Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

Viruses, anti-viruses and the law of the land.

By i in Technology
Thu Nov 28, 2002 at 04:31:51 PM EST
Tags: Security (all tags)

This story talks about DMCA, and how to make an argument for a class of work to be exempt from its anticircumvention section.

It has occured to me that there's a case for exempting a class of works called "computer programs" for security reasons. Briefly, an anti-virus cannot operate on encrypted program files if it is not allowed to try and decrypt them, hence program files should be exempt from the prohibition to decrypt. The case, I reasoned, is probably not strong enough to win, but worth trying anyway. So I began thinking in this direction.

Something else has occurred to me in process, and that's a different story.

What if a virus, instead of (or better, in addition to) encrypting itself, encrypts other files on your computer? Of course you have backups, but given malicious nature of viruses, all your recent backups could be encrypted without you even noticing it. For instance, a virus could infect an operating system's kernel so that all file operations go through the virus code. If the operation is "write to hard disk or tape", it encrypts the data; data going the other way is decrypted. Nothing has apparently changed in your computer's operation -- except that it now depends on the virus to function properly.

Then one day the virus simply wipes itself out of the kernel and leaves you on your own.

Now, what if a virus uses a weak encryption method? That's good, you can try and break the encryption. What if a weak encryption method is, in fact, CSS? Good, you can go ahead and recover your data with a program that breaks CSS.

Except you can't do that. Breaking CSS is against the law.

Honest, law-abiding citizens (or at least citizens of the USA) can only hope that virus writing terrorists don't come up with this or similar idea. If such a virus ever appears in the wild, a lot of data (and, consequently, money) will be lost In The Name Of The Law.

Or maybe not. Could such an incident possibly lead to a little bit of change somewhere? Maybe. Can't we all dream?


Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure


A virus would use
o CSS 25%
o DES 1%
o 3DES 8%
o AES 11%
o IDEA 5%
o RC5 8%
o CAST256 0%
o ROT128 38%

Votes: 85
Results | Other Polls

Related Links
o This story
o Also by i

Display: Sort:
Viruses, anti-viruses and the law of the land. | 52 comments (36 topical, 16 editorial, 0 hidden)
Interesting Thought (4.00 / 2) (#10)
by vile on Wed Nov 27, 2002 at 05:53:20 AM EST

But, at the point where DMCA prohibits me from making sure that my system is secure and in working order, is the point that I say to hell with it and write something myself. DMCA is a bad idea all around and should be abolished, but somebody's gotta line some political pockets.

The money is in the treatment, not the cure.
Except (4.00 / 1) (#11)
by i on Wed Nov 27, 2002 at 05:57:05 AM EST

you can't write a replacement yourself. DMCA won't let you :)

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]
Exactly (none / 0) (#12)
by vile on Wed Nov 27, 2002 at 05:59:43 AM EST

Which is why at that point, I would say to hell with the DMCA. :)

The money is in the treatment, not the cure.
[ Parent ]
actually (4.42 / 7) (#13)
by tichy on Wed Nov 27, 2002 at 06:22:02 AM EST

Antivirus software already decrypts so-called polymorphic viruses. These viruses encrypt their own code and generate a small decryption routine that is different every time, in an attempt to avoid recognition by simple searching. The AV software somehow recognizes this and runs the decryption routine in a protected environment, or something like that, to get at the decrypted code. The encryption is usually very lame.

So if viruses are protected by copyright law, antivirus software is already illegal! :)

You think it's funny... (4.33 / 3) (#21)
by Otto Surly on Wed Nov 27, 2002 at 08:30:39 AM EST

...but this is a powerful argument that nobody's ever going to pursue, because no virus author is going to stand up and "defened" his code. Sucks, donut?

I can't wait to see The Two Towers. Man, that Legolas chick is hot.
[ Parent ]
what if... (none / 0) (#29)
by MrLarch on Wed Nov 27, 2002 at 10:16:05 AM EST

What if the virus was proven to be (bear with me) beneficial, closing exploits that exist on the system, and the thing become almost legendary for saving systems from other, more malicious actions. Assume this argument applies to it in some way. Then the creator speaks up with documented proof of authorship. Is his ass kicked or lauded?

[ Parent ]
Kicked (5.00 / 1) (#30)
by Herring on Wed Nov 27, 2002 at 10:35:10 AM EST

The fact that it replicates itself around at all (ie putting the author's stuff onto unauthorized machines) means that it's illegal. IIRC, somebody did write an "anti code red" which removed code red and patched the system (and replicated itself around the net). Because it interferred with a system without the owners permission, it was still illegal.

Say lol what again motherfucker, say lol what again, I dare you, no I double dare you
[ Parent ]
Ambiguity (4.00 / 1) (#15)
by ShiteNick on Wed Nov 27, 2002 at 06:44:41 AM EST

Is this not a very strong argument for a legal system that has some dependence on Human judges? And their ability to discern what is and what is not within the spirit of the law (even if it's not in the letter?).

There's no point in adding exceptions to a law. You can add and add and add exceptions and exceptions to those exceptions, but the never be able to precisely specify a rule. Human languages by their very nature are ambiguos. We're already a point where legalese is unreadable - and in fact - practically meaningless. And it seems to be heading in the same direction as the "perfect universal language" attempts - the languages without ambiguity that cannot be used to express anything useful.

Writing a virus scanner is not "in spirit" an attempt at copying stuff.

Problem. (4.00 / 1) (#16)
by Herring on Wed Nov 27, 2002 at 06:54:04 AM EST

Yes, it is very unlikely that a judge would convict a person for recovering their own data. If this scenario occured though, companies would want to be able to buy a simple tool to do the recovery. It is the marketing of this tool - specifically designed to break CSS (or whatever) - which would be problematic. When anyone can claim they have DeCSS "in case I need it to recover my data" then you can't really prohibit DeCSS.

Say lol what again motherfucker, say lol what again, I dare you, no I double dare you
[ Parent ]
All fine and well. (4.80 / 5) (#17)
by i on Wed Nov 27, 2002 at 06:58:49 AM EST

Writing a virus scanner is not "in spirit" an attempt at copying stuff.

Writing a DVD player isn't either. So?

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]

'Human' intervention (5.00 / 1) (#23)
by SanSeveroPrince on Wed Nov 27, 2002 at 09:02:08 AM EST

Years and years and a couple of weeks ago, when I was still innocent, I would have found your argument powerful and compelling.

After all, laws are only meant to provide guidelines; judges are supposed to distinguish borderline cases, and deal with them in a wise, enlightened manner.
I mean, who could possibly hurt another human being who has done nothing wrong, just because a musty tone somewhere says so?

Then Bush was elected. Cheney was made vice president of the most dangerous army in the world. I lost my innocence, and I sneer in sneering superiority at your misplaced faith in human nature...

Legalese is unreadable because of compromises made by idiots.
Wipe the slate clean, and rewrite clear, honest laws. Leave the rest to people. That's my idea :)


Life is a tragedy to those who feel, and a comedy to those who think

[ Parent ]
Human Judges (4.00 / 1) (#25)
by rdskutter on Wed Nov 27, 2002 at 09:04:16 AM EST

Like the wanker who presided over the DMCA .2600 case. What was his name?

Human judges are fallible. They can be bought and they are not impartial. Especially not in America. Ambiguity in the law will always work against the public.

I still can't remember his name.

Yanks are like ICBMs: Good to have on your side, but dangerous to have nearby. - OzJuggler
History will be kind to me for I intend to write it.[ Parent ]

Rule of the jungle (3.50 / 2) (#31)
by ShiteNick on Wed Nov 27, 2002 at 10:42:28 AM EST

It's a different kind of jungle nowadays, but still very much a jungle.

If having ambiguity can be bad because of fallible, weak, impartial, biased judges - a lack of ambiguity[1] is not going to solve the problem.

The same biased judges could easily "create" ambiguity.

[1] Even if such a thing were actually possible.

[ Parent ]
Funny, but "non-infringing use" argument (5.00 / 5) (#18)
by Seth Finkelstein on Wed Nov 27, 2002 at 07:00:03 AM EST

OK, I'm amused. This was funny, to my techie sense of humor.

But, honestly, at heart, it's yet another example of the substantial non-infringing use argument. Granted, it's a clever variant. But still, fundamentally, that same argument.

The formal answer to the situation, is that any such data-recovery needs could be handled by strictly licensed decryption programs (which is, after all, exactly what an approved DVD player is - a strictly licensed decryption program).

This issue has been solidly slammed in an eBooks ruling (emphasis added);

The inescapable conclusion from the statutory language adopted by Congress and the legislative history discussed above is that Congress sought to ban all circumvention tools because most of the time those tools would be used to infringe a copyright. Thus, while it is not unlawful to circumvent [ed note - ONLY "rights" restrictions] for the purpose of engaging in fair use, it is unlawful to traffic in tools that allow fair use circumvention. That is part of the sacrifice Congress was willing to make in order to protect against unlawful piracy and promote the development of electronic commerce and the availability of copyrighted material on the Internet.

Accordingly, there is no ambiguity in what tools are allowed and what tools are prohibited because the statute bans trafficking in or the marketing of all circumvention devices. Moreover, because all circumvention tools are banned, it was not necessary for Congress to expressly tie the use of the tool to an unlawful purpose in order to distinguish lawful tools from unlawful ones. Thus, the multi-use device authorities cited by defendant, such as the statutes and case law addressing burglary tools and drug paraphernalia, offer defendant no refuge. The law, as written, allows a person to conform his or her conduct to a comprehensible standard and is thus not unconstitutionally vague.

-- Seth Finkelstein
A very clever plan. (none / 0) (#19)
by i on Wed Nov 27, 2002 at 07:13:42 AM EST

  • Create CSS.
  • Create a CSS encryption virus.
  • Profit.
By the way this is absolutely not an argument for legalizing a circumvention tool because of "substantial non-infringing use", and was not intended as such.

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]
Techie sense of humor? Then you'll like this... (5.00 / 4) (#33)
by codemonkey_uk on Wed Nov 27, 2002 at 11:36:49 AM EST

Q) How does The Lord of the Rings get such a long poem on such a small ring?
A) Rune length encoding.

"The most savage controversies are those about matters as to which there is no good evidence either way." - Bertrand Russell
[ Parent ]
The point is... (none / 0) (#52)
by vectro on Sat Dec 21, 2002 at 02:19:57 PM EST

It's the copyright owner's own data. But if the encryption method is CSS, then the decryption device would also be a decryption device for DVDs - and thus illegal by the DMCA (assuming the DVDCCA doesn't propagate some antivirus that is licensed, in which case one could probably use it on one's DVDs).

The author's point is not that the tool would not be banned by the DMCA; on the contrary, the point is that such a tool would necessarily be banned in the abscence of the consent of the DVDCCA.

“The problem with that definition is just that it's bullshit.” -- localroger
[ Parent ]

hmm (4.60 / 5) (#22)
by phuzz on Wed Nov 27, 2002 at 08:58:01 AM EST

you're not suggesting some malicious person should write such a virus, just to show up the DMCA are you?  That would be....amusing.

Me? Never. (5.00 / 1) (#27)
by i on Wed Nov 27, 2002 at 09:10:51 AM EST

If anything, I'm suggesting you backup your valuable data by first booting from a clean write-protected medium.

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]
But if you do that.... (none / 0) (#32)
by Elkor on Wed Nov 27, 2002 at 10:44:36 AM EST

You are circumnavigating the file permissions set by the Operating System (if you are running anything after NT4.0).

So, we can't allow THAT to happen....


"I won't tell you how to love God if you don't tell me how to love myself."
-Margo Eve
[ Parent ]
Wouldn't this (4.40 / 5) (#28)
by davidduncanscott on Wed Nov 27, 2002 at 09:38:29 AM EST

only be an issue if the virus writer complained?

No need for exemption (4.00 / 3) (#35)
by Sloppy on Wed Nov 27, 2002 at 12:19:48 PM EST

If anyone (not just virus authors) other than MPAA, were to start using CSS for scrambling stuff, and they either give permission to unscramble their works, or their tool works on content where the copyright holder does not have an arrangement with the toolmaker, then DeCSS becomes legal.

There is no need to go running to the Librarian for something as limited as an exemption on circumvention. The whole circumvention and even trafficking prohibition against DeCSS will go away.

You don't need to keep company with scum like virus authors, to do this. All you have to do is distribute something that you hold the copyright to (such as your home movie on a DVD) that is CSS scrambled, and give permission to others to unscramble it. Or write a program that CSS scrambles any file, and distribute it. That is all it takes. The only catch is that you need to implement CSS scrambling without signing any huge legalese agreements (such as a license from the DVDCCA), since that would undoubtably contain terms that prohibit you from giving authorization to bypass. So you have to use a reverse engineered implementation of CSS. If you are using a service bureau to master/press your DVD, read any contracts very carefully before signing.

The only way that 1201 can really make sense, is if there is an additional restriction for implementing the "technological measure", such as a patent (which is apparently not the case with CSS), such that there is a monopoly on the "measure" itself. Otherwise, any Joe Schmoe can give authorization to bypass, and the whole protection scheme is neutered.
"RSA, 2048, seeks sexy young entropic lover, for several clock cycles of prime passion..."

Go ahead. Do that. (5.00 / 1) (#37)
by i on Wed Nov 27, 2002 at 12:43:24 PM EST

You will have to prove in court that you are right. And then prove it again in a higher court. And again in a different state. And again and again.

Are you willing to sacrifice your life to the cause?

But you've made one good note. If you replace CSS with any patented scheme, then DMCA doesn't even enter the picture.

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]

Good. (3.50 / 2) (#36)
by Fon2d2 on Wed Nov 27, 2002 at 12:38:10 PM EST

Write this virus.

No, no, no. (4.00 / 1) (#38)
by i on Wed Nov 27, 2002 at 12:50:01 PM EST

Never ever write computer viruses.

If you desperately want to become a criminal, please rob an orphanage, or something.

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]

-1KITN (3.33 / 3) (#39)
by Luminion on Wed Nov 27, 2002 at 01:10:51 PM EST

"Virus writing terrorists"

Submission catches -1 and the author gets Kick In The Nuts.
<spanisman> you are really a dork and I'm going to complaint against you in the undernet society for you to get lost the op status

Really? (3.00 / 2) (#40)
by i on Wed Nov 27, 2002 at 01:23:22 PM EST

Come over here. I'm in Haifa. Where are you? Lessee who really gets KITN. If you are a krav maga instructor or something, just say so, I'll bring a bigger stick.

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]
Some viruses do exactly this. (4.75 / 4) (#41)
by jeduthun on Wed Nov 27, 2002 at 01:43:34 PM EST

Your theoretical situation isn't so theoretical -- there is at least one virus that slowly encrypts files on its host's disk in addition to itself, making the host system dependent on the virus.

I'd like to think that the government would wake up and smell the new millenium if it realized that its laws made it technically illegal to try to recover one's own system from a viral infection, but let's be reasonable: no major company is going to sue you for breaking encryption for the purposes of getting rid of a virus, and in the best case, the government will re-write the laws to prevent a very limited subclass of such lunacy without making any serious adjustments to the fundamental problems behind the law.

No...but, (none / 0) (#42)
by kcidx on Wed Nov 27, 2002 at 03:14:36 PM EST

Sure, no company is going to sue you.

But if the virus actually used CSS, and major websites started linking to the code to correct the virus and recover your files, wouldn't someone HAVE to speak up somewhere along the line? Since at the same time, you are also downloading the code that can be used to decrypt DVD's?

[ Parent ]

you know.... (none / 0) (#44)
by Anonymous 23477 on Wed Nov 27, 2002 at 03:33:35 PM EST

If someone were to do this, it would give a good excuses for distributing DeCSS type code.

[ Parent ]
Standing? (4.50 / 2) (#43)
by br284 on Wed Nov 27, 2002 at 03:15:54 PM EST

So, in this case who has standing to bring a case under the DMCA? The virus writer because you're decrypting his copyrighted virus? The feds, because your anti-virus program can be used to decrypt things other than viruses?

Unless I'm missing something here, this just seems like really stupid speculation based on incomplete knowledge of the DMCA.


Just a minor comment (3.33 / 3) (#45)
by the on Wed Nov 27, 2002 at 04:28:49 PM EST

I think you're confusing a formal system that has axioms, derivation rules etc. with a legal system which works by having a judge, with some degree of common sense, interpreting the rules.

The Definite Article
Y'know what? (5.00 / 3) (#47)
by speedfreak2K2 on Thu Nov 28, 2002 at 02:00:29 AM EST

Why don't you write this virus and send it to the RIAA? Then we can sit back and watch them break the very law they wanted so bad.
You! Take that crown off your head, I'm kicking your ass!
Some notes (none / 0) (#48)
by wumpus on Thu Nov 28, 2002 at 10:58:19 AM EST

1. You need a copyright (according to the Berne convention this is not a problem, but in court it helps to file the application).
2. You need a EULA " (like this one).
3. You need to write and release it from Maryland (I'm not sure about Virginia). It seems those infinitely wise folks in Annapolis decided that anyone who writes software that we might possibly use gets complete control over our computers/data/etc. If you include "all conditions on this EULA will be determined by the laws of Maryland" your virus will be completely legal.

Once all that is done, you are free and clear, allowing you to sue and/or charge with felonies anyone who tries to reverse engineer your virus. Note that any virus blocking software will have to detect only non-encrypted parts of the virus. Removal of said virus is of course against the EULA, and doing such would result in felonious illegal use of software.

This allows Redmond style software thuggery, without the required effort of creating a monopoly. Now you can encrypt the entire hard drive, and charge exorbitant fees for the key.


change of direction (none / 0) (#50)
by jolt rush soon on Thu Nov 28, 2002 at 03:32:31 PM EST

i think you might be missing the point. i think that, for a start, this guy's not talking about doing this legally, he's not really talking about doing this but he's making a case for when decss-ing some data would be really useful and the fact that such an action being illegal is patently wrong.

interesting information about maryland though.
Subosc — free electronic music.
[ Parent ]

Finally, A Solution To The DMCA! (4.00 / 1) (#51)
by el tito on Thu Nov 28, 2002 at 06:55:03 PM EST

A link to a funny post taking the religious approach in the free-skylarov mailing list:
Finally, A Solution To The DMCA!

Sorry if you´ve read it before.Nice article BTW!

Viruses, anti-viruses and the law of the land. | 52 comments (36 topical, 16 editorial, 0 hidden)
Display: Sort:


All trademarks and copyrights on this page are owned by their respective companies. The Rest © 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!