[MLB-WIRELESS] Hypothetical: takedown notices

andrewg at d2.net.au andrewg at d2.net.au
Fri Mar 7 09:15:59 EST 2003


>
> Why don't we simply _require_ encrypted communications, hopefully
> making content irrelevant.  The data contained in encrypted
> communications is almost impossible to prove without the key, as each
> possible key decrypts the cyphertext into whole new potential content!
>

Its feasible. However, then you get people who say "Why do you need to
encrypt stuff if you don't have anything to hide?".

ugh. as well. the gubberment will probably threaten to arrest you if you
don't record and allow them to access your encryption key(s).
http://www.oznetlaw.net/pdffiles/p0627012.pdf

The overhead involved would be an interesting thing, as gamers (who imo,
are generally wares people as well) tend to want the lowest rtt, who will
then not really bother with encryption.

> It's possible,

but not likely, ;)

If it was originally an mpeg, and decrypting it with a different key
resulted in madonna, I'd consider that a cryptographic weakness, as iirc,
mpeg have checksums, and the header for mpeg from memory is relatively
strict.

>  for example, for there to exist a key that will decrypt
> my encrypted home video of my daughters first words into an exact copy
> of an mpeg of Madonna's latest video clip.  What does the encrypted
> communicaiton contain?  Madonna, or my daughter?  Without the key,
> nothing, basically. Hopefully absolving any and all carriers of said
> encrypted data of any responsibility for the content.
>
> Practically speaking, it'll prevent the takedown notice in the
> firstplace due to the difficulty of obtaining proof,

If the system is relatively fool proof, yeah. But then you have issues like
CA, distributing keys, ensuring those keys are authenticated, then setting
up connections, the policy required (do you accept connections from
anywhere, or do you only accept connections from who you know the public
key for), etc.

Secondly, how easily will this be setup by those who are interested, but
can't really be bothered configuring it?

As for obtaining proof, you might want to look at http://stealth.7350.org/,
specifically 7350sshd and sslmim. There are other cryptography mitm attacks
based upon the users understanding, or bad implementation. (EG, IE and some
other browsers not properly checking the restrictions on a web site, that
allows you to do a MITM without any problems.) It just depends mainly on
the user interface :/

> or even reasonable
> suspicion.  No takedown notice, no test-case, no lawyers, no hastles,
> no worries :)
>
> (it may upset the warez kiddies though, not having big, open,
> unencrypted file-storage available...)
>
> Ben.
> P.S.  I'm not a lawyer.
>
>





To unsubscribe: send mail to majordomo at wireless.org.au
with "unsubscribe melbwireless" in the body of the message



More information about the Melbwireless mailing list