Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
FBI arrests e-book hacker at Def Con

By jeremiah2 in MLP
Thu Jul 19, 2001 at 05:01:27 PM EST
Tags: Freedom (all tags)
Freedom

Read all about it.

The FBI took a Russian encryption expert into custody Monday at his hotel in Las Vegas for allegedly publishing software that cracks a variety of methods used to secure e-books.
Point out a company's techo-incompetence and get sent to the Gulag, or at least jail. America, love it or leave it.

Meanwhile, what's left of our First Amendment rights are being championed by organized geekdom. More power to them.


ADVERTISEMENT
Sponsor: rusty
This space intentionally left blank
...because it's waiting for your ad. So why are you still reading this? Come on, get going. Read the story, and then get an ad. Alright stop it. I'm not going to say anything else. Now you're just being silly. STOP LOOKING AT ME! I'm done!
comments (24)
active | buy ad
ADVERTISEMENT

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Read all about it
o organized geekdom
o Also by jeremiah2


Display: Sort:
FBI arrests e-book hacker at Def Con | 24 comments (19 topical, 5 editorial, 0 hidden)
Phew, we folded just in time (3.20 / 5) (#1)
by xrayspx on Thu Jul 19, 2001 at 11:13:36 AM EST

The company I used to work for was on the list of crackable PDF schemes. To my knowledge, these guys are the first to have cracked it, even if by brute force.

I guess it's good we gave up when we did...


"I see one maggot, it all gets thrown away" -- My Wife
Well.. (4.57 / 7) (#2)
by mindstrm on Thu Jul 19, 2001 at 11:22:12 AM EST

The one interesting point here is that, although he's being charged under the DMCA, it's not a copyright holder that is charging him; it's adobe.

The way the DMCA reads to me is that, if a copyright holder has a mechanism in place to protect his work, then you must not divulge information as to how to circumvent that mechanism.

In this case, adobe is trying to protect the mechanism itself; who says it's protecting a copyright? What if he tried this on his own documents?



Its not a civil case (none / 0) (#16)
by newellm on Thu Jul 19, 2001 at 07:43:38 PM EST

The state of california is charging him, not Adobe. Adobe just happened to bring it to the attention of the FBI.

[ Parent ]
Public dissent for DMCA growing (4.20 / 5) (#5)
by Wah on Thu Jul 19, 2001 at 12:13:15 PM EST

I heard about this story on NPR today. It is becoming quite obvious to everyone (not just geeks) that the DMCA is a piece of shite. Our friend in Virginia is currently working on a proposal to fix it, although I haven't heard many details yet. It is curious that the people who don't own the copyright are the ones pushing for punishment. Maybe that's because stuff like this shows how useless their service is...without the benefit of a felony conviction backing it up. The freedom to use the stuff you buy is a big one. With all the crazy tech that will be coming out in the next few years (and generations) it is a right we must fight to retain. Or you will have to buy it back in the marketplace, while paying all those marketers who sell you on what a good idea that is.
--
Some things, bandwidth can't buy. For everything else, there's Real Life | SSP
Error in the linked article (3.33 / 6) (#6)
by fluffy grue on Thu Jul 19, 2001 at 12:14:14 PM EST

This is the second use of the DMCA's criminal provisions to prosecute a person accused of copyright infringement. Dario Diaz, a public defender in Tampa, Fla., told Def Con attendees on Saturday of another case, in which Diaz's client is accused of violations of the DMCA for creating cards that can decrypt satellite TV signals.
Hello? DeCSS?

Of course, the DeCSS arrest happened before the DMCA was even active, and was used in Norway, and all sorts of other stuff where the DMCA really was not valid. Whee.
--
"Is not a quine" is not a quine.
I have a master's degree in science!

[ Hug Your Trikuare ]

Baffling (4.71 / 7) (#8)
by xrayspx on Thu Jul 19, 2001 at 01:49:40 PM EST

I'm surprised to see that no one's really mentioning anything about this guy being in jail. I mean, here is a foreign national, on US soil for a week, who gives a SPEECH and is thrown in JAIL. Sounds more like his home country than it does mine. I wonder, if he hadn't given the speech, would he still be in jail? He didn't actively break any law during his presentation (like, didn't sit there and crack Riding the Bullet in front of an audience or anything).

All he did was give a speech saying, in very loose terms by looking at the PowerPoint slides, "Hey, this stuff isn't safe, if you encode with it, we can recover the original content, see?". His company sells software to open these files, well, great, SUE them, in CIVIL court, or, if you want to arrest someone, the CEO of his company was standing right there, arrest him, not some programmer. Clearly they arrested him because he was the one giving this presentation.

This should be a civil case at most, and this guy should not face a 5 year federal prison sentance for it.


"I see one maggot, it all gets thrown away" -- My Wife
He showed the decryption (4.00 / 2) (#21)
by psyclone on Thu Jul 19, 2001 at 10:41:17 PM EST

"All he did was give a speech saying, in very loose terms by looking at the PowerPoint slides..."

I just spoke today with a 'fed' who was at the famous presentation at DEFCON. He said that he did give a speech, but also showed the before and after images of an encrypted PDF. Granted, he may not have preformed the encryption on the spot, but the didn't just talk about it either.

Not like this should have any impact on the case though. The entire incident sounds like complete bullshit to me.

[ Parent ]

There is no more freedom of speech (2.33 / 3) (#10)
by Orion Blastar on Thu Jul 19, 2001 at 02:47:40 PM EST

it was taken away from us when US Corps gained control of the Federal Government in the 20th century, and politicians can be bought by lobbyists and bribes.

The only way the Corps can be punished is if they are shown to have an abusive monopoly, and even that is sometimes hard to prove.

Our right to make a backup copy is nullified by the MegaCorp's right to make some money. If you want a backup, buy two copies now. Forget any technology that will crack copy protection or copy copy protected files or disks. That will get you and the person who made it in jail. If you lost the disk or file or whatever, then that is your tough luck. Don't go looking for a free copy on the Internet, lawyers most likely have shut those kind of sites down.

Is it any wonder why I've worried about The King Of The PATATO-People recently? He exists and seems to be on the side of the MegaCorps, taking away rights from the consumers. He influences the way the law and the courts work to benefit the MegaCorps and take away rights from the consumers. Ever notice that your privacy policies keep changing, as well as the Terms Of Service agreements? Again, the PATATO-People at work. The King of the PATATO-Peole is Big Brother and 1984 really did happen in a certain kind of way, only we are led to believe that it didn't, and nobody is tracking our personal information or controlling the government or our freedoms. Uh uh, not happening here. :)
*** Anonymized by intolerant editors at K5 and also IWETHEY who are biased against the mentally ill ***

Perhaps I've missed the point ... (2.00 / 5) (#12)
by kostya on Thu Jul 19, 2001 at 06:02:26 PM EST

Let's not confuse this guy with the DeCSS kid.

He didn't just give a speech and then get arrested. He owns/runs a company that makes a circumvention tool for eBooks and he sells it.

There are a lot of similarities and I know that the DMCA was used to jail him, but consider the fact that he is not some OSS developer getting jailed for research. He's a hacker who wrote a encryption-stripper for eBooks that he then sells in an attempt to earn a living.

Don't you think that makes this a little more than "pointing out flaws, getting jailed?" Sure, he got arrested when he gave the speech; but then, that was also the ideal time to pick him up for selling a tool that defrauds Adobe.

And I'm sure the above post makes me a moron and a hater of all that is good. ;-)



----
Veritas otium parit. --Terence
OSS should be above the law? (4.00 / 2) (#13)
by kmon on Thu Jul 19, 2001 at 06:20:02 PM EST

There are a lot of similarities and I know that the DMCA was used to jail him, but consider the fact that he is not some OSS developer getting jailed for research. He's a hacker who wrote a encryption-stripper for eBooks that he then sells in an attempt to earn a living.
You're right! He's the enemy of all that is good, because he was trying to make a living instead of give away the code to break the law, therefore the law was correct in being applied! OSS developers should be above the law! The law shouldn't apply to OSS developers!

I think that requires further evaluation. Since laws cannot be selectively applied, we need to reform (read: burn) the DMCA. We cannot be apologists for the imporisonment or attack of one group over another because they may or may not meet our social or political posturing. If you want your kids to grow up in a world where libraries are not outlawed, you'll oppose the DMCA whether or not its attacking those greedy, evil people who try to (snort) sell their code.
ad hoc, ad hominem, ad infinitum!
[ Parent ]
Researcher vs. Profiteer (none / 0) (#22)
by kostya on Fri Jul 20, 2001 at 10:04:59 AM EST

Let's get this straight--I do oppose the DMCA.

I mentioned the DMCA only because that seems to be the galvanizing force in this particular case. But I feel this is a different case altogether than the DeCSS case. No, OSS programmers are not above the law, but what this programmer was doing was slightly different than what the DeCSS programmer was doing.

I guess all I am saying is that if the DeCSS kid wrote DeCSS and then sold it, I think his case would be entirely different. Likewise, if this guy was just speaking on poor security and how it could be circumvented and had not written a utiltity and then sought to build a business model on it, I think his case would be different as well.

The fact that he has built a company on defrauding Adobe (whether we think their business model is valid or not is another issue) is the sticking point for me. I think this will make his case much harder.

It's the difference between a researcher publishing cryptographic analysis and a corporation designing a product so you can skip paying for it. And America is all about protecting business. A researcher might be looked upon favorably by the courts because of free speech; someone who is profiting by "stealing" (Adobe's view) from another company would not be looked upon so favorably.

No whether or not this programmer really is a profiteer doesn't matter--that is how he will be perceived. And it won't help him.

And BTW, I'm self-employed, so I'm all for making money. I just think this guy didn't think his business plan through ;-)



----
Veritas otium parit. --Terence
[ Parent ]
Just a programmer (5.00 / 4) (#15)
by lovelace on Thu Jul 19, 2001 at 07:15:37 PM EST

He owns/runs a company that makes a circumvention tool for eBooks and he sells it.
Actually, that's not true. He is just a programmer in the company and one of several that wrote the program in question. He is also a Ph.D. student and his talk at Defcon was about his dissertation (the fact that Adobe's security sucks). Besides that, he is married and has two kids.

All that aside, however, the program that he wrote is legal in Russia and Adobe's software is actually illegal because the law says you must be able to make at least one backup (which ebooks doesn't let you do).

So, we have here a foreign national who wrote a program that is perfectly legal in his native country that happens to come to the US for a conference and gets arrested and put in danger of jail. What would our reaction be if this happened to a US programmer that had gone to Russia?

[ Parent ]
and lockpick sellers? (none / 0) (#20)
by aonifer on Thu Jul 19, 2001 at 10:38:12 PM EST

but then, that was also the ideal time to pick him up for selling a tool that defrauds Adobe.

How does his tool defraud Adobe? You can't decrypt the encryption using his tool without owning the ebook being decrypted (or at least knowing the password). His tool does not upload the resulting file to the internet. All it does is create a pdf. So how does his tool defraud Adobe?

And if his tool defrauds Adobe, then doesn't that mean lockpick sellers are defrauding lock-makers? If not, then how is it different (keeping in mind that the possesion of a lockpick is not illegal in most states)?

I've ignored the fact that he doesn't actually run the company that sells the tool.

[ Parent ]

U.S. Jurisdiction (none / 0) (#24)
by Rashkae on Sun Jul 22, 2001 at 11:44:31 PM EST

Let us ignore for a moment the validity of the DMCA which makes illegal the distribution of the decryption software. Let us also ignore the fact that Dmitry is only an employee of a company that sells decryption software. The fact is, this company is Russian, where it is perfectly legal to produce and sell decryption software.

I'm too lazy to find and copy the exact quotes, but his arrest documents even confirm that the FBI recognize this fact. It clearly states that the alleged crime of distributing circumvention software occurred outside of US Jurisdiction. He is, however, charged with talking about it while in US Jurisdiction. That was it folks. He delivered a speech about decryption, demonstrated it, is placed under arrest, complete with handcuffs, as though he were some kind of terrorist.

It should also be mentioned that the FBI is one of the largest clients of record for this company's decryption software.



[ Parent ]
My letter (5.00 / 3) (#14)
by pfaffben on Thu Jul 19, 2001 at 07:07:18 PM EST

Here is the letter that I sent to lmchale@adobe.com and sprescot@adobe.com yesterday:

I have read in various places that Adobe has had Mr. Dmitri Sklyarov arrested for the "crime" of demonstrating that some of Adobe's encryption products do not provide good security. This is an unethical and ultimately unacceptable way for a corporation to behave. Instead of trying to suppress criticism of your technologies, you should be improving them so that they do not have the flaws that they do.

As a result, I am boycotting all Adobe products, starting immediately. This includes even such things as printers with Adobe-branded PostScript engines. I am sending copies of this letter to a group of friends to encourage them to boycott Adobe as well.

I hope that Adobe will reconsider its actions in this matter. At the very least, a public apology is due to Mr. Sklyakrov, possibly some other forms of compensation as well. You should be thanking him, not attempting to imprison him for defects in your own technologies.

Sincerely,

Ben Pfaff
B.S., Michigan State University, Electrical Engineering.
Stanford Graduate Fellow, Computer Science.



Pointless (none / 0) (#17)
by newellm on Thu Jul 19, 2001 at 08:08:52 PM EST

Even though I disagree with Adobe's actions, the case is completely out of their control.

He is facing criminal charges from the state of california. Adobe can't stop that now. It is him vs. California's DA. You should send a letter to your senators/representatives telling them how strongly you disagree with the DMCA and how you wish they would help change it.



[ Parent ]
I disagree (4.00 / 1) (#19)
by pfaffben on Thu Jul 19, 2001 at 09:38:06 PM EST

Even though I disagree with Adobe's actions, the case is completely out of their control.
Adobe put the feds up to this, I'm sure they can get them to back down. There is never anything pointless about pointing out to people or companies that their actions are wrong and unethical.

[ Parent ]
links and thoughts (5.00 / 2) (#18)
by iGrrrl on Thu Jul 19, 2001 at 09:22:49 PM EST

First the links. There's a cryptonomicon.net story posted with a number of links which I'm too lazy to duplicate. The ones in the article take you to not only the Electronic Frontier Foundation release, but also a Department of Justice's statement, EFF's copy of the DOJ complaint, Sklyarov's company (with a downloadable version of his PowerPoint presentation at DefCon 9), and other documents of interest.

I think I have only one thought. I think this arrest is wrong.

--
You cannot have a reasonable conversation with someone who regards other people as toys to be played with. localroger
remove apostrophe for email.

If I were Adobe (none / 0) (#23)
by jcolter on Sat Jul 21, 2001 at 01:34:30 AM EST

If I was in a postion of power at the Adobe corporation, I think I would want to sue the company for civil damages (not that I am advocating this).

I'm starting to think that they arrested this guy so that they could file civil charges against him and the corporation he works for while he is in the slammer.

OTOH maybe that wouldn't work because Adobe probably woudn't be able to collect a judgment against a foreign company. Maybe the WTO could invalidate the DMCA?



FBI arrests e-book hacker at Def Con | 24 comments (19 topical, 5 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!