888.4.NATNET
Facebook Twitter LinkIn Blog Instagram YouTube Google Plus

Monthly Archives: September 2015

24
Sep
2015

Happy Birthday To You! Copyright Invalidated By Courts

by Bill
Judge George H. King of the United States District Court in Los Angeles, issued 43-page decision that invalidates the copyright on the ‘Happy Birthday’ song that has been enforced by music publisher Warner/Chappell and its parent company, the Warner Music Group, since 1988 for about 2 million dollars annually in licensing fees. The court decision included a deeply researched narrative of the complex history of the song and the paper trail of copyright registrations that have followed it since it was first published in 1893. The song “Happy Birthday to You” is thought by many to be the most popular tune in the English language, and if the decision withstands future appeals, “Happy Birthday to You” will finally become part of the public domain.

“Since no one else has ever claimed to own the copyright, we believe that as a practical matter, this means the song is public property,” said Mark C. Rifkin, a lawyer for the plaintiffs. The case decided was originally filed in 2013 by Jennifer Nelson, an independent filmmaker who intends to make a documentary about the song and wishes to use it royalty-free within her film.

While Judge King’ agreed that the song melody can be traced back to “Good Morning to All,” written by Mildred Hill and her sister Patty, a kindergarten teacher. The song was then registered in 1893 by the Clayton F. Summy Company and in 1935; Summy registered a version of “Happy Birthday to You.” However, Judge King also found that while Summy had published the original version of “Good Morning to All,” it never properly had rights to the birthday lyrics and “because Summy Co. never acquired the rights to the ‘Happy Birthday’ lyrics,” the judge wrote, “defendants, as Summy Co.’s purported successors-in-interest, do not own a valid copyright in the ‘Happy Birthday’ lyrics.”

The Plaintiff, Ms. Nelson, said in a statement: “This is a great victory for musicians, artists and people around the world who have waited decades for this. I am thrilled to be a part of the historic effort to set ‘Happy Birthday’ free and give it back to the public where it belongs.”

While the world continues to evolve toward an increasingly restrictive sense of what can be considered to be part of the public domain, it is refreshing to find out that an iconic song sung by hundreds of millions of people at birthday parties each year no longer requires a fee to be paid for its inclusion in commercial works as well. Singing it at your home would have been protected by fair use principles, but restaurants, movies, television shows and other new works will likely be enhanced by its availability without a century old claim requiring them to pay for the ability to wish people a happy birthday in the most common way currently established by our culture.

 

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
17
Sep
2015

Indistinguishability Obfuscation: The Future of Data Security

by Bill

Data Security is quickly becoming one of the most crucial challenges of modern life, and while current technologies offer only a patchwork of best practices and well-intentioned protocols, we are seeing reports far too often of sensitive data falling into the wrong hands. Now a glimmer of hope is getting some hype from security experts who believe, at least conceptually, that a real solution is possible.

In 2013 a couple different security experts posited a new kind of encryption that is now frequently referred to as “indistinguishability obfuscation,” or IO. It calls for the creation of a central hub of cryptography and a unified basis upon which software would reconstruct cryptographic tools like public keys and simultaneously secure their corresponding signatures. However, the pace of progress has been exceedingly slow, mostly because the process of using IO with existing technology would slow down every digital activity to a snails pace. In fact, obfuscating a program would presently add delays measured in lifetimes, not hours.

Those timelines are now being shortened rapidly by the work of leading IO experts. “As of right now it seems like there are no big limitations,” Amit Sahai, a computer scientist at the University of California, Los Angeles, told Quanta Magazine. “IO is powerful and can do almost anything we’ve ever wanted to do.” In fact, researchers believe now believe that if IO can be constructed in terms of certain simple mathematical assumptions, even a quantum computer would be unable to crack it.

How It Works:

Indistinguishability obfuscation utilizes two programs that compute the exact same output by different methods. As in the equivalent functions f(x) = x(a + b) and f(x) = ax + bx. For any set of the three inputs a, b and x each program yields the exact same result as the other, but arrives at the result by a different path. IO suggests it is possible to encrypt them both so that users cannot tell which version they are using at any moment even if given infinite resources and time to analyze the results.

The problem with the method is the time involved. “It probably takes hundreds of years to obfuscate and run a program,” Vinod Vaikuntanathan, a cryptographer at the Massachusetts Institute of Technology who has been heavily involved in IO research explained to Quanta. “When it becomes that ridiculous you stop caring about the exact numbers.”

That estimate is now evaporating thanks to work being done by computer scientists like Allison Bishop, of Columbia University, who showed IO could be segmented into a series of much smaller more practical steps. The details of IO and the progress being made are detailed exquisitely in the Quanta Magazine article, which many may find well worth the time to read.

For our purposes, the real point here is that while data security may be fundamentally flawed at the moment, so is the viewpoint that it will ‘always remain that way.’ Many of the world’s brightest minds are working to restore privacy in a suitable way during the digital age, and these are the kind of people who can calculate their odds of success with precise accuracy, so the fact that they continue to pursue IO gives us all reason to believe in the near future your data will be more secure online than it ever was offline eventually.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
09
Sep
2015

Chrysler & The FDA May Be Charting A New Path Toward Secure Data Updates

by Bill

Now that we live in a world where nearly every inanimate object is a computer of some kind and is interconnected with a nearly limitless number of other devices, safety and security is becoming increasingly important with tangible things the way most people think of digital devices. Now IT experts are also becoming increasingly concerned about the way companies fix hacks when they are discovered.

Six weeks ago hackers found vulnerabilities in a 2014 Jeep Cherokee that allowed them to remotely control its transmission and brakes. Chrysler responded by creating a patch to fix the epic exploit.  However, they distributed the patch by sending out more than one million USB thumb drives via the postal mail to drivers.

Aside from the long standing warnings of security professionals to never plug USB sticks sent via the mail into any device (because it’s far too easy for someone to send out malicious software that way as part of a malware campaign); the method also opens up the obvious possibility that someone who moved or is tech-averse will fail to update their car and will end up in potential life-threatening peril as a result or Chrysler’s new DIY approach to recalls.

A major reason for this rollout is that these cars could not be updated wirelessly by any sort of push messaging sent from Chrysler. Cars from Tesla for example routinely get service updates automatically and wirelessly. However that begs for questions about the level of encryption and security sophistication Tesla or others will be using to prevent third parties from tampering with cars. In some cases it may be greed based things like a way to unlock the doors from a mobile app used by thieves, malicious goals like disabling brakes or any other reason a crackpot might come up with the alter the way your car is intended to function.

The key lesson here is that any company creating a product or service for the modern world needs to be thinking ahead to pre-plan a safe, secure and fool-proof method of updating that product if or when it needs to be corrected in some way. The federal FDA recently launched a new set of UDI Compliance regulations that will cost the medical industry millions of dollars, for the sake of better controlling, tracking and monitoring medical devices when recalls or other alternations are needed. Companies like www.UDIcompliancesolutions.com specialize in handling those extensive filing requirements and this sort of misstep by Chrysler may lead to a similar set of mandates from the state operated Department of Motor Vehicles soon.

These days it’s not good enough to make a great product or to fix one that has a security flaw, companies are now expected to fix hacks immediately, securely and seamlessly without opening up any new opportunities for the hackers and griefers that continue to challenge the pace of progress.

Share and Enjoy
  • Print
  • Facebook
  • Twitter
  • Add to favorites
  • RSS
  • Google Bookmarks
  • Technorati
  • Yahoo! Buzz
NationalNet, Inc., Internet - Web Hosting, Marietta, GA
Apache Linux MySQL Cisco CPanel Intel Wowza