[IETF-IDRM] Fwd: [WM]: Re: [IDRM]/[WM] Fwd: SDMI demands Princeton prof
"destroy" paper aboutvulnerability
Thomas Hardjono
thardjono@mediaone.net
Sat, 19 May 2001 23:55:52 -0400
>Delivered-To: zeus-waterma-watermarking-list@phoebe.hosting4u.net
>Date: Sat, 21 Apr 2001 16:14:07 -0500 (Eastern Standard Time)
>From: "Neil F.Johnson" <nfj@jjtc.com>
>To: <watermarking@watermarkingworld.org>, watermarking@watermarkingworld.org,
> thardjono@mediaone.net, ietf-idrm@lists.elistx.com
>Subject: [WM]: Re: [IDRM]/[WM] Fwd: SDMI demands Princeton prof "destroy"
> paper aboutvulnerability
>Reply-To: nfj@jjtc.com
>Organization: Johnson & Johnson Technolofy Consultants, LC
>Sender: watermarking-owner@watermarkingworld.org
>
>I belong to both the IDRM and Watermarkingworld
>list groups and saw this message go across both.
>
>Well, I'm sure this will be a hot topic at IHW2001.
>The fact that The Verance Watermark is currently
>being used means that someone rushed to production
>without doing all of their homework.
>
>I look forward to discussing the matter further
>in Pittsburgh next week.
>
>BTW...
>What if those of us who did not participate wish
>to discuss the SDMI challenge?
>
>--
>
>Neil F. Johnson
>Associate Director
>Center for Secure Information Systems
>George Mason University
>njohnson@gmu.edu
>
>
>
> > >From: John Young <jya@pipeline.com>
> >Subject: RIAA Warns SDMI Hackers
> >To: cypherpunks@lne.com
> >Date: Fri, 20 Apr 2001 22:36:45 -0400
> >
> >RIAA and The SDMI Foundation on April 9 warned Ed Felten
> >and his researchers not to publish their paper about the
> >weaknesses of the SDMI content protection system at the
> >4th International Information Hiding Workshop to be held
> >April 25-29, 2001. Their paper is public:
> >
> > http://cryptome.org/sdmi-attack.htm (41K text with 11 images)
> >
> >Zipped text and images:
> >
> > http://cryptome.org/sdmi-attack.zip (328K)
> >
> >***********
> >
> >http://cryptome.org/sdmi-attack.htm
> >
> > April 9, 2001
> >
> > Professor Edward Felton
> > Department of Computer Science
> > Princeton University
> > Princeton, NY 08544
> >
> > Dear Professor Felten,
> >
> > We understand that in conjunction with the 4th International
> > Information Hiding Workshop to be held April 25-29, 2001, you and your
> > colleagues who participated in last year's Secure Digital Music
> > Initiative ("SDMI") Public Challenge are planning to publicly release
> > information concerning the technologies that were included in that
> > challenge and certain methods you and your colleagues developed as
> > part of your participation in the challenge. On behalf of the SDMI
> > Foundation, I urge you to reconsider your intentions and to refrain
> > from any public disclosure of confidential information derived from
> > the Challenge and instead engage SDMI in a constructive dialogue on
> > how the academic aspects of your research can be shared without
> > jeopardizing the commercial interests of the owners of the various
> > technologies.
> >
> > As you are aware, at least one of the technologies that was the
> > subject of the Public Challenge, the Verance Watermark, is already in
> > commercial use and the disclosure of any information that might assist
> > others to remove this watermark would seriously jeopardize the
> > technology and the content it protects.1 Other technologies that were
> > part of the Challenge are either likewise in commercial use or could
> > be could be utilized in this capacity in the near future. Therefore,
> > any disclosure of information that would allow the defeat of those
> > technologies would violate both the spirit and the terms of the
> > Click-Through Agreement (the "Agreement"). In addition, any disclosure
> > of information gained from participating in the Public Challenge would
> > be outside the scope of activities permitted by the Agreement and
> > could subject you and your research team to actions under the Digital
> > Millennium Copyright Act ("DCMA").
> >
> > ____________________
> >
> > 1 The Verance Watermark is currently used for DVD-Audio and SDMI
> > Phase I products and certain portions of that technology are trade
> > secrets.
> >
> > We appreciate your position, as articulated in the Frequently Asked
> > Questions document, that the purpose of releasing your research is not
> > designed to "help anyone impose or steal anything." Further more, you
> > participation in the Challenge and your contemplated disclosure
> > appears to be motivated by a desire to engage in scientific research
> > that will ensure that SDMI does not deploy a flawed system.
> > Unfortunately, the disclosure that you are contemplating could result
> > in significantly broader consequences and could directly lead to the
> > illegal distribution of copyrighted material. Such disclosure is not
> > authorized in the Agreement, would constitute a violation of the
> > Agreement and would subject your research team to enforcement actions
> > under the DMCA and possibly other federal laws.
> >
> > As you are aware, the Agreement covering the Public challenge narrowly
> > authorizes participants to attack the limited number of music samples
> > and files that were provided by SDMI. The specific purpose of
> > providing these encoded files and for setting up the Challenge was to
> > assist SDMI in determining which of the proposed technologies are best
> > suited to protect content in Phase II products. The limited waiver of
> > rights (including possible DMCA claims) that was contained in the
> > Agreement specifically prohibits participants from attacking content
> > protected by SDMI technologies outside the Public Challenge. If your
> > research is released to the public this is exactly what could occur.
> > In short, you would be facilitating and encouraging the attack of
> > copyrighted content outside the limited boundaries of the Public
> > Challenge and thus places you and your researchers in direct violation
> > of the Agreement.
> >
> > In addition, because public disclosure of your research would be
> > outside the limited authorization of the Agreement, you could be
> > subject to enforcement actions under federal law, including the DMCA.
> > The Agreement specifically reserves any rights that proponents of the
> > technology being attacked may have "under any applicable law,
> > including, without limitation, the U.S. Digital Millennium Copyright
> > Act, for any acts not expressly authorized by their Agreement." The
> > Agreement simply does not "expressly authorize" participants to
> > disclose information and research developed through participating in
> > the Public challenge and such disclosure could be the subject of a
> > DMCA action.
> >
> > We recognize and appreciate your position, made clear throughout this
> > process, that it is not your intention to engage in any illegal
> > behavior or to otherwise jeopardize the legitimate commercial
> > interests of others. We are concerned that your actions are outside
> > the peer review process established by the Public Challenge and setup
> > by engineers and other experts to ensure the academic integrity of
> > this project. With these facts in mind, we invite you to work with the
> > SDMI Foundation to find a way for you to share the academic components
> > of your research while remaining true to your intention to not violate
> > the law or the Agreement. In the meantime, we urge you to withdraw the
> > paper submitted for the upcoming Information Hiding Workshop, assure
> > that it is removed from the Workshop distribution materials and
> > destroyed, and avoid a public discussion of confidential information.
> >
> > Sincerely,
> >
> > [Signature]
> >
> > Matthew Oppenheim, Secretary
> > The SDMI Foundation
> >
> > cc: Mr. Ira S. Moskowitz, Program Chair, Information Hiding Workshop,
> > Naval Research Laboratory
> > Cpt. Douglas S. Rau, USN, Commanding Officer, Naval Research
> > Laboratory
> > Mr. Howard Ende, General Counsel of Princeton
> > Mr. Edward Dobkin, Computer Science Department Head of Princeton
> > _________________________________________________________________
> >
> >***********
>
>
>
>
>______________________________________________________________________________
>
>Watermarking Mailing List - http://www.watermarkingworld.org/ml.html
>To unsubscribe send email to "majordomo@watermarkingworld.org" with
>"unsubscribe watermarking YOURMAIL" in the body.
>______________________________________________________________________________
>