The line between hacking and reverse engineering is thin

The US Digital Millennium Copyright Act is too severe, argues Tom Yager

Scientists are reverse engineering the galaxy. So why is it illegal to reverse engineer a DVD player or the iPhone?

Even the debate pitting creationism against evolution never raises the argument that the galaxy is a secret that ought not be explored. Both sides cite science that looks at our galaxy’s present, weigh recorded history against empirical data, and hypothesise about our origins.

So how is it that the US Digital Millennium Copyright Act (DMCA) — an odious piece of lobbyist-written legislation if there ever was one — can make a crime out of reverse engineering? The DMCA circumvents laws governing copyright, patent, property and free speech by declaring unlawful the most essential right of all: the right to know.

If you buy something, you have the right to hook it up backwards, to turn it into a piñata, to shoot holes in it with a licensed .357 Magnum, or to plant it on a pike on your front lawn. But in America, your right to take it apart to figure out how it works is in the hands of corporate lawyers. Owning specialised tools for the purpose is okay — even disassemblers that turn software into rough source code or logic probes that record the behaviour of running silicon. But the people who once tried to levy a usurious tax on blank VHS tapes have succeeded in restricting the use of these and other tools of discovery.

The assumption is that in technology, reverse engineering — the simple and essential science of learning how a thing works — is employed to violate copyrights and patents. Yes, I could reverse engineer a microprocessor to create a clone and sell it for a tenth of the original’s price, but that would be both immoral and illegal. But what if I reverse engineered to uncover undocumented capabilities of that processor, so I could place in the hands of those who own systems with that chip the power to make more complete use of them?

Reverse engineering isn’t an easy matter to decide. Specific instances of reverse engineering illustrate the separation between use and abuse and yet highlight the difficulty in drawing the line between lawful and unlawful pursuit of knowledge. Hackers picked apart the smart cards used by direct broadcast satellite (DBS) TV providers to hold subscriber information. They then used that information to steal satellite TV service and get out of paying for pay-per-view movies. But was the dissection of satellite TV technology ipso facto unlawful? That’s not so simple. If you have used these tools — and you’ve learned how DBS access protection works — and you’re not among those stealing services or profiting from the knowledge, do you belong in prison? No, you don’t.

Knowledge and its pursuit can’t be unlawful. If sharing the knowledge is an unlawful act, then simply knowing violates the law. If the knowledge is unlawful, then the possession of the tools used to obtain it is sufficient probable cause for arrest. We’re not willing to go that far. Are we?

We’ll soon be putting those limits to the test. The iPhone is locked in ways that some people consider contrary to the technology buyer’s interests. It is locked to a specific wireless operator, AT&T.

Crackers have worked out the mechanisms for unlocking virtually all other mobile devices, and those mechanisms use back doors that handset manufacturers built into their devices to unlock them.

I’m not aware of prosecution resulting from the discovery or dissemination of that knowledge.

Apple insists that there is no such carrier-unlock back door in the iPhone, so presumably an effort to free the iPhone from AT&T’s service will require significantly more reverse engineering to achieve the same end than with other mobile operators.

Today, discussions of iPhone reverse engineering efforts are proceeding in public view, and bounties are being posted to reward the first person to come up with a working crack for the iPhone.

AT&T’s contract with Apple apparently stipulates that the iPhone can’t be used in any capacity without activation on AT&T’s service. The iPhone is dead as a doornail until you use iTunes to attach it to a wireless service. Then it unlocks and works as a PDA and media player, and continues to work even if you remove the SIM card. An iPhone without a SIM simply can’t make phone calls or surf the internet for free using AT&T’s service.

So where’s the legal line here? I think we’re going to find out, because I have little doubt that the iPhone will be cracked. What can’t happen is a crack that gets people access to AT&T’s services for free. It won’t happen.

Instead, cracks will be oriented towards giving iPhone owners the freedom to use their devices outside the restrictions placed on them by Apple and AT&T.

Is that illegal? It shouldn’t be. Let’s keep a close watch on the lawyers for these two entities, because the knowledge they choose to declare as contraband will set a precedent all of its own.

• This column was written shortly before Norwegian hacker DVD John claimed to have come up with a way to activate an iPhone without committing to AT&T’s wireless plan

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags hackingReverse engineeringiPhone

Show Comments
[]