]=k[2]^csstab1[key[2]]^key[1];key[1]=k[1]^cssta
^csstab1[key[0]]^key[4];key[4]=k[4]^csstab1[key
b1[key[3]]^key[2];key[2]=k[2]^csstab1[key[2]]^k
[1]]^key[0];key[0]=k[0]^csstab1[key[0]];}'"
Jane relaxed vissibly. At that point there was a knock at the door. Dick
got up to answer it.
"Oh dear," said Dick. Jane rushed to see the problem.
At the door was a a robot gone awry. "Illegal function." It said in
monotone, 'int css_decrypttitlekey(byte *tkey, byte *dkey, struct playkey
**pkey){byte test[5], pretkey[5];int i = 0;for (; *pkey; ++pkey, ++i)
{memcpy(pretkey, dkey + (*pkey)->offset, 5);css_titlekey(pretkey,
(*pkey)->key, 0);' Illegal function,
'memcpy(test, dkey, 5);css_titlekey(test, pretkey, 0);if (memcmp(test,
pretkey, 5) == 0) {fprintf(stderr, "Using Key %d\n", i+1);break;}}if
(!*pkey) {fprintf(stderr, "Shit - Need Key %d\n", i+1);return
0;}css_titlekey(tkey, pretkey, 0xff);return 1;}' violates rules. Illegal
function."
"Illegal function. What do you suppose it means?" wondered Jane.
"Hmm..." said Dick. "Lets see if we can fix the robot with some new
instructions."
"Robot, enter command mode" Ordered Dick.
"By using this robot you agree not to reverse engineer, distribute, rent,
or use this robot for purposes not explicitly..."
"Whatever," Dick interupted as he pressed the glowing accept button on the
torso of the robot, "Robot, enter command mode."
"Ready for commands"
"Command: 'void css_descramble(byte *sec,byte *key){unsigned int
lfsr1_lo,lfsr1_hi,lfsr0,combined;unsigned char o_lfsr0, o_lfsr1;unsigned
char *end = sec + 0x800;#define SALTED(i) (key[i] ^ sec[0x54 + (i)])'" Dick
paused for a breath, "'lfsr1_lo = SALTED(0) | 0x100;lfsr1_hi =
SALTED(1);lfsr0 = ((SALTED(4) >8)&0xff] >16)&0xff]>24)&0xff];sec+=0x80;combined = 0;while (sec != end)
{o_lfsr1 = lfsr1_bits0[lfsr1_hi] ^
lfsr1_bits1[lfsr1_lo];lfsr1_hi = lfsr1_lo>>1;lfsr1_lo =
((lfsr1_lo&1)>8)^lfsr0)>>1)^lfsr0)>>3)^lfsr0)>>
(lfsr0>>8)|(o_lfsr0>= 8;}}'
End
command."
At this point the robot did something very frightening. It blew up.
Dick and Jane shielded thier eyes. When they were finally able to see
again,
they were shocked by what lay before their eyes. When the robot exploded,
it
released thousands of fliers. The fliers flew for miles around. On each
flyer the reader was greeted with the source code for a program.
Open Source Censorware? (Score:3)
Re:"trial and error" is reverse engineering? (Score:2)
Also, it seems that the library isn't allowed to browse its own web access log in order to see what has been blocked by censorware. Cute.