Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy Data Storage Your Rights Online

Brightnets are Owner Free File Systems 502

elucido writes "OFF, or the Owner-Free Filesystem is a distributed filesystem in which everything is stored in reference to randomized data blocks, as opposed to a 1:1 copy of the original data being inserted. The creators of the Owner-Free Filesystem have coined a new term to define the network: A brightnet. Nobody shares any copyrighted files, and therefore nobody needs to hide away. OFF provides a platform through which data can be stored (publicly or otherwise) in a discreet, distributed manner. The system allows for personal privacy because data (blocks) being transferred from peer to peer do not bear any relation to the original data. Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random." Their main wiki page discusses a bit of what this means and how it might work as well. I've been saying that we need this for many years now, if only because we all have 10 gigs free on our machines and if we could RAID the internet we'd need fewer hard drives.
This discussion has been archived. No new comments can be posted.

Brightnets are Owner Free File Systems

Comments Filter:
  • by InvisblePinkUnicorn ( 1126837 ) on Monday June 30, 2008 @08:02AM (#23998991)
    My network is still on the fence when it comes to the existence of God.
  • Encryption (Score:5, Insightful)

    by adpsimpson ( 956630 ) on Monday June 30, 2008 @08:03AM (#23998999)

    Isn't this just a sophisticated form of encryption, using a large, randomly generated key?

    If so, does it have any real advantages over conventional encryption? It seems that the disadvantage would be the need to have both the file (large) and the random data (large) instead of, conventionally, just the file (large) and key (small).

    Also, I can't be the only one who found the summary, uh, confusing??

    • Re:Encryption (Score:5, Informative)

      by iocat ( 572367 ) on Monday June 30, 2008 @08:06AM (#23999035) Homepage Journal
      the wiki explains it a little better. It's sort of cool. It breaks all the data in 128K randomized chunks, and those chunks can also be used as well to represent OTHER data, because it's all about the relationship of the radomized chunks, not just the chunks themselves.
      • Re: (Score:3, Informative)

        by Hatta ( 162192 )

        Well the wiki is down so I can't look.

        I don't see how that's any help though. You have to store the data representing the relationship between the chunks somewhere too. Suppose instead of 128K chunks we use 1 bit chunks. We'll store all the 1s on one computer, all the 0s on another computer and the relationship between the data on a third computer. Where is the copyrighted data?

        • Re:Encryption (Score:4, Interesting)

          by maraist ( 68387 ) * <michael.maraistN ... m.com minus poet> on Monday June 30, 2008 @06:36PM (#24009291) Homepage

          I read all the wiki had to offer. I agree that this is a problem - I'm going to see if I can post to their complaint forum as well.

          Basically you have a URL that contains 4 pieces of information.. A file name (largely meaningless except to the end user), a file-size, and 3 30-Byte SHA-1 hashes, referred to here as a 3-tuple (represented in HEX). You search the local disk cache for file names that match each of the SHA-1 digests. For every digest file not found, search the local network for a match and download the block locally (this is the peer-to-peer part).

          You XOR the contents of the 3 blocks (which happen to be sized at 128K - no significance) to produce the decoded data.

          The first decoded block (provided from the URL) is a sequential-list of 90 byte 3-tuples (similar to the original URL). The contents of all of these 3-tuples are the desired data, except the last 3-tuple which is a chain to the next descriptor block.

          The file-size tells you when to stop obviously.

          The 'theory' is that highly randomized data should be randomly reused by completely unrelated data.. .mp3 and .txt files, for example. Moreover, there is 'no way to reconstruct' useful data w/o the 3-tuple AND the file-size. However, small files will have a high probability of SHA-1 collisions (and thus corrupted data - they only talk about virus corruption, but there's the more important inadvertant collsions which overwrite valid data - BackupPC resolves this by creating MD5;1 MD5;2 file-names). The large 128K should alleviate this, but also assures a low probability of block reuse.

          The problem I see is that data-blocks are not inherently random by default.. In order to be practically random, you'd have to take the recommended 1TB file-system, randomize it - produce approx 8 million SHA-1 digests, then for each real-data insert, delete in an LRU fashion. Otherwise, if you only had a hundred-thousand blocks - It would not be THAT difficult to grab the first 30 bytes of every block and XOR them with several of the most recently inserted blocks until you found something that matched an existing file-name. If matched, try the next 30B, etc. Now you have a starting point AND the appropriate 3-tuple. You're only missing the file-size.. But if it spits out music in one of like 5 codecs, you've got a winner. Shouldn't be able to do statistical analysis to find random-noise or invalid media format. Many files contain internal end-of-file signifiers (.zip, .gz for example).

          With 8 million records, that becomes hard(er) to do. But how long does it take to initialize that?

          Now with respect to the network, there's no need to actually store the file-descriptor block remotely, Thus for highly sensitive files, you can probably encrypt the descriptor block and keep it locally (sharing on a private trusted network). But for text-based files, you'd probably still be weary of having network stored timestamp ordered data-blocks - as the contents of the last 100 blocks could easily be determined, (text files are not as order sensitive as mp3s and zip files).

          The stated goal is purely open, freely shared, perfectly legal data-store... Which allows the occasionally masked sensitive data. Though the RIAA/MPAA would read it as, a front for illegal data.

          They say they have better bandwith than obscured P2P networks, since you can allow open download by the RIAA as well as your clients, and it's all meaningless w/o the starting points/blocks. You do have a 3x bandwidth over a pure HTTP/FTP download - as you have to download 3 blocks to XOR against each other to produce 1 block of data. They suggest that once you have a descriptor block you 'should download the tuples in random order to reduce pattern matching by ISPs' which furthers the notion that this is for illicit purpose.

          I'm highly suspicious that the SHA-1 digests produce useful collisions and provide you bandwidth reduction via your local disk-cache for the above comments.

          I'm also

      • Re:Encryption (Score:5, Insightful)

        by Jake73 ( 306340 ) on Monday June 30, 2008 @11:01AM (#24002045) Homepage

        Yes, but the assertion that this somehow circumvents copyright law is pretty ridiculous.

        The composite of the entire system allows one to store data in a retrievable fashion, just as the composite of a hard drive, magnetic head, source coding strategy, filesystem, and operating system allow one to store data in a retrievable fashion -- despite the fact that it is fragmented on the drive and source coded.

        The scope of the system may be different, but it accomplishes the same.

        Sharing the "recipe" for assembling the blocks is the same as sharing the original file. It's just a definition of terms. You could say that a compressed (.zip) version of a text file is really just a recipe for algorithmically creating the original text file. The zip version and the original are treated the same under copyright law, as far as I know.

        • Re:Encryption (Score:5, Insightful)

          by sjames ( 1099 ) on Monday June 30, 2008 @12:26PM (#24003579) Homepage Journal

          It' not a circumvention of every aspect of copyright, it's a system where you can't claim that every single intermediary had some part in any copyright violation.

          For example, I rip all my CDs and store them in this system (keeping the list of URLs needed to re-construct/retrieve the files to myself. Since only I can get the files back, I have not distributed anything WRT copyright.

          The various nodes can't know what the blocks I stored are. Should I give someone else my list of URLs, I have now distributed, so I have now violated copyright. The nodes storing those blocks still don't know what they are and have no means of re-constructing them, so have not infringed.

        • Re:Encryption (Score:4, Insightful)

          by mrsteveman1 ( 1010381 ) on Monday June 30, 2008 @12:56PM (#24004093)

          This situation is perhaps similar to torrents. A torrent isn't the real data but does "refer" to it in a way similar to how the "key" in this filesystem refers to the actual pieces needed to reconstruct the file, even though those pieces aren't unique.

          One could even say that the "key" in this case is even closer to the real data than a torrent.

    • Re:Encryption (Score:5, Insightful)

      by adpsimpson ( 956630 ) on Monday June 30, 2008 @08:27AM (#23999287)

      Replying to my own post, but this IS just a sort of encryption - their main claim being because the data is encrypted, it's not copyright.

      As has been pointed out below, the data transferred is not the thing copyrighted - it's what it represents. So it's an arduous and painful encryption, with high overhead, easy to crack and no plausible benefit. With some hand-wavy 'it annuls all badness from bad things' explanation.

      • Re:Encryption (Score:5, Interesting)

        by Hal_Porter ( 817932 ) on Monday June 30, 2008 @08:47AM (#23999501)

        Replying to my own post, but this IS just a sort of encryption - their main claim being because the data is encrypted, it's not copyright.

        As has been pointed out below, the data transferred is not the thing copyrighted - it's what it represents. So it's an arduous and painful encryption, with high overhead, easy to crack and no plausible benefit. With some hand-wavy 'it annuls all badness from bad things' explanation.

        Except that is probably bullshit to copyright lawyers

        There's a great explanation of why in this essay, What Colour are your Bits. It's actually about another system based on the same sort of ideas.

        http://ansuz.sooke.bc.ca/lawpoli/colour/2004061001.php [sooke.bc.ca]

        The fallacy of Monolith is that it's playing fast and loose with Colour, attempting to use legal rules one moment and math rules another moment as convenient. When you have a copyrighted file at the start, that file clearly has the "covered by copyright" Colour, and you're not cleared for it, Citizen. When it's scrambled by Monolith, the claim is that the resulting file has no Colour - how could it have the copyright Colour? It's just random bits! Then when it's descrambled, it still can't have the copyright Colour because it came from public inputs. The problem is that there are two conflicting sets of rules there. Under the lawyer's rules, Colour is not a mathematical function of the bits that you can determine by examining the bits. It matters where the bits came from. The scrambled file still has the copyright Colour because it came from the copyrighted input file. It doesn't matter that it looks like, or maybe even is bit-for-bit identical with, some other file that you could get from a random number generator. It happens that you didn't get it from a random number generator. You got it from copyrighted material; it is copyrighted. The randomly-generated file, even if bit-for-bit identical, would have a different Colour. The Colour inherits through all scrambling and descrambling operations and you're distributing a copyrighted work, you Commie Mutant Traitor.

        To a computer scientist, on the other hand, bits are bits are bits and it is absolutely fundamental that two identical chunks of bits cannot be distinguished. Colour does not exist. I've seen computer people claim (indeed, one did this to me just today in the very discussion that inspired this posting) that copyright law inescapably leads to nonsense conclusions like "If I own copyright on one thing, and copyright inherits through XOR, then I own copyright on everything because everything can be obtained from my one thing by XORing it with the right file." That sounds profound only if you're a Colour-blind computer scientist; it would be boring nonsense to a lawyer because lawyers are trained to believe in and use Colour, and it's obvious to a lawyer that the Colour doesn't magically bleed to the entire universe through the hypothetical random files that might be created some day. You could create the file randomly, but you didn't. Maybe you could create a file identical to the complete works of Shakespeare by XORing together two files of apparently random garbage. "Why, so can I, or so can any man;" but that doesn't mean that I am William Shakespeare.

        • Re:Encryption (Score:5, Insightful)

          by crosbie ( 446285 ) <crosbie@digitalproductions.co.uk> on Monday June 30, 2008 @09:33AM (#24000249) Homepage

          Putting it a little more plainly:

          Copyright concerns provenance (similarity merely raises suspicion).

          Patent concerns similarity (provenance is irrelevant).

          However, both are unethical and ineffective anachronisms long overdue for abolition.

          Let overpaid lawyers count the angels on a pinhead. It is not something computer scientists should concern themselves with, especially when litigation causes 99% of harm well before any judges get anywhere near investigating the provenance of bits - deciding which side of bread best provides inspiration as to the 'correct' judicial interpretation as to how bits should properly be constrained.

          Use the GPL. It's a legal device against litigation.

          Using BrightNets is a coder's sophistry, not a lawyer's. A coder may as well wonder why there's so much legal difference between copying an MP3 file and streaming it, when there's marginal technical difference. Conversely, lawyer's won't be fazed by significant technical differences if the end result is the same - they'll sue you first and leave the questions to judges in subsequent decades.

          You might as well create a distributed and co-operatively administered 'YouTube' host with anyone legally permitted to upload and download so long as the hosted works were only 'streamed' to the public and taken down upon request (DMCA).

          Lex Asinus Est.

          • Re: (Score:3, Informative)

            by struppi ( 576767 )

            However, both are unethical and ineffective anachronisms long overdue for abolition.

            [...]

            Use the GPL. It's a legal device against litigation.

            You do realize that the GPL is absolutely meaningless without copyright law, do you? Did you ever actually read the GPL?

            • Re: (Score:3, Interesting)

              by crosbie ( 446285 )

              Of course.

              But then, without copyright there is absolutely no need for the GPL.

              I'm amused by this strange idea that if a society wished to provide its citizens with the right to free speech and free cultural exchange they'd first have to enact a law that would prohibit such freedom.

              Bear in mind that the GPL is a means to enjoy freedom, not a means to enjoy the operation of the GPL in a copyright encumbered society.

              • Re:Encryption (Score:5, Insightful)

                by Rary ( 566291 ) on Monday June 30, 2008 @10:32AM (#24001491)

                But then, without copyright there is absolutely no need for the GPL. ... Bear in mind that the GPL is a means to enjoy freedom...

                I'm no expert on the GPL, but am I not correct in thinking that the GPL forces restrictions on developers in order to ensure freedoms for users? For example, the requirement that if I build and distribute something that uses GPL code, I must use the GPL on my code and distribute the source code with the binaries.

                Without copyright and the GPL, there is absolutely no way to force me to distribute my source code. I can take an open source project, add to it to create something new, hide the source code in a vault and distribute only the binary. You will be able to copy it freely, but good luck modifying it. You, the user of my software, have lost freedom because there is no GPL to force me to provide you with that freedom.

                • Re: (Score:3, Interesting)

                  by crosbie ( 446285 )

                  The GPL obliges provision of source code because it operates in a copyright encumbered culture, and needs to persuade licensees used to the proprietary software development business model that there is no benefit to withholding source (their inculcated inclination).

                  There is no need to oblige disclosure of source to derivatives in a culture used to operating without copyright.

                  Looking at it another way, tell me why in a culture without copyright you'd have to enact a law that prohibited the distribution of bi

                  • Re:Encryption (Score:4, Insightful)

                    by Rary ( 566291 ) on Monday June 30, 2008 @11:42AM (#24002825)

                    However, there is no market for withheld or obfuscated source code in such a culture. Binaries cost nothing to make and could not be sold ... The GPL is about reproducing the culture that would result if copyright and patent were abolished, i.e. a free culture.

                    Imagine we live in that world without copyright, and therefore a world without GPL. Oracle builds and sells an RDBMS. Anyone can copy and use it for free, since there is no copyright preventing that. However, Oracle wants to make money off of their RDBMS. So, they sell support services. Maybe they also offer custom development to tailor the RDBMS for your environment. In order to prevent competitors from providing those services, it makes sense for them to keep their source code hidden and only distribute the binaries.

                    No-one's freedom is constrained if the source is withheld or obfuscated in a culture without copyright.

                    According to RMS, withholding source limits user freedom. Therefore, users of GPL software have more freedom than users of Oracle RDBMS in the above example.

                • Re: (Score:3, Insightful)

                  by Yogiz ( 1123127 )

                  As someone nicely said: "GPL takes away the freedom to take freedom away form others".

            • Re: (Score:3, Insightful)

              and you realize that without copyright law and software patents, the GPL is unnecessary?

          • Re: (Score:3, Insightful)

            by slim ( 1652 )

            [...] lawyer's won't be fazed by significant technical differences if the end result is the same - they'll sue you first and leave the questions to judges in subsequent decades.

            The key to this is who the "you" that gets sued is. There are three classes of participant in this data transfer: uploader, downloader, and cloud member.

            It seems to me that this scheme makes the uploader and the downloader guilty, but difficult to catch (you'd need to catch them exchanging URLs), and the cloud members not guilty of anything.

            Cloud members would have no idea whether they were hosting (chunks of) copyrighted top 40 MP3s, legally redistributable freeware, communications between Burmese freedom

            • Re: (Score:3, Interesting)

              by crosbie ( 446285 )

              People involved in file-sharing have already settled litigation out of court - even when they know they're entirely innocent. Guilt is immaterial if you want to avoid the penury of prosecution.

              The 'bad actors' who are sued are those the **AA wishes to make an example of to other 'bad actors' - the more naive and apparently unprosecutable the better. After all, file-sharing is a problem precisely because it's engaged in by kids and their apple pie making grannies. If it was only incorrigible pirates that did

        • Short version (Score:5, Insightful)

          by The Warlock ( 701535 ) on Monday June 30, 2008 @09:46AM (#24000537)

          What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

          • Re: (Score:3, Funny)

            by Anonymous Coward

            Exactly.... This is all petty semantics from a legal standpoint. When you're in civil court attempting to defend yourself, you can not argue about the law like you argue about DnD rules.

          • Re:Short version (Score:5, Insightful)

            by TubeSteak ( 669689 ) on Monday June 30, 2008 @11:23AM (#24002451) Journal

            What we have here is a technical solution to a legal problem. Every time a story pops up on Slashdot with a legal solution to a technical problem, we laugh at it. Well, the other way around doesn't work either, folks.

            The law is all about technicalities.
            Whether it is prosecuting Al Capone for Tax Evasion or successfully defending yourself because of technicalities, finding technical solutions to legal problems is exactly how the Judicial system works.

            There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

            To make this abundantly clear:
            Legal solution to a technical problem - outlawing buffer overflow exploits
            Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

            • by Valdrax ( 32670 ) on Monday June 30, 2008 @12:31PM (#24003659)

              There is a reason that legal "solutions" to technical problems deserve the derision we heap upon them. Legal "solutions" merely attempt to artificially constrain the problem without doing anything to resolve the technical nature of the problem itself.

              To make this abundantly clear:
              Legal solution to a technical problem - outlawing buffer overflow exploits
              Technical solution to a legal problem - showing that the arresting officer made a procedural error which taints the evidence gathered against you.

              You just mixed your namespaces.

              1st: [Law solution (statutory)] tries to fix [Computer problem]
              2nd: [Law solution (procedural)] tries to fix [Law problem]

              These aren't equivalent. A technical computer solution to a computer problem is fine, as is a technical legal solution to a legal problem. What's worthy of derision is using a law solution to a computer problem or using a computer solution to a law problem, and that's what this is.

              Claiming that you didn't violate someone's copyright because you copied their works without permission in a really nifty way is nonsense. Copyright law doesn't care if you independently produce exactly the same work as somebody; it's a strict liability tort -- "innocent" infringement is still infringement.

        • by davidwr ( 791652 ) on Monday June 30, 2008 @11:20AM (#24002395) Homepage Journal

          The song "Happy Birthday" is under copyright.

          If I send you two emails, one that contains a numbered list of every word to "Happy Birthday" along with 1000 other words, in alphabetical order, and another email that contains the numbers of the words "Happy Birthday" in the order they appear in the song, the two together constitute a copyright violation.

          The same principle applies if I give the page- and line-numbers of a common dictionary, or any other referenced source, even if the referenced source was itself in the public domain.

          If two legally independent systems existed to transport this data each one would probably be immune from being prosecuted for "aiding and abetting" copyright violations, particularly if there were other legitimate uses, but a combined infrastructure which encouraged people to use it for copyright violations would be legally problematic.

          Let's put it another way:
          If I ran a legitimate service that operated this way, and I filtered out "re-assembly URLs" that appeared to be copyright violations, that would be legally defensible.

          If, independently of me, you took copyrighted data and put it on my system with bogus re-assembly instructions and labeled the data "random_numbers", and then sent the correct reassembly data through another mechanism, I would be legally off the hook, but if you were ever caught, you would not be.

          Legally, this is not much different than copyrighted data encrypted by a one-time pad. Either half can be considered the non-copyrighted pad, and proving which half is the pad and which half is derived from the original can be legally difficult or impossible, but together, it's the same as the original and anyone or any organization that says "I have a safe way for you to use my product to safely transmit both halves to circumvent copyright protection laws" is going to get hauled into court and lose. Anyone or any organization which, through gross negligence, allows such traffic and who could reasonably stop it without shutting down non-infringing uses, or which doesn't have a substantial amount of non-infringing use, is asking for a legally expensive court fight. He might win the fight but he will be financially bruised for it.

          If you are going to pull a stunt like this, make sure it's broken into enough organizational pieces that each piece is clearly legally defensible, and make sure both each piece and the overall technology enjoy substantial use by legal users. Also make sure there is no cheap way of segregating infringing from non-infringing use.

      • Re:Encryption (Score:5, Insightful)

        by smallfries ( 601545 ) on Monday June 30, 2008 @09:27AM (#24000161) Homepage

        It's not a form of encryption, the purpose is not to hide the data but to share representations. The basic idea is let's say that I have files/blocks A,B,C. Instead of storing them directly I will compute shares that merge the information into a new set of blocks. None of the new set of blocks will contain copyrighted info - or if it does then who will own it because there are competing copyright claims. To get file A back out I need to take a selection of the shares and xor them together.

        It's an interesting technical approach, but a classic FAIL. Geeks never understand the law, they assume that it is a mechanical system that can be gamed (well, because they're geeks). But no matter how the law it is written, it is interpreted by people. The first time that it was tried is court would be something like this:

        Pros: Could you explain to the court what you uploaded to Brightnet?
        Def: It was a non-linear combination of the xor of .... .... .... in several parts.
        Pros: Did you upload Britney Spears - Chart Slag.mp3?
        Def: No, that was never on my computer.
        Pros: Did you upload something that allowed the mp3 to be constructed exactly?
        Def: Yes
        Pros: Copyright infringment through unauthorised distribution, the prosecution rests.
        Def: WTF?

    • What I missed from the wiki is why you could not just host the random files locally, or generate them on the fly? If the URLs that are distributed are encoded to reassemble the original file from known random parts, why host those parts on other machines at all?

      On aside note, assuming computing power is no problem, wouldn't it be better to distribute multiple MD5 hashes of 128kb chunks of a given file. Then through brute force reassemble the file by solving for what the MD5 represents. Not only are you dr
  • by 91degrees ( 207121 ) on Monday June 30, 2008 @08:08AM (#23999047) Journal
    As a rule, you don't copyright the exact data (i.e. the sequence of numbers representing a digital file). You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.
    • by Richard_at_work ( 517087 ) on Monday June 30, 2008 @08:13AM (#23999109)
      Yup, and attempted get-arounds like this are stuff courts love to slap down.
    • by NickFortune ( 613926 ) on Monday June 30, 2008 @08:21AM (#23999199) Homepage Journal

      Attempting to abstract the law into mathematics is pointless.

      Hmmm... I don't think that's the objective, exactly. I didn't read TFA as saying "material distributed in this way is not subject to copyright" but rather "none of the bits we're moving are copyrighted - go pester the people doing the uploading"

      I also think there is a useful discussion to be had on the subject of numbers and the digital assets they may or not represent. If I zip up MS Office, for instance, I've turned it into a very long number. Is it reasonable to allow companies to claim ownership of such numbers? With the proper compression and/or encryption scheme, you could use any number (trivially in some cases) to represent a work over which you can claim copyright. Do we then let a corporation privatise the entire integer space? And if not, how do we distinguish between infringing and non-infringing uses of a large number?

      • how do we distinguish between infringing and non-infringing uses of a large number?

        $ sudo apt-get install common-sense && man common-sense

        • by NickFortune ( 613926 ) on Monday June 30, 2008 @08:50AM (#23999561) Homepage Journal

          $ sudo apt-get install common-sense && man common-sense

          The problem I have with that, is I that don't think those commands work in a court of law.

          Come to think of it, but I'm fairly they wouldn't work under Ubuntu either. (I wouldn't know about Debian)

          • by Firehed ( 942385 ) on Monday June 30, 2008 @08:58AM (#23999705) Homepage

            In this case, though, the law has it right. No matter what you're doing to break up, encrypt, hash, randomize, or distribute files, if the end-goal is to end up with a representation of copyrighted material then you're still breaking the law.

            If you don't like the law, then go out there and do something about it. Trying to find a workaround for the law is just going to get the courts mad at you if you get caught. Information may want to be free, but right now it isn't (at least not the information that these kinds of things are being created for). Legitimize it, not strategize about how to avoid the problems that can come with it.

      • This argument is futile. The law covers distribution of the information regardless of the format of the information, so one large number is legally indistinguishable from base64 or hex. If the copyrighted data can be recovered it's considered distribution - in some cases even if the key itself is not distributed with the encrypted data.

        I don't know if this new system exploits a loophole in the laws, but even if it does, that loophole will be closed. The new copyright laws appearing worldwide are practically

        • by Klaus_1250 ( 987230 ) on Monday June 30, 2008 @08:57AM (#23999699)

          If the copyrighted data can be recovered it's considered distribution - in some cases even if the key itself is not distributed with the encrypted data.

          The issue is that any piece of random data can be turned into copyrighted data. With the right key, you can turn John Smith's holiday photo's into copyrighted MP3's. But you can't sue John Smith because someone uploaded a key that can turn his photo's in copyrighted data. OFF stores random blocks of data, which can be used by multiple files. It doesn't store any information in particular, just random blocks. Random blocks that can be used for anything. It is the URL that turnes those random blocks into something.

    • Re: (Score:3, Informative)

      As a rule, you don't copyright the exact data (i.e. the sequence of numbers representing a digital file). You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

      That's not the point. The point is that if someone downloads blocks from me to be used for copyrighted material, I cannot know what it is used for. Maybe these block also encode legal stuff. Because the same block encodes multiple files, and because a request does not state what the data is gonna be used for, I (probably) cannot be holded responsable for sharing copyrighted material.

      • I made a longer winded post about this here, [slashdot.org] but I'll summarize for you.

        That's not the point. The point is that if someone downloads blocks from me to be used for copyrighted material, I cannot know what it is used for.

        That's the problem. You have absolutely no way of knowing that you're not sharing infringing blocks, you have no way to prevent it, and yet you've still willingly installed and ran the software on your system.

        How are the courts going to preserve copyright law in the face of this technical challenge? Make no mistake, courts aren't going to just throw up their hands in the air and say, "Wow! Centuries of legal tradition and entire sect

    • You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

      You're dead right. What is interesting is that if you're "caught" with some of these random blocks on your disk, they're just random blocks of data. You can't decode them unless you have the key, hence there's no charge of copyright infringement.

      One problem with the proposal (which, by the way, is very obvious, and is how FreeNet and other systems work) is that their key length needs to be the same length as the data, because it's effectively a One Time Pad. If it's any shorter than the original data, then there will be a way to unencrypt the data without the key (proof by a simple counting argument).

      Rich.

    • by adpsimpson ( 956630 ) on Monday June 30, 2008 @08:22AM (#23999221)

      Once I actually understood what on earth they are on about, it seems like an interesting idea with very little basis in reality. Their main claim seems to be a magic-wand approach to getting round copyright, as opposed to a particularly useful distributed filesystem:

      No data passing through the network can be considered copyrighted because the means by which it is represented is truly random

      Sure... So if I put in Brittany's latest album, then tell my friend to click on the url that 'reassembles' the 'truly random' data into, well, Brittany's latest album, then do you really think copyright has nothing to say?

      Breaking news! Photocopying books is TOTALLY LEGAL if you use yellow paper and/or put the book in the machine upside down!

      A correctly encrypted file also appears random. It does not mean it IS random, otherwise it would be, well, not very useful.

    • by nurb432 ( 527695 ) on Monday June 30, 2008 @08:30AM (#23999315) Homepage Journal

      For some of us that isn't a problem, since we don't believe in IP anyway.

      • by Silver Sloth ( 770927 ) on Monday June 30, 2008 @08:36AM (#23999375)
        Whether you believe in IP is irrelevant to the law of the country of where you live. As a defence it won't hold up in court.
        • Re: (Score:3, Insightful)

          by nurb432 ( 527695 )

          Who said im going to court? I adjust my activities to compensate which avoids that situation.

          Doesn't change my belief, or disregard.

        • by IgnoramusMaximus ( 692000 ) on Monday June 30, 2008 @08:54AM (#23999647)

          Whether you believe in IP is irrelevant to the law of the country of where you live. As a defence it won't hold up in court.

          "Whether you believe in Allah is irrelevant to the Sharia law of the country of where you live. As a defense it won't hold up in the Religious court."

          There, fixed it for you. Since the evidence for existence of Allah is pretty much on the same level as that for the so-called "Intellectual Property" (i.e. the concept of 'ownership' of large integer numbers and the like) and the relationship between such belief and laws passed based on it is strikingly similar, the statement you made is pretty much equivalent to the one below: arbitrary bullshit based on whatever nonsense happens to deliver power and money to whatever "law makers" and their associates happen to be at the top at the time, logic, science and reason be damned.

      • Too bad Western legal systems do.

        Saddam didn't believe in the court's jurisdiction. Didn't do him any favours!
    • by intx13 ( 808988 )
      Exactly - while the technology of a distributed, encrypted file system might be neat (though this particular implementation seems kind of silly IMO), this isn't some huge loophole for distributing copyrighted works without violating copyright. Encrypting a copyrighted work does not diminish the copyright of the work. It just makes it harder for anyone to prove that the file does indeed represent a copyrighted work.

      From the article:

      Even if a number (file) in question can be copyrighted under current leg

    • You copyright the actual tangible information. Attempting to abstract the law into mathematics is pointless. They are not compatible.

      Define "information" in terms not mathematically equivalent to binary data.

      If you manage this, that would mean that all the computing technology is in fact impossible (as computers would not be able to process information), that no music or moving images can be digitally stored and that "information" cannot be encoded in form of electrical impulses, among other things.

      What

  • by Rary ( 566291 ) on Monday June 30, 2008 @08:11AM (#23999085)

    Incidentally, no data passing through the network can be considered copyrighted because the means by which it is represented is truly random.

    It's not the data that's protected by copyright, it's what the data represents.

    No matter how you mangle the data when storing it or transferring it from one location to another, the end result is the same. They're trying to use semantics and technical voodoo to get around copyright law. It won't work.

    • by larry bagina ( 561269 ) on Monday June 30, 2008 @08:16AM (#23999157) Journal
      When the RIAA files a lawsuit, you can testify in court that you were actually downloading kiddie porn.
    • by iocat ( 572367 ) on Monday June 30, 2008 @08:18AM (#23999177) Homepage Journal
      You're right, but wouldn't this move the 'infringer' to the guy who had the URL to put all the little random chunks together into a Maroon Five file on his PC, not the girl who had one 128K chunk that *could be* used to represent the Maroon Five file -- or a shopping list -- on her PC?
      • Re: (Score:3, Informative)

        by Ed Avis ( 5917 )

        The idea of a chunk that 'could' be used to represent part of a copyrighted work is specious. Using XOR encryption, a copy of Madonna's latest video 'could' just be my weekly shopping list, encrypted with a particular one-time pad. Anything could be anything, and therefore the concept of 'could be' is useless.

    • It's not the data that's protected by copyright, it's what the data represents.

      No matter how you mangle the data when storing it or transferring it from one location to another, the end result is the same. They're trying to use semantics and technical voodoo to get around copyright law. It won't work.

      Defense: I didn't do it.
      Prosecution: We found the body in your apartment, hidden under your bed.
      Defense: It is true that I placed a fast-moving bullet into the air adjacent to his chest, but if there happened to be any later consequences, those were not clearly visible from the location of the trigger.
      Jury: Hang him.

      So yeah, this is no legal defense. But perhaps it wasn't meant to be one. It seems like subterfuge, countersurveillance, and plausible deniability than anything else. But that plausibility won't hold up long, because the courts will soon say "If we find a bunch of random files on your drive, the burden is on *you* to prove that they aren't naughty bits." They'd make you extract the original content from the blocks, which hopefully haven't later disappeared off the internet, and if you couldn't do it then you'd be in hot water.

  • Or at least that is what it sounds like to me from the summary.

  • by OeLeWaPpErKe ( 412765 ) on Monday June 30, 2008 @08:15AM (#23999139) Homepage

    "copyrighted data"

    to

    "encrypted copyrighted data"

    The first is merely infringement. The second is conspiracy to commit infringement, and you will have lost any chance of defending with "I didn't know it was copyrighted".

    Curiously enough things like this are exactly why "conspiracy to commit" crimes exist.

    Furthermore, unless I'm making a stupid mistake, it doesn't actually distribute the data, the key to find the data in the P2P net is the same length as the original data, in the random case, which buys you exactly ... nothing. You have to download the file twice.

    This thing does not evade copyright law, and it's inconvenient to boot. I don't think I'll be placing a second look.

    • by phoenix_nz ( 1252432 ) on Monday June 30, 2008 @08:23AM (#23999227)
      It's not encryption. What you will be downloading is several random files that when combined make up whatever you want.

      The cool thing is that the files really are random. They are simply numbers that can be combined to make a copyrighted file but don't have to be.
      In other words: (As stated on the wiki) you will infringe on copyright the second the random files are combined. But downloading and sharing the files is not a copyright infringement.
      • by Anonymous Coward on Monday June 30, 2008 @08:40AM (#23999429)

        And how do you know which files to download? You know because from somewhere you got a key that told you WHICH files you need.

        The key is where this falls down. The key is an encrypted representation of the original. Trading the key is where the infringement occurs.

        Let's take a simple examples. There are 4 files in my "brightnet"- "00", "01", "10", "11". I name these files "a","b","c","d".

        Now I have my copyrighted string I want to trade. My string is 01101101001010.

        I need to generate the key for the brightnet, which is "bcdbacc". This tells me that I need to take file b, then file c, then file d... to reproduce the original.

        Now, you can argue that downloading file a, b, c, or d in itself isn't a violation. That may be true, but it misses the point. The point is that the brightnet is useless without my key file "bcdbacc."

        My key file is, in itself, an encryption of the original copyrighted string. Trading in the KEY is the problem, even if downloading the files I'll use to decrypt it isn't.

        All this does is let us generate multiple possible encryptions of the same file. And, with large enough brightnet blocks, each one can be shorter than the original. Which is cool for file traders--if there are multiple keys that encode the same file, now all of a sudden it's harder to catch me trading files--I can send the same file to 2 people using 2 different keys, so simply watching for a specific key won't catch me trading a particular file

        At best, this makes it easier to trade copyrighted files. But thinking there's no obvious copyright violation here is just silly.

        • Re: (Score:3, Insightful)

          by merreborn ( 853723 )

          And how do you know which files to download? You know because from somewhere you got a key that told you WHICH files you need.

          The key is where this falls down. The key is an encrypted representation of the original. Trading the key is where the infringement occurs.

          That's not immediately clear. The Pirate Bay's entire purpose is distributing "keys" that point to external resources where copyrighted data can be found.

          Similarly, a HTTP URL of a copyrighted file is a "key" that instructs your browser where it c

      • Re: (Score:3, Insightful)

        by mdmkolbe ( 944892 )
        The random blocks don't infringe the copyright, but the key would likely be considered a derivative work and thus the key infringes the copyright.
        • Re: (Score:3, Informative)

          Actually the algorithm is not performing a search through truly random blocks, but rather generating new 'random"* blocks by combining old blocks with the copyrighted file.

          So the blocks AND they key are derivative works, meaning even users of this app who are just researching it become liable for copyright infringement if any of the users puts even a single copyrighted file on it.

          DESPITE not being able to read said file.

          The law does not specify what comes out, only what goes in. Copyrighted files go in -

    • by nurb432 ( 527695 ) on Monday June 30, 2008 @08:33AM (#23999343) Homepage Journal

      The second is conspiracy to commit infringement, and you will have lost any chance of defending with "I didn't know it was copyrighted"

      Unless you don't know what is stored where.

  • by Spiv ( 32991 ) on Monday June 30, 2008 @08:19AM (#23999189)
    Doesn't Tahoe [allmydata.org] already do this?
  • From the Wiki (Score:5, Interesting)

    by Lord Bitman ( 95493 ) on Monday June 30, 2008 @08:20AM (#23999197)

    "A simple analogy is seen in that every number has an infinite number of representations (3+2=5, 2*2+1=5, 10-5=5, 10/2=5, etc). Even if the number (file) in question can be copyrighted under current legislation, it is practically impossible and unreasonable to state that every other representation of that particular number is copyrighted."

    Actually, no, it's not unreasonable or impractical. In fact, that's how it actually works. Star Wars is copyrighted as a DVD, Film, mpeg, script, live performance, song, interpretive dance, etc. ..right?

    • You're quite right.

      Like it or not, copyright doesn't apply to bit-streams, but rather to particular instantiations of ideas (and derivatives thereof). No one can copyright a number. But in a particular context, a certain bit-stream can be considered protected by copyright.

      This whole "you can't copyright a number!" is a red herring. No one seriously claims that particular numbers are copyrighted. But in a certain context, a particular chunk of data (a number!) can be reasonably shown to be a copy (or derivat

  • I hope you don't plan on using that with RoadRunner, Rogers, Bell, or any other ISP with a transfer cap.
  • Summary Misleading (Score:3, Insightful)

    by Fieryphoenix ( 1161565 ) on Monday June 30, 2008 @08:27AM (#23999283)
    While individuals are not passing copyrighted files to each other, the copyright violation does occur. The URL with the instructions of how to assemble the file is actually an encoded version of the file. Downloading those instructions is just as much a copyright violation as downloading a digital version of the file, or a zipped archive from which the file can be extracted. So, "nobody shares any copyrighted files, and therefore nobody needs to hide away" is erroneous. Both the person offering the URL and the person accessing it need to hide if it's a work someone's going to exercise copyright over.

    From the main site: "It must be noted that up until the point of retrieval of content from the OFFSystem, storage and transfer of a so-called copyrighted file is completely legal. However, the act of re-assembling a file may be considered copyright infringment in some cases, and users should be aware of legislation regarding copyright law which applies to their jurisdiction before doing so."

    I think this analysis is flawed because it assumes that the instructions to construct a file are not a file, and that only when you have the end file have you copied the work. In fact, if the instructions contain all the information of a work, they are the work, in exactly the same way that any digital representation of a work is the work. "Y'onor, I didn't copy no files, look, this is just instructions to make the files" will not fly any more than "Y'onor, this isn't a music recording, it's ones and zeros."
  • by cliffski ( 65094 ) on Monday June 30, 2008 @08:29AM (#23999305) Homepage

    Look, I totally get how encryption and plausible deniabiltiy is great if you people are circulating dangerous information about government conspiracies, or organising the resistance in Burma or Zimbabwe, but lets face facts, this will be used to share torrents of Hollywood movies and top 40 albums.

    This is stupid.

    Either accept the fact that all the political posturing about free being a better business model is true, in which case, just go enjoy all the free music/software/games/movies out there, or admit its just smokescreens to justify getting Hollywood movies for free, whilst your entertainment is subsidised by everyone who paid to see that stuff, and thus allow it to be made.

    People seem to have this attitude that this kind of thing is cool because it lets you escape prosecution for copyright infringement. If copyright is such a fucked-up system, then why is it all the stuff people want to share is produced under that system? Surely all the cool movies/software/music/games is being produced under the free model right? Or could it be that the free model isn't viable, or popular with content producers, big and small...

  • [Yada yada yada]. That is why we claim that these numbers are not copyrightable.

    Doesn't matter to me. When I open up my hard drive with a hammer, I don't see any numbers anyway, so I don't see how that helps me.

    Seriously, though, if you think stopping at a particular layer of abstraction and then adding another layer of abstraction isn't what IP lawyers call a "derived work", then I don't think you understand IP well enough to make any claims at all.

  • There's a lot of misinformation floating around here (RTFA please). Here's what happens: you want to upload a file. The program makes up a bunch of random numbers - really random numbers that have nothing to do with the original file. The original file is not consulted to make the random blocks - they could be pre-generated even.

    Also generated is a URL that has the instructions on how to get the original file back from the random blocks. Anyone that shares this part is going to be guilty of copyright inf

  • Worrisome... (Score:5, Interesting)

    by zetazentra ( 1274302 ) on Monday June 30, 2008 @08:42AM (#23999439)

    http://wiki.offdev.org/Talk:Why_is_OFF_safe%3F [offdev.org] :

    Trojan detected with avg free

    Another side to the safety issue. I'm hoping this is a false positive, as I like OFF

            * avg free v7.5.516 virus base 269.17.13/1208 finds
                        o Trojan Generic9.AKLU in
                                    + offsystem.exe from OFFStystem-0.18.00-win-installer.exe from sourceforge January 3 2008

    This is worrisome...

    • Re:Worrisome... (Score:4, Informative)

      by Anonymous Coward on Monday June 30, 2008 @09:53AM (#24000665)

      "Trojan Generic..." Yeah, right. That's not a trojan sig that the antivirus recognized, it's just a heuristic that tags possible malware. Only 3 out of 32 [virustotal.com] antivirus programs complain. The message "Suspicious Self Modifying File" indicates that it's probably just because they used an uncommon packer.

      OFFsystem sez [planetpeer.de]:

      That is a false positive. We are still trying to figure out how to tell them about it.

  • If there is one copy at the start, and two copies at the end, then a copy has been made. If one does not have the right to make the copy, said right being reserved by law to the owner of the copy right, one has broke copy right law.

    This is an obvious tool for infringing on the copyrights of other. If it were not, then there would be no reason to say

    "Nobody shares any copyrighted files, and therefore nobody needs to hide away."

    They can't even hide behind "it has other uses", because of all the talk about cop

  • by vyrus128 ( 747164 ) <gwillen@nerdnet.org> on Monday June 30, 2008 @09:01AM (#23999763) Homepage
    For an excellent explanation of why this is legally stupid, see What Colour Are Your Bits? [sooke.bc.ca]
  • by kenp2002 ( 545495 ) on Monday June 30, 2008 @10:21AM (#24001253) Homepage Journal

    I love kids these days, always thinking they are clever.

    A long time ago a man wrote a book, he then made an index of all the words in the book and listed them in alphabetical order.

    He then re-copied the book as a reference to the index.

    Original: "I am the king of scotland"

    Index: AM,I,KING,OF,SCOTLAND

    Story: 2-1-3-4-5

    Now this idea is nothing more then seeding a network with the index of data then to rebuild a particular file you pass is an index reference.

    They would simply bust people for passing the index reference.

    Ironical that old book became the foundation for modern day text compression schemes that used indexes and many of the key concepts that cryptography was born from.

    Clever kids, if it was still the 1500's and you were trying to smuggle banned books under the nose of the inqusition. They just burned people with the indexes just as if they had the books themselves.

    Honestly do they really thing that people are that stupid? If I use a pencil to stab someone I am going to jail just the same if I had used a knife. If someone is smuggling something across the border, but I don't know what, I am still an accomplice to some degree.

    Plausable deniability is a great idea but the moment one of those indexes lands on you PC your gonna get dinged for whatever the index points too.

  • by CokeJunky ( 51666 ) on Monday June 30, 2008 @12:00PM (#24003103)

    IANAL, but my understanding of copyright law and law in general is that it is typically performance based.
    That means that If it is used and appears to have the purpose of distributing copyrighted material, no mathematical slight of hand in the middle changes the fact that copyrighted material is being moved. It may, however, offer some protection to the people operating the network, but anyone at the end points (providing/retrieving) is still likely to run into trouble. At the very least, it will be a costly argument to someone in court.

    If the system offered substantial benefits to non-infringing users (and was used that way) over traditional ways of transferring files, then maybe they are ok, but if it looks like a duck, walks like a duck and talks like a duck, it must be a duck.

    Long story short: Seek legal advice!

If you think nobody cares if you're alive, try missing a couple of car payments. -- Earl Wilson

Working...