Can anyone figure this out? It's a link from the ebay splash page, so it's "high profile". Is it DeCSS? http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=1439250171 # # [ pictured are DVD movies ] # # All the software needed to burn your own DVD's is included with # this auction. Now you can make copies/Backups of ALL of your # favorite DVD's and never have to worry about replacing them. # There are only 2 options. You could either spend thousands of # dollars on a DVD burner (Brand New your looking at over 5,000 # dollars or even buying a DVD Burner off of Ebay is still going # to run into the thousands) or you could buy this software and # make your own copies using a CD-R Drive. This software is # incredibly simple to use with very detailed and easy to follow # instructions # # Att. Ebay- This is not an "informational" auction. This is # software needed to burn DVD's on a CD-R Drive # # This program is not meant for those who intend on breaking # copywrite laws and in no way will I be held responsible if you # do. # # Please add 4.01 shipping & handling making the total only 10 # dollars for this INCREDIBLE SOFTWARE # # ATTENTION EBAY and Bidders: Again this auction in no way infringes # on any copyrights at all and is not being sold for that purpose. # It is to be used to Backup DVDs ONLY !!! Backups may only be # made from the bidders collection only and cannot be shared,sold,or # distributed freely.
Sounds to me like it's just a plain binary copy. The software takes the data off the DVD, and puts it on the media, when it runs out of space it asks for more media. Joe ----- Original Message ----- From: <George@Orwellian.Org> To: <cypherpunks@cyberpass.net> Sent: Saturday, June 16, 2001 2:37 AM Subject: CDR: eBay: Burn DVD movies onto CD?
Can anyone figure this out?
It's a link from the ebay splash page, so it's "high profile".
Is it DeCSS?
http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=1439250171
At 03:47 PM 6/16/2001 -0500, Joseph Ashwood wrote:
Sounds to me like it's just a plain binary copy. The software takes the data off the DVD, and puts it on the media, when it runs out of space it asks for more media.
If so it not very useful. Lots of such free utilities out there for that. As keyser-soze notes, in a reply with an incorrect subject line, if you want to put DVD originated video content to CDs for subsequent flexible viewing (PC or DVD player) you need to convert it to another format (VCD/SVCD). You can also make .avi or mpeg4 files for PC viewing from them (it seems the vcdhelp site referenced by keyser also has material for that.) steve
David Honig <honig@sprynet.com> wrote:
Why would it be? You don't need DeCSS to copy the files on DVDs.
No, but you do need to authenticate with the DVD-ROM drive. To do this, at least under Linux, you have to invoke the proper ioctls, and do a cryptographic authentication procedure with the drive. Code to do this is covered under "circumvention device" in the DMCA according to the 2600-MPAA case. If you don't do this authentication, the drives I have worked with will just spit out zeros instead of the real data. -- Riad Wahby rsw@mit.edu MIT VI-2/A 2002 5105
At 03:02 PM 6/20/01 -0400, Riad S. Wahby wrote:
David Honig <honig@sprynet.com> wrote:
Why would it be? You don't need DeCSS to copy the files on DVDs.
No, but you do need to authenticate with the DVD-ROM drive. To do this, at least under Linux, you have to invoke the proper ioctls, and
Linux is a well known anti-american operating system. :-P
do a cryptographic authentication procedure with the drive. Code to do this is covered under "circumvention device" in the DMCA according to the 2600-MPAA case.
Not if you have lawfully paid for the content.
If you don't do this authentication, the drives I have worked with will just spit out zeros instead of the real data.
If a cartridge doesn't have (C) SEGA in it, it won't play... ergo, (C) SEGA is not protected. GAME OVER. Cheers, dh
On 20 Jun 2001, at 15:16, David Honig wrote:
do a cryptographic authentication procedure with the drive. Code to do this is covered under "circumvention device" in the DMCA according to the 2600-MPAA case.
Not if you have lawfully paid for the content.
have you filed an amicus curiae brief explaining this? If so, how come the case isn't over yet, with the 2600 people victorious.
If you don't do this authentication, the drives I have worked with will just spit out zeros instead of the real data.
If a cartridge doesn't have (C) SEGA in it, it won't play... ergo, (C) SEGA is not protected.
GAME OVER.
Cheers, dh
I'm not certain the judges will see things that way. The fact that you need something like DeCSS to view DVDs ON A LINUX BOX might not prove decisive to a judge who might consider the possibility that you could view them some other way, say, with a DVD player. Alternatively, Linus Torvalds could sell his soul and say that source for linux DVD players will NOT be open. I'm not justifying this kind of logic, mind you, just saying that I think it's quite likely that that's the way the ruling is likely to come out. George
At 05:15 PM 6/20/01 -0700, georgemw@speakeasy.net wrote:
On 20 Jun 2001, at 15:16, David Honig wrote:
do a cryptographic authentication procedure with the drive. Code to do this is covered under "circumvention device" in the DMCA according to the 2600-MPAA case.
Not if you have lawfully paid for the content.
have you filed an amicus curiae brief explaining this? If so, how come the case isn't over yet, with the 2600 people victorious.
You can lead a judge to water but you can't make him think.
David Honig <honig@sprynet.com> wrote:
Linux is a well known anti-american operating system. :-P
:-) Even so, the fact that it's Linux isn't the point. The fact is, you have to do some hardware handshaking before you can read the data. It just happens that it's via an ioctl interface in Linux, and I only mentioned that as a specific example.
Not if you have lawfully paid for the content.
Not really. Part of 2600's claim is that DeCSS and css-auth allow people using operating systems without officially licensed DVD player software (with development cost starting at $20k just for the license to implement the standard) to view DVDs that they purchased. The judge didn't buy it; it doesn't matter that they legally paid for the content, they're accessing it illegally via a "circumvention device." The DMCA, according to the court, clearly prevents the use of DeCSS and css-auth, even in the case that it has a legitimate use, because it circumvents the access control measures built into the DVD standard.
If a cartridge doesn't have (C) SEGA in it, it won't play... ergo, (C) SEGA is not protected.
I don't see how this applies to what I was saying. The reason I tagged this on is to show that one must authenticate if one plans to read the data. Thus, the EBay offering has to use some sort of authentication mechanism. If it uses one that is not officially licensed (read this: upwards of $20k development cost), it is illegal, according to the court. I'm not agreeing with the DMCA, or with the judge's decision regarding DeCSS. Neither are palatable, to say the least. The original question was "can this be done legally." The answer is: if someone paid to develop a licensed implementation of the DVD standard, yes. I don't know of any commercial software that will read the data from the DVD and spit out the raw data, encrypted or not, for writing to a CD. The DVD CCA would never license such a piece of software---its use is too clearly geared towards backup or, as they see it, piracy. -- Riad Wahby rsw@mit.edu MIT VI-2/A 2002 5105
Riad S. Wahby wrote:
I'm not agreeing with the DMCA, or with the judge's decision regarding DeCSS. Neither are palatable, to say the least. The original question was "can this be done legally." The answer is: if someone paid to develop a licensed implementation of the DVD standard, yes. I don't know of any commercial software that will read the data from the DVD and spit out the raw data, encrypted or not, for writing to a CD. The DVD CCA would never license such a piece of software---its use is too clearly geared towards backup or, as they see it, piracy.
The DVDCCA license requires that DVD equipment never allow access to the raw digital data. http://www.dvdcca.org/data/css/css_proc_spec11.pdf It is also quite evident that the MPAA was planning to use CSS as a 'hook' to force DVD player/software/equipment manufacturers to sign this license. Essentially creating a licensing regime protected by law. http://www.wipo.org/eng/meetings/1999/wct_wppt/pdf/imp99_3.pdf This ties in nicely with the content manufacturers' dream of a tamed digital environment where neither piracy nor fair use is possible, and everything is pay-per-view, controlled and metered. http://www.4centity.com/data/tech/cpsa/cpsa081.pdf -- LarsG http://eurorights.org
At 02:36 PM 6/21/01 +0200, Lars Gaarden wrote:
The DVDCCA license requires that DVD equipment never allow access to the raw digital data. http://www.dvdcca.org/data/css/css_proc_spec11.pdf
If you buy the media (and more importantly, the license to play the content) you can use any hardware/software you like. Period. [1] That some folks (usually synthetic, ie, corps) pay a fee for IP from whoever is irrelevent. The record-pressers can't tell you whose needle to buy. Well they can, but you can ignore them. If you've cleanroom rev-eng'ed what you need to interop. E.g., DeCSS.
This ties in nicely with the content manufacturers' dream of a tamed digital environment where neither piracy nor fair use is possible, and everything is pay-per-view, controlled and metered.
Where a remotely-readable meter logs all licensed entertainment that's entered your brainstem each month. Tilting at windmills made of sand, DH "All the normalities of the social contract are abandoned in war" Jack Valenti MPAA pres, in LATimes on Kerry's war crimes .......... [1] That remote-music storage dotcom which required you to have a meatspace CD before letting you play the content should have needed *no* license, permit, or blessing from the producers.
David Honig wrote:
At 02:36 PM 6/21/01 +0200, Lars Gaarden wrote:
The DVDCCA license requires that DVD equipment never allow access to the raw digital data. http://www.dvdcca.org/data/css/css_proc_spec11.pdf
If you buy the media (and more importantly, the license to play the content) you can use any hardware/software you like. Period. [1]
That is exactly how it should be, no argument there. However, there are forces that would like to change this. The media and software companies have so far succeeded in getting a couple of bad laws passed (DMCA, UCITA), and are pushing heavily to force hardware manufacturers to add 'copy protection'[2] technology to their devices. Unless we stop this, we might find ourselves in an Orwell'esque world five or ten years down the line.
This ties in nicely with the content manufacturers' dream of a tamed digital environment where neither piracy nor fair use is possible, and everything is pay-per-view, controlled and metered.
Where a remotely-readable meter logs all licensed entertainment that's entered your brainstem each month.
Some of them actually want that kind of world, and seem to have the power, money and know-how to push both legislation and technology in that direction.
[1] That remote-music storage dotcom which required you to have a
meatspace CD before letting you play the content should have needed
*no* license, permit, or blessing from the producers.
A year ago, I would have believed that copyright law was sane, and that the above sentence was correct. Unfortunately, (C) is a rather messy and even internally inconsistent law which does not follow common sense. According to current law, that remote-music storage dotcom (my.mp3.com?) need to produce and store copies of the music. As there is no copyright exemption that applies to this situation, they need to obtain a license (actually, several licenses). Is this the way it should be? imho, no. Does this seem logical to anyone except copyright lawyers? No. Do most laypeople expect that this should be covered by fair use? Yes. To fix this, we need to change copyright law. Unfortunately, the current trend is that (C) is moving in the wrong direction, because most of the lobbyists and most of the money are in the hands of media companies. While DFC and EFF are trying, it seems like we need more - much more. Jessica Litman's 'Digital Copyright' covers a lot of this. Recommended if you haven't read it already. [2] 'copy protection' is a misnomer, just like Intellectual Property is. IP isn't property, it is a limited, temporary, monopoly on an idea (patent) or an expression (copyright). Likewise, 'Copy Protection' is Use Control. CP is carpet-bombing from 20000ft with the expressed intent to stop piracy, while (accidentally, or deliberately) doing lots of collateral damage - including, but not limited to, fair use and the principle of first sale. -- LarsG http://eurorights.org
At 07:30 PM 6/20/01 -0400, Riad S. Wahby wrote:
Not if you have lawfully paid for the content.
Not really. Part of 2600's claim is that DeCSS and css-auth allow people using operating systems without officially licensed DVD player software (with development cost starting at $20k just for the license to implement the standard) to view DVDs that they purchased.
That is a correct claim by 2600. The
judge didn't buy it;
The judge needs to buy steal or rent a clue, as we both know. it doesn't matter that they legally paid for the
content, they're accessing it illegally via a "circumvention device."
Its not *illegal* access since *they paid for it*. (For the license to play it; to copy it to other media for play in their cars; to back it up; etc.)
The DMCA, according to the court, clearly prevents the use of DeCSS and css-auth, even in the case that it has a legitimate use, because it circumvents the access control measures built into the DVD standard.
We both know that's an incorrect ruling that will be reversed.
If a cartridge doesn't have (C) SEGA in it, it won't play... ergo, (C) SEGA is not protected.
I don't see how this applies to what I was saying.
The SEGA ruling said that whatever you need to do to interoperate is legal ---even including the string "(C) SEGA" in your ROM if the host platform requires it. You bought the DVD, you can play it how you want. The reason I
tagged this on is to show that one must authenticate if one plans to read the data. Thus, the EBay offering has to use some sort of authentication mechanism. If it uses one that is not officially licensed (read this: upwards of $20k development cost), it is illegal, according to the court.
The EBay advert could have been selling "cp" because there was nothing about playback implied. Presumably you would copy your DVD files from CDs onto a hard drive and then play them back. As the ad said, perfectly legal. You don't need to decrypt to copy.
I'm not agreeing with the DMCA, or with the judge's decision regarding DeCSS. Neither are palatable, to say the least. The original question was "can this be done legally." The answer is: if someone paid to develop a licensed implementation of the DVD standard, yes.
Can data backup be done legally? Of course. Playback, again, is not what is being offered, in my reading of the ad. I
don't know of any commercial software that will read the data from the DVD and spit out the raw data, encrypted or not, for writing to a CD. The DVD CCA would never license such a piece of software---its use is too clearly geared towards backup or, as they see it, piracy.
I'm surprised that any ordinary file manager wouldn't show the DVD files much as they'll show audio CD files as files. [I don't have a DVD player to try this..]
David Honig <honig@sprynet.com> wrote: <snip> Up to this point, I agree with everything you have said.
The EBay advert could have been selling "cp" because there was nothing about playback implied. Presumably you would copy your DVD files from CDs onto a hard drive and then play them back. As the ad said, perfectly legal.
You don't need to decrypt to copy.
That's true. However, in order to read data from a DVD, you must first "authenticate" to the DVD player. This is before any decryption takes place. This is a cryptographic handshake mechanism using a key. If you do not perform this handshake, it is not possible to read the data. You are correct that this does not involve decryption. It does, however, involve circumventing a part of the DVD protection mechanism---the one that protects the raw bits from being read off the disk. DVD player software does this handshake directly. It is not handled by the operating system, nor should it be, according to the DVD CCA. No mechanism will be licensed by the DVD CCA that allows the raw bits to be accessed, according to another post on this thread. Thus, you must access the raw bits using unlicensed software---i.e. a circumvention device. To summarize: dd if=/dev/dvd of=pirated.file *does*not*work*. You must first run some sort of program to authenticate with the drive. Then you can dd as much as you like. The problem is with the authentication program---by the DVD CCA's licensing standards, no such program can be legit. Thus, according to the current 2600-MPAA decision, what is being sold on EBay is illegal, assuming that it does what it claims to do. -- Riad Wahby rsw@mit.edu MIT VI-2/A 2002 5105
At 11:15 AM 6/21/01 -0400, Riad S. Wahby wrote:
The EBay advert could have been selling "cp" because there was nothing about playback implied. Presumably you would copy your DVD files from CDs onto a hard drive and then play them back. As the ad said, perfectly legal.
You don't need to decrypt to copy.
That's true. However, in order to read data from a DVD, you must first "authenticate" to the DVD player. This is before any decryption takes place. This is a cryptographic handshake mechanism using a key. If you do not perform this handshake, it is not possible to read the data.
Yep. But that's not implied by the (probably totally exploitive, BTW) ad.
You are correct that this does not involve decryption. It does, however, involve circumventing a part of the DVD protection mechanism---the one that protects the raw bits from being read off the disk.
My argument, to any judges reading, is that its *not* circumvention if you've bought the damn thing, no matter how you decode it. If you paid for satellite TV but you build your own descrambler, its *not* illegal circumvention, even though your gizmo (legally) circumvents access controls. Get it? [Rhetorically; Riad is not the problem :-] Hint: its only illegal if its fraud. DeCSS has nothing to do with fraud. "cp" does. Actually, only humans do, "cp" is not a moral entity.
On Thu, 21 Jun 2001, David Honig wrote:
My argument, to any judges reading, is that its *not* circumvention if you've bought the damn thing, no matter how you decode it.
If you paid for satellite TV but you build your own descrambler, its *not* illegal circumvention, even though your gizmo (legally) circumvents access controls. Get it? [Rhetorically; Riad is not the problem :-]
Hint: its only illegal if its fraud. DeCSS has nothing to do with fraud. "cp" does. Actually, only humans do, "cp" is not a moral entity.
Actually that won't hold up. There is a distinction that you are missing. Do you legally purchase service from that cable vendor? If so then even building your own cable descrambling box may be illegal if the contract says so (you're depriving the cable company of contractual income, fraud?). The only(!!!) way that I can see building your own descrambler and getting away with it is if you have no(!) connection to the vendor, hence they have no claim to a 'loss' since you're not buying any service in the first place. -- ____________________________________________________________________ "...where annual election ends, tyranny begins;" Thomas Jefferson & Samuel Adams The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------
David Honig <honig@sprynet.com> wrote:
My argument, to any judges reading, is that its *not* circumvention if you've bought the damn thing, no matter how you decode it.
If you paid for satellite TV but you build your own descrambler, its *not* illegal circumvention, even though your gizmo (legally) circumvents access controls. Get it? [Rhetorically; Riad is not the problem :-]
Hint: its only illegal if its fraud. DeCSS has nothing to do with fraud. "cp" does. Actually, only humans do, "cp" is not a moral entity.
I totally agree with you about all of the above statements. I read the original question as "would this be illegal under the DMCA?" My replies were all modulo the current reading of the DMCA as implied by the 2600-MPAA case. As far as I'm concerned, no, the government and various media corporations should not have the ability to restrict the way in which I employ their content. If it's scrambled, that's another obstacle to my viewing, but it shouldn't be one backed by anything stronger than the algorithm which the distributor has chosen to employ. That is, men with guns shouldn't be there to make sure I don't break or otherwise circumvent CSS, nor should it be my "social responsibility" not to do so. The burden of protecting content is on the corporation providing the content, not on me. -- Riad Wahby rsw@mit.edu MIT VI-2/A 2002 5105
On Thu, Jun 21, 2001 at 07:53:38AM -0700, David Honig wrote:
At 07:30 PM 6/20/01 -0400, Riad S. Wahby wrote:
The DMCA, according to the court, clearly prevents the use of DeCSS and css-auth, even in the case that it has a legitimate use, because it circumvents the access control measures built into the DVD standard.
We both know that's an incorrect ruling that will be reversed.
I covered the trial and the appeal, and I would not make such a strong claim. -Declan
Declan McCullagh wrote:
On Thu, Jun 21, 2001 at 07:53:38AM -0700, David Honig wrote:
At 07:30 PM 6/20/01 -0400, Riad S. Wahby wrote:
The DMCA, according to the court, clearly prevents the use of DeCSS and css-auth, even in the case that it has a legitimate use, because it circumvents the access control measures built into the DVD standard.
We both know that's an incorrect ruling that will be reversed.
I covered the trial and the appeal, and I would not make such a strong claim.
Seems like the appeals court is somewhat clued, as they asked more or less the correct questions. But as you say, it is nowhere near certain that the court will rule our way. -- LarsG
Right, it's not certain. But this is a semantically null statement: Unless you have a mole in the court, that could be said about any case. It's true that the appeals court asked some questions that were widely interpreted as being favorable in a followup document, but their actual questions askd during oral arguments were very much pro-MPAA. It's true that they could be playing devil's advocate, but the queries seemed to be genuine conviction, not intellectual gamesmanship. -Declan On Tue, Jun 26, 2001 at 02:14:53PM +0200, Lars Gaarden wrote:
Declan McCullagh wrote:
On Thu, Jun 21, 2001 at 07:53:38AM -0700, David Honig wrote:
At 07:30 PM 6/20/01 -0400, Riad S. Wahby wrote:
The DMCA, according to the court, clearly prevents the use of DeCSS and css-auth, even in the case that it has a legitimate use, because it circumvents the access control measures built into the DVD standard.
We both know that's an incorrect ruling that will be reversed.
I covered the trial and the appeal, and I would not make such a strong claim.
Seems like the appeals court is somewhat clued, as they asked more or less the correct questions. But as you say, it is nowhere near certain that the court will rule our way.
-- LarsG
David Honig wrote:
At 03:02 PM 6/20/01 -0400, Riad S. Wahby wrote:
David Honig <honig@sprynet.com> wrote:
do a cryptographic authentication procedure with the drive. Code to do this is covered under "circumvention device" in the DMCA according to the 2600-MPAA case.
Not if you have lawfully paid for the content.
As read by the MPAA, the DMCA enable them to sell you a locked house and then drag you to court if you try to pick the lock.
If you don't do this authentication, the drives I have worked with will just spit out zeros instead of the real data.
If a cartridge doesn't have (C) SEGA in it, it won't play... ergo, (C) SEGA is not protected.
Didn't the original IBM BIOS use this trick. e.g, look for a 'copyright ibm' string in the BIOS image? -- LarsG
At 01:48 PM 6/21/01 +0200, Lars Gaarden wrote:
David Honig wrote:
Not if you have lawfully paid for the content.
As read by the MPAA, the DMCA enable them to sell you a locked house and then drag you to court if you try to pick the lock.
Look everyone, I know the judge at the current level of the legal system needs a lobe job. Why should I take him seriously?
If a cartridge doesn't have (C) SEGA in it, it won't play... ergo, (C) SEGA is not protected.
Didn't the original IBM BIOS use this trick. e.g, look for a 'copyright ibm' string in the BIOS image?
Dunno. (PS: Note that the (C) SEGA string may be my gisting.)
participants (9)
-
David Honig
-
Declan McCullagh
-
George@Orwellian.Org
-
georgemw@speakeasy.net
-
Jim Choate
-
Joseph Ashwood
-
Lars Gaarden
-
Riad S. Wahby
-
Steve Schear