Netintercept and SSH Decryption
Brian Densmore
DensmoreB at ctbsonline.com
Thu Nov 20 21:03:02 CST 2003
> -----Original Message-----
> From: Jason Clinton
>
> Brian Densmore wrote:
> | No, it actually says that selling or distributing methods
> of cracking
> | encrypted copyrighted material is illegal and ssh is copyrighted
> | encryption. Not to mention that many encrypted ssh tunnels are
> | transmitting copyrighted material, which makes any program
> explicitly
> | designed to unencrypt that data a violation of the DMCA.
> Even if the
> | program doesn't copy the copyrighted material the mere act of
> | unencrypting it (in order to get at passwords, which aren't) is
> | illegal. ...
>
> Your intellect is truly dizzying. :)
>
> If I correctly read your above statement, you are claiming
> that because
> a /method/ of encryption is copyrighted, it is protected by the DMCA.
> This is not correct. From the U.S. Copyright Office's Summary
> on the DMCA:
>
>
>...
>
> Thus, it only protects a copyrighted work that is 'protected' /by/
> encryption.
>
> Also, your claim that the stream cannot be sniffed because the content
> of the encrypted stream is copyrighted material is also not valid. As
> you know, businesses that would use such tools claim
> ownership of all IP
> that originates on their wires. Also, it would be tough to claim that
> your stream was encrypted for the purpose of protecting your copyright
> when, in fact, you were encrypting to protect your privacy.
>
First off, no you are not reading my interpretation the way I meant it, but
close. Secondly, I'm trying to think like a lawyer here. Thirdly,
to say that a company that is transmitting copyrighted material is not
trying to protect that material from copying is just not valid. If I am
writing a new super-duper-fantastic video game and I transmit that source
code from my home office to the physical office for compilation and testing,
I most certainly *do not* want software pirates stealing my code and releasing
it across the internet! This is clearly a valid use of the DMCA to use encryption
(in the form of ssh) across the internet to protect copyrighted material from
duplication. Also, 'sniffing' data from the internet is definitely not legal
unless you have permission to do so from the parties you are sniffing. Just
as it is illegal to tap into someone's phone line without a warrant or
permission. There is nothing in the DMCA that say you must be the author of
the encryption method you use to encrypt data. The fact that the company
may be trying to sell software that may have legitimate uses under the
DMCA doesn't alter the fact that it could be used by persons unknown for
uses that *do* violate the DMCA and thus they are violating the DMCA.
Brian
More information about the Kclug
mailing list