Monday, October 08, 2007

Security or Anti-security?

So, on the surface, the MPAA and RIAA activities seem to be in line with what people associate with information protection: they seemingly fight to protect "their IP" or "Intellectual Property." Why does literally everybody - including people in IT and IT security - hate them then? (rhetorical question alert :-))

Maybe because of cases like this: "In proving liability, the industry did not have to demonstrate that the defendant's computer had a file-sharing program installed at the time that they inspected her hard drive. And the RIAA did not have to show that the defendant was at the keyboard when RIAA investigators accessed Thomas' share folder." Scary indeed!

Or maybe like this, which comes from my own recent experience? The other day I borrowed a DVD of a popular Russian series from my friend and intended to watch it in my DVD player. Surprise! The movie's region did not match the player. Now, obviously, I knew that DVDs are region-coded; I just never experienced it myself. As a quick test, I tried it in computers' DVD drives and, just as obviously, with no luck.

So, given that my intention was to watch a movie and not to start a security research project, I just called my friend and asked "Hey, how did you watch it? It seems to be of the 'wrong' region?" The friend said: "Oh, that's easy, just get the mplayer; I use on my Linux systems; I think they have a Windows version as well" (and they did - and the movie played just fine)

Now please somebody tell me: since when did watching a legally obtained movie have to involve "hacking"?

Maybe that is why MPAA and RIAA are hated with a deep passion: their security "inventions" defy common sense?

Do yours? :-) You will probably be hated too ... AND then your security program will fail.

UPDATE: another fun set of comments on this is here. The highlight: "There is no common sense when you put the legal system and technology together."

UPDATE2: obviously, the scumbags will lose, but how exactly will they meet their doom? Maybe like this?


Anonymous said...

NPR recently ran some stories about the RIAA's flagrant abuse of the legal system. Here's a link:

Anton Chuvakin said...


Correct link here

Excerpt: "The problem? Andersen said she didn't do it and could prove it. But that didn't seem to make a difference to the RIAA."

also this - wow!

"However, Andersen's fight with the RIAA, which dragged on for a couple of years, ended when a federal court told the group that it had to prove Andersen had made the downloads. The association then dropped the suit, leaving her with thousands of dollars in legal fees. But as Marketplace notes, the courts may be losing patience with this tactic. A judge recently ordered the organization to pay a Texas woman's $68,000 legal bill.

Now Andersen has turned the tables and is suing the RIAA, accusing the group of "fraud, malicious prosecution, libel and slander, invasion of privacy, deceptive business practices, misuse of copyright laws and colluding to engage in widespread extortion and racketeering.""

Dr Anton Chuvakin