ad info  technology > computing
    Editions | myCNN | Video | Audio | Headline News Brief | Feedback  




Consumer group: Online privacy protections fall short

Guide to a wired Super Bowl

Debate opens on making e-commerce law consistent



More than 11,000 killed in India quake

Mideast negotiators want to continue talks after Israeli elections


4:30pm ET, 4/16










CNN Websites
Networks image

Battle brews over reverse engineering


May 8, 2000
Web posted at: 9:40 a.m. EDT (1340 GMT)

(IDG) -- Recent court decisions limiting developers' rights to reverse-engineer software products have sparked an outcry by critics who say these actions could severely limit developers and users trying to interoperate or find flaws in commercial software.

U.S. judges have recently ruled that unauthorized re-engineering of the digital video disc playback system and a Web filtering program called CyberPatrol violated copyright and trade-secret laws.

Reverse engineering is also forbidden by many shrink-wrap license agreements. This restriction will likely be strengthened by the Uniform Computer Information Transactions Act (UCITA), which gives vendors powerful leverage in contract negotiations.

While some software vendors and content owners insist these decisions strengthen intellectual property protections, developers and system administrators argue they are losing the right to use products as they wish.

  Meet the kid behind the DVD hack
  Free speech or DVD piracy?
  How to copyright your software and choose a license
  Activist defends DVD hack
  Reviews & in-depth info at
  Year 2000 World
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for IT leaders
  Search in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

"Clearly, if we are not allowed to reverse-engineer the software that we didn't buy but are most graciously allowed to 'license' by agreeing to an arbitrary contract, then we have no control over what software is running on the computers we own," said Ian Goldberg, chief scientist at Zero-Knowledge Systems Inc. in Montreal. "Bugs, security holes or worse, explicit back doors, might be undetected, but only talked about within the bad guys' community. Publicly disclosing the information would be illegal."

Fair-use provisions in the copyright laws that permit reverse engineering have spurred the development of software that competes with proprietary applications such as Microsoft Word and Excel. For example, San Jose-based Phoenix Technologies Ltd.'s reverse engineering of IBM's BIOS in the mid-1980s became the basis for the entire PC clone industry.

During the annual Computers, Freedom and Privacy conference held last month in Toronto, Jessica Litman, Professor of Law at Wayne State University in Detroit, Mich., said controversial court decisions are rapidly eroding the "fair use" provisions that traditionally permitted unauthorized use of software for the purpose of reverse-engineering. The provision allows developers to disassemble and decompile a program and use what they learned to create and sell an interoperable or competing program as long as it doesn't infringe on the original code.

While Congress made exceptions in the 1998 Digital Millennium Copyright Act for interoperability development and security testing, these exceptions have been overridden in favor of anticircumvention provisions and trade secrecy laws.

But Pamela Samuelson, a professor at the School of Information Management and Systems at the University of California at Berkley, said the ruling is unprecedented because defendants in the DVD CCA case hadn't violated the shrink-wrap license. "If you have gotten information from somebody that the judge decides was a misappropriation of trade secrets, you are a trade-secret appropriator even if you legitimately bought this stuff," said Samuelson. "If the judge decides that somewhere out there in the chain of the development was a trade-secret appropriation, then the decision would say that you are an appropriator too, and how would you know?"

In March, the copyright wars continued when El Segundo, Calif.-based Mattel Inc. sued a Swede and Canadian who reverse-engineered the CyberPatrol Web filtering program producing two software utilities, known as cphack, that revealed the parent's password and displayed a list of blocked sites. Mattel argued that the reverse engineering was illegal because it was prohibited on the software's shrink-wrap license. A judge sided with Mattel and the company issued e-mail subpoenas against mirror sites that posted the software.

Richard Smith, a former developer at Cambridge, Mass.-based Phar Lap Software Inc., who now evaluates software for privacy holes, said UCITA gives companies legal backing to enforce reverse-engineering bans in shrink-wrap licenses that might not otherwise be enforceable. "Maybe the data files are encrypted not for protection but to keep competitors away from the data as a useful monopoly tool," he said.

Meanwhile, some developers are moving their reverse-engineering projects offshore to avoid U.S. rules.

"There are rather insane laws in the U.S. about reverse engineering, and so we sidestepped those by having the work done in Europe under the European Union fair-use laws," said Jeremy Allison, a software developer at VA Linux Systems Inc. in Sunnyvale, Calif. Allison co-authored Samba, a Windows file-serving program that allows Unix machines to serve file-and-print services to Windows clients.

Allison said his team is forced to reverse engineer because Microsoft doesn't offer documentation of its proprietary protocols. But when the Samba team decoded the Microsoft domain controller protocol to allow Samba servers to interoperate with Windows NT, they made sure the work took place outside the U.S.

"If the laws continue the way they are, the U.S. software industry will get strangled by the increasing amount of restriction on reverse engineering," Allison said.

Now, UCITA ... Later, you don't
March 7, 2000
Software-licensing regulations pondered in Maryland
February 28, 2000
Sure a lot of software stinks, and you may have something to do with it
August 17, 1999
Controversial software licensing law approved
August 2, 1999

Activist defends DVD hack
Of copies and rights
(Network World Fusion)
Meet the kid behind the DVD hack
DVD and the digital copyright act
(Network World Fusion)
Pirates lag behind Win2K launch
(Computerworld Hong Kong)
Ending piracy would help Asia
(Computerworld Hong Kong)
How to copyright your software and choose a license
Does GNU General Public License protect or stifle creativity?

Uniform Computer Information Transactions Act
Copyright Resources on the Internet
Intellectual Property On The Web

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.