DeCSS - AbsoluteAstronomy.com

Computer program

A computer program is a sequence of instructions written to perform a specified task with a computer. A computer requires programs to function, typically executing the program's instructions in a central processor. The program has an executable form that the computer can use directly to execute...

capable of decrypting content on a commercially produced DVD

DVD

A DVD is an optical disc storage media format, invented and developed by Philips, Sony, Toshiba, and Panasonic in 1995. DVDs offer higher storage capacity than Compact Discs while having the same dimensions....

video disc. Before the release of DeCSS, there was no way for computers running a Linux

Linux

Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

-based operating system to play video DVDs.

DeCSS was developed without a license from the DVD CCA, the organization responsible for DVD copy protection

Copy protection

Copy protection, also known as content protection, copy obstruction, copy prevention and copy restriction, refer to techniques used for preventing the reproduction of software, films, music, and other media, usually for copyright reasons.- Terminology :Media corporations have always used the term...

— namely, the Content-Scrambling System

Content Scramble System

Content Scramble System is a Digital Rights Management and encryption system employed on almost all commercially produced DVD-Video discs. CSS utilizes a proprietary 40-bit stream cipher algorithm...

(CSS) used by commercial DVD publishers. The release of DeCSS resulted in a Norway criminal trial and subsequent acquittal

Acquittal

In the common law tradition, an acquittal formally certifies the accused is free from the charge of an offense, as far as the criminal law is concerned. This is so even where the prosecution is abandoned nolle prosequi...

of one of the authors of DeCSS. The DVD CCA launched numerous lawsuits in the United States in an effort to stop the distribution of the software.

Origins and history

DeCSS was devised by three people, two of whom remain anonymous. It was released on the Internet

Internet

The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...

mailing list LiViD

LiViD

LiViD, short for Linux Video and DVD, was a collection of projects that aim to create program tools and software libraries related to DVD for Linux operating system.The projects included:* OMS* GATOS* mpeg2dec* ac3dec...

in October 1999. The one known author of the trio is Norwegian

Norway

Norway , officially the Kingdom of Norway, is a Nordic unitary constitutional monarchy whose territory comprises the western portion of the Scandinavian Peninsula, Jan Mayen, and the Arctic archipelago of Svalbard and Bouvet Island. Norway has a total area of and a population of about 4.9 million...

programmer Jon Lech Johansen

Jon Lech Johansen

Jon Lech Johansen , also known as DVD Jon, is a Norwegian programmer famous for his work on reverse engineering data formats....

, whose home was raided in 2000 by Norwegian police. Still a teenager at the time, he was put on trial in a Norwegian court for violating Norwegian Criminal Code section 145, and faced a possible jail sentence of two years and large fines, but was acquitted of all charges in early 2003. However, on March 5, 2003, a Norwegian appeals court ruled that Johansen would have to be retried. The court said that arguments filed by the prosecutor and additional evidence merited another trial. On December 22, 2003, the appeals court agreed with the acquittal, and on January 5, 2004, Norway's Økokrim

Økokrim

The National Authority for Investigation and Prosecution of Economic and Environmental Crime is Norway's central unit for fighting economic and environmental crimes. The unit, created in 1989, has its main office in Oslo....

(Economic Crime Unit) decided not to pursue the case further.

The program was first released on October 6, 1999 when Johansen posted an announcement of DeCSS 1.1b, a closed source Windows

Microsoft Windows

Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...

-only application for DVD ripping

Ripping

Ripping is the process of copying audio or video content to a hard disk, typically from removable media. The word is used to refer to all forms of media. Despite the name, neither the media nor the data is damaged after extraction....

, on the livid-dev mailing list. The source code

Source code

In computer science, source code is text written using the format and syntax of the programming language that it is being written in. Such a language is specially designed to facilitate the work of computer programmers, who specify the actions to be performed by a computer mostly by writing source...

was leaked before the end of the month. The first release of DeCSS was preceded by a few weeks by a program called DoD DVD Speed Ripper from a group called Drink or Die, which didn't include source code and which apparently did not work with all DVDs. Drink or Die reportedly disassembled

Disassembler

A disassembler is a computer program that translates machine language into assembly language—the inverse operation to that of an assembler. A disassembler differs from a decompiler, which targets a high-level language rather than an assembly language...

the object code

Object code

Object code, or sometimes object module, is what a computer compiler produces. In a general sense object code is a sequence of statements in a computer language, usually a machine code language....

of the Xing

Xing Technology

Xing Technology was a live audio broadcast software company founded in Arroyo Grande, California in 1989 by former networking executive Howard Gordon.-History:Gordon founded Xing on the basis of a simple JPEG decoding library that he had developed...

DVD player to obtain a player key. The group that wrote DeCSS, including Johansen, came to call themselves Masters of Reverse Engineering and may have obtained information from Drink or Die.

The CSS decryption source code used in DeCSS was mailed to Derek Fawcus before DeCSS was released. When the DeCSS source code was leaked, Fawcus noticed that DeCSS included his css-auth code in violation of the GNU GPL

GNU General Public License

The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....

. When Johansen was made aware of this, he contacted Fawcus to solve the issue and was granted a license to use the code in DeCSS under non-GPL terms.

On January 22, 2004, the DVD CCA

DVD Copy Control Association

The DVD Copy Control Association is an organization primarily responsible for the copy protection of Blu-ray Discs and DVDs. The Content Scramble System was devised for this purpose to make copyright infringement difficult, but also presents obstacles to some legitimate uses of the media...

dropped the case against Jon Johansen.

Jon Lech Johansen's involvement

The DeCSS program was a collaborative project, in which Jon wrote the Graphical User Interface

Graphical user interface

In computing, a graphical user interface is a type of user interface that allows users to interact with electronic devices with images rather than text commands. GUIs can be used in computers, hand-held devices such as MP3 players, portable media players or gaming devices, household appliances and...

. The transcripts from the Borgarting Court of Appeal

Borgarting Court of Appeal

Borgarting Court of Appeal is the court of appeal located in Oslo, Norway. It serves the counties of Oslo, Buskerud, Østfold and southern Akershus. The court has 62 judges and 45 administrative staff...

, published in the Norwegian newspaper VG

Verdens Gang

Verdens Gang , generally known under the abbreviation VG, is a Norwegian tabloid newspaper...

, contain the following description of the process which led to the release of DeCSS:

Through Internet Relay Chat (henceforth IRC), [Jon Lech Johansen] made contact with like-minded [people seeking to develop a DVD-player under the Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

operating system]. 11 September 1999, he had a conversation with "mdx" about how the encryption algorithm in CSS could be found, by using a poorly secured software-based DVD-player. In a conversation [between Jon Lech Johansen and "mdx"] 22 September, "mdx" informs that "the nomad" had found the code for CSS decryption, and that "mdx" now would send this [code] to Jon Lech Johansen. "The nomad" allegedly found this decryption algorithm through so-called reverse engineering
Reverse engineering
Reverse engineering is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function, and operation...

of a Xing DVD-player, where the [decryption] keys were more or less openly accessible. Through this, information that made it possible [for "mdx"] to create the code CSS_scramble.cpp was retrieved. From chat logs dated 4 November 1999 and 25 November 1999, it appears that "the nomad" carried through the reverse engineering process on a Xing player, which he characterized as illegal. As the case is presented for the High Court, this was not known by Jon Lech Johansen before 4 November [1999].

Regarding the authentication code, the High Court takes for its basis that "the nomad" obtained this code through the electronic mailing list LiVid (Linux Video) on the internet, and that it was created by Derek Fawcus. It appears through a LiVid posting dated 6 October 1999 that Derek Fawcus on this date read through the DeCSS source code and compared it with his own. Further, it appears that "the creators [of DeCSS] have taken [Derek Fawcus' code] almost verbatim - the only alteration was the removal of [Derek Fawcus'] copyright header and a paragraph containing commentaries, and a change of the function names." The name [of the code] was CSS_auth.cpp.

The High Court takes for its basis that the program Jon Lech Johansen later programmed, the graphical user interface, consisted of "the nomad's" decryption algorithm and Derek Fawcus' authentication package. The creation of a graphical user interface made the program accessible, also for users without special knowledge in programming. The program was published on the internet for the first time 6 October 1999, after Jon Lech Johansen had tested it on the movie "The Matrix." In this, he downloaded approximately 2.5%. 200 megabytes, of the movie to the hard drive on his computer. This file is the only film fragment Jon Lech Johansen has saved on his computer.

Technology and derived works

When the release of the DeCSS source code made the CSS algorithm available for public scrutiny, it was soon found to be susceptible to a brute force attack

Brute force attack

In cryptography, a brute-force attack, or exhaustive key search, is a strategy that can, in theory, be used against any encrypted data. Such an attack might be utilized when it is not possible to take advantage of other weaknesses in an encryption system that would make the task easier...

quite different from DeCSS. The encryption is only 40-bit, and does not use all keys; a high-end home computer in 1999 running optimized code could brute-force

Brute force attack

it within 24 hours, and modern computers can now brute-force it in a few seconds or less.

Programmers around the world created hundreds of programs equivalent to DeCSS, some merely to demonstrate the trivial ease with which the system could be bypassed, and others to add DVD support to open source

Open source

The term open source describes practices in production and development that promote access to the end product's source materials. Some consider open source a philosophy, others consider it a pragmatic methodology...

movie players. The licensing restrictions on CSS make it impossible to create an open source implementation through official channels, and closed source drivers are unavailable for some operating systems, so some users need DeCSS to watch movies.

In early 2000, a program with the same name but a very different purpose (removing Cascading Style Sheets

Cascading Style Sheets

Cascading Style Sheets is a style sheet language used to describe the presentation semantics of a document written in a markup language...

tags from HTML code) was also developed. People were encouraged to mirror the website of this unrelated program, as a means of presumably making it more difficult for anti-DeCSS agents to find the "real" DeCSS program.

Legal response

The chief complaint against DeCSS (and similar programs) is that once the unencrypted source video is available in digital form, it can be copied without degradation, so DeCSS can be used for copyright infringement. Furthermore, various DVD backup utilities that made use of "licensed" CSS decoding routines were also widely available.

In protest against legislation that prohibits publication of copy protection circumvention code in countries that implement the WIPO Copyright Treaty (such as the United States

United States

The United States of America is a federal constitutional republic comprising fifty states and a federal district...

' Digital Millennium Copyright Act

Digital Millennium Copyright Act

The Digital Millennium Copyright Act is a United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization . It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to...

), some have devised clever ways of distributing descriptions of the DeCSS algorithm, such as through steganography

Steganography

Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity...

, through various Internet protocols, on t-shirts and in dramatic readings, as MIDI files, as a series of haiku

Haiku

' , plural haiku, is a very short form of Japanese poetry typically characterised by three qualities:* The essence of haiku is "cutting"...

poems, and even as a so-called illegal prime number

Illegal prime

An illegal prime is a prime number that represents information that it is forbidden to possess or distribute. One of the first illegal primes was discovered in 2001. When interpreted in a particular way, it describes a computer program that bypasses the digital rights management scheme used on DVDs...

. However, the CSS algorithm seems to require more characters to describe in a computer programming language than the RC4

RC4

In cryptography, RC4 is the most widely used software stream cipher and is used in popular protocols such as Secure Sockets Layer and WEP...

algorithm by RSA Data Security; one of the shortest implementations of DeCSS (called "efdtt") is 434 bytes. Because of this, it has not been distributed by some of the more "inventive" methods used to distribute the RSA algorithm during the days of ITAR

International Traffic in Arms Regulations

International Traffic in Arms Regulations is a set of United States government regulations that control the export and import of defense-related articles and services on the United States Munitions List...

— it is not suitable for tattoos, email signatures

Signature block

A signature block is a block of text automatically appended at the bottom of an e-mail message, Usenet article, or forum post. This has the effect of "signing off" the message and in a reply message of indicating that no more response follows...

, etc.

The first legal threats against sites hosting DeCSS, and the beginning of the DeCSS mirroring campaign, began in early November 1999 (Universal v. Reimerdes

Universal v. Reimerdes

Universal City Studios, Inc. v. Reimerdes was the first test of the Digital Millennium Copyright Act , a United States federal law.The plaintiffs, 8 movie studios, successfully sought an injunction against the distribution of DeCSS, a program capable of decrypting content protected using the...

). The preliminary injunction in DVD Copy Control Association, Inc. v. Bunner

DVD Copy Control Association, Inc. v. Bunner

DVD Copy Control Association, Inc. v. Bunner, was a lawsuit that was filed by the DVD Copy Control Association in California, accusing Andrew Bunner and several others of misappropriation of trade secrets under California's implementation of the Uniform Trade Secrets Act...

followed soon after, in January 2000. As a response to these threats a program also called DeCSS but with an unrelated function was developed. This program can be used for stripping Cascading Style Sheets

Cascading Style Sheets

Cascading Style Sheets is a style sheet language used to describe the presentation semantics of a document written in a markup language...

tags from an HTML

HTML

HyperText Markup Language is the predominant markup language for web pages. HTML elements are the basic building-blocks of webpages....

page. In one case, a school removed a student's webpage that included a copy of this program, mistaking it for the original DeCSS program, and received a great deal of negative media attention. The CSS stripping program had been specifically created to bait the MPAA in this manner.

, DeCSS and several clones (which have not been specifically brought to court) can be readily obtained over the Internet

Internet

The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...

External links

Gallery of CSS Descramblers (David S. Touretzky
David S. Touretzky
David S. Touretzky is a research professor in the Computer Science Department and the Center for the Neural Basis of Cognition at Carnegie Mellon University. He received a BA in Computer Science at Rutgers University in 1978, and earned a Master's degree and a Ph.D. in Computer Science at Carnegie...

)
DeCSS Central - Information about DVD, CSS, DeCSS, LiVid, the DVD CCA and MPAA and the various lawsuits surrounding DeCSS.
EFF archive of information on the Bunner and Pavlovich DVD-CAA lawsuits
2600 News: DVD Industry Takes 2600 to Court
Aftenposten: Prosecutors let DVD-Jon's victory stand
The Openlaw DVD/DeCSS Forum Frequently Asked Questions (FAQ) List
DeCSS Haiku - How to decrypt a DVD - in Haiku form - by Seth Schoen
The history of the DeCSS Haiku, by Seth Schoen
42 ways to distribute DeCSS
DeCSS Explained - A technical overview of the CSS decryption algorithm.
DeCSS.c, The DeCSS source code
The Truth about DVD CSS cracking by MoRE and {dEZZY/DoD}

The source of this article is wikipedia, the free encyclopedia. The text of this article is licensed under the GFDL.

Origins and history

Jon Lech Johansen's involvement

Technology and derived works

Legal response

See also

Further reading

External links