Illegal numbers

toreblogallthethings:

cipherface:

image

Between the time when the oceans drank Atlantis, and the rise of Silicon Valley,
there was an age undreamed of…

Movies were sold on big reels of tape, wound up inside little plastic boxes.

image

And played on machines called VCRs.

image

And if you wanted to create a copy of a movie, you could hook two of these machines together and do it with no problem. In fact, it was ruled in a court of law that it was a fair use of someone elses copyrighted movie to make yourself an archival copy, so that if your tape broke, or the machine ‘ate it’ you wouldn’t have to buy another one.

Hollywood didn’t care for this.

So, when the digital age dawned, someone came up with the bright idea of selling movies on DVDs. And one of the big selling points, so far as Hollywood was concerned, was that you could encrypt the data of the movie on the disc, and put hardware to decrypt it in the DVD player, in such a way that it wouldn’t play if two DVD players were hooked together, and so that someone who put a DVD into a computer couldn’t copy it.

Techies and hackers didn’t care for this.

So, they started trying to figure out how to cryptanalyze the DVDs, which were encrypted with a tech called CSS, for Content Scrambling System. And they didn’t have much luck, because crypto is hard, and breaking it is harder. And then one day they caught a lucky break.

Some manufacturers of DVD players, from Taiwan iirc, put out a new product, one of which was bought by a hacker somewhere, who tinkered with it and realized that the makers had made a mistake. They hadn’t properly protected the chips that contained the CSS decryption key, which allowed this guy to get access to it and copy it. He then created a program called DeCSS, which would allow you to put a DVD in a computer and then ‘rip’ the data to your hard drive, then write it to another DVD. He posted it online, and within hours the news, and copies of the key and code, had spread all over the world.

Hollywood flipped their shit over this.

They brought the legal hammer down on this guy, and it ended up in court. He said he had a right, as per the previous Fair Use ruling, regarding VHS tapes, to copy DVDs as well. When people had previously complained that encryption was stripping them of their rights, Hollywood had argued that there was nothing in the law that said they had to make copying easy, and basically challenged them to figure out how to break it. In the court case, Hollywood argued that under a new law that had passed, the Digital Millenium Copyright Act, it was illegal to circumvent an DRM, or Digital Rights Management system. The plaintiffs counter-argued that they hadn’t really reversed engineered anything, that the dumb machines had been built wrong, that they had a right to tinker with it and see how it worked.

So, sitting between these parties was a judge who… to put it kindly, was probably in over his head. Probably some old guy, the kind of guy who still owned a VCR with the clocking blinking 12:00 PM because he didn’t know how to adjust the time. An old grandpa sorta guy. Maybe not a bad guy, just clueless about how tech works. So, when Hollywood argued that there should be some sort of injunction against the spread of the DeCSS software online, that it should be illegal for people to host it, or for others to download it, or to tell people how it worked, or even to link to it, gramps said, “Sure, why not? Here you go, here’s an order that says it’s illegal to possess this software.”

Well, the tech people freaked out about this, because it contradicted a number of already established precedents. Like Phil Zimmermann publishing the source code of PGP and shipping the books containing it to Europe, despite the fact that the encryption tech it contained had been ruled a munition that couldn’t be sold overseas. The precedent, that code was speech, and therefore subject to first amendment protections, seemed to be being thwarted in the DeCSS case. And the tech/hacker community wanted to make it clear that they weren’t going to stand for that.

So, some bright person somewhere, went out and got himself a shirt made, that had the source code of DeCSS printed on it, along with some quote from the order basically saying that it was illegal to buy or own this shirt, then started selling them on his website. This clever idea opened a floodgate of people coming up with unique ways to spread the source code of DeCSS, in a way that was tempting the court to try to stop them, on the grounds that the ruling would then go to a higher court and be turned over on first amendment grounds.

“Take t5’s low byte
(AND t5 with two hundred
fifty five) to put it

in the ith byte of
the vector called k.  Now shift
t5 right eight bits;

store the result in
t5 again.  Now that’s the
last step in the loop.

No sooner have we
finished that loop than we’ll start
another; no rest

for the wicked nor
those innocents whom lawyers
serve with paperwork.”

Quote from a long haiku that gives step by step instructions for implementing DeCSS

One of these people, Phil Carmody, raised an interesting argument. He said that software is just numbers. In fact, every piece of software is a single number, that is also a infinite number of numbers (or practically so) as there are nearly an infinite number of mathematical conversions or encodings you can perform on a number. So he wrote a little script version of DeCSS, then converted it to a number, then started to look to see if this number was the same as another somewhere. Was it hidden somewhere in pi? Or the Golden Ratio? What if you doubled it? or added 1 to it?

And after some searching, he found a list of the largest known prime numbers, wherein the 19th largest prime that had been found by that time, was the same as his code for DeCSS. So he posted this info online, and said, “If you go to this website, take this prime number, and save it in a file, then compile it, the output is this piece of software that is illegal to possess, transmit, or share information about.” Here it is, by the way:

485650789657397829309841894694286137707442087351357924019652073668698513401047237446968797439926117510973777701027447528049058831384037549709987909653955227011712157025974666993240226834596619606034851742497735846851885567457025712547499964821941846557100841190862597169479707991520048667099759235960613207259737979936188606316914473588300245336972781813914797955513399949394882899846917836100182597890103160196183503434489568705384520853804584241565482488933380474758711283395989685223254460840897111977127694120795862440547161321005006459820176961771809478113622002723448272249323259547234688002927776497906148129840428345720146348968547169082354737835661972186224969431622716663939055430241564732924855248991225739466548627140482117138124388217717602984125524464744505583462814488335631902725319590439283873764073916891257924055015620889787163375999107887084908159097548019285768451988596305323823490558092032999603234471140776019847163531161713078576084862236370283570104961259568184678596533310077017991614674472549272833486916000647585917462781212690073518309241530106302893295665843662000800476778967984382090797619859493646309380586336721469695975027968771205724996666980561453382074120315933770309949152746918356593762102220068126798273445760938020304479122774980917955938387121000588766689258448700470772552497060444652127130404321182610103591186476662963858495087448497373476861420880529443

Carmody argued, if the ruling that it’s illegal to do these things with the DeCSS software
holds up, then it’s also illegal to possess, transmit, or share
information about this prime number.  It will become an illegal number. It would have to be redacted from websites, and whatever books it might appear in. People searching for new primes, or any other number, will have to worry about sharing them online, that they are on some list of illegal numbers somewhere. The lists will grow exponentially, as the precedent that this software is forbidden to possess or share, will lead others to demand that software, and numbers, they don’t care for be made illegal as well.

And then… I forget the rest. Whether it was finally ruled in the favor of common sense, or if the case simply petered out and nothing more was ever heard about it. I do know that no one was ever brought up on charges for possessing a number, and DeCSS has been widely available ever since the day it was first posted online (if you’ve ever used a movie ripping software like ffmpeg, you’ve used DeCSS or it’s descendents.)

There was a later, even more obviously “illegal number” – see http://www.wired.com/2007/02/the_new_hddvdbl/ for more discussion of it.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s