That's exactly what I said when I e-mailed the team at the copy protection development site working for the RIAA in San Diego. I questioned the wisdom of quashing academic research findings and said that they were foolish by not taking what he had found and using it to strengthen their protocol. I also pointed out if someone did it once it will most like be cracked again, and by someone who doesn't have any academic or professional status to worry about - "and then the cats out of the bag", or out on the web as the case may be! -----Original Message----- From: pwa@chmls06.mediaone.net [mailto:pwa@chmls06.mediaone.net]On Behalf Of Paul Abrahams Sent: Friday, April 27, 2001 0903 To: SuSE listserve Subject: Re: [SLE] Something of possible interest? crrey wrote:

Here's an article posted by IDG.net's TechInformer.

UNDER RIAA PRESSURE, ACADEMIC DOES NOT PRESENT PAPER (Source: IDG.net) Edward Felten, the Princeton computer science professor who has been at the center of some controversy this week due to a paper he wrote detailing ways to crack the encryption in the SDMI digital music system, chose not to present his findings at a conference. http://www.techinformer.com/go.cgi?id=466403

For the actual paper, go to http://www.theregister.co.uk/extra/sdmi-attack.htm Once it's been copied off the net, there's no way that RIAA can close the barn door. Paul Abrahams -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com

Hmmm! On Fri, 27 Apr 2001, crrey wrote: c> That's exactly what I said when I e-mailed the team at the copy protection c> development site working for the RIAA in San Diego. I questioned the wisdom c> of quashing academic research findings and said that they were foolish by c> not taking what he had found and using it to strengthen their protocol. I Who says they didn't take it? All it says is that under pressure from the RIAA it's not going to be published. You can bet your ass the RIAA already had it, otherwise they wouldn't have pressured them not to publish how easy it was to crack their protection. -- Good point, that probably explains alot. He was probably trying to help them by showing them the flaws and now he won't be able to get any academic millage out of it - at least not for a while. c> also pointed out if someone did it once it will most like be cracked again, c> and by someone who doesn't have any academic or professional status to worry c> about - "and then the cats out of the bag", or out on the web as the case c> may be! c> True, here at least it was for academic reasons, the next time it will most likely be for exploitable/profitable (to someone else that is)reasons. -- And there will be a next time. Id be very surprised if there wasn't. Unless this guy did a really good job or the crack found the only point of vunerablility. c> crrey wrote: c> c> > Here's an article posted by IDG.net's TechInformer. c> > c> > UNDER RIAA PRESSURE, ACADEMIC DOES NOT PRESENT PAPER c> > (Source: IDG.net) Edward Felten, the Princeton computer science c> > professor who has been at the center of some controversy this week due c> > to a paper he wrote detailing ways to crack the encryption in the SDMI c> > digital music system, chose not to present his findings at a c> > conference. http://www.techinformer.com/go.cgi?id=466403 c> c> For the actual paper, go to c> c> http://www.theregister.co.uk/extra/sdmi-attack.htm c> c> Once it's been copied off the net, there's no way that RIAA can close the c> barn door. c> c> Paul Abrahams c> -- S.Toms - smotrs@mindspring.com - www.mindspring.com/~smotrs SuSE Linux v7.0+ - Kernel 2.2.18 You think Oedipus had a problem -- Adam was Eve's mother. -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com