European DMCA

E L Tonkin py7elt at
Tue Jul 31 14:52:18 UTC 2001


As far as reverse engineering and so on goes, this directive puts far too
much power in the hands of companies since all they really have to do
(from previous behaviour, at least) is to add some kind of encryption, as 
ridiculously easy to break as it may be, and then claim their system to be
'secure'... then of course anybody using that system would know it was
intended to be 'secure' and then would be in violation of the law if they
actually attempted to decrypt this. 

Here's one of my odd little nightmares: 

An Unspecified Company(TM) alters their standard filesystem by including
Rot-13 encryption of the FAT, thus making it secure and unreadable (no,

Since everybody and their dog use this filesystem within a year (the
Unspecified Company happens to have a virtual monopoly on the desktop) the
Linux/BSD/*nix communities add a little code to their kernel to allow them
to read and write this ROT-13'd FAT. After all, why not? 

Following which, the U.C. and all their corporate friends drop the full
weight of the law upon the poor unfortunate kernel hacker who happened to
recognise the encoding. And the distributors. And the users. Since they're
all breaking the law- after all, they all knew it was SUPPOSED to be
encrypted, and they just darn well went and decrypted it anyway.

The problem here is that to your average human being, encryption is a
scary word and hacker is scarier. Therefore, their reaction when told that
a hacker broke a code to read some data can be summed up as, "They
shouldn't have done that, when they knew they weren't supposed to".

Of course, I base this interpretation on the more recent acts of Adobe and
the ever-charming US government. Maybe it really wouldn't work that way in
Europe. Maybe it shouldn't work that way in the US. So far, however, we
have CSS and Rot-13'd PDF as good examples of this kind of behaviour.


// OLDSIG "All bad art is the result of good intentions." - Oscar Wilde 

/* START NEWSIG */ Processor: (n.) a device for converting sense to
nonsense at the speed of electricity, or (rarely) the reverse.  - Tonkin's
First Computer Dictionary

On 30 Jul 2001, João Miguel Neves wrote:

> On 30 Jul 2001 21:54:33 +0200, Klaus Schilling wrote:
> > João Miguel Neves writes:
> >  > On 30 Jul 2001 20:14:31 +0200, Simo Sorce wrote:
> >  > > > The problem is that, in practive it makes reverse engineering a crime.
> >  > > 
> >  > > Will this imply that decoding protocols that flows over a network will be
> >  > > also a crime?
> >  > 
> >  > First, the standard disclaimer, IANAL.
> >  > For SMB, as is, I think there's no problem. Now if MS extends the
> >  > authentication protocol to make sure you're connecting from workstation
> >  > with a valid license, reverse engineering that might put you in jail,
> >  > because your work could be considered as "facilitating ... an
> >  > infringement of any copyright".
> > 
> > And what about ICQ? Most clients have been obtained by rev engeineering,
> > I believe.
> > 
> The same reasoning applies: right now you have no problem, but if they
> change the authentication system and turn it into an "electronic
> rights-management" system it would be illegal to reverse engineer it.
> The risk is that the company may make this change at any time...
> --
> 						Joao Miguel Neves
> _______________________________________________
> Discussion mailing list
> Discussion at

More information about the Discussion mailing list