Tech Insider					     Technology and Trends


	      Linux Video & DVD Project Mailing List Archives

From tmilker@radiks.net Thu, 07 Oct 1999 18:35:44 -0500
Date: Thu, 07 Oct 1999 18:35:44 -0500
From: Ted Milker tmilker@radiks.net
Subject: [Livid-dev] DeCSS source

The DeCSS source code is available on the DeCSS homepage at:

http://mmadb.no/hwplus/____MMSystem_275____/Decss.zip

Ted

From crow@debian.org Thu, 7 Oct 1999 19:33:33 -0500
Date: Thu, 7 Oct 1999 19:33:33 -0500
From: Stephen Crowley crow@debian.org
Subject: [Livid-dev] DeCSS source

Hmm, this doesn't look like the source, just binaries.

On Thu, Oct 07, 1999 at 06:35:44PM -0500, Ted Milker wrote:
> The DeCSS source code is available on the DeCSS homepage at:
> 
> http://mmadb.no/hwplus/____MMSystem_275____/Decss.zip
> 
> Ted
> 
> 
> _______________________________________________
> Livid-dev maillist - Livid-dev@livid.on.openprojects.net
> http://livid.on.openprojects.net/mailman/listinfo/livid-dev
> 

-- 
Stephen Crowley

From jak@xmmoms.physics.ucsb.edu Thu, 7 Oct 1999 17:55:08 -0700 (PDT)
Date: Thu, 7 Oct 1999 17:55:08 -0700 (PDT)
From: Jamie Kennea jak@xmmoms.physics.ucsb.edu
Subject: [Livid-dev] DeCSS source

On Thu, 7 Oct 1999, Ted Milker wrote:

> The DeCSS source code is available on the DeCSS homepage at:
> 
> http://mmadb.no/hwplus/____MMSystem_275____/Decss.zip

For the words "source code" read "binary" here. No source code on that
page.

Jamie

From tmilker@radiks.net Thu, 07 Oct 1999 20:07:11 -0500
Date: Thu, 07 Oct 1999 20:07:11 -0500
From: Ted Milker tmilker@radiks.net
Subject: [Livid-dev] DeCSS source

Jamie Kennea wrote:
> 
> On Thu, 7 Oct 1999, Ted Milker wrote:
> 
> > The DeCSS source code is available on the DeCSS homepage at:
> >
> > http://mmadb.no/hwplus/____MMSystem_275____/Decss.zip
> 
> For the words "source code" read "binary" here. No source code on that
> page.

Oh it was there, he deleted it after I posted to the mailing list. I
know
its the source because I have it. I think some other people might have
snagged it before he deleted it though.

Ted

From jak@xmmoms.physics.ucsb.edu Thu, 7 Oct 1999 18:46:03 -0700 (PDT)
Date: Thu, 7 Oct 1999 18:46:03 -0700 (PDT)
From: Jamie Kennea jak@xmmoms.physics.ucsb.edu
Subject: [Livid-dev] DeCSS source

On Thu, 7 Oct 1999, Ted Milker wrote:

> Oh it was there, he deleted it after I posted to the mailing list. I
> know
> its the source because I have it. I think some other people might have
> snagged it before he deleted it though.

Hey - why not scan it for GPL'd code and if it's there - you can release
it to the world :o)

Jamie

From dvd@bdemskysgi.mit.edu Thu, 7 Oct 1999 21:38:19 -0400 (EDT)
Date: Thu, 7 Oct 1999 21:38:19 -0400 (EDT)
From: dvd@bdemskysgi.mit.edu dvd@bdemskysgi.mit.edu
Subject: [Livid-dev] DeCSS source

Not quite true... If all the author of the GPL'd part gives
permission for a person to use the code under a different license, it
doesn't matter that part of the code was once released under GPL.

For instance, kaffe.

Brian 

From ccheney@cheney.cx Thu, 7 Oct 1999 21:10:25 -0500
Date: Thu, 7 Oct 1999 21:10:25 -0500
From: Chris Cheney ccheney@cheney.cx
Subject: [Livid-dev] DeCSS source

Jamie,

Even if it contains code that appears to be gpl'd, if the author(s) of 
the code granted permission to use it under a different license then it 
would be you breaking the law by releasing the code.

Thought you might want to think about that.

Chris

On Thu, Oct 07, 1999 at 06:46:03PM -0700, Jamie Kennea wrote:
> On Thu, 7 Oct 1999, Ted Milker wrote:
> 
> > Oh it was there, he deleted it after I posted to the mailing list. I
> > know
> > its the source because I have it. I think some other people might have
> > snagged it before he deleted it though.
> 
> Hey - why not scan it for GPL'd code and if it's there - you can release
> it to the world :o)
> 
> Jamie
> 
> 
> 
> _______________________________________________
> Livid-dev maillist - Livid-dev@livid.on.openprojects.net
> http://livid.on.openprojects.net/mailman/listinfo/livid-dev

From laredo@gnu.org Fri, 8 Oct 1999 00:08:03 -0400 (EDT)
Date: Fri, 8 Oct 1999 00:08:03 -0400 (EDT)
From: laredo@gnu.org laredo@gnu.org
Subject: [Livid-dev] DeCSS source

> On Thu, 7 Oct 1999, Ted Milker wrote:
> 
> > Oh it was there, he deleted it after I posted to the mailing list. I
> > know
> > its the source because I have it. I think some other people might have
> > snagged it before he deleted it though.
> 
> Hey - why not scan it for GPL'd code and if it's there - you can release
> it to the world :o)

#1, this would presume the author didn't have other permission to use the
source code from the original author.

#2, it would be VERY VERY bad to release full source code to such a thing.
the company that produced the player that was cracked will be liable for
$1M in damages and have their keys revoked from all future dvd pressings
breaking their player and the cracked code. This is not a good way to
make friends.

Ideally, someone would instead analyze the algorithm and post an analysis
without tables or secrets to some place like sci.crypt. This keeps almost
everyone happy and presents the opportunity for many people to work on finding
a hole in the algorithm that would allow a purely mathematical attack rather
than brute force to retreive the other 400something potential disc keys
and the proper math to initialize the tables used for decryption.

Anyone who has access to source code to decrypt CSS would be wise to keep
it to himself, and at worst make a binary only release that's so obfuscated
that the origin can be well-hidden. A little birdie tells me that the
author of dodsrip will be releasing a linux binary very soon. This could
just be piped through NIST-0.6 and then everyone could finally play dvds
in linux.

-- Nathan Laredo
laredo@gnu.org

From digitech@mmadb.no Fri, 8 Oct 1999 11:56:01 +0200
Date: Fri, 8 Oct 1999 11:56:01 +0200
From: Jon Johansen digitech@mmadb.no
Subject: [Livid-dev] DeCSS source

Thank you very much for bringing the matter up.

We have in fact been granted a special license. Anyone
who might wish to confirm that, could just email Derek.

And as Nathan Laredo stated:
>#2, it would be VERY VERY bad to release full source code to such a thing.
>the company that produced the player that was cracked will be liable for
>$1M in damages and have their keys revoked from all future dvd pressings
>breaking their player and the cracked code. This is not a good way to
>make friends.

He has got a very good point there, and the ones of you who want
the source right away, should think about that.

- Jon
http://mmadb.no/hwplus


----- Original Message -----
From: "Chris Cheney" <ccheney@cheney.cx>
To: <livid-dev@livid.on.openprojects.net>
Sent: Friday, October 08, 1999 4:10 AM
Subject: Re: [Livid-dev] DeCSS source


> Jamie,
>
> Even if it contains code that appears to be gpl'd, if the author(s) of the
code granted permission to use it under a different license then it would be
you breaking the law by releasing the code.
>
> Thought you might want to think about that.
>
> Chris
>
> On Thu, Oct 07, 1999 at 06:46:03PM -0700, Jamie Kennea wrote:
> > On Thu, 7 Oct 1999, Ted Milker wrote:
> >
> > > Oh it was there, he deleted it after I posted to the mailing list. I
> > > know
> > > its the source because I have it. I think some other people might
have
> > > snagged it before he deleted it though.
> >
> > Hey - why not scan it for GPL'd code and if it's there - you can release
> > it to the world :o)
> >
> > Jamie
> >
> >
> >
> > _______________________________________________
> > Livid-dev maillist - Livid-dev@livid.on.openprojects.net
> > http://livid.on.openprojects.net/mailman/listinfo/livid-dev
>
>
> _______________________________________________
> Livid-dev maillist - Livid-dev@livid.on.openprojects.net
> http://livid.on.openprojects.net/mailman/listinfo/livid-dev
>
>

From bolson@certicom.com Fri, 8 Oct 1999 12:04:25 -0700
Date: Fri, 8 Oct 1999 12:04:25 -0700
From: Bryan Olson bolson@certicom.com
Subject: [Livid-dev] DeCSS source

laredo wrote:

> #2, it would be VERY VERY bad to release full source
> code to such a thing. the company that produced the
> player that was cracked will be liable for $1M in
> damages and have their keys revoked from all future
> dvd pressings breaking their player and the cracked
> code. This is not a good way to make friends.

A binary release is about as bad. There's no way
we can hide from the DVD consortium which key(s) a
ripper uses. They know _all_ the keys, and can
burn disks that only allow access with subsets of
the player keys. If the ripper works, then it
holds one of the keys from the disk's subset. The
problem is especially easy if the ripper only uses
one key - a simple binary search reveals which
one.

I expect the DVD establishment was already set up
to carry out such tests. The problem has been
fairly well studied within the crypto community.
European pay-TV systems are occasionally faced with
cracker boxes that hold maybe a dozen out of
several million subscriber keys.


Can you cite a reference for the $1M in damages
claim?


--Bryan

From laredo@gnu.org Fri, 8 Oct 1999 15:18:36 -0400 (EDT)
Date: Fri, 8 Oct 1999 15:18:36 -0400 (EDT)
From: laredo@gnu.org laredo@gnu.org
Subject: [Livid-dev] DeCSS source

> > #2, it would be VERY VERY bad to release full source
> > code to such a thing. the company that produced the
> > player that was cracked will be liable for $1M in
> > damages and have their keys revoked from all future
> > dvd pressings breaking their player and the cracked
> > code. This is not a good way to make friends.
> 
> A binary release is about as bad. There's no way
> we can hide from the DVD consortium which key(s) a
> ripper uses. They know _all_ the keys, and can
> burn disks that only allow access with subsets of
> the player keys. If the ripper works, then it
> holds one of the keys from the disk's subset. The
> problem is especially easy if the ripper only uses
> one key - a simple binary search reveals which
> one.
> 
> I expect the DVD establishment was already set up
> to carry out such tests. The problem has been
> fairly well studied within the crypto community.
> European pay-TV systems are occasionally faced with
> cracker boxes that hold maybe a dozen out of
> several million subscriber keys.
> 
> Can you cite a reference for the $1M in damages
> claim?

See the CSS licence agreement. It is available from MEI.

It would appear as though we may soon have about 40
secret keys at our disposal. I cannot confirm this
yet, but I did hear a rumor of something to the effect.

-- Nathan Laredo
laredo@gnu.org

From bolson@certicom.com Fri, 8 Oct 1999 13:04:46 -0700
Date: Fri, 8 Oct 1999 13:04:46 -0700
From: Bryan Olson bolson@certicom.com
Subject: [Livid-dev] DeCSS source

Nathan Laredo:
> > > the company that produced the
> > > player that was cracked will be liable for $1M in
> > > damages

Bryan Olson:
> > Can you cite a reference for the $1M in damages
> > claim?

Nathan:
> See the CSS licence agreement. It is available from MEI.

I think you have misunderstood. The damages are
based on material breaches of the agreement, not
whether the required mechanisms are effective.

--Bryan

			        About USENET

USENET (Users’ Network) was a bulletin board shared among many computer
systems around the world. USENET was a logical network, sitting on top
of several physical networks, among them UUCP, BLICN, BERKNET, X.25, and
the ARPANET. Sites on USENET included many universities, private companies
and research organizations. See USENET Archives.

		       SCO Files Lawsuit Against IBM

March 7, 2003 - The SCO Group filed legal action against IBM in the State 
Court of Utah for trade secrets misappropriation, tortious interference, 
unfair competition and breach of contract. The complaint alleges that IBM 
made concentrated efforts to improperly destroy the economic value of 
UNIX, particularly UNIX on Intel, to benefit IBM's Linux services 
business. See SCO v IBM.

The materials and information included in this website may only be used
for purposes such as criticism, review, private study, scholarship, or
research.

Electronic mail:			       WorldWideWeb:
   tech-insider@outlook.com			  http://tech-insider.org/