Judge Refuses To Block Spread Of Hacked DVD Code

A Superior Court judge late Wednesday refused a request to halt the spread of hacked code that can be used to thwart DVD encryption.Santa Clara County Superior Court Judge William Efving made the ruling about 4:30 p.m. PST in a lawsuit brought by the licensing agency responsible for DVD security.The DVD Copy Control Association Inc. (Morgan Hill, California) brought suit on Monday (December 27) against dozens of Web sites to remove from the Internet the code for DeCSS, a small software program that can copy the encrypted video portion of a DVD disc.The group Wednesday morning asked Efving for a temporary restraining order to halt the spread of the code. Efving's refusal to do so Wednesday afternoon came with no explanation. Lawyers for both sides were not immediately available for comment.At stake, according to the plaintiffs, is the future of the DVD format itself, but a lawyer for one defendant in the case argued that a temporary restraining order would put a ""chilling effect"" on all Web posting and linking.Plaintiffs attorney Jeffrey Kessler, in seeking the temporary restraining order, argued that a trade secret is now floating around the Internet and the farther the hacked code spreads, the more likely the DVD group is to lose trade-secret protection under the law.An ""agreement was breached and the trade secret was acquired,"" Kessler said, in seeking an order that until January 14 would block Web sites from spreading the hacked code.""Chilling Effect""Defense attorney Allonn Levy raised free-speech issues in arguing against the ban.Such a ruling would tell Web site operators ""'I'm going to go to your private Web site, I the state will tell you you can't put this on your Web site. I don't know if it's improper. I don't know if it's a trade secret, but you have to take it off your Web site,' "" Levy said. ""This will have a tremendous chilling effect on speech everywhere.""The case has become an overnight sensation in the Linux community, and supporters of the defendants gathered at the courthouse, handling out printed copies of the code and disks containing the code itself. Lawyers entered the handouts as evidence.Supporters argue that the DVD encryption was cracked not as a piracy effort but as part of a project to develop a Linux-based DVD player, something the DVD industry itself has yet to tackle. Some are calling for increased proliferation of the DVD hack a means of protesting the lawsuit.The complaint - which activists have posted on the Web at - lists 72 offending Web sites. Twenty-one defendants are mentioned by name, and five of those reside outside the United States.The DVD CCA has been sending cease-and-desist letters to owners of various Web pages since the DeCSS crack was made public in October. Many have complied , including Jon Johansen, the Norweigan programmer cited in the lawsuit as the first person to post DeCSS code to the Web. Johansen is not listed as a defendant.DVD CCA representatives were unavailable for comment Tuesday, but in a prepared statement they said they have worked with the Motion Picture Association to remove from certain Web sites both DeCSS and certain pieces of CSS code. Most defendants were contacted prior to the lawsuit being filed, the exceptions being those who were discovered at the last minute.No Viable MarketAccording to the complaint, ""Without the motion picture companies' copyrighted content for DVD video, there would be no viable market for computer DVD drives and DVD players, as well as the related computer chips and software necessary to run these devices and, thus there would be no DVD video industry.""Indeed, some manufacturers have postponed the release of DVD audio players, citing the hole in DVD security. Some manufacturers estimate it will take six months to revamp the security scheme.In addition, the DVD CCA may have filed the suit in self-defense. Incorporated as a Delaware company, the DVD CCA describes itself as a not-for-profit trade association formed to handle licensing administration for the DVD industry. Just as DeCSS allegedly threatens the DVD manufacturers, it also threatens ""the very existence of DVD CCA"" and could lead to the demise of the association, according to the complaint.The suit has launched quite a debate on Slashdot, a news and discussion site that focuses on Linux and the open-source movement.Many, but not all, of the Slashdot postings praise DeCSS as a useful tool. Some posts call for widespread proliferation of DeCSS to toss a monkey wrench at the DVD CCA; one poster likened the strategy to the ""whack-a-mole"" carnival game. Meanwhile, some of the sites mentioned in the lawsuit appear to have closed down entirely, while others continue to exist and to list other ""mirror"" sites where the DeCSS code is available.DeCSS originated with an attempt to build a Linux-compatible DVD reader. One requirement of any DVD reader is that it carry a file containing one of 400 ""master keys"" included on every DVD disk. These keys are used to identify authorized DVD players.In reverse-engineering the DVD specification, programmers found that Xing Technologies Corp. had neglected to encrypt its DVD master key. That discovery helped open up CSS and led to the creation of DeCSS.Part of the DVD CCA's concern is that the creation of DeCSS has also caused some of the inner workings of CSS to be disclosed. The CSS scheme itself is proprietary and must be kept secret in order to prevent DVD piracy, according to the complaint.

Source: EE Times, www.eet.com