Beware Software Gifts from the MPAA

Lauren Weinstein lauren at vortex.com
Fri Nov 23 12:17:07 PST 2007 


                    Beware Software Gifts from the MPAA

               http://lauren.vortex.com/archive/000330.html


Greetings.  I'm on record as supporting *reasonable* efforts by
the MPAA, RIAA, and their various cohorts to protect their
intellectual property assets.  However, a software tool being
distributed to universities by the MPAA, supposedly to help them
internally track student file sharing (and remember, there are
efforts to make such tracking a requirement of federal law) appears
to leak information like a sieve, not just to the MPAA but to the entire
Internet ( http://tinyurl.com/yr8bsq ).

Part of the MPAA toolkit's data leakage is obviously intentional --
like the "phone home" aspect that reveals a new installation to MPAA
servers.  Other aspects, like the open Web server that the toolkit
installs, which exposes collected data publicly, may simply be the
result of design incompetence.

Either way, I agree with those observers who suggest that installing
this free software mess would be a big mistake on the part of
university system administrators.

The MPAA now says that the current release that they've been pushing
to the educators is only the beta version.  I'm all in favor of
betas, even extended ones, but a cardinal rule of software
development says that you don't allow beta software to be used in
outside production environments unless it has at least been vetted
for major security and privacy problems.

In this case, the problems with the MPAA software are so obvious
that they call into question the veracity -- or at least the
competence -- of the entire project.

When our policymakers consider the desires of the entertainment
industry to turn university IT departments into intellectual
property cops, I hope that this particular fiasco will be duly noted.

--Lauren--
Lauren Weinstein
lauren at vortex.com or lauren at pfir.org
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
  - People For Internet Responsibility - http://www.pfir.org
Co-Founder, NNSquad
  - Network Neutrality Squad - http://www.nnsquad.org
Founder, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com


-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list