Obfuscated Circuitry? 224
ortholattice writes "The current issue of EDN
has an article
Cunning circuits confound crooks
that discusses methods that attempt to foil the viewing of software
in embedded designs. Interesting is its view on reverse-engineering,
which the article consistently calls
theft:
"As programmable logic increasingly encroaches on high-volume territory
formerly dominated by ASICs, unscrupulous operators are licking their
lips at the prospects of easily duplicated, or even reverse-engineered,
designs."
"...The other harder but possibly even more damaging form of theft
is 'reverse-engineering'...""
VideoCypher (Score:2)
Re:Need for protected code (Score:1)
It doesn't really matter (Score:2)
As for legality it all depends on what they do exactly and where.
If they grab your copyrighted 'code' and just clone it, then that is a copyright violation in many countries.
If they reverse engineer your system by examining the i/o patterns, then it might by a violation in some countries, not many at this point.
Either way if you are going to try and rely on obscrutity to protect your market share, you will be in for a very rude awakening.
Re:I am appalled. Wrong. (Score:1)
Know, however, that once you release a product containing that trade secret, it is unprotected, and you have only those defenses that you implemented to protect your trade secret. Knowing that just about anything can and will be reverse engineered, patent protection is the better option, of course.
My entire point was simply that reverse engineering is not theft, particularly in the context of trade secrets. (As an aside, reverse engineering of a patented device can, in some circumstances, be actionable). It is the legitimate pursuit of understanding of the operation of a product.
Re:Wasnt... (Score:2)
Re:About your "obvious example"... (Score:1)
Re:Look at him... (Score:1)
Brian Dipert
Re:Why this is silly... (Score:1)
I also wish people would learn the lesson you seem to take to heart so vigorously: There is no tamper-proof hardware, and technical fixes to legal problems rarely stick.
OK,
- B
Re:Reading too much into it, as usual (Score:1)
The author didn't say that all people who reverse engineer are criminals. He said that there is an aspect of design theft called reverse-engineering, and that he was going to concentrate on how to prevent it.
Whether or not they are entitled to not be the victim of this is not the point. Because in some eyes they are entitled to it, and in some eyes they are not. This article, obviously, has no use in a IP-free world, so therefore the target audience is not likely IP-free proponents. The target audience are corporations interested in protecting their investment, and that target audience has most likely decided that they ARE entitled to not be the victim of this sort of theft.
Re:Reading too much into it, as usual (Score:1)
I think that everyone here would agree that you shouldn't use someone's code without giving them credit, that's just fair. Why would you expect it to be any different with firmware?
________________
They're - They are
Their - Belonging to them
Re:Hemos is a Troll (Score:1)
Re:Reverse engineering (Score:1)
Re:Wrong. (Score:1)
Another point we would be in trouble form other counties when we tried to reverse engineer their technology. They could just sue us. THat would have put a damper on some of the cold war. I can see the headlines now. "Russia sues U.S. over copyright infringement!"
All this stuff against reverse engineer is scaring me. It will hold be technology. The simplest case being the cost of the product would go down when you have clones. THe IBM PC is an example of that. Now, how far would we be if the price wouldn't have gone down on PCs? Would we even have Linux? Or would we still be doing timesharing on major computers?
About your "obvious example"... (Score:1)
Except that he gets permission from everyone he parodies. He probably doesn't have to, but he does.
--------
Obfuscation helps reverse engineering (Score:1)
Hemos is *supposed* to be a troll. (Score:2)
One, Hemos just okayed the writeup someone else submitted to the queue. He didn't add any comments to it, except the "dept" tag and possibly the title.
Two, Hemos' job can be stated as publishing stories on the front page that will generate lots of page visits. To troll, in the fishing sense, is to put bait out that will generate lots of bites on the hook. Thus, Hemos is a troll, but that's his job.
If you don't want to be baited, don't go somewhere that constantly and loudly claims to have nothing to do with professional journalism. They intend to get people to talk, even if it's on a gut-reaction level, as that is what pays the rent.
Re:Then he should use better words... (Score:1)
To put it plainly - there is no such thing as "full out felonious theft", all theft is unlawfull - reverse engineering is not unlawfull - therefore reverse engineering is NOT theft.
-Nick
Re:Reverse engineering (Score:2)
It is the competition between the Adobes and Corels, the Intels and the AMDs, that has driven the fantastic pace of innovation these last 40 or so years. Allow every single invention bullet-proof protection from competition and you will see the pace of change slow to a crawl.
[tinfoil]And the worst part of this is, when the economy goes south because of this, the rich will just get richer. Sometimes I think they're driving the economy into the ground on purpose.[/tinfoil]
Re:That's right (Score:1)
Obfuscated Circuitry?.. See TiVo! (Score:1)
Is this evil? I don't think so. They need to protect their $10/month service from theft somehow. Hey, TiVo is a good idea. I'll pay the monthly.
--phil
Re:Wasnt... (Score:2)
I guess all those PC clones... (Score:1)
Re:But this isn't exactly learning (Score:1)
There are *SOME* times when a monopoly is a Good Thing. Trade Sectrets are like Patents, but you've got to make an effort to protect them... which I guess includes everything legal you can do.
Re:First IBM compatibles (Score:1)
Bzzt! Thank you for playing. (Score:3)
No, it is not.
In the case of copyright infringement, making money off of somebody else's copyrighted work is legally defined as copyright infringement, and is explicitly (and with good reason) not equated to theft.
Making money by reverse engineering a product was never, before the DMCA, defined as copyright infringement, and most certainly not theft.
Now we have the DMCA, and the dawning of an age of verticle monopolies enforced at the end of a government gun the likes of which we haven't seen before. Why. Because the only damn way anything is going to interoperate in the future is going to be via controlled, licensed standards, which will always put competitors at a disadvantage and, probably quite quickly, lead to their demise.
The DMCA pays lipservice to "interoperability," but only as a sole purpose, and as any engineer will tell you, very little if anything on this planet can ever be said to have a "sole" purpose -- applications for products are always found which suprise the original maker. As the courts have said "interoperability" as merely one of several possible applications does not suffice to fall under the "interoperability" exclusion of the DMCA, this effectively means no reverse engineering at all, even for interoperability. End of story.
Fools like you will continue to scream "theft" where no such thing exists, and the even greater fools who run our government will probably listen. And thus ends the age of exponential growth in knowledge and technology, not with a bang, but with a wimper beneath the authoritarian thumb spawned of the greed of own corporate industry and the government which whored itself out to them, and the myopic short sightedness of folks like you.
Re:speaking of which (Score:1)
Point of view is a major component of what makes individuals unique.
Perhaps when that was written... (Score:1)
But now, well, multilayer circuit boards are common and anyone looking at a PC board would expect that. X-rays anyone?
Re:Satellite cards (Score:1)
thanks for the great reference !
Learning is not theft! (Score:2)
Better this than the alternative. (Score:3)
There is a drawback though. The more complex the circutry becomes, the harder it will be to debug problems in the circuits and this will lead to longer production cycles which will give the feared competition a leg up anyways. Always a tradeoff.
-Restil
Actually this would be illegal (Score:2)
2) DirectX technologies are either patented by MS or licensed (circumventing this MIGHT be possible, reverse engineer them, find a different way to do the same exact thing)
3) The Windows task bar is patented (yeah, I know...)
4) The registry and the manner it is modified, protected, installed, etc is patented
5) Crashing to an unusable state is patented (Microsoft made sure to get that one)
You get the point.
More on Satellite Cards (Score:2)
DirecTV receivers contain a smartcard which serves as an authentication token to the receiver. The smartcard can be reprogrammed via a datastream in the satellite's signal. Once you've successfully pointed your dish, you call up DirecTV and tell them the number on your smartcard. They in turn send a signal in the satellite's datastream that activates the card.
DirecTV is currently transitioning from its second ("H") to its third ("HU") generation of smartcards. (The first ("F") generation was cracked and phased out long ago.)
Cracks exist for the H cards, but here's the catch: Nobody's ever cracked the ASIC on the H card. The best anybody's been able to do is figure out how to reprogram the firmware in the H card to harness its ASIC for their own nefarious purposes. H card emulators exist, but even they need an actual, physical H card plugged into them.
Why bother with an emulator, then? Good question. DirecTV buys and analyzes pirated H cards and devises ways to reprogram them via their satellite data stream in such a way as to disable them but leave legit users untouched. These electronic countermeasures ("ECMs") can reprogram the card into an irreparable infinite loop, whereas an emulator can just be terminated and reprogrammed once a counter-countermeasure is devised.
In the near-to-mid term, DirecTV will send HU cards to all of its subscribers, and then make the H cards cease to function. As far as I've been able to find out, no cracks at all exist yet for HU cards.
--
Wasnt... (Score:3)
"sex on tv is bad, you might fall off..."
speaking of which (Score:3)
Let these writers know that one sided views are not cool
Author Information
Contact Technical Editor Brian Dipert at 1-916-454-5242, fax 1-530-937-8147, e-mail bdipert@pacbell.net
"sex on tv is bad, you might fall off..."
Contemplate this (Score:2)
This should be completely legal, but $10 says Microsoft would go after it. And that's just dumb.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Don't overreact (Score:2)
Some parellels have been drawns to DeCSS; reverse engineering in order to gain access to what we have a legal right to under fair use, for personal use. There's a big difference ethically and legally.
Yes, the writer of the article throws around some terms a little too freely, but I don't think it's a big deal taken in context.
My mom is not a Karma whore!
Re:Wasnt... (Score:3)
Posts like this make a strong case for having a moderation option like "-1, Blatantly Untrue." First of all, fair use is not limited to individuals. That makes no sense at all. Newspapers take advantage of the Fair Use rules when they quote others, press releases, and books (like in reviews).
Second. Fair use protects all kinds of commercial endeavors. Parodies like Weird Al are an obvious example. A case with a Supreme Court precedent behind it would be the 2 Live Crew "parody" of the song "Pretty Woman". They did not obtain permission or pay a fee (although they appear to have been willing to do so), but they were not liable for any damages nor found to be infringing anything.
Finally, copyright infringement is not theft. Theft involves taking real property from the control of the rightful owner. There is no paradigmatic relationship between theft and the act of reproduction (whether direct or indirect) for illicit profiteering.
As a final note, this article is about a device, no? As such copyright does not apply. A device would require a patent, which has a completely separate set of rules governing time of protection, application, and what is considered fair use.
Clarification from he who caused all the ruckus;-) (Score:5)
It appears from some of the earlier-made postings I've just scanned that some of you figured this out already. I thank you for defending me. And for those who I confused with my less-than-exact wording, I apologize. Profusely. Now quit clogging my email inbox!
I'll be publishing a print clarification of this point in an upcoming issue of EDN.
Regards,
Brian Dipert
Re:Wasnt... (Score:2)
Reading too much into it, as usual (Score:3)
Does he flat out say that reverse-engineering is illegal? No! In addition, all of his examples involve theoretical rival companies, not an evil band of OSS zealots.
From what I read, the author's view is that reverse-engineering is a tool that can be used to commit IP theft, and here are some ways to prevent it.
Re:But this isn't exactly learning (Score:2)
I am an individual, not a company. Companies and individuals have different rights. If someone creates something, other people should have the right to study it and create something like it based on their findings.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Obfuscated Hardware (Score:2)
Re:That's right (Score:3)
Any of you lawyer types, feel free to correct this - but from what I understand, there are no legal protections for a trade secret. However, there are legal protections for a person or company that decides to disclose a trade secret to another person or company, if they identify it as a trade secret.
In other words - if they tell you what the trade secret is, and that it is a trade secret, they they can hold you accountable if you disclose it to someone else without their permission. If you lie or comit breach of contract in order to gain the secret, then you're right - that's essentially theft; but then again, there's no reverse engineering involved there. If they never tell you what the trade secret is, and you discover it on your own, then it's game over - their secret is no longer a secret, and you have every right to make use of it.
There's a tradeoff here - if a company gets a patent on an invention, process, or what have you, then they have a legal monopoly on it for a few dozen years in return for disclosing their secret. If they don't get a patent, then they can keep their secret as long as nobody discovers it, which might be a good long time (for example, Coke) or might not last more than a few years.
Why this is silly... (Score:2)
As for adding protection against reverse-engineering it simply commits too much cash to the design to make it worth-while.
Preventing someone from stealing your designs, is like any other type of theft, no matter what you do, a determined thief will still be able to steal it.
Besides his prevention method only discusses a black box type look at things. What if its a professional reverse engineering company like Semiconductor Insights [semiconductor.com] decides to reverse engineer it. They are going to take the chip, de-cap it, and reverse engineer the circuitry right off the silicon. What exactly can you do to stop that?
Anyway, basically this guy is selling a new lock, and what what you should be doing is buying theft insurance (i.e. patents).
Re:That's right (Score:5)
Patents are designed to give the company a limited monopoly in exchange for them providing the rest of humanity with the information on how that device or procedure works... This is considered _good_ by most because it prevents knowledge from being lost.
However, a company has _no_ such protection for information that they don't share with humanity. Companies who wish to keep their information away from everyone employ a tactic know as trade secrets. This means that they try to keep information secret so that others can't do what they can do.
However this tactic has one serious drawback, other people can learn your secrets through looking at your products, or by simply watching your procedures... Then those other people can compete against you with your own information... We can't have that now!
If something isn't protected by a patent, it is fair game to be reverse engineered and that information used against them in a competetive market... If they feel like sharing then our society will reward them with a 17 year monopoly. Their choice...
Only the whiners go crying to court when their secrets become public knowledge... As if the court can somehow make everyone forget the truth... *laughs* No court is _that_ powerful.
Re:Two Thought Experiments. (Score:3)
2. Unlimited reverse engineering aka "Perfect Reverse Engineering". All products may be disassembled and duplicated without hinderence of patent, trade secrecy, or any other form of intellectual property. Knowledge flow is instantaneous from creator to user.
That's exactly the way it works now. Even the disassembly and duplication of patented inventions is legal, so long as it is "for the mere [berkeley.edu]
purpose of philosophical experimentation, or to ascertain the verity and exactness of the specification"
Trade secrecy laws do not protect against reverse engineering. Trade secrecy laws only protect against "insider jobs" -- where the trade secret is disclosed by someone who is contractually obligated to keep it secret.
The other applicable form of IP is copyright, and it is well established that you have the right to read copyrighted works, and thus, to understand them.
Outcome: The tragedy of the commons. Companies will play "wait-n-see" to see who comes up with difficult to engineer solutions to problems. If they are making a profit, they will not bother to spend money on R&D.
This is not what "tragedy of the commons" means. Tragedy of the commons only applies to depletable resources, like a silo full of corn. If everyone takes corn out of the silo, and no one refills it (or pays money which is then used to refill it), the silo will quickly empty out, and no one will have corn. IP is not a depletable resource, and the "tragedy of the commons" does not apply.
Copyrights and patents create incentives to publish, which is good, but also turn unlimited resources into limited, scarce resources at the same time, which is bad.
Here's hoping that we can remain civil, and arrive at solutions that provide a fair balance for each individual case.
Good patent and copyright laws maximize the amount of disclosure of inventions and publication of works, while at the same time minimize the tremendous accumulation of power that can result from granting a corporate monopoly over an unlimited resource. The fact that our media corporations, which are basically holding companies for copyrights on nearly all of the intellectual work of the 20th century, are quickly becoming the most powerful entities on the planet -- more powerful then even national governments, is a sign that the system is not fairly balanced.
Re:Contemplate this (Score:2)
No, Apple would sue. Microsoft would just change all the formats again.
Re:That's right (Score:2)
copyright vs patents vs secrets (Score:2)
If you want to analyze the signals generated by a device in order to build something compatible, or to build a "workalike" that is what "we" at
if I open up the hood of my car and figure out how it works and build another car, there is no legal recourse against me unless something in there is patented
This is correct unless something is copyrighted or trademarked. For instance, you can't make a perfect copy of a Cadillac, including the trademarked name and hood ornament and then turn around, call it a Cadillac and sell it as such. Nor can you copy the owner's manual and sell it. It is afterall, a book. OTOH, you can look at a car, see how it rolls, its doors open and so on, then build something with 4 wheels, engine, seats, and so forth and call it a car, and sell them all day long.
Just as with a CD which contains copyrighted bit patterns that are essential for its proper operation, you can make a personal copy or replica for your own use, so long as that "use" does not include selling or giving the copy to someone else.
Taking something apart in order to find out how to connect to it is what the
Good judgement comes from experience, and experience comes from bad judgement.
Is it copyrighted or patented or trade secret? (Score:2)
If the circuit uses patented elements, then using those same elements in your circuit is infringement and illegal.
If the circuit is only under trade-secret protections.. Well, if your secret ever gets discovered, you can do nothing to prevent widespread disclosure or use of it. (I assume that it isn't being disclosed in violation of a NDA contract.) If I found the secret recipe of coca cola in my cupboard tonight, I can start bottling my own drink. I can't call it coca-cola (trademark infringement), but I can bottle and sell it.
So, the question is: Is an FPGA circuit copyrighted or a trade secret? IANAL, but I would think that it would be trade secret. The company doesn't disclose the circuit to you, so why shouldn't it be uncopyrighted. If they disclosed it under copyright or patents, then they have a way to prevent you from copying it, or using ideas in it.
But, for anyone in the industry to think that you can send out millions of copies of a circuit, with no more than trade-secret protections, and think it's illegal for anyone to reverse-engineer and use it, then they're an idiot.
IMHO, this is just a risk of the business of FPGA circuits. If you make airplanes, expect to be sued by lawyers. If you sell tobacco, expect everyone to hate you. If you think that somkething has just as many rights under trade-secret protections as under copyright or patent protections, you're deluded.
Copyrights and patents exact a cost for their additional protections: Disclosure of the device or artistic work. You can either accept or reject the deal they offer.
... But in this case, it seems as if they (like UCITA/DMCA) wish to use law to rewrite the rules
Does spelling count anymore? (Score:2)
Fill in cute tag line here...
Turkey Bagel (Score:3)
Re:Reading too much into it, as usual (Score:2)
Wrong. (Score:2)
Remember, this is DOS 1.0 we're talking about. Unlike a real OS, it does not abstract the hardware. You are right about only having to recreate the interface, but the interface is the hardware.
--
Re:well... (Score:3)
Why don't we see this in IP of other domains? Let's say an economist has come up with a new "innovative" theory, and that theory becomes his IP. Then a junior economist comes out, disect the theory into pieces, run it through scenario simulation, plug in all kinds of data to see how it works, and finally, figures that he changes a few premises in that theory, it would become a better theory.
Now, is the junior economist going to be sued for reverse-engineering?
How about those who are studying Sartre's existentialism? I'm sure the copyright on existentialism has not expired yet.
Re:That's right (Score:2)
But reverse engineering by "black box" testing has been ruled as legal by the Supreme Court. It is perfectly legal to create a device that will create the same output for the same input. It would however be a copyright infringment to copy the circuit designs or code that goes with the device.
The mistake is in equating reverse engineering with doing a straight copy of the design.
This sort of thing has been done for years ... (Score:3)
On another project we built such a cheap graphics accelerator we didn't want our competition to realize how easy it was - so we had all the off-the-shelf PALs and SRAMs screen-printed with our own part numbers to hide the design.
Also back before congress passed the law to make masks copyrightable people would regularly put in design features into chips that were designed to not be easily copied optically - for example a poly that was just a little bit narrow so that it became very unreliable if you cloned the chip without carefully hunting down in the masks and touching it up (that could make a chip work - but not reliably enough to make a sellable product - and could be really hard to find if all you have is masks and no idea of how the die's internals are supposed to work).
Re:Don't overreact (Score:2)
This article isn't about industrial espionage. Industrial espionage is where you, for instance, pay someone who works at the company to obtain the internal schematics of a gate array.
That's completely different from reverse engineering. It's illegal, and immoral. It's what trade secret law is supposed to protect against.
Reverse engineering is not industrial espionage. It is the legal method of breaking a trade secret. Trade secret law provides zero, nada, absolutely no protection against reverse engineering. Deliberately.
Fair use is a concept that only applies to copyright, not to trade secrets.
Re:That's right (Score:3)
Incorrect. Reverse-engineering is, and always has been, a legitimate form of study and exploration.
The R&D investment by the high-tech industry is easily dwarfed by that of the automobile industry. Yet the auto industry has little problem with people opening the hoods of their cars and mucking around. Yes, it voids the warranty, but Detroit does not labor under the illusion that such exploration by their customers is "theft".
Trade secrets are a really dubious form of intellectual "property". The onus of proof is on the party claiming trade secret protection. Without going into nauseating details, trade secret protection can vanish once the secret is independently discovered by lawful means. In nearly all cases, reverse-engineering falls within lawful means, especially when taking apart systems available on the open market.
With reference to "black box" systems, it is especially those systems that need to be taken apart and inspected, or else how will you know they are good products? How will you know, for example, that they aren't selling your privacy down the river (CueCat, anyone?)?
"Disclosure" is a very different thing from "independent discovery," the latter being what we're talking about here.
BTW, if your company is relying on secrecy for its market advantage ("security by obscurity") rather than its ability to execute and deliver excellent products, you're ultimately hosed no matter what.
Schwab
Re:I am appalled. Wrong. (Score:2)
Nothing stopping them doing that, except that doing so is likely to push up the manufacturing cost of the product. So when someone does produce a competing product they will be better able to undercut the original.
Re:Wasnt... (Score:2)
It's perfectly possible for someone to work out what is in a soft drink, just as it is possible for someone to work out what is in a CD player.
The most likely reason why Coka-Cola still sells is brand recognition and marketing, not lack of "clones".
Re:Sigh, let's reply again. (Score:2)
Just about every tool and technique known to man can be used for illegal activities.
Re:This sort of thing has been done for years ... (Score:2)
There is a distinction between a reverse engineer, who'd actually understand what was going on and remove any bogus junk and a "cloner" who dosn't have much of a clue how it's ment to work.
Re:Turkey Bagel (Score:2)
No copyright applies to an uncopyrighted work. (Score:2)
If it is an artistic work, then copyright would automatically apply.. But I could create a similar device and be free&clear.
If it is an invention, then they can either patent it or not. If it is unpatented, then I can use it IN ANY WAY as soon as I determine how it works. Their only protections are trade-secret protections. (Obfuscation)
It's strange to me that ANYTHING one does that someone else doesn't like is being called theft. Everything from an open DVD player, to MP3's, to Napster, to CueCat, to RIAA.
It's beginning to piss me off.
Scott
(FYI: Fair use rights apply to anything, individual or corporate.. A newspaper has the right to excerpt another publication for discussion or debate.)
Re:well... (Score:2)
I think 'reverse-engineering' in the sense of this article relates to copying and distributing technology in its exact form.
Take a look at DVD players for example (There are many examples though). DVD players are non-programmable devices. They serve no purpose to the consumer other than to take a dvd and throw it straight to a television unencrypted.
When people go to purchase a DVD player, the only thing they really want is something thats affordable and good quality, and lasts for a long time.
Well, if i was Fishbulb Heavy Industries in Sako Japan, and US patent and copyright law didn't quite hold up where I'm living, I could very easily take a nice, popular DVD player and pull it apart.
Inside, I would find a slew of resistors. I could decide there value with a $5.00 ohm meter if they weren't labelled. In fact I could decipher and note the value of all components within the player instantaniously using a multi-meter or just my eyes.
When it comes down to the encryption itself - well that's a hard deal to decipher. Sure its been done and suppressed
There ya go, I now have a cheap fabricating operation to start-up which will yield millions of dollars; because I sell my DVD players for $50 less, and had to invest 0 dollars in R&D.
This entire scenario applies to graphics cards, sound cards, 3Com hardware, Cisco hardware... it applies to everything. It's only reverse engineering because copying the chips requires pulling them open.
to recap: "If figuring out how something works is a crime, then curosity should be outlawed." - I agree 100%, and I even agree that bad technology shouldn't generate money, it should be open-source. If however, I designed some awesome new doohickey, as i'm sure to do in the future, I don't want it to be stolen by some know-nothing capitalist and sold as "as good as the competition only cheaper".
Curiosity and Cash don't often hold the same moral arguments.
Re:This sort of thing has been done for years ... (Score:2)
Map makers use a similar tactic to prevent copying. They add nonexistant towns, roads, etc. to their maps. If someone else's map shows up with one of these fake features it's off to court they go.
Steve M
Re:That's right (Score:2)
Clean room reverse engineering is not theft. If you can duplicate the function of a black box without knowing how it works, then you haven't stolen any trade secrets.
Clean-room reverse engineering must continue to be legally protected. The whole idea behind the clean-room process is that you have one group analyze the original, to create a specification which describes what it does, without describing how it works.
This specification is then given to a second team, which has no knowledge about the design of the orignal, and is therefore clean. The second team then designs their device to meet these specs --thereby duplicating the function of the original without stealing any trade secrets.
This is the process which led to the first PC clone. You're not suggesting that Compaq or Phoenix stole IBM's trade secrets...are you?
Re:That's right (Score:2)
Also, wrt trade secrets: keep in mind the reason patents are protected and trade secrets are not. Trade secrets do not benefit society the way that patents do, and thus society provides no incentive for their creation. Reverse engineering is an important mechanism in encouraging people to patent -- and thus disclose to society, and offer (eventually) to the public domain -- their inventions. If reverse-engineering becomes theft, essentially society is granting monopoly rights but getting nothing in return. This is a bad deal, one that society should not put up with.
Bottom line: if you don't want your discovery copied, patent it. Otherwise, it's still free for the taking, as it should be. Monopoly over your invention is a trade with society, for your putting that invention in the public domain. It's not a right -- you don't get it for nothing.
Re:Wasnt... (Score:2)
Anyway, it's a judge's responsibility to eventually decide if the factors of fair use, taken as a whole, allow the alleged infringement to be considered a fair use. In Sega v. Accolade, (notice that the defendant is Accolade, which is a company, not an individual) the judge decided that reverse engineering can be a fair use.
--
Re:Learning is not theft! (Score:2)
On the contrary, trade secrets deliberately lack legal protection against reverse engineering. If you want such legal protection, you must seek a patent, and disclose your work. That's a big part of the incentive to go through the trouble of obtaining a patent.
Why would people disclose their ideas by filing for a patent if they could have the same legal protection by keeping their ideas and implementations secret?
Re:well... (Score:2)
Otherwise, yes, interoperability is one of the main (only?) reasons that reverse engineering is considered a fair use.
--
Re:A New First! (Score:2)
I just tried it, its busy. Easy way to avoid a slashdotted number is to take the phone off the hook. And the author can only take one call at a time, as opposed to thousands of simultaneous connections against a website.
I'm not sure why xtermz thinks this is a one sided article. I've read it, and it seems to be prety even-handed. There is a problem in the ASIC/FPGA world, with well funded criminals quickly reverse engineering electronic items, and then flooding the market with cheap copies. It hurts the company that spend a lot of R&D money to be ripped off easily, so a number of ASIC and controller manufacuturers are adding clever circuitry to prevent easy hardware copying.
Hardware reverse engineering was getting easier and easier over the last few decades. Its about time it got interesting (in a difficult crossword puzzle kind of way) again.
the AC
Re:That's right (Score:2)
DMCA, reverse engineering, and patents (Score:4)
OK... here's an odd question that popped into my head:
The DMCA explicitly allows for reverse engineering for compatability purposes. What if I am interested in reverse engineering a circuit design, piece of code, etc. not for compatibility purposes, but in order to determine if they designer/implementor is infringing on a patent that I or my company holds?
Now, according to the DMCA, I'm a criminal - I've engaged in reverse engineering for other purposes than compatibility. No matter that I may have proof, via the reverse engineering, that someone was infriging on a patent; according the the DMCA, I committed a crime in order to obtain that information.
Am I missing something here? Or does the DMCA - which it's advocates touted as being essential to protecting intellectual property in today's digital world - allow someone to essentially ignore patents under the right circumstances?
Re:legal and illegal reverse engineering, differen (Score:2)
Duplicating an unpatented design is not theft.
That's the whole point of a patent -- in exchange for disclosing your design, you gain government protection. Without a patent, you have no legal protection for your design, and your design enters the public domain the instant someone examines it and realizes how it works.
Just because the author wants reverse engineering to == theft doesn't make it so.
Opening boxes protects patents too (Score:2)
Re:Yes (Score:2)
What happens when people use these as addresses to poision junk mail databases
Re:Wasnt... (Score:2)
Some folks don't have a clue... (Score:2)
- A patent
- A copyright
- A trademark
That's it. IANAL, but I believe there are some provisions against stealing intellectual property, where "stealing" means breaking into an office and physically taking/copying trade secret material. That is a crime because the "trade secret" was obtained through a criminal act.However, in this country, there is no such law outlawing reverse engineering, not even the DMCA. The DMCA forbids the circumvention of copyright protection other than for interoperability, so whether that circumvention was obtained through reverse engineering or not is irrelevant (which makes me wonder if I could publish my weak protection scheme and still claim that the DMCA applies, but that's another story...).
In fact, if it were legal to reverse engineer, every single "invention" would be illegal. Let's see... birds can fly... I want to build a flying machine... ILLEGAL. Fire good, fire warm, me want fire, me bang rocks... ILLEGAL. I want to cure a disease... unfortunately I cannot analyze the disease because that would be... ILLEGAL.
So, unless you have it patented, consider it public domain once you release a product. Horrors, you may actually have to compete in a free market! Oh dear God, no!
In the perfect world, vague overgeneralized IP laws would apply to everyone except me, and then I would be your god.
Re:That's right (Score:2)
The only legal protection of trade secrets is protection against their being revealed by "insiders." Trade secrets may be legitimately revealed by reverse engineering, and then they cease to be trade secrets -- they are in the public domain, with no protection.
This is good.
Do you want your company's trade secrets disclosed?
If you want the government to provide you with a monopoly on your invention, you need to file for a patent, and completely disclose your invention. It's your choice. Choosing the trade secret route carries benefits and drawbacks. The benefit is that you don't have to disclose. The drawback is that you are subject to reverse engineering.
I take point with your second statement! (Score:2)
When we figure out how quantum mechanics work, we are essentially reverse engineering it (from God, the universe, whatever).
There is no judgement on that practice, only on the applications derived from the knowledge gained!
In a similar way, reverse engineering a product can be said to be similar. Intel produces a high commodity, high volume, very popular part.
Is it fair for AMD to produce a plug in replacement part to try to make a profit?
Yes. There's nothing illegal about that, it's just commercialism/capitalism.
Now, as for the gritty details of reverse engineering... As long as you don't take the work that someone else has done, there's not way to qualify that as theft. You haven't taken their research, you haven't taken their documents, you haven't taken their personal. All you have done is taken their product, which you own if you purchase it, and analyzed it, which is fair use if anything is, and watched it work, which is no more or less wrong than trying to find another particle in the quantum menagerie.
Trade secrets are not legally protected. Patents are. Do we want company trade secrets disclosed? Of course not! But they are only trade secrets while they are unknown, and the minute they are known, they are not trade secrets.
Reverse engineering has given us the PC! It has given us PSX emulators, Gameboy emulators, Linux SAMBA(I think), DeCSS, and loads of other things. In a competitive landscape, reverse engineering seems downright commendable!
The nick is a joke! Really!
Hemos is a Troll (Score:3)
What this guy is talking about, translated to
Good judgement comes from experience, and experience comes from bad judgement.
KILL the curious. RIP their eyes out.... (Score:2)
[expletive deleted] [expletive deleted]
Re:Learning is not theft! (Score:3)
No. Finding out how things work is not theft. Taking the work that someone else has done (like the code that used to go into building an ASIC, but is more and more being used to program FGPAs) and using it in your own product without even knowing how it works -- that's theft. This happens, and it's a legitimate concern to protect the intellectual property that goes into building a circuit.
Re:Learning is not theft! (Score:2)
Re:well... (Score:2)
- Accolade used a two- step process to render its video games compatible with the Genesis console. First, it "reverse engineered" Sega's video game programs in order to discover the requirements for compatibility with the Genesis console. As part of the reverse engineering process, Accolade transformed the machine- readable object code contained in commercially available copies of Sega's game cartridges into human- readable source code using a process called "disassembly" or "decompilation".[1] Accolade purchased a Genesis console and three Sega game cartridges, wired a decompiler into the console circuitry, and generated printouts of the resulting source code. Accolade engineers studied and annotated the printouts in order to identify areas of commonality among the three gameprograms. They then loaded the disassembled code back into a computer, and experimented to discover the interface specifications for the Genesis console by modifying the programs and studying the results. At the end of the reverse engineering process, Accolade created a development manual that incorporated the information it had discovered about the requirements for a Genesis- compatible game. According to the Accolade employees who created the manual, the manual contained only functional descriptions of the interface requirements and did not include any of Sega's code.
This was eventually found to be legal.I believe one of the reasons for clean room reverse engineering is stated in the last line there, to make sure none of Sega's IP (their copyrighted code) gets copied into the new code. Copyright only covers implementation, so clean room reverse engineering translates Sega's implentation into conceptual stuff that copyright can't cover and then into Accolade's implentation, without skipping the concept part.
--
Re:Wasnt... (Score:2)
well... (Score:5)
They were sued. They won. The WinTel PC industry was born. This doesn't even take into account the amount of software "look and feel" cloning that took place some 8-9 years later.
If figuring out how something works is a crime, then curosity should be outlawed. Quite frankly is someone can reverse engineer it, odds are it was so damn obvious, it didn't deserve protection in the first place.
Really (Score:2)
Yes.
At first I thought they were just errors. But then I learned that these 'mistakes' were intentional. I don't recall if I read about it or saw it on TV, but someone from a map publisher was interviewed about and confirmed the practise.
As for the examples, here are a couple I think are instances of this, but they could be errors.
I've seen maps of NJ that show a town called "Hiltons" between Atlantic Highlands and Highlands. I grew up in Atlantic Highlands. There is no such town.
When I first moved to Burlington county NJ I picked up some maps so that I could find my way around. Twice I got messed up because short (>= 1/2 mile) roads marked on the map didn't exist.
Finally, a map I own (I live in NJ but I'm in CA on business now or I'd dig out the map and give an exact reference) the condo complex I live in is not shown and a road that does not exist is shown instead.
Steve M
Re:Satellite cards (Score:2)
http://www.cl.cam.ac.uk/Resear ch/ Security/tamper/ [cam.ac.uk]
Re:Article mis-uses phrase 'reverse engineering' (Score:2)
Reverse engineering can also involve dumping out the program, disassembling and commenting the code.
That would be the first step of a "clean-room" project. The result of the first step would be a copy of the original program, which, as you correctly pointed out, you can't use, because of copyrights on the code. You can't stop there.
The second step of the clean-room process is for the person who now understands the program to write a complete description of what the program does. Copyright only protects implementations of ideas, not the ideas themselves, so you describe the ideas of the program without revealing the details of the implementation.
The third step of the clean-room process is to hand the complete description of what the program does to a second party who has never been "contaminated" by examining the original implementation. The second party is then free to write a new implementation, based on the description.
This is how the first PC clone BIOS was developed.
The first step in this completely legal, commonly used process is to copy the actual program. It is not theft.
What the article is describing is not just how to prevent someone from copying the data, it is describing how to prevent someone from reading the data; in order to prevent legitimate reverse engineering and legal clean-room re-implementations.
The author is describing how to obtain protections over and above what the law provides, not how to obtain legal protection. Legal protection comes from patents and copyrights. Trade-secret protection comes from obscurity and obscurity alone, not from the government.
Two Thought Experiments. (Score:3)
1. Reverse engineering absolutely never occurs aka "Perfectly Secret Engineering". Even when a design feature is obvious (such as a winglet on a plane) other companies cannot copy it. They must arrive at the same conclusions as the first company through trial and error. Knowledge never passes into the public domain unless someone explicitly places is there.
Outcome: Technology stagnates due to duplication of effort. There is a lack of incentive to innovate because once a product is sufficiently complex as to be difficult to duplicate, the company that originated the idea will have a long time before anybody can duplicate it. Companies will drown in a sea of paperwork required to prove that they arrived at the same design independantly.
2. Unlimited reverse engineering aka "Perfect Reverse Engineering". All products may be disassembled and duplicated without hinderence of patent, trade secrecy, or any other form of intellectual property. Knowledge flow is instantaneous from creator to user.
Outcome: The tragedy of the commons. Companies will play "wait-n-see" to see who comes up with difficult to engineer solutions to problems. If they are making a profit, they will not bother to spend money on R&D. The outlay can't be justified for the low expected return. Companies will only innovate when the entire business segment is threatened. Because all companies share IP in this scenario, the entire sector would have to be threated before it would decide to innovate. If even one company were making a profit, then the failing companies would blame their marketing or management departments. Actually, marketing and management techniques are also IP, and would be shared too. Effectively, such a situation would be akin to a monopoly, since all companies would have the same IP, and would be different companies in name only.
It shouldn't be a surprise that both of these scenarios suck. An equillibrium is required. Politics is the art of compromise. Geeks need to recognize that compromise is a necessary part of the equation. That means Free Software people tolerating some patents, trademarks, and copyrights. That means businesses tolerating some hacking, reverse engineering, and parodies.
Does this provide an easy answer to the questions? Of course not. There is no easy answer. The opposing parties and the mediator(s) are all part of a complex solution. Here's hoping that we can remain civil, and arrive at solutions that provide a fair balance for each individual case.
Not only that... (Score:2)
This world is rapidly becoming a fucked place, and I fear a revolution is brewing...
I support the EFF [eff.org] - do you?
Right idea, WRONG computer: (Score:4)
The story is right, but you have the wrong computer.
Apple's ROMs had entrypoints that were all over the ROMs' address range, because they didn't want to dedicate any area as a jump table. Franklin copied the ROM verbatim, as rewriting it would screw up the entrypoints. Apple sued Franklin, and WON.
IBM made the BIOS (with function numbers instead of haphazard entry vectors) specifically so that it could be re-written, extended, improved over time. They PUBLISHED the source code to the whole BIOS, and knew that this put them in the risk of being cloned. COMPAQ rewrote the BIOS, function by function, complying with the data interfaces only. IBM sued COMPAQ, and LOST.
Re:well... (Score:2)
It appears to me the so called millions of dollars of development manufacturers claim for their product, was to design it in such a way to promote vendor lock in and maximum marketability with their partners. This is good business sense, but is it fair to deny consumers the ability to hack the product they purchased to rebuild or redesign it in such a way to be compatible with other household products? I see the patent system and so called "license agreements" attempting to convince us we do not have certain rights as curious humans who want our tools to adapt to our own needs. What we have is corporate dictatorship. They will order us what we can or can't do if we purchase their product. Is this fair? I think its patently absurd to support their notions.
I am appalled. (Score:5)
In reference to your article, "Cunning Circuits Confound Crooks," found at: http://www.ednmag.com/ednmag/reg/2000/10122000/21
"The other harder but possibly even more damaging form of theft is "reverse-engineering." In that scenario, someone uses the information stored in the programmable-logic device to reconstruct the original circuit details and then alters and incorporates those details in part or whole into other designs." Your analysis is woefully misguided.
Intellectual property protections in the United States exist for copyright, trademark, patent and trade secret information, and each of these areas includes its own particular set of limitations. These limitations are present for very good reasons, ranging from free speech to the encouragement of innovation. For any truly new, useful and unobvious circuit, patent protection can be obtained -- protection that gives the inventor the exclusive right to manufacture, use and sell the patented invention for a limited time. However, that protection comes at a price: the inventor must disclose to the world precisely how to make and use the invention, so that others may build upon it and so that further innovation may be encouraged.
Similarly, trade secret protection also has limitations. Trade secrets are protected only while they are precisely that: secret. Since trade secret protection (a) gives unlimited time-duration protection, and (b) fails to educate the rest of the world and thereby foster further innovation, it is extremely limited. Once a given technology is no longer secret, it may be used by anyone freely.
If a circuit designer decides to forego the greater protections afforded by patent, he or she cannot complain about reverse engineering under the law. So long as someone is not directly infringing a copyright (or mask work) by literally copying a chip design, they are free to use the underlying ideas to improve their own devices.
Reverse engineering is not theft, either legally or ethically, and I suggest that you consider my comments in your journalistic pursuits.
Joffrey X. XXXXXXXX
xxxxx & xxxxx, LLP
Re:First IBM compatibles (Score:2)
The people doing the coding had to start with little to now prior knowledge of the existing BIOS.
But this isn't exactly learning (Score:2)
Maybe it sucks for the company that created the idea/product because they now don't have a monopoly (which, the last time I checked, was a good thing), but it sure as hell isn't theft. Any claims like that are ridiculous.
Mike
"I would kill everyone in this room for a drop of sweet beer."
Re:Wasnt... (Score:2)
Once the patent runs out, go ahead and clean-room all you like.