[Opensim-dev] Interrelated difficult problems related to asset portability

Sean Heavy seanheavy at gmail.com
Tue May 27 02:55:16 UTC 2008 

+1 ! ! !
We are a majority of at least 2, Kyle! :)

~Sean H.

Kyle Hamilton wrote:
> You make some interesting points.
>
> From where to where would the authentication traffic run?  What would
> interpret it?  What would make the policy decision to show it?  What
> would decide whether to follow the policy decision handed down from
> on-high?
>
> What about assets with legitimate copyright confusion?
>
> What about attempted denial-of-service by hacking the authentication system?
>
> What if someone gets a leaked bitwise copy of an asset, uploads it to
> and registers it with the authentication service, and prevents the
> legitimate owner of the asset from registering it?
>
> What if some grid chooses, for these or other (perhaps more nefarious,
> perhaps more practical -- such as overloading and very poor response)
> reasons, not to run the authentication traffic?
>
> I must simply reiterate what I've said before... DRM simply does not
> work.  DRM relies on all parties except the end-user (you know, the
> entity that everyone is most concerned about) cooperating to restrict
> access.  Independent VWs don't want to damage their users'
> experiences, so they're unlikely to want to cooperate, and without
> their cooperation there's no chance of implementing any kind of DRM
> solution.
>
> DRM relies on "keeping secrets".  The core secret is "the asset
> content to be displayed".  And, Benjamin Franklin put it best: "Three
> may keep a secret, if two are dead."  An authentication system would
> simply offload the task of who makes the decision to keep the secret,
> not do anything more to keep the secret in place.
>
> And if you want to rely on the viewer to run it?  Someone's going to
> hack the viewer to avoid authentication, and distribute their hacked
> viewer.
>
> I've been trying to find a way to design a system that doesn't rely on
> making bits harder to copy.  I've been trying to find a way to design
> a system that doesn't rely on some arbitrary third party making
> decisions.  I've been trying to find a way for evidence to be
> collected that would be sufficient to satisfy the only
> currently-authorized-by-law third party (the court system), and then
> only in situations where it's been specifically asked to intervene.
>
> The entire VW community, and the entire Internet community, has been
> designing things at odds with the current legal regime since its dawn.
>  We've seen the courts reach in and mandate things, and our tools have
> been extremely unsuited to the task of compliance.  I'd much prefer to
> have a design on the table that satisfies all the compliance issues in
> a way that is easily understood.  I'd much prefer to have a design on
> the table that stops viewing the end-user as an entity to be feared
> solely because they can take what they're shown and change themselves
> from 'end-user' to 'content presenter' without authorization of the
> owner of the content they're presenting.  I'd like to move away from
> any attempt to mandate content handling, and instead cooperate with
> the end-user to identify locations where unauthorized copies of
> content are distributed from, and leverage those to reduce the content
> misappropriation.
>
> This is why I want the viewer to be cooperative in a way that doesn't
> damage the end-user's experience.  I realize I'm in the minority...
> but I'm sick of being treated like something less than a dignified
> human being.  I'm sick of being treated like a criminal.  I'm sick of
> my money going toward systems that prevent me from using what I've
> licensed.
>
>
> -Kyle H

-- 
Sean Heavy
seanheavy at gmail.com

More information about the Opensim-dev mailing list