Jump to content

Talk:High-bandwidth Digital Content Protection/Archive 2010

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia
< Talk:High-bandwidth Digital Content Protection
This is an old revision of this page, as edited by MiszaBot I (talk | contribs) at 06:32, 10 November 2010 (Archiving 1 thread(s) from Talk:High-bandwidth Digital Content Protection.). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The Master Key

I have removed the full "text" of the alleged master key, as I strongly feel that it does not belong in this article. I think it is sufficient to either link to an external copy of the master key hexadecimal values or to link to a news story which references it. Including the full text of the key does not conform to Wikipedia style standards and is a distraction to the rest of the article.  Amit  ►  13:20, 14 September 2010 (UTC)

User:TerrorBite added italicized text to the article urging editors not to post the full text of the key. Although I agree with the idea of including that warning, it is certainly against Wikipedia style to have a message directed to the reader within the context of the article. We don't, for example, urge users not to vandalize pages with high rates of vandalism (e.g. "Please don't add jokes about George W. Bush to this biographical article"). Wikipedians should be free to edit this article as they see fit, and others of us should police and revert changes that are either obvious vandalism or go against consensus reached on this talk page. Thoughts?  Amit  ►  13:31, 14 September 2010 (UTC)
I agree it is bad style, but it is for the best until such time as an admin can semi-protect the article. The warning can probably be removed in a day or two after all the hype has died away. Feel free to remove the warning if you feel it is bad style. Note that I included a more visible warning at the top of the page as well. --TerrorBite (talk) 13:38, 14 September 2010 (UTC)
User:77.103.114.41 has just moved my warning messages into the page source as comments, which is a much more elegant solution that obviously only page editors will see. I don't know why I didn't think of this myself. I've also put in a request for semi-protection of the article. --TerrorBite (talk) 13:55, 14 September 2010 (UTC)
Yea, this will suffice for now. If it means anything, I vote YES for semi-protection.  Amit  ►  14:05, 14 September 2010 (UTC)

I've protected the page for three days. It's a bit early perhaps, but it's been added once. I've got concerns about whether publishing the key is breaking someone's copyright or other legally things. If the consensus builds to publish here, then please take it to the copyright noticeboard or possibly ANI to get wider eyes on this, as I don't want to unnecessarily put us at risk. GedUK  14:55, 14 September 2010 (UTC)

By way of precedent, consider AACS encryption key controversy, wherein much the same scenario happened: alleged secret DRM crypto key posted in various places, removed, much activism, posted at various Wikipedia articles, removed, protection, debate, readdition, more debate. It seems to have settled on being in the article, the horse having bolted and been flogged to death. To my mind, WP:RS always applies, and whatever the rights and wrongs it can't be in a Wikipedia article until the key itself (not just mention of it) is in a reliable source. Wikipedia:Keyspam is also relevant. Incidentally, asking Mike and the Foundation for an opinion might not get as committal a response as one might hope. The safe harbor elements of OSCILLA/DMCA protect the Foundation only so long as it acts as a "mere conduit"; if it starts practicing editorial control (yay or nay), it risks weakening that protection. -- Finlay McWalterTalk 17:48, 14 September 2010 (UTC)

IMHO, the actual key is very likely copyvio while the fact the it may have been purloined, as referenced by the Engadget article, does belong in the article. In fact, a brief mention in the lead is probably warranted. Ronnotel (talk) 12:33, 15 September 2010 (UTC)

Well, that was my thinking too; it's their key and we can't really rewrite it, so it would seem an obvious copyvio, for now at least. GedUK  14:35, 15 September 2010 (UTC)
Glad someone agrees with me. I deleted the offending revisions and indefed the ip. Ronnotel (talk) 14:47, 15 September 2010 (UTC)
WP:IPBLENGTH. -- Finlay McWalterTalk 14:55, 15 September 2010 (UTC)
Indef is not necessary... the IP in question only has those two edits to this article. I think a stern warning would certainly be warranted before applying this kind of ban, especially since the Anonymous IP did not attempt to re-add the offending text while all the discussion was going on. Finlay McWalter's link should set the precedent, and the indef block should be removed as soon as is convenient. In addition, Wikipedia's official policy on dealing with copyvio states rather plainly, "Contributors who repeatedly post copyrighted material despite appropriate warning may be blocked from editing by any administrator to prevent further problems." The IP did not make "repeated" attempts to post copyrighted material, and there was no warning given to the anonymous user before the block action was taken.  Amit  ►  16:42, 15 September 2010 (UTC)
IP is a vandalism-only account and engaged in gross copyright violation. Any reconsideration should go through the normal channels via an unblock request from the IP accompanied by a clear explanation of what the user was trying to accomplish and whether he/she was likely to re-offend. For now, I've dialed it back to 1 week. Ronnotel (talk) 17:02, 15 September 2010 (UTC)
While I still disagree with your particular reading of Wikipedia policy on this matter, I'm glad you amended the block length to 1 week rather than indefinite. Thank you  Amit  ►  17:34, 15 September 2010 (UTC)

Apparently CNET has fewer copyright trolls than Wikipedia, and links straight to the key in their article [1], and so does PC Magazine [2]. —Preceding unsigned comment added by 85.204.164.26 (talk) 03:47, 18 September 2010 (UTC)

And so does Tom's Hardware [3] Haseo9999 (talk) 19:30, 18 September 2010 (UTC)

Per WP:ELNEVER, I have been removing any link to a published version of the master key. This operates on the theory that the master key is the copyrighted property of DCP, LLC. The API and all the accompanying documentation are released under license and would of course be protected by copyright. The only thorny question is whether a non-public part of the API, such as a hex version of the master key, would also be covered. If someone can show a clear cut reason why the hex version belongs in the public domain then I'd be happy to relent. However, WP tends to err on the side of caution w.r.t. copyright violation. Are there any experts who can help out here? Ronnotel (talk) 20:33, 20 September 2010 (UTC)

Further, after checking at WP:Copyright problems, I found this text:

Copyright is automatically assumed as soon as any content (text or other media) is created in a physical form. An author does not need to apply for or even claim copyright for a copyright to exist. Only an explicit statement (by the author or the holder of the rights to the work) that the material is either:

  • in the public domain,
  • licensed with the Creative Commons Attribution-Sharealike 3.0 Unported License (CC-BY-SA), or
  • otherwise compatible with CC-BY-SA,

allows works to be reused in Wikimedia projects under current policy, unless it is inherently in the public domain due to age or source.

Since the hex key exists in physical (i.e. tangible) form, it seems pretty clear that WP considers it covered by copyright according to this definition. Ronnotel (talk) 21:34, 20 September 2010 (UTC)
In order for something to be protectable under copyright it needs to contain an element of originality or creativity (see for example Bridgeman Art Library v. Corel Corp.). A cryptographic key generated by a random number generated does not contain any creativity (I'm not aware of any case law that claims otherwise). Furthermore, we were linking to the key to provide provenance, which would likely be a fair use even if the material was copyrighted. —Ruud 00:20, 21 September 2010 (UTC)
And as a side-note, Intel referred to the key as "a" master key and not "the" master key, which might imply master keys are not unique and this particular key is not the master key Intel generated. —Ruud 00:20, 21 September 2010 (UTC)
Thanks for the citation and I agree that were we in US District Court, the issue of copyright applicability in this situation would carry weight. However, wouldn't you agree that the WP policy I cited above seems to use a broader standard? WP copyright policy is pretty carefully measured by the WMF board. I'd be reluctant to go around it without more guidance. The fair use argument seems somewhat tenuous. We have Intel's admission that it's genuine so do we really need to establish provenance? On the issue of the potential for multiple keys - I think you are suggesting that the key may belong to someone else and therefore not be covered by Intel's IP rights? Is there any evidence that any other party has IP rights to HDCP? I thought it was solely owned by Intel via it's DCP subsidiary. Ronnotel (talk) 01:47, 21 September 2010 (UTC)
From a normative point of view I would argue that, because the AACS keys are listed in the respective article, the community policy seems to be that reproducing (and by extension linking to) a cryptographic key is acceptable. The Foundation explicitly does not involve itself with any such policy, because that will mean losing their safe harbour protection. (This also means there is very little legal risk in reproducing or linking to the key. Intel will first have to sent a DMCA takedown notice to the Foundation, at which point a Foundation employee will remove the key or link from the article.)
My point regarding the possible non-uniqueness of the master key is that if it is not exactly the key Intel generated, but a different master key generated from device keys as described by Crosby, it is impossible for them to make a copyright claim. As far as I'm aware they have not done so and if they ever take legal action it will therefore be done under the DMCA anti-circumvention clauses and not under copyright law.
In this regard it may also be interesting to point out Digital Millennium Copyright Act#Linking to infringing content. —Ruud 02:10, 21 September 2010 (UTC)
In order to support a link, I think we need to somehow get around the statement Copyright is automatically assumed as soon as any content (text or other media) is created in a physical form from my above citation. I don't see any exceptions that would apply here. Ronnotel (talk) 12:24, 21 September 2010 (UTC)
Thi definition is erring on the safe side and I have offered some arguments against the key being protected by copyright. Also see http://www.eff.org/deeplinks/2007/05/09-f9-legal-primer, in particular "Is the key copyrightable?". —Ruud 13:31, 21 September 2010 (UTC)
Policy is policy. If the policy is wrong it can be changed. And of course there's always WP:IAR (which carries with it inherent risks as well). If the policy needs to be enhanced then we should start there but I should warn you the WMF gets very interested whenever the copyright policy pages are changed. In order to change policy or circumvent it in this instance you need to get WP:CONSENSUS, which hasn't happened yet. Ronnotel (talk) 13:54, 21 September 2010 (UTC)
I get the feeling you're misinterpreting the implications of Copyright is automatically assumed as soon as any content (text or other media) is created in a physical form. CNN articles are copyrighted as soon as they are published, but that doesn't mean we can't cite them or link to them.
I think a link to the original pastebin is very appropriate, and a respectable number of other users seem to agree. Does anyone other than Ronnotel oppose such a link?
I'm sure Ronnotel has the best intentions, but the removing seems a bit mis-placed. At the very least, I believe it would be better to err on the side of leaving a link up and avoiding potential edit wars, unless consensus dictates otherwise. ~ Josh "Duff Man" (talk) 06:16, 23 September 2010 (UTC)
While I don't agree with Ronnotel's position that the published key on pastebin constitutes a copyright violation, your counter-argument isn't valid either. There is a big difference between linking to copyrighted material published by the copyright holder and linking to material violating someone else's copyright. —Ruud 18:00, 23 September 2010 (UTC)

If linking to the pastebin key were illegal in the US, I'm sure PC Magazine, CNET, and even Tom's Hardware's articles wouldn't link to it. But they do link to it, rather prominently. See the links to their articles right above this section. Tijfo098 (talk) 07:49, 23 September 2010 (UTC)

@Duff - Please read WP:ELNEVER - we link to CNN articles because they are not in violation of copyright. However, I'm asserting - and no-one has offered any convincing evidence to the contrary, that posting the text of the hex key is in violation of copyright and therefore subject to WP:ELNEVER. Perhaps this should be posted on one of the copyright violation boards and get some more expert opinion. Ronnotel (talk) 23:12, 24 September 2010 (UTC)
"ELNEVER" says "The subject of this guideline is external links that are not citations to sources supporting article content." The link you removed was a citation. You don't seem to read your own rules. Tijfo098 (talk) 21:38, 25 September 2010 (UTC)
Retrieved from "https://en.wikipedia.org/w/index.php?title=Talk:High-bandwidth_Digital_Content_Protection/Archive_2010&oldid=395892816"