mardi 27 octobre 2015

Copyright Office Rules: Yes, Security Researchers May Hack Cars (And A Couple Other Things) For Science

(frankieleon)
Copyright law is surprisingly pervasive. It affects everything from computers to cars (and tractors). The law says you’re not allowed to circumvent DRM on anything for any reason… except for a big pile of things you actually legally can. Those exemptions get re-evaluated every three years, and today the new list is out.

The Copyright Office holds something called a Section 1201 rulemaking procedure every three years. At the end of all the hearings and proceedings, the Register of Copyrights releases a set of recommendations, which it’s technically up to the Librarian of Congress to accept or reject.

The Register did, the Librarian did, and now the full set of exemptions is out [80-page PDF]. In the end, it’s chock-full of recommendations that manage to affect basically everybody.

Things You May Do

  • Education: College and university faculty and students, K-12 faculty and students, and libraries and museums continue to be able to circumvent DRM on “motion pictures” (TV and movies) for the purposes of using short sections of media for criticism, comment, and education.
  • Cars: An exemption to permit DRM circumvention is made to cars’ computer systems except for telmatics (the “black box”) and entertainment systems “when circumvention is a necessary step undertaken by the authorized owner of the vehicle to allow the diagnosis, repair or lawful modification of a vehicle function.” The exemption explicitly prohibits alterations that would fall afoul of the EPA or DOT. So fixing your brakes if they’re broken: yes. Altering your emissions data: no.
  • Device unlocking and jailbreaking: Mobile phone unlocking and jailbreaking continue to be permitted, and the exemptions now extend to other multi-function mobile devices, including tablets and wearables. Jailbreaking exemptions do also now extend to smart-TVs, so long as it’s only to install new software, but they do not extend to single-purpose devices like e-readers.
  • Security research: For the purposes of “good faith security research,” researchers may hack cars, voting machines, and medical devices “where such activity is carried out in a controlled environment designed to avoid any harm to individuals or the public.” You can’t hack a medical device that’s being used, but you may take one to a lab and have at it in isolation.
  • Video games: Plenty of games require server authentication to work… but over time, those servers keel over or get unplugged. Individuals may break DRM to get their own abandoned, legally purchased games to work locally for their own personal use, and that libraries and museums may do so for educational and archival purposes as well.

Don’t run out hacking your stuff willy-nilly just yet. To let other regulatory agencies have their say about what you may and may not do with your own stuff, most of the new exemptions don’t go into effect for another 12 months. You can take screenshots of DVDs for your film class now because you already could, but you can’t legally do security research on a pacemaker (that isn’t hooked up to anyone) for another year.

Things You May Not Do

  • Space- or Format-Shift: Did you buy a bunch of Kindle books and then switch to a Nook? Tough cookies. The Register rejected an exemption for moving your stuff from one locked platform to another locked platform.
  • Jailbreak gaming consoles: The only use-case for hacking your PlayStation or Xbox that anyone presented to the Copyright Office was for piracy, so they said no.
  • Jailbreak e-readers: Nobody showed up to present a use-case for this one either, so the Register rejected it.


Aucun commentaire:

Enregistrer un commentaire