log (2002/06/14 to 2002/06/20) |
older log newer log |
Thursday, June 20, 2002
A couple of responsible citizens express their support for the Digital Terrorism Prevention Act: DTPA is great! The Consortium appreciates your good wishes. In recognition of your efforts in the war against digital terrorism, we are granting you a 5% discount off of this week's license fee. Remember: Consume, But Don't Try Programming Anything. Unfortunately, some content users are still confused about the structure of the economy; a reader writes: Applying economic models based on the production of goods to the production of information just doesn't work out all that well, does it? It works very well, as long as the appropriate enabling legislation is enacted in a timely manner. From flutterby, let's talk about axes of evil: Conservative U.S. Christian organizations have joined forces with Islamic governments to halt the expansion of sexual and political protections and rights for gays, women and children at United Nations conferences. I tell ya: gays, women, and children get all the good enemies. I think it'd do alot for my self-image if there were hosts of morons out there trying to restrict the rights of straight adult males. From Strange Brew, a fascinating list of the drugs we're taking. (The legal ones, that is.) Among other things, this is a Hall of Fame for the thriving Product Naming Industry. Infectious Diseases in Bricks. SpinSanity suggests that President Bush has been lying, repeatedly and consistently. Can it be? Search o' the Day: "unauthorized autobiography". Hey look! Even smart-sounding places like NPR can have really stupid webmasters (or lawyers, or something). NPR, here's your sign. Why I hate teleconferences: "Yeah, I'm Kurd Wannawa, and I work for Foonrmn Pefflbinr on the brofembium of wroffle tunnigsa. My main interest today is collisey sarrisey stap, and also brocklin stortan fta-moo um." At least that's what it sounded like to me. From gorjuss, the Greenpeace Weblog. (I decided a few years ago that Greenpeace was a bit too statist, or perhaps stasist, for me, but I still kinda admire them from afar just for the trouble they cause.) Neat to see the stream of consciousness of an organization. I'd love to see the Justice Department weblog... More non-Microsoft Security Bugs: Multiple Vulnerabilities in Yahoo! Messenger: There are multiple vulnerabilities in Yahoo! Messenger. Attackers that are able to exploit these vulnerabilities may be able to execute arbitrary code with the privileges of the victim user. For purposes of this question only, you may assume the existence of life on other planets. Autre temps: Autre mores.
Thank you for your interest in the Digital Terrorism Prevention
Act of 2004.
This document provides answers to some of the more
common questions that content users have about the
Act and its consequences.
What is the Digital Terrorism Prevention Act of 2004?
The Digital Terrorism Prevention Act of 2004 (hereinafter DTPA,
or the Act), extends and completes previous legislation, including the
Digital Millenium Copyright Act of 1998
and the Consumer Broadband
and Digital Television Promotion Act of 2003, to provide you,
the content user, with access to an array of options for
the enjoyment of multimedia content, while protecting
society as a whole against losses resulting from the
theft of that content by digital terrorists.
Where does the DTPA apply?
The DTPA itself applies only within the United States of
America, but similar laws have also been enacted in the
European Union, Japan, Russia, Greater China, and a
number of other states.
The Digital Terrorism Prevention Accord of 2005 binds
all 167 signatory nations to respect and co-operatively
enforce each other's laws on the subject of digital
terrorism and content theft.
What are the provisions of the DTPA?
The most significant provisions of the DTPA extend the range of
multimedia options available to content users by providing a
secure foundation for content delivery, and provide
mechanisms for individuals and other
independant content producers to make their content available
to others securely and conveniently.
A key component of this secure foundation is the
prohibition of the manufacture, distribution, or sale
of Digital Theft Devices.
What is a Digital Theft Device?
A Digital Theft Device is any mechanism that can be used to
carry out acts of digital terrorism or commit content theft.
This includes any device which is capable of copying
digital data that does not have a valid content signature,
of disobeying the instructions contained in valid content
signatures, or of failing to receive authorized content
signature updates from the Internet.
Instructions for modifying legitimate mechanisms so that
they become Digital Theft Devices are themselves
considered Digital Theft Devices.
In contrast to Digital Theft Devices, Compliant Media
Devices support the secure delivery of media content,
and the requirements of the DTPA.
All digital media devices legally available for sale
in the United States and other signatory nations
are Compliant Media Devices.
What is a content signature?
A content signature is a cryptographically protected piece
of data that is affixed to every legitimate media content
object, to allow the content user to securely access and
enjoy the content.
Content signatures are created and affixed by the content
producer.
They both ensure that the producer of a given piece of
content can be identified, and specify the ways in which the
content user is permitted to experience the content.
A content signature may specify the time period during
which the content may be played, the digital identifiers of
the Compliant Media Devices which are authorized to play the content,
and so on.
By providing a rich set of options for the use of
signed media objects, these signatures allow content
producers to offer you, the content user, an array
of choices in your use of media content.
What do I need to do to experience content protected under
the DTPA?
You need do nothing special at all!
A consortium of industry, government, and consumer groups has
worked hard to minimize the impact of the DTPA on you,
the content user.
You need only purchase a Compliant Media Device from your favorite
merchant, purchase a license to whatever content you choose to
enjoy, and then enjoy that content freely for as long as you
choose to continue paying the license fee.
What do I need to do to produce my own personal digital
content, such as home movies?
To produce your own personal digital content, you must obtain
a Personal Content Signing Key (PCSK) from the Consortium.
PCSKs are available for a nominal fee, upon valid proof
of identity.
Once you receive the magnetic card containing
your PCSK, simply insert it into your digital video
recorder or other Compliant Recording Device, and your
personal digital signature will be affixed to all
of your recordings.
Recordings made with a PCSK may be copied freely
among Compliant Media Devices.
What do I need to do to view digital media content produced
before the Act went into effect?
Unsigned digital media content, such as digital home movies
that were created on devices manufactured before the Act went
into effect, may not be viewed directly by Compliant Media Devices.
If you possess such content (sometimes known as Legacy Content),
you may use a Personal
Content Signing Key and a Compliant Legacy Signing Device
to produce a signed version of the content.
When you sign a piece of Legacy Content with a PCSK,
you specify the digital identifiers of up to twenty (20)
Compliant Media Devices that will be permitted to display
the content.
So using your PCSK, you can make those old home movies
available to the whole family!
(In order to prevent the exploitation of Legacy Signing
by digital terrorists and content thieves, the identifiers
of the devices that you authorize to display a given
piece of signed Legacy Content are registered with a
central server; if it is determined that a PCSK has
been used to make a given piece of Legacy Content
available to an impermissible number of Compliant
Media Devices, that PCSK will be subject to revocation.)
What is Signing Key Revocation?
Digital terrorists and content thieves sometimes attempt to
misappropriate media content by converting it into
analog form, digitally recording the result, and signing
it with a stolen signing key so that it may be played by
Compliant Media Devices.
When a signing key is found to be in use for such illegal
acts, the Consortium will broadcast a Signing Key Revocation
message to all Compliant Media Devices.
Once a Compliant Media Device receives a revocation message
for a particular signing key, it will no longer play any
content signed by that key.
Guard your personal signing key well!
If your PCSK is stolen and used by digital terrorists,
it will be revoked, and no Compliant Media Device will
play any content that you have signed.
You will be unable to produce any playable content until
you obtain a new PCSK through legal action.
I am a member of an independant content production group,
such as a "garage band"; how can I produce media content
that enjoys the protection of the DTPA?
Most independant content producers find it most efficient
to enter into an agreement with a Consortium member.
For a modest fee based on a percentage of resulting
revenue, the Consortium member will sign your content with
its own signing key, and make the resulting media object
available to content users through its own distribution
network.
This arrangement allows content producers to enjoy the
fruits of their creativity, without becoming experts
at the sometimes complex technology of content protection.
I am a designer of a digital device such as a
"personal computer", and I want to spend my energies
creating exciting new technology, rather than in understanding
and implementing the requirements of the DTPA [or] I am
a user of such a device, and I want it to be
designed to serve my interests, rather than the
interests of the Consortium.
We don't always get everything we want, do we?
I used to think it was annoying when I had to go to a meeting; it meant like an hour during which I could neither code nor surf the Web with my eyes glazed over. Yeah, I used to think it was annoying when I had a meeting. Today I had six. Of course, the coming of laptops and wireless LANs has somewhat reduced the impact of these things, as now one can code and surf the Web during meetings. But not nearly as efficiently. Typo o' the Day: wirelass. Logo o' the Day: the World Yo-Yo Contest. Lawsuit challenges copy-protected CDs. Equal-time for non-Microsoft security bugs: Remotely exploitable code-execution hole in Apache. Ouch! Interesting habit the British Government (BritGov) has, giving brand names to its various organs. See for instance Oftel and Consignia. How would this play in the United States? Well, we have AmTrak; does that count? What's friendlier: "Office of Homeland Security" or, say, "HomeSecure"? Of course, the latter is taken (several times over). Maybe the gov't could spend a few million dollars to hire someone to come up with a name like "Liffertom" or "Secutonia". ...it seems unlikely that the lack of a permit would preclude criminals from knocking on doors and engaging in conversations not covered by the ordinance... -- Readers may or may not be aware of this Log's RSS feed, which has been available for some time. The current feed consists of one item for each entry, and the item is a very brief (and often somewhat wonky) description of the entry, and a link to it. This "headline" style of RSS feed is mostly useful to (ta-da) headline-style RSS readers. There's another style of RSS feed, where each item in the RSS file holds the entire content of an entire weblog entry. I've had a request from a reader for an RSS feed in that style also, and while I think about How Hard It Would Be, I thought I'd ask y'all for your feedback: if I were to provide an RSS feed where each item contained an entire log entry (rather than just a link to one), would you use it? Write me, or type something in the input box, and let me know (especially if the answer is "yes"). A reader suggests an alternate universe in which e has made a Mia sighting: There was reasonably extensive damage to the front of my car, including the front bumper, the hood, and that bar thing protecting the radiator. The car behind me was a red sport sedan, NY license -------; I did not get the make or model. The driver was Mia ------, telephone number ------------. Her driver's license gave her address as "------ ---, S-----, NY". Her car was insured by State Farm Insurance, policy number --- ------------. The hood of that car was seriously crumpled, and the grill and front bumper were damaged. A spammer (or something) writes: If you are in possession of blue or red time warping moon crystals, I need some! Please make me an offer. which is at least different. a quick Web search reveals that I'm not the only one. From Daze Reader, a very thoughtful article on a favorite subject: Why does porn got to hurt so bad? Worth reading (warning: some links lead to pictures of naked people). Lots of interesting links in the latest Crypto-gram. Let's see:
That last one is interesting to me because it's about ASN.1, and I've so far actively avoided learning anything about ASN.1. At the moment I'm thinking of it as the same as XML, only done back when bandwidth was scarce, and it was still fashionable to worry about how big your data objects were. Those who, like me, know a bit about XML and not much about ASN.1, and like our knowledge concrete, may find this interesting and/or useful: a project to convert from ASN.1 to XML (and v-v). Still queued up: the assedness poll, lots of reader input, and perhaps a chance to twit Justice Scalia. No, apparently I'm not back in the habit yet. Odd things, habits; getting the DSL line at home gives me more and faster access to the Net, but just because it's changed the way that I do things, there's no longer a little slot in the day when I automatically think "time to post the weblog!". Instead there's a little slot at the very end of the day when I think "shucks, forgot to post the weblog again". How do you tell remarkable creativity from just having too much time on your hands? IBM's 'Millipede' Project Demonstrates Trillion-Bit Data Storage Density. Very cool. And every single news article has to pick out and highlight the reference to punch cards (often in the headline), even though it's really not much like that at all. Avoid this site at all costs. Really. Windows Arcana o' the Day: How to Stop an ActiveX Control from Running in Internet Explorer. So I went to my registry to see if the "kill bit" is currently set for any ActiveX controls, and lo there are a whole bunch. No doubt some Microsoft thing that I've installed set them, to spackle up various security holes. I only had the energy to look up one, chosen at random. It was the Telnet server, which was once a known security hole; with the kill bit set one hopes it no longer is. Note the underlying philosophy here: ActiveX is a convenient interface to programs, so make lots of programs (like the Telnet server) ActiveX controls. Then when someone notices that there might be a problem with allowing any random Joe Badguy's web page to cause one of those programs to run, set a bit in the registry that tells IE never to load that one. Yowch! So sitting here on a rather dismal Friday, let me tell you in great detail about last Sunday (because it was sunny and idyllic and non-dismal). Heartwarming Suburban Sunday: sleep until sometime after 8am, go out to the kitchen, melt 18 oz of semi-sweet chocolate chips and one can (14 oz?) of sweetened condensed milk over a low flame, remove from heat and add 1 1/2 tsp of vanilla extract, 1/2 cup of crushed walnuts and a dash of salt. Stir well, pour into wax-paper lined square pan, cover with wax paper, put into the refrigerator for two hours or until time to leave for the potluck. Look in on little daughter, who is still asleep, being all tired from yesterday's ballet recital (and who wisely decided not to put in an appearance at a friend's birthday party afterward). Put on pants and a shirt over nightshirt, drive off to the bagel store, return with bagels and lox and stuff. Poke at fudge, which is still slightly soft. Put together bagels and lox, gently wake up little daughter so she can come and lie in the big bed and we can all eat bagels and watch cartoons together. Get dressed, go to the grocery, buy consumer goods. On return from the grocery, leave M to put consumer goods away, cut up fudge and return it to fridge, put on sneakers and work gloves, go down to the lake for the Spring Cleanup. Help the Guys get the floating dock out into the water, narrowly avoid falling into the lake while trying to get a float line untangled from a bush. Run back home, get the fudge and the little boy in time for M to take the little daughter off to warmups for today's ballet recital. (Down at the lake again, one of the Guys expresses admiration for the fact that I'm going to both recitals; "I can't take more than one of those a year, myself". Somehow this isn't a problem for me: sit in an auditorium for a couple of hours watching lots of lovely young women (and a few lovely young men) dance? Hey, twist my arm!) Leave the little boy briefly in the care of one of the Moms, run up to the house to get ready to go to the recital, drive down to the lake, get the little boy, encourage him to have some pizza and fudge, drop him off at home, drive off to the recital. Sit in an auditorium for a couple of hours watching lots of lovely young women (and a few lovely young men) dance. Applaud wildly, pluck the little daughter from the crowd of emerging little daughters, don't take any pictures of her in the parking lot outside ("Here?? Daddy!!"), drive her home and take some pictures there ("Delete that one you took when I wasn't ready"), have some dinner (I think; did I eat dinner that day?), allow the kids to convince us that the Big Tub of Water is finally ready for occupancy. Splash! The temperature was up to like 66°F; nice and brisk. |
top |
earlier entries |