Deprecated: Assigning the return value of new by reference is deprecated in /nfs/c03/h02/mnt/52932/domains/ on line 472

Deprecated: Assigning the return value of new by reference is deprecated in /nfs/c03/h02/mnt/52932/domains/ on line 487

Deprecated: Assigning the return value of new by reference is deprecated in /nfs/c03/h02/mnt/52932/domains/ on line 494

Deprecated: Assigning the return value of new by reference is deprecated in /nfs/c03/h02/mnt/52932/domains/ on line 530

Deprecated: Assigning the return value of new by reference is deprecated in /nfs/c03/h02/mnt/52932/domains/ on line 103

Deprecated: Assigning the return value of new by reference is deprecated in /nfs/c03/h02/mnt/52932/domains/ on line 21

Deprecated: Assigning the return value of new by reference is deprecated in /nfs/c03/h02/mnt/52932/domains/ on line 623 » Nobody owns numbers

nerd nouveau

Nobody owns numbers

In the aftermath of the recent Digg revolt (see my post here), people are now discussing wether the HD-DVD consortium (or anybody else, for that matter) can rightfully claim to “own” a number. I’m especially referring to some posts on Boing Boing, one of my favorite blogs (the posts are here, here and here).

I’m totally agreeing that DRM as well as its protective companion, the DMCA act (and its European spin-offs) are almost obscene laws that greatly impair my concept of “free use”, such as the ability to rip my media so that I can put them on an Apple TV, watch them on my iPod or simply to back them up. What I’m not agreeing with are some of the arguments presented.

Felten points out that it’s not just censorship that’s upsetting the Internet — it’s the absurdity of claiming to own a number:

Cory Doctorow on BoingBoing

If the AACS LA actually claims to “own” a number, then yes, this is absurd, but I do not think that this is what’s going on. Rather than owning the number, it is one of their trade secrets. The number as a number is totally irrelevant, it’s the fact that it has been chosen to be an HD-DVD decryption key that is important. Therefore, this trade secret can only be violated in a context, i.e. the one of an HD-DVD crack. By itself, nobody “owns” (or claims to own) the number.

As an example, assume that some physicist counted the amount of particles that make up the moon, and this number happens to be exactly those 128 magical bits that the whole internet is raving about. Said physicist could have posted this number a billion times without the AACS LA ever sending a cease-and-desist notice. Why? Because the context is not given. This inconspicuously looking 16 byte hex string is only relevant and interesting in the context of being an HD-DVD decryption key. It is not at all about the number’s attribute of being a number, it’s all about its context in the AACS algorithm.

That said, the number (being part of a content protection algorithm) is protected by the DMCA. Yes, this act is disgusting, I’m not saying anything against anybody who’s pointing that out. But no, nobody claims to “own” a number here: It is not as if somebody’s copyrighting a random number and suing everybody that’s using it. Making it look like this is just mere populism through which the anti-DRM crowd tries to make their cause heard by the general public. I, considering myself part of this anti-DRM crowd, would greatly appreciate it if this event was used to talk about the evilness of DRM in itself, rather than pondering on how absurd it is to own a number. It is just besides the point, as the controversy is not about the number, but its function as a decryption key.

The MPAA and RIAA are conspiring to unmake America, to turn this into a country where free expression, due process, and the rule of law take a back-seat to a perpetual set of governmental handouts intended to guarantee the long-term profitability of a small handful of corrupt companies.

Cory Doctorow on BoingBoing

Again, I think this is populism: Neither the MPAA nor the RIAA are (in this one particular case that we are referring to here) constraining anybody’s right to free expression. We’re talking about a decryption key here, after all! Following this logic, everybody who is pursuing an interest in not having their secret, private key published is inherently undermining the concept of free expression. Actually, I find this to be quite absurd.

None of these corporations is concerned with free speech or expression, their agenda is to protect their content, which they currently do by sticking DRM onto it, and safe-guarding this DRM by the fact that it’s unlawful to circumvent them because of the DMCA. Therefore, I find it to be more constructive to focus on DRM in itself and spread why DRM measures limit a consumer’s abilities to use their lawfully purchased content, rather than raging against the content industry’s profits or claiming that they are fighting against free expression. Such accusations are just too outrageous, so that they can be easily refuted by those companies in front of a wider audience, marginalizing the anti-DRM crowd into some group of ardent, but naive activists.

Michael says that this doesn’t impact free speech — that it’s possible to discuss the crack and DRM in general without reproducing the key. I think he’s wrong. I just taught a class at USC where we talked about this crack as part of our coursework, and part of my lesson was talking about the ease with which this information can be retrieved and spread — and how that makes anti-copying systems futile. For my students, seeing just how little information was needed to undo the AACS scheme was critical to understanding its fragility.

Cory Doctorow on BoingBoing

Huh? If you want to show a group of students how little information is needed to crack AACS, why is it necessary to reproduce the actual decryption key. Wouldn’t any 16 byte number do it? After all, it’s just about giving the students a feeling of how small such a decryption key actually is. There is no additional information in the actual key that could help the students understand this fact. It’s about how short 16 bytes are. I would have showed a random 16 byte hex string (or maybe even a random 16 character expression, such as “DRM is very evil”, if it’s not a technical crowd) to get my point across.

Using the actual key is just a provocation. Again, this is only undermining the anti-DRM cause, as it’s expanding on the rebellious “pirate” image anti-DRM activists are often associated with. I’ve never seen the actual garage in which Steve Jobs and Steve Wozniak kicked off Apple, yet I’ve still understood the point of the story…

Consequently, I don’t think the discussion about DRM should be stuck with this one random number. Instead, the recent publicity could be used to steer the direction into a constructive direction. Rather than pondering on wether somebody claims to “own” a number (which they clearly don’t), it’s a good time to talk about why DRM is in itself a bad thing for the community of consumers, rather than ridiculing anybody for how easy it was to crack AACS or how futile their attempts to hold back the information are. After all, we do not want DRM that’s super-hard to crack (because of hardware tricks such as chip on-board packaging, epoxy/aluminium powder tricks or ball-grid array designs), we want no DRM at all.


Hi, how are you? My name is Georg Kaindl, and I'm a twenty-something from Vienna, Austria. During the day, I'm a CS student at the Vienna University of Technology, but at night, I turn into an independent software developer for the Macintosh platform, social nerd, lazy entrepreneur and intuitive researcher.

I like to write about everything that matters to considerate technology enthusiasts, but humbly retain the right to go off-topic from time to time.

My posts are licensed under a Creative Commons Attribution 3.0 License.


You can reach me by email if you have something to say that's not related to a blog post or that you don't want to have publicly available as a comment to a post.

However, you'll have to prove that you are human! Even though I personally like robots very much, I'm less of fan of SPAM. It's just a simple riddle to solve, but a SPAM bot won't cut it!

To get my email address, take the word before the .com in my domain name first (Hint: The word you are looking for starts with a "g" and ends with an "l"). Next, simply attach to this word.

Boom, there's my email address. Simple, isn't it?

Powered by WordPress

Comments RSS

Entries RSS