> they made it against the law to even tell anyone.
I’m no fan of the DMCA, but I am pretty skeptical of your apparent claim that this post itself is a potential violation of 17 USC § 1201. Obviously the act of circumvention itself qualifies, as does the code in the GitHub repository the post links to, but can you point to any prosecution of someone for a _prose description_ of circumvention (as opposed to actually making code available)?
The law says “no person shall circumvent” DRM, and later prohibits the distribution of “technology, product, service, device, component, or part thereof” to break DRM. It’s worded pretty carefully to avoid prohibiting more traditional forms of speech like this post, and as far as I’m aware has never been used in the manner you suggest.
They were legally prohibited from saying, on their own website, words like "You can get DeCSS from http://lemuria.org/~tom/DeCSS/" and nothing else. Criminalised speech.
This is going to date me, but I had a t-shirt with basically a code-golf version of DeCSS printed on it and it said "This shirt is illegal" on it or something like that. I never actually wore it in public.
The USA has a lot of criminalised speech, despite the 1A. The most obvious historical example is "I am going to assassinate the president tomorrow at noon", but recently there have been a lot more things you can't say, such as "Fuck Donald Trump" which got someone arrested and deported.
This is the general problem with having a bunch of laws sitting around that allow the government to punish people for things ordinary people regularly do, but then exercise the "discretion" not to punish them until they do something the government doesn't like.
Because then you don't really have any rights. They can't formally punish you for speech but they can punish you for breaking the same unrelated law a million other people broke without knowing and that only you were prosecuted for, "coincidentally" right after you said something they didn't like.
They do have that right, but at the same time, a chaotic and vindictive adminstration can revoke the visa of, and then physically abduct, a non-citizen. They can then make statements that plainly make it clear they did that because of what the non-citizen wrote.
They can also contravene a number of other legal safeguards along the way, and disregard judges' orders.
It appears the US has elected an administration that wants to turn the country into a lawless shithole, where the powerful do whatever the fuck they want, and they deliberately fuck with laws and safeguards, and deliberately target their political enemies (e.g. student activists), to flex how powerful they are.
> They can then make statements that plainly make it clear they did that because of what the non-citizen wrote.
I kind of hate the thing where people want to make this the part that matters, because Trump is a massive outlier who doesn't care about that and says the thing he's not supposed to say.
But the people who still do the prosecution under the pretext and then don't admit to why are even worse, because they're doing the same thing and then lying about it on top of that. If all you do is punish people for not lying, that's not going to solve anything. You need to take away their ability to trump up charges against random people.
I wouldn't be surprised if publishing circumvention code would be argued in court to be violence against earning money for political oriented books (spending money is a necessary and inseparable part of political communication).
These two things aren't even remotely in the same category. Committing a crime, then documenting how you committed that crime and then publishing the instructions for others to repeat that crime with the clear intent to have others repeat that crime, has nothing to do with saying a bunch of words that you haven't even acted on.
Dispute that this should constitute a crime as much as you want (and please, do. Take it to court, get the laws changed, go into politics, get the US fixed, this is bullshit) but for as long as it is: being charged with a crime for "doing crime and teaching others to do the same crime" is not a first amendment violation.
There aren't many words in the first amendment, and none of them are "unless you're telling someone how to commit a crime"
The current regime (before it was a regime) got away with a lot of very bad speech because "the first amendment says all speech is allowed, no matter what" and should be made to hold everyone to the same standard they hold themselves to.
Which part of the text "You can get DeCSS from http://lemuria.org/~tom/DeCSS/" on a website constitutes distribution of "technology, product, service, device, component, or part thereof" ?
Judge Kaplan very likely went beyond what the law allows, in issuing the injunction against Eric Corley for even _adding a hyperlink_ to the DeCSS code on his website.
However, we don't know this for sure, because Corley did not take this to the Supreme Court. There is a chance that the SCOTUS would have accepted the case, and found that neither a hyperlink to computer source code, nor computer source code itself, constitutes "technology, product, service, device, component, or part thereof"... but at the same time, maybe they wouldn't accept it, and maybe they would but it'd cost a lot of money Corley didn't have to see the case through. So who knows? Corley seemed satisfied enough that, even though he was personally enjoined from linking to DeCSS, it nonetheless spread like wildfire all over the world, and DVDs were effectively copyable from that day forward.
Being found not guilty supports my contention. But that case was about distributing circumvention software, not traditional speech. Obviously distributing software that bypasses DRM is directly addressed by the law.
Not necessarily. A cynical modern legal strategy is to bombard people with frivolous legal actions that only the well-heeled can afford. Defendants can argue that claims are baseless or frivolous, but to make that argument, they must hire a lawyer and appear in court.
To see my point, look at the number of frivolous prosecutions now being launched by ... ah, never mind, I don't want to get political.
But individuals have been successfully prosecuted for "aiding and abetting" violations of the DMCA, where speech was a material element of the proscribed behavior. Oh, and -- IANAL.
Not necessarily. Being found not guilty just means that the facts of that specific case, as determined by the jury, did not fit a guilty verdict. It doesn't mean that someone who did a similar or analogous thing couldn't be prosecuted under the same law and found guilty.
I was thinking along the same lines. One of the many places that laws are going to have to catch up to reality. I’m 90% sure that current frontier models could turn this post into a working implementation with a good feedback loop.
> that laws are going to have to catch up to reality
Reality is moving away from states, and is now moving faster than legacy "laws" can ever hope to catch up.
That's a big part of what's fueling the wave of abandonment of DRM. I mostly play bluegrass - and given the lineal connection between traditional music and internet freedom, it probably comes as no surprise - but every serious bluegrass album is DRM-free now. Every grammy winner in the bluegrass and americana categories since at least 2020 has been DRM-free.
They are there. Don't wanna say too much because of the DMCA. Worked on some ebook stuff recently. I even had some ebooks that had unknown encryption passwords on them. Claude came up with a 137-step plan to figure out the passwords and after about 50 different combinations of data it found the matching one.
I covered that in my comment. It’s likely the code violates § 1201 but I doubt the post does. And linking to infringing content is not legally the same thing as publishing it.
2600 got enjoined from linking to DeCSS and that got upheld on appeal, on the basis that linking violated the DMCA's anti-trafficking provisions. From the district court case:
> Defendants then linked their site to those "mirror" sites, after first checking to ensure that the mirror sites in fact were posting DeCSS or something that looked like it, and proclaimed on their own site that DeCSS could be had by clicking on the hyperlinks on defendants' site. By doing so, they offered, provided or otherwise trafficked in DeCSS.
The appeal was mostly about whether the DMCA and/or the specific injunction in question violated the First Amendment, and the court found that it didn't.
(Universal City Studios vs. Reimerdes at the district court level, Universal City Studios v. Corley at the circuit)
Yes. FWIW, as of a few minutes ago when I cloned this one, all the non-git files have the same hashes as the copy of the original I cloned when it was still up.
(to clarify, I wasn't talking about any git-specific hashes, just regular sha2/blake2b hashes of python, json, and font files. However, the two sha1 commit hashes in the git history match as well.)
This is a weird thing with how GitHub forks work. All the objects within a fork network are stored within a global namespace, so you can change the repository name in the URL and find objects that appear to belong to one repository despite being unique to a fork.
Sorry, I don't comment very often and not trolling. I had GitHub open to the repo on my phone and seeing that it had been taken down grabbed a screenshot of the page
https://imgur.com/a/IzUA8mP
The HN thread began on Oct 16 at 20:22 Z. If you visited that github page instantly and took that screenshot instantly, even accounting for 21 hours due to rounding, the commit in that screenshot had to be after Oct 15 23:22.
The repo as I and many other people cloned it has the first commit ("first commit", not "initial commit") at Oct 12 23:20 Z, and the "done" commit at Oct 15 19:37 Z.
A likely explanation is that pixelmelt squashed both commits at or after they put up the blog post, but didn't force-push the rewritten history to github until it hit HN and blew up.
> Obviously the act of circumvention itself qualifies, as does the code in the GitHub repository the post links to, but can you point to any prosecution of someone for a _prose description_ of circumvention (as opposed to actually making code available)?
There used to be some debate about whether a prose description is equivalent to computer code even though there are proofs in information theory that they are. English and C are just two different languages in which you can encode the same information.
But we don't even have to go there anymore. LLMs mean there are now machines that can execute a prose description. Code is speech and speech is code.
https://www.law.cornell.edu/uscode/text/17/1201
The law says “no person shall circumvent” DRM, and later prohibits the distribution of “technology, product, service, device, component, or part thereof” to break DRM. It’s worded pretty carefully to avoid prohibiting more traditional forms of speech like this post, and as far as I’m aware has never been used in the manner you suggest.