Bill C-61 and tcpdump -- my concerns

I am concerned that Bill C-61 will make possession of tcpdump, (i.e. having it installed on your computer), illegal.

Here is the thing: despite ample evidence that the TV “scramblers” were easily defeated, satellite TV operators have never actually deployed much security other than security-by-obscurity.

Even the “modern” digital systems, where you need to use a phone line to get pay-per-view, which could TRIVIALLY use public key cryptography to provide security, they do not use such systems.

Instead, they have relied upon ligitation to prevent “theft”

look at: http://en.wikipedia.org/wiki/FTA_Receiver

“Unlike traditional methods of pirate decryption that involve altered smart cards used with satellite receivers manufactured and distributed by the provider, piracy involving FTA receivers require only an update to the receiver’s firmware.”

“Periodically, the provider will change the processes in which encryption information is sent. “

But, if they are sending the encryption keys inline, then there is no real security. It might as well just be encoded in a complex way

The Radiocommunications act says: (http://laws.justice.gc.ca/en/ShowFullDoc/cs/R-2///en)

OFFENCES AND PUNISHMENT Prohibitions 9. (1) No person shall (a) knowingly send, transmit or cause to be sent or transmitted any false or fraudulent distress signal, message, call or radiogram of any kind; (b) without lawful excuse, interfere with or obstruct any radiocommunication; (c) decode an encrypted subscription programming signal or encrypted network feed otherwise than under and in accordance with an authorization from the lawful distributor of the signal or feed; (d) operate a radio apparatus so as to receive an encrypted subscription programming signal or encrypted network feed that has been decoded in contravention of paragraph (c); or (e) retransmit to the public an encrypted subscription programming signal or encrypted network feed that has been decoded in contravention of paragraph (c).

but the act does not define encryption. As the Supreme Court found that satellite systems were in fact “encrypted”, and therefore protected (cf: http://scc.lexum.umontreal.ca/en/2002/2002scc42/2002scc42.html)

that tells me, that if I decode (not just “decrypt” as cryptographers would think) a signal, then I may be enfringing copyright.

That’s okay so far, as it’s been the act of infringing that was illegal, so as long as I do not “decrypt” the wrong signals, then I’m okay.

But, C-61 makes possession of such tools illegal.

Note that tcpdump/wireshark not only decodes dozens of protocols (including some which have never had published specifications), but it also, provided with the keys, will decrypt IPsec ESP (VPN) packets.

I even wrote the ESP code — because I needed it to debug VPN code. It’s still very secure, because I have to provide the keys “out-of-band”, but there are dozens of protocols which is not secure.

For instance, all of the emails that you send, web pages that are communicated between my server and your computer (including this one) have an implicit copyright. If I look at them transitting the internet, I may be violating your copyright! (Am I violating your privacy? Did you have an expectation of privacy? I’m not sure.)

references: http://en.wikipedia.org/wiki/Pirate_decryption http://en.wikipedia.org/wiki/FTA_Receiver http://www3.sympatico.ca/dylan.reid/satellitetv.html http://scc.lexum.umontreal.ca/en/2002/2002scc42/2002scc42.html http://laws.justice.gc.ca/en/ShowFullDoc/cs/R-2///en