SSSCA: The Security Systems Standards and Certification Act

DRM: Digital Rights Management

SAP: Secure Audio Path

 
The Problem:

The flagrant over-protection of the copyright.

The SSSCA is a bill, being drafted, that would require software and "digital devices" to include federally-mandated copy-prevention systems (DRM).

Here's a bit from the draft:

SEC. 101. PROHIBITION OF CERTAIN DEVICES
(a) IN GENERAL.--It is unlawful to manufacture, import, offer to the public, provide or otherwise traffic in any interactive digital device that does not include and utilize certified security technologies that adhere to the security systems standards adopted under section 104.

The term "interactive digital device", covers software as well as hardware. And that's what makes this very scary for Linux, and Open Source in general.
Here's why: Imagine this bill, or something like it, is made law, and a TV manufacturer comes out with a new set that complies with the law, but it has a little switch on the side to turn off the security. Then essentially, it has no security, and doesn't comply.

Linux, because it's open source, has all those "little switches" out there for anyone who wants to change them. Now, does this mean that since the internal workings of Open Source software can't be locked-down and "secured", that it would become illegal.

In my option, YES. And when people's computers start refusing to play their 40 Gigs of mp3s, or even rat them out. They're going to finally start using Linux/Open Source in large quantities, thus nullifying the security in Closed Source devices. That could lead to a new law that would definitely say, "since you can't lock-down Open Source, we'll shutdown Open Source". An extention of this thread would be to say that compilers are illegal, since they allow someone to make software that may not include DRM.

With any luck the SSSCA won't become law, but the fact that it was written at all shows that an SSSCA: "The Second Attempt", well come along one day.

A subset of this issue is the Secure Audio Path (MS ver.), which relies on Microsoft to "sign-off" on a sound driver. Using an unsigned driver would cause noise to be heard over the secured audio file. This is ment to keep someone from writing a dummy sound driver that would be fed audio data, and just save it back to disk in a non-secured format.

SAP is basically useless, if you can hear it, you can steal it. It has all ready been displayed that quality isn't number one when it comes to pirated music.

Why stop at music? Software piracy is a problem with few solutions. Here's another acronym, SPE: Secure Program Execution, it doesn't exist yet, but just imagine having to go to Microsoft before your custom made program would even run.

One thing I didn't touch on was the fact that what one man can do, another man can undo. In other words, a piece of software comes out during breakfast, by lunch it's cracked, and by dinner it's on more machines than legitimate copies.

Hopefully there'll never be a day when this can be heard: "Yes, I'm sorry. But your First Amendment Rights just expired, would you like to renew your Constitutional Use License." In a time when nobody knows the definition of "is", the word "inalienable", is about as soild as a soggy doughnut.

Informative Sites:

News from Politech: SSSCA or CBDTPA
Text of the CBDTPA(the new SSSCA)
Electronic Frontier Foundation
Copyrights and copywrongs:
  Why Thomas Jefferson Would Love Napster - Archived version
SAP article on Wired