Anti-counterfeit software: implications for Open Source

Posted 14 Jan 2004 at 18:43 UTC by lkcl Share This

"The anti-counterfeit software in Photoshop CS was developed by the Central Bank Counterfeit Deterrence Group, an organization established by the governors of the G-10 central banks to promote the use of anti-counterfeit devices in the computer industry....The inner workings of the counterfeit deterrence system are so secret that not even Adobe is privy to them. The Central Bank Counterfeit Deterrence Group provides the software as a black box without revealing its precise inner workings, Connor said."

What happens when the CBCDG wants to target Open Source?

I like this one: it's a classic example of arrogant (ego + ignorance) security-unconscious people thinking that they can second-guess nerds, brain-dead office staff and kids with time to waste.

My favourite security equation i've seen written in mathematical notation read (in words) something like this:

Sum of Security tends to zero as the Number of Idiots tends to infinity

Now, the CBCDG clearly hasn't heard of this equation before, otherwise they would have insisted that both money and Adobe software not be given to idiots. Oh, darn, no, that's not right: I mean, that they would have paid lawyers a lot of money to sue anyone who used the equation above because they, uh... came up with it first, and, uh... under the DMCA anyone who is an idiot is breaking the law. Yes, that's it. yes. whew, problem solved.

Unfortunately, the problem as I see it is not that this anti-counterfeit software doesn't work, and isn't going to work, it's more that it is likely to be force-fed down all image software vendor's throats - including at some point, Open Source programs.

In particular, what happens when they try to mandate that their brain-dead anti-counterfeiting software be added to the GIMP? Are they going to provide full source code? Are they.... going to provide a library which the GIMP software is expected to call? Uhm.... are theyy.... going to lobby that the GIMP is illegal?

What's next, guys? come on! bring it on! Make it illegal for people to think, why don't you! Yes, that's what you should do: you should instead of trying to tackle the problem in technological restrictions, maybe just MAYBE you should spend the money on solving the problems that make people want to forge money in the first place.

*chuckle*, posted 14 Jan 2004 at 20:07 UTC by Omnifarious » (Journeyer)

Trying to make it so people don't want to forge money can't really be done. No matter how much people have, they will always want more. Maybe it's not true of you. Maybe it's not true of most people even, but it's true of enough that you can't solve the problem by trying to convince people that they don't want to forge money.

The best solution is to make money that's very hard to forge and easily checked. The algorithms for doing it already exist.

Legal ground, posted 14 Jan 2004 at 21:15 UTC by gobry » (Journeyer)

What could be the legal ground for forcing this on The GIMP developers ? I only know US law through /., so forgive my ignorance :-)

BTW, if this could be done, the RIAA would already have used it!

Re: Legal ground, posted 14 Jan 2004 at 21:48 UTC by Omnifarious » (Journeyer)

You could declare GIMP to be an illegal circumvention device under the DMCA.

legal???, posted 14 Jan 2004 at 22:25 UTC by lkcl » (Master)

who said anything about it having to be legal!! ... that having been said, i imagine that the laws required are being drafted already.

after all, it could be TERRORISTS who are using photoshop to create their own money, so it's REALLY IMPORTANT that these irresponsible open source developers cooperate, submit to lobotomies, or watch more television.

yep, that'd do it. more telly. less creativity.

images containing security measures required, first, posted 14 Jan 2004 at 22:30 UTC by lkcl » (Master)

the GIMP would only be an illegal circumventer of the DMCA if images contained proprietary security measures.

so, let's see... bank notes contain security measures, and are also copyrighted. the use of any image manipulation software (GIMP, photoshop, ms-paint) is circumventing those security measures. ergo, under the DMCA, the US treasury has grounds for banning the GIMP, photoshop and all tools used by graphic artists, in the same way that gdb and programming debugging tools are banned.

now let's see if we can get everyone's attention:

hey, could anyone using image programs to circumvent bank security measures by copying bank notes _please_ turn themselves in, you're putting freedom of information at risk, here.

Are we all forgetting that this is 100% LEGAL?, posted 15 Jan 2004 at 02:39 UTC by hacker » (Master)

Scanning money is legal. Photocopying U.S. currency is legal. Photoshop'ing scanned/photocopied U.S. currency is legal. You have to wonder how adding this "feature" to Adobe's products (which has already been circumvented) increases their business. What customer do you think required that this be added to their core product, instead of an additional filter or other tool? Makes you wonder who Adobe is really taking directions from.

Selling or distributing printed copies of that currency as a replacement for legal tender however, is not legal. Putting in controls to try to restrict the ability to scan/modify/create images of U.S. currency in proprietary or Free Software products and projects, is doomed to fail.

What is interesting though, is that the latest U.S. Treasury documents states the following:

" Printed reproductions, including photographs of paper currency, checks, bonds, postage stamps, revenue stamps, and securities of the United States and foreign governments (except under the conditions previously listed) are violations of Title 18, Section 474 of the United States Code. Violations are punishable by fines of up to $5,000, or 15 years imprisonment, or both."

So now, it seems to be against the law, to have photographs of U.S. currency. Does that include the numismatists on ebay, and coin collectors? How do you show someone who is buying parts of your collection, without showing them pictures of it? Provide a police sketch of that 1900 nickel?

For several years now, most (all?) photocopiers that are used to copy money, store the date and time of that transaction in the photocopier itself. When the service technician comes in to service the copier, they see that transaction log, and are legally required to report it to the proper authorities for investigation. Nice.

What's next? Restricting digital cameras from being able to take pictures of money? What about adding restrictions to make it impossible to modify images that contain company logos, such as Coca-Cola, or Pepsi, or Taco Bell? What about digital cameras? Scanners?

At what point do we just say enough-is-enough? As with any of these silly "restrictions" that are supposed to "protect" us, the only people who suffer, are the innocent ones, no matter what country you happen to be in.

I can see it now, posted 15 Jan 2004 at 17:16 UTC by keybuk » (Master)

"The Thunderbird Law", as the general public will eventually learn to stop calling it.

Photographs of money can be illegal, posted 15 Jan 2004 at 17:48 UTC by jbuck » (Master)

According to a law on the books, photographs of US money are illegal unless in black and white and the size is either less than 3/4 or more than 1 1/2 times the original. That law is obviously not strictly enforced, partly because of First Amendment problems in cases where it is obvious that no fraud is intended.

which law is that?, posted 15 Jan 2004 at 17:49 UTC by lkcl » (Master)

is that the one where everything comes with strings attached, and the words are obviously coming down the wires?

or were you referring to something else?

[the thunderbirds puppets were extremely sophisticated: the mouths were mechanically voice-activated and powered from the strings!]

European legislative proposal, posted 15 Jan 2004 at 19:42 UTC by schoen » (Master)

There is actually a proposal for EU legislation to require devices and software to detect a counterfeit deterrent watermark (probably the CBCDG watermark, which is said to have been invented by Digimarc and is more sophisticated than the visible Eurion mark discovered by Markus Kuhn). The funny thing is the parallelism between this proposal and a U.S. movie studio proposal to "close the analog hole" for digitization of video by requiring all devices to detect a copyright watermark. This means that watermark detection mandates have now been proposed for similar classes of devices for two different applications.

Watermark detection rules are typically written with "robustness requirements" that require measures to deter end-user modifications. These are obviously a poor fit with our practice of encouraging end-user modifications.

The Thunderbird Law, posted 16 Jan 2004 at 14:48 UTC by keybuk » (Master)

International Rescue used to come down pretty hard on anyone trying to take a picture of a Thunderbird.

It's not about legality..., posted 17 Jan 2004 at 17:08 UTC by apenwarr » (Master)

I doubt Adobe did this because "it's illegal" to work digitally with images of money, and of course, as someone else said, it's probably not about improving customer service.

I imagine the CBCDG just paid them a boatload of money to integrate their silly module which doesn't do anything noticeable anyway. Well, good for them! More money for software companies, less for the central bank. Okay, well, the central bank can just make more if they want. But you see my point :)

Monopoly money, posted 18 Jan 2004 at 23:48 UTC by notzed » (Master)

Maybe if your currency was a little more up to date than the dark-ages colourless monopoly money you have now, it might be a better deterrant to copying it.

a private company is not legitimate as a cop is, posted 21 Jan 2004 at 18:29 UTC by gilbou » (Observer)

looks like nonsense. doing forgery of money is illegal. the tools that people use are not interesting. software for editing pictures should do its work and nothing else. if people use tools, either software or mechanical ones, to break the law and get arrested, we have laws. what adobe has done in accepting code from an external party is act like police, and they are not police. the government grants authority to the police, so law is applied and respected. private companies are no substitutes for law and because the law forbids to forge money does not give adobe or any other company the right to act as police. police officers are trained, it is a full time job and requires a broad knowledge of law and regulations. this is complicated enough and we do not need a private, corporate police adding a layer over it. there is a very strong problem of legitimity here. even if the law forbids forgery, this does not grant a private company the right to apply law. unacceptable.

A joke, posted 25 Jan 2004 at 14:58 UTC by Malx » (Journeyer)

Policeman to girl: I'll suit you! You have the gun!
Girl: But I have not killed anyone!
Policeman: But you have the tool to kill!!!
Girl: So I'll suit YOU for trying to rape me!
Policeman: But why?! I have not!
Girl: Why? But you have the tool for doing this! :)

Don't you think DMCA is like that policeman? ;)

war on terror, posted 28 Jan 2004 at 21:30 UTC by lkcl » (Master)

hm... sounds like the pre-emptive god-given right to xxxx anyone over before they xxxx you.

... gets countries into serious difficulties _real_ fast, creating enemies they never thought they'd ever have.

usually in places they've never heard of.

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!

Share this page