There have been two encouraging items in recent news about victories by crackers (the computer kind, not Tea Partiers) against the Copyright Nazis.
The first was the publication on September 13 of a master key to the HDCP video encryption standard.
The second was a complicated series of events involving Distributed Denial of Service attacks on the MPAA and RIAA websites. The RIAA and MPAA, it seems, had hired a firm in India (AiPlex Software) to launch DDOS attacks on various torrent sites that refused to cave in to their legal demands. “Anonymous” (the swarm persona adopted by folks at 4chan /b/) decided, in response, to launch retaliatory DDOS attacks of its own (“Operation Payback”). Interestingly, although the Indian firm was originally the primary target, it went down before they could get started in the face of independently organized botnet attacks.
As part of the same group of attacks, Anonymous took down the website of ACS:Law, one of the shadiest and most unethical DMCA extortion operations around, leaking their email archives to the public.
Congratulations to everyone involved in these heroic kicks in the teeth to the enemies of freedom!
Meanwhile, there’s another enemy of freedom that could use a good kick in the teeth. Federal law enforcement is seeking legislation which would require that all net-capable communications devices be equipped with a wiretap backdoor. It would also require online services that enable encryption, and vendors of encryption tools, to be capable of complying with a wiretap order.
Hooray! If such legislation is passed at the behest of the police state, the U.S. government will officially join those of China and Iran in the first rank of enemies of digital freedom.
Sounds pretty hard to enforce in practice. I predict that if the legislation is passed, it will just 1) create a market for hacks to jailbreak the backdoor, and 2) create an incentive for open-source, distributed manufacturers to produce knockoff devices without wiretap backdoors.
And I don’t see how this can stop individual use of open-source encryption tools that are freely available without any vendor’s control, or to prevent individuals from releasing versions of OpenPGP, GnuPGTor, etc., that defy the mandate. In that case the feds would have to gain control of hard drives either remotely or through physical invasion in order to obtain the keys, or install keystroke monitoring software — stuff that they can already do, but is inconvenient enough to make them push for ways like this to make it easier. In the end, the only “enforcement” means would be unenforceable anti-circumvention measures like those in the DMCA.
They might try subjecting Internet traffic to deep packet inspection, but distinguishing messages encrypted with secure technology from those using authorized encryption tools sounds like a nightmare for Big Brother.
Every attempt by governments to impose totalitarian lockdown on the Internet is thwarted by the dynamic forces of a free society. Such laws are always trampled underfoot with the contempt they deserve. This will be no different.