US Copyright Group Recommends Legalizing Rootkits To Fight IP Theft

rated by 0 users
This post has 4 Replies | 0 Followers

Top 10 Contributor
Posts 26,492
Points 1,196,580
Joined: Sep 2007
ForumsAdministrator
News Posted: Mon, May 27 2013 2:06 PM
On any given day in the United States you will find a number of really, really terrible ideas being floated as smart decisions. Flying to Hawaii to give birth in the ocean surrounded by dolphins. A drunk man repeatedly directing traffic in midtown Manhattan. And, today, from the USA Intellectual Property Theft Commission, a 90 page report on the state of IP around the world, the dangers posed to American IP by the Internet, and one remarkable suggestion on how to fix the problem.
Additionally, software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account...

[T]here are increasing calls for creating a more permissive environment for active network defense that allows companies not only to stabilize a situation but to take further steps, including actively retrieving stolen information, altering it within the intruder’s networks, or even destroying the information within an unauthorized network. Additional measures go further, including photographing the hacker using his own system’s camera, implanting malware in the hacker’s network, or even physically disabling or destroying the hacker’s own computer or network.


This Is Very Disheartening


The worrisome thing about this recommendation is that it shows just how deeply the content industry fails to understand the nature of the Internet. I'm not referring to the free flow of information -- they've never understood that -- but the basic definition of what constitutes a secure network. SOPA and PIPA threatened the integrity of the Internet partly because they imposed unreasonable burdens of policing on companies currently protected by the DMCA's safe harbor clause and would have given corporations within the US broad power to order the removal of content from the Internet without following the rules of due process.

This is arguably worse. The IPTC is arguing for the creation of supra-judicial authority to engage in destructive behavior against individuals and corporations. The only way such actions could be achieved is if systems are rootkitted from the beginning, thereby granting the MPAA/RIAA permanent access to the information stored on the systems in question. While the report doesn't attempt to insist that such content be integrated into a system at the OS level, that's virtually the only way to ensure that the spyware is distributed to everyone.

It genuinely does not seem to have occurred to these people what would happen to a large corporation if a hacker used these rootkits to gain unfettered access to sensitive data. We've already seen the damage such networks can do on an international scale with the discovery of the Red October botnet last year -- now, imagine if every system in the world (or, at least, every system with the ability to play back multimedia content) was rootkitted?

But it actually gets worse than that. If your PC is attached to a network of devices in a government or corporate setting, the damage any single user can do to the network is exceedingly limited if the system is properly secured. The IPTC wants the ability to "destroy the hacker's own computer or network." That requires super-user level access, not just to the computer, but to the network itself.

Security Concerns Dwarf Piracy Issues

Should you care? I think so. Not because the IPTC is unilaterally writing US law, but because these are the viewpoints that represent one half of the conversation taking place on what's reasonable for IP law. It doesn't matter if you take a strict view on content distribution and piracy or if you don't believe piracy meaningfully exists in the digital realm -- the security flaws in this recommendation should have made it an obvious non-starter from the beginning.

After SOPA and PIPA exploded, I'd hoped that there'd be real conversations on why the laws were unacceptable from a security and enforcement standpoint. Clearly that hasn't happened.
  • | Post Points: 65
Not Ranked
Posts 3
Points 15
Joined: May 2013

Wow. I'm glad you posted this story as it should have been presented, a bad idea by out of touch people. I get that companies need to try and protect their IP but at the same time they shouldn't get to screw everyone over to make bigger profits. One way I look at piracy, is just because someone pirates a movie or game or whatever, doesn't mean they would pay for it if piracy was not an option. A lot of stuff is over priced and a lot of people wouldn't have the money to pay for it regardless. The huge losses companies claim from piracy, I don't believe is anywhere near as bad as they try to make it out to be. Your not loosing money if the person pirating never would have paid for the product in the first place.

  • | Post Points: 5
Top 100 Contributor
Posts 1,077
Points 11,665
Joined: Jul 2009
Joel H replied on Mon, May 27 2013 8:29 PM

But that's the problem. This isn't an idea that should be framed by "Do I support Internet piracy?"

Let's say I believed that Internet piracy was the worst threat imaginable, strongly supported coypright, and wanted to create a strict licensing system. Fine. Good.

You do not create a licensing system by purposefully creating insecurities and pretending you, and only you, have access to them.

  • | Post Points: 5
Top 10 Contributor
Posts 8,705
Points 104,490
Joined: Apr 2009
Location: Shenandoah Valley, Virginia
MembershipAdministrator
Moderator
realneil replied on Mon, May 27 2013 9:14 PM

This, if implemented, will be a boon for Lawyers,................

Dogs are great judges of character, and if your dog doesn't like somebody being around, you shouldn't trust them.

  • | Post Points: 5
Top 150 Contributor
Posts 470
Points 7,070
Joined: Feb 2008
Location: United States
AjayD replied on Tue, May 28 2013 7:05 AM

The abolishment of privacy and the ability to disable and destroy individual's computers, sounds like the Chinese government's wet dream. I can't believe the USA Intellectual Property Theft Commission has the audacity to even propose something so treacherous.

 

***** Time you enjoy wasting, was not wasted. *****

  • | Post Points: 5
Page 1 of 1 (5 items) | RSS