Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

On The Protection of Web Browser-Readable Intellectual Property

Note subject change.

In comp.os.linux.advocacy, Moshe Goldfarb.
<brick_n_straw@xxxxxxxxx>
 wrote
on Tue, 15 Jul 2008 20:37:58 -0400
<1g2sm839zsgol$.10vsox1n5q1y4$.dlg@xxxxxxxxxx>:
> ....give his work away for free?

He already has.  Consider his website,
http://www.schestowitz.com.  This website's bandwidth is
not paid by you or me, but by him.  Any work thereon is
easily browsable -- and liftable using tools such as wget,
though in all fairness anyone with half a brain would
notice that another person's website has the exact same
stuff, and start to wonder.

This effectively makes the Web a gigantic advertising
medium, a "loss leader".  Variants of the Web will
partially implement the notion of "pay by the browse" (or
"a penny a page"), by allowing opaque tracking cookies,
logins, and node-locked licenses, [*] but once visited,
a page is compromised.

The best I can do here is to use public-key encryption;
the general idea is that the user submits his public key to
the server, which encrypts the desired file and charges the
user's account; the user agent can then decrypt the result
using the user's private key, and display the result.
There are several issues with this mechanism of course,
not the least of which is (again) how to most effectively
prevent the user agent [+] turning turncoat and shoving the
decrypted result into a public space.

Another variant is private-key encryption, which would
mean I encrypt a document using my private key, then
upload it.  Anyone wishing to view that document would
use my readily-available public key, and then easily view
that document (and know that I wrote it, as I'm the only
one with this private key).

Various other split-key escrow systems and signature
mechanisms are also available.  I'll refer you to the
relevant literature for details.

There are of course costs associated with
encryption/decryption; it takes CPU power to encrypt
and decrypt.  My very crude benchmarks suggest a 50%
degradation in transfer rate, and that was awhile ago;
the good news is that specialized chips are available
for RSA encryption, if we bother to put them into our
desktops, laptops, notebooks, mobiles, and comp-watches,
and implement the mechanisms to keep public keys public,
and more importantly private keys private.

Absent something like that...software, pages, and stuff
is inherently duplicable, indeed must be in order to
consume such.

One way around *that* might be to use a one-read hologram
of some sort; the generator would generate this hologram,
ship it, and the receiver would read it with a compatible
laser, destroying the hologram in the process as he
extracts the data therefrom.  A faster alternative would
use light polarization; such is already available in
certain research routers.  Any attempts to read the light
pulse destroys its meaning because of quantum effects.

>
> Oh, it's great to sit in a college campus posting SPAM 24x7 demanding that
> corporations give up patent rights, give away their hard work for free,
> open source their software etc....
>
> So, when Roy Schestowitz finally gets out of school and begins his career
> in medical imaging or whatever it is he is studying, is he going to "do it
> all for free" ?

You'd have to ask him.

>
> Suppose he manages to find a test for pre-AIDS conditions...
> Is he going to share the formula with the rest of the world?

Suppose he jumps to the moon and wanders about, using naught
but what nature and his mom gave him.

False antecedent, any consequent.

>
> Come on already, are you loons in COLA *THAT* ignorant?

Some might be.  Ask me whether I give a hoot and sixpence.

[rest snipped]

[*] the general idea is to associate a license
    with a specific machine.  In the case of the Web,
    one can implement such by using certificates; the
    web server can check to see if the certificate of the
    client is trustworthy.  No certificate, or an untrustworthy
    certificate, and the client's connection, at least using
    https (port 443), is rejected with an appropriate error.

    A floating license is available on some LANs, and the
    general idea there is that one can check out a license
    for the duration of a tool's execution.

    Once ipv6 is widely implemented and DHCP is shot dead,
    one might contemplate various combinations of floating
    licenses that use a substring of the ipv6 string to
    determine a node's location.

[+] The World Wide Web Consortium's term for the "browser".

-- 
#191, ewill3@xxxxxxxxxxxxx
Windows.  Because it's not a question of if.
It's a question of when.
** Posted from http://www.teranews.com **

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index