DMCA Wins Again

[tonybradley]

N2H2 Inc. can use the Digital Millennium Copyright Act (DMCA) to stop a researcher from attempting to reverse engineer its Web filtering product, a judge ruled last week.

Harvard Law student Benjamin Edelman says he wants to crack the filtering tools to test them. Edelman planned to hack into N2H2's cryptography-protected list of filter parameters, but, fearing prosecution, sought court protection. Edelman and the ACLU believe filters, used at libraries and schools, limit free speech.

In a written decision, U.S. District Judge Richard Stearns found "no plausibly protected constitutional interest" that would overcome "N2H2's right to protect its copyrighted property from invasive and destructive trespass."

N2H2 didn't respond to requests for comment. Edelman says no decision has been made on appealing, but adds that N2H2's public list of filtered sites isn't enough for rigorous testing.

"Suppose you wanted to know which .gov sites are classified as pornography. Or to see what sites N2H2 calls pornography this week, that last week were not," he says. "N2H2's online database site would not allow any of these kinds of research, but you can see why it would be important."

Full Article

I am not a fan of the DMCA at all. I think it has been mis-interpreted, mis-applied and generally abused since it was created. I think this is another example of that. If the security of your product is flawed a programmer / researcher should be able to determine that and bring it to your attention and / or release that information to the public if you choose to do nothing about it.

I don't think software vendors should be able to use the DMCA to hide behind. If the product is flawed and vulnerable the buyers of that software should be notified. Using litigation and fear tactics to squash vulnerability research doesn't make the product more secure.

[King of CaveMen]

He should try to appeal, and I also beleive someone should go ahead and do this anyway.

[sickyourIT]

one of the reasons why their are so many problems with the DCMA is that it's always going to be out of date. Technology changes everyday, and so limiting what can and can't be done with one Doc isn't going to work. A serious look needs to be taken at technology in general, and the government needs to decide what to do. Computers are no longer just tools for our jobs, or household appliances. They are becoming a part of our lives, and the Gov't needs to realize that.

[tonybradley]

The Michigan state Super-DMCA law which went into effect on March 31, 2003 is beginning to make an impact:

A University of Michigan graduate student noted for his research into steganography and honeypots -- techniques for concealing messages and detecting hackers, respectively -- says he's been forced to move his research papers and software offshore and prohibit U.S. residents from accessing it, in response to a controversial new state law that makes it a felony to possess software capable of concealing the existence or source of any electronic communication.

"Super-DMCA" Fears Suppress Security Research

It seems that both the federal and the state-level DMCA laws have a significantly greater impact on legitimate users than they do on those they were intended to catch. Creating a law to stop the illegal activities of the lawless is a wicked irony. The problem with laws is that only the lawful follow them.

In the end, the companies and industries that might be embarassed by the findings of legitimate researchers and developers wield the broad wording of the law to oppress and prosecute the lawful which is why the broad wording is so dangerous to begin with.

[bballad]

I wonder if we can bring charges agenst the state of Michigan..all you need to do is get someone from inside the goverment network o view your website...I am sure they are useing NAT and a firewall so as soon as they view your page they are in violation of the super DCMA tehy passed and you could sue them. This of cours would take someone with time and money and a lawer on retainer.

[King of CaveMen]

Laws don't really stop anyone, if they did noone would break the law. Someone will do it, under wraps and whent hey do it, release it on something like kazaa,make headlines and they will have to deal with it.

Remember that DVD jon guy? He beat the system. So can everyone else.

[ZomBieMann77]

It seems to me they just need to come up with a better way to enforce the laws they have allready on the books instead of coming up with new ones. Does anybody actualy think that the DCMA is going to realy discourage any serious hackers? Its just like some gun controll laws. They dont stop the gangsta's from carrying guns do they?

[King of CaveMen]

Your right zombie, laws are neccsary to persucute the people but the serious people don't give a damn. And one or another it will get done, but they chose to make headlines about it.