________________________________________________________________________________ ================================================================================ Subject: FC: CyberPatrol sues coders who revealed flaws in its software From: Declan McCullagh Date: Wed, 15 Mar 2000 22:07:03 -0500 ================================================================================ ******** Background: http://www.politechbot.com/cgi-bin/politech.cgi?name=cyberpatrol If you want to download the software before the injunction hits: http://hem.passagen.se/eddy1/reveng/cp4/cp4break.html If anyone sets up a mirror site, please let me know. -Declan ******** >Date: Wed, 15 Mar 2000 21:11:27 -0500 >From: Ted Bridis >Subject: Cyber Patrol lawsuit >To: declan@well.com > >Declan, > >Didn't know if you saw this yet. > >http://www.sjmercury.com/svtech/news/breaking/ap/docs/321750l.htm > >Software Co. sues hackers > >BY TED BRIDIS >AP Technology Writer > >WASHINGTON (AP) -- A company that makes popular software to block children >from pornographic Internet sites filed an unusual lawsuit late Wednesday >against two computer experts who developed a method for kids to deduce their >parents' password and access those Web sites. > >Microsystems Software Inc. of Framingham, Mass., which sells the widely used >Cyber Patrol, asked U.S. District Judge Edward F. Harrington for a temporary >restraining order requiring Eddy L. O. Jansson and Matthew Skala to stop >distributing their ``cphack'' program immediately. > >Skala, a Canadian graduate student in computer science, and Jansson, >believed to be living in Sweden, published over the weekend on the Internet >and in e-mail details about how to circumvent the filter technology in Cyber >Patrol, which sells for about $30 and is widely used in many of the nation's >elementary schools and libraries. > >They also offered a small ``cphack'' utility for ``people oppressed by Cyber >Patrol'' that, when run on a parent's computer, reveals the password that >blocks questionable Web sites -- and also discloses the product's entire >list of more than 100,000 Internet sites deemed unsuitable for children. > >``I oppose the use of Internet filtering software on philosophical >grounds,'' Skala said in a telephone interview with The Associated Press. >``The issue here was to see what does Cyber Patrol actually block. Parents >have a right to know what they're getting and without our work they wouldn't >know.'' > >In its legal filings, Microsystems said it suffered ``irreparable harm'' >from the publication of the bypassing software, which it said sought to >destroy the market for its product by rendering it ineffective. > >``The practical effect is that ... children may bypass their parents efforts >to screen out inappropriate materials on the Internet,'' the lawsuit said. > >Skala, a cryptography buff who attends the University of Victoria in British >Columbia, said he spent about six weeks analyzing Cyber Patrol with >Jansson's help via e-mail from Sweden. > >``One could well question how much force of law (the legal filings) have in >Sweden or in Canada,'' Skala said. > >In an unusual legal strategy, Microsystems alleged that Skala and Jansson >violated U.S. copyright law when they reverse-engineered Cyber Patrol to >analyze it, which the company said is expressly prohibited in its license >agreements. > >Skala, who learned about the legal filings in Massachusetts from the AP, >said he planned to speak with a lawyer but suggested that his work may be >protected under a ``fair use'' clause of copyright law. > >Microsystems also asked the judge to order the Swedish Internet company >where the bypass utility is published to turn over records identifying >everyone who visited the Web site or downloaded the program. > >The company's lawyer, Irwin Schwartz, said damage to its product is ``at >least at a minimum'' now because relatively few people were believed to have >downloaded the bypass software. > >------ > >On the Net: http://www.cyberpatrol.com -------------------------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------- ================================================================================ Subject: FC: CyberPatrol decryption utility mirrored in response to lawsuit From: Declan McCullagh Date: Thu, 16 Mar 2000 09:46:46 -0500 ================================================================================ It should be obvious to anyone who has half a clue about the Internet what happens when a company or government tries to stomp out something it doesn't like. The offending bytes appear in every corner of the globe. It happened in the case of DeCSS (http://www.politechbot.com/cgi-bin/politech.cgi?name=mirror), and it's happening now with the CyberPatrol decryption utility. So far the verboten-ware is at: http://bur-jud-118-039.rh.uchicago.edu/ ftp://blackstar.myip.org/pub/mirrored/ http://www.shub-internet.org/cp4/cp4break.html http://www.wwcn.org/~grit/free/ http://www.reed.edu/~turnerd/cyberpatrol.tar.gz http://www.mit.edu/~ocschwar/ http://members.optusnet.com.au/~kris_j/rio.html ftp://128.148.190.238 http://cr939566-a.bloor1.on.wave.home.com:2600/FusionReactor.html#mattel http://www.openpgp.net/censorship/index.html Slashdot.org thread: http://slashdot.org/article.pl?sid=00/03/16/0022227&mode=thread Background: http://www.politechbot.com/cgi-bin/politech.cgi?name=cyberpatrol -Declan >Date: Thu, 16 Mar 2000 00:51:45 -0500 (EST) >From: Dave Gowan >Reply-To: Dave Gowan >To: Declan McCullagh >Subject: RE: CyberPatrol sues coders who revealed flaws in its software > > >On Wed, 15 Mar 2000, Declan McCullagh wrote: > > > >They also offered a small ``cphack'' utility for ``people oppressed by > Cyber > > >Patrol'' that, when run on a parent's computer, reveals the password that > > >blocks questionable Web sites -- and also discloses the product's entire > > >list of more than 100,000 Internet sites deemed unsuitable for children. > >DeClan: > Let me see if I understand this... the company made an >inferior blocking product, not hacker-proof, and they sell it for >$30, and now that someone has exposed it as a deficient product, >they want the courts to guarantee they still get to make the same >large profit despite the defects in the product? > > I like the phrase above, "...discloses the >product's entire list of more than 100,000 internet sites deemed >unsuitable for children." Maybe now we should get the cphack >utility, extract the 100,000 sites, and publish the list at >several sites, so everyone can see if they've been blocked when >they shouldn't have, and if they have lost any income as a >consequence. The newspapers would probably like to the see the >list, too, to see if it is fair. Send the list to the Wall >Street Journal and to Jessie Berst (Berst's AnchorDesk) at ZDNet. > > I wrote articles in three newspapers on this issue of >mandatory software blocking, saying that blocking should be up >to parents and not government and not any third parties; I'd >like to see this one exposed if possible. > >Dave Gowan >Tallahassee *********** >From: gep2@terabites.com >Date: Wed, 15 Mar 2000 23:41:00 -0600 >To: declan@well.com > >The CyberPatrol people (and their attorneys) are idiots. > >I know of NO better way to ENSURE that the site will be mirrored around the >world, and that tens of thousands of offline copies of it will be created. > >If they're hoping to help their cause, this is the WRONG way for >CyberPatrol to >do that. The Net doesn't take kindly to this kind of legal bullying! > >Gordon Peterson >http://web2.airmail.net/gep2/ >Support the Anti-SPAM Amendment! Join at http://www.cauce.org/ >12/19/98: the day the Conservatives demonstrated their scorn for their > fraudulent sham of representative government. Voters, remember it! *********** >Date: Thu, 16 Mar 2000 01:13:42 -0600 (CST) >From: sam th >To: Declan McCullagh >Subject: Re: [dvd-discuss] CyberPatrol sues programmers who published info > on encryption > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >I have a mirror on my website. >However, since this hit slashdot, enough mirroring has gone on already >that the genie is out of the bottle, so to speak. > > > sam th > sytobinh@uchicago.edu > http://bur-jud-118-039.rh.uchicago.edu > >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.0.1 (GNU/Linux) >Comment: For info see http://www.gnupg.org > >iD8DBQE40Imot+kM0Mq9M/wRAvyMAJ9291qKE+xhFi/GuXijmDWwANvlRACgolCt >oEvhWJpaXDvaZ5UU2l4agos= >=0LHg >-----END PGP SIGNATURE----- *********** >From: "William H. Geiger III" >Date: Thu, 16 Mar 2000 02:03:22 -0600 >To: Declan McCullagh >Subject: Re: FC: CyberPatrol sues coders who revealed flaws in its >software, from AP >X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v2.06 c06 > >In <4.3.0.20000315220653.02666f00@mail.well.com>, on 03/15/00 > at 09:07 PM, Declan McCullagh said: > > >Background: > > http://www.politechbot.com/cgi-bin/politech.cgi?name=cyberpatrol > > >If you want to download the software before the injunction hits: > > http://hem.passagen.se/eddy1/reveng/cp4/cp4break.html > > >If anyone sets up a mirror site, please let me know. > >Hi Declan, > >You should have known I couldn't resist. :) > >http://www.openpgp.net/censorship/cp4break/index.html > >You might want to make reference to > >http://www.openpgp.net/censorship/index.html > >As I will have links to the above mirror and additional sites that I am >mirroring. *********** >Date: Thu, 16 Mar 2000 05:34:09 -0500 >From: "Peter D. Junger" >Subject: Re: CyberPatrol (censorware) sues reverse-engineers > >I have downloaded all the files at >, but am not >sure that I got all the hot stuff, since at least one file was >missing. > >It turns out to be a wonderful tutorial on decryption, modular artithmetic, >8086 assembly language, etc. > >I don't know yet whether I dare mirror it. It's got crypto in it, >but under the new regulations I guess I can do it. > >I suspect that the big risk is the DMCA. It does make a wonderful >example of how to circumvent weak encryption. But I am not sure >that the circumvention has anything to do with copyrighted materials. > >I'm off now, but will look at it more closely later. > >But, anyway, I wanted to point out that this is seriously useful >educational stuff; it's not just a cute hack, although I am sure >that it is that too. The programmers explain how they went about >opening up the filter program, using intuition, a disassembler, >and a lot of skill and knowledge. > > >-- >Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH > EMAIL: junger@samsara.law.cwru.edu URL: http://samsara.law.cwru.edu > NOTE: junger@pdj2-ra.f-remote.cwru.edu no longer exists *********** -------------------------------------------------------------------------- POLITECH -- the moderated mailing list of politics and technology To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------- ________________________________________________________________________________ no copyright 2000 rolux.org - no commercial use without permission. is a moderated mailing list for the advancement of minor criticism. more information: mail to: majordomo@rolux.org, subject line: , message body: info. further questions: mail to: rolux-owner@rolux.org. archive: http://www.rolux.org