from the every-page-you-read-we'll-be-watching-you dept.
Adobe has tweaked its Digital Editions 4 desktop ebook reader to now encrypt the data it secretly sends back to headquarters – data that details a user's reading habits.
Previously, information on every single tome accessed by Digital Editions 4 was phoned home unencrypted, allowing anyone eavesdropping on a network to intercept it. Now that information is transmitted via HTTPS, and only if the book includes copy-protection measures.
Version 4.0 of the software collected detailed records about books the user has been reading, such as which pages were read and when, and sent this intelligence back to the adelogs.adobe.com server. There was no way to opt out of this, short of deleting the application.
Now, with version 4.0.1, that information is encrypted and sent to the aforementioned server, and is limited to books with DRM protections. We note that the server's SSL/TLS configuration scores an A- from Qualys; the server's certificate has a 2048-bit RSA key albeit with a SHA-1 signature, and it prefers RC4 over stronger ciphers.
(Score: 3, Insightful) by pe1rxq on Friday October 24 2014, @03:18PM
In other words: nothing changed for the consumer, your reading habbits are still available to anybody.
The only change is that Adobe has assured that everyone getting the data went through them and has paid them for it.
(Score: 2) by Jeremiah Cornelius on Friday October 24 2014, @04:34PM
LITTLE SNITCH!
http://www.obdev.at/products/littlesnitch/index.html [obdev.at]
You're betting on the pantomime horse...
(Score: 3, Informative) by frojack on Friday October 24 2014, @06:32PM
Apple only, and not at all informative. You can't tell what it is sending.
It gives nothing more than netstat.
No, you are mistaken. I've always had this sig.
(Score: 2) by Jeremiah Cornelius on Friday October 24 2014, @10:21PM
No - Little Snitch has pcap dump, per app socket connection, at a mouse click. I love using this with Wireshark to decode.
Yes - Mac only. That - if I am NOT mistaken - is exactly HALF of the platforms on which Adobe Digital Editions can run. :-)
If Windows had a good, sockets based, outbound application firewall, with pcap dumps, I'd find the tool. ISS BlackICE died 7 years ago.
The primitives for this are all present in Linux. Nobody has ever really built a useable desktop protection like Little Snitch for it. Lots of abandoned projects...
You're betting on the pantomime horse...
(Score: 0) by Anonymous Coward on Saturday October 25 2014, @04:14AM
Nearly useless.
(Score: 2, Insightful) by Anonymous Coward on Friday October 24 2014, @03:19PM
What about blocking adelogs.adobe.com?
(Score: 2, Insightful) by Anonymous Coward on Friday October 24 2014, @03:27PM
What about boycotting DRM laden crap and scummy spyware in the first place?
(Score: 3, Insightful) by Nerdfest on Friday October 24 2014, @03:46PM
... and the companies that insist on pushing it.
(Score: 1, Troll) by Tork on Friday October 24 2014, @11:06PM
Not buying a product over DRM is indistinguishable from not buying a product because your dog ate your credit card. Actions that specifically respond to a given behaviour give voice to the issue.
On a side note: Boycotts are not effective on the mass-consumer scale.
🏳️🌈 Proud Ally 🏳️🌈
(Score: 1) by RedGreen on Saturday October 25 2014, @12:19AM
"On a side note: Boycotts are not effective on the mass-consumer scale."
They are if a greater mass of consumers boycott than do not, all depends on the issue how many you get boycotting...
"I modded down, down, down, and the flames went higher." -- Sven Olsen
(Score: 2) by Tork on Saturday October 25 2014, @12:32AM
They are if a greater mass of consumers boycott than do not, all depends on the issue how many you get boycotting...
Over 7 billion people didn't purchase a Wii-U, yet Nintendo is coercing people to agree to their EULA by bricking their machine until they accept the terms. They don't know how many sales they're not getting via their actions because there are a bazillion reasons people may not purchase the system. The one thing in common with virtually all of the successful boycotts in history is that they involved a step beyond refusing to open your wallet. You're not going to have thousands of people picketing Nintendo's headquarters.
🏳️🌈 Proud Ally 🏳️🌈
(Score: 2) by Tork on Saturday October 25 2014, @10:19AM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 2) by FakeBeldin on Saturday October 25 2014, @09:15PM
On a side note: Boycotts are not effective on the mass-consumer scale.
Reading that comment on SN of all sites brought to mind Alanis Morissette's 90s hit [youtube.com].
(Score: 2) by Tork on Saturday October 25 2014, @09:52PM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 3, Insightful) by Anonymous Coward on Friday October 24 2014, @03:31PM
Gotta agree that the best course of action, is to uninstall and scrub said virus from system.
There should be no doubt in mind about what to do here.
(Score: 2) by frojack on Friday October 24 2014, @06:28PM
You can't block it if you want to open your DRM books.
Previous versions simply authorized the opening, and nothing more.
The best solution IMHO is to retail older versions on your machine and refuse the upgrade. The only reason to keep it at all is so that it can be used by the third party plugins to Calibre can remove the DRM from your purchased books, and then you can use them with any ebook readers.
Other Ebook readers may have adobe plug-ins for authorizing the opening, but it is not clear if these readers also report page turns.
But by and large, the best way is just to kill the drm. They, Adobe crossed the line, and all my obligations are moot in my opinion.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Friday October 24 2014, @06:48PM
> You can't block it if you want to open your DRM books.
Yet another example of how piracy is the best option.
More privacy.
More convenience.
Less price.
(Score: 3, Informative) by frojack on Friday October 24 2014, @07:08PM
I bought the books. There is no piracy. The author and the publisher were compensated for their efforts.
No, you are mistaken. I've always had this sig.
(Score: 2) by sjames on Saturday October 25 2014, @12:49AM
Right, and your reward is being spied on. Had you gone to the pirate bay your privacy would be respected now.
(Score: 2) by tangomargarine on Friday October 24 2014, @07:03PM
The best solution IMHO is to retail older versions on your machine and refuse the upgrade.
Then watch them require the latest version to open the books so fast it makes your head spin.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 0) by Anonymous Coward on Friday October 24 2014, @03:28PM
One reason I ditch'd Winblows was how many times I saw connections to M$ even without a web browser open. Wireshark showing small chunks of data going to M$ IP's. Yes, auto updates were off and there was nothing else running, and it was a legal install.
(Score: 4, Insightful) by Nerdfest on Friday October 24 2014, @04:31PM
My original switch to Linux was when I caught Vista sending the contents of my RSS feeds to Microsoft via their "search server". I originally thought it was a virus, but apparently not. Any non-US government using Windows is not being remotely security conscious.
(Score: 2) by Hairyfeet on Friday October 24 2014, @05:16PM
FUD there is NO "search server" and certainly nothing which ties third party RSS feeds to a MSFT backend. The only difference between Vista Search and XP Search is that you have the OPTION of using the search box to search the Internet, no different than the Google search box on every Android and ChromeOS, no different than Ubuntu search.
But of course whenever you type "M$" that automatically calls for a Linux Party! [ytmnd.com]
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 4, Informative) by Nerdfest on Friday October 24 2014, @05:48PM
SearchFilterHost.exe was the process. It supposedly searches for Windows help topics, but while watching what was going through the firewall I noticed it sending far more than that, and with everything desktop search related disabled. It was sending content from applications. There were reports from others at the time noting the same thing.
(Score: 2) by frojack on Friday October 24 2014, @07:06PM
Totally under your control:
http://www.groovypost.com/reviews/searchfilterhost-exe-windows-process-explained/ [groovypost.com]
Not that moving to linux is a bad thing, but FUD is never warranted.
No, you are mistaken. I've always had this sig.
(Score: 3, Insightful) by HiThere on Friday October 24 2014, @07:17PM
OK. I read what he said. He didn't say how he knew that. The source is closed. The implication is that he was relying on official MS documentation. So believe it if you want to.
For my part, MS has lied to me often enough that I don't trust anything they say without clearly independent confirmation...and proof is better. They aren't, however, quite to the point that I believe that they're lying by default, as the *do* often tell the truth.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by frojack on Friday October 24 2014, @07:29PM
OK. I read what he said. He didn't say how he knew that.
Why not write him and ask him to post his sources, or do some googleing of your own.
MS code is not particularly hard to de-compile. And testing with those settings turned off and testing again turned on is easy to do, and anyone able to determine which EXE was doing the talking, should have been able to do those tests and observe the result with wireshark.
No, you are mistaken. I've always had this sig.
(Score: 2) by Hairyfeet on Friday October 24 2014, @10:24PM
Funny you should post that because I know of which I speak by a little thing called "knowing how to read a wireshark log" which seriously if he is here and talking FUD and can't read a log? Then his ass really shouldn't be on ANY OS that he has any control over...perhaps he should get an iPad?
And lets be honest dude, Vista was still under the antitrust settlement which meant IT WAS THE MOST INVESTIGATED OS EVAR because the court was looking for an excuse to get some more fine money from MSFT. So it wasn't like they were gonna be able to pull off this "conspiracy to hijack RSS feeds" without it getting caught before the thing even reached beta. Oh and FYI I was one of the beta testers on Vista hence why i ran the shark, as the admin to my customers its my job to know what is hooking up where so I can spot any malware or spyware they happen to install. Oh yeah it helps to also actually read the EULA since its all laid out there in B&W what info is collected by what, this is why i didn't say shit about Win 10, its clearly written out in the EULA they are collecting metrics on the UI to see what users use, what they don't, and what they avoid.
But at the end of the day you should have known anybody writing "M$" is throwing FUD, after all that is already the punchline of jokes [penny-arcade.com] because of how whackadoo the ones using it turn out to be. Seriously how hard is it to run wireshark and dependency walker? And as you pointed out if you wanted to know even more its not like MSFT obfuscates their .EXEs, a simple decompile could give you more than you ever want to know but I've found you don't even have to go that far, dependency walker and wireshark will give you all the info that is required to make an informed choice...well that and spending a whole 5 seconds putting the name into Google of course ;-)
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by Nerdfest on Saturday October 25 2014, @04:46AM
If you read back again carefully you'll notice that *I* did not use the term "M$".
(Score: 2) by Hairyfeet on Saturday October 25 2014, @03:59PM
I wasn't talking about you, I was talking about the GP. They really need to fix the threading or do like Ars and have the quotes because anything more than one deep REALLY gets hard to follow, hell beta is easier to keep a conversation going than Slash 2.0 code.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 0) by Anonymous Coward on Friday October 24 2014, @10:50PM
Isn't that illegal?
(Score: 2) by Nerdfest on Friday October 24 2014, @08:41PM
I new that as firewalls in windows will show the executable that requests are coming from. I saw unexplained content going to them. I also saw DNS queries going out to a DNS server on machines at GridServer.com ... but I did not have any machines there set up in any of my DNS settings. The DNS requests were on hosts in the content of the uploaded data.Very suspicious behaviour.
(Score: 2) by Hairyfeet on Saturday October 25 2014, @12:11AM
Source code is NOT magic beans, mmkay? I fucking HATE when FOSSies think source code is magic that protects their asses, see the BASHing that Shellshock is giving you, see heartbleed, hell the obfuscated C code contest should already driven a fucking stake straight through the heart of "many eyes" since with that code YOU KNOW there is malware inside yet to make it to the top 5 more than 75% (on average) of the C programmers, NOT hobbyists like the majority of Linux desktop users but honest to God "I write code for a living" programmers can not find the malware in code that they KNOW is tainted! Now what do you think the odds of that source saving your ass is now? Well considering that Linux is getting a BASHing and Bash is the #1 most vetted code in the entire Linux stack next to the kernel? I'd say it is exactly jack and squat!
so let us be clear, source gives you exactly ONE advantage and ONE ADVANTAGE ONLY and that is this...IF a program you use is abandoned OR the coders go in a direction you don't like AND you can get enough cash or herd enough programmers into supporting your program THEN AND ONLY THEN you can keep a previous version alive, see KDE Classic. ANYBODY can use Google to find out what any MSFT service does, ANYBODY can use wireshark and see what is connecting and where, ANYBODY can use dependency walker to see what in the OS is being called and ANYBODY can use a decompiler and check out the guts of anything in windows since MSFT doesn't obfuscate their code.
Its really not brain surgery but when Linux users start spreading FUD and start acting like source equals magic is when they go from being FOSS users to FOSSies and that is when a Linux Party! [ytmnd.com] is called for.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by cafebabe on Saturday October 25 2014, @01:55AM
You possibly mean The Underhanded C Contest [xcott.com] rather than the The International Obfuscated C Code Contest [ioccc.org].
In a previous discussion, I thought we already established that having source means not waiting for a vendor to produce a fix, if they so choose [soylentnews.org].
Anyone can design their own processor, write their own firmware, write their own operating system, word processor, spreadsheet application, image editor and web browser. Unfortunately, I only have one lifetime so I have to rely on the work of others. And if I'm going to do that, I'd rather poke about in something I can see and change; especially if it costs less.
1702845791×2
(Score: 2) by jasassin on Saturday October 25 2014, @10:09AM
You're a dick.
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 2) by Hairyfeet on Saturday October 25 2014, @03:48PM
Sticks and stones may break my bones but at least I won't have to smell RMS [youtube.com] at a Linux Party! [ytmnd.com]
BTW I'm disappointed, usually the FOSSies go for the circle jerk [tmrepository.com] and goth comeback [tmrepository.com] before heading for the dirty poo poo head [tmrepository.com]. Wow FOSSies be getting lazy yo.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by Leebert on Saturday October 25 2014, @01:29PM
Obviously spoken as someone who has never chased down a bug by reading the source.
(Score: 2) by Hairyfeet on Saturday October 25 2014, @04:36PM
Riiiight, so care to explain why ubuntu has bugs going back to the first year of release still in bugtracker? Oh yeah because "fixing often equals marking it as "won't fix" [tmrepository.com] but of course none of that matters because we are all programmers [tmrepository.com] with nothing better to do than fix somebody else's pathetically bad design choices [tmrepository.com].
But of course that is the reason why the Hairyfeet challenge is celebrating its eighth year without a single "user friendly" [tmrepository.com] distro being able to pass, why Open Source is still buggy as ever [tmrepository.com] and has lots of great software [tmrepository.com]. But hey its free so you can't complain [tmrepository.com] and is led by a great visionary [youtube.com] so what's to complain about?
BTW sorry if too many memes bother you, once upon a time I used to sit there and provide a wall of citations to back everything up but then i realized...it really didn't matter because all you ever getfrom the FOSSies is memes , the same memes that have been used for 20 years, the same propaganda [tmrepository.com], same bullshit about the magic of source and how using a 40 year old UI like Bash (because the developers are too shitty or too fucking lazy to build a decent GUI) is a superior way to interact with a PC instead of what it is, a fucking DOS prompt, its really just SSDD.
So I just quit wasting my time, there really wasn't a point. if that one time X number of years ago you managed to fix somebody else's shittastic code makes you feel good? I'm glad you have found fixing other people's busted bullshit rewarding, I really am. Call me weird but I'd rather NOT mess with busted shit so when i find a program that don't work worth a fuck? I don't use that program but find something that works instead! I know, crazy right? But that's just me, I spend enough time during the week fixing shit for $$$, I'd rather spend my off hours playing my bass or making my wife scream in ecstasy so when I fire up my computer that shit better JUST WORK, and so it does. Ironically all my Linux using admin friends who constantly tried to convert me in the late 90s through mid 00s? Yeah they are all using Macs or (gasp!) Windows now because they too got tired of dealing with alpha level bullshit and having one thing fixed while two others broke.
But hey, if spending your weekends fixing other people's busted shit makes you happy? I'm certainly not gonna take that away from you. Instead all I'll do is steal a line from the FOSSies and say you should try some of the new stuff from the "dark side" because OSX? Works nice, Windows 7 and Windows 10? They are both quite sweet and juicy, in fact I'm typing this from a circa 2009 AMD netbook running Win 10 and MSFT took a page from the Apple book as its actually faster and more responsive on windows 10 by a pretty fair clip. Try it, you might like having software that "just works" without requiring your offhours fixing busted shit.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by HiThere on Saturday October 25 2014, @05:57PM
Since you ask:
There's a lot of code out there. I don't look at most of it. This is also true of everyone else. But if I get concerned enough, I *can* check the code to make sure it's doing what its supposed to do. I will grant that there are ways to create code that's difficult to understand, but that's enough for me to prefer some other version, though usually not enough to cause me to write the code myself.
There are a lot of bugs in Ubuntu because it's a huge project. Note that it includes a LOT more than just the OS.
OTOH, it's also true that some projects could use more support. If I weren't spending all my spare time on my own project, I'd probably contribute. (That I really dislike C and C++ isn't sufficient to stop me finding some way I could support. E.g., many projects could use someone working on the documentation. Some projects are writen in Python. Etc. [FWIW, I'm an old Fortran programmer, and I don't like pointers. I can use them, I even wrote some assembler for now obsolete machines, but I don't like them. And I don't like C++'s templates, though I admire their power.])
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2) by Leebert on Tuesday October 28 2014, @01:29AM
What does that have to do with what I said? Let me remind you how the exchange went:
You:
I replied:
So, you contended there is only one reason why having the source is useful, and I asserted that having the source is useful for debugging. You replied with the fact that Ubuntu has old, unresolved bugs. Which has nothing to do with the fact that having the source code helps me debug things.
In case you don't quite understand, let me give you an example (the best one that popped into my head). Years ago, I found myself fighting with OpenLDAP ppolicy, not understanding why it wasn't working as documented. Now, were I in the realm of "enterprise" software, I would have needed to have opened up a support case (after going through the always entertaining step of proving that I actually have a support contract), then waited for engineering folks to get back to me, hopefully with them finding the issue and (if I'm lucky) sending me a patch in a few days all the while trying the same dead end troubleshooting steps over and over.
In OpenLDAP-land, however, I said to myself: "Well, that don't seem right. Let's just see what this here code is doing." Looked through the code for a little while, found the section of interest, followed the logic, and said: "Ah, here's the problem."
*I patched the bug*, re-compiled (well, built a new .deb), and horray! Working ppolicy. Then I filed a bug report:
http://www.openldap.org/its/index.cgi/Archive.Software%20Bugs?id=4741;selectid=4741;usearchives=1 [openldap.org]
As a bonus (which has nothing to do with my point) they patched it a few hours later in their dev branch.
Yeah, I had to maintain my own patch and package until the fix made it to the official release. But man that sure beats running around in circles trying to figure out if I was doing something wrong, re-reading the administrator manual over and over, continuing to talk to a worthless support tech, ...
And so, hopefully you'll see why this is a clear counter-example of your (IMO) excessively narrow "ONE ADVANTAGE ONLY".
How many years has double-clicking on a row border in Excel not actually re-sized the row correctly? Man, to have the source to fix THAT bug...
(Score: 2) by Nerdfest on Friday October 24 2014, @08:35PM
One user suggests setting up an image redirect for the service’s launch that will autokill it. Another suggested disabling XML indexing. Some suggest disabling Windows search, and others have had to reformat the operating system in order to fix it.
It sounds a bit more like "kind of under my control ... maybe" :)
(Score: 2) by frojack on Friday October 24 2014, @09:16PM
What does "reformat the operating system" actually mean?
A re-install would simply re-install this search facility, because it is part of windows.
Left with the default settings it would behave in exactly the same way.
If you just change the settings and watch what netstat shows you will no longer see connections
to microsoft.
No, you are mistaken. I've always had this sig.
(Score: 0) by Anonymous Coward on Friday October 24 2014, @04:37PM
But just because it was a legal install, doesn't mean you might be thinking of pirating.
M$ needs to watch you to make sure you stay legit!
(Score: 3, Funny) by halcyon1234 on Friday October 24 2014, @04:28PM
Original Submission [thedailywtf.com]
(Score: 2) by maxwell demon on Friday October 24 2014, @04:49PM
Well, just wait for the internet of things, then your physical book will also communicate with the publisher's servers.
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by BsAtHome on Friday October 24 2014, @04:52PM
(tinfoil_hat)
You know that those items are on the forbidden list, don't you? A team of re-educators has been dispatched to make sure no adverse effect are detected and remain.
(/tinfoil_hat)
Just when you think it is all fiction, someone has to prove you wrong, again.
(Score: 3, Insightful) by jcross on Friday October 24 2014, @04:48PM
I can think of some fairly innocuous reasons for collecting the data, say keeping your place when switching devices or something. But I can't think of any good reason to do it ONLY for DRM'd content. That little detail makes it clear this is not for the user's benefit. Combine this with the fact that bootleg ebooks in my experience often have fewer errors than their commercial counterparts (which for older books sometimes look like uncorrected OCR scans) and it starts to seem like the book industry is doing its best to kill itself.
(Score: 0) by Anonymous Coward on Friday October 24 2014, @06:09PM
For Dan Halbert, the road to Tycho began in college—when Lissa Lenz asked to borrow his computer. Hers had broken down, and unless she could borrow another, she would fail her midterm project. There was no one she dared ask, except Dan.
This put Dan in a dilemma. He had to help her—but if he lent her his computer, she might read his books. Aside from the fact that you could go to prison for many years for letting someone else read your books, the very idea shocked him at first. Like everyone, he had been taught since elementary school that sharing books was nasty and wrong—something that only pirates would do.
And there wasn't much chance that the SPA—the Software Protection Authority—would fail to catch him. In his software class, Dan had learned that each book had a copyright monitor that reported when and where it was read, and by whom, to Central Licensing. (They used this information to catch reading pirates, but also to sell personal interest profiles to retailers.) The next time his computer was networked, Central Licensing would find out. He, as computer owner, would receive the harshest punishment—for not taking pains to prevent the crime.
Of course, Lissa did not necessarily intend to read his books. She might want the computer only to write her midterm. But Dan knew she came from a middle-class family and could hardly afford the tuition, let alone her reading fees. Reading his books might be the only way she could graduate. He understood this situation; he himself had had to borrow to pay for all the research papers he read. (Ten percent of those fees went to the researchers who wrote the papers; since Dan aimed for an academic career, he could hope that his own research papers, if frequently referenced, would bring in enough to repay this loan.)
Later on, Dan would learn there was a time when anyone could go to the library and read journal articles, and even books, without having to pay. There were independent scholars who read thousands of pages without government library grants. But in the 1990s, both commercial and nonprofit journal publishers had begun charging fees for access. By 2047, libraries offering free public access to scholarly literature were a dim memory.
There were ways, of course, to get around the SPA and Central Licensing. They were themselves illegal. Dan had had a classmate in software, Frank Martucci, who had obtained an illicit debugging tool, and used it to skip over the copyright monitor code when reading books. But he had told too many friends about it, and one of them turned him in to the SPA for a reward (students deep in debt were easily tempted into betrayal). In 2047, Frank was in prison, not for pirate reading, but for possessing a debugger.
Dan would later learn that there was a time when anyone could have debugging tools. There were even free debugging tools available on CD or downloadable over the net. But ordinary users started using them to bypass copyright monitors, and eventually a judge ruled that this had become their principal use in actual practice. This meant they were illegal; the debuggers' developers were sent to prison.
Programmers still needed debugging tools, of course, but debugger vendors in 2047 distributed numbered copies only, and only to officially licensed and bonded programmers. The debugger Dan used in software class was kept behind a special firewall so that it could be used only for class exercises.
It was also possible to bypass the copyright monitors by installing a modified system kernel. Dan would eventually find out about the free kernels, even entire free operating systems, that had existed around the turn of the century. But not only were they illegal, like debuggers—you could not install one if you had one, without knowing your computer's root password. And neither the FBI nor Microsoft Support would tell you that.
Dan concluded that he couldn't simply lend Lissa his computer. But he couldn't refuse to help her, because he loved her. Every chance to speak with her filled him with delight. And that she chose him to ask for help, that could mean she loved him too.
Dan resolved the dilemma by doing something even more unthinkable—he lent her the computer, and told her his password. This way, if Lissa read his books, Central Licensing would think he was reading them. It was still a crime, but the SPA would not automatically find out about it. They would only find out if Lissa reported him.
Of course, if the school ever found out that he had given Lissa his own password, it would be curtains for both of them as students, regardless of what she had used it for. School policy was that any interference with their means of monitoring students' computer use was grounds for disciplinary action. It didn't matter whether you did anything harmful—the offense was making it hard for the administrators to check on you. They assumed this meant you were doing something else forbidden, and they did not need to know what it was.
Students were not usually expelled for this—not directly. Instead they were banned from the school computer systems, and would inevitably fail all their classes.
Later, Dan would learn that this kind of university policy started only in the 1980s, when university students in large numbers began using computers. Previously, universities maintained a different approach to student discipline; they punished activities that were harmful, not those that merely raised suspicion.
Lissa did not report Dan to the SPA. His decision to help her led to their marriage, and also led them to question what they had been taught about piracy as children. The couple began reading about the history of copyright, about the Soviet Union and its restrictions on copying, and even the original United States Constitution. They moved to Luna, where they found others who had likewise gravitated away from the long arm of the SPA. When the Tycho Uprising began in 2062, the universal right to read soon became one of its central aims.
Author's Note
[This note has been updated several times since the first publication of the story.]
The right to read is a battle being fought today. Although it may take 50 years for our present way of life to fade into obscurity, most of the specific laws and practices described above have already been proposed; many have been enacted into law in the US and elsewhere. In the US, the 1998 Digital Millennium Copyright Act (DMCA) established the legal basis to restrict the reading and lending of computerized books (and other works as well). The European Union imposed similar restrictions in a 2001 copyright directive. In France, under the DADVSI law adopted in 2006, mere possession of a copy of DeCSS, the free program to decrypt video on a DVD, is a crime.
In 2001, Disney-funded Senator Hollings proposed a bill called the SSSCA that would require every new computer to have mandatory copy-restriction facilities that the user cannot bypass. Following the Clipper chip and similar US government key-escrow proposals, this shows a long-term trend: computer systems are increasingly set up to give absentees with clout control over the people actually using the computer system. The SSSCA was later renamed to the unpronounceable CBDTPA, which was glossed as the “Consume But Don't Try Programming Act”.
The Republicans took control of the US senate shortly thereafter. They are less tied to Hollywood than the Democrats, so they did not press these proposals. Now that the Democrats are back in control, the danger is once again higher.
In 2001 the US began attempting to use the proposed Free Trade Area of the Americas (FTAA) treaty to impose the same rules on all the countries in the Western Hemisphere. The FTAA is one of the so-called free trade treaties, which are actually designed to give business increased power over democratic governments; imposing laws like the DMCA is typical of this spirit. The FTAA was effectively killed by Lula, President of Brazil, who rejected the DMCA requirement and others.
Since then, the US has imposed similar requirements on countries such as Australia and Mexico through bilateral “free trade” agreements, and on countries such as Costa Rica through another treaty, CAFTA. Ecuador's President Correa refused to sign a “free trade” agreement with the US, but I've heard Ecuador had adopted something like the DMCA in 2003.
One of the ideas in the story was not proposed in reality until 2002. This is the idea that the FBI and Microsoft will keep the root passwords for your personal computers, and not let you have them.
The proponents of this scheme have given it names such as “trusted computing” and “Palladium”. We call it “treacherous computing” because the effect is to make your computer obey companies even to the extent of disobeying and defying you. This was implemented in 2007 as part of Windows Vista; we expect Apple to do something similar. In this scheme, it is the manufacturer that keeps the secret code, but the FBI would have little trouble getting it.
What Microsoft keeps is not exactly a password in the traditional sense; no person ever types it on a terminal. Rather, it is a signature and encryption key that corresponds to a second key stored in your computer. This enables Microsoft, and potentially any web sites that cooperate with Microsoft, the ultimate control over what the user can do on his own computer.
Vista also gives Microsoft additional powers; for instance, Microsoft can forcibly install upgrades, and it can order all machines running Vista to refuse to run a certain device driver. The main purpose of Vista's many restrictions is to impose DRM (Digital Restrictions Management) that users can't overcome. The threat of DRM is why we have established the Defective by Design campaign.
When this story was first written, the SPA was threatening small Internet service providers, demanding they permit the SPA to monitor all users. Most ISPs surrendered when threatened, because they cannot afford to fight back in court. One ISP, Community ConneXion in Oakland, California, refused the demand and was actually sued. The SPA later dropped the suit, but obtained the DMCA, which gave them the power they sought.
The SPA, which actually stands for Software Publishers Association, has been replaced in its police-like role by the Business Software Alliance. The BSA is not, today, an official police force; unofficially, it acts like one. Using methods reminiscent of the erstwhile Soviet Union, it invites people to inform on their coworkers and friends. A BSA terror campaign in Argentina in 2001 made slightly veiled threats that people sharing software would be raped.
The university security policies described above are not imaginary. For example, a computer at one Chicago-area university displayed this message upon login:
This system is for the use of authorized users only. Individuals using this computer system without authority or in the excess of their authority are subject to having all their activities on this system monitored and recorded by system personnel. In the course of monitoring individuals improperly using this system or in the course of system maintenance, the activities of authorized user may also be monitored. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals possible evidence of illegal activity or violation of University regulations system personnel may provide the evidence of such monitoring to University authorities and/or law enforcement officials.
This is an interesting approach to the Fourth Amendment: pressure most everyone to agree, in advance, to waive their rights under it.
(Score: 2) by cafebabe on Saturday October 25 2014, @02:14AM
We've had this conversation already [soylentnews.org]. Unfortunately, some people still don't get it [soylentnews.org].
1702845791×2
(Score: 3, Insightful) by aristarchus on Friday October 24 2014, @06:47PM
There was no way to opt out of this, short of deleting the application.
So, it seems that there is way out of this, the best way! I find that usually I can read books without an application. We can never trust Adobe again.
(Score: 2) by AnonTechie on Friday October 24 2014, @07:48PM
After uproar, Adobe begins encrypting user data collected from Digital Editions app. Adobe Systems said Thursday it is now encrypting data it collects about certain ebooks after facing criticism earlier this month for not protecting the data.
http://www.pcworld.com/article/2838592/adobe-begins-encrypting-user-data-collected-from-digital-editions-app.html [pcworld.com]
Albert Einstein - "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
(Score: 0) by Anonymous Coward on Friday October 24 2014, @10:59PM
So, their solution to people being upset that all their data is being recorded by Adobe is simply to encrypt the data so nobody knows what's being taken?