Fourth Homework Assignment
1. Logistics
- The fourth homework assignment (HW4) is due at 5
p.m.
on November 13, 2003.
- Late homeworks will not be accepted without
Deans' excuses.
- You must do this assignment by yourself; no
collaboration with other students is allowed.
- Submit all homeworks online. Homework submission
instructions are on the class website.
- Please address questions about HW4 to the TAs, Wesley Maness and
kevin DOT chang AT yale DOT edu.
2. Questions
This homework
assignment is designed to test your understanding of the lectures and reading
assignments on the Digital Millennium Copyright Act (DMCA), peer-to-peer file
sharing, the USA Patriot Act, and security and privacy (both Internet-security
technology and TPSs for digital-content distribution). Please give a brief answer to each of Questions
1 through 6. (Usually, a one-paragraph
answer should suffice.) Each question is
worth 16 points. (16x6=96, and everyone
gets four points for free.)
- A
major design goal of KaZaa was to “achieve Napster-like efficiency
and avoid Napster-like liability.”
Which technical features of KaZaa address this goal, and how do
they address it?
- What
is the difference between DMCA violation and copyright infringement? Is it possible to be guilty of the
former but not the latter?
- As
we have seen, technical-protection measures (e.g., encryption and rights-management languages) that are
used by distributors of digital copyright works are never perfect; they
can usually be circumvented by people with high enough levels of technical
expertise in the relevant hardware and software systems. Nonetheless, the authors of The
Digital Dilemma concluded that “[e]xisting technical-protection
mechanisms can protect digital information to a degree that keeps
fundamentally honest people honest; this appears to be sufficient for a
wide range of uses.” How
might the Internet diminish the importance of this distinction between
experts and non-experts? Which
provision of the DMCA is clearly a direct response to this threat posed by
the Internet?
- As
explained in class and on the EPIC website, surveillance and privacy laws
in the US have traditionally made a sharp distinction between access to
“the contents of communication,” which requires a showing of
probable cause, and access to control information (such as dialing, routing,
and addressing information), which requires a court order but not a
showing of probable cause. Which
fundamental data structure of the Internet protocols is directly relevant
to this distinction between content and control information? Give a high-level explanation of how a
network-monitoring program could process the traffic entering and leaving
a machine that’s under surveillance so that the results of this
process reveal the control information in the traffic but not the
“content of the communication.”
- In
the context of computer security, what are confidentiality, integrity,
and availability? Must an
attacker be able to “break into” (i.e., gain privileges
on) a networked machine in order to compromise the confidentiality,
integrity, or availability of the information or service provided by this
machine? For each of the three
security properties, if it is not necessary for an attacker to break in,
give a brief, high-level explanation of how the compromise can be effected remotely.
- Some
senders of unsolicited email can be sued successfully for trespass to
chattel, and some can’t. Explain the essential difference between
unsolicited email that is trespass to chattel and unsolicited email that
isn’t. Why is it unclear that society would be better off if all
unsolicited email were considered trespass to chattel?
3. Requirements
Prepare your answers using Word or whatever text
editor you prefer. Submit the file using the same instructions that you
used in HW1, HW2, and HW3.