Clay Shirky did an excellent article on this in mid december... Makes you
wonder if plagiarism is any better than theft.
The RIAA Succeeds Where the Cypherpunks Failed
http://www.shirky.com/writings/riaa_encryption.html
For years, the US Government has been terrified of losing surveillance
powers over digital communications generally, and one of their biggest fears
has been broad public adoption of encryption. If the average user were to
routinely encrypt their email, files, and instant messages, whole swaths of
public communication currently available to law enforcement with a simple
subpoena (at most) would become either unreadable, or readable only at huge
expense.
The first broad attempt by the Government to deflect general adoption of
encryption came 10 years ago, in the form of the Clipper Chip. The Clipper
Chip was part of a proposal for a secure digital phone that would only work
if the encryption keys were held in such a way that the Government could get
to them. With a pair of Clipper phones, users could make phone calls secure
from everyone except the Government.
Though opposition to Clipper by civil liberties groups was swift and
extreme, the thing that killed it was work by Matt Blaze, a Bell Labs
security researcher, showing that the phone's wiretap capabilitiescould be
easily defeated, allowing Clipper users to make calls that even the
Government couldn't decrypt. (Ironically, ATT had designed the phones
originally, and had a contract to sell them before Blaze sunk the project.)
The Government's failure to get the Clipper implemented came at a heady time
for advocates of digital privacy -- the NSA was losing control of
cryptographic products, Phil Zimmerman had launched his Pretty Good Privacy
(PGP) email program, and the Cypherpunks, a merry band of crypto-loving
civil libertarians, were on the cover of the second issue of Wired. The
floodgates were opening, leading to...
...pretty much nothing. Even after the death of Clipper and the launch of
PGP, the Government discovered that for the most part, users didn't want to
encrypt their communications. The most effective barrier to the spread of
encryption has turned out to be not control but apathy. Though business
users encrypt sensitive data to hide it from one another, the use of
encryption to hide private communications from the Government has been
limited mainly to techno-libertarians and a small criminal class.
The reason for this is the obvious one: the average user has little to hide,
and so hides little. As a result, 10 years on, e-mail is still sent as plain
text, files are almost universally unsecured, and so on. The Cypherpunk
fantasy of a culture that routinely hides both legal and illegal activities
from the state has been defeated by a giant distributed veto. Until now.
It may be time to dust off that old issue of Wired, because the RIAA is
succeeding where 10 years of hectoring by the Cypherpunks failed. When
shutting down Napster turned out to have all the containing effects of
stomping on a tube of toothpaste, the RIAA switched to suing users directly.
This strategy has worked much better than shutting down Napster did,
convincing many users to stop using public file sharing systems, and to
delete MP3s from their hard drives. However, to sue users, they had to serve
a subpoena, and to do that, they had to get their identities from the user's
internet service providers.
Identifying those users has had a second effect, and that's to create a
real-world version of the scenario that drove the invention of
user-controlled encryption in the first place. Whitfield Diffie, inventor of
public key encryption, the strategy that underlies most of today's
cryptographic products, saw the problem as a version of "Who will guard the
guardians?"
In any system where a user's identity is in the hands of a third party, that
third party cannot be trusted. No matter who the third party is, there will
be at least hypothetical situations where the user does not want his or her
identity revealed, but the third party chooses or is forced to disclose it
anyway. (The first large scale example of this happening was the compromise
of anon.penet.fi, the anonymous email service, in 1994.) Seeing that this
problem was endemic to all systems where third parties had access to a
user's identity, Diffie set out to design a system that put control of
anonymity directly in the hands of the user.
Diffie published theoretical work on public key encryption in 1975, and by
the early 90s, practical implementations were being offered to the users.
However, the scenario Diffie envisioned had little obvious relevance to
users, who were fairly anonymous on the internet already. Instead of
worrying now about possible future dangers, most users' privacy concerns
centered on issues local to the PC, like hiding downloaded pornography,
rather than on encrypting network traffic.
However, Diffie's scenario, where legal intervention destroys the users' de
facto privacy wherever it is in the hands of commercial entities, is now
real. The RIAA's successful extraction of user identity from internet
service providers makes it vividly clear that the veil of privacy enjoyed by
the average internet user is diaphanous at best, and that the obstacles to
piercing that veil are much much lower than for, say, allowing the police to
search your home or read your (physical) mail. Diffie's hypothetical problem
is today's reality. As a result, after years of apathy, his proposed
solution is being adopted as well.
In response to the RIAA's suits, users who want to share music files are
adopting tools like WINWand BadBlue, that allow them to create encrypted
spaces where they can share files and converse with one another. As a
result, all their communications in these spaces, even messages with no more
commercial content than "BRITN3Y SUX!!!1!" are hidden from prying eyes. This
is not because such messages are sensitive, but rather because once a user
starts encrypting messages and files, it's often easier to encrypt
everything than to pick and choose. Note that the broadening adoption of
encryption is not because users have become libertarians, but because they
have become criminals; to a first approximation, every PC owner under the
age of 35 is now a felon.
The obvious parallel here is with Prohibition. By making it unconstitutional
for an adult to have a drink in their own home, Prohibition created a cat
and mouse game between law enforcement and millions of citizens engaged in
an activity that was illegal but popular. As with file sharing, the essence
of the game was hidden transactions -- you needed to be able to get into a
speakeasy or buy bootleg without being seen.
This requirement in turn created several long-term effects in American
society, everything from greatly increased skepticism of Government-mandated
morality to broad support for anyone who could arrange for hidden
transactions, including organized crime. Reversing the cause did not reverse
the effects; both the heightened skepticism and the increased power of
organized crime lasted decades after Prohibition itself was reversed.
As with Prohibition, so with file sharing -- the direct effects from the
current conflict are going to be minor and over quickly, compared to the
shifts in society as a whole. New entertainment technology goes from
revolutionary to normal quite rapidly. There were dire predictions made by
the silent movie orchestras' union trying to kill talkies, or film
executives trying to kill television, or television executives trying to
kill the VCR. Once those technologies were in place, however, it was hard to
remember what all the fuss was about. Though most of the writing about file
sharing concentrates on the effects on the music industry, whatever new
bargain is struck between musicians and listeners will almost certainly be
unremarkable five years from now. The long-term effects of file sharing are
elsewhere.
The music industry's attempts to force digital data to behave like physical
objects has had two profound effects, neither of them about music. The first
is the progressive development of decentralized network models, loosely
bundled together under the rubric of peer-to-peer. Though there were several
version of such architectures as early as the mid-90s such as ICQ and
SETI@Home, it took Napster to ignite general interest in this class of
solutions.
And the second effect, of course, is the long-predicted and oft-delayed
spread of encryption. The RIAA is succeeding where the Cypherpunks failed,
convincing users to trade a broad but penetrable privacy for unbreakable
anonymity under their personal control. In contrast to the Cypherpunks "eat
your peas" approach, touting encryption as a first-order service users
should work to embrace, encryption is now becoming a background feature of
collaborative workspaces. Because encryption is becoming something that must
run in the background, there is now an incentive to make its adoption as
easy and transparent to the user as possible. It's too early to say how
widely casual encryption use will spread, but it isn't too early to see that
the shift is both profound and irreversible.
People will differ on the value of this change, depending on their feelings
about privacy and their trust of the Government, but the effects of the
increased use of encryption, and the subsequent difficulties for law
enforcement in decrypting messages and files, will last far longer than the
current transition to digital music delivery, and may in fact be the most
important legacy of the current legal crackdown.
on 28/1/04 6:39 pm the person going by the name StaticBeats at
minimalism@staticbeats.com spake :
quoted 38 lines Very interesting article ....
> Very interesting article ....
>
> Business Week Online
> http://www.businessweek.com/technology/content/jan2004/tc20040127_2819_tc047.h
> tm
>
> The RIAA's newest legal assault on file swappers is pushing them to
> encrypted networks, where the damage could become catastrophic
>
> The music file-swapping masses got a fresh jolt of fear on Jan. 21 when the
> Recording Industry Association of America filed 532 lawsuits against alleged
> copyright infringers for downloading or sharing pirated tunes on the
> Internet. The suits made good on the RIAA's promise in December not to skip
> a beat in its legal war against music piracy.
>
> One has to admit: The RIAA sure is tenacious in pursuing its strategy. What
> it doesn't seem to realize, though, is that it has already lost the war. The
> recording industry's hardball tactics have fueled a technological shift
> that'll make it nearly impossible to pursue file swappers in the future.
>
> How so? The culture of fear and loathing that the RIAA has created is
> starting to put encryption on the must-have list of every Joe and Jane
> Internet user. The results will be wide-ranging and will pose a threat to
> the movie industry, the software industry, and just about any other industry
> involved with the creation and sale of intellectual property.
>
> Shimone/Justes
> http://www.staticbeats.com > Electronic Music > Digital Culture
> http://www.boomboombap.com > First Come > First Heard
> http://www.moonlight-toys.com > Moonlight Toys San Francisco
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: idm-unsubscribe@hyperreal.org
> For additional commands, e-mail: idm-help@hyperreal.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: idm-unsubscribe@hyperreal.org
For additional commands, e-mail: idm-help@hyperreal.org