ZDNet reports on a study by Evans Data, that says Java developers will outnumber C/C++ developers by 2002.

TheStandard’s take on the Felten team SDMI presentation Wednesday: “Someone thumbed his nose at copyright
protection Wednesday without getting
arrested, indicted or sued. Princeton
professor Edward Felten and a grad student
told security experts at a conference how to
crack digital watermarks that are supposed
to prevent copying.”

The Associated Press reports that two Korean brothers offering a song trading service have been arrested for copyright violations.

eWeek reports that privacy groups have filed a complaint agains Microsoft’s Passport service with the Federal Trade Commission.

Posted at LWN.net: “There is a remotely exploitable memory overwrite vulnerability in the
fetchmail-ssl package. An exploit is known to exist.”

“A press release for 1.4.1. Timing on this release is approximately
5-6 weeks, which works well for a press release. Need to get list
of enhancements to Leslie so she can draft something.”

Minutes of the GNOME Board meeting 7 Aug 2001
Date: 16 Aug 2001 12:30:26 -0400
From: Owen Taylor 
To: foundation-announce@gnome.org
Cc: foundation-list@gnome.org


Minutes of the GNOME Foundation Board Meeting (Aug 7, 2001)
        ===========================================================

Presents:
=========
    Havoc Pennington (chair)
    Jim Gettys
    Raph Levien
    Owen Taylor (minutes)
    Federico
    Miguel
    Leslie Proctor  (to discuss PR issues)

Regrets:
========
    Dan Mueth
    Daniel Veillard
    Bart

Missing:
========
    Maciej Stachowiak
    John Heard
    

Decisions:
==========

 - approved last week's minutes and actions

Finshed Actions:
================

  ACTION: Federico to post the new version of the email/CVS/shell
          account policy.
   => DONE (see below)

  ACTION: Havoc to push through employment agreement for executive
          director.
   => DONE

  ACTION: Havoc to email Leila about press release changes and status.
   => DONE

  ACTION: Havoc, Owen, and John to discuss a possible accessibility
          kit release with the accessibility team.
   => DONE

  ACTION: Martin to write up a list of API issues and status report
          for GNOME 2.0.
   => DROPPED

Actions:
========

  ACTION: Dan to work with Membership Committee to re-open the
          membership list.
   => still pending

  ACTION: Havoc to sent the Advisory Board list to the Board,
          looking for completion of the member liason.
   => Waiting for update from the director.

  ACTION: John to try to get a copyright assignment form and procedure
          for the GNOME Foundation.
   => Still pending.  

  ACTION: Maciej to email the Board the current draft of the platform
          license policy for review.
   => Still pending.

  ACTION: Havoc to email Sander to see if he has a suggestion for
          a replacement release coordinator.
   => Havoc doesn't remember

New Actions:
============

  ACTION: Havoc to send Leslie ATK press release draft

  ACTION: Havoc to send mail introducing Kjartan to Leslie
    so that we can get feature list for 1.4.1 press release.

  ACTION: Owen to check details of email/shell-account/cvs policy.
  
  ACTION: Federico to put email/shell/cvs policy into gnome-docu
    and mail to foundation-list.

  ACTION: Dan to find someone to help out with membership committee.

  ACTION: Havoc to contact Keith Packard to find out more information
    about interop hothouse at ALS/X Techinical Conference.

Discussion:
===========

  - The ATK press release for LinuxWorld. People were generally
    comfortable with it with the current modifications (less hype, 
    something to download, clear that the target is developers).

  - A press release for 1.4.1. Timing on this release is approximately 
    5-6 weeks, which works well for a press release. Need to get list 
    of enhancements to Leslie so she can draft something.

  - Email/CVS policy. Went over current provisions briefly, no 
    objections.

  - Membership committee. Dan indicated that things were moving
    slowly and we might need to add someone else to the committee
    to help out.

  - Apparently there is an opportunity to have a GNOME/KDE interoperability
    hothouse at the X Technical conference/ALS. Rooms and network
    connections are available, but someone would have to organize,
    make sure that the right people showed up, etc.

_______________________________________________
foundation-list mailing list
foundation-list@gnome.org
http://mail.gnome.org/mailman/listinfo/foundation-list

– By Grant Gross –

In the end, the long-awaited presentation of the Princeton and Rice University researchers, who hacked the recording industry’s experimental digital music anti-copying technology, was anti-climactic, in more ways than one.

The presentation, first scheduled at a conference in April but postponed because of legal threats from the recording industry, went on without a hitch Wednesday evening when Princeton grad student Scott Craver talked about the team’s successful compromise of the Secure Digital Music Initiative before a crowd of hundreds at the 10th
USENIX Security Symposium in Washington, D.C., with many more watching on a live webcast.

Before the presentation began, there were fatalistic jokes from the audience that the FBI was arriving at any moment to arrest conference organizers — as the FBI did with Russian programmer Dmitry Sklyarov in July — and confiscate copies of the presentation for alleged violations of the U.S. Digital Millennium Copyright Act, the law the recording industry had used to threaten Professor Edward Felten and his team with a lawsuit.

But the jokes turned out to be nothing more than speculation. “We are very proud that this was a very anti-climactic USENIX conference and Scott got to present this paper as though there was nothing behind it,” said Cindy Cohn, legal director of the Electronic Frontier Foundation, part of the team that’s guided Felten’s group.

Even Craver downplayed any drama during his half-hour presentation of how the Felten team defeated all four “watermarking” technologies during a three-week SDMI contest in the fall of 2000, in which the public was invited to take a shot at the recording industry’s secretive anti-copying efforts.

“We believe that if this technology is deployed, it will be broken quickly,” Craver noted. “The first thing we learned is there are no secret computer science or engineering skills needed. The only dirty secret in our paper is that there really aren’t any dirty secrets. Someone with a reasonable amount of expertise in signal processing could do what we did.”

Felten had Craver present the paper, Reading Between the Lines: Lessons from the SDMI Challenge, because the lead grad student researcher is typically the presenter at a conference. Craver described in some detail how the team detected echoes or time warps in music samples provided in the SDMI challenge, as a way to watermark digital music to keep it from being copied. Craver said the team apparently also defeated two other “signature track” circumventions, but the SDMI online oracle appeared to malfunction when the team submitted its results.

“Maybe they can try to have better watermarks and have a four-week challenge,” Craver joked. “Without those limitations imposed on the challenge, I think that any watermarking scheme probably would be broken.”

Craver also noted that one of the watermarking schemes appeared to be a method patented by Verance Corp., a member of the SDMI Foundation. “Security through obscurity (still) does not work,” his Power Point slide said, prompting laughter from the audience. He added: “Here we have not only proprietary secret algorithms, but they apparently used one that was patented, and therefore, publicly available.”

Although no cops or record-company lawyers descended on the USENIX conference, there were several questions about the lingering effect of the DMCA on technology research during a panel discussion after Craver’s presentation. Felten’s team and its lawyers are suing the recording industry, SDMI and the U.S. government in federal court, asking that the anti-circumvention provisions of the DMCA be declared unconstitutional so that other scientists and programmers don’t have to worry about getting sued or arrested for their work.

At a Wednesday morning press conference, Felten and Cohn said the team had the recording industry’s blessing to present the paper, but they had no assurances that the Felten team or other scientists would be safe from other lawsuits for presenting the same information or other work based on the Felten research at a later date.

One college student asked the panelists whether he could be sued under the DMCA for summarizing the evening’s events to his professor. Cohn and Peter Jaszi, an intellectual property professor at the American University law school, said that was unlikely, but if the student included a critique of the Felten team’s methods, the student should “theoretically” be concerned because that might run afoul of the DMCA’s prohibition on trafficking in anti-circumvention technologies, Jaszi said.

After the student asked if he could write software based on the Felten team presentation, the crowd of security experts collectively mumbled a warning. “Do you have my email?” electronic rights defender Cohn asked the student. “Then I think there is general consensus … that you’d be in trouble.”

Felten added: “I’d like to point out, ‘Can I tell my advisor what I saw here?’ doesn’t have a simple answer.”

Another audience member asked the panel how far the anti-circumvention provisions of the DMCA can go, noting, apparently half-seriously, that that Jaszi’s discussion of the weaknesses in the law may actually violate the law. Cohn said she can’t predict how the DMCA will be next enforced, but she urged the techie audience to each warn five non-geeks about the problems with the DMCA.

“The Digital Millennium Copyright Act’s anti-circumvention provisions set up a system where, essentially, the government outsourced censorship of science,” Cohn said. “The government allowed industries that create digital rights management schemes and people whose works are protected by those schemes to serve as censors of scientists … Our argument is, government censorship directly by the government is not OK, and government outsourcing of censorship to private entities is not OK, either.”

Asked why the public doesn’t seem to care about problems with the DMCA, Cohn answered that it hasn’t affected most people, at least not yet.

“This is where the EFF lives and where many of you live — we live on the cutting edge,” she said. “We’re looking at problems that actually haven’t hit home to the consumer yet. That’s where we always try to be … until everyone else catches up.”

ZDNET: “Microsoft late Tuesday issued a nearly finished version of Windows XP to testers,
signaling it plans to release final code earlier than expected.

The Redmond, Wash.-based software giant had told PC makers to expect final code, which
would be used to install Windows XP on new computers, around Aug. 22. But Microsoft now is
expected to certify final Windows XP code within the next few days.”

Wired: “The recording industry huffed and puffed, and threatened to sick the DMCA on a Princeton professor if he talked about a paper describing the cracking of anti-copying technology. Undeterred, Ed Felten talked anyway.”

CNET: “Intel will demonstrate a mobile version of the Pentium 4, release a 2GHz desktop chip and
outline a number of other initiatives at its developer forum later this month, as the
high-tech industry moves into the living room.”