French Government Lobbied to Ban Free Software

Sat Dec 3 15:15:01 UTC 2005

On Sat, 2005-12-03 at 13:29 +0000, MJ Ray wrote:
> Alex Hudson <home at alexhudson.com>
> > [...] Now, MJ Ray has suggested that they may be trying to prevent
> > people published source code that could be adjusted to circumvent DRM in
> > the future - that would be an obviously terrible extension of the
> > already bad EUCD situation. 
> 
> Not quite. I think it's source code that you know *is* being used
> to circumvent Digital Restriction Measures (perhaps by modification).

Ok. I imagine it might work out the same in practise, though, for
trivial DRM schemes like the PDF "don't print this" flag.

I wonder how far it would be possible to take that reasoning, though. As
a practical example, the patent PDFs available on the esp at cenet service
are encrypted, so I cannot access them (somehow, Windows/Acrobat
[whichever] users are able to decrypt them automatically - I don't know
how yet, and would appreciate help). 

In order to break that DRM, I would have to find a password which
produces a certain MD5 sum. Now, the top 5 bytes of that sum are used as
a key to rc4 encrypt the pdf contents, so it doesn't need to be a total
collision, but you're still talking days to break any specific PDF
(actually, it might be faster if you can jump out of the md5 process
early when it's not playing out right.... I'm not sure that's
algorithmically possible, though).

Now, that kind of scenario isn't a kind of 'hack evince slightly and it
works' thing, and distributing that code is already an EUCD violation.
It would be interesting to know whether or not there are many DRM
schemes out there which can be violated as easily as the PDF flags, as
opposed to the rather better designed encrypted stuff.

I suppose I'll have to wait for a full en translation of the proposal to
fully understand it. Google seems to know of DADVSI, e.g.,
www.dadvsi.info, but I'm not convinced that's the same proposal? Or is
it?

Cheers,

Alex.