Blank Media Tax

Unless you’ve been living under a rock (or you’re not part of the technology community), you’ve probably heard of the Copyright Board of Canada‘s current proposal to levy tariffs on blank audio media. The purpose of the proposed tariffs is to compensate the music industry for lost sales due to digital piracy. Unfortunately, this proposal is misguided and fatally flawed for a number of reasons.

First, the proposed tariffs are overly broad: The proposed levies apply to types of media that are not exclusively used for music. For example, the tariffs proposed would be applied to recordable compact discs, despite the fact that such discs are also used by businesses to archive their mission critical data. As another example, the tariffs would also be applied to “Removable electronic memory cards, removable flash memory storage media of any type, and removable micro-hard drives” despite the fact that those media are used by digital cameras and digital micro-recorders. These tariffs would ignore the legitimate uses of these forms of media (beyond music storage), as well as the protected uses of these media to allow a consumer to time-shift and space-shift their own music collections, as protected under Canadian copyright law.

Second, the tariffs only benefit the music industry: The proposed levies are purported to allow the music industry to recoup losses due to piracy. However, the media that is the target of the proposed tariffs can just as easily be used to pirate copyrighted computer software, movies, or electronic books. Why should these tariffs be levied solely for the purpose of protecting the music industry, while ignoring the other industries impacted by digital piracy?

Finally, there is no mechanism described for the distribution of funds collected: The proposed tariffs skimp on the details of how the funds collected through this tariff are to be collected and distributed to the copyright holders. Who gets how much? Is it decided by the music industry? Can they be trusted to pass along the appropriate amount to the artists? Probably not. I wonder if I cut a CD, I can qualify for a cut of the proceeds?

The thing that bugs me most is that although the Board is seeking input, there is no real way to oppose the adoption of the tariffs. According to the proposal document

“The Board must certify a tariff and set a levy. Those who own the rights to sound recordings of musical works (composers, authors, performers and producers) are entitled to be remunerated for private copies. No purpose is served by asking the Board to reject the tariff as a whole.”

What purpose is served by asking for input, if the Board is not actually interested in listening to any opposing viewpoints, and acting on them?

This tariff will have a dire impact on industries that are in no way responsible for piracy or even related to the music industry. The tariff would essentially be a subsidy for the music industry, and ignore the other industries affected by digital piracy. The tariffs are ill-conceived, and should not be adopted. If anything, they should be scrapped, as should their 2001-2002 equivalents. It’s just another sad attempt by the music industry to squeeze more money out of consumers, screw the artists, and pocket the extra cash.

Mad yet? Good. Write your MP. Or better yet, start downloading and burning music before the new tariffs take effect.

DDOS Attack Tool

After a frustrating and fruitless attempt to obtain customer support from Sony, I’ve come to the conclusion that the average consumer is powerless in modern society; contrary to what the marketing literature says, the customer is always last. To solve this problem, I propose a tool to allow the average consumer to strike back at the corporations who ignore them, and use their own tools of communication against them. And here’s how it might work:

In an event in June 1999, the Electronic Disturbance Theatre successfully held an electronic sit-in, protesting against the Mexican government. The EDT distributed a Java applet via their web site that automated the process of requesting documents from the Mexican government’s web site several times a minute. With an estimated ten thousand users requesting documents from the Mexican government’s web server using the Java applet, the server was soon overwhelmed. While successful, the attack methodology was fairly simple; a newer port scanning tool distributed by the group enables more advanced attacks. However, I have a different tactic in mind to enable more coordinated, and therefore effective acts of electronic civil disobedience.

Just over a year ago, several high-profile sites were reeling from a series of coordinated distributed denial of service attacks; those hit included EBay, and Yahoo. The perpetrator of the attack used a large network of compromised computers to launch the attack over the Internet; these computers had been compromised by a variety of Trojan programs and were required to achieve the density of requests required to overload the victims’ servers.

The tool I’m proposing would work on the same principle, with the exception that the computers involved in the attacks would be involved with the full knowledge of their owners, just like the EDT’s Java applet. Using a similar system to Gnutella, users would be able to enter the location of targets into the client software, and the tool would coordinate with other users’ client software to conduct the attack; in the ultimate form of democracy, the density and ultimate success of the attack would depend on the number of users who allowed their computer to participate.

The software would have a number of unique features, to enable users to fully realize the democratic power of the tool:

  • Configurable Attack Objects: Users should be able to extend the system to enable various modes of attack, from continuous hits, to pulses of activity designed to create the greatest impact on the target system.
  • Configurable Communication Objects: Because so much of a corporation’s ability to succeed depends on resources other than web sites, the client software should be configurable to include addition communications modules. These modules would enhance the range of protocols understood by the clients; potential additional protocols might include LDAP, DNS, HTTPS, and SMTP.
  • Automated Exchange of Configurable Components: If the attack involves a protocol or strategy that your client doesn’t possess, the client software should be capable of finding the necessary resource on the network and installing it.

Other features could include the ability to put the client software into “drone” mode, where it attacks the most popular targets; this would be useful for allowing a user’s machine to be useful when the machine isn’t being used. Finally, the software should allow clients to exchange attack targets, to enable the attack network to outwit attempts by the victim to filter by IP address.