01.11.22

Gemini version available ♊︎

Microsoft GitHub, DRM Enforcer, Bans Free Software

Posted in DRM, Free/Libre Software, Microsoft at 7:08 am by Dr. Roy Schestowitz

Reproduced from Mobileread, as can be seen here:

Initially, I didn’t want create an account on this site and keep all discussion on GitHub (the fewer accounts one has, the easier it is to stay anonymous …), but I guess with the GitHub being gone, it’s about time to answer some of the questions here …

Maybe GitHub hasn’t been the best choice for a platform, but I didn’t expect there to be DMCA claims when there have been none over the recent years in Apprentice Harper’s repository. I guess, in the long term, I should move to another platform.

I received the first message from Github about the DMCA claim on January 4th in the late evening, with a time line of 24h to remove the “offending” content. Of course that deadline is rather short – I am obviously not using my “main” mail address for stuff like this, so I didn’t check this account every single day, and only found out the repository was blocked (some time on January 6th) when I checked this forum thread and saw the discussion on January 7th.

The GitHub FAQ states that when one misses the 1-day window to make requested changes, one can request an additional time of 1 day to perform the changes. I requested that by mail on January 7th, but so far the GitHub support hasn’t gotten back to me yet. Right now, I see the same page that you all see – repo unavailable due to DMCA. They could have at least given the repo owner access to update the code, but they didn’t.

Rather disturbing that they are allowed to block a repo after just one day of no response (they could have given me a notification on the Github page itself, in addition to the mail, then I would have seen it before the deadline was over …), and then don’t respond to the topic for multiple days, but maybe their support doesn’t work on weekends and they don’t consider stuff like this urgent now that the repo’s down and they did what they legally have to do …

The goal is to hopefully get Github to restore the repository once they finally read my mail, then remove the offending code from the repository, and have the plugin no longer contain the offending LCP code on Github to comply with the DMCA request.

The DMCA request mentions nothing about the difference between library books and bought books. The request states that the original repositories (apprentice harper and so on) are not part of the takedown – not because they have blocks for library books, but because they don’t support LCP at all. So I doubt adding a block for library books would have prevented this takedown (or, would be an acceptable solution to get the repository back). The guys behind LCP know how easy it is to edit Python code to remove such blocks, and I think with this plugin being the first public solution for LCP DRM removal, I guess they are more concerned with people knowing the algorithm, and they think that with a DMCA request for this repo they can remove that from the entire internet.

I don’t want to piss off GitHub (and Readium?) even more by now creating a new account or repository. Even though it’s probably fine as far as the DMCA goes (if there’s no LCP code in the new repo), it certainly violates Github TOS to just make a new repo when there’s a pending takedown. So I’m going to wait for the support to respond, which they are supposed to according to their own FAQ. If they don’t, I guess the plugin moves to another platform.

As for the other topics being discussed here in the last couple days:

- Someone mentioned that based on the description of LCP in the takedown notice, this DRM doesn’t sound so bad – maybe it doesn’t, but there’s one thing they are purposefully omitting in that description, and one they either deliberately or accidentally explained wrong. They are claiming that LCP is oh-so-open and doesn’t lock the user into a proprietary environment.
Yeah, LCP is not as proprietary as Adobe or Amazon, but it’s still proprietary. Yes, they have the source code available on their GitHub, but still require you to pay huge amounts for licenses if you want to use the code. A critical piece of source code for the project is missing on their Github, and you only get this code (with a very restrictive license) if you pay them. So, the code on the GitHub is useless, as if you forked it and built the code yourself, it wouldn’t work.
And the other thing they omitted is the fact that there’s (almost) no reader support. They claim the DRM doesn’t hurt content accessibility, it lets users share content with friends, and so on. But that’s only true if you’re reading on a phone or computer, or if you have a very new eReader from particular vendors.
If the codebase would have *really* been open-source (meaning, I take the source code, built it, and get a 1:1 100% identical binary to the one they give to users, without paying for a license), AND Readium had support on all eReaders, I doubt I would have deemed it necessary to add LCP support. The main reason I added this support was not to “crack” books and share them with the world, it was getting them to work on MY readers …

- The latest release of the plugin (10.0.2) does not yet support QT 6 / Calibre 6, but the latest commit on master already does. I doubt there’s many people that have that downloaded, with the repo now gone. Though, even if GitHub decides to block the repo permanently and I don’t find any other useful hosting, the plugin only required very small changes in two or three places that became apparent when reading the error messages, so it should be easy for others to fix that, if needed.

As noted in Mastodon: “RIAA showed that it was acceptable to use GitHub’s (legally mandated) DMCA process for DMCA section 1201… Any tool like this should probably self-host their code repository at this point… Can we please kill these anticircumvention laws? Maybe then we won’t need tools like DeDRM?”

Related:

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Leave a Comment

You must be logged in to post a comment.

DecorWhat Else is New


  1. Links 16/1/2022: Latte Dock 0.11 and librest 0.9.0

    Links for the day



  2. The Corporate Cabal (and Spy Agencies-Enabled Monopolies) Engages in Raiding of the Free Software Community and Hacker Culture

    In an overt attack on the people who actually did all the work — the geeks who built excellent software to be gradually privatised through the Linux Foundation (a sort of price-fixing and openwashing cartel for shared interests of proprietary software firms) — is receiving more widespread condemnation; even the OSI has been bribed to become a part-time Microsoft outsourcer as organisations are easier to corrupt than communities



  3. EPO's Web Site Constantly Spammed by Lies About Privacy While EPO Breaks the Law and Outsources Data to the United States

    The António Campinos-led EPO works for imperialism, it not only protects the rich; sadly, António’s father isn’t alive anymore and surely he would blast his son for doing what he does to progress his career while lying to staff and European citizens



  4. Links 16/1/2022: Tsunami and Patents

    Links for the day



  5. IRC Proceedings: Saturday, January 15, 2022

    IRC logs for Saturday, January 15, 2022



  6. Links 16/1/2022: Year of the GNU/Linux Desktop and Catch-up With Patent Misinformation

    Links for the day



  7. Patrick Breyer, Unlike Most German Politicians, Highlights the Fact That Unified Patent Court (UPC) and Unitary Patent Are Incompatible With EU Law

    A longtime critic of EPO abuses (under both Benoît Battistelli and António Campinos leadership), as well as a vocal critic of software patents, steps in to point out the very obvious



  8. Links 15/1/2022: Flameshot 11.0 and Libvirt 8.0

    Links for the day



  9. Blogging and Microblogging in Geminispace With Gemini Protocol

    Writing one’s thoughts and other things in Geminispace — even without setting up a Gemini server — is totally possible; gateways and services do exist for this purpose



  10. Links 15/1/2022: Raspberry Pi in Business

    Links for the day



  11. IRC Proceedings: Friday, January 14, 2022

    IRC logs for Friday, January 14, 2022



  12. Gemini Clients: Comparing Moonlander, Telescope, Amfora, Kristall, and Lagrange (Newer and Older)

    There are many independent implementations of clients (similar to Web browsers) that deal with Gemini protocol and today we compare them visually, using Techrights as a test case/capsule



  13. 2022 Starts With Censorship of Christmas and Other Greetings at the EPO

    The nihilists who run the EPO want a monopoly on holiday greetings; to make matters worse, they’re censoring staff representatives in their intranet whilst inconsistently applying said policies



  14. Links 14/1/2022: FFmpeg 5.0 and Wine 7.0 RC6

    Links for the day



  15. White House Asking Proprietary Software Companies That Add NSA Back Doors About Their Views on 'Open Source' Security

    The US government wants us to think that in order to tackle security issues we need to reach out to the collective 'wisdom' of the very culprits who created the security mess in the first place (even by intention, for imperialistic objectives)



  16. Links 14/1/2022: EasyOS 3.2.1 and Qt 6.3 Alpha

    Links for the day



  17. Scientific Excellence and the Debian Social Contract

    The Debian Project turns 30 next year; in spite of it being so ubiquitous (most of the important distros of GNU/Linux are based on Debian) it is suffering growing pains and some of that boils down to corporate cash and toxic, deeply divisive politics



  18. Links 14/1/2022: openSUSE Leap 15.2 EoL, VFX Designers Are Using GNU/Linux

    Links for the day



  19. IRC Proceedings: Thursday, January 13, 2022

    IRC logs for Thursday, January 13, 2022



  20. 2022 Commences With Microsoft-Themed (and Microsoft-Connected) FUD Against GNU/Linux

    A psychopathic Microsoft, aided by operatives inside the mainstream and so-called 'tech' media, keeps spreading old and invalid stigma about "Linux" and Free software; few people still bother responding to these fact-free FUD campaigns, which boil down to ‘perception management’ PR/propaganda



  21. Between January 2021 and January 2022 the Number of Active Gemini Capsules Nearly Quadrupled Based on Publicly-Available Catalogue of Capsules

    Geminispace has grown to about 2,000 known capsules and 1,600 of them are active, permanently online, fully accessible; in January last year these numbers were about 4 times smaller



  22. Links 13/1/2022: NetworkManager 1.34 and Everett 3.0.0

    Links for the day



  23. Links 13/1/2022: Sparky 5.16, Fwupd 1.7.4, and KDE Plasma 5.24 Beta Released

    Links for the day



  24. Call a Spade a Spade (Microsoft 'Contributions' to Linux)

    Call a spade a spade; Microsoft does not love Linux and doesn’t try to help Linux, as it’s still all about Windows and proprietary software with surveillance, back doors, and worse things



  25. No Excuses for Using GitHub Anymore

    Software developers become living witnesses to more and more reasons to abandon Microsoft for good



  26. Links 13/1/2022: Slackware Linux 15.0 RC3 and More Microsoft Aggression Against Linux

    Links for the day



  27. IRC Proceedings: Wednesday, January 12, 2022

    IRC logs for Wednesday, January 12, 2022



  28. Links 12/1/2022: IPython 8.0, Iranian Attacks on Microsoft Windows

    Links for the day



  29. Non-Fungible Membership in OSI

    The OSI tells us that it got over a thousand members, but that boils down to just people clicking a URL or a button



  30. Computing Security is Being Redefined as 'Controlled by NSA' (and Microsoft)

    The ascent of fake security or the concept that outsourcing trust to Pentagon-connected monopolies is the same as "security" is a real problem because the mindset creeps into new legislation, in effect cementing monopolies and centralisation


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts