Be very afraid.
March 13, 2001 7:57 AM   Subscribe

Be very afraid. The only real solution to this is backlash and boycott. Technical solutions to "InTether" are inadequate (especially since every such will be a violation of the DMCA). If content vendors will only sell their material this way, don't buy! (Ultimately, it's going to take an act of Congress to straighten this all out. How about a law making it illegal to prevent "fair use"?)
posted by Steven Den Beste (30 comments total)
 
By the way, link courtesy of Ars Technica.
posted by Steven Den Beste at 7:58 AM on March 13, 2001


The InTether software can achieve these goals because it is ''basically an add-on to the operating system,'' Friedman explains.

Herein lies the double-edged sword of having a dominant OS. Anyone for Linux?
And 300K? I guess it's "thin" based on the application... for MP3s, sure, it's a drop in the bucket. For 12K text files, that's bloat.
posted by hijinx at 8:16 AM on March 13, 2001


It's a cute scam. It won't work.
posted by muppetboy at 8:17 AM on March 13, 2001


The key to understanding one reason why I think that this plan will not work is right atthe end of the article, where it states: a hacker gang like global hell, renowned for vandalizing Web sites, could plot and coordinate a hack attack -- to deface it with virtual graffiti, say, or pillage it of passwords and credit card numbers -- all the while secure in the knowledge that the electronic correspondence among gang-members could be rendered uncopyable, unprintable, unforwardable and guaranteed to self-destruct on or before the day of the attack.

Due to this capability, this product is sure to come in conflict with all sorts of anti-cryptography and anti-hacker legislation and what not, and the government will insist on some sort of back door being provided for them. Someone somewhere will discover this backdoor, and that will be it.
posted by donkeymon at 8:23 AM on March 13, 2001


Just off the top of my head... For music, I don't think it can work, as you could play to an external PC and redigitize there. Right? As far as screen captures go, couldn't you run the thing in an emluator - on a Mac, say - and then screen capture the inside screen?
posted by tranquileye at 8:25 AM on March 13, 2001


No, it's more than just that. It flat out CAN'T WORK. PC's are inherently insecure. I can write and run any code I want on a PC. I can run a low level debugger and I can write my own drivers. End of story (until they create secure hardware).

posted by muppetboy at 8:34 AM on March 13, 2001


muppetboy: that's all well and good, but InTether doesn't have to keep you out. It only has to keep Joe "Where's The Any Key" Average from copying. The DMCA takes care of hackers with debuggers (at least until it's found unconstitutional, which we'll probably have to get a few new Supremes for...)
posted by Vetinari at 8:44 AM on March 13, 2001


It will be 48 hours probably before some kid in a foreign country posts a patch to the internet that just disables the whole thing. It's a stupid idea that will never work. The smart part of the idea is that there are enough greedy bastards out there with no clue, that they can probably scam a few million out of them.
posted by muppetboy at 8:59 AM on March 13, 2001


It can't be bypassed. It has to be defeated. The material it protects is encrypted and stored in a database it keeps. What it does is to augment the file system to create a new kind of compressed volume transparently to the user. If it is disabled, then the content it protects becomes inaccessible.

If the article is to be believed, it can be disabled very easily -- just unistall it. But if you do, you lose all the content it's protecting.

And bypassing it will be a violation of the DMCA.
posted by Steven Den Beste at 9:17 AM on March 13, 2001


More to the point, you don't have to use the program because you don't have to download media that supports its use. And since the majority of pirated media on the Internet does not come from a corporate source directly, it seems fairly easy to circumvent the use of InTethered files.

Don't wanna deal with InTether? Find Joe Blow's ripped version of your favorite mp3 instead of downloading it from the corporate InTether protected site. It's that simple.
posted by rklawler at 9:24 AM on March 13, 2001


If the article is to be believed ...

It isn't. The writer makes it clear he's no expert on the technology. There's a reason entertainment companies have failed miserably at inventing a content-protection system that can't be removed or bypassed -- it may be impossible to do without help from the hardware, and current PCs don't offer that help.
posted by rcade at 9:35 AM on March 13, 2001


I have a question: let's pretend .NET somehow takes off and desktops running MacOS and Linux plateau.

This kind of thing would be much easier to impliment, wouldn't it? I'm not saying there would be zero way around it, but it seems that a .NET-ed world would be much easier to monitor and "protect" in the way that InTether is attempting to.

If MS can boast that 80% of the world uses .NET, companies will jump at the chance to somehow utilitize it for their own techs, even if the other 20% of users are on other OSs or somehow bypass it.
posted by jragon at 9:46 AM on March 13, 2001


1. .NET is a fine magazine, but I think their importance is overstated.

2. Um, you can beat the system with ye olde WinPC. Just use an image swiping program like SnagIt, and you've got image file. Or text. Doesn't help for music, but oh well. Nobody ever accused piracy of being perfect.
posted by ethmar at 9:55 AM on March 13, 2001


"It can't be bypassed. It has to be defeated. The material it protects is encrypted and stored in a database it keeps. What it does is to augment the file system to create a new kind of compressed volume transparently to the user. If it is disabled, then the content it protects becomes inaccessible.

If the article is to be believed, it can be disabled very easily -- just unistall it. But if you do, you lose all the content it's protecting.

And bypassing it will be a violation of the DMCA."

No no no! I didn't mean that it would disable or get around the encryption... the "copy protection" features are the weak link. Once the document is decrypted and usable in any way at all, it's vulnerable to being copied in *unencrypted* format. Just *one* person on the net has to use a current patch to their "application security" and it's all over for that particular piece of content... then the content gets posted in non-tethered format and it spreads all over the net. It will be a constant and losing battle to keep hacks from freeing the content. It's just not secure.

And merely being illegal isn't going to prevent any of this from happening... unless they're really going to start throwing lots of people in jail for "content crimes".

It's just a scam to dupe a bunch of greedy content purveyors. It's going to take a whole new generation of secure hardware to actually solve the content security problem.

posted by muppetboy at 10:20 AM on March 13, 2001


BTW, if you read the article, they pretty much admit that they'll have to post fixes when they get hacked... which is pretty much the same as admitting that it doesn't really work. At least not if you have content that really *has* to be secure. If you're just trying to make it a little harder to free the content, or you figure the content has less value than the trouble it would take to free it... that's different.
posted by muppetboy at 10:25 AM on March 13, 2001


This is really shoddy reporting from Inside. It looks like just more mediocre DRM software, no different to any of the crapware we've already flamed, but they've forgotten to pass their article through the Corporate Hype Filter. Military technology indeed.

The Schneier quote is quite right. InTether may have more layers of obfuscation and self-integrity-checking than other efforts, but that doesn't make it unhackable. There are always ways around. Its capacity to deliberately crash the machine and delete content is nothing magic, and combined with its complicated hooks into Windows and Office is certain to increase system instabilty and incompatibility problems - as if we needed more of that.

"Why in the world would you willingly install an InTether receiver on your computer, given the way it hobbles your control over your own computer?" You won't. Until such a thing is built into Windows, it won't gain consumer acceptance - and even then it's arguable.

posted by BobInce at 10:28 AM on March 13, 2001


As far as music goes, you can copy directly the waveform data from your soundcard. Unless we get forced into secure hardware.

And bypassing it will be a violation of the DMCA
I couldn't possibly care less :)
posted by sonofsamiam at 10:30 AM on March 13, 2001


Once anything is put into the hands of the consumer, it becomes vulnerable. The only way it isn't vulnerable is if its kept in a controlled environment (IE: On the company's server). When will they learn?
posted by bytecode at 12:05 PM on March 13, 2001


I work for a company in the content protection "space" myself, and I can tell you that the goal is not really to prevent the L337 hax0rs from stealing your movie. There will always be an underground of technically-savvy people who can get any media they want for free, and content owners understand that and, however reluctantly, most accept it. The real goal is to make it difficult enough to find and join that underground that mainstream consumers will find it simpler to just pay for what they watch. Considering the difficulty that some people have with setting the clock on their VCR, that is a much more reasonable and achievable goal.
posted by kindall at 12:56 PM on March 13, 2001


You're missing the point. Tech-savvy people will free the content for non-tech people to stumble over.

The intelligent thing to do would be to make it *cheap* enough and well-aggregated so that it wouldn't be worth anyone's time to look around for the freebies.

posted by muppetboy at 1:01 PM on March 13, 2001


kindall: I dunno what you're at liberty to talk about, since it's your job, but I'm having some problems with the idea of copy-protection...

Say you make a music format that is really hard to crack. So hard, in fact, that only one machine in the world can do it. Then, say the guy who owns that machine converts his collection of SecureMusicFormat discs to mp3 and serves them up to everyone? Now they are all in a format that can be copied and served by anyone. And they probably will be.
So how do you aim for 99% secure? It seems like it wouldn't be enough.

Oh. muppetboy just said that. Well, I'll post anyway :)
posted by sonofsamiam at 1:03 PM on March 13, 2001


Then, say the guy who owns that machine converts his collection of SecureMusicFormat discs to mp3 and serves them up to everyone?

Well, then he's not underground. That's blatant copyright infringement and he'd get his head served to him on a silver platter, so he won't do that. Instead maybe he'll set up an FTP server and give out the login to a few friends, and maybe they'll give it to a few other friends. But if the site is to survive, word of it will never spread very far. If it spreads too far, it will be noticed and shut down. If you don't know someone in the circle of people who knows about this site, or they don't trust you, you'll never find it.

Maybe he moves it offshore. Now he can trumpet the address and nobody can shut him down. Problem solved, eh? Well, not really. AOL, which is now a media company as well as an online service, simply blocks the server's IP address so its customers can't access it. In one fell swoop they've stopped most of the people they're really worried about from getting to the content. I would expect to see more media companies investing in major ISPs (or buying them outright) so they can exert pressure on them to block offshore servers from their customers. Yes, you can still have a friend with a different ISP get you the files and give them to you on a CD or whatever, but again, that is more trouble than most people will go to. It brings it back to friend-of-a-friend things which media companies are resigned to not being able to control anyway.

You've got to remember, we computer-savvy folks are not the norm. We are not the ones media companies are trying to protect their content from; they know they can't really. But my mom wouldn't know an FTP server from a newsgroup. If her computer came with Napster she might use it, but to find a copy of the software, then find an OpenNap server, and then figure out what wacky pig-latin "encoding" method they're using for the names so she can get the song she wants? Ain't gonna happen. What the whole Napster thing was about is not necessarily putting the genie back in the bottle, though of course, the record industry would if they could -- but while it's fashionable to bash them for being stupid enough to think they can do that, they don't really think that at all. The Napster suit was about driving Napster underground so the vast majority of music buyers will never bother to use it. They were worried that five years from now, even my mom would be using Napster. That was the disaster they were trying to avert and IMHO, they have more or less succeeded on the Napster front, at least for now.

Maybe eventually copyright as we know it will cease to exist -- there are certainly going to be huge changes -- but just because technology makes it possible to copy things doesn't mean media companies won't be able to find ways to make it difficult enough for most people not to bother for the forseeable future. In the interim, the media companies have lots of money to invest in various protection technologies and a vested interest in doing so, so who am I to tell them not to throw money at me?
posted by kindall at 1:43 PM on March 13, 2001


Ah, I see. 1000 people on IRC seems like a lot to me, but to the record distributors, that's just a drop in the bucket.
The internet skews my sense of scale.
posted by sonofsamiam at 1:56 PM on March 13, 2001


In the long run they want to control us all, even the tech savvy people. In my mind the only reason that don't have total control over our computing actions with "secure hardware" is because they didn't think about the need for it back when x86 architecture was created. We are all entities to the big companies, entities that give them money and the more money we give them, the better. They are greedy and want every penny they can get and thats what this is all about. But then again, I've been told I have a very cynical world view.
posted by bytecode at 2:40 PM on March 13, 2001


Yeah, they have a vested interest in making money. Blame the artists for assigning their copyrights to voracious money machines. As time goes by we'll see more artists choosing to distribute their music themselves, and the influence of record labels will wane somewhat. But ironically, the technologies that are being funded by the major media companies now may still be around to benefit individual artists, if they want to use them.
posted by kindall at 3:16 PM on March 13, 2001


Speaking of tech-savvy, I think more people are getting that way. I have 12-yr. old cousins who put together computers from used parts. Maybe a third of the people I know with computers can add new hardware, adjust drivers, etc. Five years ago, it was not that way.

But, on the other hand, still no-one can solder. So maybe I'm way off.
posted by sonofsamiam at 3:53 PM on March 13, 2001


Hey! speak for yourself sonofsamiam, I'm damn pround of my 1337 soldering skills :)
posted by bytecode at 5:19 PM on March 13, 2001


kindall: the overall game plan makes "sense" in a walmart kind of way... but I still think it will fail. even if you drive the piracy underground somewhat you have these issues:

1) most content is, in actuality, not neccessary in the slightest. it's "social currency". so whole peer groups, not individuals, are going to tend to go one way or the other ("underground" or "walmart"). which means it's going to take a lot of momentum to get any given circle of people to go "walmart". why? the cost is unreasonable. social currency can only be unreasonably expensive among people with money to burn... (which is why i think most of these boneheaded content people don't understand the problem... they don't understand what it's like to actually care about and *need* a couple bucks)

2) people are rapidly becoming tech savvy. more importantly, the demographics that these content companies depend on are the ones most rapidly absorbing technology. your *average* 12 year old knows all about FTP sites at this point. it's *what they do* and how they socialize. these demographics are the most important to all content markets and ultimately will determine the whole future of the marketplace.

3) 12 year olds and teens are basically broke and don't want kid-friendly walmart content anyway. they're just playing around. payware electronic content won't be social currency among kids unless it can compete with all the interesting social currency that's *free*. there's too much cool free stuff out there for this to ever happen. and once they've developed the habit of looking for, talking about and forwarding the cool free stuff... they'll probably never change.

so what will probably happen is a few older walmart types like "mom" will maybe buy a little bit of content, but probably not very much as it's not a reasonable social currency since it costs too much and it's too controlled... (you can't forward it to anyone to gossip about it!) and everyone else (80-90% of the internet) will use the free social currency that's out there and/or the pirated secure stuff that will continue to be forwarded all over the world through email and downloaded through various "underworld" methods.

the bottom line is that it's a social problem and a kind of "success" problem too... in making manufacturing and delivery too cheap... (capitalism breaks down when it succeeds at anything... when the supply is too great) and anything short of a total technological solution is doomed to failure.

posted by muppetboy at 5:38 PM on March 13, 2001


Excellent points muppetboy. Like I said, I think there will be huge sweeping changes, and they may well destroy copyright as we know it, but I also think we here grossly overestimate how quickly these changes will occur. I don't think we'll see any serious threat to record companies until broadband to the home is a good deal more commonplace than it is now -- at least 5 to 10 years, and that's in the US; other countries are far behind us -- and I suspect that the major record labels will still exist and still be a major force in music distribution when I die, though they might not be doing exactly what they're doing today. A powerful industry desperately fighting for relevance can be a formidable force. The very fact that nobody needs what the entertainment conglomerates are selling makes them keenly aware that any perceived attempt to force something on the public will go over like a lead balloon; they will need to tread very carefully. Things are kind of murky right now, as they're trying a lot of different strategies to see what works, and anti-theft technology is still in its infancy. And there are huge numbers of countries that are still industrializing where the old way of doing business will continue to be profitable for decades to come, simply because tape players are way cheaper than computers.
posted by kindall at 6:36 PM on March 13, 2001


marginally offtopic, I've also seen some fairly mainstream sources supporting the "underground" contingent... WPGH (local Fox affiliate) did a sort of how-to interest piece on alternatives to Napster on the local news last night. Not surprisingly, they're not owned by any RIAA/MPAA affiliated megacorp.
posted by Vetinari at 6:44 PM on March 13, 2001


« Older SXSW still hasn't posted the winners on the site.   |   Mir spotted in skies over India, Newer »


This thread has been archived and is closed to new comments