I wrote this for a class last week, before Steve Jobs made his comments. I should have posted it then, as it appears my predictions are right on target.

From the cold winds blowing down K Street, to the rains of the Pacific Northwest, one thing is becoming clear. The perfect storm the nay-sayers have long said was coming may be looming on the horizon. For those sailing the waters of digital music distribution, the visibility remains low. Undoubtedly, at least a few ships will sink before the clouds dissipate.

The 110th Congress has potential to hold a few watershed moments for the industry. The two big issues being ridden hard down K Street by industry groups such as the RIAA and CEA include changes to Section 115 of the Copyright Act, and the return of the push for the Broadcast Flag. The problems resulting from the technological change of the past decade have long passed the point where lasting solutions could be reached solely through court litigation. It’s become clear to all parties, that this is not simply a copyright enforcement problem, as much as it is architecting a paradigm shift within the industry. The first steps into legislating digital distribution were very cautious, and the time has come to tweak the law so it enables more players to get into the game, while still protecting the interests of the majors. It’s a very hard balance to strike.

Section 115 covers statutory licensing, which badly needs an upgrade to the digital age. If the statutory licensing regime is changed to cover digital downloads in the form of blanket licenses, a large number of players will jump into the scene. Many are poised and ready, and have their people on K Street too. Amazon is the perfect example. They have backed out of launching a music downloading service at the last minute several times now.

The Broadcast Flag has until recently been an issue associated with HDTV. The goal of the Broadcast Flag is to give content providers the technical means to stop consumers from time-shifting or making recordings of certain content with PRV/DVR devices like the Tivo, by making any devices that don’t obey the technical standard illegal. There has been no shortage of controversy over this, which has managed to tank all efforts so far to get a bill passed. The arrival of the next generation of XM and Sirius players has made this a music industry issue. Pioneer and Samsung now both make iPod like players that can record blocks of satellite programming and allow users to save individual songs. Like a standard MP3 player, users can also create playlists and transfer the songs back to their PC. The satellite providers have just entered the digital downloading game, and the RIAA is not amused. The lawsuits have already begun. This issue will undoubtedly become tied with proposed changes to Section 115.

If there is a thread that ties all of these issues together, it’s Digital Rights Management. T... [ Read More (0.4k in body) ]

Hooligans get airline to page Al Kyda and Terry Wrist.

YouTube - Final boarding call for Mr Terrorist

The second alternative is for Apple to license its FairPlay DRM technology to current and future competitors with the goal of achieving interoperability between different company’s players and music stores.

The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak. The Internet has made such leaks far more damaging, since a single leak can be spread worldwide in less than a minute.

Apple has concluded that if it licenses FairPlay to others, it can no longer guarantee to protect the music it licenses from the big four music companies.

Decius's comments are right on:

Steve Jobs speaks openly about DRM here, which is interesting, but he is obviously negotiating with European anti-trust entities in this essay. He presents a proposition that the two major European music companies license their music to him without a DRM requirement. Thats a bit "let them eat cake" I think. I'm sure he thinks the pressure that Europeans might put on those major music companies as a result of this essay will release some of the pressure on him, allowing him to find a better negotiating position.

Unfortunately, with regard to the passage I'm quoting, he's wrong. In order to have a DRM system you have to put the enforcement technology in the hands of all of your users. Those people can reverse engineer that technology, and spread their results via the Internet. DRM encoding systems can be just as blackbox as DRM enforcement systems, and you aren't handing them to as many people, so the idea that you can't tolerate the risk of those encoders being reverse engineered doesn't make any sense. You're already taking the greater risk that the decoders will be reverse engineered, and thats the fundamental crux of DRM. Furthermore, there is no reason why Apple couldn't support another companies DRM technology that already has shared encoders.

I am of the opinion, and have been for some time now, that the record companies are going to start abandoning DRM technology. I am also of the opinion that we need, and will get, a means of attaining blanket licenses to cover music downloads, as well as a reasonably elegant system for paying royalties.

I would be shocked if Apple is not expecting things to go this way as well. The line they are taking here actually puts more pressure on the powers that be to take moves to open licensing, then if Apple opened their technology. The big win for everyone is if it became possible to sell non-DRM'd tracks. Unless that happens, it is not to Apple's advantage to open their DRM technology.

Screw opening the DRM, open the licensing regime. Like Steve said:

Convincing them to license their music to Apple and others DRM-free will create a truly interoperable music marketplace. Apple will embrace this wholeheartedly.

Steve Jobs - Thoughts on Music

South of the city, in Tukwila, the baristas at Cowgirls Espresso wear sheer negligees and visible pink panties. It's the same story in any number of other suburban bars and drive-through stands, like the Natte Latte in Port Orchard or Moka Girls in Auburn - bikinis, racy lingerie, fetish clothing, and plenty of suggestively exposed flesh.

At Best Friend Espresso in Kenmore, at the northern end of Lake Washington, the outfits take their inspiration from Playboy-style sex fantasies. The staff will go for the naughty schoolgirl look one week, then don black-framed glasses the next to look like sexy secretaries.

Welcome to "sexpresso" - the latest coffee fad to hit America, in which the country's seemingly boundless fascination for Italian-style Java is combined with its equally boundless fascination for half-naked women.

Coming with a theme for a coffee bar is nothing new in America. In Los Angeles, there are cafes where you can buy second-hand books, get cut-price legal advice, throw pots, or listen to really, really bad live music provided by local bands. Strangely, nobody until now has thought of combining coffee with sex.

Sounds good to me..

Independent | Sexpresso coffee shops take Seattle by storm

The man responsible for unleashing what is believed to be the first self-propagating cross-site scripting worm has pleaded guilty in Los Angeles Superior Court to charges stemming from his most infamous hacking.

Samy Kamkar, who was 19 when he unleashed the attack on MySpace.com in October 2005, was sentenced to three years of probation and ordered to perform 90 days of community service, according to a MySpace statement released Wednesday.

Kamkar also must pay an undisclosed amount of restitution to MySpace, and he is banned from accessing the internet for personal reasons for an unknown amount of time, according to the statement.

Kamkar, using a programming technique known as Asynchronous JavaScript and XML(AJAX) that permitted browsers to execute malicious code, was able to circumvent MySpace’s strong JavaScript filters.

So checking eval'd text isn't necessary to have a "strong" Javascript filter...

MySpace superworm creator sentenced to probation, community service - News - SC Magazine Australia

A bill has been proposed in the Georgia State Senate which would require social networking websites, possibly including MemeStreams, to verify that minors who create accounts have parental permission. In practice this would mean that any Georgia website, no matter how benign, which allows users to create profiles, would be required to implement as yet undefined age validation procedures for all new users.

We believe that this proposal is a bad idea for a number of different reasons. We composed the following open letter to the sponsors of the legislation in an attempt to articulate our concerns.

Our response has been noted on the MemeStreams Defense website.

We don't do much with the defense website, and we like it that way. We would prefer not to have to do anything with it, but it's there.

MemeStreams response to Georgia Senate Bill 59 - 2007

javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.images; DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=Math.sin(R*x1+i*x2+x3)*x4+x5; DIS.top=Math.cos(R*y1+i*y2+y3)*y4+y5}R++}setInterval('A()',5); void(0);

Go to Google News, and then past this into your URL window and hit enter

Websense® Security Labs™ has discovered that the official website of Dolphin Stadium has been compromised with malicious code. The Dolphin Stadium is currently experiencing a large number of visitors, as it is the home of Sunday's Super Bowl XLI. The site is linked from numerous official Super Bowl websites and various Super Bowl-related search terms return links to the site.

A link to a malicious javascript file has been inserted into the header of the front page of the site. Visitors to the site execute the script, which attempts to exploit two vulnerabilities: MS06-014 and MS07-004. Both of these exploits attempt to download and execute a malicious file.

Thanks to Jeremiah Grossman for sending me a message today bringing this to my attention.

Declan McCullagh posted some good resources about this. All are plain text and will not harm you.

The original HTML page with the nasty JavaScript
Nasty JavaScript file it loads
VBScript file which gets bootstrapped from one of the HTML files

Super Bowl XLI website owned

Woohoo! I finally got the pins removed from my hand! They basically yank those suckers out with a pair of pliers. It's a really weird sensation.

Update: Aren't you glad I didn't have hemorrhoid surgery?

Another anonymous reader writes with a link to the Inside Higher Education site. Those folks are reporting on Blackboard's 'pledge' not to sue open source projects used by universities and colleges. The Blackboard patent on educational groupware filed last year has come under a lot of fire, with many organizations simply seeking an open-source alternative. This newest peace offering to higher education groups has the Sakai open source consortium more than a little bit nervous. If Blackboard meant to set people at ease, all it has managed to do was confirm to onlookers that it 'wants to keep its legal options open.' Blackboard insists that this new pledge affords universities a number of legal privileges, and is designed to make educators 'sleep easy at night.' Somehow, very few people seem reassured.

We don't like Blackboard here. They sued Acidus and Virgil a few years ago because of security research they were doing on Blackboard's products.

Slashdot | Blackboard's 'Pledge' Not to Sue Open Source Software