There are several past threads of this article but this comment about how the DeCSS illegal prime was created seemed the most interesting: https://news.ycombinator.com/item?id=1045394
E.g. publicizing the number and expiration date of Bill Gates' credit-card is illegal but what if we wrote a text commentary about Shakespeare's Hamlet that when SHA-1 hashed, it gives you that same information? Yes, it would be very computationally intensive to generate a plausible literary text but it could be done. Or one embeds Bill Gates credit-card number as "transactions amounts" on Bitcoin blockchain.
The theme is the same: find a "legitimate" information channel to transmit illegitimate data. This then allows the philosophical arguments about information:
- How can commentary about Shakespeare be illegal? It's education!
- How can you censor transactions on the bitcoin blockchain? There are already 100,000+ copies of it on nodes around the globe! And so on...
privacylawthrow 1080 days ago [-]
The law cares about intent and outcome. If you intended to publish Bill Gates' credit card number and did so, and if doing so was a crime, you'd be guilty of that crime. This is true regardless of how you published the information. There is no "out" for putting it behind a pretext.
It's why sharing child pornography is illegal, even though all the creators are really doing is sharing a set of instructions for someone's else's computer to generate the image/video.
lostcolony 1080 days ago [-]
Sometimes the law cares about intent.
For copyright, it really doesn't. Hence Disney threatening to sue daycares for having Disney character murals on their walls.
While we have since had the four factors of fair use introduced, it still doesn't care about intent; it cares about how the work is used/transformed, but that's different than intent.
snappieT 1080 days ago [-]
If you take copyrighted material and put it on a daycare mural, then you _intended_ to put copyrighted material on a daycare mural. It is not about intent to damage, it's just pure intent.
redwall_hp 1080 days ago [-]
They intended to make referential work to characters in our modern common culture/mythology, as people have done since time immemorial. Some rent-seekers merely think they get to own ideas now.
kryogen1c 1080 days ago [-]
> Some rent-seekers merely think they get to own ideas now.
are you quite serious? Disney doesn't think they own coming of age tales or intrepid children feeling out of place. Disney thinks they own the things they paid to create during the operation of their business.
the daycares Aren't making up their own stories, theyre directly benefiting by using Disney's products without licence or permission. this is the exact opposite of seeking.
feanaro 1079 days ago [-]
The point is Disney shouldn't really be able to "own" the image of Mickey Mouse for over a hundred years just because they paid for the creation of some initial image.
sullyj3 1080 days ago [-]
Copyright may or may not be a good idea, but arguing its merits isn't relevant to the question of its current legality.
lostcolony 1080 days ago [-]
What you're saying is that action = intent. Meaning intent is immaterial; the action is proof of intent. I.e., the opposite of caring about intent.
To prove intent you'd have to prove the daycare knew the works were copyrighted (i.e., the distinction between public domain Snow White, and Disney's Snow White), knew the copyright law sufficiently to know this was infringing (i.e., painting on the interior of a daycare where you're clearly not economically benefiting), and to choose to do it anyway.
Hence why copyright law doesn't take intent into account; 'ignorance of the law is not a defense'.
drdeca 1080 days ago [-]
This isn't the intent being referred to. They aren't referring to "intent to violate copyright law".
If your intent is to comment on Shakespeare, and it happens that what you produced, when run through some process, produces something under copyright, but the thing you intended to express doesn't, I don't think that would violate copyright law? Or at least, no one would convict you.
drdeca 1078 days ago [-]
Also, my understanding is that if you can prove that your creation of something was independent of someone else’s creation of the same thing, it isn’t a copyright violation?
Blikkentrekker 1080 days ago [-]
> It's why sharing child pornography is illegal, even though all the creators are really doing is sharing a set of instructions for someone's else's computer to generate the image/video.
The strange matter is that in the U.S.A., mens rea is an element of the crime of sharing and possessing child pornography, meaning that one can only be convicted if one knew, or could reasonably be expected to know the actor was under a certain age, but this is not the case for actual sexual intercourse with a minor, where one is criminally liable if one could not be expected to know.
In most jurisdictions, mens rea is an element of both.
simonh 1080 days ago [-]
The number itself is not enough to have the encoded information, you also need the details of the encoding/decoding scheme. So if you had this 'commentary on Shakespear' by itself it's no more interesting than if you had an encrypted copy of Bill's credit card number but not the password to unencrypt it. Having that on a T-Shirt doesn't seem quite so outrageous though.
However if you have, or circulate this number along with an implementation of the decoding algorithm, as a reader, then you're actually circulating the credit card number itself in a much more direct way. Yes, I know they also publish the unpacking algorithms, but If I walked round with a T-shirt with the encoded file on the front, and the decoding program on the back, that's clearly a much more direct and obvious transgression.
The joke about these illegal primes is that by themselves they seem innocuous, they're just seemingly meaningless numbers, but put the two halves of the puzzle together and the problem becomes a lot clearer. Handing out an unreadable, encrypted, encoded number with the latest Marvel movie in it but no way to play it seems harmless, hand it out with a bundled video player as well and that's a problem. Now it's a viewable movie and that's a different kettle of fish.
A friend of mine got very excited when we were CS students because he found a way to theoretically 'encrypt and compress' data to extremely small sizes, until I pointed out the binary compression key would end up being vastly bigger than the 'compressed' file. Basically he was just 'sucking' the complexity out of the data file and putting it in the key. These numbers are a bit like that, a large amount of the information in the 'encoded' content is actually sequestered in the unpacking algorithm.
With the right 'decoding scheme' the number 5 is an encoded copy of Infinity War. Wow, 5 is now an illegal prime!
grishka 1080 days ago [-]
Because "illegal information" is an entirely artificial concept that doesn't hold if you think too much about it. You can't exactly "own" information, neither can you "destroy" it.
Blikkentrekker 1080 days ago [-]
Illegality is an artificial concept.
There is no right and wrong in this world; there are only parties with enough power to enforce their will upon others. Some of those parties believe that what they do serves some public interest.
lupire 1080 days ago [-]
Law is an entirely artificial concept. That's the whole point of it.
grishka 1080 days ago [-]
Laws only work when the majority of people is on board with them, and there's a misbehaving minority against which they're enforced. It's most certainly not the case with the copyright law, at least in its current form. Or, for that matter, any other oppressive laws that aim to manipulate people through fear into doing (or not doing) something elites want.
uuidgen 1080 days ago [-]
If you're the only person that knows a particular sequence of letters or numbers you own it.
If you remove all knowledge of that information you destroy it. And by "all knowledge" I mean every known way to generate it, not just a simple representation.
There is nothing special among any single number in 160 byte string, but it contains all SMS ever sent. Some of those messages are of special interest to some people.
jasode 1080 days ago [-]
I'm replying to myself to address some of the skeptical comments about my scenario because I didn't make it clear what I was trying to communicate.
I was trying to emphasize the people sharing the legitimate data and not the person who generated it from illegal data.
For example, the SHA256("Hamlet was a prince in Denmark.")=="4461565240549538f8888f5ac829800a79763479f28418dec7a13087a3e0d2a8".
Let's say the first 16 hex digits ("4461565240549538") is an "illegal number" ... e.g. somebody's credit-card or whatever.
Yes, the intent of starting with "4461565240549538" and using brute force to eventually find some a plausible sounding sentence that creates a hash with that 16-digit number can be prosecuted. Likewise, you can't just XOR a Blu-Ray mp4 file with digits of pi and claim "it's just a random number" to be immune from copyright laws.
I'm talking about the people downstream that do something like this by sharing on reddit, Twitter, etc:
- I ran across some Shakespeare trivia: "Hamlet was a prince in Denmark." I don't want anybody to hash it. I just thought that was interesting to know.
- Streisand Effect[1] the above tweet or forum post
- now everyone debates : How can the sentence "Hamlet was a prince in Denmark." -- be illegal?!? It's a factoid about a play that you can't remove from everyone's brain! We're now past the point of the criminal who brute forced the illegal data to publish it. I'm talking about the non-criminals sharing it. That's the information hack: Shift the illegal data into the realm of the legal data.
Maybe that hack hasn't been fully tested in courts but it seemed to work if we look at the DeCSS code repackaged as an interesting prime number. Neither Chris Caldwell and Phil Carmody have been put in jail.
It can also be especially effective if the would-be criminal who generated interesting hashes or prime numbers did it anonymously such as Satoshi Nakamoto's generation of the bitcoin genesis block. There's now no obvious person to prosecute.
I think this is less a philosophical argument than a legal one. If a court can prove that you explicitly owned the illegal data in its raw format, and used that to generate something (even if it has secondary value), they should be free to prosecute in my opinion. That includes searching through and highlighting data that already exists in the wild such as large prime numbers. Presumably showing statistics of how often random data would decode to someone's credit card number would prove this beyond reasonable doubt.
The fact all data exists 'in nature' - while interesting, is not something I think should override the intent of data laws.
dTal 1080 days ago [-]
Yes. A commentary on Shakespeare that just happens to hash to Bill Gates' personal details is so monumentally unlikely to occur by accident that its existence constitutes proof of intent beyond all reasonable doubt. Disingenuously asserting that "it's education!" is a bit like the mafia boss asserting that no, the front business really is a laundromat.
It's really amazing how many experts and professionals in information technology seem to understand what information is less well than stodgy old lawyers and politicians.
CivBase 1080 days ago [-]
It would be much easier to create a "free speech flag" instead.
>...what if we wrote a text commentary about Shakespeare's Hamlet that when SHA-1 hashed, it gives you that same information?
That would imply that it would be practical to create a document that hashes to a specified value. The SHA-1 pre-image resistance would prevent that.
jasode 1080 days ago [-]
>The SHA-1 pre-image resistance would prevent that.
No, I'm talking about computing something much less ambitious than solving pre-image resistance.
Consider the example SHA-1 hash[1]:
SHA1("")
gives hexadecimal: da39a3ee5e6b4b0d3255bfef95601890afd80709
gives Base64 binary to ASCII text encoding:
2jmj7l5rSw0yVb/vlWAYkK/YBwk=
Embedded in that hex is "95601890" ... which could be somebody's driver's license number. Now that the number is publicly visible via some legitimate purpose other than illegally publishing drivers license numbers, we can then argue "How can a SHA-1 of a empty string illegal?!?"
It's a similar concept to creating "vanity" public hashes for Tor or bitcoin addresses or finding a hash that has a certain number of leading zeros in "proof of work". Embedding arbitrary illegal information that way is more computationally feasible with brute force than perfect pre-image attacks.
The underlying idea of the hack is the same : Find some way to make illegal data be interpreted in a totally different way that _is_ legal. It's very hard to do for large amounts of information such as 9 GB mp4 rip of a Blu-ray disc -- but easier for small amounts of information... such as the DeCSS C source code converted to an "interesting" prime number.
"95601890" is just an arbitrary number, the same as any other.
Additional metadata, such as "it's a driver's license number", "it relates to person X" gives it context and makes it information. 4037 is a bank pin code for millions of people, but as long as you don't combine it with a person it's just a 4 digit number. When you combine it it becomes information protected in many countries.
lupire 1080 days ago [-]
The law doesn't have exceptions for "a part of of happens to look like something legal"
This is a collision attack, much weaker than pre-image. It means that you can make two different texts with the same hash, but you can't create a text that matches a specific hash.
Even MD5 is safe from a pre-image attack, it means, for example, that it is safe to use for storing passwords (but not recommended for other reasons).
sorokod 1080 days ago [-]
Presumably applying the "Right to be forgotten" to data encoded on the blockchain will wreak havoc on it's immutability aspect.
praptak 1080 days ago [-]
Primes are pretty dense. If you can encode something as a number, then you can encode it as a prime number with enough padding.
Therefore I don't see how those numbers being prime changes anything. This looks to me like a weak argument that tries to take advantage of poor intuitions that some people have about primes.
Yes, the IP laws are ridiculous but this is not a good argument to support this opinion.
dTal 1080 days ago [-]
Exactly. Primality is nothing more than a misleading intuition pump to make you think in terms of "innocent bit of number theory", instead of "encoded data file". Even the term "illegal number" is designed to make you think this way; somehow, "legally protected secret" doesn't sound quite so absurd.
jdc 1080 days ago [-]
And yet regardless debate about hypotheticals, Phil Carmody discovered the first non-trivial executable titanic prime, Professor Caldwell published it and neither of them faced repercussions.
lupire 1080 days ago [-]
Why would it be illegal to publish that particular executable? Was it harmful?
There is no question that the person creating and publishing the prime is infringing copyright. However, they aren't the ones actually publishing the information. The copyright infringer creates the prime, proves something interesting about it and then the fan websites (like PrimePages mentioned in the articles) actually distribute the primes.
abhishekjha 1080 days ago [-]
> If you can encode something as a number, then you can encode it as a prime number with enough padding.
Isn’t this what godel’s encoding does?
karatinversion 1080 days ago [-]
No, everything but single characters are composite numbers in Gödel encoding
antirez 1080 days ago [-]
Not only this concept has a great deal of triviality, because everything you can digitally encode will have a corresponding prime (often you can change the encoding slightly, yet the binary format is still valid, so you can perform random changes and run a fast primality test, until you find a good candidate).
It is also a reversible concept: you can create an "illegal painting" by encoding a number in the painting, so that interpreting the painting in some way (like, splitting it in a X*Y grid, and assigning 1 to the squares where the red component in RGB is greater than G, 0 otherwise) will result in such number.
What's the gist of all this? That reality can be represented by numbers and the other way around, however numbers representing illegal digital entities (violating copyright or other laws) are so unlikely to happen by chance, that they need to be chosen explicitly to have such a representation: the illegal prime is just a different way to write the same thing in a file, thus is the same blatant law violation, and the fact they happen to have a prime number (very dense and common numbers) is not interesting at all.
batch12 1080 days ago [-]
> What's the gist of all this?
The point, per the article, is a protest against the censorship of information. People may not think twice about making a computer program illegal. However, banning a number would get more attention. The point is exactly as you have noted-- it's the same thing.
ACS_Solver 1080 days ago [-]
Taking the same idea further, there are plenty of (possibly) illegal numbers that don't even have to be prime, just because an ASCII-encoded string of text can be represented as a number.
A pair of GPS coordinates with five decimal precision, written like 7.63941, -122.12825 is just 19 ASCII characters. So in ~400 characters you could have 20 such pairs. 400 ASCII characters being 400 bytes or 3200 bits, they can be represented by a number that's < 2^3200. What if the 20 pairs of coordinates are current locations of US nuclear submarines? That would make the ~900 digit number very dangerous from the US military's point of view.
400 characters is surely also enough for many other bits of highly classified information. Several names of CIA agents under non-official cover in China. A concise description of the purpose and capabilities of the X-37 spacecraft. The top item on the President's Daily Brief for today.
It raises some interesting questions about the legality of numbers, and what would happen to someone publishing one. What if I'm writing an article that happens to contain the nuclear-submarine-coordinates-encoding number? What if I'm writing about a debugging problem and I show a memory dump that happens to contain it? The actual probability of that happening is of course zero, but something tells me that anyone who did publish such a number would suddenly find themselves in the company of government agents very willing to overlook that person's rights.
uuidgen 1080 days ago [-]
But those numbers without context are just that - numbers. It's the context that makes it information. GPS coordinates by itself are the same, they're just numbers, but by attaching meaning to them you may make them dangerous or illegal to publish. And sometimes enough meaning is "don't let anyone know it" - the rest can be gathered from the context and other data.
dTal 1080 days ago [-]
The minimum reasonable size of an "illegal number" is fairly comprehensively explored here [0] (tl;dr 128 bits)
(You needn't be kept up at night by the thought of accidentally publishing nuclear codes; as you say, the probability is 0 for all practical purposes, and the reluctance of government agents to dismiss it as a coincidence would be entirely reasonable)
Thanks, that was an interesting read! It does of course raise interesting questions about a nefarious powerful government that wants to get rid of someone for "endangering national security". Taking the example of sensitive GPS coordinates, I can easily come up with an a way to encode a pair of coordinates (with 10m precision) in 5 bytes, or 40 bits. And that's no longer a number where probability is so much on your side. Unscrupulous government agents have a decent chance at finding those 5 bytes in the dump of your 1-terabyte drive!
I guess the counterpoint here is, a government that wanted to put you behind bars by justifying it with 5 random bytes would have no problems with fabricating some much stronger evidence against you instead.
dane-pgp 1080 days ago [-]
I don't know about "reasonable", but much smaller numbers have, in practice, been banned in various contexts by legal authorities (tl;dr 2 to 11 bits).
...I don't think it's quite fair to characterize the search term "4" as 2-bits of information, since it's possible to put any text in a search box, not just numbers. Although it's certainly not 128 bits either!
How would the concept of colour be used practically in this case? Am I allowed to mention the prime number or am I not?
praptak 1080 days ago [-]
> Am I allowed to mention the prime number or am I not?
Since "the colour" is the whole context which led to you mentioning the prime number, the answer is "it depends".
In practice you can publish it as a part of mathematical paper on primes. You cannot publish it saying "here's a prime that decoded as X does illegal thing Y".
Anything in-between is gray zone, with the disclaimer that courts don't like "clever" schemes that try mess with the "colour". So if you try to publish a fake mathematical paper to thumb your nose at the illegality of publishing something, the court will be unsympathetic.
teddyh 1080 days ago [-]
It depends of the color of the number. If the color is that of a simple prime number, which you mention purely for its characteristics as a number, then you would theoretically be allowed. Otherwise not.
feanaro 1079 days ago [-]
Let's assume my intent for publishing the paper was clean and I was not attempting to subvert colour. What happens if word spreads around on the internet that the prime number in my paper is actually the illegal DeCSS prime number, making it into an efficient avenue of its dissemination and distribution?
Is my paper going to get censored or not?
teddyh 1073 days ago [-]
> Is my paper going to get censored […]?
No, but that is not a problem, since that will never happen. There are too many prime numbers for you to accidentally stumble upon that prime number while doing something else. The theoretical possibility that you might is not a problem for the law, which only concerns itself with problems which occurs in practice.
isitdopamine 1080 days ago [-]
Interesting read!
It’s essentially the opposite of Aaron Swartz’s famous “Bits are not a bug” writeup.
dezmou 1080 days ago [-]
I understand that one number can be the binary equivalent of a protected source code, but I don't understand why the fact that it is a prime number is important.
dezmou 1080 days ago [-]
I Missread it
"...worthy of being published on the lists of the highest prime numbers.[1] In a way, by having this number independently published for a completely unrelated reason to the DeCSS code, he had been able to evade legal responsibility for the original software."
sweezyjeezy 1080 days ago [-]
Just because it has a secondary reason of interest, it doesn't negate the original intent (especially when the original intent has been documented by the author). I doubt this would stand up if legally challenged.
Primes are pretty dense in the integers - unless you're going to say 'data can't be illegal' - including e.g. CP, then highlighting illegal primes is simply not a valid evasion.
bjornsing 1080 days ago [-]
If it was composite then at least you could factor it into (hopefully) legal numbers and distribute those. :P
No, jokes aside I don’t know either.
heroku 1080 days ago [-]
You can still distribute as a sum of legal numbers.
praptak 1080 days ago [-]
There's a proof-of-concept file sharing protocol (Monotone? I cannot remember the name. Edit: it's monolith.sourceforge.net) that distributes numbers as xor of legal numbers.
Alice publishes a truly random string of bits, Bob publishes a XOR of Alice's string with an "illegal" number. Information theory says you cannot tell which is which (and publishing a random string of bits is supposedly legal) but you can still retrieve the "illegal" number by xoring Alice's and Bob's strings.
Bob publishes encrypted data. If it’s legal, just use AES with known pass phrase, its output looks random enough.
praptak 1080 days ago [-]
The point of the protocol is that both Bob and Alice can claim they were publishing a fully random string of bits and there is no way to disprove it.
I don't see how the known pass phrase achieves that.
vbezhenar 1080 days ago [-]
There's a way to prove it by XORing their streams. Just like there's a way to prove that given stream is AES-encrypted by trying to decrypt it with key published by Alice.
dane-pgp 1080 days ago [-]
I think that a crucial point about XOR-based systems is that both Bob and Alice can produce the "other half" of their random-looking file which produces a legitimate non-random file (e.g. a video of their holiday), while claiming that the other party maliciously used the "first half" as the random-looking input against which they XORed their forbidden file.
Unless an omniscient observer knows the publication date of all the "halves" in the system, it is impossible to say which of Bob or Alice are telling the truth.
Of course, both parties are inherently slightly suspicious for using such a system in the first place, but if it existed as part of a free public hosting service, and lots of people used it for legitimate purposes, it might only be as incriminating as using BitTorrent.
vbezhenar 1080 days ago [-]
That makes sense, thanks.
st_goliath 1080 days ago [-]
"Any integer can be expressed uniquely as a sum of unique powers of even primes."
sleavey 1080 days ago [-]
Just goes to show that copyright laws are incompatible with reality.
NaturalPhallacy 1080 days ago [-]
Copyright laws exist exclusively for the benefit of lawyers.
amelius 1080 days ago [-]
People believe (although there is no proof) that any finite sequence of bits appears somewhere in pi, making pi an illegal number :)
If true, that could be an exceptionally interesting method of compression. Any volume of data can be compressed to two numbers: an offset and a length. Presuming we have a way to "stream" the numbers, rather than having to calculate the entire value.
gnulinux 1080 days ago [-]
That would not be compression since the number of bits required to store offset would on average be larger than the number of bits required to store the actual data.
It’s not particularly interesting and almost certainly not viable as a useful method of compression. It’s essentially just using pi as a pseudo-random number generator and encoding the desired message as an index into the output sequence of the PRNG. If it sounds slightly more interesting than that, it’s probably only because pi has a lot of mystique around it in popular culture.
c22 1080 days ago [-]
If you tweak your prng to output the "interesting content" at the beginning then you've created algorithmic content which is very interesting and can look a lot like compression at first glance.
zild3d 1080 days ago [-]
also means the offset can be larger than the data
SamBam 1080 days ago [-]
...and almost always is, except in the trivial cases of tiny numbers right near the start. Which is why it doesn't actually work as an encryption algorithm.
The other idea I've always liked is a length that, to enough precision, encodes something in the decimal places. Then in theory you could just cut something, say a diamond, to this impossible precision, and then measure it later. I assume that, like the Pi example, this is impractical not only in practice but even in theory, even if we had impossibly-accurate cutters and measurers.
2. GZip it, or at least store it in a format that discards trailing null bytes.
3. Multiply it by a power of 256
Every power of 256 adds a zero to the end, in the same way that multiplying 5x10=50, 5x100=500, etc.
4. Add a an integer and check primality; repeat.
So if the illegal number was 12345 your could have an illegal prime 1234500000071 represented by (12345x256^8+71).
The only reason you’d want to do this is because people actually share seemingly random prime numbers online. There’s no legal reason to share the DeCSS encryption code, but a prime number with a length of 2000 is “interesting” enough to avoid legal issue.
Y_Y 1080 days ago [-]
Do you imagine a judge would just say "well fuck it, he published the illegal number, but appended some shit to the end, so maybe it's just an astronomical coincidence"?
bzbarsky 1080 days ago [-]
The point is, if the resulting prime number is large enough to be in the very public "list of N largest known primes", how do you keep it out of that list, exactly?
But also, as pointed out elsewhere in this thread, your hypothetical is more or less what happened with the DeCSS primes Phil Carmody published. Except it never even got to a judge.
bostonpete 1080 days ago [-]
Just to be clear -- b/c I got a bit confused reading this -- this example seems to assume "12345" and "71" are base-256 numbers and "256" is base-10.
Zircom 1080 days ago [-]
Once you compress the number it becomes stored in base-256 due to how the gzip file format works was my understanding
bostonpete 1080 days ago [-]
Sure, the benefit of base-256 is that a 0 maps to a byte with all 0's in the binary representation of the integer -- it's nothing specific to gzip. But on its face, 12345x256^8+71 = 1234500000071 is just wrong and only works once you realize that it's combining integers from different number systems.
MayeulC 1080 days ago [-]
> Following this, Carmody discovered an 1811-digit prime—this one being non-compressed, directly executable machine language in the ELF format for Linux i386, implementing the same DeCSS functionality.
If the source code to Microsoft Windows is illegal, is the source code plus one bit of padding at the end illegal? How about two bits? How about an XOR transform with some random number, which I also publish online? How can Microsoft copyright an infinite number of variations of their source code?
The answer is that they obviously can't, but all those variants are illegal if the purpose is to get back to that same source code. If you're transforming their source code, and providing some obvious or non-obvious key for how to get from your transformation to the original, you're violating copyright.
dane-pgp 1080 days ago [-]
I think all we can say is that if N is an illegal prime, then N+1 is not an illegal prime.
Well, I suppose a government could try to ban the numbers 2 and 3, but it might have trouble complying with that law itself.
FrozenVoid 1080 days ago [-]
If any number is illegal, all numbers in such size range
A xor B can be made illegal(even though A or B are both perfectly mundane, xoring them creates an illegal number, so they're now illegal too).
* Xoring the original illegal number with any random legal number A of same size creates a new (also random) number B that (A xor B) restores the original.
whatgoodisaroad 1080 days ago [-]
I could imagine a somewhat cynical science fiction story where Earth manages to communicate with an intelligent alien species using fundamental constants and rules of mathematics. But then, the aliens transmit a prime that the humans have happened to have declared illegal and have no choice but descend into interplanetary copyright war.
dane-pgp 1080 days ago [-]
Slightly more realistic would be a story about a technocratic nation that changed its flag to something like a "Free Speech Flag" (as mentioned in another comment) containing a representation of an illegal number, with the global media industry then conspiring to generate support amongst the public for regime change in that nation.
goatcode 1080 days ago [-]
That's how you deal with trolls from countries with very strict language laws.
panosfilianos 1080 days ago [-]
What's interesting in this case is that I may know that an entity has such a number in possession. By encrypting sensitive IP with that number, do I force that entity to break the law?
dane-pgp 1080 days ago [-]
Hopefully the targeted entity could prove that they had the number in their possession for longer than your encrypted data existed, but this is an interesting question.
It seems like it's logically or legally equivalent to setting your password to someone else's date of birth and then claiming that they have hacked you because they know your password.
1080 days ago [-]
dezmou 1080 days ago [-]
Does the guy actualy had to test many version of the code by adding some useless instruction only to change the binary final number ? like mining a bitcoin
lovelyviking 1080 days ago [-]
>it describes a computer program that bypasses the digital rights management scheme used on DVDs.
Hiding number is not a proper way to address the issue. We should address the core of it - drm which should be made illegal.
What is strange for me is that making digital rights management program that does who knows what and thus breaks any privacy by definition is not illegal but some number that merely describes a computer program that bypasses such program is. This is not crazy? Why it should be illegal to protect own computer from malware?
comboy 1080 days ago [-]
Obviously. But the issue is not that simple. Do you think any kind of information should be protected by law? Because I can think of a few examples.
Actually, I believe we are going towards information being the thing that has value, we should arrive there, assuming abundance (on a human scale of course, energy is still required to sustain any patterns), material goods being just things that can be copied.
So where do you draw the line? If you get caught with my private keys is that ok & legal? What if I get caught with internal documents of some company? Espionage? Facebook just keeping some big numbers around? How do you implement privacy that you seem to care about without some numbers being illegal?
Also remember you bought/installed that malware or agreed to it. And no, I don't like DRM, I do agree that it is insane, but without presenting a coherent view where that problem is not present it's just being angry about the sky being blue.
lovelyviking 1080 days ago [-]
>But the issue is not that simple.
I think actually it is very simple. Obviously when you wish to watch some movie your privacy should not be compromised to the end of your life or the life of your computer. It's too much to demand from customer.
Just like when you buy an ice cream you do not expect that seller will be granted rights to visit your home whenever he wants from now on. Very simple. No DRM no problem.
If seller sells movies he should not install DRM to the customer nor demand it nor imply it. Because in attempt to control things that are impossible to control one can endanger much more important things which can lead to loosing rights, freedom and democracy and those are much more serious problems then some additional copies of some stupid movies which cannot be prevented anyway.
dane-pgp 1080 days ago [-]
> So where do you draw the line?
A reasonable suggestion would be to draw the line around private data.
By design, DRM is intended to restrict people's use of data which the publisher wants to spread as widely as possible (on the condition that they are paid for every copy). This data is therefore not private in any sense.
All your other examples work with this line: Private keys are obviously private; internal company documents are "private" in the same sense that corporations are people; government secrets are private (and countries are legal people); and Facebook should be keeping people's personal data secret on their behalf.
comboy 1080 days ago [-]
It somewhat pushes the answer into "private" definition but it does sound good.
But then, if a company implements DRM using its private key and somebody steals that private key?
dane-pgp 1080 days ago [-]
Well, I think that protecting "private" data should be the default but there would be exceptions (because reality is complicated, and so is the law).
For example, I don't think that all information created by a government should be given the same protections as information about individual humans, which is why we have Freedom of Information laws. I would even go so far as to say that this principle should apply to corporations, at least for information that is no longer commercially relevant.
We already have "public interest" exceptions for things like reporters exposing the private lives of politicians, and that sort of careful consideration also has to be applied to requests invoking "the right to be forgotten".
Anyway, even if a society didn't make DRM systems illegal outright, it could accept a legal judgement that "private keys" which are distributed to end user devices are not to be considered private. As a practical matter, though, if your DRM system relies on the secrecy of a key that can fit in a QR code, then you shouldn't expect the law to put that genie back in the bottle for you.
lupire 1080 days ago [-]
Why should is be illegal for consenting adults to agree to use software to manage an agreement? No one is forcing you to use DRM.
Ethereum is also DRM.
lovelyviking 1080 days ago [-]
1. Because when you buy let's say some ice cream you do not expect and it should not imply that you give a right to the seller to visit your house whenever you take a bite or whenever he wants. The same reason. If person wish to watch some dumb movie his privacy should not be compromised.
2. Because once you allow such things then soon any seller would feel safe to add any degree of tracking/ breaking privacy to any product... Oh wait,isn't it what is happening these days?
3. If you do not understand the value of privacy for the democracy then perhaps selling kidney when you buy ice cream example would work for you. Even if it is written between the lines it should be illegal, isn't it ?
unnouinceput 1080 days ago [-]
Quote: "Its binary representation corresponds to a compressed version of the C source code of a computer program implementing the DeCSS decryption algorithm, which can be used by a computer to circumvent a DVD's copy protection"
That's a stretch. Same as Botswana's currency (Pula) which is a slang in Romania for male genitalia. Or India's ancient swastika symbol that is pretty much illegal in Western countries.
cannabis_sam 1080 days ago [-]
How clueless about mathematics do you have to be, as a professional in the legal field, to propose this type of garbage?
Mathematicians (in my humble experience) are also pretty clueless about law, but at least they can’t just make up shit that is fundamentally incompatible with reality[0]
This might be thought of as a human version of a covert channel: https://en.wikipedia.org/wiki/Covert_channel
E.g. publicizing the number and expiration date of Bill Gates' credit-card is illegal but what if we wrote a text commentary about Shakespeare's Hamlet that when SHA-1 hashed, it gives you that same information? Yes, it would be very computationally intensive to generate a plausible literary text but it could be done. Or one embeds Bill Gates credit-card number as "transactions amounts" on Bitcoin blockchain.
The theme is the same: find a "legitimate" information channel to transmit illegitimate data. This then allows the philosophical arguments about information:
- How can commentary about Shakespeare be illegal? It's education!
- How can you censor transactions on the bitcoin blockchain? There are already 100,000+ copies of it on nodes around the globe! And so on...
It's why sharing child pornography is illegal, even though all the creators are really doing is sharing a set of instructions for someone's else's computer to generate the image/video.
For copyright, it really doesn't. Hence Disney threatening to sue daycares for having Disney character murals on their walls.
While we have since had the four factors of fair use introduced, it still doesn't care about intent; it cares about how the work is used/transformed, but that's different than intent.
are you quite serious? Disney doesn't think they own coming of age tales or intrepid children feeling out of place. Disney thinks they own the things they paid to create during the operation of their business.
the daycares Aren't making up their own stories, theyre directly benefiting by using Disney's products without licence or permission. this is the exact opposite of seeking.
To prove intent you'd have to prove the daycare knew the works were copyrighted (i.e., the distinction between public domain Snow White, and Disney's Snow White), knew the copyright law sufficiently to know this was infringing (i.e., painting on the interior of a daycare where you're clearly not economically benefiting), and to choose to do it anyway.
Hence why copyright law doesn't take intent into account; 'ignorance of the law is not a defense'.
If your intent is to comment on Shakespeare, and it happens that what you produced, when run through some process, produces something under copyright, but the thing you intended to express doesn't, I don't think that would violate copyright law? Or at least, no one would convict you.
The strange matter is that in the U.S.A., mens rea is an element of the crime of sharing and possessing child pornography, meaning that one can only be convicted if one knew, or could reasonably be expected to know the actor was under a certain age, but this is not the case for actual sexual intercourse with a minor, where one is criminally liable if one could not be expected to know.
In most jurisdictions, mens rea is an element of both.
However if you have, or circulate this number along with an implementation of the decoding algorithm, as a reader, then you're actually circulating the credit card number itself in a much more direct way. Yes, I know they also publish the unpacking algorithms, but If I walked round with a T-shirt with the encoded file on the front, and the decoding program on the back, that's clearly a much more direct and obvious transgression.
The joke about these illegal primes is that by themselves they seem innocuous, they're just seemingly meaningless numbers, but put the two halves of the puzzle together and the problem becomes a lot clearer. Handing out an unreadable, encrypted, encoded number with the latest Marvel movie in it but no way to play it seems harmless, hand it out with a bundled video player as well and that's a problem. Now it's a viewable movie and that's a different kettle of fish.
A friend of mine got very excited when we were CS students because he found a way to theoretically 'encrypt and compress' data to extremely small sizes, until I pointed out the binary compression key would end up being vastly bigger than the 'compressed' file. Basically he was just 'sucking' the complexity out of the data file and putting it in the key. These numbers are a bit like that, a large amount of the information in the 'encoded' content is actually sequestered in the unpacking algorithm.
With the right 'decoding scheme' the number 5 is an encoded copy of Infinity War. Wow, 5 is now an illegal prime!
There is no right and wrong in this world; there are only parties with enough power to enforce their will upon others. Some of those parties believe that what they do serves some public interest.
If you remove all knowledge of that information you destroy it. And by "all knowledge" I mean every known way to generate it, not just a simple representation.
There is nothing special among any single number in 160 byte string, but it contains all SMS ever sent. Some of those messages are of special interest to some people.
I was trying to emphasize the people sharing the legitimate data and not the person who generated it from illegal data.
For example, the SHA256("Hamlet was a prince in Denmark.")=="4461565240549538f8888f5ac829800a79763479f28418dec7a13087a3e0d2a8".
Let's say the first 16 hex digits ("4461565240549538") is an "illegal number" ... e.g. somebody's credit-card or whatever.
Yes, the intent of starting with "4461565240549538" and using brute force to eventually find some a plausible sounding sentence that creates a hash with that 16-digit number can be prosecuted. Likewise, you can't just XOR a Blu-Ray mp4 file with digits of pi and claim "it's just a random number" to be immune from copyright laws.
I'm talking about the people downstream that do something like this by sharing on reddit, Twitter, etc:
- I ran across some Shakespeare trivia: "Hamlet was a prince in Denmark." I don't want anybody to hash it. I just thought that was interesting to know.
- Streisand Effect[1] the above tweet or forum post
- now everyone debates : How can the sentence "Hamlet was a prince in Denmark." -- be illegal?!? It's a factoid about a play that you can't remove from everyone's brain! We're now past the point of the criminal who brute forced the illegal data to publish it. I'm talking about the non-criminals sharing it. That's the information hack: Shift the illegal data into the realm of the legal data.
Maybe that hack hasn't been fully tested in courts but it seemed to work if we look at the DeCSS code repackaged as an interesting prime number. Neither Chris Caldwell and Phil Carmody have been put in jail.
It can also be especially effective if the would-be criminal who generated interesting hashes or prime numbers did it anonymously such as Satoshi Nakamoto's generation of the bitcoin genesis block. There's now no obvious person to prosecute.
[1] https://en.wikipedia.org/wiki/Streisand_effect
The fact all data exists 'in nature' - while interesting, is not something I think should override the intent of data laws.
https://qntm.org/number
https://en.wikipedia.org/wiki/Free_Speech_Flag
That would imply that it would be practical to create a document that hashes to a specified value. The SHA-1 pre-image resistance would prevent that.
No, I'm talking about computing something much less ambitious than solving pre-image resistance.
Consider the example SHA-1 hash[1]:
Embedded in that hex is "95601890" ... which could be somebody's driver's license number. Now that the number is publicly visible via some legitimate purpose other than illegally publishing drivers license numbers, we can then argue "How can a SHA-1 of a empty string illegal?!?"It's a similar concept to creating "vanity" public hashes for Tor or bitcoin addresses or finding a hash that has a certain number of leading zeros in "proof of work". Embedding arbitrary illegal information that way is more computationally feasible with brute force than perfect pre-image attacks.
The underlying idea of the hack is the same : Find some way to make illegal data be interpreted in a totally different way that _is_ legal. It's very hard to do for large amounts of information such as 9 GB mp4 rip of a Blu-ray disc -- but easier for small amounts of information... such as the DeCSS C source code converted to an "interesting" prime number.
[1] https://en.wikipedia.org/wiki/SHA-1#Example_hashes
Additional metadata, such as "it's a driver's license number", "it relates to person X" gives it context and makes it information. 4037 is a bank pin code for millions of people, but as long as you don't combine it with a person it's just a 4 digit number. When you combine it it becomes information protected in many countries.
Even MD5 is safe from a pre-image attack, it means, for example, that it is safe to use for storing passwords (but not recommended for other reasons).
Therefore I don't see how those numbers being prime changes anything. This looks to me like a weak argument that tries to take advantage of poor intuitions that some people have about primes.
Yes, the IP laws are ridiculous but this is not a good argument to support this opinion.
Isn’t this what godel’s encoding does?
It is also a reversible concept: you can create an "illegal painting" by encoding a number in the painting, so that interpreting the painting in some way (like, splitting it in a X*Y grid, and assigning 1 to the squares where the red component in RGB is greater than G, 0 otherwise) will result in such number.
What's the gist of all this? That reality can be represented by numbers and the other way around, however numbers representing illegal digital entities (violating copyright or other laws) are so unlikely to happen by chance, that they need to be chosen explicitly to have such a representation: the illegal prime is just a different way to write the same thing in a file, thus is the same blatant law violation, and the fact they happen to have a prime number (very dense and common numbers) is not interesting at all.
The point, per the article, is a protest against the censorship of information. People may not think twice about making a computer program illegal. However, banning a number would get more attention. The point is exactly as you have noted-- it's the same thing.
A pair of GPS coordinates with five decimal precision, written like 7.63941, -122.12825 is just 19 ASCII characters. So in ~400 characters you could have 20 such pairs. 400 ASCII characters being 400 bytes or 3200 bits, they can be represented by a number that's < 2^3200. What if the 20 pairs of coordinates are current locations of US nuclear submarines? That would make the ~900 digit number very dangerous from the US military's point of view.
400 characters is surely also enough for many other bits of highly classified information. Several names of CIA agents under non-official cover in China. A concise description of the purpose and capabilities of the X-37 spacecraft. The top item on the President's Daily Brief for today.
It raises some interesting questions about the legality of numbers, and what would happen to someone publishing one. What if I'm writing an article that happens to contain the nuclear-submarine-coordinates-encoding number? What if I'm writing about a debugging problem and I show a memory dump that happens to contain it? The actual probability of that happening is of course zero, but something tells me that anyone who did publish such a number would suddenly find themselves in the company of government agents very willing to overlook that person's rights.
(You needn't be kept up at night by the thought of accidentally publishing nuclear codes; as you say, the probability is 0 for all practical purposes, and the reluctance of government agents to dismiss it as a coincidence would be entirely reasonable)
[0] https://qntm.org/number
I guess the counterpoint here is, a government that wanted to put you behind bars by justifying it with 5 random bytes would have no problems with fabricating some much stronger evidence against you instead.
https://en.wikipedia.org/wiki/Illegal_number#Other_examples
1. https://ansuz.sooke.bc.ca/entry/23
Since "the colour" is the whole context which led to you mentioning the prime number, the answer is "it depends".
In practice you can publish it as a part of mathematical paper on primes. You cannot publish it saying "here's a prime that decoded as X does illegal thing Y".
Anything in-between is gray zone, with the disclaimer that courts don't like "clever" schemes that try mess with the "colour". So if you try to publish a fake mathematical paper to thumb your nose at the illegality of publishing something, the court will be unsympathetic.
Is my paper going to get censored or not?
No, but that is not a problem, since that will never happen. There are too many prime numbers for you to accidentally stumble upon that prime number while doing something else. The theoretical possibility that you might is not a problem for the law, which only concerns itself with problems which occurs in practice.
It’s essentially the opposite of Aaron Swartz’s famous “Bits are not a bug” writeup.
"...worthy of being published on the lists of the highest prime numbers.[1] In a way, by having this number independently published for a completely unrelated reason to the DeCSS code, he had been able to evade legal responsibility for the original software."
Primes are pretty dense in the integers - unless you're going to say 'data can't be illegal' - including e.g. CP, then highlighting illegal primes is simply not a valid evasion.
No, jokes aside I don’t know either.
Alice publishes a truly random string of bits, Bob publishes a XOR of Alice's string with an "illegal" number. Information theory says you cannot tell which is which (and publishing a random string of bits is supposedly legal) but you can still retrieve the "illegal" number by xoring Alice's and Bob's strings.
I don't see how the known pass phrase achieves that.
Unless an omniscient observer knows the publication date of all the "halves" in the system, it is impossible to say which of Bob or Alice are telling the truth.
Of course, both parties are inherently slightly suspicious for using such a system in the first place, but if it existed as part of a free public hosting service, and lots of people used it for legitimate purposes, it might only be as incriminating as using BitTorrent.
https://math.stackexchange.com/questions/216343/does-pi-cont...
The other idea I've always liked is a length that, to enough precision, encodes something in the decimal places. Then in theory you could just cut something, say a diamond, to this impossible precision, and then measure it later. I assume that, like the Pi example, this is impractical not only in practice but even in theory, even if we had impossibly-accurate cutters and measurers.
1. Take illegal number
2. GZip it, or at least store it in a format that discards trailing null bytes.
3. Multiply it by a power of 256
Every power of 256 adds a zero to the end, in the same way that multiplying 5x10=50, 5x100=500, etc.
4. Add a an integer and check primality; repeat.
So if the illegal number was 12345 your could have an illegal prime 1234500000071 represented by (12345x256^8+71).
The only reason you’d want to do this is because people actually share seemingly random prime numbers online. There’s no legal reason to share the DeCSS encryption code, but a prime number with a length of 2000 is “interesting” enough to avoid legal issue.
But also, as pointed out elsewhere in this thread, your hypothetical is more or less what happened with the DeCSS primes Phil Carmody published. Except it never even got to a judge.
I found that to be an interesting rabbit hole: https://primes.utm.edu/glossary/page.php?sort=ExecutablePrim...
If the source code to Microsoft Windows is illegal, is the source code plus one bit of padding at the end illegal? How about two bits? How about an XOR transform with some random number, which I also publish online? How can Microsoft copyright an infinite number of variations of their source code?
The answer is that they obviously can't, but all those variants are illegal if the purpose is to get back to that same source code. If you're transforming their source code, and providing some obvious or non-obvious key for how to get from your transformation to the original, you're violating copyright.
Well, I suppose a government could try to ban the numbers 2 and 3, but it might have trouble complying with that law itself.
It seems like it's logically or legally equivalent to setting your password to someone else's date of birth and then claiming that they have hacked you because they know your password.
Hiding number is not a proper way to address the issue. We should address the core of it - drm which should be made illegal.
What is strange for me is that making digital rights management program that does who knows what and thus breaks any privacy by definition is not illegal but some number that merely describes a computer program that bypasses such program is. This is not crazy? Why it should be illegal to protect own computer from malware?
Actually, I believe we are going towards information being the thing that has value, we should arrive there, assuming abundance (on a human scale of course, energy is still required to sustain any patterns), material goods being just things that can be copied.
So where do you draw the line? If you get caught with my private keys is that ok & legal? What if I get caught with internal documents of some company? Espionage? Facebook just keeping some big numbers around? How do you implement privacy that you seem to care about without some numbers being illegal?
Also remember you bought/installed that malware or agreed to it. And no, I don't like DRM, I do agree that it is insane, but without presenting a coherent view where that problem is not present it's just being angry about the sky being blue.
I think actually it is very simple. Obviously when you wish to watch some movie your privacy should not be compromised to the end of your life or the life of your computer. It's too much to demand from customer.
Just like when you buy an ice cream you do not expect that seller will be granted rights to visit your home whenever he wants from now on. Very simple. No DRM no problem.
If seller sells movies he should not install DRM to the customer nor demand it nor imply it. Because in attempt to control things that are impossible to control one can endanger much more important things which can lead to loosing rights, freedom and democracy and those are much more serious problems then some additional copies of some stupid movies which cannot be prevented anyway.
A reasonable suggestion would be to draw the line around private data.
By design, DRM is intended to restrict people's use of data which the publisher wants to spread as widely as possible (on the condition that they are paid for every copy). This data is therefore not private in any sense.
All your other examples work with this line: Private keys are obviously private; internal company documents are "private" in the same sense that corporations are people; government secrets are private (and countries are legal people); and Facebook should be keeping people's personal data secret on their behalf.
But then, if a company implements DRM using its private key and somebody steals that private key?
For example, I don't think that all information created by a government should be given the same protections as information about individual humans, which is why we have Freedom of Information laws. I would even go so far as to say that this principle should apply to corporations, at least for information that is no longer commercially relevant.
We already have "public interest" exceptions for things like reporters exposing the private lives of politicians, and that sort of careful consideration also has to be applied to requests invoking "the right to be forgotten".
Anyway, even if a society didn't make DRM systems illegal outright, it could accept a legal judgement that "private keys" which are distributed to end user devices are not to be considered private. As a practical matter, though, if your DRM system relies on the secrecy of a key that can fit in a QR code, then you shouldn't expect the law to put that genie back in the bottle for you.
Ethereum is also DRM.
2. Because once you allow such things then soon any seller would feel safe to add any degree of tracking/ breaking privacy to any product... Oh wait,isn't it what is happening these days?
3. If you do not understand the value of privacy for the democracy then perhaps selling kidney when you buy ice cream example would work for you. Even if it is written between the lines it should be illegal, isn't it ?
That's a stretch. Same as Botswana's currency (Pula) which is a slang in Romania for male genitalia. Or India's ancient swastika symbol that is pretty much illegal in Western countries.
Mathematicians (in my humble experience) are also pretty clueless about law, but at least they can’t just make up shit that is fundamentally incompatible with reality[0]
[0] https://en.m.wikipedia.org/wiki/Indiana_Pi_Bill